Botan 3.4.0
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::TLS::Record_Size_Limit Class Referencefinal

#include <tls_extensions.h>

Inheritance diagram for Botan::TLS::Record_Size_Limit:
Botan::TLS::Extension

Public Member Functions

bool empty () const override
 
virtual bool is_implemented () const
 
uint16_t limit () const
 
 Record_Size_Limit (TLS_Data_Reader &reader, uint16_t extension_size, Connection_Side from)
 
 Record_Size_Limit (uint16_t limit)
 
std::vector< uint8_t > serialize (Connection_Side whoami) const override
 
Extension_Code type () const override
 

Static Public Member Functions

static Extension_Code static_type ()
 

Detailed Description

Record Size Limit (RFC 8449)

TODO: the record size limit is currently not honored by the TLS 1.2 stack

Definition at line 567 of file tls_extensions.h.

Constructor & Destructor Documentation

◆ Record_Size_Limit() [1/2]

Botan::TLS::Record_Size_Limit::Record_Size_Limit ( uint16_t limit)
explicit

Definition at line 778 of file tls_extensions.cpp.

778 : m_limit(limit) {
779 BOTAN_ASSERT(limit >= 64, "RFC 8449 does not allow record size limits smaller than 64 bytes");
780 BOTAN_ASSERT(limit <= MAX_PLAINTEXT_SIZE + 1 /* encrypted content type byte */,
781 "RFC 8449 does not allow record size limits larger than 2^14+1");
782}
BOTAN_ASSERT
#define BOTAN_ASSERT(expr, assertion_made)
Definition assert.h:50
Botan::TLS::Record_Size_Limit::limit
uint16_t limit() const
Definition tls_extensions.h:577
Botan::TLS::MAX_PLAINTEXT_SIZE
@ MAX_PLAINTEXT_SIZE
Definition tls_magic.h:30

References BOTAN_ASSERT, limit(), and Botan::TLS::MAX_PLAINTEXT_SIZE.

◆ Record_Size_Limit() [2/2]

Botan::TLS::Record_Size_Limit::Record_Size_Limit ( TLS_Data_Reader & reader,
uint16_t extension_size,
Connection_Side from )

Definition at line 784 of file tls_extensions.cpp.

784 {
785 if(extension_size != 2) {
786 throw TLS_Exception(Alert::DecodeError, "invalid record_size_limit extension");
787 }
788
789 m_limit = reader.get_uint16_t();
790
791 // RFC 8449 4.
792 // This value is the length of the plaintext of a protected record.
793 // The value includes the content type and padding added in TLS 1.3 (that
794 // is, the complete length of TLSInnerPlaintext).
795 //
796 // A server MUST NOT enforce this restriction; a client might advertise
797 // a higher limit that is enabled by an extension or version the server
798 // does not understand. A client MAY abort the handshake with an
799 // "illegal_parameter" alert.
800 //
801 // Note: We are currently supporting this extension in TLS 1.3 only, hence
802 // we check for the TLS 1.3 limit. The TLS 1.2 limit would not include
803 // the "content type byte" and hence be one byte less!
804 if(m_limit > MAX_PLAINTEXT_SIZE + 1 /* encrypted content type byte */ && from == Connection_Side::Server) {
805 throw TLS_Exception(Alert::IllegalParameter,
806 "Server requested a record size limit larger than the protocol's maximum");
807 }
808
809 // RFC 8449 4.
810 // Endpoints MUST NOT send a "record_size_limit" extension with a value
811 // smaller than 64. An endpoint MUST treat receipt of a smaller value
812 // as a fatal error and generate an "illegal_parameter" alert.
813 if(m_limit < 64) {
814 throw TLS_Exception(Alert::IllegalParameter, "Received a record size limit smaller than 64 bytes");
815 }
816}

References Botan::TLS::TLS_Data_Reader::get_uint16_t(), Botan::TLS::MAX_PLAINTEXT_SIZE, and Botan::TLS::Server.

Member Function Documentation

◆ empty()

bool Botan::TLS::Record_Size_Limit::empty ( ) const
inlineoverridevirtual
Returns
if we should encode this extension or not

Implements Botan::TLS::Extension.

Definition at line 581 of file tls_extensions.h.

581{ return m_limit == 0; }

◆ is_implemented()

virtual bool Botan::TLS::Extension::is_implemented ( ) const
inlinevirtualinherited
Returns
true if this extension is known and implemented by Botan

Reimplemented in Botan::TLS::Unknown_Extension.

Definition at line 116 of file tls_extensions.h.

116{ return true; }

◆ limit()

uint16_t Botan::TLS::Record_Size_Limit::limit ( ) const
inline

Definition at line 577 of file tls_extensions.h.

577{ return m_limit; }

Referenced by Record_Size_Limit().

◆ serialize()

std::vector< uint8_t > Botan::TLS::Record_Size_Limit::serialize ( Connection_Side whoami) const
overridevirtual
Returns
serialized binary for the extension

Implements Botan::TLS::Extension.

Definition at line 818 of file tls_extensions.cpp.

818 {
819 std::vector<uint8_t> buf;
820
821 buf.push_back(get_byte<0>(m_limit));
822 buf.push_back(get_byte<1>(m_limit));
823
824 return buf;
825}

◆ static_type()

static Extension_Code Botan::TLS::Record_Size_Limit::static_type ( )
inlinestatic

Definition at line 569 of file tls_extensions.h.

569{ return Extension_Code::RecordSizeLimit; }

◆ type()

Extension_Code Botan::TLS::Record_Size_Limit::type ( ) const
inlineoverridevirtual
Returns
code number of the extension

Implements Botan::TLS::Extension.

Definition at line 571 of file tls_extensions.h.

571{ return static_type(); }
Botan::TLS::Record_Size_Limit::static_type
static Extension_Code static_type()
Definition tls_extensions.h:569
The documentation for this class was generated from the following files:
Generated by doxygen 1.10.0