Botan  2.15.0
Crypto and TLS for C++11
Public Member Functions | List of all members
Botan::TLS::Handshake_State Class Reference

#include <tls_handshake_state.h>

Inherited by Botan::TLS::Server_Handshake_State.

Public Member Functions

Callbackscallbacks () const
 
void cert_req (Certificate_Req *cert_req)
 
const Certificate_Reqcert_req () const
 
std::pair< std::string, Signature_Formatchoose_sig_format (const Private_Key &key, Signature_Scheme &scheme, bool for_client_auth, const Policy &policy) const
 
const Ciphersuiteciphersuite () const
 
void client_certs (Certificate *client_certs)
 
const Certificateclient_certs () const
 
void client_finished (Finished *client_finished)
 
const Finishedclient_finished () const
 
void client_hello (Client_Hello *client_hello)
 
const Client_Helloclient_hello () const
 
void client_kex (Client_Key_Exchange *client_kex)
 
const Client_Key_Exchangeclient_kex () const
 
void client_verify (Certificate_Verify *client_verify)
 
const Certificate_Verifyclient_verify () const
 
void compute_session_keys ()
 
void compute_session_keys (const secure_vector< uint8_t > &resume_master_secret)
 
void confirm_transition_to (Handshake_Type msg_type)
 
std::pair< Handshake_Type, std::vector< uint8_t > > get_next_handshake_msg ()
 
Handshake_IOhandshake_io ()
 
 Handshake_State (Handshake_IO *io, Callbacks &callbacks)
 
 Handshake_State (const Handshake_State &)=delete
 
Handshake_Hashhash ()
 
const Handshake_Hashhash () const
 
void hello_verify_request (const Hello_Verify_Request &hello_verify)
 
void new_session_ticket (New_Session_Ticket *new_session_ticket)
 
const New_Session_Ticketnew_session_ticket () const
 
void note_message (const Handshake_Message &msg)
 
Handshake_Stateoperator= (const Handshake_State &)=delete
 
std::pair< std::string, Signature_Formatparse_sig_format (const Public_Key &key, Signature_Scheme scheme, bool for_client_auth, const Policy &policy) const
 
KDFprotocol_specific_prf () const
 
bool received_handshake_msg (Handshake_Type msg_type) const
 
void server_cert_status (Certificate_Status *server_cert_status)
 
const Certificate_Statusserver_cert_status () const
 
void server_certs (Certificate *server_certs)
 
const Certificateserver_certs () const
 
void server_finished (Finished *server_finished)
 
const Finishedserver_finished () const
 
void server_hello (Server_Hello *server_hello)
 
const Server_Helloserver_hello () const
 
void server_hello_done (Server_Hello_Done *server_hello_done)
 
const Server_Hello_Doneserver_hello_done () const
 
void server_kex (Server_Key_Exchange *server_kex)
 
const Server_Key_Exchangeserver_kex () const
 
const Session_Keyssession_keys () const
 
std::vector< uint8_t > session_ticket () const
 
void set_expected_next (Handshake_Type msg_type)
 
void set_version (const Protocol_Version &version)
 
std::string srp_identifier () const
 
Protocol_Version version () const
 
virtual ~Handshake_State ()=default
 

Detailed Description

SSL/TLS Handshake State

Definition at line 49 of file tls_handshake_state.h.

Constructor & Destructor Documentation

◆ Handshake_State() [1/2]

Botan::TLS::Handshake_State::Handshake_State ( Handshake_IO io,
Callbacks callbacks 
)

Definition at line 183 of file tls_handshake_state.cpp.

183  :
184  m_callbacks(cb),
185  m_handshake_io(io),
186  m_version(m_handshake_io->initial_record_version())
187  {
188  }

◆ ~Handshake_State()

virtual Botan::TLS::Handshake_State::~Handshake_State ( )
virtualdefault

◆ Handshake_State() [2/2]

Botan::TLS::Handshake_State::Handshake_State ( const Handshake_State )
delete

Member Function Documentation

◆ callbacks()

Callbacks& Botan::TLS::Handshake_State::callbacks ( ) const
inline

◆ cert_req() [1/2]

void Botan::TLS::Handshake_State::cert_req ( Certificate_Req cert_req)

Definition at line 244 of file tls_handshake_state.cpp.

References cert_req(), and note_message().

245  {
246  m_cert_req.reset(cert_req);
247  note_message(*m_cert_req);
248  }
const Certificate_Req * cert_req() const
void note_message(const Handshake_Message &msg)

◆ cert_req() [2/2]

const Certificate_Req* Botan::TLS::Handshake_State::cert_req ( ) const
inline

Definition at line 132 of file tls_handshake_state.h.

Referenced by cert_req(), choose_sig_format(), and parse_sig_format().

133  { return m_cert_req.get(); }

◆ choose_sig_format()

std::pair< std::string, Signature_Format > Botan::TLS::Handshake_State::choose_sig_format ( const Private_Key key,
Signature_Scheme scheme,
bool  for_client_auth,
const Policy policy 
) const

Definition at line 399 of file tls_handshake_state.cpp.

References Botan::Public_Key::algo_name(), Botan::TLS::Policy::allowed_signature_hash(), Botan::TLS::Policy::allowed_signature_schemes(), cert_req(), client_hello(), Botan::DER_SEQUENCE, Botan::TLS::DSA_SHA1, Botan::TLS::ECDSA_SHA1, Botan::TLS::Alert::HANDSHAKE_FAILURE, hash(), Botan::TLS::hash_function_of_scheme(), Botan::IEEE_1363, Botan::TLS::padding_string_for_scheme(), Botan::TLS::RSA_PKCS1_SHA1, Botan::TLS::signature_algorithm_of_scheme(), Botan::TLS::signature_scheme_is_known(), Botan::TLS::Client_Hello::signature_schemes(), Botan::TLS::Certificate_Req::signature_schemes(), and version().

Referenced by Botan::TLS::Certificate_Verify::Certificate_Verify(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

403  {
404  const std::string sig_algo = key.algo_name();
405 
406  if(this->version().supports_negotiable_signature_algorithms())
407  {
408  const std::vector<Signature_Scheme> allowed = policy.allowed_signature_schemes();
409 
410  std::vector<Signature_Scheme> requested =
411  (for_client_auth) ? cert_req()->signature_schemes() : client_hello()->signature_schemes();
412 
413  if(requested.empty())
414  {
415  // Implicit SHA-1
416  requested.push_back(Signature_Scheme::RSA_PKCS1_SHA1);
417  requested.push_back(Signature_Scheme::ECDSA_SHA1);
418  requested.push_back(Signature_Scheme::DSA_SHA1);
419  }
420 
421  for(Signature_Scheme scheme : allowed)
422  {
423  if(signature_scheme_is_known(scheme) == false)
424  {
425  continue;
426  }
427 
428  if(signature_algorithm_of_scheme(scheme) == sig_algo)
429  {
430  if(std::find(requested.begin(), requested.end(), scheme) != requested.end())
431  {
432  chosen_scheme = scheme;
433  break;
434  }
435  }
436  }
437 
438  const std::string hash = hash_function_of_scheme(chosen_scheme);
439 
440  if(!policy.allowed_signature_hash(hash))
441  {
442  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
443  "Policy refuses to accept signing with any hash supported by peer");
444  }
445 
446  if(sig_algo == "RSA")
447  {
448  return std::make_pair(padding_string_for_scheme(chosen_scheme), IEEE_1363);
449  }
450  else if(sig_algo == "DSA" || sig_algo == "ECDSA")
451  {
452  return std::make_pair(padding_string_for_scheme(chosen_scheme), DER_SEQUENCE);
453  }
454  }
455  else
456  {
457  if(sig_algo == "RSA")
458  {
459  const std::string padding = "PKCS1v15(Parallel(MD5,SHA-160))";
460  return std::make_pair(padding, IEEE_1363);
461  }
462  else if(sig_algo == "DSA" || sig_algo == "ECDSA")
463  {
464  const std::string padding = "EMSA1(SHA-1)";
465  return std::make_pair(padding, DER_SEQUENCE);
466  }
467  }
468 
469  throw Invalid_Argument(sig_algo + " is invalid/unknown for TLS signatures");
470  }
std::string hash_function_of_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:191
Signature_Scheme
Definition: tls_algos.h:86
std::string padding_string_for_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:379
bool signature_scheme_is_known(Signature_Scheme scheme)
Definition: tls_algos.cpp:262
const Certificate_Req * cert_req() const
std::vector< Signature_Scheme > signature_schemes() const
std::string signature_algorithm_of_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:291
Protocol_Version version() const
const Client_Hello * client_hello() const
const std::vector< Signature_Scheme > & signature_schemes() const
Definition: tls_messages.h:435

◆ ciphersuite()

const Ciphersuite& Botan::TLS::Handshake_State::ciphersuite ( ) const
inline

◆ client_certs() [1/2]

void Botan::TLS::Handshake_State::client_certs ( Certificate client_certs)

Definition at line 256 of file tls_handshake_state.cpp.

