Process plugins - Introduce TLS parser

Author: Zainullin Damir

src/plugins/process/common/tlsParser/extensionReaders/extensionReader.hpp

@@ -0,0 +1,61 @@
+/**
+ * @file
+ * @brief Provides a reader for parsing TLS extensions.
+ * @author Damir Zainullin <[email protected]>
+ * @date 2025
+ *
+ * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
+ */
+
+#include "../tlsExtension.hpp"
+
+#include <iostream>
+#include <optional>
+#include <ranges>
+#include <span>
+
+#include <arpa/inet.h>
+#include <readers/rangeReader/generator.hpp>
+#include <readers/rangeReader/rangeReader.hpp>
+
+namespace ipxp::process {
+
+/**
+ * @class ExtensionReader
+ * @brief A reader for parsing TLS extensions from a byte span.
+ *
+ * This class provides functionality to parse TLS extensions from a given payload.
+ * It uses a generator to yield each parsed extension as a `TLSExtension` struct.
+ */
+class ExtensionReader : public RangeReader {
+public:
+	auto getRange(std::span<const std::byte> payload) noexcept
+	{
+		return Generator([&]() -> std::optional<TLSExtension> {
+			if (payload.empty()) {
+				setSuccess();
+				return std::nullopt;
+			}
+			if (payload.size() < 2 * sizeof(uint16_t)) {
+				return std::nullopt;
+			}
+
+			const auto type = static_cast<TLSExtensionType>(
+				ntohs(*reinterpret_cast<const uint16_t*>(payload.data())));
+			std::cout << "Extension type raw: " << std::hex << static_cast<uint16_t>(type) << "\n";
+			const uint16_t length
+				= ntohs(*reinterpret_cast<const uint16_t*>(payload.data() + sizeof(type)));
+			if (length > payload.size()) {
+				return std::nullopt;
+			}
+
+			const auto extensionBegin = payload.data() + sizeof(type) + sizeof(length);
+
+			payload = payload.subspan(sizeof(type) + sizeof(length) + length);
+
+			return TLSExtension {type, {extensionBegin, length}};
+		});
+	}
+};
+
+} // namespace ipxp::process

src/plugins/process/common/tlsParser/extensionReaders/userAgentReader.hpp

@@ -0,0 +1,81 @@
+/**
+ * @file
+ * @brief Provides a reader for parsing User-Agent extensions in TLS.
+ * @author Damir Zainullin <[email protected]>
+ * @date 2025
+ *
+ * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
+ */
+
+#include "../../../quic/src/quicVariableInt.hpp"
+
+#include <optional>
+#include <ranges>
+#include <span>
+
+#include <readers/rangeReader/generator.hpp>
+#include <readers/rangeReader/rangeReader.hpp>
+
+namespace ipxp::process {
+
+/**
+ * @struct UserAgent
+ * @brief Represents a User-Agent with an ID and value.
+ */
+struct UserAgent {
+	uint64_t id;
+	std::string_view value;
+};
+
+/**
+ * @class UserAgentReader
+ * @brief A reader for parsing User-Agent extensions from a byte span.
+ *
+ * This class provides functionality to parse User-Agent extensions from a given payload.
+ * It uses a generator to yield each parsed User-Agent as a `UserAgent` struct.
+ */
+struct UserAgentReader : public RangeReader {
+	auto getRange(std::span<const std::byte> userAgentExtension) noexcept
+	{
+		return Generator([this, userAgentExtension]() mutable -> std::optional<UserAgent> {
+			if (userAgentExtension.empty()) {
+				setSuccess();
+				return std::nullopt;
+			}
+			const std::optional<quic::VariableLengthInt> id
+				= quic::readQUICVariableLengthInt(userAgentExtension);
+			if (!id.has_value()) {
+				return std::nullopt;
+			}
+
+			const std::size_t lengthOffset = id->length;
+			const std::optional<quic::VariableLengthInt> userAgentLength
+				= quic::readQUICVariableLengthInt(userAgentExtension.subspan(lengthOffset));
+			if (!userAgentLength.has_value()) {
+				return std::nullopt;
+			}
+			if (id->length + userAgentLength->length + userAgentLength->value
+				> userAgentExtension.size()) {
+				return std::nullopt;
+			}
+
+			const std::size_t userAgentOffset = lengthOffset + userAgentLength->length;
+			const auto userAgent
+				= reinterpret_cast<const char*>(userAgentExtension.data() + userAgentOffset);
+
+			userAgentExtension
+				= userAgentExtension.subspan(userAgentOffset + userAgentLength->length);
+
+			return UserAgent {id->value, {userAgent, userAgentLength->value}};
+		});
+	}
+};
+
+/*
+class TLSUserAgentReader : public RangeReader<UserAgentReaderFactory> {
+public:
+	TLSUserAgentReader(std::span<const std::byte> userAgentExtension)
+		: RangeReader(userAgentExtension, UserAgentReaderFactory{this}) {}
+};*/
+
+} // namespace ipxp::process

src/plugins/process/common/tlsParser/tlsExtension.hpp

@@ -0,0 +1,28 @@
+/**
+ * @file
+ * @brief Defines the TLSExtension struct for representing TLS extensions.
+ * @author Damir Zainullin <[email protected]>
+ * @date 2025
+ *
+ * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
+ */
+
+#pragma once
+
+#include "tlsExtensionType.hpp"
+
+#include <cstdint>
+#include <span>
+
+namespace ipxp::process {
+
+/**
+ * @struct TLSExtension
+ * @brief Represents a TLS extension with its type and payload.
+ */
+struct TLSExtension {
+	TLSExtensionType type;
+	std::span<const std::byte> payload;
+};
+
+} // namespace ipxp::process

src/plugins/process/common/tlsParser/tlsExtensionType.hpp

@@ -0,0 +1,34 @@
+/**
+ * @file
+ * @brief Defines the TLSExtensionType enum for identifying TLS extension types.
+ * @author Damir Zainullin <[email protected]>
+ * @date 2025
+ *
+ * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
+ */
+
+#pragma once
+
+#include <cstdint>
+
+namespace ipxp::process {
+
+/**
+ * @enum TLSExtensionType
+ * @brief Enumerates the types of TLS extensions.
+ *
+ * This enum defines various TLS extension types identified by their respective type codes.
+ */
+enum class TLSExtensionType : uint16_t {
+	SERVER_NAME = 0,
+	SUPPORTED_GROUPS = 10, // AKA supported_groups, ECLIPTIC_CURVES
+	ELLIPTIC_CURVE_POINT_FORMATS = 11,
+	SIGNATURE_ALGORITHMS = 13,
+	ALPN = 16,
+	SUPPORTED_VERSION = 43,
+	QUIC_TRANSPORT_PARAMETERS = 0xffa5,
+	QUIC_TRANSPORT_PARAMETERS_V1 = 0x39,
+	QUIC_TRANSPORT_PARAMETERS_V2 = 0x26
+};
+
+} // namespace ipxp::process

src/plugins/process/common/tlsParser/tlsHandshake.hpp

@@ -0,0 +1,36 @@
+/**
+ * @file
+ * @brief Defines the TLSHandshake struct for representing TLS handshake messages.
+ * @author Damir Zainullin <[email protected]>
+ * @date 2025
+ *
+ * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
+ */
+
+#pragma once
+
+#include "tlsVersion.hpp"
+
+#include <cstdint>
+
+namespace ipxp::process {
+
+/**
+ * @struct TLSHandshake
+ * @brief Represents a TLS handshake message with its type, length, and version.
+ *
+ * This structure is used to parse and represent the initial handshake messages
+ * in the TLS protocol, such as ClientHello and ServerHello.
+ */
+struct TLSHandshake {
+	enum class Type : uint8_t { CLIENT_HELLO = 1, SERVER_HELLO = 2 };
+
+	Type type;
+	uint8_t length1; // length field is 3 bytes long...
+	uint16_t length2;
+	TLSVersion version;
+
+	/* Handshake data... */
+} __attribute__((packed));
+
+} // namespace ipxp::process

src/plugins/process/common/tlsParser/tlsHeader.hpp

@@ -0,0 +1,32 @@
+/**
+ * @file
+ * @brief Defines the TLSHeader struct for representing TLS record headers.
+ * @author Damir Zainullin <[email protected]>
+ * @date 2025
+ *
+ * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
+ */
+
+#pragma once
+
+#include <cstdint>
+
+namespace ipxp::process {
+
+/**
+ * @struct TLSVersion
+ * @brief Represents the version of the TLS protocol.
+ *
+ * This structure holds the major and minor version numbers of the TLS protocol.
+ */
+struct TLSHeader {
+	enum class Type : uint8_t { HANDSHAKE = 22 };
+
+	Type type;
+	TLSVersion version;
+	uint16_t length;
+	/* Record data... */
+
+} __attribute__((packed));
+
+} // namespace ipxp::process