Botan 3.8.1
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::TLS::Record_Size_Limit Class Referencefinal

#include <tls_extensions.h>

Inheritance diagram for Botan::TLS::Record_Size_Limit:
Botan::TLS::Extension

Public Member Functions

bool empty () const override
 
virtual bool is_implemented () const
 
uint16_t limit () const
 
 Record_Size_Limit (TLS_Data_Reader &reader, uint16_t extension_size, Connection_Side from)
 
 Record_Size_Limit (uint16_t limit)
 
std::vector< uint8_t > serialize (Connection_Side whoami) const override
 
Extension_Code type () const override
 

Static Public Member Functions

static Extension_Code static_type ()
 

Detailed Description

Record Size Limit (RFC 8449)

TODO: the record size limit is currently not honored by the TLS 1.2 stack

Definition at line 566 of file tls_extensions.h.

Constructor & Destructor Documentation

◆ Record_Size_Limit() [1/2]

Botan::TLS::Record_Size_Limit::Record_Size_Limit ( uint16_t limit)
explicit

Definition at line 786 of file tls_extensions.cpp.

786 : m_limit(limit) {
787 BOTAN_ASSERT(limit >= 64, "RFC 8449 does not allow record size limits smaller than 64 bytes");
788 BOTAN_ASSERT(limit <= MAX_PLAINTEXT_SIZE + 1 /* encrypted content type byte */,
789 "RFC 8449 does not allow record size limits larger than 2^14+1");
790}
BOTAN_ASSERT
#define BOTAN_ASSERT(expr, assertion_made)
Definition assert.h:52
Botan::TLS::Record_Size_Limit::limit
uint16_t limit() const
Definition tls_extensions.h:576
Botan::TLS::MAX_PLAINTEXT_SIZE
@ MAX_PLAINTEXT_SIZE
Definition tls_magic.h:30

References BOTAN_ASSERT, limit(), and Botan::TLS::MAX_PLAINTEXT_SIZE.

◆ Record_Size_Limit() [2/2]

Botan::TLS::Record_Size_Limit::Record_Size_Limit ( TLS_Data_Reader & reader,
uint16_t extension_size,
Connection_Side from )

Definition at line 792 of file tls_extensions.cpp.

792 {
793 if(extension_size != 2) {
794 throw TLS_Exception(Alert::DecodeError, "invalid record_size_limit extension");
795 }
796
797 m_limit = reader.get_uint16_t();
798
799 // RFC 8449 4.
800 // This value is the length of the plaintext of a protected record.
801 // The value includes the content type and padding added in TLS 1.3 (that
802 // is, the complete length of TLSInnerPlaintext).
803 //
804 // A server MUST NOT enforce this restriction; a client might advertise
805 // a higher limit that is enabled by an extension or version the server
806 // does not understand. A client MAY abort the handshake with an
807 // "illegal_parameter" alert.
808 //
809 // Note: We are currently supporting this extension in TLS 1.3 only, hence
810 // we check for the TLS 1.3 limit. The TLS 1.2 limit would not include
811 // the "content type byte" and hence be one byte less!
812 if(m_limit > MAX_PLAINTEXT_SIZE + 1 /* encrypted content type byte */ && from == Connection_Side::Server) {
813 throw TLS_Exception(Alert::IllegalParameter,
814 "Server requested a record size limit larger than the protocol's maximum");
815 }
816
817 // RFC 8449 4.
818 // Endpoints MUST NOT send a "record_size_limit" extension with a value
819 // smaller than 64. An endpoint MUST treat receipt of a smaller value
820 // as a fatal error and generate an "illegal_parameter" alert.
821 if(m_limit < 64) {
822 throw TLS_Exception(Alert::IllegalParameter, "Received a record size limit smaller than 64 bytes");
823 }
824}

References Botan::TLS::TLS_Data_Reader::get_uint16_t(), Botan::TLS::MAX_PLAINTEXT_SIZE, and Botan::TLS::Server.

Member Function Documentation

◆ empty()

bool Botan::TLS::Record_Size_Limit::empty ( ) const
inlineoverridevirtual
Returns
if we should encode this extension or not

Implements Botan::TLS::Extension.

Definition at line 580 of file tls_extensions.h.

580{ return m_limit == 0; }

◆ is_implemented()

virtual bool Botan::TLS::Extension::is_implemented ( ) const
inlinevirtualinherited
Returns
true if this extension is known and implemented by Botan

Reimplemented in Botan::TLS::Unknown_Extension.

Definition at line 115 of file tls_extensions.h.

115{ return true; }

◆ limit()

uint16_t Botan::TLS::Record_Size_Limit::limit ( ) const
inline

Definition at line 576 of file tls_extensions.h.

576{ return m_limit; }

Referenced by Record_Size_Limit().

◆ serialize()

std::vector< uint8_t > Botan::TLS::Record_Size_Limit::serialize ( Connection_Side whoami) const
overridevirtual
Returns
serialized binary for the extension

Implements Botan::TLS::Extension.

Definition at line 826 of file tls_extensions.cpp.

826 {
827 std::vector<uint8_t> buf;
828
829 buf.push_back(get_byte<0>(m_limit));
830 buf.push_back(get_byte<1>(m_limit));
831
832 return buf;
833}
Botan::get_byte
constexpr uint8_t get_byte(T input)
Definition loadstor.h:79

References Botan::get_byte().

◆ static_type()

static Extension_Code Botan::TLS::Record_Size_Limit::static_type ( )
inlinestatic

Definition at line 568 of file tls_extensions.h.

568{ return Extension_Code::RecordSizeLimit; }

References Botan::TLS::RecordSizeLimit.

Referenced by type().

◆ type()

Extension_Code Botan::TLS::Record_Size_Limit::type ( ) const
inlineoverridevirtual
Returns
code number of the extension

Implements Botan::TLS::Extension.

Definition at line 570 of file tls_extensions.h.

570{ return static_type(); }
Botan::TLS::Record_Size_Limit::static_type
static Extension_Code static_type()
Definition tls_extensions.h:568

References static_type().

The documentation for this class was generated from the following files:
Generated by doxygen 1.13.2