fizz::server Namespace Reference

Namespaces
	detail
	test

Classes
class	AeadCookieCipher
class	AeadTicketCipher
class	AeadTokenCipher
class	AllowAllReplayReplayCache
struct	AppToken
class	AppTokenValidator
class	AsyncFizzServerT
struct	AttemptVersionFallback
class	CertManager
struct	ClockSkewTolerance
class	CookieCipher
struct	CookieState
class	DualTicketCipher
class	FizzServer
class	FizzServerContext
struct	HandshakeLogging
class	ReplayCache
struct	ReportEarlyHandshakeSuccess
struct	ReportHandshakeSuccess
struct	ResumptionState
class	ServerStateMachine
struct	ServerTypes
class	SlidingBloomReplayCache
class	State
struct	StatelessHelloRetryRequest
class	TicketCipher
struct	TicketCodec

Typedefs
using	MutateState = folly::Function< void(State &)>
using	Action = boost::variant< DeliverAppData, WriteToSocket, ReportHandshakeSuccess, ReportEarlyHandshakeSuccess, ReportError, MutateState, WaitForData, AttemptVersionFallback >
using	Actions = folly::small_vector< Action, 4 >
using	AsyncActions = boost::variant< Actions, folly::Future< Actions >>
using	AsyncFizzServer = AsyncFizzServerT< ServerStateMachine >
using	AES128CookieCipher = AeadCookieCipher< OpenSSLEVPCipher< AESGCM128 >, HkdfImpl< Sha256 >>
using	AES128TicketCipher = AeadTicketCipher< OpenSSLEVPCipher< AESGCM128 >, TicketCodec< CertificateStorage::X509 >, HkdfImpl< Sha256 >>
using	AES128TicketIdentityOnlyCipher = AeadTicketCipher< OpenSSLEVPCipher< AESGCM128 >, TicketCodec< CertificateStorage::IdentityOnly >, HkdfImpl< Sha256 >>

Enumerations
enum	ClientAuthMode { ClientAuthMode::None, ClientAuthMode::Optional, ClientAuthMode::Required }
enum	ReplayCacheResult { NotChecked, NotReplay, MaybeReplay, DefinitelyReplay }
enum	StateEnum {   StateEnum::Uninitialized, StateEnum::ExpectingClientHello, StateEnum::ExpectingCertificate, StateEnum::ExpectingCertificateVerify,   StateEnum::AcceptingEarlyData, StateEnum::ExpectingFinished, StateEnum::AcceptingData, StateEnum::Closed,   StateEnum::Error, StateEnum::NUM_STATES }
enum	CertificateStorage : uint8_t { CertificateStorage::None = 0, CertificateStorage::X509 = 1, CertificateStorage::IdentityOnly = 2 }

Functions
static std::string	getKeyFromIdent (const std::string &ident)
Buf	getStatelessHelloRetryRequest (ProtocolVersion version, CipherSuite cipher, folly::Optional< NamedGroup > group, Buf cookie)
static folly::Optional< NamedGroup >	getHrrGroup (const std::vector< NamedGroup > &supportedGroups, const ClientHello &chlo)
CookieState	getCookieState (const Factory &factory, const std::vector< ProtocolVersion > &supportedVersions, const std::vector< std::vector< CipherSuite >> &supportedCiphers, const std::vector< NamedGroup > &supportedGroups, const ClientHello &chlo, Buf appToken)
bool	looksLikeV2ClientHello (const folly::IOBufQueue &queue)
template<typename T >
folly::Optional< T >	negotiate (const std::vector< std::vector< T >> &serverPref, const std::vector< T > &clientPref)
template<typename T >
folly::Optional< T >	negotiate (const std::vector< T > &serverPref, const std::vector< T > &clientPref)
std::ostream &	operator<< (std::ostream &os, StateEnum state)
void	appendClientCertificate (CertificateStorage storage, const std::shared_ptr< const Cert > &cert, folly::io::Appender &appender)
std::shared_ptr< const Cert >	readClientCertificate (folly::io::Cursor &cursor)

Variables
static const int	kBitsPerByte = 0x8
static const unsigned int	kBucketCount = 12
static const unsigned int	kHashCount = 4

Typedef Documentation

using fizz::server::Action = typedef boost::variant< DeliverAppData, WriteToSocket, ReportHandshakeSuccess, ReportEarlyHandshakeSuccess, ReportError, MutateState, WaitForData, AttemptVersionFallback>

Definition at line 50 of file Actions.h.

using fizz::server::Actions = typedef folly::small_vector<Action, 4>

Definition at line 51 of file Actions.h.

using fizz::server::AES128CookieCipher = typedef AeadCookieCipher<OpenSSLEVPCipher<AESGCM128>, HkdfImpl<Sha256>>

Definition at line 17 of file CookieTypes.h.

using fizz::server::AES128TicketCipher = typedef AeadTicketCipher< OpenSSLEVPCipher<AESGCM128>, TicketCodec<CertificateStorage::X509>, HkdfImpl<Sha256>>

Definition at line 22 of file TicketTypes.h.

using fizz::server::AES128TicketIdentityOnlyCipher = typedef AeadTicketCipher< OpenSSLEVPCipher<AESGCM128>, TicketCodec<CertificateStorage::IdentityOnly>, HkdfImpl<Sha256>>

Definition at line 26 of file TicketTypes.h.

using fizz::server::AsyncActions = typedef boost::variant<Actions, folly::Future<Actions>>

Definition at line 52 of file Actions.h.

using fizz::server::AsyncFizzServer = typedef AsyncFizzServerT<ServerStateMachine>

Definition at line 136 of file AsyncFizzServer.h.

using fizz::server::MutateState = typedef folly::Function<void(State&)>

A lambda that should be invoked on State so that modification can be applied.

Definition at line 24 of file Actions.h.

Enumeration Type Documentation

enum fizz::server::CertificateStorage : uint8_t

strong

Enumerator
None
X509
IdentityOnly

Definition at line 17 of file TicketCodec.h.

                              : uint8_t {
  None = 0,
  X509 = 1,
  IdentityOnly = 2
};

enum fizz::server::ClientAuthMode

strong

Different modes of operation for client authentication. The names are self- explanatory.

Enumerator
None
Optional
Required

Definition at line 43 of file FizzServerContext.h.

{ None, Optional, Required };

enum fizz::server::ReplayCacheResult

Enumerator
NotChecked
NotReplay
MaybeReplay
DefinitelyReplay

Definition at line 17 of file ReplayCache.h.

                       {
  NotChecked,
  NotReplay,
  MaybeReplay,
  DefinitelyReplay,
};

enum fizz::server::StateEnum

strong

Enumerator
Uninitialized
ExpectingClientHello
ExpectingCertificate
ExpectingCertificateVerify
AcceptingEarlyData
ExpectingFinished
AcceptingData
Closed
Error
NUM_STATES

Definition at line 26 of file State.h.

                     {
  Uninitialized,
  ExpectingClientHello,
  ExpectingCertificate,
  ExpectingCertificateVerify,
  AcceptingEarlyData,
  ExpectingFinished,
  AcceptingData,
  Closed,
  Error,
  NUM_STATES
};

Function Documentation

void fizz::server::appendClientCertificate	(	CertificateStorage	storage,
		const std::shared_ptr< const Cert > &	cert,
		folly::io::Appender &	appender
	)

Definition at line 26 of file TicketCodec.cpp.

References folly::IOBuf::copyBuffer(), folly::IOBuf::create(), folly::ssl::OpenSSLCertUtils::derEncode(), IdentityOnly, None, fizz::detail::write(), and X509.

Referenced by fizz::server::TicketCodec< Storage >::encode().

                               {
  Buf clientCertBuf = folly::IOBuf::create(0);
  CertificateStorage selectedStorage;
  if (!cert || storage == CertificateStorage::None) {
    selectedStorage = CertificateStorage::None;
  } else if (storage == CertificateStorage::X509 && cert->getX509()) {
    selectedStorage = CertificateStorage::X509;
    clientCertBuf = folly::ssl::OpenSSLCertUtils::derEncode(*cert->getX509());
  } else {
    selectedStorage = CertificateStorage::IdentityOnly;
    clientCertBuf = folly::IOBuf::copyBuffer(cert->getIdentity());
  }
  fizz::detail::write(selectedStorage, appender);
  if (selectedStorage != CertificateStorage::None) {
    fizz::detail::writeBuf<uint16_t>(clientCertBuf, appender);
  }
}

CookieState fizz::server::getCookieState	(	const Factory &	factory,
		const std::vector< ProtocolVersion > &	supportedVersions,
		const std::vector< std::vector< CipherSuite >> &	supportedCiphers,
		const std::vector< NamedGroup > &	supportedGroups,
		const ClientHello &	chlo,
		Buf	appToken
	)

Negotiate and compute the CookieState to use in response to a ClientHello. This must match the logic inside of the server state machine.

Definition at line 79 of file CookieCipher.cpp.

References fizz::server::CookieState::appToken, fizz::server::CookieState::chloHash, fizz::server::CookieState::cipher, cipher, fizz::ClientHello::cipher_suites, fizz::ClientHello::extensions, getHrrGroup(), fizz::server::CookieState::group, group, fizz::Factory::makeHandshakeContext(), folly::gen::move, negotiate(), fizz::HandshakeStruct< e, t >::originalEncoding, fizz::server::CookieState::version, and version.