References client_certs(), and note_message().

257  {
258  m_client_certs.reset(client_certs);
259  note_message(*m_client_certs);
260  }
const Certificate * client_certs() const
void note_message(const Handshake_Message &msg)

◆ client_certs() [2/2]

const Certificate* Botan::TLS::Handshake_State::client_certs ( ) const
inline

Definition at line 138 of file tls_handshake_state.h.

Referenced by client_certs().

139  { return m_client_certs.get(); }

◆ client_finished() [1/2]

void Botan::TLS::Handshake_State::client_finished ( Finished client_finished)

Definition at line 286 of file tls_handshake_state.cpp.

References client_finished(), and note_message().

287  {
288  m_client_finished.reset(client_finished);
289  note_message(*m_client_finished);
290  }
const Finished * client_finished() const
void note_message(const Handshake_Message &msg)

◆ client_finished() [2/2]

const Finished* Botan::TLS::Handshake_State::client_finished ( ) const
inline

Definition at line 156 of file tls_handshake_state.h.

Referenced by client_finished().

157  { return m_client_finished.get(); }

◆ client_hello() [1/2]

void Botan::TLS::Handshake_State::client_hello ( Client_Hello client_hello)

Definition at line 205 of file tls_handshake_state.cpp.

References client_hello(), hash(), note_message(), and Botan::TLS::Handshake_Hash::reset().

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), Botan::TLS::Session_Keys::Session_Keys(), and Botan::TLS::Server_Key_Exchange::verify().

206  {
207  if(client_hello == nullptr)
208  {
209  m_client_hello.reset();
210  hash().reset();
211  }
212  else
213  {
214  m_client_hello.reset(client_hello);
215  note_message(*m_client_hello);
216  }
217  }
void note_message(const Handshake_Message &msg)
const Client_Hello * client_hello() const

◆ client_hello() [2/2]

const Client_Hello* Botan::TLS::Handshake_State::client_hello ( ) const
inline

Definition at line 120 of file tls_handshake_state.h.

Referenced by choose_sig_format(), client_hello(), parse_sig_format(), session_ticket(), and srp_identifier().

121  { return m_client_hello.get(); }

◆ client_kex() [1/2]

void Botan::TLS::Handshake_State::client_kex ( Client_Key_Exchange client_kex)

Definition at line 262 of file tls_handshake_state.cpp.

References client_kex(), and note_message().

263  {
264  m_client_kex.reset(client_kex);
265  note_message(*m_client_kex);
266  }
const Client_Key_Exchange * client_kex() const
void note_message(const Handshake_Message &msg)

◆ client_kex() [2/2]

const Client_Key_Exchange* Botan::TLS::Handshake_State::client_kex ( ) const
inline

Definition at line 141 of file tls_handshake_state.h.

Referenced by client_kex(), and compute_session_keys().

142  { return m_client_kex.get(); }

◆ client_verify() [1/2]

void Botan::TLS::Handshake_State::client_verify ( Certificate_Verify client_verify)

Definition at line 268 of file tls_handshake_state.cpp.

References client_verify(), and note_message().

269  {
270  m_client_verify.reset(client_verify);
271  note_message(*m_client_verify);
272  }
const Certificate_Verify * client_verify() const
void note_message(const Handshake_Message &msg)

◆ client_verify() [2/2]

const Certificate_Verify* Botan::TLS::Handshake_State::client_verify ( ) const
inline

Definition at line 144 of file tls_handshake_state.h.

Referenced by client_verify().

145  { return m_client_verify.get(); }

◆ compute_session_keys() [1/2]

void Botan::TLS::Handshake_State::compute_session_keys ( )

Definition at line 297 of file tls_handshake_state.cpp.

References client_kex().

