Botan  2.6.0
Crypto and TLS for C++11
Classes | Public Member Functions | List of all members
Botan::TLS::Server_Hello Class Referencefinal

#include <tls_messages.h>

Inheritance diagram for Botan::TLS::Server_Hello:
Botan::TLS::Handshake_Message

Classes

class  Settings
 

Public Member Functions

uint16_t ciphersuite () const
 
uint8_t compression_method () const
 
std::set< Handshake_Extension_Typeextension_types () const
 
const Extensionsextensions () const
 
std::string next_protocol () const
 
bool prefers_compressed_ec_points () const
 
const std::vector< uint8_t > & random () const
 
std::vector< uint8_t > renegotiation_info () const
 
bool secure_renegotiation () const
 
 Server_Hello (Handshake_IO &io, Handshake_Hash &hash, const Policy &policy, Callbacks &cb, RandomNumberGenerator &rng, const std::vector< uint8_t > &secure_reneg_info, const Client_Hello &client_hello, const Server_Hello::Settings &settings, const std::string next_protocol)
 
 Server_Hello (Handshake_IO &io, Handshake_Hash &hash, const Policy &policy, Callbacks &cb, RandomNumberGenerator &rng, const std::vector< uint8_t > &secure_reneg_info, const Client_Hello &client_hello, Session &resumed_session, bool offer_session_ticket, const std::string &next_protocol)
 
 Server_Hello (const std::vector< uint8_t > &buf)
 
const std::vector< uint8_t > & session_id () const
 
uint16_t srtp_profile () const
 
bool supports_certificate_status_message () const
 
bool supports_encrypt_then_mac () const
 
bool supports_extended_master_secret () const
 
bool supports_session_ticket () const
 
Handshake_Type type () const override
 
std::string type_string () const
 
Protocol_Version version () const
 

Detailed Description

Server Hello Message

Definition at line 186 of file tls_messages.h.

Constructor & Destructor Documentation

◆ Server_Hello() [1/3]

Botan::TLS::Server_Hello::Server_Hello ( Handshake_IO io,
Handshake_Hash hash,
const Policy policy,
Callbacks cb,
RandomNumberGenerator rng,
const std::vector< uint8_t > &  secure_reneg_info,
const Client_Hello client_hello,
const Server_Hello::Settings settings,
const std::string  next_protocol 
)

Definition at line 24 of file msg_server_hello.cpp.

References Botan::TLS::Extensions::add(), Botan::TLS::Ciphersuite::by_id(), Botan::TLS::Ciphersuite::cbc_ciphersuite(), Botan::TLS::Ciphersuite::ecc_ciphersuite(), Botan::TLS::Client_Hello::extension_types(), hash, Botan::TLS::Protocol_Version::is_datagram_protocol(), Botan::TLS::Policy::negotiate_encrypt_then_mac(), next_protocol(), Botan::TLS::Server_Hello::Settings::offer_session_ticket(), Botan::TLS::Client_Hello::secure_renegotiation(), Botan::TLS::Handshake_IO::send(), Botan::TLS::SERVER, Botan::TLS::Client_Hello::srtp_profiles(), Botan::TLS::Policy::srtp_profiles(), Botan::TLS::Policy::support_cert_status_message(), Botan::TLS::Client_Hello::supports_alpn(), Botan::TLS::Client_Hello::supports_cert_status_message(), Botan::TLS::Client_Hello::supports_encrypt_then_mac(), Botan::TLS::Client_Hello::supports_extended_master_secret(), Botan::TLS::Client_Hello::supports_session_ticket(), Botan::TLS::Callbacks::tls_modify_extensions(), Botan::TLS::TLSEXT_EC_POINT_FORMATS, and Botan::TLS::Policy::use_ecc_point_compression().

32  :
33  m_version(server_settings.protocol_version()),
34  m_session_id(server_settings.session_id()),
35  m_random(make_hello_random(rng, policy)),
36  m_ciphersuite(server_settings.ciphersuite()),
37  m_comp_method(0)
38  {
39  if(client_hello.supports_extended_master_secret())
40  m_extensions.add(new Extended_Master_Secret);
41 
42  // Sending the extension back does not commit us to sending a stapled response
43  if(client_hello.supports_cert_status_message() && policy.support_cert_status_message())
44  m_extensions.add(new Certificate_Status_Request);
45 
46  Ciphersuite c = Ciphersuite::by_id(m_ciphersuite);
47 
48  if(c.cbc_ciphersuite() && client_hello.supports_encrypt_then_mac() && policy.negotiate_encrypt_then_mac())
49  {
50  m_extensions.add(new Encrypt_then_MAC);
51  }
52 
53  if(c.ecc_ciphersuite() && client_hello.extension_types().count(TLSEXT_EC_POINT_FORMATS))
54  {
55  m_extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression()));
56  }
57 
58  if(client_hello.secure_renegotiation())
59  m_extensions.add(new Renegotiation_Extension(reneg_info));
60 
61  if(client_hello.supports_session_ticket() && server_settings.offer_session_ticket())
62  m_extensions.add(new Session_Ticket());
63 
64  if(!next_protocol.empty() && client_hello.supports_alpn())
65  m_extensions.add(new Application_Layer_Protocol_Notification(next_protocol));
66 
67  if(m_version.is_datagram_protocol())
68  {
69  const std::vector<uint16_t> server_srtp = policy.srtp_profiles();
70  const std::vector<uint16_t> client_srtp = client_hello.srtp_profiles();
71 
72  if(!server_srtp.empty() && !client_srtp.empty())
73  {
74  uint16_t shared = 0;
75  // always using server preferences for now
76  for(auto s_srtp : server_srtp)
77  for(auto c_srtp : client_srtp)
78  {
79  if(shared == 0 && s_srtp == c_srtp)
80  shared = s_srtp;
81  }
82 
83  if(shared)
84  m_extensions.add(new SRTP_Protection_Profiles(shared));
85  }
86  }
87 
88  cb.tls_modify_extensions(m_extensions, SERVER);
89 
90  hash.update(io.send(*this));
91  }
std::string next_protocol() const
Definition: tls_messages.h:271
void add(Extension *extn)
std::vector< uint8_t > make_hello_random(RandomNumberGenerator &rng, const Policy &policy)
static Ciphersuite by_id(uint16_t suite)
MechanismType hash

◆ Server_Hello() [2/3]

Botan::TLS::Server_Hello::Server_Hello ( Handshake_IO io,
Handshake_Hash hash,
const Policy policy,
Callbacks cb,
RandomNumberGenerator rng,
const std::vector< uint8_t > &  secure_reneg_info,
const Client_Hello client_hello,
Session resumed_session,
bool  offer_session_ticket,
const std::string &  next_protocol 
)

Definition at line 94 of file msg_server_hello.cpp.

References Botan::TLS::Extensions::add(), Botan::TLS::Ciphersuite::cbc_ciphersuite(), Botan::TLS::Session::ciphersuite(), Botan::TLS::Ciphersuite::ecc_ciphersuite(), Botan::TLS::Client_Hello::extension_types(), hash, Botan::TLS::Policy::negotiate_encrypt_then_mac(), next_protocol(), Botan::TLS::Client_Hello::secure_renegotiation(), Botan::TLS::Handshake_IO::send(), Botan::TLS::SERVER, Botan::TLS::Policy::support_cert_status_message(), Botan::TLS::Client_Hello::supports_alpn(), Botan::TLS::Client_Hello::supports_cert_status_message(), Botan::TLS::Client_Hello::supports_encrypt_then_mac(), Botan::TLS::Client_Hello::supports_extended_master_secret(), Botan::TLS::Client_Hello::supports_session_ticket(), Botan::TLS::Callbacks::tls_modify_extensions(), Botan::TLS::TLSEXT_EC_POINT_FORMATS, and Botan::TLS::Policy::use_ecc_point_compression().

103  :
104  m_version(resumed_session.version()),
105  m_session_id(client_hello.session_id()),
106  m_random(make_hello_random(rng, policy)),
107  m_ciphersuite(resumed_session.ciphersuite_code()),
108  m_comp_method(0)
109  {
110  if(client_hello.supports_extended_master_secret())
111  m_extensions.add(new Extended_Master_Secret);
112 
113  // Sending the extension back does not commit us to sending a stapled response
114  if(client_hello.supports_cert_status_message() && policy.support_cert_status_message())
115  m_extensions.add(new Certificate_Status_Request);
116 
117  if(client_hello.supports_encrypt_then_mac() && policy.negotiate_encrypt_then_mac())
118  {
119  Ciphersuite c = resumed_session.ciphersuite();
120  if(c.cbc_ciphersuite())
121  m_extensions.add(new Encrypt_then_MAC);
122  }
123 
124  if(resumed_session.ciphersuite().ecc_ciphersuite() && client_hello.extension_types().count(TLSEXT_EC_POINT_FORMATS))
125  {
126  m_extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression()));
127  }
128 
129  if(client_hello.secure_renegotiation())
130  m_extensions.add(new Renegotiation_Extension(reneg_info));
131 
132  if(client_hello.supports_session_ticket() && offer_session_ticket)
133  m_extensions.add(new Session_Ticket());
134 
135  if(!next_protocol.empty() && client_hello.supports_alpn())
136  m_extensions.add(new Application_Layer_Protocol_Notification(next_protocol));
137 
138  cb.tls_modify_extensions(m_extensions, SERVER);
139 
140  hash.update(io.send(*this));
141  }
std::string next_protocol() const
Definition: tls_messages.h:271
void add(Extension *extn)
std::vector< uint8_t > make_hello_random(RandomNumberGenerator &rng, const Policy &policy)
MechanismType hash

◆ Server_Hello() [3/3]

Botan::TLS::Server_Hello::Server_Hello ( const std::vector< uint8_t > &  buf)
explicit

Definition at line 146 of file msg_server_hello.cpp.

References Botan::TLS::Extensions::deserialize(), Botan::TLS::TLS_Data_Reader::get_byte(), Botan::TLS::TLS_Data_Reader::get_fixed(), Botan::TLS::TLS_Data_Reader::get_range(), and Botan::TLS::TLS_Data_Reader::get_uint16_t().

147  {
148  if(buf.size() < 38)
149  throw Decoding_Error("Server_Hello: Packet corrupted");
150 
151  TLS_Data_Reader reader("ServerHello", buf);
152 
153  const uint8_t major_version = reader.get_byte();
154  const uint8_t minor_version = reader.get_byte();
155 
156  m_version = Protocol_Version(major_version, minor_version);
157 
158  m_random = reader.get_fixed<uint8_t>(32);
159 
160  m_session_id = reader.get_range<uint8_t>(1, 0, 32);
161 
162  m_ciphersuite = reader.get_uint16_t();
163 
164  m_comp_method = reader.get_byte();
165 
166  m_extensions.deserialize(reader);
167  }
void deserialize(TLS_Data_Reader &reader)

Member Function Documentation

◆ ciphersuite()

uint16_t Botan::TLS::Server_Hello::ciphersuite ( ) const
inline

Definition at line 222 of file tls_messages.h.

222 { return m_ciphersuite; }

◆ compression_method()

uint8_t Botan::TLS::Server_Hello::compression_method ( ) const
inline

Definition at line 224 of file tls_messages.h.

224 { return m_comp_method; }

◆ extension_types()

std::set<Handshake_Extension_Type> Botan::TLS::Server_Hello::extension_types ( ) const
inline

Definition at line 278 of file tls_messages.h.

279  { return m_extensions.extension_types(); }
std::set< Handshake_Extension_Type > extension_types() const

◆ extensions()

const Extensions& Botan::TLS::Server_Hello::extensions ( ) const
inline

Definition at line 281 of file tls_messages.h.

281 { return m_extensions; }

◆ next_protocol()

std::string Botan::TLS::Server_Hello::next_protocol ( ) const
inline

Definition at line 271 of file tls_messages.h.

Referenced by Server_Hello().

