1 /* $OpenBSD: tls13_quic.c,v 1.6 2022/08/30 18:23:40 tb Exp $ */ 2 /* 3 * Copyright (c) 2022 Joel Sing <jsing@openbsd.org> 4 * 5 * Permission to use, copy, modify, and distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18 #include <ssl_locl.h> 19 20 #include "tls13_internal.h" 21 22 static ssize_t 23 tls13_quic_wire_read_cb(void *buf, size_t n, void *arg) 24 { 25 struct tls13_ctx *ctx = arg; 26 SSL *ssl = ctx->ssl; 27 28 SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR); 29 return TLS13_IO_FAILURE; 30 } 31 32 static ssize_t 33 tls13_quic_wire_write_cb(const void *buf, size_t n, void *arg) 34 { 35 struct tls13_ctx *ctx = arg; 36 SSL *ssl = ctx->ssl; 37 38 SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR); 39 return TLS13_IO_FAILURE; 40 } 41 42 static ssize_t 43 tls13_quic_wire_flush_cb(void *arg) 44 { 45 struct tls13_ctx *ctx = arg; 46 SSL *ssl = ctx->ssl; 47 48 if (!ssl->quic_method->flush_flight(ssl)) { 49 SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR); 50 return TLS13_IO_FAILURE; 51 } 52 53 return TLS13_IO_SUCCESS; 54 } 55 56 static ssize_t 57 tls13_quic_handshake_read_cb(void *buf, size_t n, void *arg) 58 { 59 struct tls13_ctx *ctx = arg; 60 61 if (ctx->hs->tls13.quic_read_buffer == NULL) 62 return TLS13_IO_WANT_POLLIN; 63 64 return tls_buffer_read(ctx->hs->tls13.quic_read_buffer, buf, n); 65 } 66 67 static ssize_t 68 tls13_quic_handshake_write_cb(const void *buf, size_t n, void *arg) 69 { 70 struct tls13_ctx *ctx = arg; 71 SSL *ssl = ctx->ssl; 72 73 if (!ssl->quic_method->add_handshake_data(ssl, 74 ctx->hs->tls13.quic_write_level, buf, n)) { 75 SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR); 76 return TLS13_IO_FAILURE; 77 } 78 79 return n; 80 } 81 82 static int 83 tls13_quic_set_read_traffic_key(struct tls13_secret *read_key, 84 enum ssl_encryption_level_t read_level, void *arg) 85 { 86 struct tls13_ctx *ctx = arg; 87 SSL *ssl = ctx->ssl; 88 89 ctx->hs->tls13.quic_read_level = read_level; 90 91 /* Handle both the new (BoringSSL) and old (quictls) APIs. */ 92 93 if (ssl->quic_method->set_read_secret != NULL) 94 return ssl->quic_method->set_read_secret(ssl, 95 ctx->hs->tls13.quic_read_level, ctx->hs->cipher, 96 read_key->data, read_key->len); 97 98 if (ssl->quic_method->set_encryption_secrets != NULL) 99 return ssl->quic_method->set_encryption_secrets(ssl, 100 ctx->hs->tls13.quic_read_level, read_key->data, NULL, 101 read_key->len); 102 103 return 0; 104 } 105 106 static int 107 tls13_quic_set_write_traffic_key(struct tls13_secret *write_key, 108 enum ssl_encryption_level_t write_level, void *arg) 109 { 110 struct tls13_ctx *ctx = arg; 111 SSL *ssl = ctx->ssl; 112 113 ctx->hs->tls13.quic_write_level = write_level; 114 115 /* Handle both the new (BoringSSL) and old (quictls) APIs. */ 116 117 if (ssl->quic_method->set_write_secret != NULL) 118 return ssl->quic_method->set_write_secret(ssl, 119 ctx->hs->tls13.quic_write_level, ctx->hs->cipher, 120 write_key->data, write_key->len); 121 122 if (ssl->quic_method->set_encryption_secrets != NULL) 123 return ssl->quic_method->set_encryption_secrets(ssl, 124 ctx->hs->tls13.quic_write_level, NULL, write_key->data, 125 write_key->len); 126 127 return 0; 128 } 129 130 static int 131 tls13_quic_alert_send_cb(int alert_desc, void *arg) 132 { 133 struct tls13_ctx *ctx = arg; 134 SSL *ssl = ctx->ssl; 135 136 if (!ssl->quic_method->send_alert(ssl, ctx->hs->tls13.quic_write_level, 137 alert_desc)) { 138 SSLerror(ssl, SSL_R_QUIC_INTERNAL_ERROR); 139 return TLS13_IO_FAILURE; 140 } 141 142 return TLS13_IO_SUCCESS; 143 } 144 145 static const struct tls13_record_layer_callbacks quic_rl_callbacks = { 146 .wire_read = tls13_quic_wire_read_cb, 147 .wire_write = tls13_quic_wire_write_cb, 148 .wire_flush = tls13_quic_wire_flush_cb, 149 150 .handshake_read = tls13_quic_handshake_read_cb, 151 .handshake_write = tls13_quic_handshake_write_cb, 152 .set_read_traffic_key = tls13_quic_set_read_traffic_key, 153 .set_write_traffic_key = tls13_quic_set_write_traffic_key, 154 .alert_send = tls13_quic_alert_send_cb, 155 156 .alert_recv = tls13_alert_received_cb, 157 .alert_sent = tls13_alert_sent_cb, 158 .phh_recv = tls13_phh_received_cb, 159 .phh_sent = tls13_phh_done_cb, 160 }; 161 162 int 163 tls13_quic_init(struct tls13_ctx *ctx) 164 { 165 BIO *bio; 166 167 tls13_record_layer_set_callbacks(ctx->rl, &quic_rl_callbacks, ctx); 168 169 ctx->middlebox_compat = 0; 170 171 /* 172 * QUIC does not use BIOs, however we currently expect a BIO to exist 173 * for status handling. 174 */ 175 if ((bio = BIO_new(BIO_s_null())) == NULL) 176 return 0; 177 178 SSL_set_bio(ctx->ssl, bio, bio); 179 bio = NULL; 180 181 return 1; 182 } 183