Botan
1.11.15
|
#include <tls_handshake_state.h>
SSL/TLS Handshake State
Definition at line 46 of file tls_handshake_state.h.
typedef std::function<void (const Handshake_Message&)> Botan::TLS::Handshake_State::hs_msg_cb |
Definition at line 49 of file tls_handshake_state.h.
Definition at line 86 of file tls_handshake_state.cpp.
: m_msg_callback(cb), m_handshake_io(io), m_version(m_handshake_io->initial_record_version()) { }
Botan::TLS::Handshake_State::~Handshake_State | ( | ) | [virtual] |
Definition at line 93 of file tls_handshake_state.cpp.
{}
void Botan::TLS::Handshake_State::cert_req | ( | Certificate_Req * | cert_req | ) |
Definition at line 130 of file tls_handshake_state.cpp.
References note_message().
{ m_cert_req.reset(cert_req); note_message(*m_cert_req); }
const Certificate_Req* Botan::TLS::Handshake_State::cert_req | ( | ) | const [inline] |
Definition at line 131 of file tls_handshake_state.h.
Referenced by choose_sig_format().
{ return m_cert_req.get(); }
std::pair< std::string, Signature_Format > Botan::TLS::Handshake_State::choose_sig_format | ( | const Private_Key & | key, |
std::string & | hash_algo, | ||
std::string & | sig_algo, | ||
bool | for_client_auth, | ||
const Policy & | policy | ||
) | const |
Definition at line 325 of file tls_handshake_state.cpp.
References Botan::Public_Key::algo_name(), cert_req(), client_hello(), Botan::DER_SEQUENCE, Botan::IEEE_1363, and version().
Referenced by Botan::TLS::Certificate_Verify::Certificate_Verify(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().
{ const std::string sig_algo = key.algo_name(); const std::string hash_algo = choose_hash(sig_algo, this->version(), policy, for_client_auth, client_hello(), cert_req()); if(this->version().supports_negotiable_signature_algorithms()) { hash_algo_out = hash_algo; sig_algo_out = sig_algo; } if(sig_algo == "RSA") { const std::string padding = "EMSA3(" + hash_algo + ")"; return std::make_pair(padding, IEEE_1363); } else if(sig_algo == "DSA" || sig_algo == "ECDSA") { const std::string padding = "EMSA1(" + hash_algo + ")"; return std::make_pair(padding, DER_SEQUENCE); } throw Invalid_Argument(sig_algo + " is invalid/unknown for TLS signatures"); }
const Ciphersuite& Botan::TLS::Handshake_State::ciphersuite | ( | ) | const [inline] |
Definition at line 158 of file tls_handshake_state.h.
Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), protocol_specific_prf(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), and srp_identifier().
{ return m_ciphersuite; }
void Botan::TLS::Handshake_State::client_certs | ( | Certificate * | client_certs | ) |
Definition at line 142 of file tls_handshake_state.cpp.
References note_message().
{ m_client_certs.reset(client_certs); note_message(*m_client_certs); }
const Certificate* Botan::TLS::Handshake_State::client_certs | ( | ) | const [inline] |
Definition at line 137 of file tls_handshake_state.h.
{ return m_client_certs.get(); }
void Botan::TLS::Handshake_State::client_finished | ( | Finished * | client_finished | ) |
Definition at line 178 of file tls_handshake_state.cpp.
References note_message().
{ m_client_finished.reset(client_finished); note_message(*m_client_finished); }
const Finished* Botan::TLS::Handshake_State::client_finished | ( | ) | const [inline] |
Definition at line 155 of file tls_handshake_state.h.
{ return m_client_finished.get(); }
void Botan::TLS::Handshake_State::client_hello | ( | Client_Hello * | client_hello | ) |
Definition at line 105 of file tls_handshake_state.cpp.
References note_message().
Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), and Botan::TLS::Server_Key_Exchange::verify().
{ m_client_hello.reset(client_hello); note_message(*m_client_hello); }
const Client_Hello* Botan::TLS::Handshake_State::client_hello | ( | ) | const [inline] |
Definition at line 119 of file tls_handshake_state.h.
Referenced by choose_sig_format(), session_ticket(), and srp_identifier().
