|
1 // Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // Record protocol events header file. |
|
15 // Describes classes used for Record parsing and composition. |
|
16 // |
|
17 // |
|
18 |
|
19 /** |
|
20 @file |
|
21 */ |
|
22 |
|
23 #include <tlstypedef.h> |
|
24 #include "tlsevent.h" |
|
25 #include "tlsrecorditem.h" |
|
26 #include "genericsecuresocket.h" |
|
27 |
|
28 #ifndef _RECORDPROTOCOLEVENTS_H_ |
|
29 #define _RECORDPROTOCOLEVENTS_H_ |
|
30 |
|
31 // Enumeration for the Record protocol read and write states |
|
32 enum ETlsRecordProtocolStates |
|
33 { |
|
34 ETlsFragmentRecord, /** Record fragmentation/re-assembly */ |
|
35 ETlsCompressRecord, /** Record compression/decompress */ |
|
36 ETlsCipherRecord, /** Record security (MAC calculation/verification + encryption/decryption) */ |
|
37 ETlsTransmitRecord, /** Record transmission */ |
|
38 ETlsReceiveRecordHeader, /** Record protocol header reception */ |
|
39 ETlsReceiveRecordBody /** Record protocol body reception */ |
|
40 }; |
|
41 |
|
42 // Set by CSendAppData/CRecvAppData costructor as its history (iHistory) |
|
43 const TInt KTlsApplicationData = (-1); |
|
44 const TInt KTlsCompressionSize = 1; // Number of bytes used for compression |
|
45 |
|
46 class RSocket; |
|
47 class CStateMachine; |
|
48 class CTLSSession; |
|
49 class CHandshakeParser; |
|
50 class CSendAlert; |
|
51 |
|
52 class CRecordParser : public CTlsEvent |
|
53 /** |
|
54 * This class handles Record protocol reception. |
|
55 * It parses the record header, picks a parser for the record payload/body (from its |
|
56 * list of allowed ones) and reads/decrypts the payload. |
|
57 * |
|
58 * The CRecordParser class (active when a record header has been received) has a list |
|
59 * of CTlsEvent derived objects representing expected SSL\TLS record content types |
|
60 * that can arrive at any moment. |
|
61 */ |
|
62 { |
|
63 friend class CTlsConnection; // Used to create or destroy the object |
|
64 |
|
65 public: |
|
66 void ReConstructL( CStateMachine* aStateMachine, const TPtr8& aHeldData, CSendAlert& aSendAlert ); |
|
67 void Reset(); |
|
68 void ChangeCipher(); |
|
69 |
|
70 MGenericSecureSocket& Socket() const; |
|
71 |
|
72 virtual CAsynchEvent* ProcessL( TRequestStatus& aStatus ); |
|
73 void SetUserData( TDes8* aUserData ); |
|
74 void SetUserMaxLength( TInt aUserMaxLength ); |
|
75 TDes8* UserData() const; |
|
76 TPtr8& HeldData(); |
|
77 TPtr8& PtrHBuf(); |
|
78 CHandshakeParser* HandshakeParser() const; |
|
79 void IgnoreAppData( TInt aIgnoreRecordAllowed ); |
|
80 TBool IsAppData() const; |
|
81 TInt ReadActive() const; |
|
82 |
|
83 void CancelAll(); |
|
84 TInt CurrentPos() const; |
|
85 |
|
86 ETlsRecordType TlsRecordType() const; |
|
87 |
|
88 |
|
89 protected: |
|
90 CRecordParser( MGenericSecureSocket& aSocket, CTLSProvider& aTlsProvider); |
|
91 ~CRecordParser(); |
|
92 |
|
93 CTlsEvent* LookUpEventL( TInt aRecordType ); |
|
94 TInt ParseHeaderL(); // Sets iNext (the next event) to a proper payload parser |
|
95 void DestroyList(); |
|
96 void DispatchData(); |
|
97 |
|
98 private: |
|
99 void ReConstructL(); |
|
100 protected: |
|
101 CHandshakeParser* iHandshakeParser; |
|
102 protected: |
|
103 MGenericSecureSocket& iSocket; |
|
104 |
|
105 HBufC8* iDataIn; // Encrypted (if applicable) data, owned by the class |
|
106 // The header is read in first, and then overwritten by the record body. |
|
107 TDes8* iUserData; // Points to a User (application data or handshake) buffer when |
|
108 // parsing application data or processing handshake messages. |
|
109 TInt iUserMaxLength;// Maximum length of the user's buffer |
|
110 |
|
111 TInt64 iReadSequenceNum; // Read state (reception) sequence number |
|
112 public: |
|
113 TPtr8 iHeldData; // Buffer for held data. It's length != 0 when we have |
|
114 // undelivered data in the state machine fragment, CStateMachine::iFragment |
|
115 protected: |
|
116 ETlsRecordProtocolStates iReadState; |
|
117 CTLSSession* iActiveTlsSession; //active crypto session (own by CRecordParser) |
|
118 TUint iIgnoreRecord:1; // In case when application data arrives before server hello. |
|
119 TUint iIgnoreRecordAllowed:1; |
|
120 public: |
|
121 TPtr8 iPtrHBuf; // Used to pass a HBufC8 and TBuf8 as a TDes8 and to keep |
|
122 // the descriptor over an asynchronous call. |
|
123 protected: |
|
124 ETlsRecordType iTlsRecordType; |
|
125 HBufC8* iDecryptedData; // Buffer for decrypted data received from the Provider. |
|
126 |
|
127 TSglQue<CTlsEvent> iExpRecordTypes; // List of expected record protocol types |
|
128 }; |
|
129 |
|
130 |
|
131 // |
|
132 class CRecordComposer : public CTlsEvent |
|
133 /** |
|
134 * This class handles Record protocol transmissions. |
|
135 * It fragments a long stream into record blocks, adds a MAC, encrypts the payload, |
|
136 * adds a record header and sends the record. |
|
137 * |
|
138 * @note The iWriteSequenceNum member (write state sequence number) is specified by the |
|
139 * TLS specification (section 6.1) as a uint64. For Beech, there is no uint64 type |
|
140 * although one is defined for Cedar (EKA2). As configurability issues have not yet been |
|
141 * finalised, and because a TInt64 type appears more than adequate for our needs, this |
|
142 * type has been used for both this and the corresponding iReadSequenceNum variables. |
|
143 */ |
|
144 { |
|
145 friend class CTlsConnection; // Used to create or destroy the object |
|
146 |
|
147 public: |
|
148 void ReConstructL( CStateMachine* aStateMachine, TInt aCurrentPos ); |
|
149 void Reset(); |
|
150 void ChangeCipher(); |
|
151 |
|
152 MGenericSecureSocket& Socket() const; |
|
153 |
|
154 virtual CAsynchEvent* ProcessL( TRequestStatus& aStatus ); |
|
155 void SetUserData( TDesC8* aUserData ); |
|
156 TDesC8* UserData() const; |
|
157 TInt CurrentPos() const; |
|
158 void ResetCurrentPos(); |
|
159 TInt SentPlainTextLength() const; |
|
160 const TDesC8& SupportedCompression() const; |
|
161 |
|
162 void CancelAll(); |
|
163 |
|
164 const TTLSProtocolVersion* TlsVersion() const; |
|
165 void SetVersion( const TTLSProtocolVersion* aTlsVersion ); |
|
166 void SetRecordType( ETlsRecordType aTLSRecordType ); |
|
167 |
|
168 ~CRecordComposer(); |
|
169 |
|
170 protected: |
|
171 CRecordComposer( MGenericSecureSocket& aSocket, CTLSProvider& aTlsProvider ); |
|
172 |
|
173 void ComposeHeader( TInt aLength ); |
|
174 TBool IsAppData() const; |
|
175 |
|
176 protected: |
|
177 MGenericSecureSocket& iSocket; |
