/src/botan/build/include/botan/internal/tls_handshake_state.h

Source (jump to first uncovered line)
/*
* TLS Handshake State
* (C) 2004-2006,2011,2012 Jack Lloyd
*     2017 Harry Reimann, Rohde & Schwarz Cybersecurity
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#ifndef BOTAN_TLS_HANDSHAKE_STATE_H_
#define BOTAN_TLS_HANDSHAKE_STATE_H_

#include <botan/internal/tls_handshake_hash.h>
#include <botan/internal/tls_handshake_io.h>
#include <botan/internal/tls_session_key.h>
#include <botan/tls_ciphersuite.h>
#include <botan/tls_exceptn.h>
#include <botan/tls_handshake_msg.h>
#include <botan/tls_callbacks.h>
#include <botan/pk_keys.h>
#include <botan/pubkey.h>
#include <functional>

namespace Botan {

class KDF;

namespace TLS {

class Callbacks;
class Policy;

class Hello_Verify_Request;
class Client_Hello;
class Server_Hello;
class Certificate;
class Certificate_Status;
class Server_Key_Exchange;
class Certificate_Req;
class Server_Hello_Done;
class Certificate;
class Client_Key_Exchange;
class Certificate_Verify;
class New_Session_Ticket;
class Finished;

/**
* SSL/TLS Handshake State
*/
class Handshake_State
   {
   public:
      Handshake_State(Handshake_IO* io, Callbacks& callbacks);

      virtual ~Handshake_State() = default;

      Handshake_State(const Handshake_State&) = delete;
      Handshake_State& operator=(const Handshake_State&) = delete;

      Handshake_IO& handshake_io() { return *m_handshake_io; }

      /**
      * Return true iff we have received a particular message already
      * @param msg_type the message type
      */
      bool received_handshake_msg(Handshake_Type msg_type) const;

      /**
      * Confirm that we were expecting this message type
      * @param msg_type the message type
      */
      void confirm_transition_to(Handshake_Type msg_type);

      /**
      * Record that we are expecting a particular message type next
      * @param msg_type the message type
      */
      void set_expected_next(Handshake_Type msg_type);

      std::pair<Handshake_Type, std::vector<uint8_t>>
         get_next_handshake_msg();

      std::vector<uint8_t> session_ticket() const;

      std::pair<std::string, Signature_Format>
         parse_sig_format(const Public_Key& key,
                          Signature_Scheme scheme,
                          bool for_client_auth,
                          const Policy& policy) const;

      std::pair<std::string, Signature_Format>
         choose_sig_format(const Private_Key& key,
                           Signature_Scheme& scheme,
                           bool for_client_auth,
                           const Policy& policy) const;

      KDF* protocol_specific_prf() const;

      Protocol_Version version() const { return m_version; }

      void set_version(const Protocol_Version& version);

      void hello_verify_request(const Hello_Verify_Request& hello_verify);

      void client_hello(Client_Hello* client_hello);
      void server_hello(Server_Hello* server_hello);
      void server_certs(Certificate* server_certs);
      void server_cert_status(Certificate_Status* server_cert_status);
      void server_kex(Server_Key_Exchange* server_kex);
      void cert_req(Certificate_Req* cert_req);
      void server_hello_done(Server_Hello_Done* server_hello_done);
      void client_certs(Certificate* client_certs);
      void client_kex(Client_Key_Exchange* client_kex);
      void client_verify(Certificate_Verify* client_verify);
      void new_session_ticket(New_Session_Ticket* new_session_ticket);
      void server_finished(Finished* server_finished);
      void client_finished(Finished* client_finished);

      const Client_Hello* client_hello() const
         { return m_client_hello.get(); }

      const Server_Hello* server_hello() const
         { return m_server_hello.get(); }

      const Certificate* server_certs() const
         { return m_server_certs.get(); }

      const Server_Key_Exchange* server_kex() const
         { return m_server_kex.get(); }

      const Certificate_Req* cert_req() const
         { return m_cert_req.get(); }

      const Server_Hello_Done* server_hello_done() const
         { return m_server_hello_done.get(); }

      const Certificate* client_certs() const
         { return m_client_certs.get(); }

      const Client_Key_Exchange* client_kex() const
         { return m_client_kex.get(); }

      const Certificate_Verify* client_verify() const
         { return m_client_verify.get(); }

      const Certificate_Status* server_cert_status() const
         { return m_server_cert_status.get(); }

      const New_Session_Ticket* new_session_ticket() const
         { return m_new_session_ticket.get(); }

      const Finished* server_finished() const
         { return m_server_finished.get(); }

      const Finished* client_finished() const
         { return m_client_finished.get(); }

      const Ciphersuite& ciphersuite() const { return m_ciphersuite; }

      const Session_Keys& session_keys() const { return m_session_keys; }

      Callbacks& callbacks() const { return m_callbacks; }

      void compute_session_keys();

      void compute_session_keys(const secure_vector<uint8_t>& resume_master_secret);

      Handshake_Hash& hash() { return m_handshake_hash; }

      const Handshake_Hash& hash() const { return m_handshake_hash; }

      void note_message(const Handshake_Message& msg);
   private:

      Callbacks& m_callbacks;

      std::unique_ptr<Handshake_IO> m_handshake_io;

      uint32_t m_hand_expecting_mask = 0;
      uint32_t m_hand_received_mask = 0;
      Protocol_Version m_version;
      Ciphersuite m_ciphersuite;
      Session_Keys m_session_keys;
      Handshake_Hash m_handshake_hash;

      std::unique_ptr<Client_Hello> m_client_hello;
      std::unique_ptr<Server_Hello> m_server_hello;
      std::unique_ptr<Certificate> m_server_certs;
      std::unique_ptr<Certificate_Status> m_server_cert_status;
      std::unique_ptr<Server_Key_Exchange> m_server_kex;
      std::unique_ptr<Certificate_Req> m_cert_req;
      std::unique_ptr<Server_Hello_Done> m_server_hello_done;
      std::unique_ptr<Certificate> m_client_certs;
      std::unique_ptr<Client_Key_Exchange> m_client_kex;
      std::unique_ptr<Certificate_Verify> m_client_verify;
      std::unique_ptr<New_Session_Ticket> m_new_session_ticket;
      std::unique_ptr<Finished> m_server_finished;
      std::unique_ptr<Finished> m_client_finished;
   };

