Botan  2.4.0
Crypto and TLS for C++11
tls_record.h
Go to the documentation of this file.
1 /*
2 * TLS Record Handling
3 * (C) 2004-2012 Jack Lloyd
4 * 2016 Matthias Gierlings
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #ifndef BOTAN_TLS_RECORDS_H_
10 #define BOTAN_TLS_RECORDS_H_
11 
12 #include <botan/tls_magic.h>
13 #include <botan/tls_version.h>
14 #include <botan/aead.h>
15 #include <vector>
16 #include <chrono>
17 #include <functional>
18 
19 namespace Botan {
20 
21 namespace TLS {
22 
23 class Ciphersuite;
24 class Session_Keys;
25 
26 class Connection_Sequence_Numbers;
27 
28 /**
29 * TLS Cipher State
30 */
32  {
33  public:
34  /**
35  * Initialize a new cipher state
36  */
38  Connection_Side which_side,
39  bool is_our_side,
40  const Ciphersuite& suite,
41  const Session_Keys& keys,
42  bool uses_encrypt_then_mac);
43 
44  AEAD_Mode* aead() { return m_aead.get(); }
45 
46  std::vector<uint8_t> aead_nonce(uint64_t seq, RandomNumberGenerator& rng);
47 
48  std::vector<uint8_t> aead_nonce(const uint8_t record[], size_t record_len, uint64_t seq);
49 
50  std::vector<uint8_t> format_ad(uint64_t seq, uint8_t type,
51  Protocol_Version version,
52  uint16_t ptext_length);
53 
54  size_t nonce_bytes_from_handshake() const { return m_nonce_bytes_from_handshake; }
55  size_t nonce_bytes_from_record() const { return m_nonce_bytes_from_record; }
56  bool cbc_nonce() const { return m_cbc_nonce; }
57 
58  std::chrono::seconds age() const
59  {
60  return std::chrono::duration_cast<std::chrono::seconds>(
61  std::chrono::system_clock::now() - m_start_time);
62  }
63 
64  private:
65  std::chrono::system_clock::time_point m_start_time;
66  std::unique_ptr<AEAD_Mode> m_aead;
67 
68  std::vector<uint8_t> m_nonce;
69  size_t m_nonce_bytes_from_handshake;
70  size_t m_nonce_bytes_from_record;
71  bool m_cbc_nonce;
72  };
73 
74 class Record final
75  {
76  public:
78  uint64_t* sequence,
79  Protocol_Version* protocol_version,
81  : m_data(data), m_sequence(sequence), m_protocol_version(protocol_version),
82  m_type(type), m_size(data.size()) {}
83 
84  secure_vector<uint8_t>& get_data() { return m_data; }
85 
86  Protocol_Version* get_protocol_version() { return m_protocol_version; }
87 
88  uint64_t* get_sequence() { return m_sequence; }
89 
90  Record_Type* get_type() { return m_type; }
91 
92  size_t& get_size() { return m_size; }
93 
94  private:
95  secure_vector<uint8_t>& m_data;
96  uint64_t* m_sequence;
97  Protocol_Version* m_protocol_version;
98  Record_Type* m_type;
99  size_t m_size;
100  };
101 
102 class Record_Message final
103  {
104  public:
105  Record_Message(const uint8_t* data, size_t size)
106  : m_type(0), m_sequence(0), m_data(data), m_size(size) {}
107  Record_Message(uint8_t type, uint64_t sequence, const uint8_t* data, size_t size)
108  : m_type(type), m_sequence(sequence), m_data(data),
109  m_size(size) {}
110 
111  uint8_t& get_type() { return m_type; }
112  uint64_t& get_sequence() { return m_sequence; }
113  const uint8_t* get_data() { return m_data; }
114  size_t& get_size() { return m_size; }
115 
116  private:
117  uint8_t m_type;
118  uint64_t m_sequence;
119  const uint8_t* m_data;
120  size_t m_size;
121 };
122 
123 class Record_Raw_Input final
124  {
125  public:
126  Record_Raw_Input(const uint8_t* data, size_t size, size_t& consumed,
127  bool is_datagram)
128  : m_data(data), m_size(size), m_consumed(consumed),
129  m_is_datagram(is_datagram) {}
130 
131  const uint8_t*& get_data() { return m_data; }
132 
133  size_t& get_size() { return m_size; }
134 
