Botan 3.12.0
Crypto and TLS for C&
Public Member Functions | Static Public Member Functions | List of all members
Botan::TLS::Record_Size_Limit Class Referencefinal

#include <tls_extensions.h>

Inheritance diagram for Botan::TLS::Record_Size_Limit:
Botan::TLS::Extension

Public Member Functions

bool empty () const override
virtual bool is_implemented () const
uint16_t limit () const
 Record_Size_Limit (TLS_Data_Reader &reader, uint16_t extension_size, Connection_Side from)
 Record_Size_Limit (uint16_t limit)
std::vector< uint8_t > serialize (Connection_Side whoami) const override
Extension_Code type () const override

Static Public Member Functions

static Extension_Code static_type ()

Detailed Description

Record Size Limit (RFC 8449)

TODO: the record size limit is currently not honored by the TLS 1.2 stack

Definition at line 415 of file tls_extensions.h.

Constructor & Destructor Documentation

◆ Record_Size_Limit() [1/2]

Botan::TLS::Record_Size_Limit::Record_Size_Limit ( uint16_t limit)
explicit

Definition at line 866 of file tls_extensions.cpp.

866 : m_limit(limit) {
867 BOTAN_ARG_CHECK(limit >= 64, "RFC 8449 does not allow record size limits smaller than 64 bytes");
868 BOTAN_ARG_CHECK(limit <= MAX_PLAINTEXT_SIZE + 1 /* encrypted content type byte */,
869 "RFC 8449 does not allow record size limits larger than 2^14+1");
870}
BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:33
Botan::TLS::Record_Size_Limit::limit
uint16_t limit() const
Definition tls_extensions.h:425
Botan::TLS::MAX_PLAINTEXT_SIZE
@ MAX_PLAINTEXT_SIZE
Definition tls_magic.h:31

References BOTAN_ARG_CHECK, limit(), and Botan::TLS::MAX_PLAINTEXT_SIZE.

◆ Record_Size_Limit() [2/2]

Botan::TLS::Record_Size_Limit::Record_Size_Limit ( TLS_Data_Reader & reader,
uint16_t extension_size,
Connection_Side from )

Definition at line 872 of file tls_extensions.cpp.

872 {
873 if(extension_size != 2) {
874 throw TLS_Exception(Alert::DecodeError, "invalid record_size_limit extension");
875 }
876
877 m_limit = reader.get_uint16_t();
878
879 // RFC 8449 4.
880 // This value is the length of the plaintext of a protected record.
881 // The value includes the content type and padding added in TLS 1.3 (that
882 // is, the complete length of TLSInnerPlaintext).
883 //
884 // A server MUST NOT enforce this restriction; a client might advertise
885 // a higher limit that is enabled by an extension or version the server
886 // does not understand. A client MAY abort the handshake with an
887 // "illegal_parameter" alert.
888 //
889 // Note: We are currently supporting this extension in TLS 1.3 only, hence
890 // we check for the TLS 1.3 limit. The TLS 1.2 limit would not include
891 // the "content type byte" and hence be one byte less!
892 if(m_limit > MAX_PLAINTEXT_SIZE + 1 /* encrypted content type byte */ && from == Connection_Side::Server) {
893 throw TLS_Exception(Alert::IllegalParameter,
894 "Server requested a record size limit larger than the protocol's maximum");
895 }
896
897 // RFC 8449 4.
898 // Endpoints MUST NOT send a "record_size_limit" extension with a value
899 // smaller than 64. An endpoint MUST treat receipt of a smaller value
900 // as a fatal error and generate an "illegal_parameter" alert.
901 if(m_limit < 64) {
902 throw TLS_Exception(Alert::IllegalParameter, "Received a record size limit smaller than 64 bytes");
903 }
904}

References Botan::TLS::TLS_Data_Reader::get_uint16_t(), Botan::TLS::MAX_PLAINTEXT_SIZE, and Botan::TLS::Server.

Member Function Documentation

◆ empty()

bool Botan::TLS::Record_Size_Limit::empty ( ) const
inlineoverridevirtual
Returns
if we should encode this extension or not

Implements Botan::TLS::Extension.

Definition at line 429 of file tls_extensions.h.

429{ return m_limit == 0; }

◆ is_implemented()

virtual bool Botan::TLS::Extension::is_implemented ( ) const
inlinevirtualinherited
Returns
true if this extension is known and implemented by Botan

Reimplemented in Botan::TLS::Unknown_Extension.

Definition at line 100 of file tls_extensions.h.

100{ return true; }

◆ limit()

uint16_t Botan::TLS::Record_Size_Limit::limit ( ) const
inline

Definition at line 425 of file tls_extensions.h.

425{ return m_limit; }

Referenced by Record_Size_Limit().

◆ serialize()

std::vector< uint8_t > Botan::TLS::Record_Size_Limit::serialize ( Connection_Side whoami) const
overridevirtual
Returns
serialized binary for the extension

Implements Botan::TLS::Extension.

Definition at line 906 of file tls_extensions.cpp.

906 {
907 std::vector<uint8_t> buf;
908
909 buf.push_back(get_byte<0>(m_limit));
910 buf.push_back(get_byte<1>(m_limit));
911
912 return buf;
913}
Botan::get_byte
constexpr uint8_t get_byte(T input)
Definition loadstor.h:79

References Botan::get_byte().

◆ static_type()

Extension_Code Botan::TLS::Record_Size_Limit::static_type ( )
inlinestatic

Definition at line 417 of file tls_extensions.h.

417{ return Extension_Code::RecordSizeLimit; }

References Botan::TLS::RecordSizeLimit.

Referenced by type().

◆ type()

Extension_Code Botan::TLS::Record_Size_Limit::type ( ) const
inlineoverridevirtual
Returns
code number of the extension

Implements Botan::TLS::Extension.

Definition at line 419 of file tls_extensions.h.

419{ return static_type(); }
Botan::TLS::Record_Size_Limit::static_type
static Extension_Code static_type()
Definition tls_extensions.h:417

References static_type().

The documentation for this class was generated from the following files:
Generated by doxygen 1.16.1