5079590438

Committed 25 May 2023 12:28PM UTC coverage: 92.228% (+0.5%) from 91.723%

Build # 5079590438

Build Type

Pull #3502

github

Pull Request Pull Request #3502: Apply clang-format to the codebase

Run Details

75589 of 81959 relevant lines covered (92.23%)

12139530.51 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

97.3

/src/lib/tls/tls_session_manager_stateless.cpp

/**
 * TLS Stateless Session Manager for stateless servers
 * (C) 2023 Jack Lloyd
 *     2023 René Meusel - Rohde & Schwarz Cybersecurity
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 */

#include <botan/tls_session_manager_stateless.h>

#include <botan/credentials_manager.h>
#include <botan/exceptn.h>
#include <botan/rng.h>

#include <botan/internal/stl_util.h>

namespace Botan::TLS {

Session_Manager_Stateless::Session_Manager_Stateless(const std::shared_ptr<Credentials_Manager>& creds,
                                                     const std::shared_ptr<RandomNumberGenerator>& rng) :
      Session_Manager(rng), m_credentials_manager(creds) {
   BOTAN_ASSERT_NONNULL(m_credentials_manager);
}

std::optional<Session_Handle> Session_Manager_Stateless::establish(const Session& session,
                                                                   const std::optional<Session_ID>&,
                                                                   bool tls12_no_ticket) {
   BOTAN_ASSERT(session.side() == Connection_Side::Server, "Client tried to establish a session");
   if(tls12_no_ticket) {
      return std::nullopt;
   }

   const auto key = get_ticket_key();
   if(!key.has_value()) {
      return std::nullopt;
   }

   return Session_Ticket{session.encrypt(key.value(), *m_rng)};
}

void Session_Manager_Stateless::store(const Session&, const Session_Handle&) {
   throw Invalid_Argument("A stateless Session Manager cannot store Sessions with their handle");
}

std::optional<Session> Session_Manager_Stateless::retrieve_one(const Session_Handle& handle) {
   auto ticket = handle.ticket();
   if(!ticket.has_value()) {
      return std::nullopt;
   }

   const auto key = get_ticket_key();
   if(!key.has_value()) {
      return std::nullopt;
   }

   try {
      return Session::decrypt(ticket.value(), key.value());
   } catch(const std::exception&) {
      // RFC 8446 4.2.11
      //    Any unknown PSKs (e.g., ones not in the PSK database or encrypted
      //    with an unknown key) SHOULD simply be ignored.
      return std::nullopt;
   }
}

bool Session_Manager_Stateless::emits_session_tickets() { return get_ticket_key().has_value(); }

std::optional<SymmetricKey> Session_Manager_Stateless::get_ticket_key() noexcept {
   try {
      auto key = m_credentials_manager->psk("tls-server", "session-ticket", "");
      if(key.length() == 0) {
         return std::nullopt;
      }
      return key;
   } catch(...) { return std::nullopt; }
}

}

1	/**
2	* TLS Stateless Session Manager for stateless servers
3	* (C) 2023 Jack Lloyd
4	* 2023 René Meusel - Rohde & Schwarz Cybersecurity
5	*
6	* Botan is released under the Simplified BSD License (see license.txt)
7	*/
8
9	#include <botan/tls_session_manager_stateless.h>
10
11	#include <botan/credentials_manager.h>
12	#include <botan/exceptn.h>
13	#include <botan/rng.h>
14
15	#include <botan/internal/stl_util.h>
16
17	namespace Botan::TLS {
18
19	Session_Manager_Stateless::Session_Manager_Stateless(const std::shared_ptr<Credentials_Manager>& creds,	1,996✔
20	const std::shared_ptr<RandomNumberGenerator>& rng) :	1,996✔
21	Session_Manager(rng), m_credentials_manager(creds) {	1,996✔
22	BOTAN_ASSERT_NONNULL(m_credentials_manager);	1,996✔
23	}	1,996✔
24
25	std::optional<Session_Handle> Session_Manager_Stateless::establish(const Session& session,	886✔
26	const std::optional<Session_ID>&,
27	bool tls12_no_ticket) {
28	BOTAN_ASSERT(session.side() == Connection_Side::Server, "Client tried to establish a session");	886✔
29	if(tls12_no_ticket) {	886✔
30	return std::nullopt;	1✔
31	}
32
33	const auto key = get_ticket_key();	885✔
34	if(!key.has_value()) {	885✔
35	return std::nullopt;	1✔
36	}
37
38	return Session_Ticket{session.encrypt(key.value(), *m_rng)};	884✔
39	}	886✔
40
41	void Session_Manager_Stateless::store(const Session&, const Session_Handle&) {	3✔
42	throw Invalid_Argument("A stateless Session Manager cannot store Sessions with their handle");	3✔
43	}
44
45	std::optional<Session> Session_Manager_Stateless::retrieve_one(const Session_Handle& handle) {	360✔
46	auto ticket = handle.ticket();	360✔
47	if(!ticket.has_value()) {	360✔
48	return std::nullopt;	35✔
49	}
50
51	const auto key = get_ticket_key();	325✔
52	if(!key.has_value()) {	325✔
53	return std::nullopt;	1✔
54	}
55
56	try {	324✔
57	return Session::decrypt(ticket.value(), key.value());	641✔
58	} catch(const std::exception&) {	7✔
59	// RFC 8446 4.2.11
60	// Any unknown PSKs (e.g., ones not in the PSK database or encrypted
61	// with an unknown key) SHOULD simply be ignored.
62	return std::nullopt;	7✔
63	}	7✔
64	}	360✔
65
66	bool Session_Manager_Stateless::emits_session_tickets() { return get_ticket_key().has_value(); }	538✔
67
68	std::optional<SymmetricKey> Session_Manager_Stateless::get_ticket_key() noexcept {	1,748✔
69	try {	1,748✔
70	auto key = m_credentials_manager->psk("tls-server", "session-ticket", "");	3,501✔
71	if(key.length() == 0) {	1,743✔
72	return std::nullopt;	×
73	}
74	return key;	1,743✔
75	} catch(...) { return std::nullopt; }	1,748✔
76	}
77
78	}

randombit / botan / 5079590438

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous