1/* $OpenBSD: tls13_quic.c,v 1.7 2022/11/26 16:08:56 tb Exp $ */ 2/* 3 * Copyright (c) 2022 Joel Sing <jsing@openbsd.org> 4 * 5 * Permission to use, copy, modify, and distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18#include "ssl_local.h" 19#include "tls13_internal.h" 20 21static ssize_t 22tls13_quic_wire_read_cb(void *buf, size_t n, void *arg) 23{ 24 struct tls13_ctx *ctx = arg; 25 SSL *ssl = ctx->ssl; 26 27 SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR); 28 return TLS13_IO_FAILURE; 29} 30 31static ssize_t 32tls13_quic_wire_write_cb(const void *buf, size_t n, void *arg) 33{ 34 struct tls13_ctx *ctx = arg; 35 SSL *ssl = ctx->ssl; 36 37 SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR); 38 return TLS13_IO_FAILURE; 39} 40 41static ssize_t 42tls13_quic_wire_flush_cb(void *arg) 43{ 44 struct tls13_ctx *ctx = arg; 45 SSL *ssl = ctx->ssl; 46 47 if (!ssl->quic_method->flush_flight(ssl)) { 48 SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR); 49 return TLS13_IO_FAILURE; 50 } 51 52 return TLS13_IO_SUCCESS; 53} 54 55static ssize_t 56tls13_quic_handshake_read_cb(void *buf, size_t n, void *arg) 57{ 58 struct tls13_ctx *ctx = arg; 59 60 if (ctx->hs->tls13.quic_read_buffer == NULL) 61 return TLS13_IO_WANT_POLLIN; 62 63 return tls_buffer_read(ctx->hs->tls13.quic_read_buffer, buf, n); 64} 65 66static ssize_t 67tls13_quic_handshake_write_cb(const void *buf, size_t n, void *arg) 68{ 69 struct tls13_ctx *ctx = arg; 70 SSL *ssl = ctx->ssl; 71 72 if (!ssl->quic_method->add_handshake_data(ssl, 73 ctx->hs->tls13.quic_write_level, buf, n)) { 74 SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR); 75 return TLS13_IO_FAILURE; 76 } 77 78 return n; 79} 80 81static int 82tls13_quic_set_read_traffic_key(struct tls13_secret *read_key, 83 enum ssl_encryption_level_t read_level, void *arg) 84{ 85 struct tls13_ctx *ctx = arg; 86 SSL *ssl = ctx->ssl; 87 88 ctx->hs->tls13.quic_read_level = read_level; 89 90 /* Handle both the new (BoringSSL) and old (quictls) APIs. */ 91 92 if (ssl->quic_method->set_read_secret != NULL) 93 return ssl->quic_method->set_read_secret(ssl, 94 ctx->hs->tls13.quic_read_level, ctx->hs->cipher, 95 read_key->data, read_key->len); 96 97 if (ssl->quic_method->set_encryption_secrets != NULL) 98 return ssl->quic_method->set_encryption_secrets(ssl, 99 ctx->hs->tls13.quic_read_level, read_key->data, NULL, 100 read_key->len); 101 102 return 0; 103} 104 105static int 106tls13_quic_set_write_traffic_key(struct tls13_secret *write_key, 107 enum ssl_encryption_level_t write_level, void *arg) 108{ 109 struct tls13_ctx *ctx = arg; 110 SSL *ssl = ctx->ssl; 111 112 ctx->hs->tls13.quic_write_level = write_level; 113 114 /* Handle both the new (BoringSSL) and old (quictls) APIs. */ 115 116 if (ssl->quic_method->set_write_secret != NULL) 117 return ssl->quic_method->set_write_secret(ssl, 118 ctx->hs->tls13.quic_write_level, ctx->hs->cipher, 119 write_key->data, write_key->len); 120 121 if (ssl->quic_method->set_encryption_secrets != NULL) 122 return ssl->quic_method->set_encryption_secrets(ssl, 123 ctx->hs->tls13.quic_write_level, NULL, write_key->data, 124 write_key->len); 125 126 return 0; 127} 128 129static int 130tls13_quic_alert_send_cb(int alert_desc, void *arg) 131{ 132 struct tls13_ctx *ctx = arg; 133 SSL *ssl = ctx->ssl; 134 135 if (!ssl->quic_method->send_alert(ssl, ctx->hs->tls13.quic_write_level, 136 alert_desc)) { 137 SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR); 138 return TLS13_IO_FAILURE; 139 } 140 141 return TLS13_IO_SUCCESS; 142} 143 144static const struct tls13_record_layer_callbacks quic_rl_callbacks = { 145 .wire_read = tls13_quic_wire_read_cb, 146 .wire_write = tls13_quic_wire_write_cb, 147 .wire_flush = tls13_quic_wire_flush_cb, 148 149 .handshake_read = tls13_quic_handshake_read_cb, 150 .handshake_write = tls13_quic_handshake_write_cb, 151 .set_read_traffic_key = tls13_quic_set_read_traffic_key, 152 .set_write_traffic_key = tls13_quic_set_write_traffic_key, 153 .alert_send = tls13_quic_alert_send_cb, 154 155 .alert_recv = tls13_alert_received_cb, 156 .alert_sent = tls13_alert_sent_cb, 157 .phh_recv = tls13_phh_received_cb, 158 .phh_sent = tls13_phh_done_cb, 159}; 160 161int 162tls13_quic_init(struct tls13_ctx *ctx) 163{ 164 BIO *bio; 165 166 tls13_record_layer_set_callbacks(ctx->rl, &quic_rl_callbacks, ctx); 167 168 ctx->middlebox_compat = 0; 169 170 /* 171 * QUIC does not use BIOs, however we currently expect a BIO to exist 172 * for status handling. 173 */ 174 if ((bio = BIO_new(BIO_s_null())) == NULL) 175 return 0; 176 177 SSL_set_bio(ctx->ssl, bio, bio); 178 bio = NULL; 179 180 return 1; 181} 182