proxygen: fizz::ExportedAuthenticator Class Reference

#include <ExportedAuthenticator.h>

Static Public Member Functions
static Buf	getAuthenticatorRequest (Buf certificateRequestContext, std::vector< fizz::Extension > extensions)

static Buf	getAuthenticator (const fizz::AsyncFizzBase &transport, Direction dir, const SelfCert &cert, Buf authenticatorRequest)

static Buf	makeAuthenticator (std::unique_ptr< KeyDerivation > &kderiver, std::vector< SignatureScheme > supportedSchemes, const SelfCert &cert, Buf authenticatorRequest, Buf handshakeContext, Buf finishedMacKey, CertificateVerifyContext context)

static Buf	getAuthenticatorContext (Buf authenticator)

static folly::Optional< std::vector< CertificateEntry > >	validateAuthenticator (const fizz::AsyncFizzBase &transport, Direction dir, Buf authenticatorRequest, Buf authenticator)

static folly::Optional< std::vector< CertificateEntry > >	validate (std::unique_ptr< KeyDerivation > &kderiver, Buf authenticatorRequest, Buf authenticator, Buf handshakeContext, Buf finishedMacKey, CertificateVerifyContext context)

Detailed Description

Public facing interface for Exported Authenticators (draft-ietf-tls-exported-authenticator) which enable application layer protocols to request or export "authenticators" that can convey proof of additionally identities after the TLS session is established.

Definition at line 32 of file ExportedAuthenticator.h.

Member Function Documentation

Buf fizz::ExportedAuthenticator::getAuthenticator	(	const fizz::AsyncFizzBase &	transport,
		Direction	dir,
		const SelfCert &	cert,
		Buf	authenticatorRequest
	)

static

"authenticate" API

Constructs an authenticator in response to the authenticator request given in |authenticatorRequest|, conveying the identity in |cert|.

Definition at line 31 of file ExportedAuthenticator.cpp.

References cipher, fizz::AsyncFizzBase::getCipher(), fizz::AsyncFizzBase::getEkm(), fizz::AsyncFizzBase::getSupportedSigSchemes(), fizz::Factory::makeKeyDeriver(), and folly::gen::move.

Referenced by proxygen::SecondaryAuthManager::getAuthenticator().

                               {
   auto cipher = transport.getCipher();
   auto deriver = Factory().makeKeyDeriver(*cipher);
   auto hashLength = deriver->hashLength();
   auto supportedSchemes = transport.getSupportedSigSchemes();
   Buf handshakeContext;
   Buf finishedMacKey;
   if (dir == Direction::UPSTREAM) {
     handshakeContext = transport.getEkm(
         "EXPORTER-client authenticator handshake context", nullptr, hashLength);
     finishedMacKey = transport.getEkm(
         "EXPORTER-client authenticator finished key", nullptr, hashLength);
   } else {
     handshakeContext = transport.getEkm(
         "EXPORTER-server authenticator handshake context", nullptr, hashLength);
     finishedMacKey = transport.getEkm(
         "EXPORTER-server authenticator finished key", nullptr, hashLength);
   }
   return makeAuthenticator(
       deriver,
       supportedSchemes,
       cert,
       std::move(authenticatorRequest),
       std::move(handshakeContext),
       std::move(finishedMacKey),
       CertificateVerifyContext::Authenticator);
 }

Buf fizz::ExportedAuthenticator::getAuthenticatorContext ( Buf authenticator )

static

"get context" API

Returns the certificate_request_context given an authenticator

Definition at line 63 of file ExportedAuthenticator.cpp.

References folly::IOBufQueue::cacheChainLength(), fizz::ReadRecordLayer::decodeHandshakeMessage(), and folly::gen::move.

Referenced by proxygen::SecondaryAuthManager::verifyContext().

                                                                     {
   folly::IOBufQueue authQueue{folly::IOBufQueue::cacheChainLength()};
   authQueue.append(std::move(authenticator));
   auto param = fizz::ReadRecordLayer::decodeHandshakeMessage(authQueue);
   auto& certMsg = boost::get<CertificateMsg>(*param);
   return std::move(certMsg.certificate_request_context);
 }

Buf fizz::ExportedAuthenticator::getAuthenticatorRequest	(	Buf	certificateRequestContext,
		std::vector< fizz::Extension >	extensions
	)

static

"request" API

Returns an opaque string that should be transmitted by the application over a secure channel to request an authenticator.

|certificateRequestContext| is an arbitrary sequence of bytes that should be used to prevent replays.

Definition at line 16 of file ExportedAuthenticator.cpp.

References fizz::CertificateRequest::certificate_request_context, fizz::encode< CertificateRequest >(), fizz::CertificateRequest::extensions, and folly::gen::move.

Referenced by proxygen::SecondaryAuthManager::createAuthRequest().

                                          {
   if (!certificateRequestContext || certificateRequestContext->empty()) {
     throw FizzException(
         "certificate request context must not be empty",
         AlertDescription::illegal_parameter);
   }
 
   CertificateRequest cr;
   cr.certificate_request_context = std::move(certificateRequestContext);
   cr.extensions = std::move(extensions);
   return encode<CertificateRequest>(std::move(cr));
 }

Buf fizz::ExportedAuthenticator::makeAuthenticator	(	std::unique_ptr< KeyDerivation > &	kderiver,
		std::vector< SignatureScheme >	supportedSchemes,
		const SelfCert &	cert,
		Buf	authenticatorRequest,
		Buf	handshakeContext,
		Buf	finishedMacKey,
		CertificateVerifyContext	context
	)

static

Definition at line 103 of file ExportedAuthenticator.cpp.

References fizz::CertificateVerify::algorithm, fizz::certificate, fizz::detail::computeFinishedTranscript(), fizz::detail::computeTranscript(), fizz::detail::computeTranscriptHash(), fizz::detail::decodeAuthRequest(), fizz::encodeHandshake(), fizz::finished, fizz::SelfCert::getCertMessage(), fizz::detail::getEmptyAuthenticator(), fizz::detail::getFinishedData(), fizz::detail::getSignatureScheme(), folly::gen::move, folly::sig, fizz::SelfCert::sign(), fizz::CertificateVerify::signature, verify(), and fizz::Finished::verify_data.

                                       {
   Buf certificateRequestContext;
   std::vector<fizz::Extension> extensions;
   std::tie(certificateRequestContext, extensions) =
       detail::decodeAuthRequest(authenticatorRequest);
   folly::Optional<SignatureScheme> scheme =
       detail::getSignatureScheme(supportedSchemes, cert, extensions);
   // No proper signature scheme could be selected, return an empty
   // authenticator.
   if (!scheme) {
     auto emptyAuth = detail::getEmptyAuthenticator(
         kderiver,
         std::move(authenticatorRequest),
         std::move(handshakeContext),
         std::move(finishedMacKey));
     return emptyAuth;
   }
   // Compute CertificateMsg.
   CertificateMsg certificate =
       cert.getCertMessage(std::move(certificateRequestContext));
   auto encodedCertMsg = encodeHandshake(std::move(certificate));
   // Compute CertificateVerify.
   auto transcript = detail::computeTranscript(
       handshakeContext, authenticatorRequest, encodedCertMsg);
   auto transcriptHash = detail::computeTranscriptHash(kderiver, transcript);
   auto sig = cert.sign(*scheme, context, transcriptHash->coalesce());
   CertificateVerify verify;
   verify.algorithm = *scheme;
   verify.signature = std::move(sig);
   auto encodedCertificateVerify = encodeHandshake(std::move(verify));
   // Compute Finished.
   auto finishedTranscript =
       detail::computeFinishedTranscript(transcript, encodedCertificateVerify);
   auto finishedTranscriptHash =
       detail::computeTranscriptHash(kderiver, finishedTranscript);
   auto verifyData =
       detail::getFinishedData(kderiver, finishedMacKey, finishedTranscriptHash);
   Finished finished;
   finished.verify_data = std::move(verifyData);
   auto encodedFinished = encodeHandshake(std::move(finished));
 
   return detail::computeTranscript(
       encodedCertMsg, encodedCertificateVerify, encodedFinished);
 }

folly::Optional< std::vector< CertificateEntry > > fizz::ExportedAuthenticator::validate	(	std::unique_ptr< KeyDerivation > &	kderiver,
		Buf	authenticatorRequest,
		Buf	authenticator,
		Buf	handshakeContext,
		Buf	finishedMacKey,
		CertificateVerifyContext	context
	)

static

Definition at line 155 of file ExportedAuthenticator.cpp.

References folly::IOBufQueue::cacheChainLength(), fizz::detail::computeFinishedTranscript(), fizz::detail::computeTranscript(), fizz::detail::computeTranscriptHash(), folly::IOBuf::create(), fizz::ReadRecordLayer::decodeHandshakeMessage(), encodedCertVerify, fizz::encodeHandshake(), fizz::finished, fizz::detail::getEmptyAuthenticator(), fizz::detail::getFinishedData(), folly::gen::move, folly::none, uint16_t, and fizz::detail::writeBuf().

                                       {
   folly::Optional<std::vector<CertificateEntry>> certs;
   folly::IOBufQueue authQueue{folly::IOBufQueue::cacheChainLength()};
   constexpr uint16_t capacity = 256;
   // Clone the authenticator which is later compared to the re-calculated empty
   // authenticator.
   auto authClone = authenticator->clone();
   authQueue.append(std::move(authenticator));
   auto param = fizz::ReadRecordLayer::decodeHandshakeMessage(authQueue);
   if (!param) {
     return folly::none;
   }
   // First check if the authenticator is empty.
   auto finished = boost::get<Finished>(&(*param));
   if (finished) {
     auto emptyAuth = detail::getEmptyAuthenticator(
         kderiver,
         std::move(authenticatorRequest),
         std::move(handshakeContext),
         std::move(finishedMacKey));
     if (folly::IOBufEqualTo()(emptyAuth, authClone)) {
       return std::vector<CertificateEntry>();
     } else {
       return folly::none;
     }
   }
   auto param2 = fizz::ReadRecordLayer::decodeHandshakeMessage(authQueue);
   if (!param2) {
     return folly::none;
   }
   auto param3 = fizz::ReadRecordLayer::decodeHandshakeMessage(authQueue);
   if (!param3) {
     return folly::none;
   }
   auto certMsg = boost::get<CertificateMsg>(&(*param));
   auto certVerify = boost::get<CertificateVerify>(&(*param2));
   finished = boost::get<Finished>(&(*param3));
   if (!certMsg || !certVerify || !finished) {
     return folly::none;
   }
 
   auto leafCert = folly::IOBuf::create(capacity);
   folly::io::Appender appender(leafCert.get(), capacity);
   detail::writeBuf(certMsg->certificate_list.front().cert_data, appender);
   auto peerCert = CertUtils::makePeerCert(std::move(leafCert));
   auto encodedCertMsg = encodeHandshake(std::move(*certMsg));
   auto transcript = detail::computeTranscript(
       handshakeContext, authenticatorRequest, encodedCertMsg);
   auto transcriptHash = detail::computeTranscriptHash(kderiver, transcript);
   try {
     peerCert->verify(
         certVerify->algorithm,
         context,
         transcriptHash->coalesce(),
         certVerify->signature->coalesce());
   } catch (const std::runtime_error&) {
     return folly::none;
   }
   // Verify if Finished message matches.
   auto encodedCertVerify = encodeHandshake(std::move(*certVerify));
   auto finishedTranscript =
       detail::computeFinishedTranscript(transcript, encodedCertVerify);
   auto finishedTranscriptHash =
       detail::computeTranscriptHash(kderiver, finishedTranscript);
   auto verifyData =
       detail::getFinishedData(kderiver, finishedMacKey, finishedTranscriptHash);
 
   if (folly::IOBufEqualTo()(finished->verify_data, verifyData)) {
     certs = std::move(certMsg->certificate_list);
     return certs;
   } else {
     return folly::none;
   }
 }

folly::Optional< std::vector< CertificateEntry > > fizz::ExportedAuthenticator::validateAuthenticator	(	const fizz::AsyncFizzBase &	transport,
		Direction	dir,
		Buf	authenticatorRequest,
		Buf	authenticator
	)

static

"validate" API

Returns the certificate chain and extensions. If the authenticator was empty, the certificate chain will contain no certificates.

Definition at line 72 of file ExportedAuthenticator.cpp.

References cipher, fizz::AsyncFizzBase::getCipher(), fizz::AsyncFizzBase::getEkm(), fizz::Factory::makeKeyDeriver(), and folly::gen::move.

Referenced by proxygen::SecondaryAuthManager::validateAuthenticator().

                        {
   auto cipher = transport.getCipher();
   auto deriver = Factory().makeKeyDeriver(*cipher);
   auto hashLength = deriver->hashLength();
   Buf handshakeContext;
   Buf finishedMacKey;
   if (dir == Direction::UPSTREAM) {
     handshakeContext = transport.getEkm(
         "EXPORTER-server authenticator handshake context", nullptr, hashLength);
     finishedMacKey = transport.getEkm(
         "EXPORTER-server authenticator finished key", nullptr, hashLength);
   } else {
     handshakeContext = transport.getEkm(
         "EXPORTER-client authenticator handshake context", nullptr, hashLength);
     finishedMacKey = transport.getEkm(
         "EXPORTER-client authenticator finished key", nullptr, hashLength);
   }
   auto certs = validate(
       deriver,
       std::move(authenticatorRequest),
       std::move(authenticator),
       std::move(handshakeContext),
       std::move(finishedMacKey),
       CertificateVerifyContext::Authenticator);
   return certs;
 }

The documentation for this class was generated from the following files:

proxygen/fizz/fizz/extensions/exportedauth/ExportedAuthenticator.h
proxygen/fizz/fizz/extensions/exportedauth/ExportedAuthenticator.cpp

Static Public Member Functions

Detailed Description

Member Function Documentation