Provide an initial implementation of the TLS 1.3 record layer.

This is entirely self-contained and knows nothing about SSL or BIO. The bottom of the stack is provided by wire read and write callbacks, with the API to the record layer primarily being via tls13_{read,write}_{application,handshake}_data(). This currently lacks some functionality, however will be worked on in tree. ok tb@
author: jsing <> 2019-01-20 10:31:54 +0000
committer: jsing <> 2019-01-20 10:31:54 +0000
commit: 7d4c5df49f29866dec345d1ed3420715c776e9e1 (patch)
tree: e8897b82c6da0c5ad784ceab148eb15cf17a1d6c /src/lib/libssl/tls13_internal.h
parent: 109c1a3cd723529ce9ea6e4db6ce37493ed83034 (diff)
download: openbsd-7d4c5df49f29866dec345d1ed3420715c776e9e1.tar.gz
openbsd-7d4c5df49f29866dec345d1ed3420715c776e9e1.tar.bz2
openbsd-7d4c5df49f29866dec345d1ed3420715c776e9e1.zip
1 files changed, 29 insertions, 3 deletions
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index 876f339c80..496627c0cd 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.8 2019/01/19 03:32:03 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.9 2019/01/20 10:31:54 jsing Exp $ */
 /*
 * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -31,8 +31,12 @@ __BEGIN_HIDDEN_DECLS
 #define TLS13_IO_WANT_POLLIN    -2
 #define TLS13_IO_WANT_POLLOUT   -3
+typedef int (*tls13_alert_cb)(uint8_t _alert_level, uint8_t _alert_desc,
+    void *_cb_arg);
+typedef int (*tls13_post_handshake_cb)(void *_cb_arg);
 typedef ssize_t (*tls13_read_cb)(void *_buf, size_t _buflen, void *_cb_arg);
-typedef ssize_t (*tls13_write_cb)(const void *_buf, size_t _buflen, void *_cb_arg);
+typedef ssize_t (*tls13_write_cb)(const void *_buf, size_t _buflen,
+    void *_cb_arg);
 struct tls13_buffer;
@@ -41,7 +45,8 @@ void tls13_buffer_free(struct tls13_buffer *buf);
 ssize_t tls13_buffer_extend(struct tls13_buffer *buf, size_t len,
    tls13_read_cb read_cb, void *cb_arg);
 void tls13_buffer_cbs(struct tls13_buffer *buf, CBS *cbs);
-int tls13_buffer_finish(struct tls13_buffer *buf, uint8_t **out, size_t *out_len);
+int tls13_buffer_finish(struct tls13_buffer *buf, uint8_t **out,
+    size_t *out_len);
 struct tls13_secret {
        uint8_t *data;
@@ -92,6 +97,27 @@ int tls13_derive_application_secrets(struct tls13_secrets *secrets,
 struct tls13_ctx;
+struct tls13_record_layer;
+struct tls13_record_layer *tls13_record_layer_new(tls13_read_cb wire_read,
+    tls13_write_cb wire_write, tls13_alert_cb alert_cb,
+    tls13_post_handshake_cb post_handshake_cb, void *cb_arg);
+void tls13_record_layer_free(struct tls13_record_layer *rl);
+void tls13_record_layer_set_aead(struct tls13_record_layer *rl,
+    const EVP_AEAD *aead);
+void tls13_record_layer_set_hash(struct tls13_record_layer *rl,
+    const EVP_MD *hash);
+void tls13_record_layer_handshake_completed(struct tls13_record_layer *rl);
+int tls13_record_layer_set_traffic_keys(struct tls13_record_layer *rl,
+    struct tls13_secret *read_key, struct tls13_secret *write_key);
+ssize_t tls13_read_handshake_data(struct tls13_record_layer *rl, uint8_t *buf, size_t n);
+ssize_t tls13_write_handshake_data(struct tls13_record_layer *rl, const uint8_t *buf,
+    size_t n);
+ssize_t tls13_read_application_data(struct tls13_record_layer *rl, uint8_t *buf, size_t n);
+ssize_t tls13_write_application_data(struct tls13_record_layer *rl, const uint8_t *buf,
+    size_t n);
 /*
 * RFC 8446, Section B.3
 *
author	jsing <>	2019-01-20 10:31:54 +0000
committer	jsing <>	2019-01-20 10:31:54 +0000
commit	7d4c5df49f29866dec345d1ed3420715c776e9e1 (patch)
tree	e8897b82c6da0c5ad784ceab148eb15cf17a1d6c /src/lib/libssl/tls13_internal.h
