/src/botan/build/include/botan/tls_messages.h

Source (jump to first uncovered line)
/*
* TLS Messages
* (C) 2004-2011,2015 Jack Lloyd
*     2016 Matthias Gierlings
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#ifndef BOTAN_TLS_MESSAGES_H_
#define BOTAN_TLS_MESSAGES_H_

#include <botan/tls_extensions.h>
#include <botan/tls_handshake_msg.h>
#include <botan/tls_session.h>
#include <botan/tls_policy.h>
#include <botan/tls_ciphersuite.h>
#include <botan/pk_keys.h>
#include <botan/x509cert.h>
#include <botan/ocsp.h>
#include <vector>
#include <string>
#include <set>

#if defined(BOTAN_HAS_CECPQ1)
  #include <botan/cecpq1.h>
#endif

namespace Botan {

class Public_Key;
class Credentials_Manager;

namespace TLS {

class Session;
class Handshake_IO;
class Handshake_State;
class Callbacks;

std::vector<uint8_t> make_hello_random(RandomNumberGenerator& rng,
                                       const Policy& policy);

/**
* DTLS Hello Verify Request
*/
class BOTAN_UNSTABLE_API Hello_Verify_Request final : public Handshake_Message
   {
   public:
      std::vector<uint8_t> serialize() const override;
      Handshake_Type type() const override { return HELLO_VERIFY_REQUEST; }

      const std::vector<uint8_t>& cookie() const { return m_cookie; }

      explicit Hello_Verify_Request(const std::vector<uint8_t>& buf);

      Hello_Verify_Request(const std::vector<uint8_t>& client_hello_bits,
                           const std::string& client_identity,
                           const SymmetricKey& secret_key);
   private:
      std::vector<uint8_t> m_cookie;
   };

/**
* Client Hello Message
*/
class BOTAN_UNSTABLE_API Client_Hello final : public Handshake_Message
   {
   public:
      class Settings final
         {
         public:
            Settings(const Protocol_Version version,
                     const std::string& hostname = "") :
               m_new_session_version(version),
               m_hostname(hostname) {}

            const Protocol_Version protocol_version() const { return m_new_session_version; }
            const std::string& hostname() const { return m_hostname; }

         private:
            const Protocol_Version m_new_session_version;
            const std::string m_hostname;
         };

      Handshake_Type type() const override { return CLIENT_HELLO; }

      Protocol_Version version() const { return m_version; }

      std::vector<Protocol_Version> supported_versions() const;

      const std::vector<uint8_t>& random() const { return m_random; }

      const std::vector<uint8_t>& session_id() const { return m_session_id; }

      const std::vector<uint8_t>& compression_methods() const { return m_comp_methods; }

      const std::vector<uint16_t>& ciphersuites() const { return m_suites; }

      bool offered_suite(uint16_t ciphersuite) const;

      bool sent_fallback_scsv() const;

      std::vector<Signature_Scheme> signature_schemes() const;

      std::vector<Group_Params> supported_ecc_curves() const;

      std::vector<Group_Params> supported_dh_groups() const;

      bool prefers_compressed_ec_points() const;

      std::string sni_hostname() const;

      bool secure_renegotiation() const;

      std::vector<uint8_t> renegotiation_info() const;

      bool supports_session_ticket() const;

      std::vector<uint8_t> session_ticket() const;

      bool supports_alpn() const;

      bool supports_extended_master_secret() const;

      bool supports_cert_status_message() const;

      bool supports_encrypt_then_mac() const;

      bool sent_signature_algorithms() const;

      std::vector<std::string> next_protocols() const;

      std::vector<uint16_t> srtp_profiles() const;

      void update_hello_cookie(const Hello_Verify_Request& hello_verify);

      const std::vector<uint8_t>& cookie() const { return m_hello_cookie; }

      std::vector<uint8_t> cookie_input_data() const;

      std::set<Handshake_Extension_Type> extension_types() const
         { return m_extensions.extension_types(); }

      const Extensions& extensions() const { return m_extensions; }

      Client_Hello(Handshake_IO& io,
                   Handshake_Hash& hash,
                   const Policy& policy,
                   Callbacks& cb,
                   RandomNumberGenerator& rng,
                   const std::vector<uint8_t>& reneg_info,
                   const Client_Hello::Settings& client_settings,
                   const std::vector<std::string>& next_protocols);

      Client_Hello(Handshake_IO& io,
                   Handshake_Hash& hash,
                   const Policy& policy,
                   Callbacks& cb,
                   RandomNumberGenerator& rng,
                   const std::vector<uint8_t>& reneg_info,
                   const Session& resumed_session,
                   const std::vector<std::string>& next_protocols);

      explicit Client_Hello(const std::vector<uint8_t>& buf);

   private:
      std::vector<uint8_t> serialize() const override;

      Protocol_Version m_version;
      std::vector<uint8_t> m_session_id;
      std::vector<uint8_t> m_random;
      std::vector<uint16_t> m_suites;
      std::vector<uint8_t> m_comp_methods;
      std::vector<uint8_t> m_hello_cookie; // DTLS only
      std::vector<uint8_t> m_cookie_input_bits; // DTLS only

      Extensions m_extensions;
   };

/**
* Server Hello Message
*/
class BOTAN_UNSTABLE_API Server_Hello final : public Handshake_Message
   {
   public:
      class Settings final
         {
         public:
            Settings(const std::vector<uint8_t> new_session_id,
                     Protocol_Version new_session_version,
                     uint16_t ciphersuite,
                     bool offer_session_ticket) :
               m_new_session_id(new_session_id),
               m_new_session_version(new_session_version),
               m_ciphersuite(ciphersuite),
               m_offer_session_ticket(offer_session_ticket) {}

            const std::vector<uint8_t>& session_id() const { return m_new_session_id; }
            Protocol_Version protocol_version() const { return m_new_session_version; }
            uint16_t ciphersuite() const { return m_ciphersuite; }
            bool offer_session_ticket() const { return m_offer_session_ticket; }

         private:
            const std::vector<uint8_t> m_new_session_id;
            Protocol_Version m_new_session_version;
            uint16_t m_ciphersuite;
            bool m_offer_session_ticket;
         };


      Handshake_Type type() const override { return SERVER_HELLO; }

      Protocol_Version version() const { return m_version; }

      const std::vector<uint8_t>& random() const { return m_random; }

      const std::vector<uint8_t>& session_id() const { return m_session_id; }

      uint16_t ciphersuite() const { return m_ciphersuite; }

      uint8_t compression_method() const { return m_comp_method; }

      bool secure_renegotiation() const
         {
         return m_extensions.has<Renegotiation_Extension>();
         }

      std::vector<uint8_t> renegotiation_info() const
         {
         if(Renegotiation_Extension* reneg = m_extensions.get<Renegotiation_Extension>())
            return reneg->renegotiation_info();
         return std::vector<uint8_t>();
         }

      bool supports_extended_master_secret() const
         {
         return m_extensions.has<Extended_Master_Secret>();
         }

      bool supports_encrypt_then_mac() const
         {
         return m_extensions.has<Encrypt_then_MAC>();
         }

      bool supports_certificate_status_message() const
         {
         return m_extensions.has<Certificate_Status_Request>();
         }

      bool supports_session_ticket() const
         {
         return m_extensions.has<Session_Ticket>();
         }

      uint16_t srtp_profile() const
         {
         if(auto srtp = m_extensions.get<SRTP_Protection_Profiles>())
            {
            auto prof = srtp->profiles();
            if(prof.size() != 1 || prof[0] == 0)
               throw Decoding_Error("Server sent malformed DTLS-SRTP extension");
            return prof[0];
            }

         return 0;
         }

      std::string next_protocol() const
         {
         if(auto alpn = m_extensions.get<Application_Layer_Protocol_Notification>())
            return alpn->single_protocol();
         return "";
         }

      std::set<Handshake_Extension_Type> extension_types() const
         { return m_extensions.extension_types(); }

      const Extensions& extensions() const { return m_extensions; }

      bool prefers_compressed_ec_points() const
         {
         if(auto ecc_formats = m_extensions.get<Supported_Point_Formats>())
            {
            return ecc_formats->prefers_compressed();
            }
         return false;
         }

      bool random_signals_downgrade() const;

      Server_Hello(Handshake_IO& io,
                   Handshake_Hash& hash,
                   const Policy& policy,
                   Callbacks& cb,
                   RandomNumberGenerator& rng,
                   const std::vector<uint8_t>& secure_reneg_info,
                   const Client_Hello& client_hello,
                   const Server_Hello::Settings& settings,
                   const std::string next_protocol);

      Server_Hello(Handshake_IO& io,
                   Handshake_Hash& hash,
                   const Policy& policy,
                   Callbacks& cb,
                   RandomNumberGenerator& rng,
                   const std::vector<uint8_t>& secure_reneg_info,
                   const Client_Hello& client_hello,
                   Session& resumed_session,
                   bool offer_session_ticket,
                   const std::string& next_protocol);

      explicit Server_Hello(const std::vector<uint8_t>& buf);
   private:
      std::vector<uint8_t> serialize() const override;

      Protocol_Version m_version;
      std::vector<uint8_t> m_session_id, m_random;
      uint16_t m_ciphersuite;
      uint8_t m_comp_method;

      Extensions m_extensions;
   };

/**
* Client Key Exchange Message
*/
class BOTAN_UNSTABLE_API Client_Key_Exchange final : public Handshake_Message
   {
   public:
      Handshake_Type type() const override { return CLIENT_KEX; }

      const secure_vector<uint8_t>& pre_master_secret() const
         { return m_pre_master; }

      Client_Key_Exchange(Handshake_IO& io,
                          Handshake_State& state,
                          const Policy& policy,
                          Credentials_Manager& creds,
                          const Public_Key* server_public_key,
                          const std::string& hostname,
                          RandomNumberGenerator& rng);

