|
Botan
1.11.15
|
#include <tls_session.h>
Public Member Functions | |
| Ciphersuite | ciphersuite () const |
| u16bit | ciphersuite_code () const |
| byte | compression_method () const |
| secure_vector< byte > | DER_encode () const |
| u16bit | dtls_srtp_profile () const |
| std::vector< byte > | encrypt (const SymmetricKey &key, RandomNumberGenerator &rng) const |
| size_t | fragment_size () const |
| const secure_vector< byte > & | master_secret () const |
| const std::vector < X509_Certificate > & | peer_certs () const |
| std::string | PEM_encode () const |
| const Server_Information & | server_info () const |
| Session () | |
| Session (const std::vector< byte > &session_id, const secure_vector< byte > &master_secret, Protocol_Version version, u16bit ciphersuite, byte compression_method, Connection_Side side, size_t fragment_size, const std::vector< X509_Certificate > &peer_certs, const std::vector< byte > &session_ticket, const Server_Information &server_info, const std::string &srp_identifier, u16bit srtp_profile) | |
| Session (const byte ber[], size_t ber_len) | |
| Session (const std::string &pem) | |
| std::chrono::seconds | session_age () const |
| const std::vector< byte > & | session_id () const |
| const std::vector< byte > & | session_ticket () const |
| Connection_Side | side () const |
| const std::string & | srp_identifier () const |
| std::chrono::system_clock::time_point | start_time () const |
| Protocol_Version | version () const |
Static Public Member Functions | |
| static Session | decrypt (const byte ctext[], size_t ctext_size, const SymmetricKey &key) |
| static Session | decrypt (const std::vector< byte > &ctext, const SymmetricKey &key) |
Class representing a TLS session state
Definition at line 27 of file tls_session.h.
| Botan::TLS::Session::Session | ( | ) | [inline] |
Uninitialized session
Definition at line 34 of file tls_session.h.
Referenced by decrypt(), and Session().
:
m_start_time(std::chrono::system_clock::time_point::min()),
m_version(),
m_ciphersuite(0),
m_compression_method(0),
m_connection_side(static_cast<Connection_Side>(0)),
m_fragment_size(0)
{}
| Botan::TLS::Session::Session | ( | const std::vector< byte > & | session_id, |
| const secure_vector< byte > & | master_secret, | ||
| Protocol_Version | version, | ||
| u16bit | ciphersuite, | ||
| byte | compression_method, | ||
| Connection_Side | side, | ||
| size_t | fragment_size, | ||
| const std::vector< X509_Certificate > & | peer_certs, | ||
| const std::vector< byte > & | session_ticket, | ||
| const Server_Information & | server_info, | ||
| const std::string & | srp_identifier, | ||
| u16bit | srtp_profile | ||
| ) |
New session (sets session start time)
Definition at line 21 of file tls_session.cpp.
: m_start_time(std::chrono::system_clock::now()), m_identifier(session_identifier), m_session_ticket(ticket), m_master_secret(master_secret), m_version(version), m_ciphersuite(ciphersuite), m_compression_method(compression_method), m_connection_side(side), m_srtp_profile(srtp_profile), m_fragment_size(fragment_size), m_peer_certs(certs), m_server_info(server_info), m_srp_identifier(srp_identifier) { }
| Botan::TLS::Session::Session | ( | const byte | ber[], |
| size_t | ber_len | ||
| ) |
Load a session from DER representation (created by DER_encode)
Definition at line 56 of file tls_session.cpp.
References Botan::BER_Decoder::decode(), Botan::BER_Decoder::decode_and_check(), Botan::BER_Decoder::decode_integer_type(), Botan::BER_Decoder::end_cons(), Botan::OCTET_STRING, Botan::SEQUENCE, Botan::BER_Decoder::start_cons(), start_time(), Botan::ASN1_String::value(), and Botan::BER_Decoder::verify_end().