135  size_t& get_consumed() { return m_consumed; }
136  void set_consumed(size_t consumed) { m_consumed = consumed; }
137 
138  bool is_datagram() { return m_is_datagram; }
139 
140  private:
141  const uint8_t* m_data;
142  size_t m_size;
143  size_t& m_consumed;
144  bool m_is_datagram;
145  };
146 
147 
148 /**
149 * Create a TLS record
150 * @param write_buffer the output record is placed here
151 * @param rec_msg is the plaintext message
152 * @param version is the protocol version
153 * @param msg_sequence is the sequence number
154 * @param cipherstate is the writing cipher state
155 * @param rng is a random number generator
156 */
157 void write_record(secure_vector<uint8_t>& write_buffer,
158  Record_Message rec_msg,
159  Protocol_Version version,
160  uint64_t msg_sequence,
161  Connection_Cipher_State* cipherstate,
162  RandomNumberGenerator& rng);
163 
164 // epoch -> cipher state
165 typedef std::function<std::shared_ptr<Connection_Cipher_State> (uint16_t)> get_cipherstate_fn;
166 
167 /**
168 * Decode a TLS record
169 * @return zero if full message, else number of bytes still needed
170 */
171 size_t read_record(secure_vector<uint8_t>& read_buffer,
172  Record_Raw_Input& raw_input,
173  Record& rec,
174  Connection_Sequence_Numbers* sequence_numbers,
175  get_cipherstate_fn get_cipherstate);
176 
177 }
178 
179 }
180 
181 #endif
Record_Message(uint8_t type, uint64_t sequence, const uint8_t *data, size_t size)
Definition: tls_record.h:107
uint64_t * get_sequence()
Definition: tls_record.h:88
size_t nonce_bytes_from_handshake() const
Definition: tls_record.h:54
std::vector< uint8_t > aead_nonce(uint64_t seq, RandomNumberGenerator &rng)
Definition: tls_record.cpp:112
std::chrono::seconds age() const
Definition: tls_record.h:58
const uint8_t * get_data()
Definition: tls_record.h:113
std::function< std::shared_ptr< Connection_Cipher_State >uint16_t)> get_cipherstate_fn
Definition: tls_record.h:165
size_t read_record(secure_vector< uint8_t > &readbuf, Record_Raw_Input &raw_input, Record &rec, Connection_Sequence_Numbers *sequence_numbers, get_cipherstate_fn get_cipherstate)
Definition: tls_record.cpp:500
Connection_Cipher_State(Protocol_Version version, Connection_Side which_side, bool is_our_side, const Ciphersuite &suite, const Session_Keys &keys, bool uses_encrypt_then_mac)
Definition: tls_record.cpp:28
MechanismType type
Record_Message(const uint8_t *data, size_t size)
Definition: tls_record.h:105
size_t nonce_bytes_from_record() const
Definition: tls_record.h:55
secure_vector< uint8_t > & get_data()
Definition: tls_record.h:84
std::vector< uint8_t > format_ad(uint64_t seq, uint8_t type, Protocol_Version version, uint16_t ptext_length)
Definition: tls_record.cpp:184
Record_Raw_Input(const uint8_t *data, size_t size, size_t &consumed, bool is_datagram)
Definition: tls_record.h:126
Definition: alg_id.cpp:13
void set_consumed(size_t consumed)
Definition: tls_record.h:136
Record(secure_vector< uint8_t > &data, uint64_t *sequence, Protocol_Version *protocol_version, Record_Type *type)
Definition: tls_record.h:77
Record_Type * get_type()
Definition: tls_record.h:90
void write_record(secure_vector< uint8_t > &output, Record_Message msg, Protocol_Version version, uint64_t seq, Connection_Cipher_State *cs, RandomNumberGenerator &rng)
Definition: tls_record.cpp:213
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:88
Protocol_Version * get_protocol_version()
Definition: tls_record.h:86
size_t & get_size()
Definition: tls_record.h:92
const uint8_t *& get_data()
Definition: tls_record.h:131