Coverage Report

Created: 2020-02-14 15:38

/src/botan/src/lib/tls/tls_extensions.cpp
Line
Count
Source (jump to first uncovered line)
1
/*
2
* TLS Extensions
3
* (C) 2011,2012,2015,2016 Jack Lloyd
4
*     2016 Juraj Somorovsky
5
*
6
* Botan is released under the Simplified BSD License (see license.txt)
7
*/
8
9
#include <botan/tls_extensions.h>
10
#include <botan/internal/tls_reader.h>
11
#include <botan/tls_exceptn.h>
12
#include <botan/tls_policy.h>
13
14
namespace Botan {
15
16
namespace TLS {
17
18
namespace {
19
20
Extension* make_extension(TLS_Data_Reader& reader, uint16_t code, uint16_t size, Connection_Side from)
21
199k
   {
22
199k
   switch(code)
23
199k
      {
24
199k
      case TLSEXT_SERVER_NAME_INDICATION:
25
6.57k
         return new Server_Name_Indicator(reader, size);
26
199k
27
199k
#if defined(BOTAN_HAS_SRP6)
28
199k
      case TLSEXT_SRP_IDENTIFIER:
29
99
         return new SRP_Identifier(reader, size);
30
199k
#endif
31
199k
32
199k
      case TLSEXT_SUPPORTED_GROUPS:
33
19.0k
         return new Supported_Groups(reader, size);
34
199k
35
199k
      case TLSEXT_CERT_STATUS_REQUEST:
36
1.31k
         return new Certificate_Status_Request(reader, size, from);
37
199k
38
199k
      case TLSEXT_EC_POINT_FORMATS:
39
1.93k
         return new Supported_Point_Formats(reader, size);
40
199k
41
199k
      case TLSEXT_SAFE_RENEGOTIATION:
42
5.05k
         return new Renegotiation_Extension(reader, size);
43
199k
44
199k
      case TLSEXT_SIGNATURE_ALGORITHMS:
45
2.98k
         return new Signature_Algorithms(reader, size);
46
199k
47
199k
      case TLSEXT_USE_SRTP:
48
132
          return new SRTP_Protection_Profiles(reader, size);
49
199k
50
199k
      case TLSEXT_ALPN:
51
7.17k
         return new Application_Layer_Protocol_Notification(reader, size);
52
199k
53
199k
      case TLSEXT_EXTENDED_MASTER_SECRET:
54
7.05k
         return new Extended_Master_Secret(reader, size);
55
199k
56
199k
      case TLSEXT_ENCRYPT_THEN_MAC:
57
2.97k
         return new Encrypt_then_MAC(reader, size);
58
199k
59
199k
      case TLSEXT_SESSION_TICKET:
60
2.72k
         return new Session_Ticket(reader, size);
61
199k
62
199k
      case TLSEXT_SUPPORTED_VERSIONS:
63
136
         return new Supported_Versions(reader, size, from);
64
142k
      }
65
142k
66
142k
   return new Unknown_Extension(static_cast<Handshake_Extension_Type>(code),
67
142k
                                reader, size);
68
142k
   }
69
70
}
71
72
void Extensions::deserialize(TLS_Data_Reader& reader, Connection_Side from)
73
37.1k
   {
74
37.1k
   if(reader.has_remaining())
75
35.7k
      {
76
35.7k
      const uint16_t all_extn_size = reader.get_uint16_t();
77
35.7k
78
35.7k
      if(reader.remaining_bytes() != all_extn_size)
79
138
         throw Decoding_Error("Bad extension size");
80
35.6k
81
235k
      while(reader.has_remaining())
82
200k
         {
83
200k
         const uint16_t extension_code = reader.get_uint16_t();
84
200k
         const uint16_t extension_size = reader.get_uint16_t();
85
200k
86
200k
         const auto type = static_cast<Handshake_Extension_Type>(extension_code);
87
200k
88
200k
         if(m_extensions.find(type) != m_extensions.end())
89
20
            throw TLS_Exception(TLS::Alert::DECODE_ERROR,
90
20
                                "Peer sent duplicated extensions");
91
199k
92
199k
         Extension* extn = make_extension(
93
199k
            reader, extension_code, extension_size, from);
94
199k
95
199k
         this->add(extn);
