Botan  2.7.0
Crypto and TLS for C++11
tls_record.h
Go to the documentation of this file.
1 /*
2 * TLS Record Handling
3 * (C) 2004-2012 Jack Lloyd
4 * 2016 Matthias Gierlings
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #ifndef BOTAN_TLS_RECORDS_H_
10 #define BOTAN_TLS_RECORDS_H_
11 
12 #include <botan/tls_algos.h>
13 #include <botan/tls_magic.h>
14 #include <botan/tls_version.h>
15 #include <botan/aead.h>
16 #include <vector>
17 #include <chrono>
18 #include <functional>
19 
20 namespace Botan {
21 
22 namespace TLS {
23 
24 class Ciphersuite;
25 class Session_Keys;
26 
27 class Connection_Sequence_Numbers;
28 
29 /**
30 * TLS Cipher State
31 */
33  {
34  public:
35  /**
36  * Initialize a new cipher state
37  */
39  Connection_Side which_side,
40  bool is_our_side,
41  const Ciphersuite& suite,
42  const Session_Keys& keys,
43  bool uses_encrypt_then_mac);
44 
45  AEAD_Mode* aead() { return m_aead.get(); }
46 
47  std::vector<uint8_t> aead_nonce(uint64_t seq, RandomNumberGenerator& rng);
48 
49  std::vector<uint8_t> aead_nonce(const uint8_t record[], size_t record_len, uint64_t seq);
50 
51  std::vector<uint8_t> format_ad(uint64_t seq, uint8_t type,
52  Protocol_Version version,
53  uint16_t ptext_length);
54 
55  size_t nonce_bytes_from_handshake() const { return m_nonce_bytes_from_handshake; }
56  size_t nonce_bytes_from_record() const { return m_nonce_bytes_from_record; }
57 
58  Nonce_Format nonce_format() const { return m_nonce_format; }
59 
60  std::chrono::seconds age() const
61  {
62  return std::chrono::duration_cast<std::chrono::seconds>(
63  std::chrono::system_clock::now() - m_start_time);
64  }
65 
66  private:
67  std::chrono::system_clock::time_point m_start_time;
68  std::unique_ptr<AEAD_Mode> m_aead;
69 
70  std::vector<uint8_t> m_nonce;
71  Nonce_Format m_nonce_format = Nonce_Format::CBC_MODE;
72  size_t m_nonce_bytes_from_handshake = 0;
73  size_t m_nonce_bytes_from_record = 0;
74  };
75 
76 class Record final
77  {
78  public:
80  uint64_t* sequence,
81  Protocol_Version* protocol_version,
83  : m_data(data), m_sequence(sequence), m_protocol_version(protocol_version),
84  m_type(type), m_size(data.size()) {}
85 
86  secure_vector<uint8_t>& get_data() { return m_data; }
87 
88  Protocol_Version* get_protocol_version() { return m_protocol_version; }
89 
90  uint64_t* get_sequence() { return m_sequence; }
91 
92  Record_Type* get_type() { return m_type; }
93 
94  size_t& get_size() { return m_size; }
95 
96  private:
97  secure_vector<uint8_t>& m_data;
98  uint64_t* m_sequence;
99  Protocol_Version* m_protocol_version;
100  Record_Type* m_type;
101  size_t m_size;
102  };
103 
104 class Record_Message final
105  {
106  public:
107  Record_Message(const uint8_t* data, size_t size)
108  : m_type(0), m_sequence(0), m_data(data), m_size(size) {}
109  Record_Message(uint8_t type, uint64_t sequence, const uint8_t* data, size_t size)
110  : m_type(type), m_sequence(sequence), m_data(data),
111  m_size(size) {}
112 
113  uint8_t& get_type() { return m_type; }
114  uint64_t& get_sequence() { return m_sequence; }
115  const uint8_t* get_data() { return m_data; }
116  size_t& get_size() { return m_size; }
117 
118  private:
119  uint8_t m_type;
120  uint64_t m_sequence;
121  const uint8_t* m_data;
122  size_t m_size;
123 };
124 
125 class Record_Raw_Input final
126  {
127  public:
128  Record_Raw_Input(const uint8_t* data, size_t size, size_t& consumed,
129  bool is_datagram)
130  : m_data(data), m_size(size), m_consumed(consumed),
131  m_is_datagram(is_datagram) {}
132 
133  const uint8_t*& get_data() { return m_data; }
134 
135  size_t& get_size() { return m_size; }
