Botan  2.1.0
Crypto and TLS for C++11
tls_record.h
Go to the documentation of this file.
1 /*
2 * TLS Record Handling
3 * (C) 2004-2012 Jack Lloyd
4 * 2016 Matthias Gierlings
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #ifndef BOTAN_TLS_RECORDS_H__
10 #define BOTAN_TLS_RECORDS_H__
11 
12 #include <botan/tls_magic.h>
13 #include <botan/tls_version.h>
14 #include <botan/aead.h>
15 #include <botan/block_cipher.h>
16 #include <botan/mac.h>
17 #include <vector>
18 #include <chrono>
19 
20 namespace Botan {
21 
22 namespace TLS {
23 
24 class Ciphersuite;
25 class Session_Keys;
26 
27 class Connection_Sequence_Numbers;
28 
29 /**
30 * TLS Cipher State
31 */
33  {
34  public:
35  /**
36  * Initialize a new cipher state
37  */
39  Connection_Side which_side,
40  bool is_our_side,
41  const Ciphersuite& suite,
42  const Session_Keys& keys,
43  bool uses_encrypt_then_mac);
44 
45  AEAD_Mode* aead() { return m_aead.get(); }
46 
47  std::vector<uint8_t> aead_nonce(uint64_t seq, RandomNumberGenerator& rng);
48 
49  std::vector<uint8_t> aead_nonce(const uint8_t record[], size_t record_len, uint64_t seq);
50 
51  std::vector<uint8_t> format_ad(uint64_t seq, uint8_t type,
52  Protocol_Version version,
53  uint16_t ptext_length);
54 
55  size_t nonce_bytes_from_handshake() const { return m_nonce_bytes_from_handshake; }
56  size_t nonce_bytes_from_record() const { return m_nonce_bytes_from_record; }
57  bool cbc_nonce() const { return m_cbc_nonce; }
58 
59  std::chrono::seconds age() const
60  {
61  return std::chrono::duration_cast<std::chrono::seconds>(
62  std::chrono::system_clock::now() - m_start_time);
63  }
64 
65  private:
66  std::chrono::system_clock::time_point m_start_time;
67  std::unique_ptr<AEAD_Mode> m_aead;
68 
69  std::vector<uint8_t> m_nonce;
70  size_t m_nonce_bytes_from_handshake;
71  size_t m_nonce_bytes_from_record;
72  bool m_cbc_nonce;
73  };
74 
75 class Record
76  {
77  public:
79  uint64_t* sequence,
80  Protocol_Version* protocol_version,
82  : m_data(data), m_sequence(sequence), m_protocol_version(protocol_version),
83  m_type(type), m_size(data.size()) {}
84 
85  secure_vector<uint8_t>& get_data() { return m_data; }
86 
87  Protocol_Version* get_protocol_version() { return m_protocol_version; }
88 
89  uint64_t* get_sequence() { return m_sequence; }
90 
91  Record_Type* get_type() { return m_type; }
92 
93  size_t& get_size() { return m_size; }
94 
95  private:
96  secure_vector<uint8_t>& m_data;
97  uint64_t* m_sequence;
98  Protocol_Version* m_protocol_version;
99  Record_Type* m_type;
100  size_t m_size;
101  };
102 
104  {
105  public:
106  Record_Message(const uint8_t* data, size_t size)
107  : m_type(0), m_sequence(0), m_data(data), m_size(size) {}
108  Record_Message(uint8_t type, uint64_t sequence, const uint8_t* data, size_t size)
109  : m_type(type), m_sequence(sequence), m_data(data),
110  m_size(size) {}
111 
112  uint8_t& get_type() { return m_type; }
113  uint64_t& get_sequence() { return m_sequence; }
114  const uint8_t* get_data() { return m_data; }
115  size_t& get_size() { return m_size; }
116 
117  private:
118  uint8_t m_type;
119  uint64_t m_sequence;
120  const uint8_t* m_data;
121  size_t m_size;
122 };
123 
125  {
126  public:
127  Record_Raw_Input(const uint8_t* data, size_t size, size_t& consumed,
128  bool is_datagram)
129  : m_data(data), m_size(size), m_consumed(consumed),
130  m_is_datagram(is_datagram) {}
131 
132  const uint8_t*& get_data() { return m_data; }
133 
134  size_t& get_size() { return m_size; }
135 
