tls_quic_misc.c
Go to the documentation of this file.
1 /**
2  * @file tls_quic_misc.c
3  * @brief QUIC helper functions
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2025 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneSSL Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @section Description
28  *
29  * The TLS protocol provides communications security over the Internet. The
30  * protocol allows client/server applications to communicate in a way that
31  * is designed to prevent eavesdropping, tampering, or message forgery
32  *
33  * @author Oryx Embedded SARL (www.oryx-embedded.com)
34  * @version 2.5.4
35  **/
36 
37 //Switch to the appropriate trace level
38 #define TRACE_LEVEL TLS_TRACE_LEVEL
39 
40 //Dependencies
41 #include "tls.h"
42 #include "tls_quic_misc.h"
43 #include "debug.h"
44 
45 //Check TLS library configuration
46 #if (TLS_SUPPORT == ENABLED && TLS_QUIC_SUPPORT == ENABLED)
47 
48 
49 /**
50  * @brief Format QuicTransportParameters extension
51  * @param[in] context Pointer to the TLS context
52  * @param[in] p Output stream where to write the QuicTransportParameters extension
53  * @param[out] written Total number of bytes that have been written
54  * @return Error code
55  **/
56 
57 error_t tlsFormatQuicTransportParamsExtension(TlsContext *context,
58  uint8_t *p, size_t *written)
59 {
60  size_t n;
61  TlsExtension *extension;
62 
63  //Initialize length field
64  n = 0;
65 
66  //The QuicTransportParameters extension is carried in the ClientHello and the
67  //EncryptedExtensions messages during the handshake. Endpoints must send the
68  //QuicTransportParameters extension (refer to RFC 9001, section 8.2)
69  if(context->transportProtocol == TLS_TRANSPORT_PROTOCOL_QUIC)
70  {
71  //Add the QuicTransportParameters extension
72  extension = (TlsExtension *) p;
73  //Type of the extension
74  extension->type = HTONS(TLS_EXT_QUIC_TRANSPORT_PARAMETERS);
75 
76  //Get the length of the local QUIC transport parameters
77  n = context->localQuicTransportParamsLen;
78 
79  //The extension_data field of the QuicTransportParameters extension
80  //contains a value that is defined by the version of QUIC that is in use
81  osMemcpy(extension->value, context->localQuicTransportParams, n);
82 
83  //Fix the length of the extension
84  extension->length = htons(n);
85 
86  //Compute the length, in bytes, of the Cookie extension
87  n += sizeof(TlsExtension);
88  }
89 
90  //Total number of bytes that have been written
91  *written = n;
92 
93  //Successful processing
94  return NO_ERROR;
95 }
96 
97 
98 /**
99  * @brief Parse QuicTransportParameters extension
100  * @param[in] context Pointer to the TLS context
101  * @param[in] selectedIdentity Pointer to the QuicTransportParameters extension
102  * @return Error code
103  **/
104 
105 error_t tlsParseQuicTransportParamsExtension(TlsContext *context,
106  const TlsExtension *quicTransportParams)
107 {
108  size_t length;
109 
110  //QUIC transport?
111  if(context->transportProtocol == TLS_TRANSPORT_PROTOCOL_QUIC)
112  {
113  //Endpoints must send the QuicTransportParameters extension (refer to
114  //RFC 9001, section 8.2)
115  if(quicTransportParams == NULL)
116  return ERROR_MISSING_EXTENSION;
117 
118  //Check whether the QUIC transport parameters have already been received
119  if(context->remoteQuicTransportParams != NULL)
120  {
121  //Release memory
122  tlsFreeMem(context->remoteQuicTransportParams);
123  context->remoteQuicTransportParams = NULL;
124  context->remoteQuicTransportParamsLen = 0;
125  }
126 
127  //Retrieve the length of the extension_data field
128  length = ntohs(quicTransportParams->length);
129 
130  //Allocate a memory block to hold the QUIC transport parameters
131  context->remoteQuicTransportParams = tlsAllocMem(length);
132  //Failed to allocate memory?
133  if(context->remoteQuicTransportParams == NULL)
134  return ERROR_OUT_OF_MEMORY;
135 
136  //The extension_data field of the QuicTransportParameters extension
137  //contains a value that is defined by the version of QUIC that is in use
138  osMemcpy(context->remoteQuicTransportParams, quicTransportParams->value, length);
139  context->remoteQuicTransportParamsLen = length;
140  }
141  else
142  {
143  //A fatal unsupported_extension alert must be sent by an implementation
144  //that supports this extension if the extension is received when the
145  //transport is not QUIC (refer to RFC 9001, section 8.2)
146  if(quicTransportParams != NULL)
147  return ERROR_UNSUPPORTED_EXTENSION;
148  }
149 
150  //Successful processing
151  return NO_ERROR;
152 }
153 
154 
155 /**
156  * @brief Set encryption keys
157  * @param[in] context Pointer to the TLS context
158  * @param[in] level Encryption level
159  * @param[in] clientKey Client's secret key
160  * @param[in] serverKey Server's secret key
161  * @param[in] keyLen Length of the secret keys, in bytes
162  * @return Error code
163  **/
164 
165 error_t tlsSetQuicEncryptionKeys(TlsContext *context, TlsEncryptionLevel level,
166  const uint8_t *clientKey, const uint8_t *serverKey, size_t keyLen)
167 {
168  error_t error;
169  const uint8_t *txKey;
170  const uint8_t *rxKey;
171 
172  //Check whether TLS operates as a client or a server
173  if(context->entity == TLS_CONNECTION_END_CLIENT)
174  {
175  txKey = clientKey;
176  rxKey = serverKey;
177  }
178  else
179  {
180  txKey = serverKey;
181  rxKey = clientKey;
182  }
183 
184  //Any registered callback?
185  if(context->quicCallbacks.setEncryptionKeys != NULL)
186  {
187  //As keys at a given encryption level become available to TLS, TLS
188  //indicates to QUIC that reading or writing keys at that encryption level
189  //are available (refer to RFC 9001, section 4.1.4)
190  error = context->quicCallbacks.setEncryptionKeys(context, level, txKey,
191  rxKey, keyLen, context->quicHandle);
192  }
193  else
194  {
195  //Report an error
196  error = ERROR_FAILURE;
197  }
198 
199  //Return status code
200  return error;
201 }
202 
203 
204 /**
205  * @brief Send handshake message
206  * @param[in] context Pointer to the TLS context
207  * @param[in] message Pointer to the handshake message
208  * @param[in] length Length of the handshake message, in bytes
209  * @return Error code
210  **/
211 
212 error_t tlsSendQuicHandshakeMessage(TlsContext *context, const uint8_t *message,
213  size_t length)
214 {
215  error_t error;
216  TlsEncryptionLevel level;
217 
218  //At any time, the TLS stack at an endpoint will have a current sending
219  //encryption level. TLS encryption level determines the QUIC packet type
220  //and keys that are used for protecting data (refer to RFC 9001,
221  //section 4.1.3)
222  level = context->encryptionEngine.level;
223 
224  //Any registered callback?
225  if(context->quicCallbacks.sendHandshakeMessage != NULL)
226  {
227  //When TLS provides handshake bytes to be sent, they are appended to the
228  //handshake bytes for the current encryption level
229  error = context->quicCallbacks.sendHandshakeMessage(context, level, message,
230  length, context->quicHandle);
231  }
232  else
233  {
234  //Report an error
235  error = ERROR_FAILURE;
236  }
237 
238  //Return status code
239  return error;
240 }
241 
242 
243 /**
244  * @brief Send alert message
245  * @param[in] context Pointer to the TLS context
246  * @param[in] message Pointer to the alert message
247  * @param[in] length Length of the alert message, in bytes
248  * @return Error code
249  **/
250 
251 error_t tlsSendQuicAlertMessage(TlsContext *context, const TlsAlert *message,
252  size_t length)
253 {
254  error_t error;
255 
256  //Initialize status code
257  error = NO_ERROR;
258 
259  //QUIC is only able to convey an alert level of "fatal" (refer to RFC 9001,
260  //section 4.8)
261  if(length == sizeof(TlsAlert) && message->level == TLS_ALERT_LEVEL_FATAL)
262  {
263  //Any registered callback?
264  if(context->quicCallbacks.sendAlertMessage != NULL)
265  {
266  //A TLS alert is converted into a QUIC connection error
267  error = context->quicCallbacks.sendAlertMessage(context,
268  message->description, context->quicHandle);
269  }
270  else
271  {
272  //Report an error
273  error = ERROR_FAILURE;
274  }
275  }
276 
277  //Return status code
278  return error;
279 }
280 
281 #endif
tlsAllocMem
#define tlsAllocMem(size)
Definition: tls.h:888
htons
#define htons(value)
Definition: cpu_endian.h:413
TLS_TRANSPORT_PROTOCOL_QUIC
@ TLS_TRANSPORT_PROTOCOL_QUIC
Definition: tls.h:1001
tls_quic_misc.h
QUIC helper functions.
p
uint8_t p
Definition: ndp.h:300
message
uint8_t message[]
Definition: chap.h:154
ERROR_OUT_OF_MEMORY
@ ERROR_OUT_OF_MEMORY
Definition: error.h:63
TlsExtension
TlsExtension
Definition: tls.h:1691
TLS_EXT_QUIC_TRANSPORT_PARAMETERS
@ TLS_EXT_QUIC_TRANSPORT_PARAMETERS
Definition: tls.h:1399
TlsEncryptionLevel
TlsEncryptionLevel
Encryption level.
Definition: tls.h:1579
osMemcpy
#define osMemcpy(dest, src, length)
Definition: os_port.h:144
ERROR_UNSUPPORTED_EXTENSION
@ ERROR_UNSUPPORTED_EXTENSION
Definition: error.h:246
TlsContext
#define TlsContext
Definition: tls.h:36
error_t
error_t
Error codes.
Definition: error.h:43
ERROR_FAILURE
@ ERROR_FAILURE
Generic error code.
Definition: error.h:45
TlsAlert
TlsAlert
Definition: tls.h:1991
tlsFormatQuicTransportParamsExtension
error_t tlsFormatQuicTransportParamsExtension(TlsContext *context, uint8_t *p, size_t *written)
Format QuicTransportParameters extension.
Definition: tls_quic_misc.c:57
ERROR_MISSING_EXTENSION
@ ERROR_MISSING_EXTENSION
Definition: error.h:245
tlsSetQuicEncryptionKeys
error_t tlsSetQuicEncryptionKeys(TlsContext *context, TlsEncryptionLevel level, const uint8_t *clientKey, const uint8_t *serverKey, size_t keyLen)
Set encryption keys.
Definition: tls_quic_misc.c:165
length
uint8_t length
Definition: tcp.h:375
ntohs
#define ntohs(value)
Definition: cpu_endian.h:421
TLS_ALERT_LEVEL_FATAL
@ TLS_ALERT_LEVEL_FATAL
Definition: tls.h:1118
HTONS
#define HTONS(value)
Definition: cpu_endian.h:410
n
uint8_t n
Definition: dhcpv6_common.h:416
TLS_CONNECTION_END_CLIENT
@ TLS_CONNECTION_END_CLIENT
Definition: tls.h:1012
tls.h
TLS (Transport Layer Security)
tlsParseQuicTransportParamsExtension
error_t tlsParseQuicTransportParamsExtension(TlsContext *context, const TlsExtension *quicTransportParams)
Parse QuicTransportParameters extension.
Definition: tls_quic_misc.c:105
tlsSendQuicHandshakeMessage
error_t tlsSendQuicHandshakeMessage(TlsContext *context, const uint8_t *message, size_t length)
Send handshake message.
Definition: tls_quic_misc.c:212
tlsFreeMem
#define tlsFreeMem(p)
Definition: tls.h:893
tlsSendQuicAlertMessage
error_t tlsSendQuicAlertMessage(TlsContext *context, const TlsAlert *message, size_t length)
Send alert message.
Definition: tls_quic_misc.c:251
NO_ERROR
@ NO_ERROR
Success.
Definition: error.h:44
debug.h
Debugging facilities.