Coverage Report

Created: 2020-10-17 06:46

/src/botan/build/include/botan/internal/tls_handshake_state.h
Line
Count
Source (jump to first uncovered line)
1
/*
2
* TLS Handshake State
3
* (C) 2004-2006,2011,2012 Jack Lloyd
4
*     2017 Harry Reimann, Rohde & Schwarz Cybersecurity
5
*
6
* Botan is released under the Simplified BSD License (see license.txt)
7
*/
8
9
#ifndef BOTAN_TLS_HANDSHAKE_STATE_H_
10
#define BOTAN_TLS_HANDSHAKE_STATE_H_
11
12
#include <botan/internal/tls_handshake_hash.h>
13
#include <botan/internal/tls_handshake_io.h>
14
#include <botan/internal/tls_session_key.h>
15
#include <botan/tls_ciphersuite.h>
16
#include <botan/tls_exceptn.h>
17
#include <botan/tls_handshake_msg.h>
18
#include <botan/tls_callbacks.h>
19
#include <botan/pk_keys.h>
20
#include <botan/pubkey.h>
21
#include <functional>
22
23
namespace Botan {
24
25
class KDF;
26
27
namespace TLS {
28
29
class Callbacks;
30
class Policy;
31
32
class Hello_Verify_Request;
33
class Client_Hello;
34
class Server_Hello;
35
class Certificate;
36
class Certificate_Status;
37
class Server_Key_Exchange;
38
class Certificate_Req;
39
class Server_Hello_Done;
40
class Certificate;
41
class Client_Key_Exchange;
42
class Certificate_Verify;
43
class New_Session_Ticket;
44
class Finished;
45
46
/**
47
* SSL/TLS Handshake State
48
*/
49
class Handshake_State
50
   {
51
   public:
52
      Handshake_State(Handshake_IO* io, Callbacks& callbacks);
53
54
48.1k
      virtual ~Handshake_State() = default;
55
56
      Handshake_State(const Handshake_State&) = delete;
57
      Handshake_State& operator=(const Handshake_State&) = delete;
58
59
235k
      Handshake_IO& handshake_io() { return *m_handshake_io; }
60
61
      /**
62
      * Return true iff we have received a particular message already
63
      * @param msg_type the message type
64
      */
65
      bool received_handshake_msg(Handshake_Type msg_type) const;
66
67
      /**
68
      * Confirm that we were expecting this message type
69
      * @param msg_type the message type
70
      */
71
      void confirm_transition_to(Handshake_Type msg_type);
72
73
      /**
74
      * Record that we are expecting a particular message type next
75
      * @param msg_type the message type
76
      */
77
      void set_expected_next(Handshake_Type msg_type);
78
79
      std::pair<Handshake_Type, std::vector<uint8_t>>
80
         get_next_handshake_msg();
81
82
      std::vector<uint8_t> session_ticket() const;
83
84
      std::pair<std::string, Signature_Format>
85
         parse_sig_format(const Public_Key& key,
86
                          Signature_Scheme scheme,
87
                          bool for_client_auth,
88
                          const Policy& policy) const;
89
90
      std::pair<std::string, Signature_Format>
91
         choose_sig_format(const Private_Key& key,
92
                           Signature_Scheme& scheme,
93
                           bool for_client_auth,
94
                           const Policy& policy) const;
95
96
      std::string srp_identifier() const;
97
98
      KDF* protocol_specific_prf() const;
99
100
209k
      Protocol_Version version() const { return m_version; }
101
102
      void set_version(const Protocol_Version& version);
103
104
      void hello_verify_request(const Hello_Verify_Request& hello_verify);
105
106
      void client_hello(Client_Hello* client_hello);
107
      void server_hello(Server_Hello* server_hello);
108
      void server_certs(Certificate* server_certs);
109
      void server_cert_status(Certificate_Status* server_cert_status);
110
      void server_kex(Server_Key_Exchange* server_kex);
111
      void cert_req(Certificate_Req* cert_req);
112
      void server_hello_done(Server_Hello_Done* server_hello_done);
113
      void client_certs(Certificate* client_certs);
114
      void client_kex(Client_Key_Exchange* client_kex);
115
      void client_verify(Certificate_Verify* client_verify);
116
      void new_session_ticket(New_Session_Ticket* new_session_ticket);
117
      void server_finished(Finished* server_finished);
118
      void client_finished(Finished* client_finished);
119
120
      const Client_Hello* client_hello() const
121
475k
         { return m_client_hello.get(); }
122
123
      const Server_Hello* server_hello() const
124
187k
         { return m_server_hello.get(); }
125
126
      const Certificate* server_certs() const
127
3.08k
         { return m_server_certs.get(); }
128
129
      const Server_Key_Exchange* server_kex() const
130
16.3k
         { return m_server_kex.get(); }
131
132
      const Certificate_Req* cert_req() const
133
14
         { return m_cert_req.get(); }
134
135
      const Server_Hello_Done* server_hello_done() const
136
0
         { return m_server_hello_done.get(); }
137
138
      const Certificate* client_certs() const
139
451
         { return m_client_certs.get(); }
140
141
      const Client_Key_Exchange* client_kex() const
142
14.9k
         { return m_client_kex.get(); }
143
144
      const Certificate_Verify* client_verify() const
145
0
         { return m_client_verify.get(); }
146
147
      const Certificate_Status* server_cert_status() const
148
24
         { return m_server_cert_status.get(); }
149
150
      const New_Session_Ticket* new_session_ticket() const
151
528
         { return m_new_session_ticket.get(); }
152
153
      const Finished* server_finished() const
154
527
         { return m_server_finished.get(); }
155
156
      const Finished* client_finished() const
157
527
         { return m_client_finished.get(); }
158
159
179k
      const Ciphersuite& ciphersuite() const { return m_ciphersuite; }
160
161
5.64k
      const Session_Keys& session_keys() const { return m_session_keys; }
162
163
25.6k
      Callbacks& callbacks() const { return m_callbacks; }
164
165
      void compute_session_keys();
166
167
      void compute_session_keys(const secure_vector<uint8_t>& resume_master_secret);
168
169
150k
      Handshake_Hash& hash() { return m_handshake_hash; }
170
171
5.78k
      const Handshake_Hash& hash() const { return m_handshake_hash; }
172
173
      void note_message(const Handshake_Message& msg);
174
   private:
175
176
      Callbacks& m_callbacks;
177
178
      std::unique_ptr<Handshake_IO> m_handshake_io;
179
180
      uint32_t m_hand_expecting_mask = 0;
181
      uint32_t m_hand_received_mask = 0;
182
      Protocol_Version m_version;
183
      Ciphersuite m_ciphersuite;
184
      Session_Keys m_session_keys;
185
      Handshake_Hash m_handshake_hash;
186
187
      std::unique_ptr<Client_Hello> m_client_hello;
188
      std::unique_ptr<Server_Hello> m_server_hello;
189
      std::unique_ptr<Certificate> m_server_certs;
190
      std::unique_ptr<Certificate_Status> m_server_cert_status;
191
      std::unique_ptr<Server_Key_Exchange> m_server_kex;
192
      std::unique_ptr<Certificate_Req> m_cert_req;
193
      std::unique_ptr<Server_Hello_Done> m_server_hello_done;
194
      std::unique_ptr<Certificate> m_client_certs;
195
      std::unique_ptr<Client_Key_Exchange> m_client_kex;
196
      std::unique_ptr<Certificate_Verify> m_client_verify;
197
      std::unique_ptr<New_Session_Ticket> m_new_session_ticket;
198
      std::unique_ptr<Finished> m_server_finished;
199
      std::unique_ptr<Finished> m_client_finished;
200
   };
201
202
}
203
204
}
205
206
#endif