dtls1.h revision 279264 
1/* ssl/dtls1.h */
2/*
3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
5 */
6/* ====================================================================
7 * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 *    notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 *    notice, this list of conditions and the following disclaimer in
18 *    the documentation and/or other materials provided with the
19 *    distribution.
20 *
21 * 3. All advertising materials mentioning features or use of this
22 *    software must display the following acknowledgment:
23 *    "This product includes software developed by the OpenSSL Project
24 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 *
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 *    endorse or promote products derived from this software without
28 *    prior written permission. For written permission, please contact
29 *    openssl-core@OpenSSL.org.
30 *
31 * 5. Products derived from this software may not be called "OpenSSL"
32 *    nor may "OpenSSL" appear in their names without prior written
33 *    permission of the OpenSSL Project.
34 *
35 * 6. Redistributions of any form whatsoever must retain the following
36 *    acknowledgment:
37 *    "This product includes software developed by the OpenSSL Project
38 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
53 *
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com).  This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
57 *
58 */
59
60#ifndef HEADER_DTLS1_H
61#define HEADER_DTLS1_H
62
63#include <openssl/buffer.h>
64#include <openssl/pqueue.h>
65#ifdef OPENSSL_SYS_VMS
66#include <resource.h>
67#include <sys/timeb.h>
68#endif
69#ifdef OPENSSL_SYS_WIN32
70/* Needed for struct timeval */
71#include <winsock.h>
72#elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
73#include <sys/timeval.h>
74#else
75#if defined(OPENSSL_SYS_VXWORKS)
76#include <sys/times.h>
77#else
78#include <sys/time.h>
79#endif
80#endif
81
82#ifdef  __cplusplus
83extern "C" {
84#endif
85
86#define DTLS1_VERSION			0xFEFF
87#define DTLS_MAX_VERSION		DTLS1_VERSION
88
89#define DTLS1_BAD_VER			0x0100
90
91#if 0
92/* this alert description is not specified anywhere... */
93#define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE    110
94#endif
95
96/* lengths of messages */
97#define DTLS1_COOKIE_LENGTH                     256
98
99#define DTLS1_RT_HEADER_LENGTH                  13
100
101#define DTLS1_HM_HEADER_LENGTH                  12
102
103#define DTLS1_HM_BAD_FRAGMENT                   -2
104#define DTLS1_HM_FRAGMENT_RETRY                 -3
105
106#define DTLS1_CCS_HEADER_LENGTH                  1
107
108#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
109#define DTLS1_AL_HEADER_LENGTH                   7
110#else
111#define DTLS1_AL_HEADER_LENGTH                   2
112#endif
113
114#ifndef OPENSSL_NO_SSL_INTERN
115
116#ifndef OPENSSL_NO_SCTP
117#define DTLS1_SCTP_AUTH_LABEL	"EXPORTER_DTLS_OVER_SCTP"
118#endif
119
120/* Max MTU overhead we know about so far is 40 for IPv6 + 8 for UDP */
121#define DTLS1_MAX_MTU_OVERHEAD                   48
122
123typedef struct dtls1_bitmap_st
124	{
125	unsigned long map;		/* track 32 packets on 32-bit systems
126					   and 64 - on 64-bit systems */
127	unsigned char max_seq_num[8];	/* max record number seen so far,
128					   64-bit value in big-endian
129					   encoding */
130	} DTLS1_BITMAP;
131
132struct dtls1_retransmit_state
133	{
134	EVP_CIPHER_CTX *enc_write_ctx;	/* cryptographic state */
135	EVP_MD_CTX *write_hash;			/* used for mac generation */
136#ifndef OPENSSL_NO_COMP
137	COMP_CTX *compress;				/* compression */
138#else
139	char *compress;
140#endif
141	SSL_SESSION *session;
142	unsigned short epoch;
143	};
144
145struct hm_header_st
146	{
147	unsigned char type;
148	unsigned long msg_len;
149	unsigned short seq;
150	unsigned long frag_off;
