root / lab4 / .minix-src / include / openssl / dtls1.h @ 14
History | View | Annotate | Download (8.68 KB)
1 | 13 | up20180614 | /* ssl/dtls1.h */
|
---|---|---|---|
2 | /*
|
||
3 | * DTLS implementation written by Nagendra Modadugu
|
||
4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||
5 | */
|
||
6 | /* ====================================================================
|
||
7 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
|
||
8 | *
|
||
9 | * Redistribution and use in source and binary forms, with or without
|
||
10 | * modification, are permitted provided that the following conditions
|
||
11 | * are met:
|
||
12 | *
|
||
13 | * 1. Redistributions of source code must retain the above copyright
|
||
14 | * notice, this list of conditions and the following disclaimer.
|
||
15 | *
|
||
16 | * 2. Redistributions in binary form must reproduce the above copyright
|
||
17 | * notice, this list of conditions and the following disclaimer in
|
||
18 | * the documentation and/or other materials provided with the
|
||
19 | * distribution.
|
||
20 | *
|
||
21 | * 3. All advertising materials mentioning features or use of this
|
||
22 | * software must display the following acknowledgment:
|
||
23 | * "This product includes software developed by the OpenSSL Project
|
||
24 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||
25 | *
|
||
26 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||
27 | * endorse or promote products derived from this software without
|
||
28 | * prior written permission. For written permission, please contact
|
||
29 | * openssl-core@OpenSSL.org.
|
||
30 | *
|
||
31 | * 5. Products derived from this software may not be called "OpenSSL"
|
||
32 | * nor may "OpenSSL" appear in their names without prior written
|
||
33 | * permission of the OpenSSL Project.
|
||
34 | *
|
||
35 | * 6. Redistributions of any form whatsoever must retain the following
|
||
36 | * acknowledgment:
|
||
37 | * "This product includes software developed by the OpenSSL Project
|
||
38 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||
39 | *
|
||
40 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||
41 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||
42 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||
43 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||
44 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||
45 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||
46 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||
47 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||
49 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||
50 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||
51 | * OF THE POSSIBILITY OF SUCH DAMAGE.
|
||
52 | * ====================================================================
|
||
53 | *
|
||
54 | * This product includes cryptographic software written by Eric Young
|
||
55 | * (eay@cryptsoft.com). This product includes software written by Tim
|
||
56 | * Hudson (tjh@cryptsoft.com).
|
||
57 | *
|
||
58 | */
|
||
59 | |||
60 | #ifndef HEADER_DTLS1_H
|
||
61 | # define HEADER_DTLS1_H
|
||
62 | |||
63 | # include <openssl/buffer.h> |
||
64 | # include <openssl/pqueue.h> |
||
65 | # ifdef OPENSSL_SYS_VMS
|
||
66 | # include <resource.h> |
||
67 | # include <sys/timeb.h> |
||
68 | # endif
|
||
69 | # ifdef OPENSSL_SYS_WIN32
|
||
70 | /* Needed for struct timeval */
|
||
71 | # include <winsock.h> |
||
72 | # elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
|
||