parent	109c1a3cd723529ce9ea6e4db6ce37493ed83034 (diff)
download	openbsd-7d4c5df49f29866dec345d1ed3420715c776e9e1.tar.gz openbsd-7d4c5df49f29866dec345d1ed3420715c776e9e1.tar.bz2 openbsd-7d4c5df49f29866dec345d1ed3420715c776e9e1.zip

diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h index 876f339c80..496627c0cd 100644 --- a/src/lib/libssl/tls13_internal.h +++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_internal.h,v 1.8 2019/01/19 03:32:03 jsing Exp $ */	1	/* $OpenBSD: tls13_internal.h,v 1.9 2019/01/20 10:31:54 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018 Bob Beck <beck@openbsd.org>	3	* Copyright (c) 2018 Bob Beck <beck@openbsd.org>
4	* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>	4	* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -31,8 +31,12 @@ __BEGIN_HIDDEN_DECLS
31	#define TLS13_IO_WANT_POLLIN -2	31	#define TLS13_IO_WANT_POLLIN -2
32	#define TLS13_IO_WANT_POLLOUT -3	32	#define TLS13_IO_WANT_POLLOUT -3
33		33
		34	typedef int (*tls13_alert_cb)(uint8_t _alert_level, uint8_t _alert_desc,
		35	void *_cb_arg);
		36	typedef int (tls13_post_handshake_cb)(void _cb_arg);
34	typedef ssize_t (tls13_read_cb)(void _buf, size_t _buflen, void *_cb_arg);	37	typedef ssize_t (tls13_read_cb)(void _buf, size_t _buflen, void *_cb_arg);
35	typedef ssize_t (tls13_write_cb)(const void _buf, size_t _buflen, void *_cb_arg);	38	typedef ssize_t (tls13_write_cb)(const void _buf, size_t _buflen,
		39	void *_cb_arg);
36		40
37	struct tls13_buffer;	41	struct tls13_buffer;
38		42
@@ -41,7 +45,8 @@ void tls13_buffer_free(struct tls13_buffer *buf);
41	ssize_t tls13_buffer_extend(struct tls13_buffer *buf, size_t len,	45	ssize_t tls13_buffer_extend(struct tls13_buffer *buf, size_t len,
42	tls13_read_cb read_cb, void *cb_arg);	46	tls13_read_cb read_cb, void *cb_arg);
43	void tls13_buffer_cbs(struct tls13_buffer buf, CBS cbs);	47	void tls13_buffer_cbs(struct tls13_buffer buf, CBS cbs);
44	int tls13_buffer_finish(struct tls13_buffer buf, uint8_t out, size_t out_len);	48	int tls13_buffer_finish(struct tls13_buffer buf, uint8_t *out,
		49	size_t *out_len);
45		50
46	struct tls13_secret {	51	struct tls13_secret {
47	uint8_t *data;	52	uint8_t *data;
@@ -92,6 +97,27 @@ int tls13_derive_application_secrets(struct tls13_secrets *secrets,
92		97
93	struct tls13_ctx;	98	struct tls13_ctx;
94		99
		100	struct tls13_record_layer;
		101
		102	struct tls13_record_layer *tls13_record_layer_new(tls13_read_cb wire_read,
		103	tls13_write_cb wire_write, tls13_alert_cb alert_cb,
		104	tls13_post_handshake_cb post_handshake_cb, void *cb_arg);
		105	void tls13_record_layer_free(struct tls13_record_layer *rl);
		106	void tls13_record_layer_set_aead(struct tls13_record_layer *rl,
		107	const EVP_AEAD *aead);
		108	void tls13_record_layer_set_hash(struct tls13_record_layer *rl,
		109	const EVP_MD *hash);
		110	void tls13_record_layer_handshake_completed(struct tls13_record_layer *rl);
		111	int tls13_record_layer_set_traffic_keys(struct tls13_record_layer *rl,
		112	struct tls13_secret read_key, struct tls13_secret write_key);
		113
		114	ssize_t tls13_read_handshake_data(struct tls13_record_layer rl, uint8_t buf, size_t n);
		115	ssize_t tls13_write_handshake_data(struct tls13_record_layer rl, const uint8_t buf,
		116	size_t n);
		117	ssize_t tls13_read_application_data(struct tls13_record_layer rl, uint8_t buf, size_t n);
		118	ssize_t tls13_write_application_data(struct tls13_record_layer rl, const uint8_t buf,
		119	size_t n);
		120
95	/*	121	/*
96	* RFC 8446, Section B.3	122	* RFC 8446, Section B.3
97	*	123	*