151	unsigned long frag_len;
152	unsigned int is_ccs;
153	struct dtls1_retransmit_state saved_retransmit_state;
154	};
155
156struct ccs_header_st
157	{
158	unsigned char type;
159	unsigned short seq;
160	};
161
162struct dtls1_timeout_st
163	{
164	/* Number of read timeouts so far */
165	unsigned int read_timeouts;
166
167	/* Number of write timeouts so far */
168	unsigned int write_timeouts;
169
170	/* Number of alerts received so far */
171	unsigned int num_alerts;
172	};
173
174typedef struct record_pqueue_st
175	{
176	unsigned short epoch;
177	pqueue q;
178	} record_pqueue;
179
180typedef struct hm_fragment_st
181	{
182	struct hm_header_st msg_header;
183	unsigned char *fragment;
184	unsigned char *reassembly;
185	} hm_fragment;
186
187typedef struct dtls1_state_st
188	{
189	unsigned int send_cookie;
190	unsigned char cookie[DTLS1_COOKIE_LENGTH];
191	unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
192	unsigned int cookie_len;
193
194	/*
195	 * The current data and handshake epoch.  This is initially
196	 * undefined, and starts at zero once the initial handshake is
197	 * completed
198	 */
199	unsigned short r_epoch;
200	unsigned short w_epoch;
201
202	/* records being received in the current epoch */
203	DTLS1_BITMAP bitmap;
204
205	/* renegotiation starts a new set of sequence numbers */
206	DTLS1_BITMAP next_bitmap;
207
208	/* handshake message numbers */
209	unsigned short handshake_write_seq;
210	unsigned short next_handshake_write_seq;
211
212	unsigned short handshake_read_seq;
213
214	/* save last sequence number for retransmissions */
215	unsigned char last_write_sequence[8];
216
217	/* Received handshake records (processed and unprocessed) */
218	record_pqueue unprocessed_rcds;
219	record_pqueue processed_rcds;
220
221	/* Buffered handshake messages */
222	pqueue buffered_messages;
223
224	/* Buffered (sent) handshake records */
225	pqueue sent_messages;
226
227	/* Buffered application records.
228	 * Only for records between CCS and Finished
229	 * to prevent either protocol violation or
230	 * unnecessary message loss.
231	 */
232	record_pqueue buffered_app_data;
233
234	/* Is set when listening for new connections with dtls1_listen() */
235	unsigned int listen;
236
237	unsigned int link_mtu; /* max on-the-wire DTLS packet size */
238	unsigned int mtu; /* max DTLS packet size */
239
240	struct hm_header_st w_msg_hdr;
241	struct hm_header_st r_msg_hdr;
242
243	struct dtls1_timeout_st timeout;
244
245	/* Indicates when the last handshake msg or heartbeat sent will timeout */
246	struct timeval next_timeout;
247
248	/* Timeout duration */
249	unsigned short timeout_duration;
250
251	/* storage for Alert/Handshake protocol data received but not
252	 * yet processed by ssl3_read_bytes: */
253	unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
254	unsigned int alert_fragment_len;
255	unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
256	unsigned int handshake_fragment_len;
257
258	unsigned int retransmitting;
259	/*
260	 * Set when the handshake is ready to process peer's ChangeCipherSpec message.
261	 * Cleared after the message has been processed.
262	 */
263	unsigned int change_cipher_spec_ok;
264
265#ifndef OPENSSL_NO_SCTP
266	/* used when SSL_ST_XX_FLUSH is entered */
267	int next_state;
268
269	int shutdown_received;
270#endif
271
272	} DTLS1_STATE;
273
274typedef struct dtls1_record_data_st
275	{
276	unsigned char *packet;
277	unsigned int   packet_length;
278	SSL3_BUFFER    rbuf;
279	SSL3_RECORD    rrec;
280#ifndef OPENSSL_NO_SCTP
281	struct bio_dgram_sctp_rcvinfo recordinfo;
282#endif
283	} DTLS1_RECORD_DATA;
284
285#endif
286
287/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
288#define DTLS1_TMO_READ_COUNT                      2
289#define DTLS1_TMO_WRITE_COUNT                     2
290
291#define DTLS1_TMO_ALERT_COUNT                     12
292
293#ifdef  __cplusplus
294}
295#endif
296#endif
297