lsquic_handshake.h revision 229fce07 
1/* Copyright (c) 2017 - 2019 LiteSpeed Technologies Inc.  See LICENSE. */
2#ifndef LSQUIC_HANDSHAKE_SERVER_H
3#define LSQUIC_HANDSHAKE_SERVER_H
4
5struct lsquic_engine_public;
6struct lsquic_enc_session;
7struct stack_st_X509;
8
9typedef struct lsquic_enc_session lsquic_enc_session_t;
10
11#define STK_LENGTH   60
12#define SNO_LENGTH   56
13#define SCID_LENGTH  16
14#define DNONC_LENGTH 32
15#define aes128_key_len 16
16#define aes128_iv_len 4
17#define SRST_LENGTH 16
18
19enum handshake_error            /* TODO: rename this enum */
20{
21    DATA_NOT_ENOUGH = -2,
22    DATA_FORMAT_ERROR = -1,
23    HS_ERROR = -1,
24    DATA_NO_ERROR = 0,
25    HS_SHLO = 0,
26    HS_1RTT = 1,
27    HS_2RTT = 2,
28};
29
30enum enc_level
31{
32    ENC_LEV_UNSET,
33    ENC_LEV_CLEAR,
34    ENC_LEV_INIT,
35    ENC_LEV_FORW,
36};
37
38extern const char *const lsquic_enclev2str[];
39
40/* client side need to store 0rtt info per STK */
41typedef struct lsquic_session_cache_info_st
42{
43    unsigned char   sscid[SCID_LENGTH];
44    unsigned char   spubs[32];  /* server pub key for next time 0rtt */
45    uint32_t    ver;  /* one VERSION */
46    uint32_t    aead;
47    uint32_t    kexs;
48    uint32_t    pdmd;
49    uint64_t    orbt;
50    uint64_t    expy;
51    int         scfg_flag; /* 0, no-init, 1, no parse, 2, parsed */
52    struct lsquic_str    sstk;
53    struct lsquic_str    scfg;
54    struct lsquic_str    sni_key;   /* This is only used as key */
55
56} lsquic_session_cache_info_t;
57
58#ifndef LSQUIC_KEEP_ENC_SESS_HISTORY
59#   ifndef NDEBUG
60#       define LSQUIC_KEEP_ENC_SESS_HISTORY 1
61#   else
62#       define LSQUIC_KEEP_ENC_SESS_HISTORY 0
63#   endif
64#endif
65
66#if LSQUIC_KEEP_ENC_SESS_HISTORY
67#define ESHIST_BITS 7
68#define ESHIST_MASK ((1 << ESHIST_BITS) - 1)
69#define ESHIST_STR_SIZE ((1 << ESHIST_BITS) + 1)
70#endif
71
72struct enc_session_funcs
73{
74    /* Global initialization: call once per implementation */
75    int (*esf_global_init)(int flags);
76
77    /* Global cleanup: call once per implementation */
78    void (*esf_global_cleanup) (void);
79
80#if LSQUIC_KEEP_ENC_SESS_HISTORY
81    /* Grab encryption session history */
82    void (*esf_get_hist) (const lsquic_enc_session_t *,
83                                            char buf[ESHIST_STR_SIZE]);
84#endif
85
86    /* Destroy enc session */
87    void (*esf_destroy)(lsquic_enc_session_t *enc_session);
88
89    /* Return true if handshake has been completed */
90    int (*esf_is_hsk_done)(lsquic_enc_session_t *enc_session);
91
92    /* Encrypt buffer */
93    enum enc_level (*esf_encrypt)(lsquic_enc_session_t *enc_session,
94               enum lsquic_version, uint8_t path_id, uint64_t pack_num,
95               const unsigned char *header, size_t header_len,
96               const unsigned char *data, size_t data_len,
97               unsigned char *buf_out, size_t max_out_len, size_t *out_len,
98               int is_hello);
99
100    /** Decrypt buffer
101     *
102     * If decryption is successful, decryption level is returned.  Otherwise,
103     * the return value is -1.
104     */
105    enum enc_level (*esf_decrypt)(lsquic_enc_session_t *enc_session,
106                   enum lsquic_version,
107                   uint8_t path_id, uint64_t pack_num,
108                   unsigned char *buf, size_t *header_len, size_t data_len,
109                   unsigned char *diversification_nonce,
110                   unsigned char *buf_out, size_t max_out_len, size_t *out_len);
111
112    /* Get value of setting specified by `tag' */
113    int (*esf_get_peer_setting) (const lsquic_enc_session_t *, uint32_t tag,
114                                                                uint32_t *val);
115
116    /* Get value of peer option (that from COPT array) */
117    int (*esf_get_peer_option) (const lsquic_enc_session_t *enc_session,
118                                                                uint32_t tag);
119
120    /* Create client session */
121    lsquic_enc_session_t *
122    (*esf_create_client) (const char *domain, lsquic_cid_t cid,
123                                    const struct lsquic_engine_public *);
124
125    /* Generate connection ID */
126    lsquic_cid_t (*esf_generate_cid) (void);
127
128    /* -1 error, 0, OK, response in `buf' */
129    int
130    (*esf_gen_chlo) (lsquic_enc_session_t *, enum lsquic_version,
131                                                uint8_t *buf, size_t *len);
132
133    int
134    (*esf_handle_chlo_reply) (lsquic_enc_session_t *,
135                                                const uint8_t *data, int len);
136
137    size_t
138    (*esf_mem_used)(lsquic_enc_session_t *);
139
140    int
141    (*esf_verify_reset_token) (lsquic_enc_session_t *, const unsigned char *,
142                                                                    size_t);
143
144    struct stack_st_X509 *
145    (*esf_get_server_cert_chain) (lsquic_enc_session_t *);
146};
147
148extern
149#ifdef NDEBUG
150const
151#endif
152struct enc_session_funcs lsquic_enc_session_gquic_1;
153
154#define select_esf_by_ver(ver) \
155    (ver ? &lsquic_enc_session_gquic_1 : &lsquic_enc_session_gquic_1)
156
157/* client side, certs and hashs
158 */
159typedef struct cert_hash_item_st
160{
161    struct lsquic_str*   domain; /*with port, such as "xyz.com:8088" as the key */
162    struct lsquic_str*   crts;
163    struct lsquic_str*   hashs;
164    int         count;
165} cert_hash_item_t;
166
167#endif
168