5230455705

Committed 10 Jun 2023 02:30PM UTC coverage: 91.715% (-0.03%) from 91.746%

Build # 5230455705

Build Type

push

github

Committed by

randombit

Commit Message

Merge GH #3584 Change clang-format AllowShortFunctionsOnASingleLine config from All to Inline

Run Details

77182 of 84154 relevant lines covered (91.72%)

11975295.43 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

97.5

/src/lib/tls/tls_session_manager_stateless.cpp

/**
 * TLS Stateless Session Manager for stateless servers
 * (C) 2023 Jack Lloyd
 *     2023 René Meusel - Rohde & Schwarz Cybersecurity
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 */

#include <botan/tls_session_manager_stateless.h>

#include <botan/credentials_manager.h>
#include <botan/exceptn.h>
#include <botan/rng.h>

#include <botan/internal/stl_util.h>

namespace Botan::TLS {

Session_Manager_Stateless::Session_Manager_Stateless(const std::shared_ptr<Credentials_Manager>& creds,
                                                     const std::shared_ptr<RandomNumberGenerator>& rng) :
      Session_Manager(rng), m_credentials_manager(creds) {
   BOTAN_ASSERT_NONNULL(m_credentials_manager);
}

std::optional<Session_Handle> Session_Manager_Stateless::establish(const Session& session,
                                                                   const std::optional<Session_ID>&,
                                                                   bool tls12_no_ticket) {
   BOTAN_ASSERT(session.side() == Connection_Side::Server, "Client tried to establish a session");
   if(tls12_no_ticket) {
      return std::nullopt;
   }

   const auto key = get_ticket_key();
   if(!key.has_value()) {
      return std::nullopt;
   }

   return Session_Ticket{session.encrypt(key.value(), *m_rng)};
}

void Session_Manager_Stateless::store(const Session&, const Session_Handle&) {
   throw Invalid_Argument("A stateless Session Manager cannot store Sessions with their handle");
}

std::optional<Session> Session_Manager_Stateless::retrieve_one(const Session_Handle& handle) {
   auto ticket = handle.ticket();
   if(!ticket.has_value()) {
      return std::nullopt;
   }

   const auto key = get_ticket_key();
   if(!key.has_value()) {
      return std::nullopt;
   }

   try {
      return Session::decrypt(ticket.value(), key.value());
   } catch(const std::exception&) {
      // RFC 8446 4.2.11
      //    Any unknown PSKs (e.g., ones not in the PSK database or encrypted
      //    with an unknown key) SHOULD simply be ignored.
      return std::nullopt;
   }
}

bool Session_Manager_Stateless::emits_session_tickets() {
   return get_ticket_key().has_value();
}

std::optional<SymmetricKey> Session_Manager_Stateless::get_ticket_key() noexcept {
   try {
      auto key = m_credentials_manager->psk("tls-server", "session-ticket", "");
      if(key.length() == 0) {
         return std::nullopt;
      }
      return key;
   } catch(...) {
      return std::nullopt;
   }
}

}  // namespace Botan::TLS

1	/**
2	* TLS Stateless Session Manager for stateless servers
3	* (C) 2023 Jack Lloyd
4	* 2023 René Meusel - Rohde & Schwarz Cybersecurity
5	*
6	* Botan is released under the Simplified BSD License (see license.txt)
7	*/
8
9	#include <botan/tls_session_manager_stateless.h>
10
11	#include <botan/credentials_manager.h>
12	#include <botan/exceptn.h>
13	#include <botan/rng.h>
14
15	#include <botan/internal/stl_util.h>
16
17	namespace Botan::TLS {
18
19	Session_Manager_Stateless::Session_Manager_Stateless(const std::shared_ptr<Credentials_Manager>& creds,	1,996✔
20	const std::shared_ptr<RandomNumberGenerator>& rng) :	1,996✔
21	Session_Manager(rng), m_credentials_manager(creds) {	1,996✔
22	BOTAN_ASSERT_NONNULL(m_credentials_manager);	1,996✔
23	}	1,996✔
24
25	std::optional<Session_Handle> Session_Manager_Stateless::establish(const Session& session,	886✔
26	const std::optional<Session_ID>&,
27	bool tls12_no_ticket) {
28	BOTAN_ASSERT(session.side() == Connection_Side::Server, "Client tried to establish a session");	886✔
29	if(tls12_no_ticket) {	886✔
30	return std::nullopt;	1✔
31	}
32
33	const auto key = get_ticket_key();	885✔
34	if(!key.has_value()) {	885✔
35	return std::nullopt;	1✔
36	}
37
38	return Session_Ticket{session.encrypt(key.value(), *m_rng)};	884✔
39	}	886✔
40
41	void Session_Manager_Stateless::store(const Session&, const Session_Handle&) {	3✔
42	throw Invalid_Argument("A stateless Session Manager cannot store Sessions with their handle");	3✔
43	}
44
45	std::optional<Session> Session_Manager_Stateless::retrieve_one(const Session_Handle& handle) {	360✔
46	auto ticket = handle.ticket();	360✔
47	if(!ticket.has_value()) {	360✔
48	return std::nullopt;	35✔
49	}
50
51	const auto key = get_ticket_key();	325✔
52	if(!key.has_value()) {	325✔
53	return std::nullopt;	1✔
54	}
55
56	try {	324✔
57	return Session::decrypt(ticket.value(), key.value());	641✔
58	} catch(const std::exception&) {	7✔
59	// RFC 8446 4.2.11
60	// Any unknown PSKs (e.g., ones not in the PSK database or encrypted
61	// with an unknown key) SHOULD simply be ignored.
62	return std::nullopt;	7✔
63	}	7✔
64	}	360✔
65
66	bool Session_Manager_Stateless::emits_session_tickets() {	538✔
67	return get_ticket_key().has_value();	538✔
68	}
69
70	std::optional<SymmetricKey> Session_Manager_Stateless::get_ticket_key() noexcept {	1,748✔
71	try {	1,748✔
72	auto key = m_credentials_manager->psk("tls-server", "session-ticket", "");	3,501✔
73	if(key.length() == 0) {	1,743✔
74	return std::nullopt;	×
75	}
76	return key;	1,743✔
77	} catch(...) {	1,748✔
78	return std::nullopt;	5✔
79	}	5✔
80	}
81
82	} // namespace Botan::TLS

randombit / botan / 5230455705

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous