xref: /freebsd/crypto/openssl/include/internal/recordmethod.h (revision a689bfa4e25af8307709dc12f75b0e02a65abf18) 
1 /*
2  * Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #ifndef OSSL_INTERNAL_RECORDMETHOD_H
11 #define OSSL_INTERNAL_RECORDMETHOD_H
12 #pragma once
13 
14 #include <openssl/ssl.h>
15 
16 /*
17  * We use the term "record" here to refer to a packet of data. Records are
18  * typically protected via a cipher and MAC, or an AEAD cipher (although not
19  * always). This usage of the term record is consistent with the TLS concept.
20  * In QUIC the term "record" is not used but it is analogous to the QUIC term
21  * "packet". The interface in this file applies to all protocols that protect
22  * records/packets of data, i.e. (D)TLS and QUIC. The term record is used to
23  * refer to both contexts.
24  */
25 
26 /*
27  * An OSSL_RECORD_METHOD is a protocol specific method which provides the
28  * functions for reading and writing records for that protocol. Which
29  * OSSL_RECORD_METHOD to use for a given protocol is defined by the SSL_METHOD.
30  */
31 typedef struct ossl_record_method_st OSSL_RECORD_METHOD;
32 
33 /*
34  * An OSSL_RECORD_LAYER is just an externally defined opaque pointer created by
35  * the method
36  */
37 typedef struct ossl_record_layer_st OSSL_RECORD_LAYER;
38 
39 #define OSSL_RECORD_ROLE_CLIENT 0
40 #define OSSL_RECORD_ROLE_SERVER 1
41 
42 #define OSSL_RECORD_DIRECTION_READ 0
43 #define OSSL_RECORD_DIRECTION_WRITE 1
44 
45 #define OSSL_RECORD_RETURN_SUCCESS 1
46 #define OSSL_RECORD_RETURN_RETRY 0
47 #define OSSL_RECORD_RETURN_NON_FATAL_ERR -1
48 #define OSSL_RECORD_RETURN_FATAL -2
49 #define OSSL_RECORD_RETURN_EOF -3
50 
51 /*
52  * Template for creating a record. A record consists of the |type| of data it
53  * will contain (e.g. alert, handshake, application data, etc) along with a
54  * buffer of payload data in |buf| of length |buflen|.
55  */
56 struct ossl_record_template_st {
57     unsigned char type;
58     unsigned int version;
59     const unsigned char *buf;
60     size_t buflen;
61 };
62 
63 typedef struct ossl_record_template_st OSSL_RECORD_TEMPLATE;
64 
65 /*
66  * Rather than a "method" approach, we could make this fetchable - Should we?
67  * There could be some complexity in finding suitable record layer implementations
68  * e.g. we need to find one that matches the negotiated protocol, cipher,
69  * extensions, etc. The selection_cb approach given above doesn't work so well
70  * if unknown third party providers with OSSL_RECORD_METHOD implementations are
71  * loaded.
72  */
73 
74 /*
75  * If this becomes public API then we will need functions to create and
76  * free an OSSL_RECORD_METHOD, as well as functions to get/set the various
77  * function pointers....unless we make it fetchable.
78  */
79 struct ossl_record_method_st {
80     /*
81      * Create a new OSSL_RECORD_LAYER object for handling the protocol version
82      * set by |vers|. |role| is 0 for client and 1 for server. |direction|
83      * indicates either read or write. |level| is the protection level as
84      * described above. |settings| are mandatory settings that will cause the
85      * new() call to fail if they are not understood (for example to require
86      * Encrypt-Then-Mac support). |options| are optional settings that will not
87      * cause the new() call to fail if they are not understood (for example
88      * whether to use "read ahead" or not).
89      *
90      * The BIO in |transport| is the BIO for the underlying transport layer.
91      * Where the direction is "read", then this BIO will only ever be used for
92      * reading data. Where the direction is "write", then this BIO will only
93      * every be used for writing data.
94      *
95      * An SSL object will always have at least 2 OSSL_RECORD_LAYER objects in
96      * force at any one time (one for reading and one for writing). In some
97      * protocols more than 2 might be used (e.g. in DTLS for retransmitting
98      * messages from an earlier epoch).
99      *
100      * The created OSSL_RECORD_LAYER object is stored in *ret on success (or
101      * NULL otherwise). The return value will be one of
102      * OSSL_RECORD_RETURN_SUCCESS, OSSL_RECORD_RETURN_FATAL or
103      * OSSL_RECORD_RETURN_NON_FATAL. A non-fatal return means that creation of
104      * the record layer has failed because it is unsuitable, but an alternative
105      * record layer can be tried instead.
106      */
107 
108     /*
109      * If we eventually make this fetchable then we will need to use something
110      * other than EVP_CIPHER. Also mactype would not be a NID, but a string. For
111      * now though, this works.
112      */
113     int (*new_record_layer)(OSSL_LIB_CTX *libctx,
114         const char *propq, int vers,
115         int role, int direction,
116         int level,
117         uint16_t epoch,
118         unsigned char *secret,
119         size_t secretlen,
120         unsigned char *key,
121         size_t keylen,
122         unsigned char *iv,
123         size_t ivlen,
124         unsigned char *mackey,
125         size_t mackeylen,
126         const EVP_CIPHER *ciph,
127         size_t taglen,
128         int mactype,
129         const EVP_MD *md,
130         COMP_METHOD *comp,
131         const EVP_MD *kdfdigest,
132         BIO *prev,
133         BIO *transport,
134         BIO *next,
135         BIO_ADDR *local,
136         BIO_ADDR *peer,
137         const OSSL_PARAM *settings,
138         const OSSL_PARAM *options,
139         const OSSL_DISPATCH *fns,
140         void *cbarg,
141         void *rlarg,
142         OSSL_RECORD_LAYER **ret);
143     int (*free)(OSSL_RECORD_LAYER *rl);
144 
145     /* Returns 1 if we have unprocessed data buffered or 0 otherwise */
146     int (*unprocessed_read_pending)(OSSL_RECORD_LAYER *rl);
147 
148     /*
149      * Returns 1 if we have processed data buffered that can be read or 0 otherwise
150      * - not necessarily app data
151      */
152     int (*processed_read_pending)(OSSL_RECORD_LAYER *rl);
153 
154     /*
155      * The amount of processed app data that is internally buffered and
156      * available to read
157      */
158     size_t (*app_data_pending)(OSSL_RECORD_LAYER *rl);
159 
160     /*
161      * Find out the maximum number of records that the record layer is prepared
162      * to process in a single call to write_records. It is the caller's
163      * responsibility to ensure that no call to write_records exceeds this
164      * number of records. |type| is the type of the records that the caller
165      * wants to write, and |len| is the total amount of data that it wants
166      * to send. |maxfrag| is the maximum allowed fragment size based on user
167      * configuration, or TLS parameter negotiation. |*preffrag| contains on
168      * entry the default fragment size that will actually be used based on user
169      * configuration. This will always be less than or equal to |maxfrag|. On
170      * exit the record layer may update this to an alternative fragment size to
171      * be used. This must always be less than or equal to |maxfrag|.
172      */
173     size_t (*get_max_records)(OSSL_RECORD_LAYER *rl, uint8_t type, size_t len,
174         size_t maxfrag, size_t *preffrag);
175 
176     /*
177      * Write |numtempl| records from the array of record templates pointed to
178      * by |templates|. Each record should be no longer than the value returned
179      * by get_max_record_len(), and there should be no more records than the
180      * value returned by get_max_records().
181      * Where possible the caller will attempt to ensure that all records are the
182      * same length, except the last record. This may not always be possible so
183      * the record method implementation should not rely on this being the case.
184      * In the event of a retry the caller should call retry_write_records()
185      * to try again. No more calls to write_records() should be attempted until
186      * retry_write_records() returns success.
187      * Buffers allocated for the record templates can be freed immediately after
188      * write_records() returns - even in the case a retry.
189      * The record templates represent the plaintext payload. The encrypted
190      * output is written to the |transport| BIO.
191      * Returns:
192      *  1 on success
193      *  0 on retry
194      * -1 on failure
195      */
196     int (*write_records)(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
197         size_t numtempl);
198 
199     /*
200      * Retry a previous call to write_records. The caller should continue to
201      * call this until the function returns with success or failure. After
202      * each retry more of the data may have been incrementally sent.
203      * Returns:
204      *  1 on success
205      *  0 on retry
206      * -1 on failure
207      */
208     int (*retry_write_records)(OSSL_RECORD_LAYER *rl);
209 
210     /*
211      * Read a record and return the record layer version and record type in
212      * the |rversion| and |type| parameters. |*data| is set to point to a
213      * record layer buffer containing the record payload data and |*datalen|
214      * is filled in with the length of that data. The |epoch| and |seq_num|
215      * values are only used if DTLS has been negotiated. In that case they are
216      * filled in with the epoch and sequence number from the record.