{
byte side_code = 0;
ASN1_String server_hostname;
ASN1_String server_service;
size_t server_port;
ASN1_String srp_identifier_str;
byte major_version = 0, minor_version = 0;
std::vector<byte> peer_cert_bits;
size_t start_time = 0;
size_t srtp_profile = 0;
BER_Decoder(ber, ber_len)
.start_cons(SEQUENCE)
.decode_and_check(static_cast<size_t>(TLS_SESSION_PARAM_STRUCT_VERSION),
"Unknown version in serialized TLS session")
.decode_integer_type(start_time)
.decode_integer_type(major_version)
.decode_integer_type(minor_version)
.decode(m_identifier, OCTET_STRING)
.decode(m_session_ticket, OCTET_STRING)
.decode_integer_type(m_ciphersuite)
.decode_integer_type(m_compression_method)
.decode_integer_type(side_code)
.decode_integer_type(m_fragment_size)
.decode(m_master_secret, OCTET_STRING)
.decode(peer_cert_bits, OCTET_STRING)
.decode(server_hostname)
.decode(server_service)
.decode(server_port)
.decode(srp_identifier_str)
.decode(srtp_profile)
.end_cons()
.verify_end();
m_version = Protocol_Version(major_version, minor_version);
m_start_time = std::chrono::system_clock::from_time_t(start_time);
m_connection_side = static_cast<Connection_Side>(side_code);
m_srtp_profile = srtp_profile;
m_server_info = Server_Information(server_hostname.value(),
server_service.value(),
server_port);
m_srp_identifier = srp_identifier_str.value();
if(!peer_cert_bits.empty())
{
DataSource_Memory certs(&peer_cert_bits[0], peer_cert_bits.size());
while(!certs.end_of_data())
m_peer_certs.push_back(X509_Certificate(certs));
}
}
| Botan::TLS::Session::Session | ( | const std::string & | pem | ) |
Load a session from PEM representation (created by PEM_encode)
Definition at line 49 of file tls_session.cpp.
References Botan::PEM_Code::decode_check_label(), and Session().
{
secure_vector<byte> der = PEM_Code::decode_check_label(pem, "TLS SESSION");
*this = Session(&der[0], der.size());
}
| Ciphersuite Botan::TLS::Session::ciphersuite | ( | ) | const [inline] |
Get the ciphersuite info of the saved session
Definition at line 124 of file tls_session.h.
References Botan::TLS::Ciphersuite::by_id().
{ return Ciphersuite::by_id(m_ciphersuite); }
| u16bit Botan::TLS::Session::ciphersuite_code | ( | ) | const [inline] |
Get the ciphersuite code of the saved session
Definition at line 119 of file tls_session.h.
Referenced by Botan::TLS::Client_Hello::Client_Hello().
{ return m_ciphersuite; }
| byte Botan::TLS::Session::compression_method | ( | ) | const [inline] |
Get the compression method used in the saved session
Definition at line 129 of file tls_session.h.
Referenced by Botan::TLS::Client_Hello::Client_Hello().
{ return m_compression_method; }
| Session Botan::TLS::Session::decrypt | ( | const byte | ctext[], |
| size_t | ctext_size, | ||
| const SymmetricKey & | key | ||
| ) | [static] |
Decrypt a session created by encrypt
| ctext | the ciphertext returned by encrypt |
| ctext_size | the size of ctext in bytes |
| key | the same key used by the encrypting side |
Definition at line 177 of file tls_session.cpp.
References Botan::DECRYPTION, e, Botan::Buffered_Computation::final(), Botan::get_aead(), Session(), Botan::SymmetricAlgorithm::set_key(), and Botan::Buffered_Computation::update().