{ return m_client_hello.get(); }
void Botan::TLS::Handshake_State::client_kex | ( | Client_Key_Exchange * | client_kex | ) |
Definition at line 148 of file tls_handshake_state.cpp.
References note_message().
{ m_client_kex.reset(client_kex); note_message(*m_client_kex); }
const Client_Key_Exchange* Botan::TLS::Handshake_State::client_kex | ( | ) | const [inline] |
Definition at line 140 of file tls_handshake_state.h.
Referenced by compute_session_keys().
{ return m_client_kex.get(); }
void Botan::TLS::Handshake_State::client_verify | ( | Certificate_Verify * | client_verify | ) |
Definition at line 154 of file tls_handshake_state.cpp.
References note_message().
{ m_client_verify.reset(client_verify); note_message(*m_client_verify); }
const Certificate_Verify* Botan::TLS::Handshake_State::client_verify | ( | ) | const [inline] |
Definition at line 143 of file tls_handshake_state.h.
{ return m_client_verify.get(); }
Definition at line 189 of file tls_handshake_state.cpp.
References client_kex().
{ m_session_keys = Session_Keys(this, client_kex()->pre_master_secret(), false); }
void Botan::TLS::Handshake_State::compute_session_keys | ( | const secure_vector< byte > & | resume_master_secret | ) |
Definition at line 194 of file tls_handshake_state.cpp.
{ m_session_keys = Session_Keys(this, resume_master_secret, true); }
void Botan::TLS::Handshake_State::confirm_transition_to | ( | Handshake_Type | msg_type | ) |
Confirm that we were expecting this message type
msg_type | the message type |
Definition at line 199 of file tls_handshake_state.cpp.
References Botan::ASN1::to_string().
{ const u32bit mask = bitmask_for_handshake_type(handshake_msg); m_hand_received_mask |= mask; const bool ok = (m_hand_expecting_mask & mask); // overlap? if(!ok) throw Unexpected_Message("Unexpected state transition in handshake, got " + std::to_string(handshake_msg) + " expected " + std::to_string(m_hand_expecting_mask) + " received " + std::to_string(m_hand_received_mask)); /* We don't know what to expect next, so force a call to set_expected_next; if it doesn't happen, the next transition check will always fail which is what we want. */ m_hand_expecting_mask = 0; }
std::pair< Handshake_Type, std::vector< byte > > Botan::TLS::Handshake_State::get_next_handshake_msg | ( | ) |
Definition at line 233 of file tls_handshake_state.cpp.
References Botan::TLS::HANDSHAKE_CCS.
{ const bool expecting_ccs = (bitmask_for_handshake_type(HANDSHAKE_CCS) & m_hand_expecting_mask); return m_handshake_io->get_next_record(expecting_ccs); }
Handshake_IO& Botan::TLS::Handshake_State::handshake_io | ( | ) | [inline] |
Definition at line 58 of file tls_handshake_state.h.
Referenced by hello_verify_request().
{ return *m_handshake_io; }
Handshake_Hash& Botan::TLS::Handshake_State::hash | ( | ) | [inline] |
Definition at line 166 of file tls_handshake_state.h.
Referenced by Botan::TLS::Certificate_Verify::Certificate_Verify(), Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Finished::Finished(), hello_verify_request(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), and Botan::TLS::Certificate_Verify::verify().
{ return m_handshake_hash; }
const Handshake_Hash& Botan::TLS::Handshake_State::hash | ( | ) | const [inline] |
Definition at line 168 of file tls_handshake_state.h.
{ return m_handshake_hash; }
void Botan::TLS::Handshake_State::hello_verify_request | ( | const Hello_Verify_Request & | hello_verify | ) |
Definition at line 95 of file tls_handshake_state.cpp.
References handshake_io(), hash(), note_message(), Botan::TLS::Handshake_Hash::reset(), and Botan::TLS::Handshake_Hash::update().
{ note_message(hello_verify); m_client_hello->update_hello_cookie(hello_verify); hash().reset(); hash().update(handshake_io().send(*m_client_hello)); note_message(*m_client_hello); }
void Botan::TLS::Handshake_State::new_session_ticket | ( | New_Session_Ticket * | new_session_ticket | ) |
Definition at line 166 of file tls_handshake_state.cpp.
References note_message().
