Botan::TLS::Channel_Impl_12 Class Reference

#include <tls_channel_impl_12.h>

Inheritance diagram for Botan::TLS::Channel_Impl_12:

Public Types
typedef std::function< void(Alert, const uint8_t[], size_t)>	alert_cb
typedef std::function< void(const uint8_t[], size_t)>	data_cb
typedef std::function< bool(const Session &)>	handshake_cb
typedef std::function< void(const Handshake_Message &)>	handshake_msg_cb
typedef std::function< void(const uint8_t[], size_t)>	output_fn

Public Member Functions
virtual std::string	application_protocol () const =0
	Channel_Impl_12 (const Channel_Impl_12 &)=delete
	Channel_Impl_12 (const std::shared_ptr< Callbacks > &callbacks, const std::shared_ptr< Session_Manager > &session_manager, const std::shared_ptr< RandomNumberGenerator > &rng, const std::shared_ptr< const Policy > &policy, bool is_server, bool is_datagram, size_t io_buf_sz=TLS::Channel::IO_BUF_DEFAULT_SIZE)
void	close ()
bool	expects_downgrade () const
std::unique_ptr< Downgrade_Information >	extract_downgrade_info ()
size_t	from_peer (std::span< const uint8_t > data) override
bool	is_active () const override
bool	is_closed () const override
bool	is_closed_for_reading () const override
bool	is_closed_for_writing () const override
bool	is_downgrading () const
SymmetricKey	key_material_export (std::string_view label, std::string_view context, size_t length) const override
virtual bool	new_session_ticket_supported () const
Channel_Impl_12 &	operator= (const Channel_Impl_12 &)=delete
std::vector< X509_Certificate >	peer_cert_chain () const override
void	renegotiate (bool force_full_renegotiation=false) override
bool	secure_renegotiation_supported () const override
void	send_alert (const Alert &alert) override
void	send_fatal_alert (Alert::Type type)
virtual size_t	send_new_session_tickets (const size_t)
void	send_warning_alert (Alert::Type type)
bool	timeout_check () override
void	to_peer (std::span< const uint8_t > data) override
void	update_traffic_keys (bool request_peer_update=false) override
virtual	~Channel_Impl_12 ()

Protected Member Functions
void	activate_session ()
Callbacks &	callbacks () const
void	change_cipher_spec_reader (Connection_Side side)
void	change_cipher_spec_writer (Connection_Side side)
Handshake_State &	create_handshake_state (Protocol_Version version)
virtual std::vector< X509_Certificate >	get_peer_cert_chain (const Handshake_State &state) const =0
virtual void	initiate_handshake (Handshake_State &state, bool force_full_renegotiation)=0
void	inspect_handshake_message (const Handshake_Message &msg)
virtual std::unique_ptr< Handshake_State >	new_handshake_state (std::unique_ptr< class Handshake_IO > io)=0
const Policy &	policy () const
void	preserve_client_hello (std::span< const uint8_t > msg)
void	preserve_peer_transcript (std::span< const uint8_t > input)
virtual void	process_handshake_msg (const Handshake_State *active_state, Handshake_State &pending_state, Handshake_Type type, const std::vector< uint8_t > &contents, bool epoch0_restart)=0
void	request_downgrade ()
void	request_downgrade_for_resumption (Session_with_Handle session)
void	reset_active_association_state ()
RandomNumberGenerator &	rng ()
void	secure_renegotiation_check (const Client_Hello_12 *client_hello)
void	secure_renegotiation_check (const Server_Hello_12 *server_hello)
std::vector< uint8_t >	secure_renegotiation_data_for_client_hello () const
std::vector< uint8_t >	secure_renegotiation_data_for_server_hello () const
Session_Manager &	session_manager ()
void	set_io_buffer_size (size_t io_buf_sz)

Protected Attributes
std::unique_ptr< Downgrade_Information >	m_downgrade_info

Detailed Description

Generic interface for TLSv.12 endpoint

Definition at line 40 of file tls_channel_impl_12.h.

Member Typedef Documentation

alert_cb

typedef std::function<void (Alert, const uint8_t[], size_t)> Botan::TLS::Channel_Impl_12::alert_cb

Definition at line 45 of file tls_channel_impl_12.h.

data_cb

typedef std::function<void (const uint8_t[], size_t)> Botan::TLS::Channel_Impl_12::data_cb

Definition at line 44 of file tls_channel_impl_12.h.

handshake_cb

typedef std::function<bool (const Session&)> Botan::TLS::Channel_Impl_12::handshake_cb

Definition at line 46 of file tls_channel_impl_12.h.

handshake_msg_cb

typedef std::function<void (const Handshake_Message&)> Botan::TLS::Channel_Impl_12::handshake_msg_cb

Definition at line 47 of file tls_channel_impl_12.h.

output_fn

typedef std::function<void (const uint8_t[], size_t)> Botan::TLS::Channel_Impl_12::output_fn

Definition at line 43 of file tls_channel_impl_12.h.