96
199k
         }
97
35.6k
      }
98
37.1k
   }
99
100
std::vector<uint8_t> Extensions::serialize(Connection_Side whoami) const
101
29.2k
   {
102
29.2k
   std::vector<uint8_t> buf(2); // 2 bytes for length field
103
29.2k
104
29.2k
   for(auto& extn : m_extensions)
105
78.7k
      {
106
78.7k
      if(extn.second->empty())
107
5.89k
         continue;
108
72.8k
109
72.8k
      const uint16_t extn_code = static_cast<uint16_t>(extn.second->type());
110
72.8k
111
72.8k
      const std::vector<uint8_t> extn_val = extn.second->serialize(whoami);
112
72.8k
113
72.8k
      buf.push_back(get_byte(0, extn_code));
114
72.8k
      buf.push_back(get_byte(1, extn_code));
115
72.8k
116
72.8k
      buf.push_back(get_byte(0, static_cast<uint16_t>(extn_val.size())));
117
72.8k
      buf.push_back(get_byte(1, static_cast<uint16_t>(extn_val.size())));
118
72.8k
119
72.8k
      buf += extn_val;
120
72.8k
      }
121
29.2k
122
29.2k
   const uint16_t extn_size = static_cast<uint16_t>(buf.size() - 2);
123
29.2k
124
29.2k
   buf[0] = get_byte(0, extn_size);
125
29.2k
   buf[1] = get_byte(1, extn_size);
126
29.2k
127
29.2k
   // avoid sending a completely empty extensions block
128
29.2k
   if(buf.size() == 2)
129
14.2k
      return std::vector<uint8_t>();
130
15.0k
131
15.0k
   return buf;
132
15.0k
   }
133
134
bool Extensions::remove_extension(Handshake_Extension_Type typ)
135
0
   {
136
0
   auto i = m_extensions.find(typ);
137
0
   if(i == m_extensions.end())
138
0
      return false;
139
0
   m_extensions.erase(i);
140
0
   return true;
141
0
   }
142
143
std::set<Handshake_Extension_Type> Extensions::extension_types() const
144
25.1k
   {
145
25.1k
   std::set<Handshake_Extension_Type> offers;
146
211k
   for(auto i = m_extensions.begin(); i != m_extensions.end(); ++i)
147
186k
      offers.insert(i->first);
148
25.1k
   return offers;
149
25.1k
   }
150
151
Unknown_Extension::Unknown_Extension(Handshake_Extension_Type type,
152
                                     TLS_Data_Reader& reader,
153
                                     uint16_t extension_size) :
154
   m_type(type),
155
   m_value(reader.get_fixed<uint8_t>(extension_size))
156
142k
   {
157
142k
   }
158
159
std::vector<uint8_t> Unknown_Extension::serialize(Connection_Side /*whoami*/) const
160
0
   {
161
0
   throw Invalid_State("Cannot encode an unknown TLS extension");
162
0
   }
163
164
Server_Name_Indicator::Server_Name_Indicator(TLS_Data_Reader& reader,
165
                                             uint16_t extension_size)
166
6.57k
   {
167
6.57k
   /*
168
6.57k
   * This is used by the server to confirm that it knew the name
169
6.57k
   */
170
6.57k
   if(extension_size == 0)
171
6.27k
      return;
172
305
173
305
   uint16_t name_bytes = reader.get_uint16_t();
174
305
175
305
   if(name_bytes + 2 != extension_size)
176
80
      throw Decoding_Error("Bad encoding of SNI extension");
177
225
178
1.38k
   while(name_bytes)
179
1.15k
      {
180
1.15k
      uint8_t name_type = reader.get_byte();
181
1.15k
      name_bytes--;
182
1.15k
183
1.15k
      if(name_type == 0) // DNS
184
987
         {
185
987
         m_sni_host_name = reader.get_string(2, 1, 65535);
186
987
         name_bytes -= static_cast<uint16_t>(2 + m_sni_host_name.size());
187
987
         }
188
169
      else // some other unknown name type
189
169
         {
190
169
         reader.discard_next(name_bytes);
191
169
         name_bytes = 0;
192
169
         }
193
1.15k
      }
194
225
   }