{ m_new_session_ticket.reset(new_session_ticket); note_message(*m_new_session_ticket); }
const New_Session_Ticket* Botan::TLS::Handshake_State::new_session_ticket | ( | ) | const [inline] |
Definition at line 149 of file tls_handshake_state.h.
Referenced by session_ticket().
{ return m_new_session_ticket.get(); }
void Botan::TLS::Handshake_State::next_protocol | ( | Next_Protocol * | next_protocol | ) |
Definition at line 160 of file tls_handshake_state.cpp.
References note_message().
{ m_next_protocol.reset(next_protocol); note_message(*m_next_protocol); }
const Next_Protocol* Botan::TLS::Handshake_State::next_protocol | ( | ) | const [inline] |
Definition at line 146 of file tls_handshake_state.h.
{ return m_next_protocol.get(); }
void Botan::TLS::Handshake_State::note_message | ( | const Handshake_Message & | msg | ) | [inline] |
Definition at line 170 of file tls_handshake_state.h.
Referenced by cert_req(), client_certs(), client_finished(), client_hello(), client_kex(), client_verify(), hello_verify_request(), new_session_ticket(), next_protocol(), server_certs(), server_finished(), server_hello(), server_hello_done(), and server_kex().
{
if(m_msg_callback)
m_msg_callback(msg);
}
Handshake_State& Botan::TLS::Handshake_State::operator= | ( | const Handshake_State & | ) |
Definition at line 257 of file tls_handshake_state.cpp.
References ciphersuite(), Botan::get_kdf(), Botan::TLS::Ciphersuite::prf_algo(), and version().
{ if(version().supports_ciphersuite_specific_prf()) { const std::string prf_algo = ciphersuite().prf_algo(); if(prf_algo == "MD5" || prf_algo == "SHA-1") return get_kdf("TLS-12-PRF(SHA-256)"); return get_kdf("TLS-12-PRF(" + prf_algo + ")"); } // Old PRF used in TLS v1.0, v1.1 and DTLS v1.0 return get_kdf("TLS-PRF"); }
bool Botan::TLS::Handshake_State::received_handshake_msg | ( | Handshake_Type | msg_type | ) | const |
Return true iff we have received a particular message already
msg_type | the message type |
Definition at line 225 of file tls_handshake_state.cpp.
{ const u32bit mask = bitmask_for_handshake_type(handshake_msg); return (m_hand_received_mask & mask); }
void Botan::TLS::Handshake_State::server_certs | ( | Certificate * | server_certs | ) |
Definition at line 118 of file tls_handshake_state.cpp.
References note_message().
Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange().
{ m_server_certs.reset(server_certs); note_message(*m_server_certs); }
const Certificate* Botan::TLS::Handshake_State::server_certs | ( | ) | const [inline] |
Definition at line 125 of file tls_handshake_state.h.
{ return m_server_certs.get(); }
void Botan::TLS::Handshake_State::server_finished | ( | Finished * | server_finished | ) |
Definition at line 172 of file tls_handshake_state.cpp.
References note_message().
{ m_server_finished.reset(server_finished); note_message(*m_server_finished); }
const Finished* Botan::TLS::Handshake_State::server_finished | ( | ) | const [inline] |
Definition at line 152 of file tls_handshake_state.h.
{ return m_server_finished.get(); }
void Botan::TLS::Handshake_State::server_hello | ( | Server_Hello * | server_hello | ) |
Definition at line 111 of file tls_handshake_state.cpp.
References Botan::TLS::Ciphersuite::by_id(), and note_message().
Referenced by Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), and Botan::TLS::Server_Key_Exchange::verify().
{ m_server_hello.reset(server_hello); m_ciphersuite = Ciphersuite::by_id(m_server_hello->ciphersuite()); note_message(*m_server_hello); }
const Server_Hello* Botan::TLS::Handshake_State::server_hello | ( | ) | const [inline] |
Definition at line 122 of file tls_handshake_state.h.
{ return m_server_hello.get(); }
void Botan::TLS::Handshake_State::server_hello_done | ( | Server_Hello_Done * | server_hello_done | ) |
Definition at line 136 of file tls_handshake_state.cpp.
References note_message().
{ m_server_hello_done.reset(server_hello_done); note_message(*m_server_hello_done); }
const Server_Hello_Done* Botan::TLS::Handshake_State::server_hello_done | ( | ) | const [inline] |
Definition at line 134 of file tls_handshake_state.h.