|
178 |
|
179 TBuf8<KTlsRecordPrealocate> iDataOut; // Secure (if applicable) data |
|
180 |
|
181 TDesC8* iUserData; // Points to the user's buffer (application data or handshake messages) |
|
182 TInt iCurrentPos; // Maintains the current position while the |
|
183 // record body is being split up into fragments |
|
184 TInt iSentPlainTextLength; // Keeps the length of currently sent plaintext data |
|
185 |
|
186 TInt64 iWriteSequenceNum; // Write state (transmission) sequence number |
|
187 ETlsRecordProtocolStates iWriteState; |
|
188 CTLSSession* iActiveTlsSession; //active crypto session (own by CRecordParser) this is aonly a reference |
|
189 |
|
190 TPtrC8 iPtrHBuf; // Descriptor used to pass a HBufC8 and TBuf8 as a |
|
191 // TDes8 and keep the descriptor over an asynch call |
|
192 TPtr8 iPtrEncryptTo; // Pointer descriptor containing encrypted data |
|
193 const TTLSProtocolVersion* iTlsVersion; // In case a different version is used for the |
|
194 // record header than that in TLS Provider |
|
195 // (for TLS -> SSL fall back (reference only). It |
|
196 // will be set to NULL as soon as it is used. |
|
197 TBuf8<KTlsCompressionSize> iSupportedCompression; // Supported compression. Always NULL at present. |
|
198 HBufC8* iEncryptedData; // Buffer for encrypted data passed to the Provider. |
|
199 }; |
|
200 |
|
201 |
|
202 |
|
203 // Inline functions - CRecordParser class |
|
204 inline CRecordParser::CRecordParser( MGenericSecureSocket& aSocket, CTLSProvider& aTlsProvider ) : |
|
205 CTlsEvent( &aTlsProvider, 0 ), |
|
206 iSocket( aSocket ), |
|
207 iReadSequenceNum (0), |
|
208 iHeldData( 0, 0 ), |
|
209 iReadState( ETlsReceiveRecordHeader ), |
|
210 iPtrHBuf( 0, 0 ), |
|
211 iDecryptedData( NULL ), |
|
212 iExpRecordTypes( CTlsEvent::Offset() ) |
|
213 /** |
|
214 * Basic construction. Each state machine calls ReConstructL() to set the parser |
|
215 * up more appropriately for its task. |
|
216 */ |
|
217 { |
|
218 LOG(Log::Printf(_L("CRecordParser::CRecordParser()\n"));) |
|
219 } |
|
220 |
|
221 inline ETlsRecordType CRecordParser::TlsRecordType() const |
|
222 { |
|
223 return iTlsRecordType; |
|
224 } |
|
225 |
|
226 inline void CRecordParser::IgnoreAppData( TInt aIgnoreRecordAllowed ) |
|
227 { |
|
228 iIgnoreRecordAllowed = aIgnoreRecordAllowed; |
|
229 } |
|
230 |
|
231 inline TInt CRecordParser::ReadActive() const |
|
232 { |
|
233 return iActiveTlsSession != NULL; |
|
234 } |
|
235 |
|
236 inline TBool CRecordParser::IsAppData() const |
|
237 /** |
|
238 * Indicates whether application data is being parsed. |
|
239 * The only case this could happen is if we've received a record fragment |
|
240 * marked as application data (see CRecordParser::LookUpEventL) |
|
241 */ |
|
242 { |
|
243 LOG(Log::Printf(_L("CRecordParser::IsAppData()\n"));) |
|
244 return !iNext; |
|
245 } |
|
246 |
|
247 inline MGenericSecureSocket& CRecordParser::Socket() const |
|
248 /** |
|
249 * Returns a reference to the Generic Socket object |
|
250 */ |
|
251 { |
|
252 LOG(Log::Printf(_L("CRecordParser::Socket()\n"));) |
|
253 return iSocket; |
|
254 } |
|
255 |
|
256 inline TPtr8& CRecordParser::HeldData() |
|
257 /** |
|
258 * Returns any held data left over from handling application data (if |
|
259 * the client's buffer was not big enough, or from processing handshake messages. |
|
260 */ |
|
261 { |
|
262 LOG(Log::Printf(_L("CRecordParser::HeldData()\n"));) |
|
263 return iHeldData; |
|
264 } |
|
265 |
|
266 inline TPtr8& CRecordParser::PtrHBuf() |
|
267 /** |
|
268 * Returns the iPtrHBuf descriptor. It is only called when an Alert is being |
|
269 * processed (as it is pointing to the message content). It is better to use this than the |
|
270 * iUserData descriptor as we have no control over the size of the application's data buffer |
|
271 * when in data mode. The buffer could be too small to contain the Alert message. |
|
272 */ |
|
273 { |
|
274 LOG(Log::Printf(_L("CRecordParser::PtrHBuf()\n"));) |
|
275 return iPtrHBuf; |
|
276 } |
|
277 |
|
278 inline CHandshakeParser* CRecordParser::HandshakeParser() const |
|
279 /** |
|
280 * Returns a pointer to the Handshake parser object. |
|
281 */ |
|
282 { |
|
283 LOG(Log::Printf(_L("CRecordParser::HandshakeParser()\n"));) |
|
284 return iHandshakeParser; |
|
285 } |
|
286 |
|
287 inline void CRecordParser::SetUserData( TDes8* aUserData ) |
|
288 /** |
|
289 * Sets the record parser's iUserData pointer to the user's buffer |
|
290 * (application data or handshake messages). |
|
291 */ |
|
292 { |
|
293 LOG(Log::Printf(_L("CRecordParser::SetUserData()\n"));) |
|
294 |
|
295 iUserData = aUserData; |
|
296 } |
|
297 |
|
298 inline void CRecordParser::SetUserMaxLength( TInt aUserMaxLength ) |
|
299 /** |
|
300 * Sets the record parser's iUserMaxLength attribute |
|
301 */ |
|
302 { |
|
303 LOG(Log::Printf(_L("CRecordParser::SetUserMaxLength()\n"));) |
|
304 |
|
305 iUserMaxLength = aUserMaxLength; |
|
306 } |
|
307 |
|
308 inline TDes8* CRecordParser::UserData() const |
|
309 /** |
|
310 * Returns a pointer to the iUserData descriptor. |
|
311 */ |
|
312 { |
|
313 LOG(Log::Printf(_L("CRecordParser::UserData()\n"));) |
|
314 return iUserData; |
|
315 } |
|
316 |
|
317 |
|
318 |
|
319 // Inline functions - CRecordComposer class |
|
320 |
|
321 inline CRecordComposer::CRecordComposer( MGenericSecureSocket& aSocket, CTLSProvider& aTlsProvider ) : |
|
322 CTlsEvent( &aTlsProvider, 0 ), |
|
323 iSocket( aSocket ), |
|
324 iWriteSequenceNum (0), |
|
325 iWriteState( ETlsFragmentRecord ), |
|
326 iPtrHBuf( 0, 0 ), |
|
327 iPtrEncryptTo( 0, 0 ), |
|
328 iEncryptedData( NULL ) |
|
329 /** |
|
330 * Basic construction. Each state machine calls ReConstructL() to set the composer |
|
331 * up more appropriately for its task. |
|
332 */ |
|
333 { |
|
334 LOG(Log::Printf(_L("CRecordComposer::CRecordComposer()\n"));) |
|
335 iSupportedCompression.Append(ENullCompression); // Only NULL compression is supported |
|
336 } |
|
337 |
|
338 inline void CRecordComposer::SetVersion( const TTLSProtocolVersion* aTlsVersion ) |
|
339 /** |
|
340 * Sets the protocol version to use in the record header. |
|
341 */ |
|
342 { |
|
343 LOG(Log::Printf(_L("CRecordComposer::SetVersion()\n"));) |
|
344 iTlsVersion = aTlsVersion; |
|
345 } |
|
346 |
|
347 inline const TDesC8& CRecordComposer::SupportedCompression() const |
|
348 /** |
|
349 * This method returns the supported compression for the connection. |
|
350 */ |
|
351 { |
|
352 LOG(Log::Printf(_L("CRecordComposer::SupportedCompression()\n"));) |
|
353 return iSupportedCompression; |
|
354 } |
|
355 |
|
356 inline const TTLSProtocolVersion* CRecordComposer::TlsVersion() const |
|
357 { |
|
358 return iTlsVersion; |
|
359 } |
|
360 |
|
361 inline void CRecordComposer::Reset() |
|
362 { |
|
363 iWriteSequenceNum = 0; // reset the sequence number |
|
364 iActiveTlsSession = NULL; // Owned by CRecordParser if != CTlsconnection:;iTlsSession |
|
365 } |
|
366 |
|
367 inline void CRecordComposer::SetRecordType( ETlsRecordType aTLSRecordType ) |
|
368 /** |
|
369 * Sets the Record protocol's content type (ChangeCipherSpec, |
|
370 * Alert, Handshake or Application data). |
|
371 */ |
|
372 { |
|
373 LOG(Log::Printf(_L("CRecordComposer::SetRecordType()\n"));) |
|
374 |
|
375 TUint8* dataPtr = (TUint8*) iDataOut.Ptr(); |
|
376 dataPtr[KTlsRecordTypeOffset] = (TUint8)aTLSRecordType; |
|
377 } |
|
378 |
|
379 inline TBool CRecordComposer::IsAppData() const |
|
380 /** |
|
381 * Returns a boolean value indicating whether the connection is |
|
382 * in Application data mode. |
|
383 */ |
|
384 { |
|
385 LOG(Log::Printf(_L("CRecordComposer::IsAppData()\n"));) |
|
386 |
|
387 TUint8* dataPtr = (TUint8*) iDataOut.Ptr(); |
|
388 return dataPtr[KTlsRecordTypeOffset] == ETlsAppDataContentType; |
|
389 } |
|
390 |
|
391 inline TInt CRecordComposer::SentPlainTextLength() const |
|
392 /** |
|
393 * Returns the amount/length of the plain text data that is |
|
394 * transmitted. |
|
395 */ |
|
396 { |
|
397 LOG(Log::Printf(_L("CRecordComposer::SentPlainTextLength()\n"));) |
|
398 return iSentPlainTextLength; |
|
399 } |
|
400 |
|
401 inline TDesC8* CRecordComposer::UserData() const |
|
402 /** |
|
403 * Returns a pointer to the iUserData descriptor (i.e. the |
|
404 * state machine's (handshake or application) data buffer. |
|
405 */ |
|
406 { |
|
407 LOG(Log::Printf(_L("CRecordComposer::UserData()\n"));) |
|
408 return iUserData; |
|
409 } |
|
410 |
|
411 inline void CRecordComposer::SetUserData( TDesC8* aUserData ) |
|
412 /** |
|
413 * Sets the iUserData descriptor pointing to the state machine's |
|
414 * (client/application data or handshake) buffer. |
|
415 */ |
|
416 { |
|
417 LOG(Log::Printf(_L("CRecordComposer::SetUserData()\n"));) |
|
418 iUserData = aUserData; |
|
419 } |
|
420 |
|
421 inline TInt CRecordComposer::CurrentPos() const |
|
422 /** |
|
423 * Returns the current position in a record. It is used to keep track |
|
424 * when a record is being fragmented for transmission. |
|
425 */ |
|
426 { |
|
427 LOG(Log::Printf(_L("CRecordComposer::CurrentPos()\n"));) |
|
428 return iCurrentPos; |
|
429 } |
|
430 |
|
431 inline void CRecordComposer::ResetCurrentPos() |
|
432 /** |
|
433 * Resets the current position in a record to zero. It is called when |
|
434 * application data tranmission is fully complete. |
|
435 */ |
|
436 { |
|
437 LOG(Log::Printf(_L("CRecordComposer::ResetCurrentPos()\n"));) |
|
438 iCurrentPos = 0; |
|
439 } |
|
440 |
|
441 inline MGenericSecureSocket& CRecordComposer::Socket() const |
|
442 /** |
|
443 * Returns a reference to the Generic Socket object |
|
444 */ |
|
445 { |
|
446 LOG(Log::Printf(_L("CRecordComposer::Socket()\n"));) |
|
447 return iSocket; |
|
448 } |
|
449 |
|
450 #endif |