298  {
299  m_session_keys = Session_Keys(this, client_kex()->pre_master_secret(), false);
300  }
const Client_Key_Exchange * client_kex() const

◆ compute_session_keys() [2/2]

void Botan::TLS::Handshake_State::compute_session_keys ( const secure_vector< uint8_t > &  resume_master_secret)

Definition at line 302 of file tls_handshake_state.cpp.

303  {
304  m_session_keys = Session_Keys(this, resume_master_secret, true);
305  }

◆ confirm_transition_to()

void Botan::TLS::Handshake_State::confirm_transition_to ( Handshake_Type  msg_type)

Confirm that we were expecting this message type

Parameters
msg_typethe message type

Definition at line 307 of file tls_handshake_state.cpp.

References Botan::TLS::handshake_type_to_string().

308  {
309  const uint32_t mask = bitmask_for_handshake_type(handshake_msg);
310 
311  m_hand_received_mask |= mask;
312 
313  const bool ok = (m_hand_expecting_mask & mask) != 0; // overlap?
314 
315  if(!ok)
316  {
317  const uint32_t seen_so_far = m_hand_received_mask & ~mask;
318 
319  std::ostringstream msg;
320 
321  msg << "Unexpected state transition in handshake got a " << handshake_type_to_string(handshake_msg);
322 
323  if(m_hand_expecting_mask == 0)
324  msg << " not expecting messages";
325  else
326  msg << " expected " << handshake_mask_to_string(m_hand_expecting_mask, '|');
327 
328  if(seen_so_far != 0)
329  msg << " seen " << handshake_mask_to_string(seen_so_far, '+');
330 
331  throw Unexpected_Message(msg.str());
332  }
333 
334  /* We don't know what to expect next, so force a call to
335  set_expected_next; if it doesn't happen, the next transition
336  check will always fail which is what we want.
337  */
338  m_hand_expecting_mask = 0;
339  }
const char * handshake_type_to_string(Handshake_Type type)

◆ get_next_handshake_msg()

std::pair< Handshake_Type, std::vector< uint8_t > > Botan::TLS::Handshake_State::get_next_handshake_msg ( )

Definition at line 354 of file tls_handshake_state.cpp.

References Botan::TLS::HANDSHAKE_CCS.

355  {
356  const bool expecting_ccs =
357  (bitmask_for_handshake_type(HANDSHAKE_CCS) & m_hand_expecting_mask) != 0;
358 
359  return m_handshake_io->get_next_record(expecting_ccs);
360  }

◆ handshake_io()

Handshake_IO& Botan::TLS::Handshake_State::handshake_io ( )
inline

Definition at line 59 of file tls_handshake_state.h.

Referenced by hello_verify_request().

59 { return *m_handshake_io; }

◆ hash() [1/2]

Handshake_Hash& Botan::TLS::Handshake_State::hash ( )
inline

◆ hash() [2/2]

const Handshake_Hash& Botan::TLS::Handshake_State::hash ( ) const
inline

Definition at line 171 of file tls_handshake_state.h.

171 { return m_handshake_hash; }

◆ hello_verify_request()

void Botan::TLS::Handshake_State::hello_verify_request ( const Hello_Verify_Request hello_verify)

Definition at line 195 of file tls_handshake_state.cpp.

References handshake_io(), hash(), note_message(), Botan::TLS::Handshake_Hash::reset(), and Botan::TLS::Handshake_Hash::update().

196  {
197  note_message(hello_verify);
198 
199  m_client_hello->update_hello_cookie(hello_verify);
200  hash().reset();
201  hash().update(handshake_io().send(*m_client_hello));
202  note_message(*m_client_hello);
203  }
void update(const uint8_t in[], size_t length)
void note_message(const Handshake_Message &msg)

◆ new_session_ticket() [1/2]

void Botan::TLS::Handshake_State::new_session_ticket ( New_Session_Ticket new_session_ticket)

Definition at line 274 of file tls_handshake_state.cpp.

References new_session_ticket(), and note_message().

275  {
276  m_new_session_ticket.reset(new_session_ticket);
277  note_message(*m_new_session_ticket);
278  }
void note_message(const Handshake_Message &msg)
const New_Session_Ticket * new_session_ticket() const

◆ new_session_ticket() [2/2]

const New_Session_Ticket* Botan::TLS::Handshake_State::new_session_ticket ( ) const
inline

Definition at line 150 of file tls_handshake_state.h.

