Home Explore Help
Sign In
SMusatov
/
ydb
mirror of https://github.com/ydb-platform/ydb.git
1
0
Fork 0
Files
Tree: 4f0f0a0ec5
Branches Tags
ydb
/
contrib
/
restricted
/
aws
/
s2n
/
api
/
unstable
/
renegotiate.h

renegotiate.h 6.7 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142 
  1. /*
    2. 

  2.  * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
    3. 

  3.  *
    4. 

  4.  * Licensed under the Apache License, Version 2.0 (the "License").
    5. 

  5.  * You may not use this file except in compliance with the License.
    6. 

  6.  * A copy of the License is located at
    7. 

  7.  *
    8. 

  8.  *  http://aws.amazon.com/apache2.0
    9. 

  9.  *
    10. 

  10.  * or in the "license" file accompanying this file. This file is distributed
    11. 

  11.  * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
    12. 

  12.  * express or implied. See the License for the specific language governing
    13. 

  13.  * permissions and limitations under the License.
    14. 

  14.  */
    15. 

  15. 

  16. #pragma once
    17. 

  17. 

  18. #include <s2n.h>
    19. 

  19. 

  20. /**
    21. 

  21.  * @file renegotiate.h
    22. 

  22.  *
    23. 

  23.  * "Renegotiation" is a TLS feature offered in TLS1.2 and earlier.
    24. 

  24.  * During renegotiation, a new handshake is performed on an already established
    25. 

  25.  * connection. The new handshake is encrypted using the keys from the original handshake.
    26. 

  26.  * The new handshake may not match the first handshake; for example, the server may choose
    27. 

  27.  * a different cipher suite or require client authentication for the new handshake.
    28. 

  28.  *
    29. 

  29.  * s2n-tls clients support secure (compliant with RFC5746) renegotiation for compatibility reasons,
    30. 

  30.  * but s2n-tls does NOT recommend its use. While s2n-tls addresses all currently known security concerns,
    31. 

  31.  * renegotiation has appeared in many CVEs and was completely removed from TLS1.3.
    32. 

  32.  */
    33. 

  33. 

  34. /**
    35. 

  35.  * Used to indicate that an attempt to renegotiate encountered
    36. 

  36.  * application data which the application should process before
    37. 

  37.  * continuing the handshake.
    38. 

  38.  */
    39. 

  39. extern const s2n_blocked_status S2N_BLOCKED_ON_APPLICATION_DATA;
    40. 

  40. 

  41. /**
    42. 

  42.  * Indicates how a renegotiation request should be handled.
    43. 

  43.  */
    44. 

  44. typedef enum {
    45. 

  45.     /* The client will take no action */
    46. 

  46.     S2N_RENEGOTIATE_IGNORE = 0,
    47. 

  47.     /* The client will send a warning alert to the server */
    48. 

  48.     S2N_RENEGOTIATE_REJECT,
    49. 

  49.     /* The client will begin renegotiation in the future */
    50. 

  50.     S2N_RENEGOTIATE_ACCEPT,
    51. 

  51. } s2n_renegotiate_response;
    52. 

  52. 

  53. /**
    54. 

  54.  * Callback function to handle requests for renegotiation.
    55. 

  55.  *
    56. 

  56.  * s2n-tls calls this method when a client receives a request from the server
    57. 

  57.  * to renegotiate the connection. If the server makes multiple requests,
    58. 

  58.  * s2n-tls will call this method multiple times.
    59. 

  59.  *
    60. 

  60.  * Applications should use the `response` value to indicate how the request
    61. 

  61.  * should be handled. If `response` is set to `S2N_RENEGOTIATE_IGNORE`
    62. 

  62.  * or `S2N_RENEGOTIATE_REJECT`, no further application involvement is required.
    63. 

  63.  *
    64. 

  64.  * If `response` is set to `S2N_RENEGOTIATE_ACCEPT`, then the application should
    65. 

  65.  * handle renegotiation. The application should stop calling s2n_send and s2n_recv,
    66. 

  66.  * wipe the connection with s2n_renegotiate_wipe, and then call s2n_renegotiate
    67. 

  67.  * until the handshake is complete.
    68. 

  68.  *
    69. 

  69.  * @param conn A pointer to the connection object.
    70. 

  70.  * @param context Context for the callback function.
    71. 

  71.  * @param response How the request should be handled.
    72. 

  72.  * @returns S2N_SUCCESS on success, S2N_FAILURE on error.
    73. 

  73.  */
    74. 

  74. typedef int (*s2n_renegotiate_request_cb)(struct s2n_connection *conn, void *context, s2n_renegotiate_response *response);
    75. 

  75. 

  76. /**
    77. 

  77.  * Sets a method to be called when the client receives a request to renegotiate.
    78. 

  78.  *
    79. 

  79.  * @param config A pointer to the config object.
    80. 

