12#ifndef IMQUIC_CRYPTO_H
13#define IMQUIC_CRYPTO_H
19#include <openssl/ssl.h>
20#include <openssl/crypto.h>
21#include <openssl/evp.h>
22#ifdef IMQUIC_BORINGSSL
23#include <openssl/hkdf.h>
25#include <openssl/kdf.h>
27#include <openssl/err.h>
123int imquic_hkdf_extract(
const EVP_MD *digest, uint8_t *key,
size_t keylen, uint8_t *out,
size_t *outlen);
132int imquic_hkdf_expand_label(
const EVP_MD *digest, uint8_t *key,
size_t keylen,
const char *label, uint8_t *out,
size_t outlen);
197int imquic_decrypt_payload(uint8_t *bytes,
size_t blen, uint8_t *to,
size_t tlen, uint8_t *header,
size_t hlen, uint64_t pn, uint8_t *key,
size_t key_len, uint8_t *iv,
size_t iv_len);
211int imquic_encrypt_payload(uint8_t *bytes,
size_t blen, uint8_t *to,
size_t tlen, uint8_t *header,
size_t hlen, uint64_t pn, uint8_t *key,
size_t key_len, uint8_t *iv,
size_t iv_len);
imquic_tls * imquic_tls_create(gboolean is_server, const char *server_pem, const char *server_key, const char *password)
Helper to create a new TLS context.
Definition crypto.c:196
int imquic_encrypt_payload(uint8_t *bytes, size_t blen, uint8_t *to, size_t tlen, uint8_t *header, size_t hlen, uint64_t pn, uint8_t *key, size_t key_len, uint8_t *iv, size_t iv_len)
Encrypt a QUIC payload to send.
Definition crypto.c:692
const char * imquic_encryption_level_str(enum ssl_encryption_level_t level)
Helper function to serialize to string the name of an SSL encryption level.
Definition crypto.c:35
int imquic_verify_retry(uint8_t *bytes, size_t blen, uint8_t *dcid, size_t dcid_len)
Verify the integrity of a Retry packet.
Definition crypto.c:760
void imquic_tls_destroy(imquic_tls *tls)
Destroy an existing imquic_tls context.
Definition crypto.c:289
int imquic_derive_initial_secret(imquic_protection *p, uint8_t *dcid, size_t dcid_len, gboolean is_server)
Helper to derive the initial secrets from a known connection ID.
Definition crypto.c:429
struct imquic_encryption imquic_encryption
Encryption context for a specific direction and encryption level in a QUIC connection.
int imquic_decrypt_payload(uint8_t *bytes, size_t blen, uint8_t *to, size_t tlen, uint8_t *header, size_t hlen, uint64_t pn, uint8_t *key, size_t key_len, uint8_t *iv, size_t iv_len)
Decrypt a received QUIC payload.
Definition crypto.c:626
int imquic_protect_header(uint8_t *bytes, size_t blen, size_t pn_offset, uint8_t *hp, size_t hp_len)
Protect a QUIC message to send (and obfuscate the header)
Definition crypto.c:582
int imquic_hkdf_expand_label(const EVP_MD *digest, uint8_t *key, size_t keylen, const char *label, uint8_t *out, size_t outlen)
Helper to expand an HKDF label.
Definition crypto.c:403
struct imquic_protection imquic_protection
Protection context in both directions for a specific encryption level in a QUIC connection.
int imquic_tls_enable_early_data(imquic_tls *tls, const char *ticket_file)
Enable early data on an existing TLS context.
Definition crypto.c:345
int imquic_unprotect_header(uint8_t *bytes, size_t blen, size_t pn_offset, uint8_t *hp, size_t hp_len)
Unprotect a received QUIC message (and unobfuscate the header)
Definition crypto.c:536
int imquic_hkdf_extract(const EVP_MD *digest, uint8_t *key, size_t keylen, uint8_t *out, size_t *outlen)
Helper to perform an HKDF extract.
Definition crypto.c:381
SSL * imquic_tls_new_ssl(imquic_tls *tls)
Get a new SSL instance from an existing TLS context.
Definition crypto.c:251
int imquic_tls_init(const char *secrets_log)
Initialize the TLS stack at startup.
Definition crypto.c:174
int imquic_expand_secret(const char *name, imquic_encryption *e, gboolean expand_hp, gboolean phase)
Helper to expand a secret, taking into account the key phase.
Definition crypto.c:479
struct imquic_tls imquic_tls
TLS context.
void imquic_tls_deinit(void)
Uninitialize the TLS stack.
Definition crypto.c:190
int imquic_build_hkdf_label(const char *label, uint8_t *hkdf_label, size_t buflen, size_t outlen)
Helper to build an HKDF label, to use with HKDF_expand.
Definition crypto.c:366
int imquic_update_keys(imquic_protection *p, gboolean phase)
Update the key phase for an existing context.
Definition crypto.c:508
Encryption context for a specific direction and encryption level in a QUIC connection.
Definition crypto.h:77
size_t iv_len
Length of the IV.
Definition crypto.h:91
size_t key_len
Length of the key.
Definition crypto.h:87
uint8_t key[2][32]
Key (key phased)
Definition crypto.h:85
const EVP_MD * md
Hashing algorithm.
Definition crypto.h:79
uint8_t secret[2][48]
Secret (key phased)
Definition crypto.h:81
size_t hp_len
Length of the header protection.
Definition crypto.h:95
uint8_t iv[2][12]
IV (key phased)
Definition crypto.h:89
size_t secret_len
Length of the secret.
Definition crypto.h:83
uint8_t hp[32]
Header protection.
Definition crypto.h:93
Protection context in both directions for a specific encryption level in a QUIC connection.
Definition crypto.h:98
imquic_encryption remote
Remote encryption context.
Definition crypto.h:102
imquic_encryption local
Local encryption context.
Definition crypto.h:100
TLS context.
Definition crypto.h:42
SSL_CTX * ssl_ctx
TLS context.
Definition crypto.h:46
gboolean early_data
Whether early data should be supported.
Definition crypto.h:52
EVP_PKEY * ssl_key
Key.
Definition crypto.h:50
gboolean is_server
Whether this is for a server or a client.
Definition crypto.h:44
char * ticket_file
File to use for session tickets, when doing early data.
Definition crypto.h:54
X509 * ssl_cert
Certificate.
Definition crypto.h:48
