xref: /onnv-gate/usr/src/common/openssl/ssl/dtls1.h (revision 5434:d0b14f9f9750) 
12139Sjp161948 /* ssl/dtls1.h */
22139Sjp161948 /*
32139Sjp161948  * DTLS implementation written by Nagendra Modadugu
42139Sjp161948  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
52139Sjp161948  */
62139Sjp161948 /* ====================================================================
72139Sjp161948  * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
82139Sjp161948  *
92139Sjp161948  * Redistribution and use in source and binary forms, with or without
102139Sjp161948  * modification, are permitted provided that the following conditions
112139Sjp161948  * are met:
122139Sjp161948  *
132139Sjp161948  * 1. Redistributions of source code must retain the above copyright
142139Sjp161948  *    notice, this list of conditions and the following disclaimer.
152139Sjp161948  *
162139Sjp161948  * 2. Redistributions in binary form must reproduce the above copyright
172139Sjp161948  *    notice, this list of conditions and the following disclaimer in
182139Sjp161948  *    the documentation and/or other materials provided with the
192139Sjp161948  *    distribution.
202139Sjp161948  *
212139Sjp161948  * 3. All advertising materials mentioning features or use of this
222139Sjp161948  *    software must display the following acknowledgment:
232139Sjp161948  *    "This product includes software developed by the OpenSSL Project
242139Sjp161948  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
252139Sjp161948  *
262139Sjp161948  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
272139Sjp161948  *    endorse or promote products derived from this software without
282139Sjp161948  *    prior written permission. For written permission, please contact
292139Sjp161948  *    openssl-core@OpenSSL.org.
302139Sjp161948  *
312139Sjp161948  * 5. Products derived from this software may not be called "OpenSSL"
322139Sjp161948  *    nor may "OpenSSL" appear in their names without prior written
332139Sjp161948  *    permission of the OpenSSL Project.
342139Sjp161948  *
352139Sjp161948  * 6. Redistributions of any form whatsoever must retain the following
362139Sjp161948  *    acknowledgment:
372139Sjp161948  *    "This product includes software developed by the OpenSSL Project
382139Sjp161948  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
392139Sjp161948  *
402139Sjp161948  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
412139Sjp161948  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
422139Sjp161948  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
432139Sjp161948  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
442139Sjp161948  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
452139Sjp161948  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
462139Sjp161948  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
472139Sjp161948  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
482139Sjp161948  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
492139Sjp161948  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
502139Sjp161948  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
512139Sjp161948  * OF THE POSSIBILITY OF SUCH DAMAGE.
522139Sjp161948  * ====================================================================
532139Sjp161948  *
542139Sjp161948  * This product includes cryptographic software written by Eric Young
552139Sjp161948  * (eay@cryptsoft.com).  This product includes software written by Tim
562139Sjp161948  * Hudson (tjh@cryptsoft.com).
572139Sjp161948  *
582139Sjp161948  */
592139Sjp161948 
602139Sjp161948 #ifndef HEADER_DTLS1_H
612139Sjp161948 #define HEADER_DTLS1_H
622139Sjp161948 
632139Sjp161948 #include <openssl/buffer.h>
642139Sjp161948 #include <openssl/pqueue.h>
652139Sjp161948 
662139Sjp161948 #ifdef  __cplusplus
672139Sjp161948 extern "C" {
682139Sjp161948 #endif
692139Sjp161948 
70*5434Sjp161948 #define DTLS1_VERSION			0xFEFF
71*5434Sjp161948 #define DTLS1_BAD_VER			0x0100
722139Sjp161948 
732139Sjp161948 #define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE    110
742139Sjp161948 
752139Sjp161948 /* lengths of messages */
762139Sjp161948 #define DTLS1_COOKIE_LENGTH                     32
772139Sjp161948 
782139Sjp161948 #define DTLS1_RT_HEADER_LENGTH                  13
792139Sjp161948 
802139Sjp161948 #define DTLS1_HM_HEADER_LENGTH                  12
812139Sjp161948 
822139Sjp161948 #define DTLS1_HM_BAD_FRAGMENT                   -2
832139Sjp161948 #define DTLS1_HM_FRAGMENT_RETRY                 -3
842139Sjp161948 
85*5434Sjp161948 #define DTLS1_CCS_HEADER_LENGTH                  1
862139Sjp161948 
872139Sjp161948 #define DTLS1_AL_HEADER_LENGTH                   7
882139Sjp161948 
892139Sjp161948 
902139Sjp161948 typedef struct dtls1_bitmap_st
912139Sjp161948 	{
922139Sjp161948 	PQ_64BIT map;
932139Sjp161948 	unsigned long length;     /* sizeof the bitmap in bits */
942139Sjp161948 	PQ_64BIT max_seq_num;  /* max record number seen so far */
952139Sjp161948 	} DTLS1_BITMAP;
962139Sjp161948 
972139Sjp161948 struct hm_header_st
982139Sjp161948 	{
992139Sjp161948 	unsigned char type;
1002139Sjp161948 	unsigned long msg_len;
1012139Sjp161948 	unsigned short seq;
1022139Sjp161948 	unsigned long frag_off;
1032139Sjp161948 	unsigned long frag_len;
1042139Sjp161948 	unsigned int is_ccs;
1052139Sjp161948 	};
1062139Sjp161948 
1072139Sjp161948 struct ccs_header_st
1082139Sjp161948 	{
1092139Sjp161948 	unsigned char type;
1102139Sjp161948 	unsigned short seq;
1112139Sjp161948 	};
1122139Sjp161948 
1132139Sjp161948 struct dtls1_timeout_st
1142139Sjp161948 	{
1152139Sjp161948 	/* Number of read timeouts so far */
1162139Sjp161948 	unsigned int read_timeouts;
1172139Sjp161948 
1182139Sjp161948 	/* Number of write timeouts so far */
1192139Sjp161948 	unsigned int write_timeouts;
1202139Sjp161948 
1212139Sjp161948 	/* Number of alerts received so far */
1222139Sjp161948 	unsigned int num_alerts;
1232139Sjp161948 	};
1242139Sjp161948 
1252139Sjp161948 typedef struct record_pqueue_st
1262139Sjp161948 	{
1272139Sjp161948 	unsigned short epoch;
1282139Sjp161948 	pqueue q;
1292139Sjp161948 	} record_pqueue;
1302139Sjp161948 
1312139Sjp161948 typedef struct hm_fragment_st
1322139Sjp161948 	{
1332139Sjp161948 	struct hm_header_st msg_header;
1342139Sjp161948 	unsigned char *fragment;
1352139Sjp161948 	} hm_fragment;
1362139Sjp161948 
1372139Sjp161948 typedef struct dtls1_state_st
1382139Sjp161948 	{
1392139Sjp161948 	unsigned int send_cookie;
1402139Sjp161948 	unsigned char cookie[DTLS1_COOKIE_LENGTH];
1412139Sjp161948 	unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
1422139Sjp161948 	unsigned int cookie_len;
1432139Sjp161948 
1442139Sjp161948 	/*
1452139Sjp161948 	 * The current data and handshake epoch.  This is initially
1462139Sjp161948 	 * undefined, and starts at zero once the initial handshake is
1472139Sjp161948 	 * completed
1482139Sjp161948 	 */
1492139Sjp161948 	unsigned short r_epoch;
1502139Sjp161948 	unsigned short w_epoch;
1512139Sjp161948 
1522139Sjp161948 	/* records being received in the current epoch */
1532139Sjp161948 	DTLS1_BITMAP bitmap;
1542139Sjp161948 
1552139Sjp161948 	/* renegotiation starts a new set of sequence numbers */
1562139Sjp161948 	DTLS1_BITMAP next_bitmap;
1572139Sjp161948 
1582139Sjp161948 	/* handshake message numbers */
1592139Sjp161948 	unsigned short handshake_write_seq;
1602139Sjp161948 	unsigned short next_handshake_write_seq;
1612139Sjp161948 
1622139Sjp161948 	unsigned short handshake_read_seq;
1632139Sjp161948 
1642139Sjp161948 	/* Received handshake records (processed and unprocessed) */
1652139Sjp161948 	record_pqueue unprocessed_rcds;
1662139Sjp161948 	record_pqueue processed_rcds;
1672139Sjp161948 
1682139Sjp161948 	/* Buffered handshake messages */
1692139Sjp161948 	pqueue buffered_messages;
1702139Sjp161948 
1712139Sjp161948 	/* Buffered (sent) handshake records */
1722139Sjp161948 	pqueue sent_messages;
1732139Sjp161948 
1742139Sjp161948 	unsigned int mtu; /* max wire packet size */
1752139Sjp161948 
1762139Sjp161948 	struct hm_header_st w_msg_hdr;
1772139Sjp161948 	struct hm_header_st r_msg_hdr;
1782139Sjp161948 
1792139Sjp161948 	struct dtls1_timeout_st timeout;
1802139Sjp161948 
1812139Sjp161948 	/* storage for Alert/Handshake protocol data received but not
1822139Sjp161948 	 * yet processed by ssl3_read_bytes: */
1832139Sjp161948 	unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
1842139Sjp161948 	unsigned int alert_fragment_len;
1852139Sjp161948 	unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
1862139Sjp161948 	unsigned int handshake_fragment_len;
1872139Sjp161948 
1882139Sjp161948 	unsigned int retransmitting;
1892139Sjp161948 
1902139Sjp161948 	} DTLS1_STATE;
1912139Sjp161948 
1922139Sjp161948 typedef struct dtls1_record_data_st
1932139Sjp161948 	{
1942139Sjp161948 	unsigned char *packet;
1952139Sjp161948 	unsigned int   packet_length;
1962139Sjp161948 	SSL3_BUFFER    rbuf;
1972139Sjp161948 	SSL3_RECORD    rrec;
1982139Sjp161948 	} DTLS1_RECORD_DATA;
1992139Sjp161948 
2002139Sjp161948 
2012139Sjp161948 /* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
2022139Sjp161948 #define DTLS1_TMO_READ_COUNT                      2
2032139Sjp161948 #define DTLS1_TMO_WRITE_COUNT                     2
2042139Sjp161948 
2052139Sjp161948 #define DTLS1_TMO_ALERT_COUNT                     12
2062139Sjp161948 
2072139Sjp161948 #ifdef  __cplusplus
2082139Sjp161948 }
2092139Sjp161948 #endif
2102139Sjp161948 #endif
2112139Sjp161948 
212