Referenced by new_session_ticket(), and session_ticket().

151  { return m_new_session_ticket.get(); }

◆ note_message()

void Botan::TLS::Handshake_State::note_message ( const Handshake_Message msg)

◆ operator=()

Handshake_State& Botan::TLS::Handshake_State::operator= ( const Handshake_State )
delete

◆ parse_sig_format()

std::pair< std::string, Signature_Format > Botan::TLS::Handshake_State::parse_sig_format ( const Public_Key key,
Signature_Scheme  scheme,
bool  for_client_auth,
const Policy policy 
) const

Definition at line 495 of file tls_handshake_state.cpp.

References Botan::Public_Key::algo_name(), Botan::TLS::Policy::allowed_signature_method(), cert_req(), client_hello(), Botan::DER_SEQUENCE, Botan::TLS::Alert::HANDSHAKE_FAILURE, hash_algo, Botan::TLS::hash_function_of_scheme(), Botan::IEEE_1363, Botan::TLS::Alert::ILLEGAL_PARAMETER, Botan::TLS::NONE, Botan::TLS::padding_string_for_scheme(), Botan::TLS::signature_algorithm_of_scheme(), Botan::TLS::signature_scheme_is_known(), Botan::TLS::Client_Hello::signature_schemes(), Botan::TLS::Certificate_Req::signature_schemes(), and version().

Referenced by Botan::TLS::Certificate_Verify::verify(), and Botan::TLS::Server_Key_Exchange::verify().

499  {
500  const std::string key_type = key.algo_name();
501 
502  if(!policy.allowed_signature_method(key_type))
503  {
504  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
505  "Rejecting " + key_type + " signature");
506  }
507 
508  if(this->version().supports_negotiable_signature_algorithms() == false)
509  {
510  if(scheme != Signature_Scheme::NONE)
511  throw Decoding_Error("Counterparty sent hash/sig IDs with old version");
512 
513  /*
514  There is no check on the acceptability of a v1.0/v1.1 hash type,
515  since it's implicit with use of the protocol
516  */
517 
518  if(key_type == "RSA")
519  {
520  const std::string padding = "PKCS1v15(Parallel(MD5,SHA-160))";
521  return std::make_pair(padding, IEEE_1363);
522  }
523  else if(key_type == "DSA" || key_type == "ECDSA")
524  {
525  const std::string padding = "EMSA1(SHA-1)";
526  return std::make_pair(padding, DER_SEQUENCE);
527  }
528  else
529  throw Invalid_Argument(key_type + " is invalid/unknown for TLS signatures");
530  }
531 
532  if(scheme == Signature_Scheme::NONE)
533  throw Decoding_Error("Counterparty did not send hash/sig IDS");
534 
535  if(key_type != signature_algorithm_of_scheme(scheme))
536  throw Decoding_Error("Counterparty sent inconsistent key and sig types");
537 
538  if(for_client_auth && !cert_req())
539  {
540  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
541  "No certificate verify set");
542  }
543 
544  /*
545  Confirm the signature type we just received against the
546  supported_algos list that we sent; it better be there.
547  */
548 
549  const std::vector<Signature_Scheme> supported_algos =
550  for_client_auth ? cert_req()->signature_schemes() :
552 
553  if(!signature_scheme_is_known(scheme))
554  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
555  "Peer sent unknown signature scheme");
556 
557  const std::string hash_algo = hash_function_of_scheme(scheme);
558 
559  if(!supported_algos_include(supported_algos, key_type, hash_algo))
560  {
561  throw TLS_Exception(Alert::ILLEGAL_PARAMETER,
562  "TLS signature extension did not allow for " +
563  key_type + "/" + hash_algo + " signature");
564  }
565 
566  if(key_type == "RSA")
567  {
568  return std::make_pair(padding_string_for_scheme(scheme), IEEE_1363);
569  }
570  else if(key_type == "DSA" || key_type == "ECDSA")
571  {
572  return std::make_pair(padding_string_for_scheme(scheme), DER_SEQUENCE);
573  }
574 
575  throw Invalid_Argument(key_type + " is invalid/unknown for TLS signatures");
576  }
std::string hash_function_of_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:191
std::string padding_string_for_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:379
bool signature_scheme_is_known(Signature_Scheme scheme)
Definition: tls_algos.cpp:262
const Certificate_Req * cert_req() const
std::vector< Signature_Scheme > signature_schemes() const
AlgorithmIdentifier hash_algo
Definition: x509_obj.cpp:22
std::string signature_algorithm_of_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:291
Protocol_Version version() const
const Client_Hello * client_hello() const
const std::vector< Signature_Scheme > & signature_schemes() const
Definition: tls_messages.h:435

◆ protocol_specific_prf()

KDF * Botan::TLS::Handshake_State::protocol_specific_prf ( ) const

Definition at line 382 of file tls_handshake_state.cpp.