}

}

#endif

Coverage Report

Created: 2021-02-21 07:20

Line	Count	Source (jump to first uncovered line)
1		/*
2		* TLS Handshake State
3		* (C) 2004-2006,2011,2012 Jack Lloyd
4		* 2017 Harry Reimann, Rohde & Schwarz Cybersecurity
5		*
6		* Botan is released under the Simplified BSD License (see license.txt)
7		*/
8
9		#ifndef BOTAN_TLS_HANDSHAKE_STATE_H_
10		#define BOTAN_TLS_HANDSHAKE_STATE_H_
11
12		#include <botan/internal/tls_handshake_hash.h>
13		#include <botan/internal/tls_handshake_io.h>
14		#include <botan/internal/tls_session_key.h>
15		#include <botan/tls_ciphersuite.h>
16		#include <botan/tls_exceptn.h>
17		#include <botan/tls_handshake_msg.h>
18		#include <botan/tls_callbacks.h>
19		#include <botan/pk_keys.h>
20		#include <botan/pubkey.h>
21		#include <functional>
22
23		namespace Botan {
24
25		class KDF;
26
27		namespace TLS {
28
29		class Callbacks;
30		class Policy;
31
32		class Hello_Verify_Request;
33		class Client_Hello;
34		class Server_Hello;
35		class Certificate;
36		class Certificate_Status;
37		class Server_Key_Exchange;
38		class Certificate_Req;
39		class Server_Hello_Done;
40		class Certificate;
41		class Client_Key_Exchange;
42		class Certificate_Verify;
43		class New_Session_Ticket;
44		class Finished;
45
46		/**
47		* SSL/TLS Handshake State
48		*/
49		class Handshake_State
50		{
51		public:
52		Handshake_State(Handshake_IO* io, Callbacks& callbacks);
53
54	44.7k	virtual ~Handshake_State() = default;
55
56		Handshake_State(const Handshake_State&) = delete;
57		Handshake_State& operator=(const Handshake_State&) = delete;
58
59	258k	Handshake_IO& handshake_io() { return *m_handshake_io; }
60
61		/**
62		* Return true iff we have received a particular message already
63		* @param msg_type the message type
64		*/
65		bool received_handshake_msg(Handshake_Type msg_type) const;
66
67		/**
68		* Confirm that we were expecting this message type
69		* @param msg_type the message type
70		*/
71		void confirm_transition_to(Handshake_Type msg_type);
72
73		/**
74		* Record that we are expecting a particular message type next
75		* @param msg_type the message type
76		*/
77		void set_expected_next(Handshake_Type msg_type);
78
79		std::pair<Handshake_Type, std::vector<uint8_t>>
80		get_next_handshake_msg();
81
82		std::vector<uint8_t> session_ticket() const;
83
84		std::pair<std::string, Signature_Format>
85		parse_sig_format(const Public_Key& key,
86		Signature_Scheme scheme,
87		bool for_client_auth,
88		const Policy& policy) const;
89
90		std::pair<std::string, Signature_Format>
91		choose_sig_format(const Private_Key& key,
92		Signature_Scheme& scheme,
93		bool for_client_auth,
94		const Policy& policy) const;
95
96		KDF* protocol_specific_prf() const;
97
98	193k	Protocol_Version version() const { return m_version; }
99
100		void set_version(const Protocol_Version& version);
101
102		void hello_verify_request(const Hello_Verify_Request& hello_verify);
103
104		void client_hello(Client_Hello* client_hello);
105		void server_hello(Server_Hello* server_hello);
106		void server_certs(Certificate* server_certs);
107		void server_cert_status(Certificate_Status* server_cert_status);
108		void server_kex(Server_Key_Exchange* server_kex);
109		void cert_req(Certificate_Req* cert_req);
110		void server_hello_done(Server_Hello_Done* server_hello_done);
111		void client_certs(Certificate* client_certs);
112		void client_kex(Client_Key_Exchange* client_kex);
113		void client_verify(Certificate_Verify* client_verify);
114		void new_session_ticket(New_Session_Ticket* new_session_ticket);
115		void server_finished(Finished* server_finished);
116		void client_finished(Finished* client_finished);
117
118		const Client_Hello* client_hello() const
119	434k	{ return m_client_hello.get(); }
120
121		const Server_Hello* server_hello() const
122	185k	{ return m_server_hello.get(); }
123
124		const Certificate* server_certs() const
125	3.17k	{ return m_server_certs.get(); }
126
127		const Server_Key_Exchange* server_kex() const
128	12.0k	{ return m_server_kex.get(); }
129
130		const Certificate_Req* cert_req() const
131	0	{ return m_cert_req.get(); }
132
133		const Server_Hello_Done* server_hello_done() const
134	0	{ return m_server_hello_done.get(); }
135
136		const Certificate* client_certs() const
137	288	{ return m_client_certs.get(); }
138
139		const Client_Key_Exchange* client_kex() const
140	10.1k	{ return m_client_kex.get(); }
141
142		const Certificate_Verify* client_verify() const
143	0	{ return m_client_verify.get(); }
144
145		const Certificate_Status* server_cert_status() const
146	56	{ return m_server_cert_status.get(); }
147
148		const New_Session_Ticket* new_session_ticket() const
149	342	{ return m_new_session_ticket.get(); }
150
151		const Finished* server_finished() const
152	342	{ return m_server_finished.get(); }
153
154		const Finished* client_finished() const
155	342	{ return m_client_finished.get(); }
156
157	140k	const Ciphersuite& ciphersuite() const { return m_ciphersuite; }
158
159	4.86k	const Session_Keys& session_keys() const { return m_session_keys; }
160
161	22.0k	Callbacks& callbacks() const { return m_callbacks; }
162
163		void compute_session_keys();
164
165		void compute_session_keys(const secure_vector<uint8_t>& resume_master_secret);
166
167	135k	Handshake_Hash& hash() { return m_handshake_hash; }
168
169	2.51k	const Handshake_Hash& hash() const { return m_handshake_hash; }
170
171		void note_message(const Handshake_Message& msg);
172		private:
173
174		Callbacks& m_callbacks;
175
176		std::unique_ptr<Handshake_IO> m_handshake_io;
177
178		uint32_t m_hand_expecting_mask = 0;
179		uint32_t m_hand_received_mask = 0;
180		Protocol_Version m_version;
181		Ciphersuite m_ciphersuite;
182		Session_Keys m_session_keys;
183		Handshake_Hash m_handshake_hash;
184
185		std::unique_ptr<Client_Hello> m_client_hello;
186		std::unique_ptr<Server_Hello> m_server_hello;
187		std::unique_ptr<Certificate> m_server_certs;
188		std::unique_ptr<Certificate_Status> m_server_cert_status;
189		std::unique_ptr<Server_Key_Exchange> m_server_kex;
190		std::unique_ptr<Certificate_Req> m_cert_req;
191		std::unique_ptr<Server_Hello_Done> m_server_hello_done;
192		std::unique_ptr<Certificate> m_client_certs;
193		std::unique_ptr<Client_Key_Exchange> m_client_kex;
194		std::unique_ptr<Certificate_Verify> m_client_verify;
195		std::unique_ptr<New_Session_Ticket> m_new_session_ticket;
196		std::unique_ptr<Finished> m_server_finished;
197		std::unique_ptr<Finished> m_client_finished;
198		};
199
200		}
201
202		}
203
204		#endif