73 | # include <sys/timeval.h> |
||
74 | # else
|
||
75 | # if defined(OPENSSL_SYS_VXWORKS)
|
||
76 | # include <sys/times.h> |
||
77 | # else
|
||
78 | # include <sys/time.h> |
||
79 | # endif
|
||
80 | # endif
|
||
81 | |||
82 | #ifdef __cplusplus
|
||
83 | extern "C" { |
||
84 | #endif
|
||
85 | |||
86 | # define DTLS1_VERSION 0xFEFF |
||
87 | # define DTLS_MAX_VERSION DTLS1_VERSION
|
||
88 | # define DTLS1_VERSION_MAJOR 0xFE |
||
89 | |||
90 | # define DTLS1_BAD_VER 0x0100 |
||
91 | |||
92 | # if 0
|
||
93 | /* this alert description is not specified anywhere... */
|
||
94 | # define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE 110
|
||
95 | # endif
|
||
96 | |||
97 | /* lengths of messages */
|
||
98 | # define DTLS1_COOKIE_LENGTH 256
|
||
99 | |||
100 | # define DTLS1_RT_HEADER_LENGTH 13
|
||
101 | |||
102 | # define DTLS1_HM_HEADER_LENGTH 12
|
||
103 | |||
104 | # define DTLS1_HM_BAD_FRAGMENT -2
|
||
105 | # define DTLS1_HM_FRAGMENT_RETRY -3
|
||
106 | |||
107 | # define DTLS1_CCS_HEADER_LENGTH 1
|
||
108 | |||
109 | # ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
|
||
110 | # define DTLS1_AL_HEADER_LENGTH 7
|
||
111 | # else
|
||
112 | # define DTLS1_AL_HEADER_LENGTH 2
|
||
113 | # endif
|
||
114 | |||
115 | # ifndef OPENSSL_NO_SSL_INTERN
|
||
116 | |||
117 | # ifndef OPENSSL_NO_SCTP
|
||
118 | # define DTLS1_SCTP_AUTH_LABEL "EXPORTER_DTLS_OVER_SCTP"
|
||
119 | # endif
|
||
120 | |||
121 | /* Max MTU overhead we know about so far is 40 for IPv6 + 8 for UDP */
|
||
122 | # define DTLS1_MAX_MTU_OVERHEAD 48
|
||
123 | |||
124 | typedef struct dtls1_bitmap_st {
|
||
125 | unsigned long map; /* track 32 packets on 32-bit systems and 64
|
||
126 | * - on 64-bit systems */
|
||
127 | unsigned char max_seq_num[8]; /* max record number seen so far, 64-bit
|
||
128 | * value in big-endian encoding */
|
||
129 | } DTLS1_BITMAP;
|
||
130 | |||
131 | struct dtls1_retransmit_state {
|
||
132 | EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
|
||
133 | EVP_MD_CTX *write_hash; /* used for mac generation */
|
||
134 | # ifndef OPENSSL_NO_COMP
|
||
135 | COMP_CTX *compress; /* compression */
|
||
136 | # else
|
||
137 | char *compress;
|
||
138 | # endif
|
||
139 | SSL_SESSION *session;
|
||
140 | unsigned short epoch;
|
||
141 | };
|
||
142 | |||
143 | struct hm_header_st {
|
||
144 | unsigned char type;
|
||
145 | unsigned long msg_len;
|
||
146 | unsigned short seq;
|
||
147 | unsigned long frag_off;
|
||
148 | unsigned long frag_len;
|
||
149 | unsigned int is_ccs;
|
||
150 | struct dtls1_retransmit_state saved_retransmit_state;
|
||
151 | };
|
||
152 | |||
153 | struct ccs_header_st {
|
||
154 | unsigned char type;
|
||
155 | unsigned short seq;
|
||
156 | };
|
||
157 | |||
158 | struct dtls1_timeout_st {
|
||
159 | /* Number of read timeouts so far */
|
||
160 | unsigned int read_timeouts;
|
||
161 | /* Number of write timeouts so far */
|
||
162 | unsigned int write_timeouts;
|
||
163 | /* Number of alerts received so far */
|
||
164 | unsigned int num_alerts;
|
||
165 | };
|
||
166 | |||
167 | typedef struct record_pqueue_st {
|
||
168 | unsigned short epoch;
|
||
169 | pqueue q;
|
||
170 | } record_pqueue;
|
||
171 | |||
172 | typedef struct hm_fragment_st {
|
||
173 | struct hm_header_st msg_header;
|
||
174 | unsigned char *fragment;
|
||
175 | unsigned char *reassembly;
|
||
176 | } hm_fragment;
|
||
177 | |||
178 | typedef struct dtls1_state_st {
|
||
179 | unsigned int send_cookie;
|
||
180 | unsigned char cookie[DTLS1_COOKIE_LENGTH];
|
||
