lsquic_handshake.h revision 9626cfc2
110c492f0SDmitri Tikhonov/* Copyright (c) 2017 - 2018 LiteSpeed Technologies Inc. See LICENSE. */ 283287402SDmitri Tikhonov#ifndef LSQUIC_HANDSHAKE_SERVER_H 383287402SDmitri Tikhonov#define LSQUIC_HANDSHAKE_SERVER_H 450aadb33SDmitri Tikhonov 550aadb33SDmitri Tikhonovstruct lsquic_engine_public; 683287402SDmitri Tikhonovstruct lsquic_enc_session; 750aadb33SDmitri Tikhonov 883287402SDmitri Tikhonovtypedef struct lsquic_enc_session lsquic_enc_session_t; 950aadb33SDmitri Tikhonov 1050aadb33SDmitri Tikhonov#define STK_LENGTH 60 1150aadb33SDmitri Tikhonov#define SNO_LENGTH 56 1250aadb33SDmitri Tikhonov#define SCID_LENGTH 16 1350aadb33SDmitri Tikhonov#define DNONC_LENGTH 32 1450aadb33SDmitri Tikhonov#define aes128_key_len 16 1550aadb33SDmitri Tikhonov#define aes128_iv_len 4 169626cfc2SDmitri Tikhonov#define SRST_LENGTH 16 1750aadb33SDmitri Tikhonov 1850aadb33SDmitri Tikhonovenum handshake_error /* TODO: rename this enum */ 1950aadb33SDmitri Tikhonov{ 2050aadb33SDmitri Tikhonov DATA_NOT_ENOUGH = -2, 2150aadb33SDmitri Tikhonov DATA_FORMAT_ERROR = -1, 2250aadb33SDmitri Tikhonov HS_ERROR = -1, 2350aadb33SDmitri Tikhonov DATA_NO_ERROR = 0, 2450aadb33SDmitri Tikhonov HS_SHLO = 0, 2550aadb33SDmitri Tikhonov HS_1RTT = 1, 2650aadb33SDmitri Tikhonov HS_2RTT = 2, 2750aadb33SDmitri Tikhonov}; 2850aadb33SDmitri Tikhonov 29c51ce338SDmitri Tikhonovenum enc_level 30c51ce338SDmitri Tikhonov{ 31c51ce338SDmitri Tikhonov ENC_LEV_UNSET, 32c51ce338SDmitri Tikhonov ENC_LEV_CLEAR, 33c51ce338SDmitri Tikhonov ENC_LEV_INIT, 34c51ce338SDmitri Tikhonov ENC_LEV_FORW, 35c51ce338SDmitri Tikhonov}; 36c51ce338SDmitri Tikhonov 379626cfc2SDmitri Tikhonovextern const char *const lsquic_enclev2str[]; 389626cfc2SDmitri Tikhonov 3950aadb33SDmitri Tikhonov/* client side need to store 0rtt info per STK */ 4050aadb33SDmitri Tikhonovtypedef struct lsquic_session_cache_info_st 4150aadb33SDmitri Tikhonov{ 4250aadb33SDmitri Tikhonov unsigned char sscid[SCID_LENGTH]; 4350aadb33SDmitri Tikhonov unsigned char spubs[32]; /* server pub key for next time 0rtt */ 4450aadb33SDmitri Tikhonov uint32_t ver; /* one VERSION */ 4550aadb33SDmitri Tikhonov uint32_t aead; 4650aadb33SDmitri Tikhonov uint32_t kexs; 4750aadb33SDmitri Tikhonov uint32_t pdmd; 4850aadb33SDmitri Tikhonov uint64_t orbt; 4950aadb33SDmitri Tikhonov uint64_t expy; 5050aadb33SDmitri Tikhonov int scfg_flag; /* 0, no-init, 1, no parse, 2, parsed */ 5150aadb33SDmitri Tikhonov struct lsquic_str sstk; 5250aadb33SDmitri Tikhonov struct lsquic_str scfg; 5350aadb33SDmitri Tikhonov struct lsquic_str sni_key; /* This is only used as key */ 5450aadb33SDmitri Tikhonov 5550aadb33SDmitri Tikhonov} lsquic_session_cache_info_t; 5650aadb33SDmitri Tikhonov 5750aadb33SDmitri Tikhonov#ifndef LSQUIC_KEEP_ENC_SESS_HISTORY 5850aadb33SDmitri Tikhonov# ifndef NDEBUG 5950aadb33SDmitri Tikhonov# define LSQUIC_KEEP_ENC_SESS_HISTORY 1 6050aadb33SDmitri Tikhonov# else 6150aadb33SDmitri Tikhonov# define LSQUIC_KEEP_ENC_SESS_HISTORY 0 6250aadb33SDmitri Tikhonov# endif 6350aadb33SDmitri Tikhonov#endif 6450aadb33SDmitri Tikhonov 6550aadb33SDmitri Tikhonov#if LSQUIC_KEEP_ENC_SESS_HISTORY 6650aadb33SDmitri Tikhonov#define ESHIST_BITS 7 6750aadb33SDmitri Tikhonov#define ESHIST_MASK ((1 << ESHIST_BITS) - 1) 6850aadb33SDmitri Tikhonov#define ESHIST_STR_SIZE ((1 << ESHIST_BITS) + 1) 6950aadb33SDmitri Tikhonov#endif 7050aadb33SDmitri Tikhonov 7183287402SDmitri Tikhonovstruct enc_session_funcs 7250aadb33SDmitri Tikhonov{ 7383287402SDmitri Tikhonov /* Global initialization: call once per implementation */ 7483287402SDmitri Tikhonov int (*esf_global_init)(int flags); 7550aadb33SDmitri Tikhonov 7683287402SDmitri Tikhonov /* Global cleanup: call once per implementation */ 7783287402SDmitri Tikhonov void (*esf_global_cleanup) (void); 7850aadb33SDmitri Tikhonov 7950aadb33SDmitri Tikhonov#if LSQUIC_KEEP_ENC_SESS_HISTORY 8083287402SDmitri Tikhonov /* Grab encryption session history */ 8183287402SDmitri Tikhonov void (*esf_get_hist) (const lsquic_enc_session_t *, 8283287402SDmitri Tikhonov char buf[ESHIST_STR_SIZE]); 8350aadb33SDmitri Tikhonov#endif 8450aadb33SDmitri Tikhonov 8583287402SDmitri Tikhonov /* Destroy enc session */ 8683287402SDmitri Tikhonov void (*esf_destroy)(lsquic_enc_session_t *enc_session); 8750aadb33SDmitri Tikhonov 8883287402SDmitri Tikhonov /* Return true if handshake has been completed */ 8983287402SDmitri Tikhonov int (*esf_is_hsk_done)(lsquic_enc_session_t *enc_session); 9050aadb33SDmitri Tikhonov 9183287402SDmitri Tikhonov /* Encrypt buffer */ 929626cfc2SDmitri Tikhonov enum enc_level (*esf_encrypt)(lsquic_enc_session_t *enc_session, 939626cfc2SDmitri Tikhonov enum lsquic_version, uint8_t path_id, uint64_t pack_num, 9450aadb33SDmitri Tikhonov const unsigned char *header, size_t header_len, 9550aadb33SDmitri Tikhonov const unsigned char *data, size_t data_len, 9650aadb33SDmitri Tikhonov unsigned char *buf_out, size_t max_out_len, size_t *out_len, 9750aadb33SDmitri Tikhonov int is_hello); 9850aadb33SDmitri Tikhonov 99c51ce338SDmitri Tikhonov /** Decrypt buffer 100c51ce338SDmitri Tikhonov * 101c51ce338SDmitri Tikhonov * If decryption is successful, decryption level is returned. Otherwise, 102c51ce338SDmitri Tikhonov * the return value is -1. 103c51ce338SDmitri Tikhonov */ 104c51ce338SDmitri Tikhonov enum enc_level (*esf_decrypt)(lsquic_enc_session_t *enc_session, 105c51ce338SDmitri Tikhonov enum lsquic_version, 10683287402SDmitri Tikhonov uint8_t path_id, uint64_t pack_num, 10783287402SDmitri Tikhonov unsigned char *buf, size_t *header_len, size_t data_len, 10883287402SDmitri Tikhonov unsigned char *diversification_nonce, 10983287402SDmitri Tikhonov unsigned char *buf_out, size_t max_out_len, size_t *out_len); 11083287402SDmitri Tikhonov 11183287402SDmitri Tikhonov /* Get value of setting specified by `tag' */ 11283287402SDmitri Tikhonov int (*esf_get_peer_setting) (const lsquic_enc_session_t *, uint32_t tag, 11383287402SDmitri Tikhonov uint32_t *val); 11483287402SDmitri Tikhonov 11583287402SDmitri Tikhonov /* Get value of peer option (that from COPT array) */ 11683287402SDmitri Tikhonov int (*esf_get_peer_option) (const lsquic_enc_session_t *enc_session, 11783287402SDmitri Tikhonov uint32_t tag); 11883287402SDmitri Tikhonov 11983287402SDmitri Tikhonov /* Create client session */ 12083287402SDmitri Tikhonov lsquic_enc_session_t * 12183287402SDmitri Tikhonov (*esf_create_client) (const char *domain, lsquic_cid_t cid, 12283287402SDmitri Tikhonov const struct lsquic_engine_public *); 12350aadb33SDmitri Tikhonov 12483287402SDmitri Tikhonov /* Generate connection ID */ 12583287402SDmitri Tikhonov lsquic_cid_t (*esf_generate_cid) (void); 12650aadb33SDmitri Tikhonov 12783287402SDmitri Tikhonov /* -1 error, 0, OK, response in `buf' */ 12883287402SDmitri Tikhonov int 12983287402SDmitri Tikhonov (*esf_gen_chlo) (lsquic_enc_session_t *, enum lsquic_version, 13083287402SDmitri Tikhonov uint8_t *buf, size_t *len); 13183287402SDmitri Tikhonov 13283287402SDmitri Tikhonov int 13383287402SDmitri Tikhonov (*esf_handle_chlo_reply) (lsquic_enc_session_t *, 13483287402SDmitri Tikhonov const uint8_t *data, int len); 135c51ce338SDmitri Tikhonov 136c51ce338SDmitri Tikhonov size_t 137c51ce338SDmitri Tikhonov (*esf_mem_used)(lsquic_enc_session_t *); 1389626cfc2SDmitri Tikhonov 1399626cfc2SDmitri Tikhonov int 1409626cfc2SDmitri Tikhonov (*esf_verify_reset_token) (lsquic_enc_session_t *, const unsigned char *, 1419626cfc2SDmitri Tikhonov size_t); 14283287402SDmitri Tikhonov}; 14350aadb33SDmitri Tikhonov 14483287402SDmitri Tikhonovextern 14550aadb33SDmitri Tikhonov#ifdef NDEBUG 14683287402SDmitri Tikhonovconst 14750aadb33SDmitri Tikhonov#endif 14883287402SDmitri Tikhonovstruct enc_session_funcs lsquic_enc_session_gquic_1; 14983287402SDmitri Tikhonov 15083287402SDmitri Tikhonov#define select_esf_by_ver(ver) \ 15183287402SDmitri Tikhonov (ver ? &lsquic_enc_session_gquic_1 : &lsquic_enc_session_gquic_1) 15283287402SDmitri Tikhonov 15383287402SDmitri Tikhonov/* client side, certs and hashs 15483287402SDmitri Tikhonov */ 15583287402SDmitri Tikhonovtypedef struct cert_hash_item_st 15683287402SDmitri Tikhonov{ 15783287402SDmitri Tikhonov struct lsquic_str* domain; /*with port, such as "xyz.com:8088" as the key */ 15883287402SDmitri Tikhonov struct lsquic_str* crts; 15983287402SDmitri Tikhonov struct lsquic_str* hashs; 16083287402SDmitri Tikhonov int count; 16183287402SDmitri Tikhonov} cert_hash_item_t; 16250aadb33SDmitri Tikhonov 16350aadb33SDmitri Tikhonov#endif 164