Eneboo - Documentación para desarrolladores: Fichero Fuente src/libdigidoc/openssl/include/openssl/dtls1.h

Eneboo - Documentación para desarrolladores
00001 /* ssl/dtls1.h */
00002 /* 
00003  * DTLS implementation written by Nagendra Modadugu
00004  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
00005  */
00006 /* ====================================================================
00007  * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
00008  *
00009  * Redistribution and use in source and binary forms, with or without
00010  * modification, are permitted provided that the following conditions
00011  * are met:
00012  *
00013  * 1. Redistributions of source code must retain the above copyright
00014  *    notice, this list of conditions and the following disclaimer. 
00015  *
00016  * 2. Redistributions in binary form must reproduce the above copyright
00017  *    notice, this list of conditions and the following disclaimer in
00018  *    the documentation and/or other materials provided with the
00019  *    distribution.
00020  *
00021  * 3. All advertising materials mentioning features or use of this
00022  *    software must display the following acknowledgment:
00023  *    "This product includes software developed by the OpenSSL Project
00024  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
00025  *
00026  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
00027  *    endorse or promote products derived from this software without
00028  *    prior written permission. For written permission, please contact
00029  *    openssl-core@OpenSSL.org.
00030  *
00031  * 5. Products derived from this software may not be called "OpenSSL"
00032  *    nor may "OpenSSL" appear in their names without prior written
00033  *    permission of the OpenSSL Project.
00034  *
00035  * 6. Redistributions of any form whatsoever must retain the following
00036  *    acknowledgment:
00037  *    "This product includes software developed by the OpenSSL Project
00038  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
00039  *
00040  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
00041  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
00042  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
00043  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
00044  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
00045  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
00046  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
00047  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
00048  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
00049  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
00050  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
00051  * OF THE POSSIBILITY OF SUCH DAMAGE.
00052  * ====================================================================
00053  *
00054  * This product includes cryptographic software written by Eric Young
00055  * (eay@cryptsoft.com).  This product includes software written by Tim
00056  * Hudson (tjh@cryptsoft.com).
00057  *
00058  */
00059 
00060 #ifndef HEADER_DTLS1_H 
00061 #define HEADER_DTLS1_H 
00062 
00063 #include <openssl/buffer.h>
00064 #include <openssl/pqueue.h>
00065 #ifdef OPENSSL_SYS_VMS
00066 #include <resource.h>
00067 #include <sys/timeb.h>
00068 #endif
00069 #ifdef OPENSSL_SYS_WIN32
00070 /* Needed for struct timeval */
00071 #include <winsock.h>
00072 #elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
00073 #include <sys/timeval.h>
00074 #else
00075 #include <sys/time.h>
00076 #endif
00077 
00078 #ifdef  __cplusplus
00079 extern "C" {
00080 #endif
00081 
00082 #define DTLS1_VERSION                   0xFEFF
00083 #define DTLS1_BAD_VER                   0x0100
00084 
00085 #if 0
00086 /* this alert description is not specified anywhere... */
00087 #define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE    110
00088 #endif
00089 
00090 /* lengths of messages */
00091 #define DTLS1_COOKIE_LENGTH                     256
00092 
00093 #define DTLS1_RT_HEADER_LENGTH                  13
00094 
00095 #define DTLS1_HM_HEADER_LENGTH                  12
00096 
00097 #define DTLS1_HM_BAD_FRAGMENT                   -2
00098 #define DTLS1_HM_FRAGMENT_RETRY                 -3
00099 
00100 #define DTLS1_CCS_HEADER_LENGTH                  1
00101 
00102 #ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
00103 #define DTLS1_AL_HEADER_LENGTH                   7
00104 #else
00105 #define DTLS1_AL_HEADER_LENGTH                   2
00106 #endif
00107 
00108 
00109 typedef struct dtls1_bitmap_st
00110         {
00111         PQ_64BIT map;
00112         unsigned long length;     /* sizeof the bitmap in bits */
00113         PQ_64BIT max_seq_num;  /* max record number seen so far */
00114         } DTLS1_BITMAP;
00115 
00116 struct dtls1_retransmit_state
00117         {
00118         EVP_CIPHER_CTX *enc_write_ctx;  /* cryptographic state */
00119         const EVP_MD *write_hash;               /* used for mac generation */
00120 #ifndef OPENSSL_NO_COMP
00121         COMP_CTX *compress;                             /* compression */
00122 #else
00123         char *compress; 
00124 #endif
00125         SSL_SESSION *session;
00126         unsigned short epoch;
00127         };
00128 
00129 struct hm_header_st
00130         {
00131         unsigned char type;
00132         unsigned long msg_len;
00133         unsigned short seq;
00134         unsigned long frag_off;
00135         unsigned long frag_len;
00136         unsigned int is_ccs;
00137         struct dtls1_retransmit_state saved_retransmit_state;
00138         };
00139 
00140 struct ccs_header_st
00141         {
00142         unsigned char type;
00143         unsigned short seq;
00144         };
00145 
00146 struct dtls1_timeout_st
00147         {
00148         /* Number of read timeouts so far */
00149         unsigned int read_timeouts;
00150         
00151         /* Number of write timeouts so far */
00152         unsigned int write_timeouts;
00153         
00154         /* Number of alerts received so far */
00155         unsigned int num_alerts;
00156         };
00157 
00158 typedef struct record_pqueue_st
00159         {
00160         unsigned short epoch;
00161         pqueue q;
00162         } record_pqueue;
00163 
00164 typedef struct hm_fragment_st
00165         {
00166         struct hm_header_st msg_header;
00167         unsigned char *fragment;
00168         unsigned char *reassembly;
00169         } hm_fragment;
00170 
00171 typedef struct dtls1_state_st
00172         {
00173         unsigned int send_cookie;
00174         unsigned char cookie[DTLS1_COOKIE_LENGTH];
00175         unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
00176         unsigned int cookie_len;
00177 
00178         /* 
00179          * The current data and handshake epoch.  This is initially
00180          * undefined, and starts at zero once the initial handshake is
00181          * completed 
00182          */
00183         unsigned short r_epoch;
00184         unsigned short w_epoch;
00185 
00186         /* records being received in the current epoch */
00187         DTLS1_BITMAP bitmap;
00188 
00189         /* renegotiation starts a new set of sequence numbers */
00190         DTLS1_BITMAP next_bitmap;
00191 
00192         /* handshake message numbers */
00193         unsigned short handshake_write_seq;
00194         unsigned short next_handshake_write_seq;
00195 
00196         unsigned short handshake_read_seq;
00197 
00198         /* save last sequence number for retransmissions */
00199         unsigned char last_write_sequence[8];
00200 
00201         /* Received handshake records (processed and unprocessed) */
00202         record_pqueue unprocessed_rcds;
00203         record_pqueue processed_rcds;
00204 
00205         /* Buffered handshake messages */
00206         pqueue buffered_messages;
00207 
00208         /* Buffered (sent) handshake records */
00209         pqueue sent_messages;
00210 
00211         /* Buffered application records.
00212          * Only for records between CCS and Finished
00213          * to prevent either protocol violation or
00214          * unnecessary message loss.
00215          */
00216         record_pqueue buffered_app_data;
00217 
00218         /* Is set when listening for new connections with dtls1_listen() */
00219         unsigned int listen;
00220 
00221         unsigned int mtu; /* max DTLS packet size */
00222 
00223         struct hm_header_st w_msg_hdr;
00224         struct hm_header_st r_msg_hdr;
00225 
00226         struct dtls1_timeout_st timeout;
00227 
00228         /* Indicates when the last handshake msg sent will timeout */
00229         struct timeval next_timeout;
00230 
00231         /* Timeout duration */
00232         unsigned short timeout_duration;
00233 
00234         /* storage for Alert/Handshake protocol data received but not
00235          * yet processed by ssl3_read_bytes: */
00236         unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
00237         unsigned int alert_fragment_len;
00238         unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
00239         unsigned int handshake_fragment_len;
00240 
00241         unsigned int retransmitting;
00242         unsigned int change_cipher_spec_ok;
00243 
00244         } DTLS1_STATE;
00245 
00246 typedef struct dtls1_record_data_st
00247         {
00248         unsigned char *packet;
00249         unsigned int   packet_length;
00250         SSL3_BUFFER    rbuf;
00251         SSL3_RECORD    rrec;
00252         } DTLS1_RECORD_DATA;
00253 
00254 
00255 /* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
00256 #define DTLS1_TMO_READ_COUNT                      2
00257 #define DTLS1_TMO_WRITE_COUNT                     2
00258 
00259 #define DTLS1_TMO_ALERT_COUNT                     12
00260 
00261 #ifdef  __cplusplus
00262 }
00263 #endif
00264 #endif
00265