1
2 /* Web Polygraph http://www.web-polygraph.org/
3 * Copyright 2003-2011 The Measurement Factory
4 * Licensed under the Apache License, Version 2.0 */
5
6 #include "pgl/pgl.h"
7
8 #include "xstd/String.h"
9 #include "xstd/TblDistr.h"
10 #include "pgl/PglBoolSym.h"
11 #include "pgl/PglRec.h"
12 #include "pgl/PglNumSym.h"
13 #include "pgl/PglStringSym.h"
14 #include "pgl/PglArraySym.h"
15 #include "pgl/PglSizeSym.h"
16 #include "pgl/PglIntSym.h"
17 #include "pgl/SslWrapSym.h"
18
19
20
21 String SslWrapSym::TheType = "SslWrap";
22
23 static String strStringArr = "string[]";
24 static String strProtocols = "protocols";
25 static String strRootCertificate = "root_certificate";
26 static String strSizeArr = "size[]";
27 static String strRsaKeySizes = "rsa_key_sizes";
28 static String strGenerateCertificates = "generate_certificates";
29 static String strCertificates = "certificates";
30 static String strCiphers = "ciphers";
31 static String strSslCiphers = "ssl-ciphers"; // a global name for the distr
32 static String strSessionResump = "session_resumption";
33 static String strSessionCache = "session_cache";
34 static String strSharingGroup = "sharing_group";
35 static String strSslConfigFile = "ssl_config_file";
36 static String strVerifyPeerCertificate = "verify_peer_certificate";
37 static String strCompression = "compression";
38 static String strSni = "sni";
39 static String strEcdheCurve = "ecdhe_curve";
40
41
SslWrapSym()42 SslWrapSym::SslWrapSym(): RecSym(TheType, new PglRec) {
43 theRec->bAdd(strStringArr, strProtocols, 0);
44 theRec->bAdd(StringSym::TheType, strRootCertificate, 0);
45 theRec->bAdd(StringSym::TheType, strSharingGroup, 0);
46 theRec->bAdd(strSizeArr, strRsaKeySizes, 0);
47 theRec->bAdd(BoolSym::TheType, strGenerateCertificates, 0);
48 theRec->bAdd(strStringArr, strCertificates, 0);
49 theRec->bAdd(strStringArr, strCiphers, 0);
50 theRec->bAdd(NumSym::TheType, strSessionResump, 0);
51 theRec->bAdd(IntSym::TheType, strSessionCache, 0);
52 theRec->bAdd(StringSym::TheType, strSslConfigFile, 0);
53 theRec->bAdd(BoolSym::TheType, strVerifyPeerCertificate, 0);
54 theRec->bAdd(NumSym::TheType, strCompression, 0);
55 theRec->bAdd(NumSym::TheType, strSni, 0);
56 theRec->bAdd(StringSym::TheType, strEcdheCurve, 0);
57 }
58
SslWrapSym(const String & aType,PglRec * aRec)59 SslWrapSym::SslWrapSym(const String &aType, PglRec *aRec): RecSym(aType, aRec) {
60 }
61
isA(const String & type) const62 bool SslWrapSym::isA(const String &type) const {
63 return RecSym::isA(type) || type == TheType;
64 }
65
dupe(const String & type) const66 SynSym *SslWrapSym::dupe(const String &type) const {
67 if (isA(type))
68 return new SslWrapSym(this->type(), theRec->clone());
69 return RecSym::dupe(type);
70 }
71
rootCertificate() const72 String SslWrapSym::rootCertificate() const {
73 return getString(strRootCertificate);
74 }
75
protocols(const TokenIdentifier & protocolNames) const76 RndDistr *SslWrapSym::protocols(const TokenIdentifier &protocolNames) const {
77 return namesToDistr(strProtocols, protocolNames);
78 }
79
protocols(Array<String * > & protos,Array<double> & probs) const80 bool SslWrapSym::protocols(Array<String*> &protos, Array<double> &probs) const {
81 return getStrings(strProtocols, protos, &probs);
82 }
83
rsaKeySizes(Array<Size> & sizes,RndDistr * & sel) const84 bool SslWrapSym::rsaKeySizes(Array<Size> &sizes, RndDistr *&sel) const {
85 SynSymTblItem *wi = 0;
86 Assert(theRec->find(strRsaKeySizes, wi));
87 if (!wi->sym())
88 return false; // undefined
89
90 ArraySym &a = (ArraySym&)wi->sym()->cast(ArraySym::TheType);
91 Array<SizeSym*> syms;
92 a.exportA(syms);
93
94 sizes.stretch(syms.count());
95 for (int i = 0; i < syms.count(); ++i) {
96 const Size len = Size::Byte(syms[i]->val().byte());
97 const Size minLen = Size::Bit(384);
98 if (len < minLen) {
99 cerr << loc() << "RSA key size must be at least " << minLen <<
100 "; got: " << len << endl;
101 exit(1);
102 }
103 sizes.append(len);
104 }
105
106 Array<double> probs;
107 a.copyProbs(probs);
108 sel = TblDistr::FromDistrTable(type() + "-" + strRsaKeySizes, probs);
109
110 return true;
111 }
112
generateCertificates(bool & set) const113 bool SslWrapSym::generateCertificates(bool &set) const {
114 return getBool(strGenerateCertificates, set);
115 }
116
certificates(Array<String * > & certificates) const117 bool SslWrapSym::certificates(Array<String*> &certificates) const {
118 return getStrings(strCertificates, certificates);
119 }
120
ciphers(Array<String * > & ciphers,RndDistr * & selector) const121 bool SslWrapSym::ciphers(Array<String*> &ciphers, RndDistr *&selector) const {
122 if (ArraySym *as = getArraySym(strCiphers)) {
123 selector = as->makeSelector(strSslCiphers);
124 Assert(getStrings(strCiphers, ciphers));
125 return true;
126 }
127 return false;
128 }
129
sessionResumpt(double & prob) const130 bool SslWrapSym::sessionResumpt(double &prob) const {
131 return getDouble(strSessionResump, prob);
132 }
133
sessionCacheSize(int & count) const134 bool SslWrapSym::sessionCacheSize(int &count) const {
135 return getInt(strSessionCache, count);
136 }
137
sharingGroup() const138 String SslWrapSym::sharingGroup() const {
139 return getString(strSharingGroup);
140 }
141
sslConfigFile() const142 String SslWrapSym::sslConfigFile() const {
143 return getString(strSslConfigFile);
144 }
145
verifyPeerCertificate(bool & set) const146 bool SslWrapSym::verifyPeerCertificate(bool &set) const {
147 return getBool(strVerifyPeerCertificate, set);
148 }
149
compression(double & prob) const150 bool SslWrapSym::compression(double &prob) const {
151 return getDouble(strCompression, prob);
152 }
153
sni(double & prob) const154 bool SslWrapSym::sni(double &prob) const {
155 return getDouble(strSni, prob);
156 }
157
ecdheCurve() const158 String SslWrapSym::ecdheCurve() const {
159 return getString(strEcdheCurve);
160 }
161