{
try
{
std::unique_ptr<AEAD_Mode> aead(get_aead("AES-256/GCM", DECRYPTION));
const size_t nonce_len = aead->default_nonce_length();
if(in_len < nonce_len + aead->tag_size())
throw Decoding_Error("Encrypted session too short to be valid");
// Support any length key for input
HMAC hmac(new SHA_256);
hmac.set_key(key);
hmac.update(in, nonce_len); // nonce bytes
aead->set_key(hmac.final());
aead->start(in, nonce_len);
secure_vector<byte> buf(in + nonce_len, in + in_len);
aead->finish(buf, 0);
return Session(&buf[0], buf.size());
}
catch(std::exception& e)
{
throw Decoding_Error("Failed to decrypt serialized TLS session: " +
std::string(e.what()));
}
}
| static Session Botan::TLS::Session::decrypt | ( | const std::vector< byte > & | ctext, |
| const SymmetricKey & | key | ||
| ) | [inline, static] |
Decrypt a session created by encrypt
| ctext | the ciphertext returned by encrypt |
| key | the same key used by the encrypting side |
Definition at line 98 of file tls_session.h.
References decrypt.
{
return Session::decrypt(&ctext[0], ctext.size(), key);
}
| secure_vector< byte > Botan::TLS::Session::DER_encode | ( | ) | const |
Encode this session data for storage
Definition at line 115 of file tls_session.cpp.
References Botan::PKCS8::BER_encode(), Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents(), Botan::TLS::Server_Information::hostname(), Botan::TLS::Protocol_Version::major_version(), Botan::TLS::Protocol_Version::minor_version(), Botan::OCTET_STRING, Botan::TLS::Server_Information::port(), Botan::SEQUENCE, Botan::TLS::Server_Information::service(), Botan::DER_Encoder::start_cons(), and Botan::UTF8_STRING.
Referenced by encrypt(), and PEM_encode().
{
std::vector<byte> peer_cert_bits;
for(size_t i = 0; i != m_peer_certs.size(); ++i)
peer_cert_bits += m_peer_certs[i].BER_encode();
return DER_Encoder()
.start_cons(SEQUENCE)
.encode(static_cast<size_t>(TLS_SESSION_PARAM_STRUCT_VERSION))
.encode(static_cast<size_t>(std::chrono::system_clock::to_time_t(m_start_time)))
.encode(static_cast<size_t>(m_version.major_version()))
.encode(static_cast<size_t>(m_version.minor_version()))
.encode(m_identifier, OCTET_STRING)
.encode(m_session_ticket, OCTET_STRING)
.encode(static_cast<size_t>(m_ciphersuite))
.encode(static_cast<size_t>(m_compression_method))
.encode(static_cast<size_t>(m_connection_side))
.encode(static_cast<size_t>(m_fragment_size))
.encode(m_master_secret, OCTET_STRING)
.encode(peer_cert_bits, OCTET_STRING)
.encode(ASN1_String(m_server_info.hostname(), UTF8_STRING))
.encode(ASN1_String(m_server_info.service(), UTF8_STRING))
.encode(static_cast<size_t>(m_server_info.port()))
.encode(ASN1_String(m_srp_identifier, UTF8_STRING))
.encode(static_cast<size_t>(m_srtp_profile))
.end_cons()
.get_contents();
}
| u16bit Botan::TLS::Session::dtls_srtp_profile | ( | ) | const [inline] |
Get the negotiated DTLS-SRTP algorithm (RFC 5764)
Definition at line 160 of file tls_session.h.
{ return m_srtp_profile; }
| std::vector< byte > Botan::TLS::Session::encrypt | ( | const SymmetricKey & | key, |
| RandomNumberGenerator & | rng | ||
| ) | const |
Encrypt a session (useful for serialization or session tickets)
Definition at line 156 of file tls_session.cpp.
References DER_encode(), Botan::ENCRYPTION, Botan::Buffered_Computation::final(), Botan::get_aead(), Botan::RandomNumberGenerator::random_vec(), Botan::SymmetricAlgorithm::set_key(), Botan::unlock(), and Botan::Buffered_Computation::update().
Referenced by Botan::TLS::Session_Manager_SQL::save(), and Botan::TLS::Session_Manager_In_Memory::save().
