proxygen
KeyScheduler.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2018-present, Facebook, Inc.
3  * All rights reserved.
4  *
5  * This source code is licensed under the BSD-style license found in the
6  * LICENSE file in the root directory of this source tree.
7  */
8 
9 #pragma once
10 
11 #include <fizz/crypto/KeyDerivation.h>
12 #include <fizz/crypto/aead/Aead.h>
13 #include <folly/Optional.h>
14 
15 namespace fizz {
16 
17 enum class EarlySecrets {
18  ExternalPskBinder,
19  ResumptionPskBinder,
20  ClientEarlyTraffic,
21  EarlyExporter
22 };
23 
24 enum class HandshakeSecrets { ClientHandshakeTraffic, ServerHandshakeTraffic };
25 
26 enum class MasterSecrets { ExporterMaster, ResumptionMaster };
27 
28 enum class AppTrafficSecrets { ClientAppTraffic, ServerAppTraffic };
29 
33 class KeyScheduler {
34  public:
35  explicit KeyScheduler(std::unique_ptr<KeyDerivation> deriver)
36  : deriver_(std::move(deriver)) {}
37  virtual ~KeyScheduler() = default;
38 
42  virtual void deriveEarlySecret(folly::ByteRange psk);
43 
47  virtual void deriveHandshakeSecret();
48 
53  virtual void deriveHandshakeSecret(folly::ByteRange ecdhe);
54 
58  virtual void deriveMasterSecret();
59 
64  virtual void deriveAppTrafficSecrets(folly::ByteRange transcript);
65 
69  virtual void clearMasterSecret();
70 
75  virtual uint32_t clientKeyUpdate();
76 
81  virtual uint32_t serverKeyUpdate();
82 
86  virtual std::vector<uint8_t> getSecret(
87  EarlySecrets s,
88  folly::ByteRange transcript) const;
89  virtual std::vector<uint8_t> getSecret(
90  HandshakeSecrets s,
91  folly::ByteRange transcript) const;
92  virtual std::vector<uint8_t> getSecret(
93  MasterSecrets s,
94  folly::ByteRange transcript) const;
95  virtual std::vector<uint8_t> getSecret(AppTrafficSecrets s) const;
96 
100  virtual TrafficKey getTrafficKey(
101  folly::ByteRange trafficSecret,
102  size_t keyLength,
103  size_t ivLength) const;
104 
109  virtual Buf getResumptionSecret(
110  folly::ByteRange resumptionMasterSecret,
111  folly::ByteRange ticketNonce) const;
112 
113  private:
114  struct EarlySecret {
115  std::vector<uint8_t> secret;
116  };
117  struct HandshakeSecret {
118  std::vector<uint8_t> secret;
119  };
120  struct MasterSecret {
121  std::vector<uint8_t> secret;
122  };
123  struct AppTrafficSecret {
124  std::vector<uint8_t> client;
125  uint32_t clientGeneration{0};
126  std::vector<uint8_t> server;
127  uint32_t serverGeneration{0};
128  };
129 
130  folly::Optional<boost::variant<EarlySecret, HandshakeSecret, MasterSecret>>
131  secret_;
132  folly::Optional<AppTrafficSecret> appTrafficSecret_;
133 
134  std::unique_ptr<KeyDerivation> deriver_;
135 };
136 } // namespace fizz
fizz::AppTrafficSecrets
AppTrafficSecrets
Definition: KeyScheduler.h:28
fizz::KeyScheduler::secret_
folly::Optional< boost::variant< EarlySecret, HandshakeSecret, MasterSecret > > secret_
Definition: KeyScheduler.h:131
fizz::KeyScheduler::appTrafficSecret_
folly::Optional< AppTrafficSecret > appTrafficSecret_
Definition: KeyScheduler.h:132
fizz::KeyScheduler::KeyScheduler
KeyScheduler(std::unique_ptr< KeyDerivation > deriver)
Definition: KeyScheduler.h:35
folly::gen::move
constexpr detail::Map< Move > move
Definition: Base-inl.h:2567
std
STL namespace.
fizz::KeyScheduler::deriver_
std::unique_ptr< KeyDerivation > deriver_
Definition: KeyScheduler.h:134
fizz::EarlySecrets
EarlySecrets
Definition: KeyScheduler.h:17
fizz::MasterSecrets
MasterSecrets
Definition: KeyScheduler.h:26
fizz::KeyScheduler::EarlySecret::secret
std::vector< uint8_t > secret
Definition: KeyScheduler.h:115
fizz
Definition: Actions.h:16
fizz::HandshakeSecrets
HandshakeSecrets
Definition: KeyScheduler.h:24
fizz::Buf
std::unique_ptr< folly::IOBuf > Buf
Definition: Types.h:22
s
static set< string > s
Definition: StringKeyedBenchmark.cpp:48
fizz::KeyScheduler::HandshakeSecret::secret
std::vector< uint8_t > secret
Definition: KeyScheduler.h:118
fizz::KeyScheduler::MasterSecret::secret
std::vector< uint8_t > secret
Definition: KeyScheduler.h:121