References ciphersuite(), Botan::get_kdf(), Botan::TLS::Ciphersuite::prf_algo(), and version().

Referenced by Botan::TLS::Session_Keys::Session_Keys().

383  {
384  if(version().supports_ciphersuite_specific_prf())
385  {
386  const std::string prf_algo = ciphersuite().prf_algo();
387 
388  if(prf_algo == "MD5" || prf_algo == "SHA-1")
389  return get_kdf("TLS-12-PRF(SHA-256)");
390 
391  return get_kdf("TLS-12-PRF(" + prf_algo + ")");
392  }
393 
394  // Old PRF used in TLS v1.0, v1.1 and DTLS v1.0
395  return get_kdf("TLS-PRF");
396  }
std::string prf_algo() const
const Ciphersuite & ciphersuite() const
KDF * get_kdf(const std::string &algo_spec)
Definition: kdf.cpp:241
Protocol_Version version() const

◆ received_handshake_msg()

bool Botan::TLS::Handshake_State::received_handshake_msg ( Handshake_Type  msg_type) const

Return true iff we have received a particular message already

Parameters
msg_typethe message type

Definition at line 346 of file tls_handshake_state.cpp.

347  {
348  const uint32_t mask = bitmask_for_handshake_type(handshake_msg);
349 
350  return (m_hand_received_mask & mask) != 0;
351  }

◆ server_cert_status() [1/2]

void Botan::TLS::Handshake_State::server_cert_status ( Certificate_Status server_cert_status)

Definition at line 232 of file tls_handshake_state.cpp.

References note_message(), and server_cert_status().

233  {
234  m_server_cert_status.reset(server_cert_status);
235  note_message(*m_server_cert_status);
236  }
const Certificate_Status * server_cert_status() const
void note_message(const Handshake_Message &msg)

◆ server_cert_status() [2/2]

const Certificate_Status* Botan::TLS::Handshake_State::server_cert_status ( ) const
inline

Definition at line 147 of file tls_handshake_state.h.

Referenced by server_cert_status().

148  { return m_server_cert_status.get(); }

◆ server_certs() [1/2]

void Botan::TLS::Handshake_State::server_certs ( Certificate server_certs)

Definition at line 226 of file tls_handshake_state.cpp.

References note_message(), and server_certs().

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange().

227  {
228  m_server_certs.reset(server_certs);
229  note_message(*m_server_certs);
230  }
const Certificate * server_certs() const
void note_message(const Handshake_Message &msg)

◆ server_certs() [2/2]

const Certificate* Botan::TLS::Handshake_State::server_certs ( ) const
inline

Definition at line 126 of file tls_handshake_state.h.

Referenced by server_certs().

127  { return m_server_certs.get(); }

◆ server_finished() [1/2]

void Botan::TLS::Handshake_State::server_finished ( Finished server_finished)

Definition at line 280 of file tls_handshake_state.cpp.

References note_message(), and server_finished().

281  {
282  m_server_finished.reset(server_finished);
283  note_message(*m_server_finished);
284  }
const Finished * server_finished() const
void note_message(const Handshake_Message &msg)

◆ server_finished() [2/2]

const Finished* Botan::TLS::Handshake_State::server_finished ( ) const
inline

Definition at line 153 of file tls_handshake_state.h.

Referenced by server_finished().

154  { return m_server_finished.get(); }

◆ server_hello() [1/2]

void Botan::TLS::Handshake_State::server_hello ( Server_Hello server_hello)

Definition at line 219 of file tls_handshake_state.cpp.

References Botan::TLS::Ciphersuite::by_id(), note_message(), and server_hello().

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), Botan::TLS::Session_Keys::Session_Keys(), and Botan::TLS::Server_Key_Exchange::verify().

220  {
221  m_server_hello.reset(server_hello);
222  m_ciphersuite = Ciphersuite::by_id(m_server_hello->ciphersuite());
223  note_message(*m_server_hello);
224  }
const Server_Hello * server_hello() const
void note_message(const Handshake_Message &msg)
static Ciphersuite by_id(uint16_t suite)

◆ server_hello() [2/2]

const Server_Hello* Botan::TLS::Handshake_State::server_hello ( ) const
inline

Definition at line 123 of file tls_handshake_state.h.

Referenced by server_hello().

124  { return m_server_hello.get(); }

◆ server_hello_done() [1/2]

void Botan::TLS::Handshake_State::server_hello_done ( Server_Hello_Done server_hello_done)

Definition at line 250 of file tls_handshake_state.cpp.

References note_message(), and server_hello_done().

251  {
252  m_server_hello_done.reset(server_hello_done);
253  note_message(*m_server_hello_done);
254  }
void note_message(const Handshake_Message &msg)
const Server_Hello_Done * server_hello_done() const

◆ server_hello_done() [2/2]

const Server_Hello_Done* Botan::TLS::Handshake_State::server_hello_done ( ) const
inline

Definition at line 135 of file tls_handshake_state.h.

Referenced by server_hello_done().

136  { return m_server_hello_done.get(); }

◆ server_kex() [1/2]

void Botan::TLS::Handshake_State::server_kex ( Server_Key_Exchange server_kex)

Definition at line 238 of file tls_handshake_state.cpp.

References note_message(), and server_kex().

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange().

239  {
240  m_server_kex.reset(server_kex);
241  note_message(*m_server_kex);
242  }
const Server_Key_Exchange * server_kex() const
void note_message(const Handshake_Message &msg)

◆ server_kex() [2/2]

const Server_Key_Exchange* Botan::TLS::Handshake_State::server_kex ( ) const
inline

Definition at line 129 of file tls_handshake_state.h.

Referenced by server_kex().

130  { return m_server_kex.get(); }

◆ session_keys()

const Session_Keys& Botan::TLS::Handshake_State::session_keys ( ) const
inline

Definition at line 161 of file tls_handshake_state.h.

161 { return m_session_keys; }

◆ session_ticket()

std::vector< uint8_t > Botan::TLS::Handshake_State::session_ticket ( ) const

Definition at line 374 of file tls_handshake_state.cpp.

References client_hello(), new_session_ticket(), Botan::TLS::Client_Hello::session_ticket(), and Botan::TLS::New_Session_Ticket::ticket().

375  {
376  if(new_session_ticket() && !new_session_ticket()->ticket().empty())
377  return new_session_ticket()->ticket();
378 
379  return client_hello()->session_ticket();
380  }
std::vector< uint8_t > session_ticket() const
const std::vector< uint8_t > & ticket() const
Definition: tls_messages.h:619
const New_Session_Ticket * new_session_ticket() const
const Client_Hello * client_hello() const

◆ set_expected_next()

void Botan::TLS::Handshake_State::set_expected_next ( Handshake_Type  msg_type)

Record that we are expecting a particular message type next

Parameters
msg_typethe message type

Definition at line 341 of file tls_handshake_state.cpp.

342  {
343  m_hand_expecting_mask |= bitmask_for_handshake_type(handshake_msg);
344  }

◆ set_version()

void Botan::TLS::Handshake_State::set_version ( const Protocol_Version version)

Definition at line 292 of file tls_handshake_state.cpp.

References version().

293  {
294  m_version = version;
295  }
Protocol_Version version() const

◆ srp_identifier()

std::string Botan::TLS::Handshake_State::srp_identifier ( ) const

Definition at line 362 of file tls_handshake_state.cpp.

References ciphersuite(), client_hello(), and Botan::TLS::SRP_SHA.

363  {
364 #if defined(BOTAN_HAS_SRP6)
365  // Authenticated via the successful key exchange
366  if(ciphersuite().valid() && ciphersuite().kex_method() == Kex_Algo::SRP_SHA)
367  return client_hello()->srp_identifier();
368 #endif
369 
370  return "";
371  }
const Ciphersuite & ciphersuite() const
const Client_Hello * client_hello() const

◆ version()

Protocol_Version Botan::TLS::Handshake_State::version ( ) const
inline

The documentation for this class was generated from the following files: