proxygen
Public Member Functions | Private Member Functions | Private Attributes | List of all members
fizz::EncryptedReadRecordLayer Class Reference

#include <EncryptedRecordLayer.h>

Inheritance diagram for fizz::EncryptedReadRecordLayer:
fizz::ReadRecordLayer fizz::MockEncryptedReadRecordLayer

Public Member Functions

 ~EncryptedReadRecordLayer () override=default
 
 EncryptedReadRecordLayer (EncryptionLevel encryptionLevel)
 
folly::Optional< TLSMessageread (folly::IOBufQueue &buf) override
 
virtual void setAead (folly::ByteRange, std::unique_ptr< Aead > aead)
 
virtual void setSkipFailedDecryption (bool enabled)
 
void setProtocolVersion (ProtocolVersion version)
 
EncryptionLevel getEncryptionLevel () const override
 
- Public Member Functions inherited from fizz::ReadRecordLayer
virtual ~ReadRecordLayer ()=default
 
virtual folly::Optional< ParamreadEvent (folly::IOBufQueue &socketBuf)
 
virtual bool hasUnparsedHandshakeData () const
 

Private Member Functions

folly::Optional< BufgetDecryptedBuf (folly::IOBufQueue &buf)
 

Private Attributes

EncryptionLevel encryptionLevel_
 
std::unique_ptr< Aeadaead_
 
bool skipFailedDecryption_ {false}
 
bool useAdditionalData_ {true}
 
uint64_t seqNum_ {0}
 

Additional Inherited Members

- Static Public Member Functions inherited from fizz::ReadRecordLayer
static folly::Optional< ParamdecodeHandshakeMessage (folly::IOBufQueue &buf)
 

Detailed Description

Definition at line 20 of file EncryptedRecordLayer.h.

Constructor & Destructor Documentation

fizz::EncryptedReadRecordLayer::~EncryptedReadRecordLayer ( )
overridedefault
fizz::EncryptedReadRecordLayer::EncryptedReadRecordLayer ( EncryptionLevel  encryptionLevel)
explicit

Definition at line 21 of file EncryptedRecordLayer.cpp.

23  : encryptionLevel_(encryptionLevel) {}

Member Function Documentation

folly::Optional< Buf > fizz::EncryptedReadRecordLayer::getDecryptedBuf ( folly::IOBufQueue buf)
private

Definition at line 25 of file EncryptedRecordLayer.cpp.

References aead_, fizz::alert, folly::IOBufQueue::chainLength(), fizz::change_cipher_spec, folly::IOBuf::coalesce(), folly::IOBuf::data(), folly::IOBufQueue::empty(), folly::IOBufQueue::front(), fizz::illegal_parameter, folly::IOBuf::length(), max, folly::gen::move, folly::none, folly::io::detail::CursorBase< Derived, BufType >::pull(), folly::range(), seqNum_, skipFailedDecryption_, fizz::toString(), folly::IOBufQueue::trimStart(), uint16_t, useAdditionalData_, and folly::IOBuf::wrapBufferAsValue().

Referenced by read(), and setProtocolVersion().

26  {
27  while (true) {
28  folly::io::Cursor cursor(buf.front());
29 
30  if (buf.empty() || !cursor.canAdvance(kEncryptedHeaderSize)) {
31  return folly::none;
32  }
33 
34  std::array<uint8_t, kEncryptedHeaderSize> ad;
35  folly::io::Cursor adCursor(cursor);
36  adCursor.pull(ad.data(), ad.size());
37  folly::IOBuf adBuf{folly::IOBuf::wrapBufferAsValue(folly::range(ad))};
38 
39  auto contentType =
40  static_cast<ContentType>(cursor.readBE<ContentTypeType>());
41  cursor.skip(sizeof(ProtocolVersion));
42 
43  auto length = cursor.readBE<uint16_t>();
44  if (length == 0) {
45  throw std::runtime_error("received 0 length encrypted record");
46  }
47  if (length > kMaxEncryptedRecordSize) {
48  throw std::runtime_error("received too long encrypted record");
49  }
50  if (buf.chainLength() < (cursor - buf.front()) + length) {
51  return folly::none;
52  }
53 
54  if (contentType == ContentType::alert && length == 2) {
55  auto alert = decode<Alert>(cursor);
56  throw std::runtime_error(folly::to<std::string>(
57  "received plaintext alert in encrypted record: ",
58  toString(alert.description)));
59  }
60 
61  std::unique_ptr<folly::IOBuf> encrypted;
62  cursor.clone(encrypted, length);
63  buf.trimStart(cursor - buf.front());
64 
65  if (contentType == ContentType::change_cipher_spec) {
66  encrypted->coalesce();
67  if (encrypted->length() == 1 && *encrypted->data() == 0x01) {
68  continue;
69  } else {
70  throw FizzException(
71  "received ccs", AlertDescription::illegal_parameter);
72  }
73  }
74 
75  TLSMessage msg;
76  if (seqNum_ == std::numeric_limits<uint64_t>::max()) {
77  throw std::runtime_error("max read seq num");
78  }
79  if (skipFailedDecryption_) {
80  auto decryptAttempt = aead_->tryDecrypt(
81  std::move(encrypted), useAdditionalData_ ? &adBuf : nullptr, seqNum_);
82  if (decryptAttempt) {
83  seqNum_++;
84  skipFailedDecryption_ = false;
85  return decryptAttempt;
86  } else {
87  continue;
88  }
89  } else {
90  return aead_->decrypt(
91  std::move(encrypted),
92  useAdditionalData_ ? &adBuf : nullptr,
93  seqNum_++);
94  }
95  }
96 }
folly::IOBufQueue::front
const folly::IOBuf * front() const
Definition: IOBufQueue.h:476
fizz::toString
folly::StringPiece toString(StateEnum state)
Definition: State.cpp:16
folly::IOBufQueue::chainLength
size_t chainLength() const
Definition: IOBufQueue.h:492
max
LogLevel max
Definition: LogLevel.cpp:31
folly::IOBuf::coalesce
ByteRange coalesce()
Definition: IOBuf.h:1095
fizz::kMaxEncryptedRecordSize
static constexpr uint16_t kMaxEncryptedRecordSize
Definition: EncryptedRecordLayer.cpp:17
folly::IOBufQueue::empty
bool empty() const
Definition: IOBufQueue.h:503
folly::gen::move
constexpr detail::Map< Move > move
Definition: Base-inl.h:2567
folly::IOBuf::data
const uint8_t * data() const
Definition: IOBuf.h:499
fizz::ProtocolVersion
ProtocolVersion
Definition: Types.h:24
folly::IOBuf::length
std::size_t length() const
Definition: IOBuf.h:533
folly::range
constexpr Range< Iter > range(Iter first, Iter last)
Definition: Range.h:1114
fizz::kEncryptedHeaderSize
static constexpr size_t kEncryptedHeaderSize
Definition: EncryptedRecordLayer.cpp:18
folly::IOBuf::wrapBufferAsValue
static IOBuf wrapBufferAsValue(const void *buf, std::size_t capacity) noexcept
Definition: IOBuf.cpp:357
folly::IOBufQueue::trimStart
void trimStart(size_t amount)
Definition: IOBufQueue.cpp:255
fizz::ContentTypeType
typename std::underlying_type< ContentType >::type ContentTypeType
Definition: EncryptedRecordLayer.cpp:13
fizz::ContentType
ContentType
Definition: Types.h:46
folly::none
constexpr None none
Definition: Optional.h:87
EncryptionLevel fizz::EncryptedReadRecordLayer::getEncryptionLevel ( ) const
overridevirtual

Returns the current encryption level of the data that the read record layer can process.

Implements fizz::ReadRecordLayer.

Definition at line 139 of file EncryptedRecordLayer.cpp.

References encryptionLevel_.

Referenced by fizz::EncryptedWriteRecordLayer::setMinDesiredRecord(), and setProtocolVersion().

139  {
140  return encryptionLevel_;
141 }
folly::Optional< TLSMessage > fizz::EncryptedReadRecordLayer::read ( folly::IOBufQueue buf)
overridevirtual

Reads a fragment from the record layer. Returns an empty optional if insuficient data available. Throws if data malformed. On success, advances buf the amount read.

Implements fizz::ReadRecordLayer.

Definition at line 98 of file EncryptedRecordLayer.cpp.

References folly::io::detail::CursorBase< Derived, BufType >::advanceToEnd(), fizz::alert, folly::IOBufQueue::append(), fizz::application_data, folly::IOBuf::create(), data, fizz::TLSMessage::fragment, folly::IOBufQueue::front(), getDecryptedBuf(), fizz::handshake, folly::IOBufQueue::move(), folly::gen::move, folly::none, folly::IOBufQueue::trimEnd(), and fizz::TLSMessage::type.

99  {
100  auto decryptedBuf = getDecryptedBuf(buf);
101  if (!decryptedBuf) {
102  return folly::none;
103  }
104 
105  folly::IOBufQueue decrypted;
106  decrypted.append(std::move(*decryptedBuf));
107 
108  folly::io::Cursor paddingCursor(decrypted.front());
109  paddingCursor.advanceToEnd();
110  while (!*(paddingCursor -= 1).data()) {
111  }
112  TLSMessage msg;
113  msg.type = static_cast<ContentType>(paddingCursor.readBE<ContentTypeType>());
114  decrypted.trimEnd(paddingCursor.totalLength() + sizeof(ContentType));
115  msg.fragment = decrypted.move();
116 
117  switch (msg.type) {
118  case ContentType::handshake:
119  case ContentType::alert:
120  case ContentType::application_data:
121  break;
122  default:
123  throw std::runtime_error(folly::to<std::string>(
124  "received encrypted content type ",
125  static_cast<ContentTypeType>(msg.type)));
126  }
127 
128  if (!msg.fragment) {
129  if (msg.type == ContentType::application_data) {
130  msg.fragment = folly::IOBuf::create(0);
131  } else {
132  throw std::runtime_error("received empty fragment");
133  }
134  }
135 
136  return std::move(msg);
137 }
folly::IOBufQueue::front
const folly::IOBuf * front() const
Definition: IOBufQueue.h:476
folly::IOBufQueue::append
void append(std::unique_ptr< folly::IOBuf > &&buf, bool pack=false)
Definition: IOBufQueue.cpp:143
folly::IOBuf::create
static std::unique_ptr< IOBuf > create(std::size_t capacity)
Definition: IOBuf.cpp:229
fizz::EncryptedReadRecordLayer::getDecryptedBuf
folly::Optional< Buf > getDecryptedBuf(folly::IOBufQueue &buf)
Definition: EncryptedRecordLayer.cpp:25
folly::gen::move
constexpr detail::Map< Move > move
Definition: Base-inl.h:2567
folly::IOBufQueue::move
std::unique_ptr< folly::IOBuf > move()
Definition: IOBufQueue.h:459
fizz::ContentTypeType
typename std::underlying_type< ContentType >::type ContentTypeType
Definition: EncryptedRecordLayer.cpp:13
folly::IOBufQueue::trimEnd
void trimEnd(size_t amount)
Definition: IOBufQueue.cpp:283
data
static constexpr uint64_t data[1]
Definition: Fingerprint.cpp:43
fizz::ContentType
ContentType
Definition: Types.h:46
folly::none
constexpr None none
Definition: Optional.h:87
virtual void fizz::EncryptedReadRecordLayer::setAead ( folly::ByteRange  ,
std::unique_ptr< Aead aead 
)
inlinevirtual

Reimplemented in fizz::MockEncryptedReadRecordLayer.

Definition at line 28 of file EncryptedRecordLayer.h.

References aead_, folly::gen::move, and seqNum_.

30  {
31  if (seqNum_ != 0) {
32  throw std::runtime_error("aead set after read");
33  }
34  aead_ = std::move(aead);
35  }
folly::gen::move
constexpr detail::Map< Move > move
Definition: Base-inl.h:2567
void fizz::EncryptedReadRecordLayer::setProtocolVersion ( ProtocolVersion  version)
inline

Definition at line 41 of file EncryptedRecordLayer.h.

References getDecryptedBuf(), getEncryptionLevel(), fizz::getRealDraftVersion(), fizz::tls_1_3_20, fizz::tls_1_3_21, fizz::tls_1_3_22, fizz::tls_1_3_23, and useAdditionalData_.

41  {
42  auto realVersion = getRealDraftVersion(version);
43  if (realVersion == ProtocolVersion::tls_1_3_23 ||
44  realVersion == ProtocolVersion::tls_1_3_22 ||
45  realVersion == ProtocolVersion::tls_1_3_21 ||
46  realVersion == ProtocolVersion::tls_1_3_20) {
47  useAdditionalData_ = false;
48  } else {
49  useAdditionalData_ = true;
50  }
51  }
version
ProtocolVersion version
Definition: ClientProtocol.cpp:1005
fizz::getRealDraftVersion
ProtocolVersion getRealDraftVersion(ProtocolVersion version)
Definition: Types.cpp:16
virtual void fizz::EncryptedReadRecordLayer::setSkipFailedDecryption ( bool  enabled)
inlinevirtual

Definition at line 37 of file EncryptedRecordLayer.h.

References skipFailedDecryption_.

37  {
38  skipFailedDecryption_ = enabled;
39  }

Member Data Documentation

std::unique_ptr<Aead> fizz::EncryptedReadRecordLayer::aead_
private

Definition at line 59 of file EncryptedRecordLayer.h.

Referenced by getDecryptedBuf(), setAead(), and fizz::EncryptedWriteRecordLayer::setAead().

EncryptionLevel fizz::EncryptedReadRecordLayer::encryptionLevel_
private

Definition at line 58 of file EncryptedRecordLayer.h.

Referenced by getEncryptionLevel().

uint64_t fizz::EncryptedReadRecordLayer::seqNum_ {0}
mutableprivate

Definition at line 64 of file EncryptedRecordLayer.h.

Referenced by getDecryptedBuf(), setAead(), and fizz::EncryptedWriteRecordLayer::setAead().

bool fizz::EncryptedReadRecordLayer::skipFailedDecryption_ {false}
private

Definition at line 60 of file EncryptedRecordLayer.h.

Referenced by getDecryptedBuf(), and setSkipFailedDecryption().

bool fizz::EncryptedReadRecordLayer::useAdditionalData_ {true}
private

Definition at line 62 of file EncryptedRecordLayer.h.

Referenced by getDecryptedBuf(), and setProtocolVersion().

The documentation for this class was generated from the following files: