19012754211

Committed 02 Nov 2025 01:10PM UTC coverage: 90.677% (+0.006%) from 90.671%

Build # 19012754211

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #5137 from randombit/jack/clang-tidy-includes

Remove various unused includes flagged by clang-tidy misc-include-cleaner

Run Details

100457 of 110786 relevant lines covered (90.68%)

12189873.8 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

97.5

/src/lib/tls/tls_session_manager_stateless.cpp

/**
 * TLS Stateless Session Manager for stateless servers
 * (C) 2023 Jack Lloyd
 *     2023 René Meusel - Rohde & Schwarz Cybersecurity
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 */

#include <botan/tls_session_manager_stateless.h>

#include <botan/assert.h>
#include <botan/credentials_manager.h>
#include <botan/exceptn.h>
#include <botan/rng.h>

namespace Botan::TLS {

Session_Manager_Stateless::Session_Manager_Stateless(const std::shared_ptr<Credentials_Manager>& creds,
                                                     const std::shared_ptr<RandomNumberGenerator>& rng) :
      Session_Manager(rng), m_credentials_manager(creds) {
   BOTAN_ASSERT_NONNULL(m_credentials_manager);
}

std::optional<Session_Handle> Session_Manager_Stateless::establish(const Session& session,
                                                                   const std::optional<Session_ID>& /*session_id*/,
                                                                   bool tls12_no_ticket) {
   BOTAN_ASSERT(session.side() == Connection_Side::Server, "Client tried to establish a session");
   if(tls12_no_ticket) {
      return std::nullopt;
   }

   const auto key = get_ticket_key();
   if(!key.has_value()) {
      return std::nullopt;
   }

   return Session_Handle(Session_Ticket{session.encrypt(key.value(), *m_rng)});
}

void Session_Manager_Stateless::store(const Session& /*session*/, const Session_Handle& /*handle*/) {
   throw Invalid_Argument("A stateless Session Manager cannot store Sessions with their handle");
}

std::optional<Session> Session_Manager_Stateless::retrieve_one(const Session_Handle& handle) {
   auto ticket = handle.ticket();
   if(!ticket.has_value()) {
      return std::nullopt;
   }

   const auto key = get_ticket_key();
   if(!key.has_value()) {
      return std::nullopt;
   }

   try {
      return Session::decrypt(ticket.value(), key.value());
   } catch(const std::exception&) {
      // RFC 8446 4.2.11
      //    Any unknown PSKs (e.g., ones not in the PSK database or encrypted
      //    with an unknown key) SHOULD simply be ignored.
      return std::nullopt;
   }
}

bool Session_Manager_Stateless::emits_session_tickets() {
   return get_ticket_key().has_value();
}

std::optional<SymmetricKey> Session_Manager_Stateless::get_ticket_key() noexcept {
   try {
      auto key = m_credentials_manager->psk("tls-server", "session-ticket", "");
      if(key.empty()) {
         return std::nullopt;
      }
      return key;
   } catch(...) {
      return std::nullopt;
   }
}

}  // namespace Botan::TLS

1	/**
2	* TLS Stateless Session Manager for stateless servers
3	* (C) 2023 Jack Lloyd
4	* 2023 René Meusel - Rohde & Schwarz Cybersecurity
5	*
6	* Botan is released under the Simplified BSD License (see license.txt)
7	*/
8
9	#include <botan/tls_session_manager_stateless.h>
10
11	#include <botan/assert.h>
12	#include <botan/credentials_manager.h>
13	#include <botan/exceptn.h>
14	#include <botan/rng.h>
15
16	namespace Botan::TLS {
17
18	Session_Manager_Stateless::Session_Manager_Stateless(const std::shared_ptr<Credentials_Manager>& creds,	2,128✔
19	const std::shared_ptr<RandomNumberGenerator>& rng) :	2,128✔
20	Session_Manager(rng), m_credentials_manager(creds) {	2,128✔
21	BOTAN_ASSERT_NONNULL(m_credentials_manager);	2,128✔
22	}	2,128✔
23
24	std::optional<Session_Handle> Session_Manager_Stateless::establish(const Session& session,	910✔
25	const std::optional<Session_ID>& /session_id/,
26	bool tls12_no_ticket) {
27	BOTAN_ASSERT(session.side() == Connection_Side::Server, "Client tried to establish a session");	910✔
28	if(tls12_no_ticket) {	910✔
29	return std::nullopt;	1✔
30	}
31
32	const auto key = get_ticket_key();	909✔
33	if(!key.has_value()) {	909✔
34	return std::nullopt;	1✔
35	}
36
37	return Session_Handle(Session_Ticket{session.encrypt(key.value(), *m_rng)});	2,724✔
38	}	909✔
39
40	void Session_Manager_Stateless::store(const Session& /session/, const Session_Handle& /handle/) {	3✔
41	throw Invalid_Argument("A stateless Session Manager cannot store Sessions with their handle");	3✔
42	}
43
44	std::optional<Session> Session_Manager_Stateless::retrieve_one(const Session_Handle& handle) {	401✔
45	auto ticket = handle.ticket();	401✔
46	if(!ticket.has_value()) {	401✔
47	return std::nullopt;	77✔
48	}
49
50	const auto key = get_ticket_key();	324✔
51	if(!key.has_value()) {	324✔
52	return std::nullopt;	1✔
53	}
54
55	try {	323✔
56	return Session::decrypt(ticket.value(), key.value());	639✔
57	} catch(const std::exception&) {	7✔
58	// RFC 8446 4.2.11
59	// Any unknown PSKs (e.g., ones not in the PSK database or encrypted
60	// with an unknown key) SHOULD simply be ignored.
61	return std::nullopt;	7✔
62	}	7✔
63	}	725✔
64
65	bool Session_Manager_Stateless::emits_session_tickets() {	592✔
66	return get_ticket_key().has_value();	592✔
67	}
68
69	std::optional<SymmetricKey> Session_Manager_Stateless::get_ticket_key() noexcept {	1,825✔
70	try {	1,825✔
71	auto key = m_credentials_manager->psk("tls-server", "session-ticket", "");	3,650✔
72	if(key.empty()) {	1,820✔
73	return std::nullopt;	×
74	}
75	return key;	1,820✔
76	} catch(...) {	1,825✔
77	return std::nullopt;	5✔
78	}	5✔
79	}
80
81	} // namespace Botan::TLS

randombit / botan / 19012754211

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous