Botan 3.5.0
Crypto and TLS for C&
tls_session_manager_sql.cpp
Go to the documentation of this file.
1/*
2* SQL TLS Session Manager
3* (C) 2012,2014 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/tls_session_manager_sql.h>
9
10#include <botan/database.h>
11#include <botan/hex.h>
12#include <botan/pwdhash.h>
13#include <botan/rng.h>
14#include <botan/internal/loadstor.h>
15#include <chrono>
16
17namespace Botan::TLS {
18
19Session_Manager_SQL::Session_Manager_SQL(std::shared_ptr<SQL_Database> db,
20 std::string_view passphrase,
21 const std::shared_ptr<RandomNumberGenerator>& rng,
22 size_t max_sessions) :
23 Session_Manager(rng), m_db(std::move(db)), m_max_sessions(max_sessions) {
24 create_or_migrate_and_open(passphrase);
25}
26
27void Session_Manager_SQL::create_or_migrate_and_open(std::string_view passphrase) {
28 switch(detect_schema_revision()) {
29 case CORRUPTED:
30 case PRE_BOTAN_3_0:
31 case EMPTY:
32 // Legacy sessions before Botan 3.0 are simply dropped, no actual
33 // migration is implemented. Same for apparently corrupt databases.
34 m_db->exec("DROP TABLE IF EXISTS tls_sessions");
35 m_db->exec("DROP TABLE IF EXISTS tls_sessions_metadata");
36 create_with_latest_schema(passphrase, BOTAN_3_0);
37 break;
38 case BOTAN_3_0:
39 initialize_existing_database(passphrase);
40 break;
41 default:
42 throw Internal_Error("TLS session db has unknown database schema");
43 }
44}
45
46Session_Manager_SQL::Schema_Revision Session_Manager_SQL::detect_schema_revision() {
47 try {
48 const auto meta_data_rows = m_db->row_count("tls_sessions_metadata");
49 if(meta_data_rows != 1) {
50 return CORRUPTED;
51 }
52 } catch(const SQL_Database::SQL_DB_Error&) {
53 return EMPTY; // `tls_sessions_metadata` probably didn't exist at all
54 }
55
56 try {
57 auto stmt = m_db->new_statement("SELECT database_revision FROM tls_sessions_metadata");
58 if(!stmt->step()) {
59 throw Internal_Error("Failed to read revision of TLS session database");
60 }
61 return Schema_Revision(stmt->get_size_t(0));
62 } catch(const SQL_Database::SQL_DB_Error&) {
63 return PRE_BOTAN_3_0; // `database_revision` did not exist yet -> preparing the statement failed
64 }
65}
66
67void Session_Manager_SQL::create_with_latest_schema(std::string_view passphrase, Schema_Revision rev) {
68 m_db->create_table(
69 "CREATE TABLE tls_sessions "
70 "("
71 "session_id TEXT PRIMARY KEY, "
72 "session_ticket BLOB, "
73 "session_start INTEGER, "
74 "hostname TEXT, "
75 "hostport INTEGER, "
76 "session BLOB NOT NULL"
77 ")");
78
79 m_db->create_table(
80 "CREATE TABLE tls_sessions_metadata "
81 "("
82 "passphrase_salt BLOB, "
83 "passphrase_iterations INTEGER, "
84 "passphrase_check INTEGER, "
85 "password_hash_family TEXT, "
86 "database_revision INTEGER"
87 ")");
88
89 // speeds up lookups on session_tickets when deleting
90 m_db->create_table("CREATE INDEX tls_tickets ON tls_sessions (session_ticket)");
91
92 auto salt = m_rng->random_vec<std::vector<uint8_t>>(16);
93
94 secure_vector<uint8_t> derived_key(32 + 2);
95
96 const auto pbkdf_name = "PBKDF2(SHA-512)";
97 auto pbkdf_fam = PasswordHashFamily::create_or_throw(pbkdf_name);
98
99 auto desired_runtime = std::chrono::milliseconds(100);
100 auto pbkdf = pbkdf_fam->tune(derived_key.size(), desired_runtime);
101
102 pbkdf->derive_key(
103 derived_key.data(), derived_key.size(), passphrase.data(), passphrase.size(), salt.data(), salt.size());
104
105 const size_t iterations = pbkdf->iterations();
106 const size_t check_val = make_uint16(derived_key[0], derived_key[1]);
107 m_session_key = SymmetricKey(std::span(derived_key).subspan(2));
108
109 auto stmt = m_db->new_statement("INSERT INTO tls_sessions_metadata VALUES (?1, ?2, ?3, ?4, ?5)");
110
111 stmt->bind(1, salt);
112 stmt->bind(2, iterations);
113 stmt->bind(3, check_val);
114 stmt->bind(4, pbkdf_name);
115 stmt->bind(5, rev);
116
117 stmt->spin();
118}
119
120void Session_Manager_SQL::initialize_existing_database(std::string_view passphrase) {