Constructor & Destructor Documentation

Channel_Impl_12() [1/2]

Botan::TLS::Channel_Impl_12::Channel_Impl_12 ( const std::shared_ptr< Callbacks > &  callbacks, const std::shared_ptr< Session_Manager > &  session_manager, const std::shared_ptr< RandomNumberGenerator > &  rng, const std::shared_ptr< const Policy > &  policy, bool  is_server, bool  is_datagram, size_t  io_buf_sz = TLS::Channel::IO_BUF_DEFAULT_SIZE  )

explicit

Set up a new TLS session

Parameters

callbacks	contains a set of callback function references required by the TLS endpoint.
session_manager	manages session state
rng	a random number generator
policy	specifies other connection policy information
is_server	whether this is a server session or not
is_datagram	whether this is a DTLS session
io_buf_sz	This many bytes of memory will be preallocated for the read and write buffers. Smaller values just mean reallocations and copies are more likely.

Definition at line 22 of file tls_channel_impl_12.cpp.

                                                                 :
   m_is_server(is_server),
   m_is_datagram(is_datagram),
   m_callbacks(callbacks),
   m_session_manager(session_manager),
   m_policy(policy),
   m_rng(rng),
   m_has_been_closed(false)
   {
   BOTAN_ASSERT_NONNULL(m_callbacks);
   BOTAN_ASSERT_NONNULL(m_session_manager);
   BOTAN_ASSERT_NONNULL(m_rng);
   BOTAN_ASSERT_NONNULL(m_policy);
 
   /* epoch 0 is plaintext, thus null cipher state */
   m_write_cipher_states[0] = nullptr;
   m_read_cipher_states[0] = nullptr;
 
   m_writebuf.reserve(reserved_io_buffer_size);
   m_readbuf.reserve(reserved_io_buffer_size);
   }

References BOTAN_ASSERT_NONNULL.

Channel_Impl_12() [2/2]

Botan::TLS::Channel_Impl_12::Channel_Impl_12 ( const Channel_Impl_12 &  )

explicitdelete

~Channel_Impl_12()

Botan::TLS::Channel_Impl_12::~Channel_Impl_12 ( )

virtualdefault

Member Function Documentation

activate_session()

void Botan::TLS::Channel_Impl_12::activate_session ( )

protected

Definition at line 255 of file tls_channel_impl_12.cpp.

   {
   std::swap(m_active_state, m_pending_state);
   m_pending_state.reset();
 
   if(!m_active_state->version().is_datagram_protocol())
      {
      // TLS is easy just remove all but the current state
      const uint16_t current_epoch = sequence_numbers().current_write_epoch();
 
      const auto not_current_epoch =
         [current_epoch](uint16_t epoch) { return (epoch != current_epoch); };
 
      map_remove_if(not_current_epoch, m_write_cipher_states);
      map_remove_if(not_current_epoch, m_read_cipher_states);
      }
 
   callbacks().tls_session_activated();
   }

References callbacks(), Botan::TLS::Connection_Sequence_Numbers::current_write_epoch(), Botan::map_remove_if(), and Botan::TLS::Callbacks::tls_session_activated().

application_protocol()

virtual std::string Botan::TLS::Channel_Impl::application_protocol ( ) const

pure virtualinherited

Return the protocol notification set for this connection, if any (ALPN). This value is not tied to the session and a later renegotiation of the same session can choose a new protocol.

Implemented in Botan::TLS::Client_Impl_12, Botan::TLS::Client_Impl_13, and Botan::TLS::Server_Impl_13.

callbacks()

Callbacks & Botan::TLS::Channel_Impl_12::callbacks ( ) const

inlineprotected

Definition at line 177 of file tls_channel_impl_12.h.

{ return *m_callbacks; }

Referenced by activate_session().

change_cipher_spec_reader()

void Botan::TLS::Channel_Impl_12::change_cipher_spec_reader ( Connection_Side  side )

protected

Definition at line 186 of file tls_channel_impl_12.cpp.

   {
   auto pending = pending_state();
 
   BOTAN_ASSERT(pending && pending->server_hello(),
                "Have received server hello");
 
   if(pending->server_hello()->compression_method() != 0)
      throw Internal_Error("Negotiated unknown compression algorithm");
 
   sequence_numbers().new_read_cipher_state();
 
   const uint16_t epoch = sequence_numbers().current_read_epoch();
 
   BOTAN_ASSERT(!m_read_cipher_states.contains(epoch),
                "No read cipher state currently set for next epoch");
 
   // flip side as we are reading
   std::shared_ptr<Connection_Cipher_State> read_state(
      new Connection_Cipher_State(pending->version(),
                                  (side == Connection_Side::Client) ? Connection_Side::Server : Connection_Side::Client,
                                  false,
                                  pending->ciphersuite(),
                                  pending->session_keys(),
                                  pending->server_hello()->supports_encrypt_then_mac()));
 
   m_read_cipher_states[epoch] = read_state;
   }

References BOTAN_ASSERT, Botan::TLS::Client, Botan::TLS::Connection_Sequence_Numbers::current_read_epoch(), Botan::TLS::Connection_Sequence_Numbers::new_read_cipher_state(), and Botan::TLS::Server.

change_cipher_spec_writer()

void Botan::TLS::Channel_Impl_12::change_cipher_spec_writer ( Connection_Side  side )

protected

Definition at line 215 of file tls_channel_impl_12.cpp.

   {
   auto pending = pending_state();
 
   BOTAN_ASSERT(pending && pending->server_hello(),
                "Have received server hello");
 
   if(pending->server_hello()->compression_method() != 0)
      throw Internal_Error("Negotiated unknown compression algorithm");
 
   sequence_numbers().new_write_cipher_state();
 
   const uint16_t epoch = sequence_numbers().current_write_epoch();
 
   BOTAN_ASSERT(!m_write_cipher_states.contains(epoch),
                "No write cipher state currently set for next epoch");
 
   std::shared_ptr<Connection_Cipher_State> write_state(
      new Connection_Cipher_State(pending->version(),
                                  side,
                                  true,
                                  pending->ciphersuite(),
                                  pending->session_keys(),
                                  pending->server_hello()->supports_encrypt_then_mac()));
 
   m_write_cipher_states[epoch] = write_state;
   }

References BOTAN_ASSERT, Botan::TLS::Connection_Sequence_Numbers::current_write_epoch(), and Botan::TLS::Connection_Sequence_Numbers::new_write_cipher_state().

close()

void Botan::TLS::Channel_Impl::close ( )

inlineinherited

Send a close notification alert

Definition at line 81 of file tls_channel_impl.h.

{ send_warning_alert(Alert::CloseNotify); }

References Botan::TLS::Channel_Impl::send_warning_alert().

create_handshake_state()

Handshake_State & Botan::TLS::Channel_Impl_12::create_handshake_state ( Protocol_Version  version )

protected

Definition at line 105 of file tls_channel_impl_12.cpp.

   {
   if(pending_state())
      throw Internal_Error("create_handshake_state called during handshake");
 
   if(auto active = active_state())
      {
      Protocol_Version active_version = active->version();
 
      if(active_version.is_datagram_protocol() != version.is_datagram_protocol())
         {
         throw TLS_Exception(Alert::ProtocolVersion,
                             "Active state using version " + active_version.to_string() +
                             " cannot change to " + version.to_string() + " in pending");
         }
      }
 
   if(!m_sequence_numbers)
      {
      if(version.is_datagram_protocol())
         m_sequence_numbers = std::make_unique<Datagram_Sequence_Numbers>();
      else
         m_sequence_numbers = std::make_unique<Stream_Sequence_Numbers>();
      }
 
   using namespace std::placeholders;
 
   std::unique_ptr<Handshake_IO> io;
   if(version.is_datagram_protocol())
      {
      io = std::make_unique<Datagram_Handshake_IO>(
                  std::bind(&Channel_Impl_12::send_record_under_epoch, this, _1, _2, _3),
                  sequence_numbers(),
                  static_cast<uint16_t>(policy().dtls_default_mtu()),
                  policy().dtls_initial_timeout(),
                  policy().dtls_maximum_timeout());
      }
   else
      {
      io = std::make_unique<Stream_Handshake_IO>(std::bind(&Channel_Impl_12::send_record, this, _1, _2));
      }
 
   m_pending_state = new_handshake_state(std::move(io));
 
   if(auto active = active_state())
      m_pending_state->set_version(active->version());
 
   return *m_pending_state;
   }

References Botan::TLS::Protocol_Version::is_datagram_protocol(), new_handshake_state(), policy(), and Botan::TLS::Protocol_Version::to_string().

Referenced by Botan::TLS::Client_Impl_12::Client_Impl_12(), and renegotiate().

expects_downgrade()

bool Botan::TLS::Channel_Impl::expects_downgrade ( ) const

inlineinherited

Definition at line 271 of file tls_channel_impl.h.

{ return m_downgrade_info != nullptr; }

References Botan::TLS::Channel_Impl::m_downgrade_info.

Referenced by Botan::TLS::Client_Impl_13::Client_Impl_13(), and Botan::TLS::Channel_Impl_13::from_peer().

extract_downgrade_info()

std::unique_ptr< Downgrade_Information > Botan::TLS::Channel_Impl::extract_downgrade_info ( )

inlineinherited

See also

Downgrade_Information

Definition at line 269 of file tls_channel_impl.h.

{ return std::exchange(m_downgrade_info, {}); }

References Botan::TLS::Channel_Impl::m_downgrade_info.

from_peer()

size_t Botan::TLS::Channel_Impl_12::from_peer ( std::span< const uint8_t >  data )

overridevirtual

Inject TLS traffic received from counterparty

Returns

a hint as the how many more bytes we need to q the current record (this may be 0 if on a record boundary)

Implements Botan::TLS::Channel_Impl.

Definition at line 275 of file tls_channel_impl_12.cpp.

