State.h

Go to the documentation of this file.

/*
 *  Copyright (c) 2018-present, Facebook, Inc.
 *  All rights reserved.
 *
 *  This source code is licensed under the BSD-style license found in the
 *  LICENSE file in the root directory of this source tree.
 */

#pragma once

#include <folly/futures/Future.h>

#include <fizz/protocol/Certificate.h>
#include <fizz/protocol/KeyScheduler.h>
#include <fizz/protocol/Types.h>
#include <fizz/record/Extensions.h>
#include <fizz/record/RecordLayer.h>
#include <fizz/server/Actions.h>
#include <fizz/server/FizzServerContext.h>
#include <fizz/server/ResumptionState.h>
#include <fizz/server/ServerExtensions.h>

namespace fizz {
namespace server {

enum class StateEnum {
  Uninitialized,
  ExpectingClientHello,
  ExpectingCertificate,
  ExpectingCertificateVerify,
  AcceptingEarlyData,
  ExpectingFinished,
  AcceptingData,
  Closed,
  Error,
  NUM_STATES
};

struct HandshakeLogging {
  folly::Optional<ProtocolVersion> clientLegacyVersion;
  std::vector<ProtocolVersion> clientSupportedVersions;
  std::vector<CipherSuite> clientCiphers;
  std::vector<ExtensionType> clientExtensions;
  folly::Optional<ProtocolVersion> clientRecordVersion;
  folly::Optional<std::string> clientSni;
  std::vector<NamedGroup> clientSupportedGroups;
  folly::Optional<std::vector<NamedGroup>> clientKeyShares;
  std::vector<PskKeyExchangeMode> clientKeyExchangeModes;
  std::vector<SignatureScheme> clientSignatureAlgorithms;
  folly::Optional<bool> clientSessionIdSent;
  folly::Optional<Random> clientRandom;
};

class AppTokenValidator {
 public:
  virtual ~AppTokenValidator() = default;

  virtual bool validate(const ResumptionState&) const = 0;
};

class State {
 public:
  StateEnum state() const {
    return state_;
  }

  folly::Executor* executor() const {
    return executor_;
  }

  const FizzServerContext* context() const {
    return context_.get();
  }

  std::shared_ptr<const Cert> serverCert() const {
    return serverCert_;
  }

  const std::shared_ptr<const Cert>& clientCert() const {
    return clientCert_;
  }

  folly::Optional<ProtocolVersion> version() const {
    return version_;
  }

  folly::Optional<CipherSuite> cipher() const {
    return cipher_;
  }

  folly::Optional<NamedGroup> group() const {
    return group_;
  }

  folly::Optional<SignatureScheme> sigScheme() const {
    return sigScheme_;
  }

  folly::Optional<PskType> pskType() const {
    return pskType_;
  }

  folly::Optional<PskKeyExchangeMode> pskMode() const {
    return pskMode_;
  }

  folly::Optional<KeyExchangeType> keyExchangeType() const {
    return keyExchangeType_;
  }

  folly::Optional<EarlyDataType> earlyDataType() const {
    return earlyDataType_;
  }

  folly::Optional<ReplayCacheResult> replayCacheResult() const {
    return replayCacheResult_;
  }

  const folly::Optional<std::string>& alpn() const {
    return alpn_;
  }

  folly::Optional<std::chrono::milliseconds> clientClockSkew() const {
    return clientClockSkew_;
  }

  const AppTokenValidator* appTokenValidator() const {
    return appTokenValidator_.get();
  }

  HandshakeLogging* handshakeLogging() const {
    return handshakeLogging_.get();
  }

  KeyScheduler* keyScheduler() const {
    return keyScheduler_.get();
  }

  ReadRecordLayer* readRecordLayer() const {
    return readRecordLayer_.get();
  }

  const WriteRecordLayer* writeRecordLayer() const {
    return writeRecordLayer_.get();
  }

  const Buf& clientHandshakeSecret() const {
    return *clientHandshakeSecret_;
  }

  ServerExtensions* extensions() const {
    return extensions_.get();
  }

  const std::vector<uint8_t>& resumptionMasterSecret() const {
    return resumptionMasterSecret_;
  }

  const folly::Optional<std::vector<std::shared_ptr<const PeerCert>>>&
  unverifiedCertChain() const {
    return unverifiedCertChain_;
  }

  const folly::Optional<CertificateCompressionAlgorithm>& serverCertCompAlgo()
      const {
    return serverCertCompAlgo_;
  }

  const folly::Optional<Buf>& earlyExporterMasterSecret() const {
    return earlyExporterMasterSecret_;
  }

  const folly::Optional<Buf>& exporterMasterSecret() const {
    return exporterMasterSecret_;
  }