      Client_Key_Exchange(const std::vector<uint8_t>& buf,
                          const Handshake_State& state,
                          const Private_Key* server_rsa_kex_key,
                          Credentials_Manager& creds,
                          const Policy& policy,
                          RandomNumberGenerator& rng);

   private:
      std::vector<uint8_t> serialize() const override
         { return m_key_material; }

      std::vector<uint8_t> m_key_material;
      secure_vector<uint8_t> m_pre_master;
   };

/**
* Certificate Message
*/
class BOTAN_UNSTABLE_API Certificate final : public Handshake_Message
   {
   public:
      Handshake_Type type() const override { return CERTIFICATE; }
      const std::vector<X509_Certificate>& cert_chain() const { return m_certs; }

      size_t count() const { return m_certs.size(); }
      bool empty() const { return m_certs.empty(); }

      Certificate(Handshake_IO& io,
                  Handshake_Hash& hash,
                  const std::vector<X509_Certificate>& certs);

      explicit Certificate(const std::vector<uint8_t>& buf, const Policy &policy);
   private:
      std::vector<uint8_t> serialize() const override;

      std::vector<X509_Certificate> m_certs;
   };

/**
* Certificate Status (RFC 6066)
*/
class BOTAN_UNSTABLE_API Certificate_Status final : public Handshake_Message
   {
   public:
      Handshake_Type type() const override { return CERTIFICATE_STATUS; }

      //std::shared_ptr<const OCSP::Response> response() const { return m_response; }

      const std::vector<uint8_t>& response() const { return m_response; }

      Certificate_Status(const std::vector<uint8_t>& buf);

      Certificate_Status(Handshake_IO& io,
                         Handshake_Hash& hash,
                         std::shared_ptr<const OCSP::Response> response);

      /*
       * Create a Certificate_Status message using an already DER encoded OCSP response.
       */
      Certificate_Status(Handshake_IO& io,
                         Handshake_Hash& hash,
                         std::vector<uint8_t> const& raw_response_bytes );

   private:
      std::vector<uint8_t> serialize() const override;
      std::vector<uint8_t> m_response;
   };

/**
* Certificate Request Message
*/
class BOTAN_UNSTABLE_API Certificate_Req final : public Handshake_Message
   {
   public:
      Handshake_Type type() const override { return CERTIFICATE_REQUEST; }

      const std::vector<std::string>& acceptable_cert_types() const
         { return m_cert_key_types; }

      const std::vector<X509_DN>& acceptable_CAs() const { return m_names; }

      const std::vector<Signature_Scheme>& signature_schemes() const
         {
         return m_schemes;
         }

      Certificate_Req(Handshake_IO& io,
                      Handshake_Hash& hash,
                      const Policy& policy,
                      const std::vector<X509_DN>& allowed_cas,
                      Protocol_Version version);

      Certificate_Req(const std::vector<uint8_t>& buf,
                      Protocol_Version version);
   private:
      std::vector<uint8_t> serialize() const override;

      std::vector<X509_DN> m_names;
      std::vector<std::string> m_cert_key_types;

      std::vector<Signature_Scheme> m_schemes;
   };

/**
* Certificate Verify Message
*/
class BOTAN_UNSTABLE_API Certificate_Verify final : public Handshake_Message
   {
   public:
      Handshake_Type type() const override { return CERTIFICATE_VERIFY; }

      /**
      * Check the signature on a certificate verify message
      * @param cert the purported certificate
      * @param state the handshake state
      * @param policy the TLS policy
      */
      bool verify(const X509_Certificate& cert,
                  const Handshake_State& state,
                  const Policy& policy) const;

      Certificate_Verify(Handshake_IO& io,
                         Handshake_State& state,
                         const Policy& policy,
                         RandomNumberGenerator& rng,
                         const Private_Key* key);

      Certificate_Verify(const std::vector<uint8_t>& buf,
                         Protocol_Version version);
   private:
      std::vector<uint8_t> serialize() const override;

      std::vector<uint8_t> m_signature;
      Signature_Scheme m_scheme = Signature_Scheme::NONE;
   };

/**
* Finished Message
*/
class BOTAN_UNSTABLE_API Finished final : public Handshake_Message
   {
   public:
      Handshake_Type type() const override { return FINISHED; }

      std::vector<uint8_t> verify_data() const
         { return m_verification_data; }

      bool verify(const Handshake_State& state,
                  Connection_Side side) const;

      Finished(Handshake_IO& io,
               Handshake_State& state,
               Connection_Side side);

      explicit Finished(const std::vector<uint8_t>& buf);
   private:
      std::vector<uint8_t> serialize() const override;

      std::vector<uint8_t> m_verification_data;
   };

/**
* Hello Request Message
*/
class BOTAN_UNSTABLE_API Hello_Request final : public Handshake_Message
   {
   public:
      Handshake_Type type() const override { return HELLO_REQUEST; }

      explicit Hello_Request(Handshake_IO& io);
      explicit Hello_Request(const std::vector<uint8_t>& buf);
   private:
      std::vector<uint8_t> serialize() const override;
   };

/**
* Server Key Exchange Message
*/
class BOTAN_UNSTABLE_API Server_Key_Exchange final : public Handshake_Message
   {
   public:
      Handshake_Type type() const override { return SERVER_KEX; }

      const std::vector<uint8_t>& params() const { return m_params; }

      bool verify(const Public_Key& server_key,
                  const Handshake_State& state,
                  const Policy& policy) const;

      // Only valid for certain kex types
      const Private_Key& server_kex_key() const;

#if defined(BOTAN_HAS_CECPQ1)
      // Only valid for CECPQ1 negotiation
      const CECPQ1_key& cecpq1_key() const
         {
         BOTAN_ASSERT_NONNULL(m_cecpq1_key);
         return *m_cecpq1_key;
         }
#endif

      Server_Key_Exchange(Handshake_IO& io,
                          Handshake_State& state,
                          const Policy& policy,
                          Credentials_Manager& creds,
                          RandomNumberGenerator& rng,
                          const Private_Key* signing_key = nullptr);

      Server_Key_Exchange(const std::vector<uint8_t>& buf,
                          Kex_Algo kex_alg,
                          Auth_Method sig_alg,
                          Protocol_Version version);

      ~Server_Key_Exchange() = default;
   private:
      std::vector<uint8_t> serialize() const override;

#if defined(BOTAN_HAS_CECPQ1)
      std::unique_ptr<CECPQ1_key> m_cecpq1_key;
#endif

      std::unique_ptr<Private_Key> m_kex_key;

      std::vector<uint8_t> m_params;

      std::vector<uint8_t> m_signature;
      Signature_Scheme m_scheme = Signature_Scheme::NONE;
   };

/**
* Server Hello Done Message
*/
class BOTAN_UNSTABLE_API Server_Hello_Done final : public Handshake_Message
   {
   public:
      Handshake_Type type() const override { return SERVER_HELLO_DONE; }

      Server_Hello_Done(Handshake_IO& io, Handshake_Hash& hash);
      explicit Server_Hello_Done(const std::vector<uint8_t>& buf);
   private:
      std::vector<uint8_t> serialize() const override;
   };

/**
* New Session Ticket Message
*/
class BOTAN_UNSTABLE_API New_Session_Ticket final : public Handshake_Message
   {
   public:
      Handshake_Type type() const override { return NEW_SESSION_TICKET; }

      uint32_t ticket_lifetime_hint() const { return m_ticket_lifetime_hint; }
      const std::vector<uint8_t>& ticket() const { return m_ticket; }

      New_Session_Ticket(Handshake_IO& io,
                         Handshake_Hash& hash,
                         const std::vector<uint8_t>& ticket,
                         uint32_t lifetime);

      New_Session_Ticket(Handshake_IO& io,
                         Handshake_Hash& hash);

      explicit New_Session_Ticket(const std::vector<uint8_t>& buf);
   private:
      std::vector<uint8_t> serialize() const override;

      uint32_t m_ticket_lifetime_hint = 0;
      std::vector<uint8_t> m_ticket;
   };

/**
* Change Cipher Spec
*/
class BOTAN_UNSTABLE_API Change_Cipher_Spec final : public Handshake_Message
   {
   public:
      Handshake_Type type() const override { return HANDSHAKE_CCS; }

      std::vector<uint8_t> serialize() const override
         { return std::vector<uint8_t>(1, 1); }
   };

}

}

#endif

Coverage Report

Created: 2021-02-21 07:20

Line	Count	Source (jump to first uncovered line)
1		/*
2		* TLS Messages
3		* (C) 2004-2011,2015 Jack Lloyd
4		* 2016 Matthias Gierlings
5		*
6		* Botan is released under the Simplified BSD License (see license.txt)
7		*/
8
9		#ifndef BOTAN_TLS_MESSAGES_H_
10		#define BOTAN_TLS_MESSAGES_H_
11
12		#include <botan/tls_extensions.h>
13		#include <botan/tls_handshake_msg.h>
14		#include <botan/tls_session.h>
15		#include <botan/tls_policy.h>
16		#include <botan/tls_ciphersuite.h>
17		#include <botan/pk_keys.h>
18		#include <botan/x509cert.h>
19		#include <botan/ocsp.h>
20		#include <vector>
21		#include <string>
22		#include <set>
23
24		#if defined(BOTAN_HAS_CECPQ1)
25		#include <botan/cecpq1.h>
26		#endif
27
28		namespace Botan {
29
30		class Public_Key;
31		class Credentials_Manager;
32
33		namespace TLS {
34
35		class Session;
36		class Handshake_IO;
37		class Handshake_State;
38		class Callbacks;
39
40		std::vector<uint8_t> make_hello_random(RandomNumberGenerator& rng,
41		const Policy& policy);
42
43		/**
44		* DTLS Hello Verify Request
45		*/
46		class BOTAN_UNSTABLE_API Hello_Verify_Request final : public Handshake_Message
47		{
48		public:
49		std::vector<uint8_t> serialize() const override;
50	16.6k	Handshake_Type type() const override { return HELLO_VERIFY_REQUEST; }
51
52	8.34k	const std::vector<uint8_t>& cookie() const { return m_cookie; }
53
54		explicit Hello_Verify_Request(const std::vector<uint8_t>& buf);
55
56		Hello_Verify_Request(const std::vector<uint8_t>& client_hello_bits,
57		const std::string& client_identity,
58		const SymmetricKey& secret_key);
59		private:
60		std::vector<uint8_t> m_cookie;
61		};
62
63		/**
64		* Client Hello Message
65		*/
66		class BOTAN_UNSTABLE_API Client_Hello final : public Handshake_Message
67		{
68		public:
69		class Settings final
70		{
71		public:
72		Settings(const Protocol_Version version,
73		const std::string& hostname = "") :
74		m_new_session_version(version),
75	6.31k	m_hostname(hostname) {}
76
77	12.6k	const Protocol_Version protocol_version() const { return m_new_session_version; }
78	12.6k	const std::string& hostname() const { return m_hostname; }
79
80		private:
81		const Protocol_Version m_new_session_version;
82		const std::string m_hostname;
83		};
84
85	12.6k	Handshake_Type type() const override { return CLIENT_HELLO; }
86
87	44.9k	Protocol_Version version() const { return m_version; }
88
89		std::vector<Protocol_Version> supported_versions() const;
90
91	19.9k	const std::vector<uint8_t>& random() const { return m_random; }
92
93	23.1k	const std::vector<uint8_t>& session_id() const { return m_session_id; }
94
95	30.3k	const std::vector<uint8_t>& compression_methods() const { return m_comp_methods; }
96
97	21.9k	const std::vector<uint16_t>& ciphersuites() const { return m_suites; }
98
99		bool offered_suite(uint16_t ciphersuite) const;
100
101		bool sent_fallback_scsv() const;
102
103		std::vector<Signature_Scheme> signature_schemes() const;
104
105		std::vector<Group_Params> supported_ecc_curves() const;
106
107		std::vector<Group_Params> supported_dh_groups() const;
108
109		bool prefers_compressed_ec_points() const;
110
111		std::string sni_hostname() const;
112
113		bool secure_renegotiation() const;
114
115		std::vector<uint8_t> renegotiation_info() const;
116
117		bool supports_session_ticket() const;
118
119		std::vector<uint8_t> session_ticket() const;
120
121		bool supports_alpn() const;
122
123		bool supports_extended_master_secret() const;
124
125		bool supports_cert_status_message() const;
126
127		bool supports_encrypt_then_mac() const;
128
129		bool sent_signature_algorithms() const;
130
131		std::vector<std::string> next_protocols() const;
132
133		std::vector<uint16_t> srtp_profiles() const;
134
135		void update_hello_cookie(const Hello_Verify_Request& hello_verify);
136
137	8.34k	const std::vector<uint8_t>& cookie() const { return m_hello_cookie; }
138
139		std::vector<uint8_t> cookie_input_data() const;
140
141		std::set<Handshake_Extension_Type> extension_types() const
142	25.7k	{ return m_extensions.extension_types(); }
143
144	21.9k	const Extensions& extensions() const { return m_extensions; }
145
146		Client_Hello(Handshake_IO& io,
147		Handshake_Hash& hash,
148		const Policy& policy,
149		Callbacks& cb,
150		RandomNumberGenerator& rng,
151		const std::vector<uint8_t>& reneg_info,
152		const Client_Hello::Settings& client_settings,
153		const std::vector<std::string>& next_protocols);
154
155		Client_Hello(Handshake_IO& io,
156		Handshake_Hash& hash,
157		const Policy& policy,
158		Callbacks& cb,
159		RandomNumberGenerator& rng,
160		const std::vector<uint8_t>& reneg_info,
161		const Session& resumed_session,
162		const std::vector<std::string>& next_protocols);
163
164		explicit Client_Hello(const std::vector<uint8_t>& buf);
165
166		private:
167		std::vector<uint8_t> serialize() const override;
168
169		Protocol_Version m_version;
170		std::vector<uint8_t> m_session_id;
171		std::vector<uint8_t> m_random;
172		std::vector<uint16_t> m_suites;
173		std::vector<uint8_t> m_comp_methods;
174		std::vector<uint8_t> m_hello_cookie; // DTLS only
175		std::vector<uint8_t> m_cookie_input_bits; // DTLS only
176
177		Extensions m_extensions;
178		};
179
180		/**
181		* Server Hello Message
182		*/
183		class BOTAN_UNSTABLE_API Server_Hello final : public Handshake_Message
184		{
185		public:
186		class Settings final
187		{
188		public:
189		Settings(const std::vector<uint8_t> new_session_id,
190		Protocol_Version new_session_version,
191		uint16_t ciphersuite,
192		bool offer_session_ticket) :
193		m_new_session_id(new_session_id),
194		m_new_session_version(new_session_version),
195		m_ciphersuite(ciphersuite),
196	21.6k	m_offer_session_ticket(offer_session_ticket) {}
197
198	21.6k	const std::vector<uint8_t>& session_id() const { return m_new_session_id; }
199	21.6k	Protocol_Version protocol_version() const { return m_new_session_version; }
200	21.6k	uint16_t ciphersuite() const { return m_ciphersuite; }
201	1.93k	bool offer_session_ticket() const { return m_offer_session_ticket; }
202
203		private:
204		const std::vector<uint8_t> m_new_session_id;
205		Protocol_Version m_new_session_version;
206		uint16_t m_ciphersuite;
207		bool m_offer_session_ticket;
208		};
209
210
211	43.2k	Handshake_Type type() const override { return SERVER_HELLO; }
212
213	19.7k	Protocol_Version version() const { return m_version; }
214
215	19.9k	const std::vector<uint8_t>& random() const { return m_random; }
216
217	6.58k	const std::vector<uint8_t>& session_id() const { return m_session_id; }
218
219	41.6k	uint16_t ciphersuite() const { return m_ciphersuite; }
220
221	7.61k	uint8_t compression_method() const { return m_comp_method; }
222
223		bool secure_renegotiation() const
224	26.4k	{
225	26.4k	return m_extensions.has<Renegotiation_Extension>();
226	26.4k	}
227
228		std::vector<uint8_t> renegotiation_info() const
229	16.4k	{
230	16.4k	if(Renegotiation_Extension* reneg = m_extensions.get<Renegotiation_Extension>())
231	16.4k	return reneg->renegotiation_info();
232	0	return std::vector<uint8_t>();
233	0	}
234
235		bool supports_extended_master_secret() const
236	10.5k	{
237	10.5k	return m_extensions.has<Extended_Master_Secret>();
238	10.5k	}
239
240		bool supports_encrypt_then_mac() const
241	3.04k	{
242	3.04k	return m_extensions.has<Encrypt_then_MAC>();
243	3.04k	}
244
245		bool supports_certificate_status_message() const
246	879	{
247	879	return m_extensions.has<Certificate_Status_Request>();
248	879	}
249
250		bool supports_session_ticket() const
251	1.61k	{
252	1.61k	return m_extensions.has<Session_Ticket>();
253	1.61k	}
254
255		uint16_t srtp_profile() const
256	5.14k	{
257	5.14k	if(auto srtp = m_extensions.get<SRTP_Protection_Profiles>())
258	0	{
259	0	auto prof = srtp->profiles();
260	0	if(prof.size() != 1 \|\| prof[0] == 0)
261	0	throw Decoding_Error("Server sent malformed DTLS-SRTP extension");
262	0	return prof[0];
263	0	}
264
265	5.14k	return 0;
266	5.14k	}
267
268		std::string next_protocol() const
269	4.80k	{
270	4.80k	if(auto alpn = m_extensions.get<Application_Layer_Protocol_Notification>())
271	0	return alpn->single_protocol();
272	4.80k	return "";
273	4.80k	}
274
275		std::set<Handshake_Extension_Type> extension_types() const
276	4.88k	{ return m_extensions.extension_types(); }
277
278	4.80k	const Extensions& extensions() const { return m_extensions; }
279
280		bool prefers_compressed_ec_points() const
281	754	{
282	754	if(auto ecc_formats = m_extensions.get<Supported_Point_Formats>())
283	11	{
284	11	return ecc_formats->prefers_compressed();
285	11	}
286	743	return false;
287	743	}
288
289		bool random_signals_downgrade() const;
290
291		Server_Hello(Handshake_IO& io,
292		Handshake_Hash& hash,
293		const Policy& policy,
294		Callbacks& cb,
295		RandomNumberGenerator& rng,
296		const std::vector<uint8_t>& secure_reneg_info,
297		const Client_Hello& client_hello,
298		const Server_Hello::Settings& settings,
299		const std::string next_protocol);
300
301		Server_Hello(Handshake_IO& io,
302		Handshake_Hash& hash,
303		const Policy& policy,
304		Callbacks& cb,
305		RandomNumberGenerator& rng,
306		const std::vector<uint8_t>& secure_reneg_info,
307		const Client_Hello& client_hello,
308		Session& resumed_session,
309		bool offer_session_ticket,
310		const std::string& next_protocol);
311
312		explicit Server_Hello(const std::vector<uint8_t>& buf);
313		private:
314		std::vector<uint8_t> serialize() const override;
315
316		Protocol_Version m_version;
317		std::vector<uint8_t> m_session_id, m_random;
318		uint16_t m_ciphersuite;
319		uint8_t m_comp_method;
320
321		Extensions m_extensions;
322		};
323
324		/**
325		* Client Key Exchange Message
326		*/
327		class BOTAN_UNSTABLE_API Client_Key_Exchange final : public Handshake_Message
328		{
329		public:
330	2.39k	Handshake_Type type() const override { return CLIENT_KEX; }
331
332		const secure_vector<uint8_t>& pre_master_secret() const
333	10.1k	{ return m_pre_master; }
334
335		Client_Key_Exchange(Handshake_IO& io,
336		Handshake_State& state,
337		const Policy& policy,
338		Credentials_Manager& creds,
339		const Public_Key* server_public_key,
340		const std::string& hostname,
341		RandomNumberGenerator& rng);
342
343		Client_Key_Exchange(const std::vector<uint8_t>& buf,
344		const Handshake_State& state,
345		const Private_Key* server_rsa_kex_key,
346		Credentials_Manager& creds,
347		const Policy& policy,
348		RandomNumberGenerator& rng);
349
350		private:
351		std::vector<uint8_t> serialize() const override
352	1.19k	{ return m_key_material; }
353
354		std::vector<uint8_t> m_key_material;
355		secure_vector<uint8_t> m_pre_master;
356		};
357
358		/**
359		* Certificate Message
360		*/
361		class BOTAN_UNSTABLE_API Certificate final : public Handshake_Message
362		{
363		public:
364	306	Handshake_Type type() const override { return CERTIFICATE; }
365	1.77k	const std::vector<X509_Certificate>& cert_chain() const { return m_certs; }
366
367	0	size_t count() const { return m_certs.size(); }
368	0	bool empty() const { return m_certs.empty(); }
369
370		Certificate(Handshake_IO& io,
371		Handshake_Hash& hash,
372		const std::vector<X509_Certificate>& certs);
373
374		explicit Certificate(const std::vector<uint8_t>& buf, const Policy &policy);
375		private:
376		std::vector<uint8_t> serialize() const override;
377
378		std::vector<X509_Certificate> m_certs;
379		};
380
381		/**
382		* Certificate Status (RFC 6066)
383		*/
384		class BOTAN_UNSTABLE_API Certificate_Status final : public Handshake_Message
385		{
386		public:
387	0	Handshake_Type type() const override { return CERTIFICATE_STATUS; }
388
389		//std::shared_ptr<const OCSP::Response> response() const { return m_response; }
390
391	0	const std::vector<uint8_t>& response() const { return m_response; }
392
393		Certificate_Status(const std::vector<uint8_t>& buf);
394
395		Certificate_Status(Handshake_IO& io,
396		Handshake_Hash& hash,
397		std::shared_ptr<const OCSP::Response> response);
398
399		/*
400		* Create a Certificate_Status message using an already DER encoded OCSP response.
401		*/
402		Certificate_Status(Handshake_IO& io,
403		Handshake_Hash& hash,
404		std::vector<uint8_t> const& raw_response_bytes );
405
406		private:
407		std::vector<uint8_t> serialize() const override;
408		std::vector<uint8_t> m_response;
409		};
410
411		/**
412		* Certificate Request Message
413		*/
414		class BOTAN_UNSTABLE_API Certificate_Req final : public Handshake_Message
415		{
416		public:
417	0	Handshake_Type type() const override { return CERTIFICATE_REQUEST; }
418
419		const std::vector<std::string>& acceptable_cert_types() const
420	0	{ return m_cert_key_types; }
421
422	0	const std::vector<X509_DN>& acceptable_CAs() const { return m_names; }
423
424		const std::vector<Signature_Scheme>& signature_schemes() const
425	0	{
426	0	return m_schemes;
427	0	}
428
429		Certificate_Req(Handshake_IO& io,
430		Handshake_Hash& hash,
431		const Policy& policy,
432		const std::vector<X509_DN>& allowed_cas,
433		Protocol_Version version);
434
435		Certificate_Req(const std::vector<uint8_t>& buf,
436		Protocol_Version version);
437		private:
438		std::vector<uint8_t> serialize() const override;
439
440		std::vector<X509_DN> m_names;
441		std::vector<std::string> m_cert_key_types;
442
443		std::vector<Signature_Scheme> m_schemes;
444		};
445
446		/**
447		* Certificate Verify Message
448		*/
449		class BOTAN_UNSTABLE_API Certificate_Verify final : public Handshake_Message
450		{
451		public:
452	0	Handshake_Type type() const override { return CERTIFICATE_VERIFY; }
453
454		/**
455		* Check the signature on a certificate verify message
456		* @param cert the purported certificate
457		* @param state the handshake state
458		* @param policy the TLS policy
459		*/
460		bool verify(const X509_Certificate& cert,
461		const Handshake_State& state,
462		const Policy& policy) const;
463
464		Certificate_Verify(Handshake_IO& io,
465		Handshake_State& state,
466		const Policy& policy,
467		RandomNumberGenerator& rng,
468		const Private_Key* key);
469
470		Certificate_Verify(const std::vector<uint8_t>& buf,
471		Protocol_Version version);
472		private:
473		std::vector<uint8_t> serialize() const override;
474
475		std::vector<uint8_t> m_signature;
476		Signature_Scheme m_scheme = Signature_Scheme::NONE;
477		};
478
479		/**
480		* Finished Message
481		*/
482		class BOTAN_UNSTABLE_API Finished final : public Handshake_Message
483		{
484		public:
485	2.96k	Handshake_Type type() const override { return FINISHED; }
486
487		std::vector<uint8_t> verify_data() const
488	0	{ return m_verification_data; }
489
490		bool verify(const Handshake_State& state,
491		Connection_Side side) const;
492
493		Finished(Handshake_IO& io,
494		Handshake_State& state,
495		Connection_Side side);
496
497		explicit Finished(const std::vector<uint8_t>& buf);
498		private:
499		std::vector<uint8_t> serialize() const override;
500
501		std::vector<uint8_t> m_verification_data;
502		};
503
504		/**
505		* Hello Request Message
506		*/
507		class BOTAN_UNSTABLE_API Hello_Request final : public Handshake_Message
508		{
509		public:
510	0	Handshake_Type type() const override { return HELLO_REQUEST; }
511
512		explicit Hello_Request(Handshake_IO& io);
513		explicit Hello_Request(const std::vector<uint8_t>& buf);
514		private:
515		std::vector<uint8_t> serialize() const override;
516		};
517
518		/**
519		* Server Key Exchange Message
520		*/
521		class BOTAN_UNSTABLE_API Server_Key_Exchange final : public Handshake_Message
522		{
523		public:
524	42.9k	Handshake_Type type() const override { return SERVER_KEX; }
525
526	22.8k	const std::vector<uint8_t>& params() const { return m_params; }
527
528		bool verify(const Public_Key& server_key,
529		const Handshake_State& state,
530		const Policy& policy) const;
531
532		// Only valid for certain kex types
533		const Private_Key& server_kex_key() const;
534
535		#if defined(BOTAN_HAS_CECPQ1)
536		// Only valid for CECPQ1 negotiation
537		const CECPQ1_key& cecpq1_key() const
538	0	{
539	0	BOTAN_ASSERT_NONNULL(m_cecpq1_key);
540	0	return *m_cecpq1_key;
541	0	} Unexecuted instantiation: Botan::TLS::Server_Key_Exchange::cecpq1_key() const Unexecuted instantiation: Botan::TLS::Server_Key_Exchange::cecpq1_key() const
542		#endif
543
544		Server_Key_Exchange(Handshake_IO& io,
545		Handshake_State& state,
546		const Policy& policy,
547		Credentials_Manager& creds,
548		RandomNumberGenerator& rng,
549		const Private_Key* signing_key = nullptr);
550
551		Server_Key_Exchange(const std::vector<uint8_t>& buf,
552		Kex_Algo kex_alg,
553		Auth_Method sig_alg,
554		Protocol_Version version);
555
556	22.8k	~Server_Key_Exchange() = default;
557		private:
558		std::vector<uint8_t> serialize() const override;
559
560		#if defined(BOTAN_HAS_CECPQ1)
561		std::unique_ptr<CECPQ1_key> m_cecpq1_key;
562		#endif
563
564		std::unique_ptr<Private_Key> m_kex_key;
565
566		std::vector<uint8_t> m_params;
567
568		std::vector<uint8_t> m_signature;
569		Signature_Scheme m_scheme = Signature_Scheme::NONE;
570		};
571
572		/**
573		* Server Hello Done Message
574		*/
575		class BOTAN_UNSTABLE_API Server_Hello_Done final : public Handshake_Message
576		{
577		public:
578	42.9k	Handshake_Type type() const override { return SERVER_HELLO_DONE; }
579
580		Server_Hello_Done(Handshake_IO& io, Handshake_Hash& hash);
581		explicit Server_Hello_Done(const std::vector<uint8_t>& buf);
582		private:
583		std::vector<uint8_t> serialize() const override;
584		};
585
586		/**
587		* New Session Ticket Message
588		*/
589		class BOTAN_UNSTABLE_API New_Session_Ticket final : public Handshake_Message
590		{
591		public:
592	314	Handshake_Type type() const override { return NEW_SESSION_TICKET; }
593
594	0	uint32_t ticket_lifetime_hint() const { return m_ticket_lifetime_hint; }
595	0	const std::vector<uint8_t>& ticket() const { return m_ticket; }
596
597		New_Session_Ticket(Handshake_IO& io,
598		Handshake_Hash& hash,
599		const std::vector<uint8_t>& ticket,
600		uint32_t lifetime);
601
602		New_Session_Ticket(Handshake_IO& io,
603		Handshake_Hash& hash);
604
605		explicit New_Session_Ticket(const std::vector<uint8_t>& buf);
606		private:
607		std::vector<uint8_t> serialize() const override;
608
609		uint32_t m_ticket_lifetime_hint = 0;
610		std::vector<uint8_t> m_ticket;
611		};
612
613		/**
614		* Change Cipher Spec
615		*/
616		class BOTAN_UNSTABLE_API Change_Cipher_Spec final : public Handshake_Message
617		{
618		public:
619	1.48k	Handshake_Type type() const override { return HANDSHAKE_CCS; }
620
621		std::vector<uint8_t> serialize() const override
622	1.48k	{ return std::vector<uint8_t>(1, 1); }
623		};
624
625		}
626
627		}
628
629		#endif