121 auto stmt = m_db->new_statement("SELECT * FROM tls_sessions_metadata");
122 if(!stmt->step()) {
123 throw Internal_Error("Failed to initialize TLS session database");
124 }
125
126 std::pair<const uint8_t*, size_t> salt = stmt->get_blob(0);
127 const size_t iterations = stmt->get_size_t(1);
128 const size_t check_val_db = stmt->get_size_t(2);
129 const std::string pbkdf_name = stmt->get_str(3);
130
131 secure_vector<uint8_t> derived_key(32 + 2);
132
133 auto pbkdf_fam = PasswordHashFamily::create_or_throw(pbkdf_name);
134 auto pbkdf = pbkdf_fam->from_params(iterations);
135
136 pbkdf->derive_key(
137 derived_key.data(), derived_key.size(), passphrase.data(), passphrase.size(), salt.first, salt.second);
138
139 const size_t check_val_created = make_uint16(derived_key[0], derived_key[1]);
140
141 if(check_val_created != check_val_db) {
142 throw Invalid_Argument("Session database password not valid");
143 }
144
145 m_session_key = SymmetricKey(std::span(derived_key).subspan(2));
146}
147
148void Session_Manager_SQL::store(const Session& session, const Session_Handle& handle) {
149 std::optional<lock_guard_type<recursive_mutex_type>> lk;
151 lk.emplace(mutex());
152 }
153
154 if(session.server_info().hostname().empty()) {
155 return;
156 }
157
158 auto stmt = m_db->new_statement(
159 "INSERT OR REPLACE INTO tls_sessions"
160 " VALUES (?1, ?2, ?3, ?4, ?5, ?6)");
161
162 // Generate a random session ID if the peer did not provide one. Note that
163 // this ID will not be returned on ::find(), as the ticket is preferred.
164 const auto id = handle.id().value_or(m_rng->random_vec<Session_ID>(32));
165 const auto ticket = handle.ticket().value_or(Session_Ticket());
166
167 stmt->bind(1, hex_encode(id.get()));
168 stmt->bind(2, ticket.get());
169 stmt->bind(3, session.start_time());
170 stmt->bind(4, session.server_info().hostname());
171 stmt->bind(5, session.server_info().port());
172 stmt->bind(6, session.encrypt(m_session_key, *m_rng));
173
174 stmt->spin();
175
176 prune_session_cache();
177}
178
179std::optional<Session> Session_Manager_SQL::retrieve_one(const Session_Handle& handle) {
180 std::optional<lock_guard_type<recursive_mutex_type>> lk;
182 lk.emplace(mutex());
183 }
184
185 if(auto session_id = handle.id()) {
186 auto stmt = m_db->new_statement("SELECT session FROM tls_sessions WHERE session_id = ?1");
187
188 stmt->bind(1, hex_encode(session_id->get()));
189
190 while(stmt->step()) {
191 std::pair<const uint8_t*, size_t> blob = stmt->get_blob(0);
192
193 try {
194 return Session::decrypt(blob.first, blob.second, m_session_key);
195 } catch(...) {}
196 }
197 }
198
199 return std::nullopt;
200}
201
202std::vector<Session_with_Handle> Session_Manager_SQL::find_some(const Server_Information& info,
203 const size_t max_sessions_hint) {
204 std::optional<lock_guard_type<recursive_mutex_type>> lk;
206 lk.emplace(mutex());
207 }
208
209 auto stmt = m_db->new_statement(
210 "SELECT session_id, session_ticket, session FROM tls_sessions"
211 " WHERE hostname = ?1 AND hostport = ?2"
212 " ORDER BY session_start DESC"
213 " LIMIT ?3");
214
215 stmt->bind(1, info.hostname());
216 stmt->bind(2, info.port());
217 stmt->bind(3, max_sessions_hint);
218
219 std::vector<Session_with_Handle> found_sessions;
220 while(stmt->step()) {
221 auto handle = [&]() -> Session_Handle {
222 auto ticket_blob = stmt->get_blob(1);
223 if(ticket_blob.second > 0) {
224 return Session_Ticket(std::span(ticket_blob.first, ticket_blob.second));
225 } else {
226 return Session_ID(Botan::hex_decode(stmt->get_str(0)));
227 }
228 }();
229
230 std::pair<const uint8_t*, size_t> blob = stmt->get_blob(2);
231
232 try {
233 found_sessions.emplace_back(
234 Session_with_Handle{Session::decrypt(blob.first, blob.second, m_session_key), std::move(handle)});
235 } catch(...) {}
236 }
237
238 return found_sessions;
239}
240
242 // The number of deleted rows is taken globally from the database connection,
243 // therefore we need to serialize this implementation.