  /*
   * State setters.
   */
  auto& state() {
    return state_;
  }
  auto& executor() {
    return executor_;
  }
  auto& context() {
    return context_;
  }
  auto& keyScheduler() {
    return keyScheduler_;
  }
  auto& readRecordLayer() {
    return readRecordLayer_;
  }
  auto& writeRecordLayer() {
    return writeRecordLayer_;
  }
  auto& handshakeReadRecordLayer() const {
    return handshakeReadRecordLayer_;
  }
  auto& handshakeContext() const {
    return handshakeContext_;
  }
  auto& serverCert() {
    return serverCert_;
  }
  auto& clientCert() {
    return clientCert_;
  }
  auto& serverCertCompAlgo() {
    return serverCertCompAlgo_;
  }
  auto& unverifiedCertChain() {
    return unverifiedCertChain_;
  }
  auto& version() {
    return version_;
  }
  auto& cipher() {
    return cipher_;
  }
  auto& group() {
    return group_;
  }
  auto& sigScheme() {
    return sigScheme_;
  }
  auto& pskType() {
    return pskType_;
  }
  auto& pskMode() {
    return pskMode_;
  }
  auto& keyExchangeType() {
    return keyExchangeType_;
  }
  auto& earlyDataType() {
    return earlyDataType_;
  }
  auto& replayCacheResult() {
    return replayCacheResult_;
  }
  auto& clientHandshakeSecret() {
    return clientHandshakeSecret_;
  }
  auto& alpn() {
    return alpn_;
  }
  auto& clientClockSkew() {
    return clientClockSkew_;
  }
  auto& appTokenValidator() {
    return appTokenValidator_;
  }
  auto& handshakeLogging() {
    return handshakeLogging_;
  }
  auto& extensions() {
    return extensions_;
  }
  auto& resumptionMasterSecret() {
    return resumptionMasterSecret_;
  }
  auto& earlyExporterMasterSecret() {
    return earlyExporterMasterSecret_;
  }
  auto& exporterMasterSecret() {
    return exporterMasterSecret_;
  }

 private:
  StateEnum state_{StateEnum::Uninitialized};

  folly::Executor* executor_;

  std::shared_ptr<const FizzServerContext> context_;

  std::unique_ptr<KeyScheduler> keyScheduler_;

  std::unique_ptr<ReadRecordLayer> readRecordLayer_;
  std::unique_ptr<WriteRecordLayer> writeRecordLayer_;

  // The handshake read record layer, stored here while accepting early data.
  mutable std::unique_ptr<EncryptedReadRecordLayer> handshakeReadRecordLayer_;
  mutable std::unique_ptr<HandshakeContext> handshakeContext_;

  std::shared_ptr<const Cert> serverCert_;
  std::shared_ptr<const Cert> clientCert_;
  folly::Optional<CertificateCompressionAlgorithm> serverCertCompAlgo_;

  folly::Optional<std::vector<std::shared_ptr<const PeerCert>>>
      unverifiedCertChain_;

  folly::Optional<ProtocolVersion> version_;
  folly::Optional<CipherSuite> cipher_;
  folly::Optional<NamedGroup> group_;
  folly::Optional<SignatureScheme> sigScheme_;
  folly::Optional<PskType> pskType_;
  folly::Optional<PskKeyExchangeMode> pskMode_;
  folly::Optional<KeyExchangeType> keyExchangeType_;
  folly::Optional<EarlyDataType> earlyDataType_;
  folly::Optional<ReplayCacheResult> replayCacheResult_;
  folly::Optional<Buf> clientHandshakeSecret_;
  folly::Optional<std::string> alpn_;
  folly::Optional<std::chrono::milliseconds> clientClockSkew_;
  std::unique_ptr<AppTokenValidator> appTokenValidator_;
  std::shared_ptr<ServerExtensions> extensions_;
  std::vector<uint8_t> resumptionMasterSecret_;

  std::unique_ptr<HandshakeLogging> handshakeLogging_;

  folly::Optional<Buf> earlyExporterMasterSecret_;
  folly::Optional<Buf> exporterMasterSecret_;
};
} // namespace server

folly::StringPiece toString(server::StateEnum state);

namespace server {
inline std::ostream& operator<<(std::ostream& os, StateEnum state) {
  os << toString(state);
  return os;
}
} // namespace server
} // namespace fizz