lsquic_handshake.h revision 10c492f0
110c492f0SDmitri Tikhonov/* Copyright (c) 2017 - 2018 LiteSpeed Technologies Inc.  See LICENSE. */
283287402SDmitri Tikhonov#ifndef LSQUIC_HANDSHAKE_SERVER_H
383287402SDmitri Tikhonov#define LSQUIC_HANDSHAKE_SERVER_H
450aadb33SDmitri Tikhonov
550aadb33SDmitri Tikhonovstruct lsquic_engine_public;
683287402SDmitri Tikhonovstruct lsquic_enc_session;
750aadb33SDmitri Tikhonov
883287402SDmitri Tikhonovtypedef struct lsquic_enc_session lsquic_enc_session_t;
950aadb33SDmitri Tikhonov
1050aadb33SDmitri Tikhonov#define STK_LENGTH   60
1150aadb33SDmitri Tikhonov#define SNO_LENGTH   56
1250aadb33SDmitri Tikhonov#define SCID_LENGTH  16
1350aadb33SDmitri Tikhonov#define DNONC_LENGTH 32
1450aadb33SDmitri Tikhonov#define aes128_key_len 16
1550aadb33SDmitri Tikhonov#define aes128_iv_len 4
1650aadb33SDmitri Tikhonov
1750aadb33SDmitri Tikhonovenum handshake_error            /* TODO: rename this enum */
1850aadb33SDmitri Tikhonov{
1950aadb33SDmitri Tikhonov    DATA_NOT_ENOUGH = -2,
2050aadb33SDmitri Tikhonov    DATA_FORMAT_ERROR = -1,
2150aadb33SDmitri Tikhonov    HS_ERROR = -1,
2250aadb33SDmitri Tikhonov    DATA_NO_ERROR = 0,
2350aadb33SDmitri Tikhonov    HS_SHLO = 0,
2450aadb33SDmitri Tikhonov    HS_1RTT = 1,
2550aadb33SDmitri Tikhonov    HS_2RTT = 2,
2650aadb33SDmitri Tikhonov};
2750aadb33SDmitri Tikhonov
28c51ce338SDmitri Tikhonovenum enc_level
29c51ce338SDmitri Tikhonov{
30c51ce338SDmitri Tikhonov    ENC_LEV_UNSET,
31c51ce338SDmitri Tikhonov    ENC_LEV_CLEAR,
32c51ce338SDmitri Tikhonov    ENC_LEV_INIT,
33c51ce338SDmitri Tikhonov    ENC_LEV_FORW,
34c51ce338SDmitri Tikhonov};
35c51ce338SDmitri Tikhonov
3650aadb33SDmitri Tikhonov/* client side need to store 0rtt info per STK */
3750aadb33SDmitri Tikhonovtypedef struct lsquic_session_cache_info_st
3850aadb33SDmitri Tikhonov{
3950aadb33SDmitri Tikhonov    unsigned char   sscid[SCID_LENGTH];
4050aadb33SDmitri Tikhonov    unsigned char   spubs[32];  /* server pub key for next time 0rtt */
4150aadb33SDmitri Tikhonov    uint32_t    ver;  /* one VERSION */
4250aadb33SDmitri Tikhonov    uint32_t    aead;
4350aadb33SDmitri Tikhonov    uint32_t    kexs;
4450aadb33SDmitri Tikhonov    uint32_t    pdmd;
4550aadb33SDmitri Tikhonov    uint64_t    orbt;
4650aadb33SDmitri Tikhonov    uint64_t    expy;
4750aadb33SDmitri Tikhonov    int         scfg_flag; /* 0, no-init, 1, no parse, 2, parsed */
4850aadb33SDmitri Tikhonov    struct lsquic_str    sstk;
4950aadb33SDmitri Tikhonov    struct lsquic_str    scfg;
5050aadb33SDmitri Tikhonov    struct lsquic_str    sni_key;   /* This is only used as key */
5150aadb33SDmitri Tikhonov
5250aadb33SDmitri Tikhonov} lsquic_session_cache_info_t;
5350aadb33SDmitri Tikhonov