195
196
std::vector<uint8_t> Server_Name_Indicator::serialize(Connection_Side /*whoami*/) const
197
5.89k
   {
198
5.89k
   std::vector<uint8_t> buf;
199
5.89k
200
5.89k
   size_t name_len = m_sni_host_name.size();
201
5.89k
202
5.89k
   buf.push_back(get_byte(0, static_cast<uint16_t>(name_len+3)));
203
5.89k
   buf.push_back(get_byte(1, static_cast<uint16_t>(name_len+3)));
204
5.89k
   buf.push_back(0); // DNS
205
5.89k
206
5.89k
   buf.push_back(get_byte(0, static_cast<uint16_t>(name_len)));
207
5.89k
   buf.push_back(get_byte(1, static_cast<uint16_t>(name_len)));
208
5.89k
209
5.89k
   buf += std::make_pair(
210
5.89k
      cast_char_ptr_to_uint8(m_sni_host_name.data()),
211
5.89k
      m_sni_host_name.size());
212
5.89k
213
5.89k
   return buf;
214
5.89k
   }
215
216
#if defined(BOTAN_HAS_SRP6)
217
218
SRP_Identifier::SRP_Identifier(TLS_Data_Reader& reader,
219
                               uint16_t extension_size) : m_srp_identifier(reader.get_string(1, 1, 255))
220
99
   {
221
99
   if(m_srp_identifier.size() + 1 != extension_size)
222
56
      throw Decoding_Error("Bad encoding for SRP identifier extension");
223
99
   }
224
225
std::vector<uint8_t> SRP_Identifier::serialize(Connection_Side /*whoami*/) const
226
0
   {
227
0
   std::vector<uint8_t> buf;
228
0
229
0
   const uint8_t* srp_bytes = cast_char_ptr_to_uint8(m_srp_identifier.data());
230
0
   append_tls_length_value(buf, srp_bytes, m_srp_identifier.size(), 1);
231
0
232
0
   return buf;
233
0
   }
234
235
#endif
236
237
Renegotiation_Extension::Renegotiation_Extension(TLS_Data_Reader& reader,
238
                                                 uint16_t extension_size) : m_reneg_data(reader.get_range<uint8_t>(1, 0, 255))
239
5.05k
   {
240
5.05k
   if(m_reneg_data.size() + 1 != extension_size)
241
62
      throw Decoding_Error("Bad encoding for secure renegotiation extn");
242
5.05k
   }
243
244
std::vector<uint8_t> Renegotiation_Extension::serialize(Connection_Side /*whoami*/) const
245
9.83k
   {
246
9.83k
   std::vector<uint8_t> buf;
247
9.83k
   append_tls_length_value(buf, m_reneg_data, 1);
248
9.83k
   return buf;
249
9.83k
   }
250
251
Application_Layer_Protocol_Notification::Application_Layer_Protocol_Notification(TLS_Data_Reader& reader,
252
                                                                                 uint16_t extension_size)
253
7.17k
   {
254
7.17k
   if(extension_size == 0)
255
3.35k
      return; // empty extension
256
3.82k
257
3.82k
   const uint16_t name_bytes = reader.get_uint16_t();
258
3.82k
259
3.82k
   size_t bytes_remaining = extension_size - 2;
260
3.82k
261
3.82k
   if(name_bytes != bytes_remaining)
262
120
      throw Decoding_Error("Bad encoding of ALPN extension, bad length field");
263
3.70k
264
34.2k
   while(bytes_remaining)
265
30.6k
      {
266
30.6k
      const std::string p = reader.get_string(1, 0, 255);
267
30.6k
268
30.6k
      if(bytes_remaining < p.size() + 1)
269
3
         throw Decoding_Error("Bad encoding of ALPN, length field too long");
270
30.5k
271
30.5k
      if(p.empty())
272
93
         throw Decoding_Error("Empty ALPN protocol not allowed");
273
30.5k
274
30.5k
      bytes_remaining -= (p.size() + 1);
275
30.5k
276
30.5k
      m_protocols.push_back(p);
277
30.5k
      }
278
3.70k
   }
279
280
const std::string& Application_Layer_Protocol_Notification::single_protocol() const
281
0
   {
282
0
   if(m_protocols.size() != 1)
283
0
      throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
284
0
                          "Server sent " + std::to_string(m_protocols.size()) +
285
0
                          " protocols in ALPN extension response");
286
0
   return m_protocols[0];
287
0
   }
288
289
std::vector<uint8_t> Application_Layer_Protocol_Notification::serialize(Connection_Side /*whoami*/) const
290
3.29k
   {
291
3.29k
   std::vector<uint8_t> buf(2);
292
3.29k
293
3.29k
   for(auto&& p: m_protocols)
294
3.29k
      {
295
3.29k
      if(p.length() >= 256)
296
0
         throw TLS_Exception(Alert::INTERNAL_ERROR, "ALPN name too long");
297
3.29k
      if(p != "")
298
3.29k
         append_tls_length_value(buf,
299
3.29k
                                 cast_char_ptr_to_uint8(p.data()),
300
3.29k
                                 p.size(),
301
3.29k
                                 1);
302
3.29k
      }
303
3.29k
304
3.29k
   buf[0] = get_byte(0, static_cast<uint16_t>(buf.size()-2));
305
3.29k
   buf[1] = get_byte(1, static_cast<uint16_t>(buf.size()-2));
306
3.29k
307
3.29k
   return buf;
308
3.29k
   }
309
310
Supported_Groups::Supported_Groups(const std::vector<Group_Params>& groups) : m_groups(groups)
311
5.89k
   {
312
5.89k
   }
313
314
std::vector<Group_Params> Supported_Groups::ec_groups() const
315
40.7k
   {
316
40.7k
   std::vector<Group_Params> ec;
317
40.7k
   for(auto g : m_groups)
318
212k
      {
319
212k
      if(group_param_is_dh(g) == false)
320
161k
         ec.push_back(g);
321
212k
      }
322
40.7k
   return ec;
323
40.7k
   }
324
325
std::vector<Group_Params> Supported_Groups::dh_groups() const
326
2.22k
   {
327
2.22k
   std::vector<Group_Params> dh;
328
2.22k
   for(auto g : m_groups)
329
9.67k
      {
330
9.67k
      if(group_param_is_dh(g) == true)
331
3.55k
         dh.push_back(g);
332
9.67k
      }
333
2.22k
   return dh;
334
2.22k
   }
335
336
std::vector<uint8_t> Supported_Groups::serialize(Connection_Side /*whoami*/) const
337
5.89k
   {
338
5.89k
   std::vector<uint8_t> buf(2);
339
5.89k
340
5.89k
   for(auto g : m_groups)
341
70.7k
      {
342
70.7k
      const uint16_t id = static_cast<uint16_t>(g);
343
70.7k
344
70.7k
      if(id > 0)
345
70.7k
         {
346
70.7k
         buf.push_back(get_byte(0, id));
347
70.7k
         buf.push_back(get_byte(1, id));
348
70.7k
         }
349
70.7k
      }
350
5.89k
351
5.89k
   buf[0] = get_byte(0, static_cast<uint16_t>(buf.size()-2));
352
5.89k
   buf[1] = get_byte(1, static_cast<uint16_t>(buf.size()-2));
353
5.89k
354
5.89k
   return buf;
355
5.89k
   }
356
357
Supported_Groups::Supported_Groups(TLS_Data_Reader& reader,
358
                                   uint16_t extension_size)
359
19.0k
   {
360
19.0k
   const uint16_t len = reader.get_uint16_t();
361
19.0k
362
19.0k
   if(len + 2 != extension_size)
363
53
      throw Decoding_Error("Inconsistent length field in supported groups list");
364
18.9k
365
18.9k
   if(len % 2 == 1)
366
3
      throw Decoding_Error("Supported groups list of strange size");
367
18.9k
368
18.9k
   const size_t elems = len / 2;
369
18.9k
370
111k
   for(size_t i = 0; i != elems; ++i)
371
92.2k
      {
372
92.2k
      const uint16_t id = reader.get_uint16_t();
373
92.2k
      m_groups.push_back(static_cast<Group_Params>(id));
374
92.2k
      }
375
18.9k
   }
376
377
std::vector<uint8_t> Supported_Point_Formats::serialize(Connection_Side /*whoami*/) const
378
6.44k
   {
379
6.44k
   // if this extension is sent, it MUST include uncompressed (RFC 4492, section 5.1)
380
6.44k
   if(m_prefers_compressed)
381
0
      {
382
0
      return std::vector<uint8_t>{2, ANSIX962_COMPRESSED_PRIME, UNCOMPRESSED};
383
0
      }
384
6.44k
   else
385
6.44k
      {
386
6.44k
      return std::vector<uint8_t>{1, UNCOMPRESSED};
387
6.44k
      }
388
6.44k
   }
389
390
Supported_Point_Formats::Supported_Point_Formats(TLS_Data_Reader& reader,
391
                                                 uint16_t extension_size)
392
1.93k
   {
393
1.93k
   uint8_t len = reader.get_byte();
394
1.93k
395
1.93k
   if(len + 1 != extension_size)
396
56
      throw Decoding_Error("Inconsistent length field in supported point formats list");
397
1.88k
398
4.71k
   for(size_t i = 0; i != len; ++i)
399
3.71k
      {
400
3.71k
      uint8_t format = reader.get_byte();
401
3.71k
402
3.71k
      if(static_cast<ECPointFormat>(format) == UNCOMPRESSED)
403
756
         {
404
756
         m_prefers_compressed = false;
405
756
         reader.discard_next(len-i-1);
406
756
         return;
407
756
         }
408
2.95k
      else if(static_cast<ECPointFormat>(format) == ANSIX962_COMPRESSED_PRIME)
409
123
         {
410
123
         m_prefers_compressed = true;
411
123
         reader.discard_next(len-i-1);
412
123
         return;
413
123
         }
414
3.71k
415
3.71k
      // ignore ANSIX962_COMPRESSED_CHAR2, we don't support these curves
416
3.71k
      }
417
1.88k
   }
418
419
std::vector<uint8_t> Signature_Algorithms::serialize(Connection_Side /*whoami*/) const
420
5.89k
   {
421
5.89k
   BOTAN_ASSERT(m_schemes.size() < 256, "Too many signature schemes");
422
5.89k
423
5.89k
   std::vector<uint8_t> buf;
424
5.89k
425
5.89k
   const uint16_t len = static_cast<uint16_t>(m_schemes.size() * 2);
426
5.89k
427
5.89k
   buf.push_back(get_byte(0, len));
428
5.89k
   buf.push_back(get_byte(1, len));
429
5.89k
430
5.89k
   for(Signature_Scheme scheme : m_schemes)
431
53.0k
      {
432
53.0k
      const uint16_t scheme_code = static_cast<uint16_t>(scheme);
433
53.0k
434
53.0k
      buf.push_back(get_byte(0, scheme_code));
435
53.0k
      buf.push_back(get_byte(1, scheme_code));
436
53.0k
      }
437
5.89k
438
5.89k
   return buf;
439
5.89k
   }
440
441
Signature_Algorithms::Signature_Algorithms(TLS_Data_Reader& reader,
442
                                           uint16_t extension_size)
443
2.98k
   {
444
2.98k
   uint16_t len = reader.get_uint16_t();
445
2.98k
446
2.98k
   if(len + 2 != extension_size || len % 2 == 1 || len == 0)
447
79
      {
448
79
      throw Decoding_Error("Bad encoding on signature algorithms extension");
449
79
      }
450
2.90k
451
46.4k
   while(len)
452
43.5k
      {
453
43.5k
      const uint16_t scheme_code = reader.get_uint16_t();
454
43.5k
      m_schemes.push_back(static_cast<Signature_Scheme>(scheme_code));
455
43.5k
      len -= 2;
456
43.5k
      }
457
2.90k
   }
458
459
Session_Ticket::Session_Ticket(TLS_Data_Reader& reader,
460
                               uint16_t extension_size) : m_ticket(reader.get_elem<uint8_t, std::vector<uint8_t>>(extension_size))
461
2.72k
   {}
462
463
SRTP_Protection_Profiles::SRTP_Protection_Profiles(TLS_Data_Reader& reader,
464
                                                   uint16_t extension_size) : m_pp(reader.get_range<uint16_t>(2, 0, 65535))
465
132
   {
466
132
   const std::vector<uint8_t> mki = reader.get_range<uint8_t>(1, 0, 255);
467
132
468
132
   if(m_pp.size() * 2 + mki.size() + 3 != extension_size)
469
79
      throw Decoding_Error("Bad encoding for SRTP protection extension");
470
53
471
53
   if(!mki.empty())
472
3
      throw Decoding_Error("Unhandled non-empty MKI for SRTP protection extension");
473
53
   }
474
475
std::vector<uint8_t> SRTP_Protection_Profiles::serialize(Connection_Side /*whoami*/) const
476
0
   {
477
0
   std::vector<uint8_t> buf;
478
0
479
0
   const uint16_t pp_len = static_cast<uint16_t>(m_pp.size() * 2);
480
0
   buf.push_back(get_byte(0, pp_len));
481
0
   buf.push_back(get_byte(1, pp_len));
482
0
483
0
   for(uint16_t pp : m_pp)
484
0
      {
485
0
      buf.push_back(get_byte(0, pp));
486
0
      buf.push_back(get_byte(1, pp));
487
0
      }
488
0
489
0
   buf.push_back(0); // srtp_mki, always empty here
490
0
491
0
   return buf;
492
0
   }
493
494
Extended_Master_Secret::Extended_Master_Secret(TLS_Data_Reader&,
495
                                               uint16_t extension_size)
496
7.05k
   {
497
7.05k
   if(extension_size != 0)
498
42
      throw Decoding_Error("Invalid extended_master_secret extension");
499
7.05k
   }
500
501
std::vector<uint8_t> Extended_Master_Secret::serialize(Connection_Side /*whoami*/) const
502
10.1k
   {
503
10.1k
   return std::vector<uint8_t>();
504
10.1k
   }
505
506
Encrypt_then_MAC::Encrypt_then_MAC(TLS_Data_Reader&,
507
                                   uint16_t extension_size)
508
2.97k
   {
509
2.97k
   if(extension_size != 0)
510
39
      throw Decoding_Error("Invalid encrypt_then_mac extension");
511
2.97k
   }
512
513
std::vector<uint8_t> Encrypt_then_MAC::serialize(Connection_Side /*whoami*/) const
514
6.17k
   {
515
6.17k
   return std::vector<uint8_t>();
516
6.17k
   }
517
518
std::vector<uint8_t> Certificate_Status_Request::serialize(Connection_Side whoami) const
519
6.83k
   {
520
6.83k
   std::vector<uint8_t> buf;
521
6.83k
522
6.83k
   if(whoami == Connection_Side::SERVER)
523
943
      return buf; // server reply is empty
524
5.89k
525
5.89k
   /*
526
5.89k
   opaque ResponderID<1..2^16-1>;
527
5.89k
   opaque Extensions<0..2^16-1>;
528
5.89k
529
5.89k
   CertificateStatusType status_type = ocsp(1)
530
5.89k
   ResponderID responder_id_list<0..2^16-1>
531
5.89k
   Extensions  request_extensions;
532
5.89k
   */
533
5.89k
534
5.89k
   buf.push_back(1); // CertificateStatusType ocsp
535
5.89k
536
5.89k
   buf.push_back(0);
537
5.89k
   buf.push_back(0);
538
5.89k
   buf.push_back(0);
539
5.89k
   buf.push_back(0);
540
5.89k
541
5.89k
   return buf;
542
5.89k
   }
543
544
Certificate_Status_Request::Certificate_Status_Request(TLS_Data_Reader& reader,
545
                                                       uint16_t extension_size,
546
                                                       Connection_Side from)
547
1.31k
   {
548
1.31k
   if(from == Connection_Side::SERVER)
549
232
      {
550
232
      if(extension_size != 0)
551
15
         throw Decoding_Error("Server sent non-empty Certificate_Status_Request extension");
552
1.08k
      }
553
1.08k
   else if(extension_size > 0)
554
129
      {
555
129
      const uint8_t type = reader.get_byte();
556
129
      if(type == 1)
557
13
         {
558
13
         const size_t len_resp_id_list = reader.get_uint16_t();
559
13
         m_ocsp_names = reader.get_fixed<uint8_t>(len_resp_id_list);
560
13
         const size_t len_requ_ext = reader.get_uint16_t();
561
13
         m_extension_bytes = reader.get_fixed<uint8_t>(len_requ_ext);
562
13
         }
563
116
      else
564
116
         {
565
116
         reader.discard_next(extension_size - 1);
566
116
         }
567
129
      }