136  size_t& get_consumed() { return m_consumed; }
137  void set_consumed(size_t consumed) { m_consumed = consumed; }
138 
139  bool is_datagram() { return m_is_datagram; }
140 
141  private:
142  const uint8_t* m_data;
143  size_t m_size;
144  size_t& m_consumed;
145  bool m_is_datagram;
146  };
147 
148 
149 /**
150 * Create a TLS record
151 * @param write_buffer the output record is placed here
152 * @param rec_msg is the plaintext message
153 * @param version is the protocol version
154 * @param msg_sequence is the sequence number
155 * @param cipherstate is the writing cipher state
156 * @param rng is a random number generator
157 */
158 void write_record(secure_vector<uint8_t>& write_buffer,
159  Record_Message rec_msg,
160  Protocol_Version version,
161  uint64_t msg_sequence,
162  Connection_Cipher_State* cipherstate,
163  RandomNumberGenerator& rng);
164 
165 // epoch -> cipher state
166 typedef std::function<std::shared_ptr<Connection_Cipher_State> (uint16_t)> get_cipherstate_fn;
167 
168 /**
169 * Decode a TLS record
170 * @return zero if full message, else number of bytes still needed
171 */
172 size_t read_record(secure_vector<uint8_t>& read_buffer,
173  Record_Raw_Input& raw_input,
174  Record& rec,
175  Connection_Sequence_Numbers* sequence_numbers,
176  get_cipherstate_fn get_cipherstate);
177 
178 }
179 
180 }
181 
182 #endif
Record_Message(uint8_t type, uint64_t sequence, const uint8_t *data, size_t size)
Definition: tls_record.h:108
uint64_t * get_sequence()
Definition: tls_record.h:89
std::vector< uint8_t > aead_nonce(uint64_t seq, RandomNumberGenerator &rng)
Definition: tls_record.cpp:112
const uint8_t * get_data()
Definition: tls_record.h:114
size_t nonce_bytes_from_record() const
Definition: tls_record.h:56
std::function< std::shared_ptr< Connection_Cipher_State >uint16_t)> get_cipherstate_fn
Definition: tls_record.h:166
size_t read_record(secure_vector< uint8_t > &readbuf, Record_Raw_Input &raw_input, Record &rec, Connection_Sequence_Numbers *sequence_numbers, get_cipherstate_fn get_cipherstate)
Definition: tls_record.cpp:494
Connection_Cipher_State(Protocol_Version version, Connection_Side which_side, bool is_our_side, const Ciphersuite &suite, const Session_Keys &keys, bool uses_encrypt_then_mac)
Definition: tls_record.cpp:28
MechanismType type
Record_Message(const uint8_t *data, size_t size)
Definition: tls_record.h:106
secure_vector< uint8_t > & get_data()
Definition: tls_record.h:85
std::vector< T, secure_allocator< T >> secure_vector
Definition: secmem.h:121
std::vector< uint8_t > format_ad(uint64_t seq, uint8_t type, Protocol_Version version, uint16_t ptext_length)
Definition: tls_record.cpp:184
Record_Raw_Input(const uint8_t *data, size_t size, size_t &consumed, bool is_datagram)
Definition: tls_record.h:127
Definition: alg_id.cpp:13
void set_consumed(size_t consumed)
Definition: tls_record.h:137
Record(secure_vector< uint8_t > &data, uint64_t *sequence, Protocol_Version *protocol_version, Record_Type *type)
Definition: tls_record.h:78
size_t nonce_bytes_from_handshake() const
Definition: tls_record.h:55
Record_Type * get_type()
Definition: tls_record.h:91
void write_record(secure_vector< uint8_t > &output, Record_Message msg, Protocol_Version version, uint64_t seq, Connection_Cipher_State *cs, RandomNumberGenerator &rng)
Definition: tls_record.cpp:213
Protocol_Version * get_protocol_version()
Definition: tls_record.h:87
std::chrono::seconds age() const
Definition: tls_record.h:59
size_t & get_size()
Definition: tls_record.h:93
const uint8_t *& get_data()
Definition: tls_record.h:132