  80.  * @param callback The function to be called when a renegotiation request is received.
    81. 

  81.  * @param context Context to be passed to the callback function.
    82. 

  82.  * @returns S2N_SUCCESS on success, S2N_FAILURE on error.
    83. 

  83.  */
    84. 

  84. S2N_API int s2n_config_set_renegotiate_request_cb(struct s2n_config *config, s2n_renegotiate_request_cb callback, void *context);
    85. 

  85. 

  86. /**
    87. 

  87.  * Reset the connection so that it can be renegotiated.
    88. 

  88.  *
    89. 

  89.  * Similar to `s2n_connection_wipe`, this method resets a connection so that it can be used again.
    90. 

  90.  * However, unlike `s2n_connection_wipe`, it retains enough state from the previous connection
    91. 

  91.  * that the connection can continue to send and receive data encrypted with the old keys.
    92. 

  92.  *
    93. 

  93.  * The application MUST handle any incomplete IO before calling this method. The last call to `s2n_send` must
    94. 

  94.  * have succeeded, and `s2n_peek` must return zero. If there is any data in the send or receive buffers,
    95. 

  95.  * this method will fail.
    96. 

  96.  *
    97. 

  97.  * The application MUST repeat any connection-specific setup after calling this method. This method
    98. 

  98.  * cannot distinguish between internal connection state and configuration state set by the application,
    99. 

  99.  * so it wipes all state not directly related to handling encrypted records. For example,
    100. 

  100.  * if the application originally called `s2n_connection_set_blinding` on the connection,
    101. 

  101.  * then the application will need to call `s2n_connection_set_blinding` again after `s2n_renegotiate_wipe`.
    102. 

  102.  *
    103. 

  103.  * The connection-specific setup methods the application does not need to call again are:
    104. 

  104.  * - Methods to set the file descriptors
    105. 

  105.  *   (`s2n_connection_set_fd`, `s2n_connection_set_read_fd`, `s2n_connection_set_write_fd`)
    106. 

  106.  * - Methods to set the send callback
    107. 

  107.  *   (`s2n_connection_set_send_cb`, `s2n_connection_set_send_ctx`)
    108. 

  108.  * - Methods to set the recv callback
    109. 

  109.  *   (`s2n_connection_set_recv_cb`, `s2n_connection_set_recv_ctx`)
    110. 

  110.  *
    111. 

  111.  * @note This method MUST be called before s2n_renegotiate.
    112. 

  112.  * @note Calling this method on a server connection will fail. s2n-tls servers do not support renegotiation.
    113. 

  113.  *
    114. 

  114.  * @param conn A pointer to the connection object.
    115. 

  115.  * @returns S2N_SUCCESS on success, S2N_FAILURE on error.
    116. 

  116.  */
    117. 

  117. S2N_API int s2n_renegotiate_wipe(struct s2n_connection *conn);
    118. 

  118. 

  119. /**
    120. 

  120.  * Perform a new handshake on an already established connection.
    121. 

  121.  *
    122. 

  122.  * This method should be called like `s2n_negotiate`, with the same handling of return values,
    123. 

  123.  * error types, and blocked statuses.
    124. 

  124.  *
    125. 

  125.  * However, unlike the initial handshake performed by `s2n_negotiate`, the renegotiation
    126. 

  126.  * handshake can encounter valid application data. In that case, this method will fail
    127. 

  127.  * with an error of type S2N_ERR_T_BLOCKED, set the `blocked` field to `S2N_BLOCKED_ON_APPLICATION_DATA`,
    128. 

  128.  * copy the data to `app_data_buf`, and set `app_data_size` to the size of the data.
    129. 

  129.  * The application should handle the data in `app_data_buf` before calling s2n_renegotiate again.
    130. 

  130.  *
    131. 

  131.  * @note s2n_renegotiate_wipe MUST be called before this method.
    132. 

  132.  * @note Calling this method on a server connection will fail. s2n-tls servers do not support renegotiation.
    133. 

  133.  *
    134. 

  134.  * @param conn A pointer to the connection object.
    135. 

  135.  * @param app_data_buf A pointer to a buffer that s2n will copy application data read into.
    136. 

  136.  * @param app_data_buf_size The size of `app_data_buf`.
    137. 

  137.  * @param app_data_size The number of application data bytes read.
    138. 

  138.  * @param blocked A pointer which will be set to the blocked status.
    139. 

  139.  * @returns S2N_SUCCESS if the handshake completed. S2N_FAILURE if the handshake encountered an error or is blocked.
    140. 

  140.  */
    141. 

  141. S2N_API int s2n_renegotiate(struct s2n_connection *conn, uint8_t *app_data_buf, ssize_t app_data_buf_size,
    142. 

  142.         ssize_t *app_data_size, s2n_blocked_status *blocked);
    143.