{
std::unique_ptr<AEAD_Mode> aead(get_aead("AES-256/GCM", ENCRYPTION));
const size_t nonce_len = aead->default_nonce_length();
const secure_vector<byte> nonce = rng.random_vec(nonce_len);
const secure_vector<byte> bits = this->DER_encode();
// Support any length key for input
HMAC hmac(new SHA_256);
hmac.set_key(key);
hmac.update(nonce);
aead->set_key(hmac.final());
secure_vector<byte> buf = nonce;
buf += bits;
aead->start(&buf[0], nonce_len);
aead->finish(buf, nonce_len);
return unlock(buf);
}
| size_t Botan::TLS::Session::fragment_size | ( | ) | const [inline] |
Get the negotiated maximum fragment size (or 0 if default)
Definition at line 155 of file tls_session.h.
Referenced by Botan::TLS::Client_Hello::Client_Hello(), and Botan::TLS::Server_Hello::Server_Hello().
{ return m_fragment_size; }
| const secure_vector<byte>& Botan::TLS::Session::master_secret | ( | ) | const [inline] |
Get the saved master secret
Definition at line 145 of file tls_session.h.
{ return m_master_secret; }
| const std::vector<X509_Certificate>& Botan::TLS::Session::peer_certs | ( | ) | const [inline] |
Return the certificate chain of the peer (possibly empty)
Definition at line 165 of file tls_session.h.
{ return m_peer_certs; }
| std::string Botan::TLS::Session::PEM_encode | ( | ) | const |
Encode this session data for storage
Definition at line 144 of file tls_session.cpp.
References DER_encode(), and Botan::PEM_Code::encode().
{
return PEM_Code::encode(this->DER_encode(), "TLS SESSION");
}
| const Server_Information& Botan::TLS::Session::server_info | ( | ) | const [inline] |
Definition at line 182 of file tls_session.h.
Referenced by Botan::TLS::Client_Hello::Client_Hello(), Botan::TLS::Session_Manager_SQL::save(), and Botan::TLS::Session_Manager_In_Memory::save().
{ return m_server_info; }
| std::chrono::seconds Botan::TLS::Session::session_age | ( | ) | const |
Return how long this session has existed (in seconds)
Definition at line 149 of file tls_session.cpp.
{
return std::chrono::duration_cast<std::chrono::seconds>(
std::chrono::system_clock::now() - m_start_time);
}
| const std::vector<byte>& Botan::TLS::Session::session_id | ( | ) | const [inline] |
Get the session identifier
Definition at line 150 of file tls_session.h.
Referenced by Botan::TLS::Session_Manager_SQL::save(), and Botan::TLS::Session_Manager_In_Memory::save().
{ return m_identifier; }
| const std::vector<byte>& Botan::TLS::Session::session_ticket | ( | ) | const [inline] |
Return the session ticket the server gave us
Definition at line 180 of file tls_session.h.
Referenced by Botan::TLS::Client_Hello::Client_Hello().
{ return m_session_ticket; }
| Connection_Side Botan::TLS::Session::side | ( | ) | const [inline] |
Get which side of the connection the resumed session we are/were acting as.
Definition at line 135 of file tls_session.h.
Referenced by Botan::TLS::Session_Manager_In_Memory::save().
{ return m_connection_side; }
| const std::string& Botan::TLS::Session::srp_identifier | ( | ) | const [inline] |
Get the SRP identity (if sent by the client in the initial handshake)
Definition at line 140 of file tls_session.h.
Referenced by Botan::TLS::Client_Hello::Client_Hello().
{ return m_srp_identifier; }
| std::chrono::system_clock::time_point Botan::TLS::Session::start_time | ( | ) | const [inline] |
Get the wall clock time this session began
Definition at line 170 of file tls_session.h.
Referenced by Botan::TLS::Session_Manager_SQL::save(), and Session().
{ return m_start_time; }
| Protocol_Version Botan::TLS::Session::version | ( | ) | const [inline] |
Get the version of the saved session
Definition at line 114 of file tls_session.h.
{ return m_version; }
1.7.6.1