Botan 3.11.0
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::TLS::Record_Size_Limit Class Referencefinal

#include <tls_extensions.h>

Inheritance diagram for Botan::TLS::Record_Size_Limit:
Botan::TLS::Extension

Public Member Functions

bool empty () const override
virtual bool is_implemented () const
uint16_t limit () const
 Record_Size_Limit (TLS_Data_Reader &reader, uint16_t extension_size, Connection_Side from)
 Record_Size_Limit (uint16_t limit)
std::vector< uint8_t > serialize (Connection_Side whoami) const override
Extension_Code type () const override

Static Public Member Functions

static Extension_Code static_type ()

Detailed Description

Record Size Limit (RFC 8449)

TODO: the record size limit is currently not honored by the TLS 1.2 stack

Definition at line 412 of file tls_extensions.h.

Constructor & Destructor Documentation

◆ Record_Size_Limit() [1/2]

Botan::TLS::Record_Size_Limit::Record_Size_Limit ( uint16_t limit)
explicit

Definition at line 735 of file tls_extensions.cpp.

735 : m_limit(limit) {
736 BOTAN_ASSERT(limit >= 64, "RFC 8449 does not allow record size limits smaller than 64 bytes");
737 BOTAN_ASSERT(limit <= MAX_PLAINTEXT_SIZE + 1 /* encrypted content type byte */,
738 "RFC 8449 does not allow record size limits larger than 2^14+1");
739}
BOTAN_ASSERT
#define BOTAN_ASSERT(expr, assertion_made)
Definition assert.h:62
Botan::TLS::Record_Size_Limit::limit
uint16_t limit() const
Definition tls_extensions.h:422
Botan::TLS::MAX_PLAINTEXT_SIZE
@ MAX_PLAINTEXT_SIZE
Definition tls_magic.h:31

References BOTAN_ASSERT, limit(), and Botan::TLS::MAX_PLAINTEXT_SIZE.

◆ Record_Size_Limit() [2/2]

Botan::TLS::Record_Size_Limit::Record_Size_Limit ( TLS_Data_Reader & reader,
uint16_t extension_size,
Connection_Side from )

Definition at line 741 of file tls_extensions.cpp.

741 {
742 if(extension_size != 2) {
743 throw TLS_Exception(Alert::DecodeError, "invalid record_size_limit extension");
744 }
745
746 m_limit = reader.get_uint16_t();
747
748 // RFC 8449 4.
749 // This value is the length of the plaintext of a protected record.
750 // The value includes the content type and padding added in TLS 1.3 (that
751 // is, the complete length of TLSInnerPlaintext).
752 //
753 // A server MUST NOT enforce this restriction; a client might advertise
754 // a higher limit that is enabled by an extension or version the server
755 // does not understand. A client MAY abort the handshake with an
756 // "illegal_parameter" alert.
757 //
758 // Note: We are currently supporting this extension in TLS 1.3 only, hence
759 // we check for the TLS 1.3 limit. The TLS 1.2 limit would not include
760 // the "content type byte" and hence be one byte less!
761 if(m_limit > MAX_PLAINTEXT_SIZE + 1 /* encrypted content type byte */ && from == Connection_Side::Server) {
762 throw TLS_Exception(Alert::IllegalParameter,
763 "Server requested a record size limit larger than the protocol's maximum");
764 }
765
766 // RFC 8449 4.
767 // Endpoints MUST NOT send a "record_size_limit" extension with a value
768 // smaller than 64. An endpoint MUST treat receipt of a smaller value
769 // as a fatal error and generate an "illegal_parameter" alert.
770 if(m_limit < 64) {
771 throw TLS_Exception(Alert::IllegalParameter, "Received a record size limit smaller than 64 bytes");
772 }
773}

References Botan::TLS::TLS_Data_Reader::get_uint16_t(), Botan::TLS::MAX_PLAINTEXT_SIZE, and Botan::TLS::Server.

Member Function Documentation

◆ empty()

bool Botan::TLS::Record_Size_Limit::empty ( ) const
inlineoverridevirtual
Returns
if we should encode this extension or not

Implements Botan::TLS::Extension.

Definition at line 426 of file tls_extensions.h.

426{ return m_limit == 0; }

◆ is_implemented()

virtual bool Botan::TLS::Extension::is_implemented ( ) const
inlinevirtualinherited
Returns
true if this extension is known and implemented by Botan

Reimplemented in Botan::TLS::Unknown_Extension.

Definition at line 95 of file tls_extensions.h.

95{ return true; }

◆ limit()

uint16_t Botan::TLS::Record_Size_Limit::limit ( ) const
inline

Definition at line 422 of file tls_extensions.h.

422{ return m_limit; }

Referenced by Record_Size_Limit().

◆ serialize()

std::vector< uint8_t > Botan::TLS::Record_Size_Limit::serialize ( Connection_Side whoami) const
overridevirtual
Returns
serialized binary for the extension

Implements Botan::TLS::Extension.

Definition at line 775 of file tls_extensions.cpp.

775 {
776 std::vector<uint8_t> buf;
777
778 buf.push_back(get_byte<0>(m_limit));
779 buf.push_back(get_byte<1>(m_limit));
780
781 return buf;
782}
Botan::get_byte
constexpr uint8_t get_byte(T input)
Definition loadstor.h:79

References Botan::get_byte().

◆ static_type()

Extension_Code Botan::TLS::Record_Size_Limit::static_type ( )
inlinestatic

Definition at line 414 of file tls_extensions.h.

414{ return Extension_Code::RecordSizeLimit; }

References Botan::TLS::RecordSizeLimit.

Referenced by type().

◆ type()

Extension_Code Botan::TLS::Record_Size_Limit::type ( ) const
inlineoverridevirtual
Returns
code number of the extension

Implements Botan::TLS::Extension.

Definition at line 416 of file tls_extensions.h.

416{ return static_type(); }
Botan::TLS::Record_Size_Limit::static_type
static Extension_Code static_type()
Definition tls_extensions.h:414

References static_type().

The documentation for this class was generated from the following files:
Generated by doxygen 1.15.0