Botan
1.11.15
|
00001 /* 00002 * TLS Extensions 00003 * (C) 2011-2012 Jack Lloyd 00004 * 00005 * Botan is released under the Simplified BSD License (see license.txt) 00006 */ 00007 00008 #ifndef BOTAN_TLS_EXTENSIONS_H__ 00009 #define BOTAN_TLS_EXTENSIONS_H__ 00010 00011 #include <botan/secmem.h> 00012 #include <botan/tls_magic.h> 00013 #include <vector> 00014 #include <string> 00015 #include <map> 00016 #include <set> 00017 00018 namespace Botan { 00019 00020 namespace TLS { 00021 00022 class TLS_Data_Reader; 00023 00024 enum Handshake_Extension_Type { 00025 TLSEXT_SERVER_NAME_INDICATION = 0, 00026 TLSEXT_MAX_FRAGMENT_LENGTH = 1, 00027 TLSEXT_CLIENT_CERT_URL = 2, 00028 TLSEXT_TRUSTED_CA_KEYS = 3, 00029 TLSEXT_TRUNCATED_HMAC = 4, 00030 00031 TLSEXT_CERTIFICATE_TYPES = 9, 00032 TLSEXT_USABLE_ELLIPTIC_CURVES = 10, 00033 TLSEXT_EC_POINT_FORMATS = 11, 00034 TLSEXT_SRP_IDENTIFIER = 12, 00035 TLSEXT_SIGNATURE_ALGORITHMS = 13, 00036 TLSEXT_USE_SRTP = 14, 00037 TLSEXT_HEARTBEAT_SUPPORT = 15, 00038 00039 TLSEXT_SESSION_TICKET = 35, 00040 00041 TLSEXT_NEXT_PROTOCOL = 13172, 00042 00043 TLSEXT_SAFE_RENEGOTIATION = 65281, 00044 }; 00045 00046 /** 00047 * Base class representing a TLS extension of some kind 00048 */ 00049 class Extension 00050 { 00051 public: 00052 /** 00053 * @return code number of the extension 00054 */ 00055 virtual Handshake_Extension_Type type() const = 0; 00056 00057 /** 00058 * @return serialized binary for the extension 00059 */ 00060 virtual std::vector<byte> serialize() const = 0; 00061 00062 /** 00063 * @return if we should encode this extension or not 00064 */ 00065 virtual bool empty() const = 0; 00066 00067 virtual ~Extension() {} 00068 }; 00069 00070 /** 00071 * Server Name Indicator extension (RFC 3546) 00072 */ 00073 class Server_Name_Indicator : public Extension 00074 { 00075 public: 00076 static Handshake_Extension_Type static_type() 00077 { return TLSEXT_SERVER_NAME_INDICATION; } 00078 00079 Handshake_Extension_Type type() const { return static_type(); } 00080 00081 Server_Name_Indicator(const std::string& host_name) : 00082 sni_host_name(host_name) {} 00083 00084 Server_Name_Indicator(TLS_Data_Reader& reader, 00085 u16bit extension_size); 00086 00087 std::string host_name() const { return sni_host_name; } 00088 00089 std::vector<byte> serialize() const; 00090 00091 bool empty() const { return sni_host_name == ""; } 00092 private: 00093 std::string sni_host_name; 00094 }; 00095 00096 /** 00097 * SRP identifier extension (RFC 5054) 00098 */ 00099 class SRP_Identifier : public Extension 00100 { 00101 public: 00102 static Handshake_Extension_Type static_type() 00103 { return TLSEXT_SRP_IDENTIFIER; } 00104 00105 Handshake_Extension_Type type() const { return static_type(); } 00106 00107 SRP_Identifier(const std::string& identifier) : 00108 srp_identifier(identifier) {} 00109 00110 SRP_Identifier(TLS_Data_Reader& reader, 00111 u16bit extension_size); 00112 00113 std::string identifier() const { return srp_identifier; } 00114 00115 std::vector<byte> serialize() const; 00116 00117 bool empty() const { return srp_identifier == ""; } 00118 private: 00119 std::string srp_identifier; 00120 }; 00121 00122 /** 00123 * Renegotiation Indication Extension (RFC 5746) 00124 */ 00125 class Renegotiation_Extension : public Extension 00126 { 00127 public: 00128 static Handshake_Extension_Type static_type() 00129 { return TLSEXT_SAFE_RENEGOTIATION; } 00130 00131 Handshake_Extension_Type type() const { return static_type(); } 00132 00133 Renegotiation_Extension() {} 00134 00135 Renegotiation_Extension(const std::vector<byte>& bits) : 00136 reneg_data(bits) {} 00137 00138 Renegotiation_Extension(TLS_Data_Reader& reader, 00139 u16bit extension_size); 00140 00141 const std::vector<byte>& renegotiation_info() const 00142 { return reneg_data; } 00143 00144 std::vector<byte> serialize() const; 00145 00146 bool empty() const { return false; } // always send this 00147 private: 00148 std::vector<byte> reneg_data; 00149 }; 00150 00151 /** 00152 * Maximum Fragment Length Negotiation Extension (RFC 4366 sec 3.2) 00153 */ 00154 class Maximum_Fragment_Length : public Extension 00155 { 00156 public: 00157 static Handshake_Extension_Type static_type() 00158 { return TLSEXT_MAX_FRAGMENT_LENGTH; } 00159 00160 Handshake_Extension_Type type() const { return static_type(); } 00161 00162 bool empty() const { return false; } 00163 00164 size_t fragment_size() const { return m_max_fragment; } 00165 00166 std::vector<byte> serialize() const; 00167 00168 /** 00169 * @param max_fragment specifies what maximum fragment size to 00170 * advertise. Currently must be one of 512, 1024, 2048, or 00171 * 4096. 00172 */ 00173 Maximum_Fragment_Length(size_t max_fragment) : 00174 m_max_fragment(max_fragment) {} 00175 00176 Maximum_Fragment_Length(TLS_Data_Reader& reader, 00177 u16bit extension_size); 00178 00179 private: 00180 size_t m_max_fragment; 00181 }; 00182 00183 /** 00184 * Next Protocol Negotiation 00185 * http://technotes.googlecode.com/git/nextprotoneg.html 00186 * 00187 * This implementation requires the semantics defined in the Google 00188 * spec (implemented in Chromium); the internet draft leaves the format 00189 * unspecified. 00190 */ 00191 class Next_Protocol_Notification : public Extension 00192 { 00193 public: 00194 static Handshake_Extension_Type static_type() 00195 { return TLSEXT_NEXT_PROTOCOL; } 00196 00197 Handshake_Extension_Type type() const { return static_type(); } 00198 00199 const std::vector<std::string>& protocols() const 00200 { return m_protocols; } 00201 00202 /** 00203 * Empty extension, used by client 00204 */ 00205 Next_Protocol_Notification() {} 00206 00207 /** 00208 * List of protocols, used by server 00209 */ 00210 Next_Protocol_Notification(const std::vector<std::string>& protocols) : 00211 m_protocols(protocols) {} 00212 00213 Next_Protocol_Notification(TLS_Data_Reader& reader, 00214 u16bit extension_size); 00215 00216 std::vector<byte> serialize() const; 00217 00218 bool empty() const { return false; } 00219 private: 00220 std::vector<std::string> m_protocols; 00221 }; 00222 00223 /** 00224 * Session Ticket Extension (RFC 5077) 00225 */ 00226 class Session_Ticket : public Extension 00227 { 00228 public: 00229 static Handshake_Extension_Type static_type() 00230 { return TLSEXT_SESSION_TICKET; } 00231 00232 Handshake_Extension_Type type() const { return static_type(); } 00233 00234 /** 00235 * @return contents of the session ticket 00236 */ 00237 const std::vector<byte>& contents() const { return m_ticket; } 00238 00239 /** 00240 * Create empty extension, used by both client and server 00241 */ 00242 Session_Ticket() {} 00243 00244 /** 00245 * Extension with ticket, used by client 00246 */ 00247 Session_Ticket(const std::vector<byte>& session_ticket) : 00248 m_ticket(session_ticket) {} 00249 00250 /** 00251 * Deserialize a session ticket 00252 */ 00253 Session_Ticket(TLS_Data_Reader& reader, u16bit extension_size); 00254 00255 std::vector<byte> serialize() const { return m_ticket; } 00256 00257 bool empty() const { return false; } 00258 private: 00259 std::vector<byte> m_ticket; 00260 }; 00261 00262 /** 00263 * Supported Elliptic Curves Extension (RFC 4492) 00264 */ 00265 class Supported_Elliptic_Curves : public Extension 00266 { 00267 public: 00268 static Handshake_Extension_Type static_type() 00269 { return TLSEXT_USABLE_ELLIPTIC_CURVES; } 00270 00271 Handshake_Extension_Type type() const { return static_type(); } 00272 00273 static std::string curve_id_to_name(u16bit id); 00274 static u16bit name_to_curve_id(const std::string& name); 00275 00276 const std::vector<std::string>& curves() const { return m_curves; } 00277 00278 std::vector<byte> serialize() const; 00279 00280 Supported_Elliptic_Curves(const std::vector<std::string>& curves) : 00281 m_curves(curves) {} 00282 00283 Supported_Elliptic_Curves(TLS_Data_Reader& reader, 00284 u16bit extension_size); 00285 00286 bool empty() const { return m_curves.empty(); } 00287 private: 00288 std::vector<std::string> m_curves; 00289 }; 00290 00291 /** 00292 * Signature Algorithms Extension for TLS 1.2 (RFC 5246) 00293 */ 00294 class Signature_Algorithms : public Extension 00295 { 00296 public: 00297 static Handshake_Extension_Type static_type() 00298 { return TLSEXT_SIGNATURE_ALGORITHMS; } 00299 00300 Handshake_Extension_Type type() const { return static_type(); } 00301 00302 static std::string hash_algo_name(byte code); 00303 static byte hash_algo_code(const std::string& name); 00304 00305 static std::string sig_algo_name(byte code); 00306 static byte sig_algo_code(const std::string& name); 00307 00308 std::vector<std::pair<std::string, std::string> > 00309 supported_signature_algorthms() const 00310 { 00311 return m_supported_algos; 00312 } 00313 00314 std::vector<byte> serialize() const; 00315 00316 bool empty() const { return false; } 00317 00318 Signature_Algorithms(const std::vector<std::string>& hashes, 00319 const std::vector<std::string>& sig_algos); 00320 00321 Signature_Algorithms(const std::vector<std::pair<std::string, std::string> >& algos) : 00322 m_supported_algos(algos) {} 00323 00324 Signature_Algorithms(TLS_Data_Reader& reader, 00325 u16bit extension_size); 00326 private: 00327 std::vector<std::pair<std::string, std::string> > m_supported_algos; 00328 }; 00329 00330 /** 00331 * Heartbeat Extension (RFC 6520) 00332 */ 00333 class Heartbeat_Support_Indicator : public Extension 00334 { 00335 public: 00336 static Handshake_Extension_Type static_type() 00337 { return TLSEXT_HEARTBEAT_SUPPORT; } 00338 00339 Handshake_Extension_Type type() const { return static_type(); } 00340 00341 bool peer_allowed_to_send() const { return m_peer_allowed_to_send; } 00342 00343 std::vector<byte> serialize() const; 00344 00345 bool empty() const { return false; } 00346 00347 Heartbeat_Support_Indicator(bool peer_allowed_to_send) : 00348 m_peer_allowed_to_send(peer_allowed_to_send) {} 00349 00350 Heartbeat_Support_Indicator(TLS_Data_Reader& reader, u16bit extension_size); 00351 00352 private: 00353 bool m_peer_allowed_to_send; 00354 }; 00355 00356 /** 00357 * Used to indicate SRTP algorithms for DTLS (RFC 5764) 00358 */ 00359 class SRTP_Protection_Profiles : public Extension 00360 { 00361 public: 00362 static Handshake_Extension_Type static_type() 00363 { return TLSEXT_USE_SRTP; } 00364 00365 Handshake_Extension_Type type() const { return static_type(); } 00366 00367 const std::vector<u16bit>& profiles() const { return m_pp; } 00368 00369 std::vector<byte> serialize() const; 00370 00371 bool empty() const { return m_pp.empty(); } 00372 00373 SRTP_Protection_Profiles(const std::vector<u16bit>& pp) : m_pp(pp) {} 00374 00375 SRTP_Protection_Profiles(u16bit pp) : m_pp(1, pp) {} 00376 00377 SRTP_Protection_Profiles(TLS_Data_Reader& reader, u16bit extension_size); 00378 private: 00379 std::vector<u16bit> m_pp; 00380 }; 00381 00382 /** 00383 * Represents a block of extensions in a hello message 00384 */ 00385 class Extensions 00386 { 00387 public: 00388 std::set<Handshake_Extension_Type> extension_types() const; 00389 00390 template<typename T> 00391 T* get() const 00392 { 00393 Handshake_Extension_Type type = T::static_type(); 00394 00395 auto i = extensions.find(type); 00396 00397 if(i != extensions.end()) 00398 return dynamic_cast<T*>(i->second.get()); 00399 return nullptr; 00400 } 00401 00402 template<typename T> 00403 bool has() const 00404 { 00405 return get<T>() != nullptr; 00406 } 00407 00408 void add(Extension* extn) 00409 { 00410 extensions[extn->type()].reset(extn); 00411 } 00412 00413 std::vector<byte> serialize() const; 00414 00415 void deserialize(TLS_Data_Reader& reader); 00416 00417 Extensions() {} 00418 00419 Extensions(TLS_Data_Reader& reader) { deserialize(reader); } 00420 00421 private: 00422 Extensions(const Extensions&) {} 00423 Extensions& operator=(const Extensions&) { return (*this); } 00424 00425 std::map<Handshake_Extension_Type, std::unique_ptr<Extension>> extensions; 00426 }; 00427 00428 } 00429 00430 } 00431 00432 #endif