136 
137  size_t& get_consumed() { return m_consumed; }
138  void set_consumed(size_t consumed) { m_consumed = consumed; }
139 
140  bool is_datagram() { return m_is_datagram; }
141 
142  private:
143  const uint8_t* m_data;
144  size_t m_size;
145  size_t& m_consumed;
146  bool m_is_datagram;
147  };
148 
149 
150 /**
151 * Create a TLS record
152 * @param write_buffer the output record is placed here
153 * @param rec_msg is the plaintext message
154 * @param version is the protocol version
155 * @param msg_sequence is the sequence number
156 * @param cipherstate is the writing cipher state
157 * @param rng is a random number generator
158 */
159 void write_record(secure_vector<uint8_t>& write_buffer,
160  Record_Message rec_msg,
161  Protocol_Version version,
162  uint64_t msg_sequence,
163  Connection_Cipher_State* cipherstate,
164  RandomNumberGenerator& rng);
165 
166 // epoch -> cipher state
167 typedef std::function<std::shared_ptr<Connection_Cipher_State> (uint16_t)> get_cipherstate_fn;
168 
169 /**
170 * Decode a TLS record
171 * @return zero if full message, else number of bytes still needed
172 */
173 size_t read_record(secure_vector<uint8_t>& read_buffer,
174  Record_Raw_Input& raw_input,
175  Record& rec,
176  Connection_Sequence_Numbers* sequence_numbers,
177  get_cipherstate_fn get_cipherstate);
178 
179 }
180 
181 }
182 
183 #endif
Record_Message(uint8_t type, uint64_t sequence, const uint8_t *data, size_t size)
Definition: tls_record.h:109
uint64_t * get_sequence()
Definition: tls_record.h:90
size_t nonce_bytes_from_handshake() const
Definition: tls_record.h:55
std::vector< uint8_t > aead_nonce(uint64_t seq, RandomNumberGenerator &rng)
Definition: tls_record.cpp:114
Nonce_Format nonce_format() const
Definition: tls_record.h:58
std::chrono::seconds age() const
Definition: tls_record.h:60
const uint8_t * get_data()
Definition: tls_record.h:115
std::function< std::shared_ptr< Connection_Cipher_State >uint16_t)> get_cipherstate_fn
Definition: tls_record.h:167
size_t read_record(secure_vector< uint8_t > &readbuf, Record_Raw_Input &raw_input, Record &rec, Connection_Sequence_Numbers *sequence_numbers, get_cipherstate_fn get_cipherstate)
Definition: tls_record.cpp:504
Connection_Cipher_State(Protocol_Version version, Connection_Side which_side, bool is_our_side, const Ciphersuite &suite, const Session_Keys &keys, bool uses_encrypt_then_mac)
Definition: tls_record.cpp:28
MechanismType type
Record_Message(const uint8_t *data, size_t size)
Definition: tls_record.h:107
size_t nonce_bytes_from_record() const
Definition: tls_record.h:56
secure_vector< uint8_t > & get_data()
Definition: tls_record.h:86
std::vector< uint8_t > format_ad(uint64_t seq, uint8_t type, Protocol_Version version, uint16_t ptext_length)
Definition: tls_record.cpp:181
Record_Raw_Input(const uint8_t *data, size_t size, size_t &consumed, bool is_datagram)
Definition: tls_record.h:128
Definition: alg_id.cpp:13
void set_consumed(size_t consumed)
Definition: tls_record.h:138
Record(secure_vector< uint8_t > &data, uint64_t *sequence, Protocol_Version *protocol_version, Record_Type *type)
Definition: tls_record.h:79
Record_Type * get_type()
Definition: tls_record.h:92
void write_record(secure_vector< uint8_t > &output, Record_Message msg, Protocol_Version version, uint64_t seq, Connection_Cipher_State *cs, RandomNumberGenerator &rng)
Definition: tls_record.cpp:210
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:88
Protocol_Version * get_protocol_version()
Definition: tls_record.h:88
size_t & get_size()
Definition: tls_record.h:94
const uint8_t *& get_data()
Definition: tls_record.h:133