245
246 if(const auto id = handle.id()) {
247 auto stmt = m_db->new_statement("DELETE FROM tls_sessions WHERE session_id = ?1");
248 stmt->bind(1, hex_encode(id->get()));
249 stmt->spin();
250 } else if(const auto ticket = handle.ticket()) {
251 auto stmt = m_db->new_statement("DELETE FROM tls_sessions WHERE session_ticket = ?1");
252 stmt->bind(1, ticket->get());
253 stmt->spin();
254 } else {
255 // should not happen, as session handles are exclusively either an ID or a ticket
256 throw Invalid_Argument("provided a session handle that is neither ID nor ticket");
257 }
258
259 return m_db->rows_changed_by_last_statement();
260}
261
263 // The number of deleted rows is taken globally from the database connection,
264 // therefore we need to serialize this implementation.
266
267 m_db->exec("DELETE FROM tls_sessions");
268 return m_db->rows_changed_by_last_statement();
269}
270
271void Session_Manager_SQL::prune_session_cache() {
272 // internal API: assuming that the lock is held already if needed
273
274 if(m_max_sessions == 0) {
275 return;
276 }
277
278 auto remove_oldest = m_db->new_statement(
279 "DELETE FROM tls_sessions WHERE session_id NOT IN "
280 "(SELECT session_id FROM tls_sessions ORDER BY session_start DESC LIMIT ?1)");
281 remove_oldest->bind(1, m_max_sessions);
282 remove_oldest->spin();
283}
284
285} // namespace Botan::TLS
static std::unique_ptr< PasswordHashFamily > create_or_throw(std::string_view algo_spec, std::string_view provider="")
Definition pwdhash.cpp:109
std::chrono::system_clock::time_point start_time() const
const Server_Information & server_info() const
Helper class to embody a session handle in all protocol versions.
Definition tls_session.h:64
std::optional< Session_Ticket > ticket() const
std::optional< Session_ID > id() const
Session_Manager_SQL(std::shared_ptr< SQL_Database > db, std::string_view passphrase, const std::shared_ptr< RandomNumberGenerator > &rng, size_t max_sessions=1000)
void store(const Session &session, const Session_Handle &handle) override
Save a Session under a Session_Handle (TLS Client)
size_t remove(const Session_Handle &handle) override
std::vector< Session_with_Handle > find_some(const Server_Information &info, size_t max_sessions_hint) override
Internal retrieval function to find sessions to resume.
std::optional< Session > retrieve_one(const Session_Handle &handle) override
Internal retrieval function for a single session.
recursive_mutex_type & mutex()
std::shared_ptr< RandomNumberGenerator > m_rng
std::vector< uint8_t > encrypt(const SymmetricKey &key, RandomNumberGenerator &rng) const
static Session decrypt(const uint8_t ctext[], size_t ctext_size, const SymmetricKey &key)
Strong< std::vector< uint8_t >, struct Session_ID_ > Session_ID
holds a TLS 1.2 session ID for stateful resumption
Definition tls_session.h:32
Strong< std::vector< uint8_t >, struct Session_Ticket_ > Session_Ticket
holds a TLS 1.2 session ticket for stateless resumption
Definition tls_session.h:35
OctetString SymmetricKey
Definition symkey.h:140
void hex_encode(char output[], const uint8_t input[], size_t input_length, bool uppercase)
Definition hex.cpp:33
size_t hex_decode(uint8_t output[], const char input[], size_t input_length, size_t &input_consumed, bool ignore_ws)
Definition hex.cpp:81
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61
constexpr uint16_t make_uint16(uint8_t i0, uint8_t i1)
Definition loadstor.h:88