openssl/include/internal/quic_record_util.h
Hugo Landau 1957148384 QUIC Record Layer (Refactor and TX Side)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18949)
2022-09-02 10:03:55 +02:00

113 lines
4.3 KiB
C

/*
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_QUIC_RECORD_UTIL_H
# define OSSL_QUIC_RECORD_UTIL_H
# include <openssl/ssl.h>
# include "internal/quic_types.h"
struct ossl_qrx_st;
struct ossl_qtx_st;
/*
* QUIC Key Derivation Utilities
* =============================
*/
/* HKDF-Extract(salt, IKM) (RFC 5869) */
int ossl_quic_hkdf_extract(OSSL_LIB_CTX *libctx,
const char *propq,
const EVP_MD *md,
const unsigned char *salt, size_t salt_len,
const unsigned char *ikm, size_t ikm_len,
unsigned char *out, size_t out_len);
/*
* A QUIC client sends its first INITIAL packet with a random DCID, which
* is used to compute the secrets used for INITIAL packet encryption in both
* directions (both client-to-server and server-to-client).
*
* This function performs the necessary DCID-based key derivation, and then
* provides the derived key material for the INITIAL encryption level to a QRX
* instance, a QTX instance, or both.
*
* This function derives the necessary key material and then:
* - if qrx is non-NULL, provides the appropriate secret to it;
* - if qtx is non-NULL, provides the appropriate secret to it.
*
* If both qrx and qtx are NULL, this is a no-op. This function is equivalent to
* making the appropriate calls to ossl_qrx_provide_secret() and
* ossl_qtx_provide_secret().
*
* It is possible to use a QRX or QTX without ever calling this, for example if
* there is no desire to handle INITIAL packets (e.g. if a QRX/QTX is
* instantiated to succeed a previous QRX/QTX and handle a connection which is
* already established). However in this case you should make sure you call
* ossl_qrx_discard_enc_level(); see the header for that function for more
* details. Calling ossl_qtx_discard_enc_level() is not essential but could
* protect against programming errors.
*
* Returns 1 on success or 0 on error.
*/
int ossl_quic_provide_initial_secret(OSSL_LIB_CTX *libctx,
const char *propq,
const QUIC_CONN_ID *dst_conn_id,
int is_server,
struct ossl_qrx_st *qrx,
struct ossl_qtx_st *qtx);
/*
* QUIC Record Layer Ciphersuite Info
* ==================================
*/
/* Available QUIC Record Layer (QRL) ciphersuites. */
# define QRL_SUITE_AES128GCM 1 /* SHA256 */
# define QRL_SUITE_AES256GCM 2 /* SHA384 */
# define QRL_SUITE_CHACHA20POLY1305 3 /* SHA256 */
/* Returns cipher name in bytes or NULL if suite ID is invalid. */
const char *ossl_qrl_get_suite_cipher_name(uint32_t suite_id);
/* Returns hash function name in bytes or NULL if suite ID is invalid. */
const char *ossl_qrl_get_suite_md_name(uint32_t suite_id);
/* Returns secret length in bytes or 0 if suite ID is invalid. */
uint32_t ossl_qrl_get_suite_secret_len(uint32_t suite_id);
/* Returns key length in bytes or 0 if suite ID is invalid. */
uint32_t ossl_qrl_get_suite_cipher_key_len(uint32_t suite_id);
/* Returns IV length in bytes or 0 if suite ID is invalid. */
uint32_t ossl_qrl_get_suite_cipher_iv_len(uint32_t suite_id);
/* Returns AEAD auth tag length in bytes or 0 if suite ID is invalid. */
uint32_t ossl_qrl_get_suite_cipher_tag_len(uint32_t suite_id);
/* Returns a QUIC_HDR_PROT_CIPHER_* value or 0 if suite ID is invalid. */
uint32_t ossl_qrl_get_suite_hdr_prot_cipher_id(uint32_t suite_id);
/* Returns header protection key length in bytes or 0 if suite ID is invalid. */
uint32_t ossl_qrl_get_suite_hdr_prot_key_len(uint32_t suite_id);
/*
* Returns maximum number of packets which may be safely encrypted with a suite
* or 0 if suite ID is invalid.
*/
uint64_t ossl_qrl_get_suite_max_pkt(uint32_t suite_id);
/*
* Returns maximum number of RX'd packets which may safely fail AEAD decryption
* for a given suite or 0 if suite ID is invalid.
*/
uint64_t ossl_qrl_get_suite_max_forged_pkt(uint32_t suite_id);
#endif