568
1.31k
   }
569
570
Certificate_Status_Request::Certificate_Status_Request(const std::vector<uint8_t>& ocsp_responder_ids,
571
                                                       const std::vector<std::vector<uint8_t>>& ocsp_key_ids) :
572
   m_ocsp_names(ocsp_responder_ids),
573
   m_ocsp_keys(ocsp_key_ids)
574
5.89k
   {
575
5.89k
   }
576
577
std::vector<uint8_t> Supported_Versions::serialize(Connection_Side whoami) const
578
5.89k
   {
579
5.89k
   std::vector<uint8_t> buf;
580
5.89k
581
5.89k
   if(whoami == Connection_Side::SERVER)
582
0
      {
583
0
      BOTAN_ASSERT_NOMSG(m_versions.size() == 1);
584
0
      buf.push_back(m_versions[0].major_version());
585
0
      buf.push_back(m_versions[0].minor_version());
586
0
      }
587
5.89k
   else
588
5.89k
      {
589
5.89k
      BOTAN_ASSERT_NOMSG(m_versions.size() >= 1);
590
5.89k
      const uint8_t len = static_cast<uint8_t>(m_versions.size() * 2);
591
5.89k
592
5.89k
      buf.push_back(len);
593
5.89k
594
5.89k
      for(Protocol_Version version : m_versions)
595
5.89k
         {
596
5.89k
         buf.push_back(get_byte(0, version.major_version()));
597
5.89k
         buf.push_back(get_byte(1, version.minor_version()));
598
5.89k
         }
599
5.89k
      }
600
5.89k
601
5.89k
   return buf;
602
5.89k
   }
603
604
Supported_Versions::Supported_Versions(Protocol_Version offer, const Policy& policy)
605
5.89k
   {
606
5.89k
   if(offer.is_datagram_protocol())
607
0
      {
608
0
      if(offer >= Protocol_Version::DTLS_V12 && policy.allow_dtls12())
609
0
         m_versions.push_back(Protocol_Version::DTLS_V12);
610
0
#if defined(BOTAN_HAS_TLS_V10)
611
0
      if(offer >= Protocol_Version::DTLS_V10 && policy.allow_dtls10())
612
0
         m_versions.push_back(Protocol_Version::DTLS_V10);
613
0
#endif
614
0
      }
615
5.89k
   else
616
5.89k
      {
617
5.89k
      if(offer >= Protocol_Version::TLS_V12 && policy.allow_tls12())
618
5.89k
         m_versions.push_back(Protocol_Version::TLS_V12);
619
5.89k
#if defined(BOTAN_HAS_TLS_V10)
620
5.89k
      if(offer >= Protocol_Version::TLS_V11 && policy.allow_tls11())
621
0
         m_versions.push_back(Protocol_Version::TLS_V11);
622
5.89k
      if(offer >= Protocol_Version::TLS_V10 && policy.allow_tls10())
623
0
         m_versions.push_back(Protocol_Version::TLS_V10);
624
5.89k
#endif
625
5.89k
      }
626
5.89k
   }
627
628
Supported_Versions::Supported_Versions(TLS_Data_Reader& reader,
629
                                       uint16_t extension_size,
630
                                       Connection_Side from)
631
136
   {
632
136
   if(from == Connection_Side::SERVER)
633
29
      {
634
29
      if(extension_size != 2)
635
16
         throw Decoding_Error("Server sent invalid supported_versions extension");
636
13
      m_versions.push_back(Protocol_Version(reader.get_uint16_t()));
637
13
      }
638
107
   else
639
107
      {
640
107
      auto versions = reader.get_range<uint16_t>(1, 1, 127);
641
107
642
107
      for(auto v : versions)
643
4.02k
         m_versions.push_back(Protocol_Version(v));
644
107
645
107
      if(extension_size != 1+2*versions.size())
646
81
         throw Decoding_Error("Client sent invalid supported_versions extension");
647
107
      }
648
136
   }
649
650
bool Supported_Versions::supports(Protocol_Version version) const
651
0
   {
652
0
   for(auto v : m_versions)
653
0
      if(version == v)
654
0
         return true;
655
0
   return false;
656
0
   }
657
658
}
659
660
}