Lines Matching refs:rl

40 static int dtls_record_replay_check(OSSL_RECORD_LAYER *rl, DTLS_BITMAP *bitmap)  in dtls_record_replay_check()  argument
44 const unsigned char *seq = rl->sequence; in dtls_record_replay_check()
48 ossl_tls_rl_record_set_seq_num(&rl->rrec[0], seq); in dtls_record_replay_check()
57 ossl_tls_rl_record_set_seq_num(&rl->rrec[0], seq); in dtls_record_replay_check()
61 static void dtls_record_bitmap_update(OSSL_RECORD_LAYER *rl, in dtls_record_bitmap_update() argument
66 const unsigned char *seq = rl->sequence; in dtls_record_bitmap_update()
83 static DTLS_BITMAP *dtls_get_bitmap(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rr, in dtls_get_bitmap() argument
89 if (rr->epoch == rl->epoch) in dtls_get_bitmap()
90 return &rl->bitmap; in dtls_get_bitmap()
95 else if (rr->epoch == rl->epoch + 1) { in dtls_get_bitmap()
97 return &rl->next_bitmap; in dtls_get_bitmap()
103 static void dtls_set_in_init(OSSL_RECORD_LAYER *rl, int in_init) in dtls_set_in_init() argument
105 rl->in_init = in_init; in dtls_set_in_init()
108 static int dtls_process_record(OSSL_RECORD_LAYER *rl, DTLS_BITMAP *bitmap) in dtls_process_record() argument
119 rr = &rl->rrec[0]; in dtls_process_record()
125 rr->input = &(rl->packet[DTLS1_RT_HEADER_LENGTH]); in dtls_process_record()
141 RLAYERfatal(rl, SSL_AD_RECORD_OVERFLOW, SSL_R_ENCRYPTED_LENGTH_TOO_LONG); in dtls_process_record()
149 if (rl->md_ctx != NULL) { in dtls_process_record()
150 const EVP_MD *tmpmd = EVP_MD_CTX_get0_md(rl->md_ctx); in dtls_process_record()
155 RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); in dtls_process_record()
162 if (rl->use_etm && rl->md_ctx != NULL) { in dtls_process_record()
166 RLAYERfatal(rl, SSL_AD_DECODE_ERROR, SSL_R_LENGTH_TOO_SHORT); in dtls_process_record()
171 i = rl->funcs->mac(rl, rr, md, 0 /* not send */); in dtls_process_record()
173 RLAYERfatal(rl, SSL_AD_BAD_RECORD_MAC, in dtls_process_record()
190 enc_err = rl->funcs->cipher(rl, rr, 1, 0, &macbuf, mac_size); in dtls_process_record()
200 if (rl->alert != SSL_AD_NO_ALERT) { in dtls_process_record()
206 rl->packet_length = 0; in dtls_process_record()
216 if (!rl->use_etm in dtls_process_record()
217 && (rl->enc_ctx != NULL) in dtls_process_record()
218 && (EVP_MD_CTX_get0_md(rl->md_ctx) != NULL)) { in dtls_process_record()
221 i = rl->funcs->mac(rl, rr, md, 0 /* not send */); in dtls_process_record()
232 rl->packet_length = 0; in dtls_process_record()
237 if (rl->compctx != NULL) { in dtls_process_record()
239 RLAYERfatal(rl, SSL_AD_RECORD_OVERFLOW, in dtls_process_record()
243 if (!tls_do_uncompress(rl, rr)) { in dtls_process_record()
244 RLAYERfatal(rl, SSL_AD_DECOMPRESSION_FAILURE, SSL_R_BAD_DECOMPRESSION); in dtls_process_record()
253 if (rr->length > rl->max_frag_len) { in dtls_process_record()
254 RLAYERfatal(rl, SSL_AD_RECORD_OVERFLOW, SSL_R_DATA_LENGTH_TOO_LONG); in dtls_process_record()
269 rl->packet_length = 0; in dtls_process_record()
272 dtls_record_bitmap_update(rl, bitmap); in dtls_process_record()
281 static int dtls_rlayer_buffer_record(OSSL_RECORD_LAYER *rl, struct pqueue_st *queue, in dtls_rlayer_buffer_record() argument
296 RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); in dtls_rlayer_buffer_record()
300 rdata->packet = rl->packet; in dtls_rlayer_buffer_record()
301 rdata->packet_length = rl->packet_length; in dtls_rlayer_buffer_record()
302 memcpy(&(rdata->rbuf), &rl->rbuf, sizeof(TLS_BUFFER)); in dtls_rlayer_buffer_record()
303 memcpy(&(rdata->rrec), &rl->rrec[0], sizeof(TLS_RL_RECORD)); in dtls_rlayer_buffer_record()
307 rl->packet = NULL; in dtls_rlayer_buffer_record()
308 rl->packet_length = 0; in dtls_rlayer_buffer_record()
309 memset(&rl->rbuf, 0, sizeof(TLS_BUFFER)); in dtls_rlayer_buffer_record()
310 memset(&rl->rrec[0], 0, sizeof(rl->rrec[0])); in dtls_rlayer_buffer_record()
312 if (!tls_setup_read_buffer(rl)) { in dtls_rlayer_buffer_record()
331 static int dtls_copy_rlayer_record(OSSL_RECORD_LAYER *rl, pitem *item) in dtls_copy_rlayer_record() argument
337 ossl_tls_buffer_release(&rl->rbuf); in dtls_copy_rlayer_record()
339 rl->packet = rdata->packet; in dtls_copy_rlayer_record()
340 rl->packet_length = rdata->packet_length; in dtls_copy_rlayer_record()
341 memcpy(&rl->rbuf, &(rdata->rbuf), sizeof(TLS_BUFFER)); in dtls_copy_rlayer_record()
342 memcpy(&rl->rrec[0], &(rdata->rrec), sizeof(TLS_RL_RECORD)); in dtls_copy_rlayer_record()
345 memcpy(&(rl->sequence[2]), &(rdata->packet[5]), 6); in dtls_copy_rlayer_record()
350 static int dtls_retrieve_rlayer_buffered_record(OSSL_RECORD_LAYER *rl, in dtls_retrieve_rlayer_buffered_record() argument
357 dtls_copy_rlayer_record(rl, item); in dtls_retrieve_rlayer_buffered_record()
377 int dtls_get_more_records(OSSL_RECORD_LAYER *rl) in dtls_get_more_records() argument
387 rl->num_recs = 0; in dtls_get_more_records()
388 rl->curr_rec = 0; in dtls_get_more_records()
389 rl->num_released = 0; in dtls_get_more_records()
391 rr = rl->rrec; in dtls_get_more_records()
393 if (rl->rbuf.buf == NULL) { in dtls_get_more_records()
394 if (!tls_setup_read_buffer(rl)) { in dtls_get_more_records()
402 if (dtls_retrieve_rlayer_buffered_record(rl, rl->processed_rcds)) { in dtls_get_more_records()
403 rl->num_recs = 1; in dtls_get_more_records()
410 if ((rl->rstate != SSL_ST_READ_BODY) || in dtls_get_more_records()
411 (rl->packet_length < DTLS1_RT_HEADER_LENGTH)) { in dtls_get_more_records()
412 rret = rl->funcs->read_n(rl, DTLS1_RT_HEADER_LENGTH, in dtls_get_more_records()
413 TLS_BUFFER_get_len(&rl->rbuf), 0, 1, &n); in dtls_get_more_records()
421 if (rl->packet_length != DTLS1_RT_HEADER_LENGTH) { in dtls_get_more_records()
422 rl->packet_length = 0; in dtls_get_more_records()
426 rl->rstate = SSL_ST_READ_BODY; in dtls_get_more_records()
428 p = rl->packet; in dtls_get_more_records()
439 memcpy(&(rl->sequence[2]), p, 6); in dtls_get_more_records()
444 if (rl->msg_callback != NULL) in dtls_get_more_records()
445 rl->msg_callback(0, rr->rec_version, SSL3_RT_HEADER, rl->packet, DTLS1_RT_HEADER_LENGTH, in dtls_get_more_records()
446 rl->cbarg); in dtls_get_more_records()
452 if (!rl->is_first_record && rr->type != SSL3_RT_ALERT) { in dtls_get_more_records()
453 if (rr->rec_version != rl->version) { in dtls_get_more_records()
456 rl->packet_length = 0; in dtls_get_more_records()
462 (rl->version == DTLS_ANY_VERSION ? DTLS1_VERSION_MAJOR in dtls_get_more_records()
463 : rl->version >> 8)) { in dtls_get_more_records()
466 rl->packet_length = 0; in dtls_get_more_records()
473 rl->packet_length = 0; in dtls_get_more_records()
481 if (rr->length > rl->max_frag_len + SSL3_RT_MAX_ENCRYPTED_OVERHEAD) { in dtls_get_more_records()
484 rl->packet_length = 0; in dtls_get_more_records()
493 if (rr->length > rl->packet_length - DTLS1_RT_HEADER_LENGTH) { in dtls_get_more_records()
496 rret = rl->funcs->read_n(rl, more, more, 1, 1, &n); in dtls_get_more_records()
499 if (rl->alert != SSL_AD_NO_ALERT) { in dtls_get_more_records()
504 rl->packet_length = 0; in dtls_get_more_records()
514 rl->rstate = SSL_ST_READ_HEADER; in dtls_get_more_records()
517 bitmap = dtls_get_bitmap(rl, rr, &is_next_epoch); in dtls_get_more_records()
520 rl->packet_length = 0; /* dump this record */ in dtls_get_more_records()
525 if (!BIO_dgram_is_sctp(rl->bio)) { in dtls_get_more_records()
528 if (!dtls_record_replay_check(rl, bitmap)) { in dtls_get_more_records()
530 rl->packet_length = 0; /* dump this record */ in dtls_get_more_records()
547 if (rl->in_init) { in dtls_get_more_records()
548 if (dtls_rlayer_buffer_record(rl, rl->unprocessed_rcds, in dtls_get_more_records()
555 rl->packet_length = 0; in dtls_get_more_records()
559 if (!dtls_process_record(rl, bitmap)) { in dtls_get_more_records()
560 if (rl->alert != SSL_AD_NO_ALERT) { in dtls_get_more_records()
565 rl->packet_length = 0; /* dump this record */ in dtls_get_more_records()
569 if (rl->funcs->post_process_record && !rl->funcs->post_process_record(rl, rr)) { in dtls_get_more_records()
574 rl->num_recs = 1; in dtls_get_more_records()
578 static int dtls_free(OSSL_RECORD_LAYER *rl) in dtls_free() argument
586 rbuf = &rl->rbuf; in dtls_free()
594 ret = BIO_write_ex(rl->next, rbuf->buf + rbuf->offset, left, &written); in dtls_free()
598 if (rl->unprocessed_rcds != NULL) { in dtls_free()
599 while ((item = pqueue_pop(rl->unprocessed_rcds)) != NULL) { in dtls_free()
602 ret &= BIO_write_ex(rl->next, rdata->packet, rdata->packet_length, in dtls_free()
608 pqueue_free(rl->unprocessed_rcds); in dtls_free()
611 if (rl->processed_rcds!= NULL) { in dtls_free()
612 while ((item = pqueue_pop(rl->processed_rcds)) != NULL) { in dtls_free()
618 pqueue_free(rl->processed_rcds); in dtls_free()
621 return tls_free(rl) && ret; in dtls_free()
692 int dtls_prepare_record_header(OSSL_RECORD_LAYER *rl, in dtls_prepare_record_header() argument
703 if (rl->compctx != NULL) in dtls_prepare_record_header()
708 || !WPACKET_put_bytes_u16(thispkt, rl->epoch) in dtls_prepare_record_header()
709 || !WPACKET_memcpy(thispkt, &(rl->sequence[2]), 6) in dtls_prepare_record_header()
711 || (rl->eivlen > 0 in dtls_prepare_record_header()
712 && !WPACKET_allocate_bytes(thispkt, rl->eivlen, NULL)) in dtls_prepare_record_header()
716 RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); in dtls_prepare_record_header()
723 int dtls_post_encryption_processing(OSSL_RECORD_LAYER *rl, in dtls_post_encryption_processing() argument
729 if (!tls_post_encryption_processing_default(rl, mac_size, thistempl, in dtls_post_encryption_processing()
735 return tls_increment_sequence_ctr(rl); in dtls_post_encryption_processing()
738 static size_t dtls_get_max_record_overhead(OSSL_RECORD_LAYER *rl) in dtls_get_max_record_overhead() argument
742 if (rl->enc_ctx != NULL && in dtls_get_max_record_overhead()
743 (EVP_CIPHER_CTX_get_mode(rl->enc_ctx) == EVP_CIPH_CBC_MODE)) in dtls_get_max_record_overhead()
744 blocksize = EVP_CIPHER_CTX_get_block_size(rl->enc_ctx); in dtls_get_max_record_overhead()
753 assert(rl->enc_ctx == NULL || ((blocksize == 0 || rl->eivlen > 0) in dtls_get_max_record_overhead()
754 && rl->taglen > 0)); in dtls_get_max_record_overhead()
755 assert(rl->md == NULL || (int)rl->taglen == EVP_MD_size(rl->md)); in dtls_get_max_record_overhead()
768 return DTLS1_RT_HEADER_LENGTH + rl->eivlen + blocksize + rl->taglen; in dtls_get_max_record_overhead()