5450aadb33SDmitri Tikhonov#ifndef LSQUIC_KEEP_ENC_SESS_HISTORY
5550aadb33SDmitri Tikhonov#   ifndef NDEBUG
5650aadb33SDmitri Tikhonov#       define LSQUIC_KEEP_ENC_SESS_HISTORY 1
5750aadb33SDmitri Tikhonov#   else
5850aadb33SDmitri Tikhonov#       define LSQUIC_KEEP_ENC_SESS_HISTORY 0
5950aadb33SDmitri Tikhonov#   endif
6050aadb33SDmitri Tikhonov#endif
6150aadb33SDmitri Tikhonov
6250aadb33SDmitri Tikhonov#if LSQUIC_KEEP_ENC_SESS_HISTORY
6350aadb33SDmitri Tikhonov#define ESHIST_BITS 7
6450aadb33SDmitri Tikhonov#define ESHIST_MASK ((1 << ESHIST_BITS) - 1)
6550aadb33SDmitri Tikhonov#define ESHIST_STR_SIZE ((1 << ESHIST_BITS) + 1)
6650aadb33SDmitri Tikhonov#endif
6750aadb33SDmitri Tikhonov
6883287402SDmitri Tikhonovstruct enc_session_funcs
6950aadb33SDmitri Tikhonov{
7083287402SDmitri Tikhonov    /* Global initialization: call once per implementation */
7183287402SDmitri Tikhonov    int (*esf_global_init)(int flags);
7250aadb33SDmitri Tikhonov
7383287402SDmitri Tikhonov    /* Global cleanup: call once per implementation */
7483287402SDmitri Tikhonov    void (*esf_global_cleanup) (void);
7550aadb33SDmitri Tikhonov
7650aadb33SDmitri Tikhonov#if LSQUIC_KEEP_ENC_SESS_HISTORY
7783287402SDmitri Tikhonov    /* Grab encryption session history */
7883287402SDmitri Tikhonov    void (*esf_get_hist) (const lsquic_enc_session_t *,
7983287402SDmitri Tikhonov                                            char buf[ESHIST_STR_SIZE]);
8050aadb33SDmitri Tikhonov#endif
8150aadb33SDmitri Tikhonov
8283287402SDmitri Tikhonov    /* Destroy enc session */
8383287402SDmitri Tikhonov    void (*esf_destroy)(lsquic_enc_session_t *enc_session);
8450aadb33SDmitri Tikhonov
8583287402SDmitri Tikhonov    /* Return true if handshake has been completed */
8683287402SDmitri Tikhonov    int (*esf_is_hsk_done)(lsquic_enc_session_t *enc_session);
8750aadb33SDmitri Tikhonov
8883287402SDmitri Tikhonov    /* Encrypt buffer */
8983287402SDmitri Tikhonov    int (*esf_encrypt)(lsquic_enc_session_t *enc_session, enum lsquic_version,
9050aadb33SDmitri Tikhonov               uint8_t path_id, uint64_t pack_num,
9150aadb33SDmitri Tikhonov               const unsigned char *header, size_t header_len,
9250aadb33SDmitri Tikhonov               const unsigned char *data, size_t data_len,
9350aadb33SDmitri Tikhonov               unsigned char *buf_out, size_t max_out_len, size_t *out_len,
9450aadb33SDmitri Tikhonov               int is_hello);
9550aadb33SDmitri Tikhonov
96c51ce338SDmitri Tikhonov    /** Decrypt buffer
97c51ce338SDmitri Tikhonov     *
98c51ce338SDmitri Tikhonov     * If decryption is successful, decryption level is returned.  Otherwise,
99c51ce338SDmitri Tikhonov     * the return value is -1.