   {
   const bool allow_epoch0_restart = m_is_datagram && m_is_server && policy().allow_dtls_epoch0_restart();
 
   auto input = data.data();
   auto input_size = data.size();
 
   try
      {
      while(input_size)
         {
         size_t consumed = 0;
 
         auto get_epoch = [this](uint16_t epoch) { return read_cipher_state_epoch(epoch); };
 
         const Record_Header record =
            read_record(m_is_datagram,
                        m_readbuf,
                        input,
                        input_size,
                        consumed,
                        m_record_buf,
                        m_sequence_numbers.get(),
                        get_epoch,
                        allow_epoch0_restart);
 
         const size_t needed = record.needed();
 
         BOTAN_ASSERT(consumed > 0, "Got to eat something");
 
         BOTAN_ASSERT(consumed <= input_size,
                      "Record reader consumed sane amount");
 
         input += consumed;
         input_size -= consumed;
 
         BOTAN_ASSERT(input_size == 0 || needed == 0,
                      "Got a full record or consumed all input");
 
         if(input_size == 0 && needed != 0)
            return needed; // need more data to complete record
 
         // Ignore invalid records in DTLS
         if(m_is_datagram && record.type() == Record_Type::Invalid)
            {
            return 0;
            }
 
         if(m_record_buf.size() > MAX_PLAINTEXT_SIZE)
            throw TLS_Exception(Alert::RecordOverflow,
                                "TLS plaintext record is larger than allowed maximum");
 
 
         const bool epoch0_restart = m_is_datagram && record.epoch() == 0 && active_state();
         BOTAN_ASSERT_IMPLICATION(epoch0_restart, allow_epoch0_restart, "Allowed state");
 
         const bool initial_record = epoch0_restart || (!pending_state() && !active_state());
 
         if(record.type() != Record_Type::Alert)
            {
            if(initial_record)
               {
               // For initial records just check for basic sanity
               if(record.version().major_version() != 3 &&
                  record.version().major_version() != 0xFE)
                  {
                  throw TLS_Exception(Alert::ProtocolVersion,
                                      "Received unexpected record version in initial record");
                  }
               }
            else if(auto pending = pending_state())
               {
               if(pending->server_hello() != nullptr && record.version() != pending->version())
                  {
                  throw TLS_Exception(Alert::ProtocolVersion,
                                         "Received unexpected record version");
                  }
               }
            else if(auto active = active_state())
               {
               if(record.version() != active->version())
                  {
                  throw TLS_Exception(Alert::ProtocolVersion,
                                      "Received unexpected record version");
                  }
               }
            }
 
         if(record.type() == Record_Type::Handshake || record.type() == Record_Type::ChangeCipherSpec)
            {
            if(m_has_been_closed)
               throw TLS_Exception(Alert::UnexpectedMessage, "Received handshake data after connection closure");
            process_handshake_ccs(m_record_buf, record.sequence(), record.type(), record.version(), epoch0_restart);
            }
         else if(record.type() == Record_Type::ApplicationData)
            {
            if(m_has_been_closed)
               throw TLS_Exception(Alert::UnexpectedMessage, "Received application data after connection closure");
            if(pending_state() != nullptr)
               throw TLS_Exception(Alert::UnexpectedMessage, "Can't interleave application and handshake data");
            process_application_data(record.sequence(), m_record_buf);
            }
         else if(record.type() == Record_Type::Alert)
            {
            process_alert(m_record_buf);
            }
         else if(record.type() != Record_Type::Invalid)
            throw Unexpected_Message("Unexpected record type " +
                                     std::to_string(static_cast<size_t>(record.type())) +
                                     " from counterparty");
         }
 
      return 0; // on a record boundary
      }
   catch(TLS_Exception& e)
      {
      send_fatal_alert(e.type());
      throw;
      }
   catch(Invalid_Authentication_Tag&)
      {
      send_fatal_alert(Alert::BadRecordMac);
      throw;
      }
   catch(Decoding_Error&)
      {
      send_fatal_alert(Alert::DecodeError);
      throw;
      }
   catch(...)
      {
      send_fatal_alert(Alert::InternalError);
      throw;
      }
   }

References Botan::TLS::Alert, Botan::TLS::Policy::allow_dtls_epoch0_restart(), Botan::TLS::ApplicationData, BOTAN_ASSERT, BOTAN_ASSERT_IMPLICATION, Botan::TLS::ChangeCipherSpec, Botan::TLS::Record_Header::epoch(), Botan::TLS::Handshake, Botan::TLS::Invalid, Botan::TLS::Protocol_Version::major_version(), Botan::TLS::MAX_PLAINTEXT_SIZE, Botan::TLS::Record_Header::needed(), policy(), Botan::TLS::read_record(), Botan::TLS::Channel_Impl::send_fatal_alert(), Botan::TLS::Record_Header::sequence(), Botan::TLS::Record_Header::type(), Botan::TLS::TLS_Exception::type(), and Botan::TLS::Record_Header::version().

get_peer_cert_chain()

virtual std::vector< X509_Certificate > Botan::TLS::Channel_Impl_12::get_peer_cert_chain ( const Handshake_State &  state ) const

protectedpure virtual

Referenced by peer_cert_chain().

initiate_handshake()

virtual void Botan::TLS::Channel_Impl_12::initiate_handshake ( Handshake_State &  state, bool  force_full_renegotiation  )

protectedpure virtual

Referenced by renegotiate().

inspect_handshake_message()

void Botan::TLS::Channel_Impl_12::inspect_handshake_message ( const Handshake_Message &  msg )

protected

is_active()

bool Botan::TLS::Channel_Impl_12::is_active ( ) const

overridevirtual

Returns

true iff the connection is active for sending application data

Implements Botan::TLS::Channel_Impl.

Definition at line 243 of file tls_channel_impl_12.cpp.

   {
   if(is_closed())
      return false;
   return (active_state() != nullptr);
   }

References is_closed().

Referenced by to_peer().

is_closed()

bool Botan::TLS::Channel_Impl_12::is_closed ( ) const

overridevirtual

Returns

true iff the connection has been definitely closed

Implements Botan::TLS::Channel_Impl.

Definition at line 250 of file tls_channel_impl_12.cpp.

   {
   return m_has_been_closed;
   }

Referenced by is_active(), is_closed_for_reading(), is_closed_for_writing(), and send_alert().

is_closed_for_reading()

bool Botan::TLS::Channel_Impl_12::is_closed_for_reading ( ) const

inlineoverridevirtual

Returns

true iff the connection is active for sending application data

Implements Botan::TLS::Channel_Impl.

Definition at line 97 of file tls_channel_impl_12.h.

{ return is_closed(); }

References is_closed().

is_closed_for_writing()

bool Botan::TLS::Channel_Impl_12::is_closed_for_writing ( ) const

inlineoverridevirtual

Returns

true iff the connection has been definitely closed

Implements Botan::TLS::Channel_Impl.

Definition at line 98 of file tls_channel_impl_12.h.

{ return is_closed(); }

References is_closed().

is_downgrading()

bool Botan::TLS::Channel_Impl::is_downgrading ( ) const

inlineinherited

Indicates whether a downgrade to TLS 1.2 or lower is in progress

See also

Downgrade_Information

Definition at line 264 of file tls_channel_impl.h.

{ return m_downgrade_info && m_downgrade_info->will_downgrade; }

References Botan::TLS::Channel_Impl::m_downgrade_info.

Referenced by Botan::TLS::Channel_Impl_13::from_peer(), Botan::TLS::Channel_Impl_13::key_material_export(), and Botan::TLS::Channel_Impl_13::update_traffic_keys().

key_material_export()

SymmetricKey Botan::TLS::Channel_Impl_12::key_material_export ( std::string_view  label, std::string_view  context, size_t  length  ) const

overridevirtual

Key material export (RFC 5705)

Parameters

label	a disambiguating label string
context	a per-association context value
length	the length of the desired key in bytes

Returns

key of length bytes

Implements Botan::TLS::Channel_Impl.

Definition at line 701 of file tls_channel_impl_12.cpp.

   {
   if(auto active = active_state())
      {
      if(pending_state() != nullptr)
         { throw Invalid_State("Channel_Impl_12::key_material_export cannot export during renegotiation"); }
 
      auto prf = active->protocol_specific_prf();
 
      const secure_vector<uint8_t>& master_secret =
         active->session_keys().master_secret();
 
      std::vector<uint8_t> salt;
      salt += active->client_hello()->random();
      salt += active->server_hello()->random();
 
      if(!context.empty())
         {
         size_t context_size = context.length();
         if(context_size > 0xFFFF)
            throw Invalid_Argument("key_material_export context is too long");
         salt.push_back(get_byte<0>(static_cast<uint16_t>(context_size)));
         salt.push_back(get_byte<1>(static_cast<uint16_t>(context_size)));
         salt += to_byte_vector(context);
         }
 
      return SymmetricKey(prf->derive_key(length, master_secret, salt, to_byte_vector(label)));
      }
   else
      {
      throw Invalid_State("Channel_Impl_12::key_material_export connection not active");
      }
   }

References Botan::to_byte_vector().

new_handshake_state()

virtual std::unique_ptr< Handshake_State > Botan::TLS::Channel_Impl_12::new_handshake_state ( std::unique_ptr< class Handshake_IO >  io )

protectedpure virtual

Referenced by create_handshake_state().

new_session_ticket_supported()

virtual bool Botan::TLS::Channel_Impl::new_session_ticket_supported ( ) const

inlinevirtualinherited

Returns

true if this channel can issue TLS 1.3 style session tickets.

Reimplemented in Botan::TLS::Server_Impl_13.

Definition at line 129 of file tls_channel_impl.h.

{ return false; }

operator=()

Channel_Impl_12 & Botan::TLS::Channel_Impl_12::operator= ( const Channel_Impl_12 &  )

delete

peer_cert_chain()

std::vector< X509_Certificate > Botan::TLS::Channel_Impl_12::peer_cert_chain ( ) const

overridevirtual

Returns

certificate chain of the peer (may be empty)

Implements Botan::TLS::Channel_Impl.

Definition at line 98 of file tls_channel_impl_12.cpp.

   {
   if(auto active = active_state())
      return get_peer_cert_chain(*active);
   return std::vector<X509_Certificate>();
   }

References get_peer_cert_chain().

policy()

const Policy & Botan::TLS::Channel_Impl_12::policy ( ) const

inlineprotected

Definition at line 175 of file tls_channel_impl_12.h.

{ return *m_policy; }

Referenced by create_handshake_state(), from_peer(), and renegotiate().

preserve_client_hello()

void Botan::TLS::Channel_Impl::preserve_client_hello ( std::span< const uint8_t >  msg )

inlineprotectedinherited

Definition at line 219 of file tls_channel_impl.h.

         {
         BOTAN_STATE_CHECK(m_downgrade_info);
         m_downgrade_info->client_hello_message.assign(msg.begin(), msg.end());
         }

References BOTAN_STATE_CHECK, and Botan::TLS::Channel_Impl::m_downgrade_info.

Referenced by Botan::TLS::Client_Impl_13::Client_Impl_13().

preserve_peer_transcript()

void Botan::TLS::Channel_Impl::preserve_peer_transcript ( std::span< const uint8_t >  input )

inlineprotectedinherited

Definition at line 212 of file tls_channel_impl.h.

         {
         BOTAN_STATE_CHECK(m_downgrade_info);
         m_downgrade_info->peer_transcript.insert(m_downgrade_info->peer_transcript.end(),
                                                  input.begin(), input.end());
         }

References BOTAN_STATE_CHECK, and Botan::TLS::Channel_Impl::m_downgrade_info.

Referenced by Botan::TLS::Channel_Impl_13::from_peer().

process_handshake_msg()

virtual void Botan::TLS::Channel_Impl_12::process_handshake_msg ( const Handshake_State *  active_state, Handshake_State &  pending_state, Handshake_Type  type, const std::vector< uint8_t > &  contents, bool  epoch0_restart  )

protectedpure virtual

renegotiate()

void Botan::TLS::Channel_Impl_12::renegotiate ( bool  force_full_renegotiation = false )

overridevirtual

Attempt to renegotiate the session

Parameters

force_full_renegotiation

if true, require a full renegotiation, otherwise allow session resumption

Implements Botan::TLS::Channel_Impl.

Definition at line 164 of file tls_channel_impl_12.cpp.

   {
   if(pending_state()) // currently in handshake?
      return;
 
   if(auto active = active_state())
      {
      if(force_full_renegotiation == false)
         force_full_renegotiation = !policy().allow_resumption_for_renegotiation();
 
      initiate_handshake(create_handshake_state(active->version()),
                         force_full_renegotiation);
      }
   else
      throw Invalid_State("Cannot renegotiate on inactive connection");
   }

References Botan::TLS::Policy::allow_resumption_for_renegotiation(), create_handshake_state(), initiate_handshake(), and policy().

request_downgrade()

void Botan::TLS::Channel_Impl::request_downgrade ( )

inlineprotectedinherited

Implementations use this to signal that the peer indicated a protocol version downgrade. After calling request_downgrade() no further state changes must be perfomed by the implementation. Particularly, no further handshake messages must be emitted. Instead, they must yield control flow back to the underlying Channel implementation to perform the protocol version downgrade.

Definition at line 241 of file tls_channel_impl.h.

         {
         BOTAN_STATE_CHECK(m_downgrade_info && !m_downgrade_info->will_downgrade);
         m_downgrade_info->will_downgrade = true;
         }

References BOTAN_STATE_CHECK, and Botan::TLS::Channel_Impl::m_downgrade_info.

Referenced by Botan::TLS::Channel_Impl::request_downgrade_for_resumption().

request_downgrade_for_resumption()

void Botan::TLS::Channel_Impl::request_downgrade_for_resumption ( Session_with_Handle  session )

inlineprotectedinherited

Definition at line 247 of file tls_channel_impl.h.

         {
         BOTAN_STATE_CHECK(m_downgrade_info &&
                           m_downgrade_info->client_hello_message.empty() &&
                           m_downgrade_info->peer_transcript.empty() &&
                           !m_downgrade_info->tls12_session.has_value());
         BOTAN_ASSERT_NOMSG(session.session.version().is_pre_tls_13());
         m_downgrade_info->tls12_session = std::move(session);
         request_downgrade();
         }

References BOTAN_ASSERT_NOMSG, BOTAN_STATE_CHECK, Botan::TLS::Protocol_Version::is_pre_tls_13(), Botan::TLS::Channel_Impl::m_downgrade_info, Botan::TLS::Channel_Impl::request_downgrade(), Botan::TLS::Session_with_Handle::session, and Botan::TLS::Session_Base::version().

Referenced by Botan::TLS::Client_Impl_13::Client_Impl_13().

reset_active_association_state()

void Botan::TLS::Channel_Impl_12::reset_active_association_state ( )

protected

Definition at line 59 of file tls_channel_impl_12.cpp.

   {
   // This operation only makes sense for DTLS
   BOTAN_ASSERT_NOMSG(m_is_datagram);
   m_active_state.reset();
   m_read_cipher_states.clear();
   m_write_cipher_states.clear();
 
   m_write_cipher_states[0] = nullptr;
   m_read_cipher_states[0] = nullptr;
 
   if(m_sequence_numbers)
      m_sequence_numbers->reset();
   }

References BOTAN_ASSERT_NOMSG.

rng()

RandomNumberGenerator & Botan::TLS::Channel_Impl_12::rng ( )

inlineprotected

Definition at line 171 of file tls_channel_impl_12.h.

{ return *m_rng; }

secure_renegotiation_check() [1/2]

void Botan::TLS::Channel_Impl_12::secure_renegotiation_check ( const Client_Hello_12 *  client_hello )

protected

Definition at line 624 of file tls_channel_impl_12.cpp.

   {
   const bool secure_renegotiation = client_hello->secure_renegotiation();
 
   if(auto active = active_state())
      {
      const bool active_sr = active->client_hello()->secure_renegotiation();
 
      if(active_sr != secure_renegotiation)
         throw TLS_Exception(Alert::HandshakeFailure,
                             "Client changed its mind about secure renegotiation");
      }
 
   if(secure_renegotiation)
      {
      const std::vector<uint8_t>& data = client_hello->renegotiation_info();
 
      if(data != secure_renegotiation_data_for_client_hello())
         throw TLS_Exception(Alert::HandshakeFailure,
                             "Client sent bad values for secure renegotiation");
      }
   }

References Botan::TLS::Client_Hello_12::renegotiation_info(), Botan::TLS::Client_Hello_12::secure_renegotiation(), and secure_renegotiation_data_for_client_hello().

Referenced by Botan::TLS::Client_Impl_12::Client_Impl_12().

secure_renegotiation_check() [2/2]

void Botan::TLS::Channel_Impl_12::secure_renegotiation_check ( const Server_Hello_12 *  server_hello )

protected

Definition at line 647 of file tls_channel_impl_12.cpp.

   {
   const bool secure_renegotiation = server_hello->secure_renegotiation();
 
   if(auto active = active_state())
      {
      const bool active_sr = active->server_hello()->secure_renegotiation();
 
      if(active_sr != secure_renegotiation)
         throw TLS_Exception(Alert::HandshakeFailure,
                             "Server changed its mind about secure renegotiation");
      }
 
   if(secure_renegotiation)
      {
      const std::vector<uint8_t>& data = server_hello->renegotiation_info();
 
      if(data != secure_renegotiation_data_for_server_hello())
         throw TLS_Exception(Alert::HandshakeFailure,
                             "Server sent bad values for secure renegotiation");
      }
   }

References Botan::TLS::Server_Hello_12::renegotiation_info(), Botan::TLS::Server_Hello_12::secure_renegotiation(), and secure_renegotiation_data_for_server_hello().

secure_renegotiation_data_for_client_hello()

std::vector< uint8_t > Botan::TLS::Channel_Impl_12::secure_renegotiation_data_for_client_hello ( ) const

protected

Definition at line 670 of file tls_channel_impl_12.cpp.

   {
   if(auto active = active_state())
      return active->client_finished()->verify_data();
   return std::vector<uint8_t>();
   }

Referenced by secure_renegotiation_check().

secure_renegotiation_data_for_server_hello()

std::vector< uint8_t > Botan::TLS::Channel_Impl_12::secure_renegotiation_data_for_server_hello ( ) const

protected

Definition at line 677 of file tls_channel_impl_12.cpp.

   {
   if(auto active = active_state())
      {
      std::vector<uint8_t> buf = active->client_finished()->verify_data();
      buf += active->server_finished()->verify_data();
      return buf;
      }
 
   return std::vector<uint8_t>();
   }

Referenced by secure_renegotiation_check().

secure_renegotiation_supported()

bool Botan::TLS::Channel_Impl_12::secure_renegotiation_supported ( ) const

overridevirtual

Returns

true iff the counterparty supports the secure renegotiation extensions.

Implements Botan::TLS::Channel_Impl.

Definition at line 689 of file tls_channel_impl_12.cpp.

   {
   if(auto active = active_state())
      return active->server_hello()->secure_renegotiation();
 
   if(auto pending = pending_state())
      if(auto hello = pending->server_hello())
         return hello->secure_renegotiation();
 
   return false;
   }

send_alert()

void Botan::TLS::Channel_Impl_12::send_alert ( const Alert &  alert )

overridevirtual

Send a TLS alert message. If the alert is fatal, the internal state (keys, etc) will be reset.

Parameters

alert

the Alert to send

Implements Botan::TLS::Channel_Impl.

Definition at line 590 of file tls_channel_impl_12.cpp.

   {
   const bool ready_to_send_anything = !is_closed() && m_sequence_numbers;
   if(alert.is_valid() && ready_to_send_anything)
      {
      try
         {
         send_record(Record_Type::Alert, alert.serialize());
         }
      catch(...) { /* swallow it */ }
      }
 
   if(alert.type() == Alert::NoRenegotiation)
      m_pending_state.reset();
 
   if(alert.is_fatal())
   {
      if(auto active = active_state())
      {
         const auto& session_id = active->server_hello()->session_id();
         if(!session_id.empty())
            {
            session_manager().remove(Session_ID(session_id));
            }
      }
      reset_state();
   }
 
   if(alert.type() == Alert::CloseNotify || alert.is_fatal())
      {
      m_has_been_closed = true;
      }
   }

References Botan::TLS::Alert, is_closed(), Botan::TLS::Alert::is_fatal(), Botan::TLS::Alert::is_valid(), Botan::TLS::Session_Manager::remove(), Botan::TLS::Alert::serialize(), session_manager(), and Botan::TLS::Alert::type().

send_fatal_alert()

void Botan::TLS::Channel_Impl::send_fatal_alert ( Alert::Type  type )

inlineinherited

Send a fatal alert

Definition at line 76 of file tls_channel_impl.h.

{ send_alert(Alert(type, true)); }

References Botan::TLS::Channel_Impl::send_alert().

Referenced by from_peer(), and Botan::TLS::Channel_Impl_13::from_peer().

send_new_session_tickets()

virtual size_t Botan::TLS::Channel_Impl::send_new_session_tickets ( const  size_t )

inlinevirtualinherited

Send tickets new session tickets to the peer. This is only supported on TLS 1.3 servers.

If the server's Session_Manager does not accept the generated Session objects, the server implementation won't be able to send new tickets. Additionally, anything but TLS 1.3 servers will return 0 (because they don't support sending such session tickets).

Returns

the number of session tickets successfully sent to the client

Reimplemented in Botan::TLS::Server_Impl_13.

Definition at line 142 of file tls_channel_impl.h.

{ return 0; }

send_warning_alert()

void Botan::TLS::Channel_Impl::send_warning_alert ( Alert::Type  type )

inlineinherited

Send a warning alert

Definition at line 71 of file tls_channel_impl.h.

{ send_alert(Alert(type, false)); }

References Botan::TLS::Channel_Impl::send_alert().

Referenced by Botan::TLS::Channel_Impl::close().

session_manager()

Session_Manager & Botan::TLS::Channel_Impl_12::session_manager ( )

inlineprotected

Definition at line 173 of file tls_channel_impl_12.h.

{ return *m_session_manager; }

Referenced by send_alert().

set_io_buffer_size()

void Botan::TLS::Channel_Impl::set_io_buffer_size ( size_t  io_buf_sz )

inlineprotectedinherited

Definition at line 227 of file tls_channel_impl.h.

         {
         BOTAN_STATE_CHECK(m_downgrade_info);
         m_downgrade_info->io_buffer_size = io_buf_sz;
         }

References BOTAN_STATE_CHECK, and Botan::TLS::Channel_Impl::m_downgrade_info.

timeout_check()

bool Botan::TLS::Channel_Impl_12::timeout_check ( )

overridevirtual

Perform a handshake timeout check. This does nothing unless this is a DTLS channel with a pending handshake state, in which case we check for timeout and potentially retransmit handshake packets.

Implements Botan::TLS::Channel_Impl.

Definition at line 155 of file tls_channel_impl_12.cpp.

   {
   if(m_pending_state)
      return m_pending_state->handshake_io().timeout_check();
 
   //FIXME: scan cipher suites and remove epochs older than 2*MSL
   return false;
   }

to_peer()

void Botan::TLS::Channel_Impl_12::to_peer ( std::span< const uint8_t >  data )

overridevirtual

Inject plaintext intended for counterparty Throws an exception if is_active() is false

Implements Botan::TLS::Channel_Impl.

Definition at line 581 of file tls_channel_impl_12.cpp.

   {
   if(!is_active())
      throw Invalid_State("Data cannot be sent on inactive TLS connection");
 
   send_record_array(sequence_numbers().current_write_epoch(),
                     Record_Type::ApplicationData, data.data(), data.size());
   }

References Botan::TLS::ApplicationData, and is_active().

update_traffic_keys()

void Botan::TLS::Channel_Impl_12::update_traffic_keys ( bool  request_peer_update = false )

overridevirtual

Attempt to update the session's traffic key material Note that this is possible with a TLS 1.3 channel, only.

Parameters

request_peer_update

if true, require a reciprocal key update

Implements Botan::TLS::Channel_Impl.

Definition at line 181 of file tls_channel_impl_12.cpp.

   {
   throw Invalid_Argument("cannot update traffic keys on a TLS 1.2 channel");
   }

Member Data Documentation

m_downgrade_info

std::unique_ptr<Downgrade_Information> Botan::TLS::Channel_Impl::m_downgrade_info

protectedinherited

Definition at line 210 of file tls_channel_impl.h.

Referenced by Botan::TLS::Channel_Impl_13::expect_downgrade(), Botan::TLS::Channel_Impl::expects_downgrade(), Botan::TLS::Channel_Impl::extract_downgrade_info(), Botan::TLS::Channel_Impl_13::from_peer(), Botan::TLS::Channel_Impl::is_downgrading(), Botan::TLS::Channel_Impl::preserve_client_hello(), Botan::TLS::Channel_Impl::preserve_peer_transcript(), Botan::TLS::Channel_Impl::request_downgrade(), Botan::TLS::Channel_Impl::request_downgrade_for_resumption(), and Botan::TLS::Channel_Impl::set_io_buffer_size().

---

The documentation for this class was generated from the following files:

• src/lib/tls/tls12/tls_channel_impl_12.h
• src/lib/tls/tls12/tls_channel_impl_12.cpp