Class: TTTLS13::Connection

Inherits:
Object
  • Object
show all
Includes:
Logging
Defined in:
lib/tttls1.3/connection.rb

Overview

rubocop: disable Metrics/ClassLength

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Logging

#logger, logger

Constructor Details

#initialize(socket, side) ⇒ Connection

Returns a new instance of Connection.

Parameters:

  • socket (Socket)
  • side (:client or :server) 


16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'lib/tttls1.3/connection.rb', line 16

def initialize(socket, side)
  @socket = socket
  @side = side
  @state = INITIAL
  @ap_wcipher = Cryptograph::Passer.new
  @ap_rcipher = Cryptograph::Passer.new
  @alert_wcipher = Cryptograph::Passer.new
  @message_queue = [] # Array of [TTTLS13::Message::$Object, String]
  @binary_buffer = '' # deposit Record.surplus_binary
  @send_record_size = Message::DEFAULT_RECORD_SIZE_LIMIT
  @recv_record_size = Message::DEFAULT_RECORD_SIZE_LIMIT
end

Instance Attribute Details

#alert_wcipherObject

Returns the value of attribute alert_wcipher.



12
13
14
 
# File 'lib/tttls1.3/connection.rb', line 12

def alert_wcipher
  @alert_wcipher
end

#ap_rcipherObject

Returns the value of attribute ap_rcipher.



12
13
14
 
# File 'lib/tttls1.3/connection.rb', line 12

def ap_rcipher
  @ap_rcipher
end

#ap_wcipherObject

Returns the value of attribute ap_wcipher.



12
13
14
 
# File 'lib/tttls1.3/connection.rb', line 12

def ap_wcipher
  @ap_wcipher
end

#stateObject

Returns the value of attribute state.



12
13
14
 
# File 'lib/tttls1.3/connection.rb', line 12

def state
  @state
end

Instance Method Details

#closeObject 



75
76
77
78
79
80
 
# File 'lib/tttls1.3/connection.rb', line 75

def close
  return if @state == EOF

  send_alert(:close_notify)
  @state = EOF
end

#eof?Boolean

Returns:

  • (Boolean) 


58
59
60
 
# File 'lib/tttls1.3/connection.rb', line 58

def eof?
  @state == EOF
end

#handle_received_alert(alert) ⇒ Object

Parameters:

Raises:



223
224
225
226
227
228
229
230
 
# File 'lib/tttls1.3/connection.rb', line 223

def handle_received_alert(alert)
  unless alert.description == Message::ALERT_DESCRIPTION[:close_notify] ||
         alert.description == Message::ALERT_DESCRIPTION[:user_canceled]
    raise alert.to_error
  end

  @state = EOF
end

#read(nst_process) ⇒ String

Parameters:

  • nst_process (Method)

Returns:

  • (String)

Raises:



34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/tttls1.3/connection.rb', line 34

def read(nst_process)
  # secure channel has not established yet
  raise Error::ConfigError \
    unless (@side == :client && @state == ClientState::CONNECTED) ||
           (@side == :server && @state == ServerState::CONNECTED)
  return '' if @state == EOF

  message = nil
  loop do
    message, = recv_message(receivable_ccs: false, cipher: @ap_rcipher)
    # At any time after the server has received the client Finished
    # message, it MAY send a NewSessionTicket message.
    break unless message.is_a?(Message::NewSessionTicket)

    terminate(:unexpected_message) if @side == :server

    nst_process.call(message)
  end
  return '' if message.nil?

  message.fragment
end

#recv_message(receivable_ccs:, cipher:) ⇒ TTTLS13::Message::$Object, String

Parameters:

Returns:

Raises:



146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
 
# File 'lib/tttls1.3/connection.rb', line 146

def recv_message(receivable_ccs:, cipher:)
  return @message_queue.shift unless @message_queue.empty?

  messages = nil
  orig_msgs = []
  loop do
    record, orig_msgs = recv_record(cipher)
    case record.type
    when Message::ContentType::HANDSHAKE,
         Message::ContentType::APPLICATION_DATA
      messages = record.messages
      break unless messages.empty?
    when Message::ContentType::CCS
      terminate(:unexpected_message) unless receivable_ccs
      next
    when Message::ContentType::ALERT
      handle_received_alert(record.messages.first)
      return nil
    else
      terminate(:unexpected_message)
    end
  end

  @message_queue += messages[1..].zip(orig_msgs[1..])
  message = messages.first
  orig_msg = orig_msgs.first
  if message.is_a?(Message::Alert)
    handle_received_alert(message)
    return nil
  end

  [message, orig_msg]
end

#recv_record(cipher) ⇒ TTTLS13::Message::Record, Array of String

Parameters:

Returns:



184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
 
# File 'lib/tttls1.3/connection.rb', line 184

def recv_record(cipher)
  binary = @socket.read(5)
  record_len = Convert.bin2i(binary.slice(3, 2))
  binary += @socket.read(record_len)

  begin
    buffer = @binary_buffer
    record, orig_msgs, surplus_binary = Message::Record.deserialize(
      binary,
      cipher,
      buffer,
      @recv_record_size
    )
    @binary_buffer = surplus_binary
  rescue Error::ErrorAlerts => e
    terminate(e.message.to_sym)
  end

  # Received a protected ccs, peer MUST abort the handshake.
  if record.type == Message::ContentType::APPLICATION_DATA &&
     record.messages.any? { |m| m.is_a?(Message::ChangeCipherSpec) }
    terminate(:unexpected_message)
  end

  logger.info(Convert.obj2html(record))
  [record, orig_msgs]
end

#send_alert(symbol) ⇒ Object

Parameters:

  • symbol (Symbol)

    key of ALERT_DESCRIPTION



117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
 
# File 'lib/tttls1.3/connection.rb', line 117

def send_alert(symbol)
  message = Message::Alert.new(
    description: Message::ALERT_DESCRIPTION[symbol]
  )
  type = Message::ContentType::ALERT
  type = Message::ContentType::APPLICATION_DATA \
    if @alert_wcipher.is_a?(Cryptograph::Aead)
  alert_record = Message::Record.new(
    type:,
    legacy_record_version: Message::ProtocolVersion::TLS_1_2,
    messages: [message],
    cipher: @alert_wcipher
  )
  send_record(alert_record)
end

#send_application_data(message, cipher) ⇒ Object

Parameters:



106
107
108
109
110
111
112
113
114
 
# File 'lib/tttls1.3/connection.rb', line 106

def send_application_data(message, cipher)
  ap_record = Message::Record.new(
    type: Message::ContentType::APPLICATION_DATA,
    legacy_record_version: Message::ProtocolVersion::TLS_1_2,
    messages: [message],
    cipher:
  )
  send_record(ap_record)
end

#send_ccsObject 



94
95
96
97
98
99
100
101
102
 
# File 'lib/tttls1.3/connection.rb', line 94

def send_ccs
  ccs_record = Message::Record.new(
    type: Message::ContentType::CCS,
    legacy_record_version: Message::ProtocolVersion::TLS_1_2,
    messages: [Message::ChangeCipherSpec.new],
    cipher: Cryptograph::Passer.new
  )
  send_record(ccs_record)
end

#send_handshakes(type, messages, cipher) ⇒ Object

Parameters:



85
86
87
88
89
90
91
92
 
# File 'lib/tttls1.3/connection.rb', line 85

def send_handshakes(type, messages, cipher)
  record = Message::Record.new(
    type:,
    messages:,
    cipher:
  )
  send_record(record)
end

#send_record(record) ⇒ Object

Parameters:



134
135
136
137
 
# File 'lib/tttls1.3/connection.rb', line 134

def send_record(record)
  logger.info(Convert.obj2html(record))
  @socket.write(record.serialize(@send_record_size))
end

#terminate(symbol) ⇒ Object

Parameters:

  • symbol (Symbol)

    key of ALERT_DESCRIPTION

Raises:



215
216
217
218
 
# File 'lib/tttls1.3/connection.rb', line 215

def terminate(symbol)
  send_alert(symbol)
  raise Error::ErrorAlerts, symbol
end

#write(binary) ⇒ Object

Parameters:

  • binary (String)

Raises:



65
66
67
68
69
70
71
72
73
 
# File 'lib/tttls1.3/connection.rb', line 65

def write(binary)
  # secure channel has not established yet
  raise Error::ConfigError \
    unless (@side == :client && @state == ClientState::CONNECTED) ||
           (@side == :server && @state == ServerState::CONNECTED)

  ap = Message::ApplicationData.new(binary)
  send_application_data(ap, @ap_wcipher)
end