Referenced by fizz::sm::getCertificateRequest(), fizz::server::AeadCookieCipher< AeadType, HkdfType >::getStatelessResponse(), and fizz::server::test::TEST_F().

                  {
  auto clientVersions = getExtension<SupportedVersions>(chlo.extensions);
  if (!clientVersions) {
    throw std::runtime_error("no supported versions");
  }
  auto version = negotiate(supportedVersions, clientVersions->versions);
  if (!version) {
    throw std::runtime_error("version mismatch");
  }

  auto cipher = negotiate(supportedCiphers, chlo.cipher_suites);
  if (!cipher) {
    throw std::runtime_error("cipher mismatch");
  }

  auto group = getHrrGroup(supportedGroups, chlo);

  CookieState state;
  state.version = *version;
  state.cipher = *cipher;
  state.group = group;
  state.appToken = std::move(appToken);

  auto handshakeContext = factory.makeHandshakeContext(*cipher);
  handshakeContext->appendToTranscript(*chlo.originalEncoding);
  state.chloHash = handshakeContext->getHandshakeContext();

  return state;
}

static folly::Optional<NamedGroup> fizz::server::getHrrGroup ( const std::vector< NamedGroup > &  supportedGroups, const ClientHello &  chlo  )

static

Definition at line 47 of file CookieCipher.cpp.

References fizz::ClientHello::extensions, negotiate(), folly::none, and folly::pushmi::operators::share.

Referenced by getCookieState().

                             {
  auto groupsExt = getExtension<SupportedGroups>(chlo.extensions);
  if (!groupsExt) {
    return folly::none;
  }

  // Group is negotiated solely based on supported groups, without considering
  // which shares were sent.
  auto negotiatedGroup =
      negotiate(supportedGroups, groupsExt->named_group_list);
  if (!negotiatedGroup) {
    // We will deal with any supported group mismatch at the full handshake.
    return folly::none;
  }

  auto clientShares = getExtension<ClientKeyShare>(chlo.extensions);
  if (!clientShares) {
    throw std::runtime_error("supported_groups without key_share");
  }

  for (const auto& share : clientShares->client_shares) {
    if (share.group == *negotiatedGroup) {
      // We already have the right key share.
      return folly::none;
    }
  }

  return negotiatedGroup;
}

static std::string fizz::server::getKeyFromIdent ( const std::string &  ident )

static

Definition at line 93 of file CertManager.cpp.

References string, and folly::toLowerAscii().

Referenced by fizz::server::CertManager::addCert(), and fizz::server::CertManager::addCertIdentity().

                                                         {
  if (ident.empty()) {
    throw std::runtime_error("empty identity");
  }

  std::string key;
  if (ident.front() == '*') {
    key = std::string(ident, 1);
  } else {
    key = ident;
  }
  toLowerAscii(key);

  return key;
}

Buf fizz::server::getStatelessHelloRetryRequest	(	ProtocolVersion	version,
		CipherSuite	cipher,
		folly::Optional< NamedGroup >	group,
		Buf	cookie
	)

Build a stateless HelloRetryRequest. This is deterministic and will be used to reconstruct the handshake transcript when receiving the second ClientHello.

Definition at line 18 of file CookieCipher.cpp.

References cipher, fizz::HelloRetryRequest::cipher_suite, fizz::Cookie::cookie, folly::IOBuf::create(), fizz::encodeExtension(), fizz::encodeHandshake(), fizz::HelloRetryRequest::extensions, group, fizz::HelloRetryRequest::legacy_session_id_echo, fizz::HelloRetryRequest::legacy_version, folly::gen::move, fizz::HelloRetryRequestKeyShare::selected_group, fizz::ServerSupportedVersions::selected_version, fizz::tls_1_2, and version.

Referenced by fizz::server::AeadCookieCipher< AeadType, HkdfType >::getStatelessResponse(), fizz::sm::setupSchedulerAndContext(), and fizz::server::test::TEST().

                {
  Buf encodedHelloRetryRequest;

  HelloRetryRequest hrr;
  hrr.legacy_version = ProtocolVersion::tls_1_2;
  hrr.legacy_session_id_echo = folly::IOBuf::create(0);
  hrr.cipher_suite = cipher;

  ServerSupportedVersions versionExt;
  versionExt.selected_version = version;
  hrr.extensions.push_back(encodeExtension(std::move(versionExt)));

  if (group) {
    HelloRetryRequestKeyShare keyShare;
    keyShare.selected_group = *group;
    hrr.extensions.push_back(encodeExtension(std::move(keyShare)));
  }

  Cookie cookieExt;
  cookieExt.cookie = std::move(cookie);
  hrr.extensions.push_back(encodeExtension(std::move(cookieExt)));

  return encodeHandshake(std::move(hrr));
}

bool fizz::server::looksLikeV2ClientHello

(

const folly::IOBufQueue &

queue

)

Definition at line 14 of file FizzServer.cpp.

References folly::IOBufQueue::empty(), folly::IOBufQueue::front(), and uint8_t.

Referenced by fizz::server::FizzServer< ActionMoveVisitor, SM >::newTransportData().

                                                          {
  if (queue.empty()) {
    return false;
  }
  folly::io::Cursor cursor(queue.front());
  if (!cursor.canAdvance(3)) {
    return false;
  }
  uint8_t byte1 = cursor.read<uint8_t>();
  cursor.skip(1);
  uint8_t byte3 = cursor.read<uint8_t>();
  if (byte1 & 0x80 && byte3 == 0x01) {
    return true;
  }
  return false;
}

template<typename T >

folly::Optional<T> fizz::server::negotiate	(	const std::vector< std::vector< T >> &	serverPref,
		const std::vector< T > &	clientPref
	)

Negotiate a parameter given a list of server preference tiers and a list of client preferences. Within a server preference tier the client preference will be respected.

Definition at line 22 of file Negotiator.h.

References folly::none.

Referenced by fizz::sm::getCertificate(), getCookieState(), fizz::extensions::TokenBindingServerExtension::getExtensions(), getHrrGroup(), fizz::sm::getResumptionState(), fizz::server::FizzServerContext::negotiateAlpn(), fizz::sm::negotiateCipher(), fizz::sm::negotiateGroup(), fizz::sm::negotiateVersion(), and fizz::server::test::TEST().

                                    {
  for (const auto& prefTier : serverPref) {
    if (prefTier.size() == 1) {
      if (std::find(clientPref.begin(), clientPref.end(), prefTier.front()) !=
          clientPref.end()) {
        return prefTier.front();
      }
    } else {
      for (const auto& pref : clientPref) {
        if (std::find(prefTier.begin(), prefTier.end(), pref) !=
            prefTier.end()) {
          return pref;
        }
      }
    }
  }
  return folly::none;
}

template<typename T >

folly::Optional<T> fizz::server::negotiate	(	const std::vector< T > &	serverPref,
		const std::vector< T > &	clientPref
	)

Negotatiate a parameter given the server's preference. Client preference is ignored.

Definition at line 48 of file Negotiator.h.

References folly::none.

                                    {
  for (const auto& pref : serverPref) {
    if (std::find(clientPref.begin(), clientPref.end(), pref) !=
        clientPref.end()) {
      return pref;
    }
  }
  return folly::none;
}

std::ostream& fizz::server::operator<< ( std::ostream &  os, StateEnum  state  )

inline

Definition at line 429 of file State.h.

References fizz::toString().

                                                               {
  os << toString(state);
  return os;
}

std::shared_ptr< const Cert > fizz::server::readClientCertificate

(

folly::io::Cursor &

cursor

)

Definition at line 47 of file TicketCodec.cpp.

References IdentityOnly, fizz::CertUtils::makePeerCert(), folly::gen::move, None, fizz::detail::read(), and X509.

Referenced by fizz::server::TicketCodec< Storage >::decode().

                                                                       {
  CertificateStorage storage;
  fizz::detail::read(storage, cursor);
  switch (storage) {
    case CertificateStorage::None:
      return nullptr;
    case CertificateStorage::X509: {
      Buf clientCertBuf;
      fizz::detail::readBuf<uint16_t>(clientCertBuf, cursor);
      return CertUtils::makePeerCert(std::move(clientCertBuf));
    }
    case CertificateStorage::IdentityOnly: {
      Buf ident;
      fizz::detail::readBuf<uint16_t>(ident, cursor);
      return std::make_shared<const IdentityCert>(
          ident->moveToFbString().toStdString());
    }
  }

  return nullptr;
}

Variable Documentation

const int fizz::server::kBitsPerByte = 0x8

static

Definition at line 29 of file SlidingBloomReplayCache.cpp.

const unsigned int fizz::server::kBucketCount = 12

static

Definition at line 30 of file SlidingBloomReplayCache.cpp.

Referenced by fizz::server::SlidingBloomReplayCache::SlidingBloomReplayCache().

const unsigned int fizz::server::kHashCount = 4

static

Definition at line 31 of file SlidingBloomReplayCache.cpp.

Referenced by fizz::server::SlidingBloomReplayCache::SlidingBloomReplayCache().