{ return m_server_hello_done.get(); }
void Botan::TLS::Handshake_State::server_kex | ( | Server_Key_Exchange * | server_kex | ) |
Definition at line 124 of file tls_handshake_state.cpp.
References note_message().
Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange().
{ m_server_kex.reset(server_kex); note_message(*m_server_kex); }
const Server_Key_Exchange* Botan::TLS::Handshake_State::server_kex | ( | ) | const [inline] |
Definition at line 128 of file tls_handshake_state.h.
{ return m_server_kex.get(); }
const Session_Keys& Botan::TLS::Handshake_State::session_keys | ( | ) | const [inline] |
Definition at line 160 of file tls_handshake_state.h.
{ return m_session_keys; }
std::vector< byte > Botan::TLS::Handshake_State::session_ticket | ( | ) | const |
Definition at line 249 of file tls_handshake_state.cpp.
References client_hello(), new_session_ticket(), Botan::TLS::Client_Hello::session_ticket(), and Botan::TLS::New_Session_Ticket::ticket().
{ if(new_session_ticket() && !new_session_ticket()->ticket().empty()) return new_session_ticket()->ticket(); return client_hello()->session_ticket(); }
void Botan::TLS::Handshake_State::set_expected_next | ( | Handshake_Type | msg_type | ) |
Record that we are expecting a particular message type next
msg_type | the message type |
Definition at line 220 of file tls_handshake_state.cpp.
{ m_hand_expecting_mask |= bitmask_for_handshake_type(handshake_msg); }
void Botan::TLS::Handshake_State::set_version | ( | const Protocol_Version & | version | ) |
Definition at line 184 of file tls_handshake_state.cpp.
References version().
{ m_version = version; }
std::string Botan::TLS::Handshake_State::srp_identifier | ( | ) | const |
Definition at line 241 of file tls_handshake_state.cpp.
References ciphersuite(), client_hello(), Botan::TLS::Client_Hello::srp_identifier(), and valid.
{ if(ciphersuite().valid() && ciphersuite().kex_algo() == "SRP_SHA") return client_hello()->srp_identifier(); return ""; }
std::pair< std::string, Signature_Format > Botan::TLS::Handshake_State::understand_sig_format | ( | const Public_Key & | key, |
std::string | hash_algo, | ||
std::string | sig_algo | ||
) | const |
Definition at line 364 of file tls_handshake_state.cpp.
References Botan::Public_Key::algo_name(), Botan::DER_SEQUENCE, Botan::IEEE_1363, and version().
Referenced by Botan::TLS::Certificate_Verify::verify(), and Botan::TLS::Server_Key_Exchange::verify().
{ const std::string algo_name = key.algo_name(); /* FIXME: This should check what was sent against the client hello preferences, or the certificate request, to ensure it was allowed by those restrictions. Or not? */ if(this->version().supports_negotiable_signature_algorithms()) { if(hash_algo == "") throw Decoding_Error("Counterparty did not send hash/sig IDS"); if(sig_algo != algo_name) throw Decoding_Error("Counterparty sent inconsistent key and sig types"); } else { if(hash_algo != "" || sig_algo != "") throw Decoding_Error("Counterparty sent hash/sig IDs with old version"); } if(algo_name == "RSA") { if(!this->version().supports_negotiable_signature_algorithms()) { hash_algo = "Parallel(MD5,SHA-160)"; } const std::string padding = "EMSA3(" + hash_algo + ")"; return std::make_pair(padding, IEEE_1363); } else if(algo_name == "DSA" || algo_name == "ECDSA") { if(!this->version().supports_negotiable_signature_algorithms()) { hash_algo = "SHA-1"; } const std::string padding = "EMSA1(" + hash_algo + ")"; return std::make_pair(padding, DER_SEQUENCE); } throw Invalid_Argument(algo_name + " is invalid/unknown for TLS signatures"); }
Protocol_Version Botan::TLS::Handshake_State::version | ( | ) | const [inline] |
Definition at line 99 of file tls_handshake_state.h.
Referenced by choose_sig_format(), protocol_specific_prf(), set_version(), and understand_sig_format().
{ return m_version; }