Process plugins - Introduce TLS parser

Author: Zainullin Damir

src/plugins/process/common/tlsParser/extensionReaders/extensionReader.hpp

@@ -0,0 +1,69 @@
+/**
+ * @file
+ * @brief Provides a reader for parsing TLS extensions.
+ * @author Damir Zainullin <[email protected]>
+ * @date 2025
+ *
+ * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
+ */
+
+#include "../tlsExtension.hpp"
+
+#include <optional>
+#include <ranges>
+#include <span>
+
+#include <arpa/inet.h>
+#include <readers/rangeReader/generator.hpp>
+#include <readers/rangeReader/rangeReader.hpp>
+
+namespace ipxp::process {
+
+/**
+ * @class ExtensionReader
+ * @brief A reader for parsing TLS extensions from a byte span.
+ *
+ * This class provides functionality to parse TLS extensions from a given payload.
+ * It uses a generator to yield each parsed extension as a `TLSExtension` struct.
+ */
+class ExtensionReader : public RangeReader {
+public:
+	auto getRange(std::span<const std::byte> payload) noexcept
+	{
+		return Generator::generate([this, payload]() mutable -> std::optional<TLSExtension> {
+				   if (payload.empty()) {
+					   setSuccess();
+					   return std::nullopt;
+				   }
+				   if (payload.size() < sizeof(uint16_t)) {
+					   return std::nullopt;
+				   }
+
+				   const uint16_t length
+					   = ntohs(*reinterpret_cast<const uint16_t*>(payload.data()));
+				   if (length > payload.size() || length < sizeof(uint16_t)) {
+					   return std::nullopt;
+				   }
+
+				   const auto type = static_cast<TLSExtensionType>(
+					   ntohs(*reinterpret_cast<const uint16_t*>(payload.data() + sizeof(length))));
+
+				   const auto extensionBegin = payload.data() + sizeof(type) + sizeof(length);
+
+				   payload = payload.subspan(sizeof(type) + sizeof(length) + length);
+
+				   return TLSExtension {type, {extensionBegin, length}};
+			   })
+			| std::views::take_while(
+				   [](const std::optional<TLSExtension>& v) { return v.has_value(); })
+			| std::views::transform([](const std::optional<TLSExtension>& v) { return *v; });
+	}
+};
+
+/*class ExtensionReader : public RangeReader<ExtensionReaderFactory> {
+public:
+	ExtensionReader(std::span<const std::byte> payload)
+		: RangeReader(payload, ExtensionReaderFactory{this}) {}
+};*/
+
+} // namespace ipxp

src/plugins/process/common/tlsParser/extensionReaders/userAgentReader.hpp

@@ -0,0 +1,86 @@
+/**
+ * @file
+ * @brief Provides a reader for parsing User-Agent extensions in TLS.
+ * @author Damir Zainullin <[email protected]>
+ * @date 2025
+ *
+ * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
+ */
+
+#include "../../../quic/src/quicVariableInt.hpp"
+
+#include <optional>
+#include <ranges>
+#include <span>
+
+#include <readers/rangeReader/generator.hpp>
+#include <readers/rangeReader/rangeReader.hpp>
+
+namespace ipxp::process {
+
+/**
+ * @struct UserAgent
+ * @brief Represents a User-Agent with an ID and value.
+ */
+struct UserAgent {
+	uint64_t id;
+	std::string_view value;
+};
+
+/**
+ * @class UserAgentReader
+ * @brief A reader for parsing User-Agent extensions from a byte span.
+ *
+ * This class provides functionality to parse User-Agent extensions from a given payload.
+ * It uses a generator to yield each parsed User-Agent as a `UserAgent` struct.
+ */
+struct UserAgentReader : public RangeReader {
+	auto getRange(std::span<const std::byte> userAgentExtension) noexcept
+	{
+		return Generator::generate(
+				   [this, userAgentExtension]() mutable -> std::optional<UserAgent> {
+					   if (userAgentExtension.empty()) {
+						   setSuccess();
+						   return std::nullopt;
+					   }
+					   const std::optional<quic::VariableLengthInt> id
+						   = quic::readQUICVariableLengthInt(userAgentExtension);
+					   if (!id.has_value()) {
+						   return std::nullopt;
+					   }
+
+					   const std::size_t lengthOffset = id->length;
+					   const std::optional<quic::VariableLengthInt> userAgentLength
+						   = quic::readQUICVariableLengthInt(
+							   userAgentExtension.subspan(lengthOffset));
+					   if (!userAgentLength.has_value()) {
+						   return std::nullopt;
+					   }
+					   if (id->length + userAgentLength->length + userAgentLength->value
+						   > userAgentExtension.size()) {
+						   return std::nullopt;
+					   }
+
+					   const std::size_t userAgentOffset = lengthOffset + userAgentLength->length;
+					   const auto userAgent = reinterpret_cast<const char*>(
+						   userAgentExtension.data() + userAgentOffset);
+
+					   userAgentExtension
+						   = userAgentExtension.subspan(userAgentOffset + userAgentLength->length);
+
+					   return UserAgent {id->value, {userAgent, userAgentLength->value}};
+				   })
+			| std::views::take_while(
+				   [](const std::optional<UserAgent>& v) { return v.has_value(); })
+			| std::views::transform([](const std::optional<UserAgent>& v) { return *v; });
+	}
+};
+
+/*
+class TLSUserAgentReader : public RangeReader<UserAgentReaderFactory> {
+public:
+	TLSUserAgentReader(std::span<const std::byte> userAgentExtension)
+		: RangeReader(userAgentExtension, UserAgentReaderFactory{this}) {}
+};*/
+
+} // namespace ipxp::process

src/plugins/process/common/tlsParser/tlsExtension.hpp

@@ -0,0 +1,28 @@
+/**
+ * @file
+ * @brief Defines the TLSExtension struct for representing TLS extensions.
+ * @author Damir Zainullin <[email protected]>
+ * @date 2025
+ *
+ * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
+ */
+
+#pragma once
+
+#include "tlsExtensionType.hpp"
+
+#include <cstdint>
+#include <span>
+
+namespace ipxp::process {
+
+/**
+ * @struct TLSExtension
+ * @brief Represents a TLS extension with its type and payload.
+ */
+struct TLSExtension {
+	TLSExtensionType type;
+	std::span<const std::byte> payload;
+};
+
+} // namespace ipxp::process

src/plugins/process/common/tlsParser/tlsExtensionType.hpp

@@ -0,0 +1,34 @@
+/**
+ * @file
+ * @brief Defines the TLSExtensionType enum for identifying TLS extension types.
+ * @author Damir Zainullin <[email protected]>
+ * @date 2025
+ *
+ * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
+ */
+
+#pragma once
+
+#include <cstdint>
+
+namespace ipxp::process {
+
+/**
+ * @enum TLSExtensionType
+ * @brief Enumerates the types of TLS extensions.
+ *
+ * This enum defines various TLS extension types identified by their respective type codes.
+ */
+enum class TLSExtensionType : uint16_t {
+	SERVER_NAME = 0,
+	SUPPORTED_GROUPS = 10, // AKA supported_groups, ECLIPTIC_CURVES
+	ELLIPTIC_CURVE_POINT_FORMATS = 11,
+	SIGNATURE_ALGORITHMS = 13,
+	ALPN = 16,
+	SUPPORTED_VERSION = 43,
+	QUIC_TRANSPORT_PARAMETERS = 0xffa5,
+	QUIC_TRANSPORT_PARAMETERS_V1 = 0x39,
+	QUIC_TRANSPORT_PARAMETERS_V2 = 0x26
+};
+
+} // namespace ipxp::process

src/plugins/process/common/tlsParser/tlsHandshake.hpp

@@ -0,0 +1,36 @@
+/**
+ * @file
+ * @brief Defines the TLSHandshake struct for representing TLS handshake messages.
+ * @author Damir Zainullin <[email protected]>
+ * @date 2025
+ *
+ * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
+ */
+
+#pragma once
+
+#include "tlsVersion.hpp"
+
+#include <cstdint>
+
+namespace ipxp::process {
+
+/**
+ * @struct TLSHandshake
+ * @brief Represents a TLS handshake message with its type, length, and version.
+ *
+ * This structure is used to parse and represent the initial handshake messages
+ * in the TLS protocol, such as ClientHello and ServerHello.
+ */
+struct TLSHandshake {
+	enum class Type : uint8_t { CLIENT_HELLO = 1, SERVER_HELLO = 2 };
+
+	Type type;
+	uint8_t length1; // length field is 3 bytes long...
+	uint16_t length2;
+	TLSVersion version;
+
+	/* Handshake data... */
+} __attribute__((packed));
+
+} // namespace ipxp::process

src/plugins/process/common/tlsParser/tlsHeader.hpp

@@ -0,0 +1,32 @@
+/**
+ * @file
+ * @brief Defines the TLSHeader struct for representing TLS record headers.
+ * @author Damir Zainullin <[email protected]>
+ * @date 2025
+ *
+ * @copyright Copyright (c) 2025 CESNET, z.s.p.o.
+ */
+
+#pragma once
+
+#include <cstdint>
+
+namespace ipxp::process {
+
+/**
+ * @struct TLSVersion
+ * @brief Represents the version of the TLS protocol.
+ *
+ * This structure holds the major and minor version numbers of the TLS protocol.
+ */
+struct TLSHeader {
+	enum class Type : uint8_t { HANDSHAKE = 22 };
+
+	Type type;
+	TLSVersion version;
+	uint16_t length;
+	/* Record data... */
+
+} __attribute__((packed));
+
+} // namespace ipxp::process