100c51ce338SDmitri Tikhonov     */
101c51ce338SDmitri Tikhonov    enum enc_level (*esf_decrypt)(lsquic_enc_session_t *enc_session,
102c51ce338SDmitri Tikhonov                   enum lsquic_version,
10383287402SDmitri Tikhonov                   uint8_t path_id, uint64_t pack_num,
10483287402SDmitri Tikhonov                   unsigned char *buf, size_t *header_len, size_t data_len,
10583287402SDmitri Tikhonov                   unsigned char *diversification_nonce,
10683287402SDmitri Tikhonov                   unsigned char *buf_out, size_t max_out_len, size_t *out_len);
10783287402SDmitri Tikhonov
10883287402SDmitri Tikhonov    /* Get value of setting specified by `tag' */
10983287402SDmitri Tikhonov    int (*esf_get_peer_setting) (const lsquic_enc_session_t *, uint32_t tag,
11083287402SDmitri Tikhonov                                                                uint32_t *val);
11183287402SDmitri Tikhonov
11283287402SDmitri Tikhonov    /* Get value of peer option (that from COPT array) */
11383287402SDmitri Tikhonov    int (*esf_get_peer_option) (const lsquic_enc_session_t *enc_session,
11483287402SDmitri Tikhonov                                                                uint32_t tag);
11583287402SDmitri Tikhonov
11683287402SDmitri Tikhonov    /* Create client session */
11783287402SDmitri Tikhonov    lsquic_enc_session_t *
11883287402SDmitri Tikhonov    (*esf_create_client) (const char *domain, lsquic_cid_t cid,
11983287402SDmitri Tikhonov                                    const struct lsquic_engine_public *);
12050aadb33SDmitri Tikhonov
12183287402SDmitri Tikhonov    /* Generate connection ID */
12283287402SDmitri Tikhonov    lsquic_cid_t (*esf_generate_cid) (void);
12350aadb33SDmitri Tikhonov
12483287402SDmitri Tikhonov    /* -1 error, 0, OK, response in `buf' */
12583287402SDmitri Tikhonov    int
12683287402SDmitri Tikhonov    (*esf_gen_chlo) (lsquic_enc_session_t *, enum lsquic_version,
12783287402SDmitri Tikhonov                                                uint8_t *buf, size_t *len);
12883287402SDmitri Tikhonov
12983287402SDmitri Tikhonov    int
13083287402SDmitri Tikhonov    (*esf_handle_chlo_reply) (lsquic_enc_session_t *,
13183287402SDmitri Tikhonov                                                const uint8_t *data, int len);
132c51ce338SDmitri Tikhonov
133c51ce338SDmitri Tikhonov    size_t
134c51ce338SDmitri Tikhonov    (*esf_mem_used)(lsquic_enc_session_t *);
13583287402SDmitri Tikhonov};
13650aadb33SDmitri Tikhonov
13783287402SDmitri Tikhonovextern
13850aadb33SDmitri Tikhonov#ifdef NDEBUG
13983287402SDmitri Tikhonovconst
14050aadb33SDmitri Tikhonov#endif
14183287402SDmitri Tikhonovstruct enc_session_funcs lsquic_enc_session_gquic_1;
14283287402SDmitri Tikhonov
14383287402SDmitri Tikhonov#define select_esf_by_ver(ver) \
14483287402SDmitri Tikhonov    (ver ? &lsquic_enc_session_gquic_1 : &lsquic_enc_session_gquic_1)
14583287402SDmitri Tikhonov
14683287402SDmitri Tikhonov/* client side, certs and hashs
14783287402SDmitri Tikhonov */
14883287402SDmitri Tikhonovtypedef struct cert_hash_item_st
14983287402SDmitri Tikhonov{
15083287402SDmitri Tikhonov    struct lsquic_str*   domain; /*with port, such as "xyz.com:8088" as the key */
15183287402SDmitri Tikhonov    struct lsquic_str*   crts;
15283287402SDmitri Tikhonov    struct lsquic_str*   hashs;
15383287402SDmitri Tikhonov    int         count;
15483287402SDmitri Tikhonov} cert_hash_item_t;
15550aadb33SDmitri Tikhonov
15650aadb33SDmitri Tikhonov#endif
157