181 | unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
|
||
182 | unsigned int cookie_len;
|
||
183 | /*
|
||
184 | * The current data and handshake epoch. This is initially
|
||
185 | * undefined, and starts at zero once the initial handshake is
|
||
186 | * completed
|
||
187 | */
|
||
188 | unsigned short r_epoch;
|
||
189 | unsigned short w_epoch;
|
||
190 | /* records being received in the current epoch */
|
||
191 | DTLS1_BITMAP bitmap;
|
||
192 | /* renegotiation starts a new set of sequence numbers */
|
||
193 | DTLS1_BITMAP next_bitmap;
|
||
194 | /* handshake message numbers */
|
||
195 | unsigned short handshake_write_seq;
|
||
196 | unsigned short next_handshake_write_seq;
|
||
197 | unsigned short handshake_read_seq;
|
||
198 | /* save last sequence number for retransmissions */
|
||
199 | unsigned char last_write_sequence[8];
|
||
200 | /* Received handshake records (processed and unprocessed) */
|
||
201 | record_pqueue unprocessed_rcds;
|
||
202 | record_pqueue processed_rcds;
|
||
203 | /* Buffered handshake messages */
|
||
204 | pqueue buffered_messages;
|
||
205 | /* Buffered (sent) handshake records */
|
||
206 | pqueue sent_messages;
|
||
207 | /*
|
||
208 | * Buffered application records. Only for records between CCS and
|
||
209 | * Finished to prevent either protocol violation or unnecessary message
|
||
210 | * loss.
|
||
211 | */
|
||
212 | record_pqueue buffered_app_data;
|
||
213 | /* Is set when listening for new connections with dtls1_listen() */
|
||
214 | unsigned int listen;
|
||
215 | unsigned int link_mtu; /* max on-the-wire DTLS packet size */
|
||
216 | unsigned int mtu; /* max DTLS packet size */
|
||
217 | struct hm_header_st w_msg_hdr;
|
||
218 | struct hm_header_st r_msg_hdr;
|
||
219 | struct dtls1_timeout_st timeout;
|
||
220 | /*
|
||
221 | * Indicates when the last handshake msg or heartbeat sent will timeout
|
||
222 | */
|
||
223 | struct timeval next_timeout;
|
||
224 | /* Timeout duration */
|
||
225 | unsigned short timeout_duration;
|
||
226 | /*
|
||
227 | * storage for Alert/Handshake protocol data received but not yet
|
||
228 | * processed by ssl3_read_bytes:
|
||
229 | */
|
||
230 | unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
|
||
231 | unsigned int alert_fragment_len;
|
||
232 | unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
|
||
233 | unsigned int handshake_fragment_len;
|
||
234 | unsigned int retransmitting;
|
||
235 | /*
|
||
236 | * Set when the handshake is ready to process peer's ChangeCipherSpec message.
|
||
237 | * Cleared after the message has been processed.
|
||
238 | */
|
||
239 | unsigned int change_cipher_spec_ok;
|
||
240 | # ifndef OPENSSL_NO_SCTP
|
||
241 | /* used when SSL_ST_XX_FLUSH is entered */
|
||
242 | int next_state;
|
||
243 | int shutdown_received;
|
||
244 | # endif
|
||
245 | } DTLS1_STATE;
|
||
246 | |||
247 | typedef struct dtls1_record_data_st {
|
||
248 | unsigned char *packet;
|
||
249 | unsigned int packet_length;
|
||
250 | SSL3_BUFFER rbuf;
|
||
251 | SSL3_RECORD rrec;
|
||
252 | # ifndef OPENSSL_NO_SCTP
|
||
253 | struct bio_dgram_sctp_rcvinfo recordinfo;
|
||
254 | # endif
|
||
255 | } DTLS1_RECORD_DATA;
|
||
256 | |||
257 | # endif
|
||
258 | |||
259 | /* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
|
||
260 | # define DTLS1_TMO_READ_COUNT 2
|
||
261 | # define DTLS1_TMO_WRITE_COUNT 2
|
||
262 | |||
263 | # define DTLS1_TMO_ALERT_COUNT 12
|
||
264 | |||
265 | #ifdef __cplusplus
|
||
266 | }
|
||
267 | #endif
|
||
268 | #endif |