272  {
273  if(auto alpn = m_extensions.get<Application_Layer_Protocol_Notification>())
274  return alpn->single_protocol();
275  return "";
276  }

◆ prefers_compressed_ec_points()

bool Botan::TLS::Server_Hello::prefers_compressed_ec_points ( ) const
inline

Definition at line 283 of file tls_messages.h.

284  {
285  if(auto ecc_formats = m_extensions.get<Supported_Point_Formats>())
286  {
287  return ecc_formats->prefers_compressed();
288  }
289  return false;
290  }

◆ random()

const std::vector<uint8_t>& Botan::TLS::Server_Hello::random ( ) const
inline

Definition at line 218 of file tls_messages.h.

218 { return m_random; }

◆ renegotiation_info()

std::vector<uint8_t> Botan::TLS::Server_Hello::renegotiation_info ( ) const
inline

Definition at line 231 of file tls_messages.h.

Referenced by Botan::TLS::Channel::secure_renegotiation_check().

232  {
233  if(Renegotiation_Extension* reneg = m_extensions.get<Renegotiation_Extension>())
234  return reneg->renegotiation_info();
235  return std::vector<uint8_t>();
236  }

◆ secure_renegotiation()

bool Botan::TLS::Server_Hello::secure_renegotiation ( ) const
inline

Definition at line 226 of file tls_messages.h.

Referenced by Botan::TLS::Channel::secure_renegotiation_check().

227  {
228  return m_extensions.has<Renegotiation_Extension>();
229  }

◆ session_id()

const std::vector<uint8_t>& Botan::TLS::Server_Hello::session_id ( ) const
inline

Definition at line 220 of file tls_messages.h.

220 { return m_session_id; }

◆ srtp_profile()

uint16_t Botan::TLS::Server_Hello::srtp_profile ( ) const
inline

Definition at line 258 of file tls_messages.h.

259  {
260  if(auto srtp = m_extensions.get<SRTP_Protection_Profiles>())
261  {
262  auto prof = srtp->profiles();
263  if(prof.size() != 1 || prof[0] == 0)
264  throw Decoding_Error("Server sent malformed DTLS-SRTP extension");
265  return prof[0];
266  }
267 
268  return 0;
269  }

◆ supports_certificate_status_message()

bool Botan::TLS::Server_Hello::supports_certificate_status_message ( ) const
inline

Definition at line 248 of file tls_messages.h.

249  {
250  return m_extensions.has<Certificate_Status_Request>();
251  }

◆ supports_encrypt_then_mac()

bool Botan::TLS::Server_Hello::supports_encrypt_then_mac ( ) const
inline

Definition at line 243 of file tls_messages.h.

244  {
245  return m_extensions.has<Encrypt_then_MAC>();
246  }

◆ supports_extended_master_secret()

bool Botan::TLS::Server_Hello::supports_extended_master_secret ( ) const
inline

Definition at line 238 of file tls_messages.h.

239  {
240  return m_extensions.has<Extended_Master_Secret>();
241  }

◆ supports_session_ticket()

bool Botan::TLS::Server_Hello::supports_session_ticket ( ) const
inline

Definition at line 253 of file tls_messages.h.

254  {
255  return m_extensions.has<Session_Ticket>();
256  }

◆ type()

Handshake_Type Botan::TLS::Server_Hello::type ( ) const
inlineoverridevirtual
Returns
the message type

Implements Botan::TLS::Handshake_Message.

Definition at line 214 of file tls_messages.h.

References Botan::TLS::SERVER_HELLO.

◆ type_string()

std::string Botan::TLS::Handshake_Message::type_string ( ) const
inherited
Returns
string representation of this message type

Definition at line 19 of file tls_handshake_state.cpp.

References Botan::TLS::handshake_type_to_string(), and Botan::TLS::Handshake_Message::type().

20  {
22  }
virtual Handshake_Type type() const =0
const char * handshake_type_to_string(Handshake_Type type)

◆ version()

Protocol_Version Botan::TLS::Server_Hello::version ( ) const
inline

Definition at line 216 of file tls_messages.h.

216 { return m_version; }

The documentation for this class was generated from the following files: