Branch data     Line data    Source code

       1                 :            : /*
       2                 :            :  * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
       3                 :            :  *
       4                 :            :  * Licensed under the Apache License, Version 2.0 (the "License").
       5                 :            :  * You may not use this file except in compliance with the License.
       6                 :            :  * A copy of the License is located at
       7                 :            :  *
       8                 :            :  *  http://aws.amazon.com/apache2.0
       9                 :            :  *
      10                 :            :  * or in the "license" file accompanying this file. This file is distributed
      11                 :            :  * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
      12                 :            :  * express or implied. See the License for the specific language governing
      13                 :            :  * permissions and limitations under the License.
      14                 :            :  */
      15                 :            : 
      16                 :            : #pragma once
      17                 :            : 
      18                 :            : #include <stdbool.h>
      19                 :            : 
      20                 :            : #include "stuffer/s2n_stuffer.h"
      21                 :            : #include "tls/s2n_tls_parameters.h"
      22                 :            : 
      23                 :            : #define S2N_EXTENSION_TYPE_FIELD_LENGTH   2
      24                 :            : #define S2N_EXTENSION_LENGTH_FIELD_LENGTH 2
      25                 :            : #define S2N_EXTENSION_HEADER_LENGTH       (S2N_EXTENSION_TYPE_FIELD_LENGTH + S2N_EXTENSION_LENGTH_FIELD_LENGTH)
      26                 :            : 
      27                 :            : /* The number of extensions supported by S2N */
      28                 :     714028 : #define S2N_SUPPORTED_EXTENSIONS_COUNT (sizeof(s2n_supported_extensions) / sizeof(s2n_supported_extensions[0]))
      29                 :            : 
      30                 :            : /* The number of bytes needed to assign 1 bit to every supported extension.
      31                 :            :  * Uses ceiling division so the value is rounded up as necessary, for example:
      32                 :            :  *     S2N_SUPPORTED_EXTENSIONS_COUNT = 21
      33                 :            :  *     CHAR_BIT = 8
      34                 :            :  *     (21 + 7) / 8 = 3.5 = 3 */
      35                 :            : #define S2N_SUPPORTED_EXTENSIONS_BITFIELD_LEN ((S2N_SUPPORTED_EXTENSIONS_COUNT + CHAR_BIT - 1) / CHAR_BIT)
      36                 :            : 
      37                 :            : struct s2n_connection;
      38                 :            : typedef struct {
      39                 :            :     uint16_t iana_value;
      40                 :            :     unsigned is_response : 1;
      41                 :            :     uint16_t minimum_version;
      42                 :            : 
      43                 :            :     int (*send)(struct s2n_connection *conn, struct s2n_stuffer *out);
      44                 :            :     int (*recv)(struct s2n_connection *conn, struct s2n_stuffer *in);
      45                 :            : 
      46                 :            :     /* Returns true or false to indicate whether the extension should be sent */
      47                 :            :     bool (*should_send)(struct s2n_connection *conn);
      48                 :            : 
      49                 :            :     /* Handler called if an extension is not received */
      50                 :            :     int (*if_missing)(struct s2n_connection *conn);
      51                 :            : } s2n_extension_type;
      52                 :            : 
      53                 :            : static const uint16_t s2n_supported_extensions[] = {
      54                 :            :     TLS_EXTENSION_RENEGOTIATION_INFO,
      55                 :            :     TLS_EXTENSION_PQ_KEM_PARAMETERS,
      56                 :            :     TLS_EXTENSION_SERVER_NAME,
      57                 :            :     TLS_EXTENSION_MAX_FRAG_LEN,
      58                 :            :     TLS_EXTENSION_STATUS_REQUEST,
      59                 :            :     TLS_EXTENSION_SUPPORTED_GROUPS,
      60                 :            :     TLS_EXTENSION_EC_POINT_FORMATS,
      61                 :            :     TLS_EXTENSION_SIGNATURE_ALGORITHMS,
      62                 :            :     TLS_EXTENSION_ALPN,
      63                 :            :     TLS_EXTENSION_SCT_LIST,
      64                 :            :     TLS_EXTENSION_SESSION_TICKET,
      65                 :            :     TLS_EXTENSION_SUPPORTED_VERSIONS,
      66                 :            :     TLS_EXTENSION_KEY_SHARE,
      67                 :            :     TLS_EXTENSION_COOKIE,
      68                 :            :     TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS,
      69                 :            :     TLS_EXTENSION_PSK_KEY_EXCHANGE_MODES,
      70                 :            :     TLS_EXTENSION_PRE_SHARED_KEY,
      71                 :            :     TLS_EXTENSION_EARLY_DATA,
      72                 :            :     TLS_EXTENSION_EMS,
      73                 :            :     TLS_EXTENSION_NPN,
      74                 :            :     TLS_EXTENSION_CERT_AUTHORITIES,
      75                 :            : };
      76                 :            : 
      77                 :            : typedef char s2n_extension_bitfield[S2N_SUPPORTED_EXTENSIONS_BITFIELD_LEN];
      78                 :            : 
      79                 :            : typedef uint8_t s2n_extension_type_id;
      80                 :            : extern const s2n_extension_type_id s2n_unsupported_extension;
      81                 :            : 
      82                 :            : int s2n_extension_send(const s2n_extension_type *extension_type, struct s2n_connection *conn, struct s2n_stuffer *out);
      83                 :            : int s2n_extension_recv(const s2n_extension_type *extension_type, struct s2n_connection *conn, struct s2n_stuffer *in);
      84                 :            : int s2n_extension_is_missing(const s2n_extension_type *extension_type, struct s2n_connection *conn);
      85                 :            : 
      86                 :            : /* Map from TLS IANA value to internal s2n id.
      87                 :            :  * All possible IANA values is a large space, so using an internal id gives us more
      88                 :            :  * flexibility when using arrays / bitfields / etc. */
      89                 :            : int s2n_extension_supported_iana_value_to_id(const uint16_t iana_value, s2n_extension_type_id *internal_id);
      90                 :            : 
      91                 :            : /* Initializer */
      92                 :            : int s2n_extension_type_init();
      93                 :            : 
      94                 :            : /* Common implementations for send */
      95                 :            : int s2n_extension_send_unimplemented(struct s2n_connection *conn, struct s2n_stuffer *out);
      96                 :            : int s2n_extension_send_noop(struct s2n_connection *conn, struct s2n_stuffer *out);
      97                 :            : 
      98                 :            : /* Common implementations for recv */
      99                 :            : int s2n_extension_recv_unimplemented(struct s2n_connection *conn, struct s2n_stuffer *in);
     100                 :            : int s2n_extension_recv_noop(struct s2n_connection *conn, struct s2n_stuffer *out);
     101                 :            : 
     102                 :            : /* Common implementations for should_send */
     103                 :            : bool s2n_extension_always_send(struct s2n_connection *conn);
     104                 :            : bool s2n_extension_never_send(struct s2n_connection *conn);
     105                 :            : bool s2n_extension_send_if_tls13_connection(struct s2n_connection *conn);
     106                 :            : 
     107                 :            : /* Common implementations for if_missing */
     108                 :            : int s2n_extension_error_if_missing(struct s2n_connection *conn);
     109                 :            : int s2n_extension_noop_if_missing(struct s2n_connection *conn);