217      * An opaque record layer handle for the record is returned in |*rechandle|
218      * which is used in a subsequent call to |release_record|. The buffer must
219      * remain available until all the bytes from record are released via one or
220      * more release_record calls.
221      *
222      * Internally the OSSL_RECORD_METHOD implementation may read/process
223      * multiple records in one go and buffer them.
224      */
225     int (*read_record)(OSSL_RECORD_LAYER *rl, void **rechandle, int *rversion,
226         uint8_t *type, const unsigned char **data, size_t *datalen,
227         uint16_t *epoch, unsigned char *seq_num);
228     /*
229      * Release length bytes from a buffer associated with a record previously
230      * read with read_record. Once all the bytes from a record are released, the
231      * whole record and its associated buffer is released. Records are
232      * guaranteed to be released in the order that they are read.
233      */
234     int (*release_record)(OSSL_RECORD_LAYER *rl, void *rechandle, size_t length);
235 
236     /*
237      * In the event that a fatal error is returned from the functions above then
238      * get_alert_code() can be called to obtain a more details identifier for
239      * the error. In (D)TLS this is the alert description code.
240      */
241     int (*get_alert_code)(OSSL_RECORD_LAYER *rl);
242 
243     /*
244      * Update the transport BIO from the one originally set in the
245      * new_record_layer call
246      */
247     int (*set1_bio)(OSSL_RECORD_LAYER *rl, BIO *bio);
248 
249     /* Called when protocol negotiation selects a protocol version to use */
250     int (*set_protocol_version)(OSSL_RECORD_LAYER *rl, int version);
251 
252     /*
253      * Whether we are allowed to receive unencrypted alerts, even if we might
254      * otherwise expect encrypted records. Ignored by protocol versions where
255      * this isn't relevant
256      */
257     void (*set_plain_alerts)(OSSL_RECORD_LAYER *rl, int allow);
258 
259     /*
260      * Called immediately after creation of the record layer if we are in a
261      * first handshake. Also called at the end of the first handshake
262      */
263     void (*set_first_handshake)(OSSL_RECORD_LAYER *rl, int first);
264 
265     /*
266      * Set the maximum number of pipelines that the record layer should process.
267      * The default is 1.
268      */
269     void (*set_max_pipelines)(OSSL_RECORD_LAYER *rl, size_t max_pipelines);
270 
271     /*
272      * Called to tell the record layer whether we are currently "in init" or
273      * not. Default at creation of the record layer is "yes".
274      */
275     void (*set_in_init)(OSSL_RECORD_LAYER *rl, int in_init);
276 
277     /*
278      * Get a short or long human readable description of the record layer state
279      */
280     void (*get_state)(OSSL_RECORD_LAYER *rl, const char **shortstr,
281         const char **longstr);
282 
283     /*
284      * Set new options or modify ones that were originally specified in the
285      * new_record_layer call.
286      */
287     int (*set_options)(OSSL_RECORD_LAYER *rl, const OSSL_PARAM *options);
288 
289     const COMP_METHOD *(*get_compression)(OSSL_RECORD_LAYER *rl);
290 
291     /*
292      * Set the maximum fragment length to be used for the record layer. This
293      * will override any previous value supplied for the "max_frag_len"
294      * setting during construction of the record layer.
295      */
296     void (*set_max_frag_len)(OSSL_RECORD_LAYER *rl, size_t max_frag_len);
297 
298     /*
299      * The maximum expansion in bytes that the record layer might add while
300      * writing a record
301      */
302     size_t (*get_max_record_overhead)(OSSL_RECORD_LAYER *rl);
303 
304     /*
305      * Increment the record sequence number
306      */
307     int (*increment_sequence_ctr)(OSSL_RECORD_LAYER *rl);
308 
309     /*
310      * Allocate read or write buffers. Does nothing if already allocated.
311      * Assumes default buffer length and 1 pipeline.
312      */
313     int (*alloc_buffers)(OSSL_RECORD_LAYER *rl);
314 
315     /*
316      * Free read or write buffers. Fails if there is pending read or write
317      * data. Buffers are automatically reallocated on next read/write.
318      */
319     int (*free_buffers)(OSSL_RECORD_LAYER *rl);
320 };
321 
322 /* Standard built-in record methods */
323 extern const OSSL_RECORD_METHOD ossl_tls_record_method;
324 #ifndef OPENSSL_NO_KTLS
325 extern const OSSL_RECORD_METHOD ossl_ktls_record_method;
326 #endif
327 extern const OSSL_RECORD_METHOD ossl_dtls_record_method;
328 
329 #endif /* !defined(OSSL_INTERNAL_RECORDMETHOD_H) */
330