proxygen
Public Member Functions | Private Member Functions | Private Attributes | List of all members
fizz::EncryptedWriteRecordLayer Class Reference

#include <EncryptedRecordLayer.h>

Inheritance diagram for fizz::EncryptedWriteRecordLayer:
fizz::WriteRecordLayer fizz::MockEncryptedWriteRecordLayer

Public Member Functions

 ~EncryptedWriteRecordLayer () override=default
 
 EncryptedWriteRecordLayer (EncryptionLevel encryptionLevel)
 
TLSContent write (TLSMessage &&msg) const override
 
virtual void setAead (folly::ByteRange, std::unique_ptr< Aead > aead)
 
void setMaxRecord (uint16_t size)
 
void setMinDesiredRecord (uint16_t size)
 
EncryptionLevel getEncryptionLevel () const override
 
- Public Member Functions inherited from fizz::WriteRecordLayer
virtual ~WriteRecordLayer ()=default
 
TLSContent writeAlert (Alert &&alert) const
 
TLSContent writeAppData (std::unique_ptr< folly::IOBuf > &&appData) const
 
template<typename... Args>
TLSContent writeHandshake (Buf &&encodedHandshakeMsg, Args &&...args) const
 
void setProtocolVersion (ProtocolVersion version) const
 

Private Member Functions

Buf getBufToEncrypt (folly::IOBufQueue &queue) const
 

Private Attributes

std::unique_ptr< Aeadaead_
 
uint16_t maxRecord_ {kMaxPlaintextRecordSize}
 
uint16_t desiredMinRecord_ {kMinSuggestedRecordSize}
 
uint64_t seqNum_ {0}
 
EncryptionLevel encryptionLevel_
 

Additional Inherited Members

- Protected Attributes inherited from fizz::WriteRecordLayer
ProtocolVersion recordVersion_ {ProtocolVersion::tls_1_2}
 
bool useAdditionalData_ {true}
 

Detailed Description

Definition at line 67 of file EncryptedRecordLayer.h.

Constructor & Destructor Documentation

fizz::EncryptedWriteRecordLayer::~EncryptedWriteRecordLayer ( )
overridedefault
fizz::EncryptedWriteRecordLayer::EncryptedWriteRecordLayer ( EncryptionLevel  encryptionLevel)
explicit

Definition at line 143 of file EncryptedRecordLayer.cpp.

145  : encryptionLevel_(encryptionLevel) {}

Member Function Documentation

Buf fizz::EncryptedWriteRecordLayer::getBufToEncrypt ( folly::IOBufQueue queue) const
private

Definition at line 222 of file EncryptedRecordLayer.cpp.

References desiredMinRecord_, folly::IOBufQueue::front(), folly::IOBuf::length(), maxRecord_, folly::IOBufQueue::pop_front(), and folly::IOBufQueue::splitAtMost().

Referenced by write().

222  {
223  if (queue.front()->length() > maxRecord_) {
224  return queue.splitAtMost(maxRecord_);
225  } else if (queue.front()->length() >= desiredMinRecord_) {
226  return queue.pop_front();
227  } else {
228  return queue.splitAtMost(desiredMinRecord_);
229  }
230 }
folly::IOBufQueue::front
const folly::IOBuf * front() const
Definition: IOBufQueue.h:476
folly::IOBufQueue::splitAtMost
std::unique_ptr< folly::IOBuf > splitAtMost(size_t n)
Definition: IOBufQueue.h:428
folly::IOBuf::length
std::size_t length() const
Definition: IOBuf.h:533
folly::IOBufQueue::pop_front
std::unique_ptr< folly::IOBuf > pop_front()
Definition: IOBufQueue.cpp:316
EncryptionLevel fizz::EncryptedWriteRecordLayer::getEncryptionLevel ( ) const
overridevirtual

Returns the current encryption level of the data that the write record layer writes at.

Implements fizz::WriteRecordLayer.

Definition at line 232 of file EncryptedRecordLayer.cpp.

References encryptionLevel_.

232  {
233  return encryptionLevel_;
234 }
virtual void fizz::EncryptedWriteRecordLayer::setAead ( folly::ByteRange  ,
std::unique_ptr< Aead aead 
)
inlinevirtual

Reimplemented in fizz::MockEncryptedWriteRecordLayer.

Definition at line 75 of file EncryptedRecordLayer.h.

References fizz::EncryptedReadRecordLayer::aead_, folly::gen::move, and fizz::EncryptedReadRecordLayer::seqNum_.

77  {
78  if (seqNum_ != 0) {
79  throw std::runtime_error("aead set after write");
80  }
81  aead_ = std::move(aead);
82  }
folly::gen::move
constexpr detail::Map< Move > move
Definition: Base-inl.h:2567
void fizz::EncryptedWriteRecordLayer::setMaxRecord ( uint16_t  size)
inline

Definition at line 84 of file EncryptedRecordLayer.h.

References folly::size().

84  {
85  CHECK_GT(size, 0);
86  DCHECK_LE(size, kMaxPlaintextRecordSize);
87  maxRecord_ = size;
88  }
folly::size
constexpr auto size(C const &c) -> decltype(c.size())
Definition: Access.h:45
fizz::kMaxPlaintextRecordSize
constexpr uint16_t kMaxPlaintextRecordSize
Definition: EncryptedRecordLayer.h:17
void fizz::EncryptedWriteRecordLayer::setMinDesiredRecord ( uint16_t  size)
inline

Definition at line 90 of file EncryptedRecordLayer.h.

References fizz::EncryptedReadRecordLayer::getEncryptionLevel(), and folly::size().

90  {
91  CHECK_GT(size, 0);
92  DCHECK_LE(size, kMaxPlaintextRecordSize);
93  desiredMinRecord_ = size;
94  }
folly::size
constexpr auto size(C const &c) -> decltype(c.size())
Definition: Access.h:45
fizz::kMaxPlaintextRecordSize
constexpr uint16_t kMaxPlaintextRecordSize
Definition: EncryptedRecordLayer.h:17
TLSContent fizz::EncryptedWriteRecordLayer::write ( TLSMessage &&  msg) const
overridevirtual

Implements fizz::WriteRecordLayer.

Reimplemented in fizz::MockEncryptedWriteRecordLayer.

Definition at line 147 of file EncryptedRecordLayer.cpp.

References aead_, folly::IOBufQueue::append(), fizz::application_data, fizz::TLSContent::contentType, folly::IOBuf::copyBuffer(), folly::IOBuf::create(), fizz::TLSContent::data, folly::IOBufQueue::empty(), fizz::TLSContent::encryptionLevel, encryptionLevel_, getBufToEncrypt(), fizz::kEncryptedHeaderSize, max, folly::gen::move, folly::IOBuf::prependChain(), folly::range(), fizz::WriteRecordLayer::recordVersion_, seqNum_, uint16_t, fizz::WriteRecordLayer::useAdditionalData_, folly::IOBuf::wrapBufferAsValue(), and folly::io::detail::Writable< Derived >::writeBE().

147  {
148  folly::IOBufQueue queue;
149  queue.append(std::move(msg.fragment));
150  std::unique_ptr<folly::IOBuf> outBuf;
151  std::array<uint8_t, kEncryptedHeaderSize> headerBuf;
152  auto header = folly::IOBuf::wrapBufferAsValue(folly::range(headerBuf));
153  aead_->setEncryptedBufferHeadroom(kEncryptedHeaderSize);
154  while (!queue.empty()) {
155  auto dataBuf = getBufToEncrypt(queue);
156  // Currently we never send padding.
157 
158  // check if we have enough room to add the encrypted footer.
159  if (!dataBuf->isShared() &&
160  dataBuf->prev()->tailroom() >= sizeof(ContentType)) {
161  // extend it and add it
162  folly::io::Appender appender(dataBuf.get(), 0);
163  appender.writeBE(static_cast<ContentTypeType>(msg.type));
164  } else {
165  // not enough or shared - let's add enough for the tag as well
166  auto encryptedFooter = folly::IOBuf::create(
167  sizeof(ContentType) + aead_->getCipherOverhead());
168  folly::io::Appender appender(encryptedFooter.get(), 0);
169  appender.writeBE(static_cast<ContentTypeType>(msg.type));
170  dataBuf->prependChain(std::move(encryptedFooter));
171  }
172 
173  if (seqNum_ == std::numeric_limits<uint64_t>::max()) {
174  throw std::runtime_error("max write seq num");
175  }
176 
177  // we will either be able to memcpy directly into the ciphertext or
178  // need to create a new buf to insert before the ciphertext but we need
179  // it for additional data
180  header.clear();
181  folly::io::Appender appender(&header, 0);
182  appender.writeBE(
183  static_cast<ContentTypeType>(ContentType::application_data));
184  appender.writeBE(static_cast<ProtocolVersionType>(recordVersion_));
185  auto ciphertextLength =
186  dataBuf->computeChainDataLength() + aead_->getCipherOverhead();
187  appender.writeBE<uint16_t>(ciphertextLength);
188 
189  auto cipherText = aead_->encrypt(
190  std::move(dataBuf), useAdditionalData_ ? &header : nullptr, seqNum_++);
191 
192  std::unique_ptr<folly::IOBuf> record;
193  if (!cipherText->isShared() &&
194  cipherText->headroom() >= kEncryptedHeaderSize) {
195  // prepend and then write it in
196  cipherText->prepend(kEncryptedHeaderSize);
197  memcpy(cipherText->writableData(), header.data(), header.length());
198  record = std::move(cipherText);
199  } else {
200  record = folly::IOBuf::copyBuffer(header.data(), header.length());
201  record->prependChain(std::move(cipherText));
202  }
203 
204  if (!outBuf) {
205  outBuf = std::move(record);
206  } else {
207  outBuf->prependChain(std::move(record));
208  }
209  }
210 
211  if (!outBuf) {
212  outBuf = folly::IOBuf::create(0);
213  }
214 
215  TLSContent content;
216  content.data = std::move(outBuf);
217  content.contentType = msg.type;
218  content.encryptionLevel = encryptionLevel_;
219  return content;
220 }
folly::IOBufQueue::append
void append(std::unique_ptr< folly::IOBuf > &&buf, bool pack=false)
Definition: IOBufQueue.cpp:143
folly::IOBuf::create
static std::unique_ptr< IOBuf > create(std::size_t capacity)
Definition: IOBuf.cpp:229
max
LogLevel max
Definition: LogLevel.cpp:31
folly::IOBufQueue::empty
bool empty() const
Definition: IOBufQueue.h:503
folly::gen::move
constexpr detail::Map< Move > move
Definition: Base-inl.h:2567
fizz::WriteRecordLayer::recordVersion_
ProtocolVersion recordVersion_
Definition: RecordLayer.h:106
folly::range
constexpr Range< Iter > range(Iter first, Iter last)
Definition: Range.h:1114
fizz::kEncryptedHeaderSize
static constexpr size_t kEncryptedHeaderSize
Definition: EncryptedRecordLayer.cpp:18
fizz::EncryptedWriteRecordLayer::getBufToEncrypt
Buf getBufToEncrypt(folly::IOBufQueue &queue) const
Definition: EncryptedRecordLayer.cpp:222
folly::IOBuf::wrapBufferAsValue
static IOBuf wrapBufferAsValue(const void *buf, std::size_t capacity) noexcept
Definition: IOBuf.cpp:357
folly::IOBuf::prependChain
void prependChain(std::unique_ptr< IOBuf > &&iobuf)
Definition: IOBuf.cpp:509
folly::IOBuf::copyBuffer
static std::unique_ptr< IOBuf > copyBuffer(const void *buf, std::size_t size, std::size_t headroom=0, std::size_t minTailroom=0)
Definition: IOBuf.h:1587
fizz::ContentType
ContentType
Definition: Types.h:46
folly::io::detail::Writable::writeBE
void writeBE(T value)
Definition: Cursor.h:744

Member Data Documentation

std::unique_ptr<Aead> fizz::EncryptedWriteRecordLayer::aead_
private

Definition at line 101 of file EncryptedRecordLayer.h.

Referenced by write().

uint16_t fizz::EncryptedWriteRecordLayer::desiredMinRecord_ {kMinSuggestedRecordSize}
private

Definition at line 104 of file EncryptedRecordLayer.h.

Referenced by getBufToEncrypt().

EncryptionLevel fizz::EncryptedWriteRecordLayer::encryptionLevel_
private

Definition at line 107 of file EncryptedRecordLayer.h.

Referenced by getEncryptionLevel(), and write().

uint16_t fizz::EncryptedWriteRecordLayer::maxRecord_ {kMaxPlaintextRecordSize}
private

Definition at line 103 of file EncryptedRecordLayer.h.

Referenced by getBufToEncrypt().

uint64_t fizz::EncryptedWriteRecordLayer::seqNum_ {0}
mutableprivate

Definition at line 106 of file EncryptedRecordLayer.h.

Referenced by write().

The documentation for this class was generated from the following files: