Botan  2.4.0
Crypto and TLS for C++11
Classes | Public Member Functions | List of all members
Botan::TLS::Server_Hello Class Referencefinal

#include <tls_messages.h>

Inheritance diagram for Botan::TLS::Server_Hello:
Botan::TLS::Handshake_Message

Classes

class  Settings
 

Public Member Functions

uint16_t ciphersuite () const
 
uint8_t compression_method () const
 
std::set< Handshake_Extension_Typeextension_types () const
 
std::string next_protocol () const
 
bool prefers_compressed_ec_points () const
 
const std::vector< uint8_t > & random () const
 
std::vector< uint8_t > renegotiation_info () const
 
bool secure_renegotiation () const
 
 Server_Hello (Handshake_IO &io, Handshake_Hash &hash, const Policy &policy, RandomNumberGenerator &rng, const std::vector< uint8_t > &secure_reneg_info, const Client_Hello &client_hello, const Server_Hello::Settings &settings, const std::string next_protocol)
 
 Server_Hello (Handshake_IO &io, Handshake_Hash &hash, const Policy &policy, RandomNumberGenerator &rng, const std::vector< uint8_t > &secure_reneg_info, const Client_Hello &client_hello, Session &resumed_session, bool offer_session_ticket, const std::string &next_protocol)
 
 Server_Hello (const std::vector< uint8_t > &buf)
 
const std::vector< uint8_t > & session_id () const
 
uint16_t srtp_profile () const
 
bool supports_certificate_status_message () const
 
bool supports_encrypt_then_mac () const
 
bool supports_extended_master_secret () const
 
bool supports_session_ticket () const
 
Handshake_Type type () const override
 
std::string type_string () const
 
Protocol_Version version () const
 

Detailed Description

Server Hello Message

Definition at line 184 of file tls_messages.h.

Constructor & Destructor Documentation

◆ Server_Hello() [1/3]

Botan::TLS::Server_Hello::Server_Hello ( Handshake_IO io,
Handshake_Hash hash,
const Policy policy,
RandomNumberGenerator rng,
const std::vector< uint8_t > &  secure_reneg_info,
const Client_Hello client_hello,
const Server_Hello::Settings settings,
const std::string  next_protocol 
)

Definition at line 23 of file msg_server_hello.cpp.

References Botan::TLS::Extensions::add(), Botan::TLS::Ciphersuite::by_id(), Botan::TLS::Ciphersuite::cbc_ciphersuite(), Botan::TLS::Ciphersuite::ecc_ciphersuite(), Botan::TLS::Client_Hello::extension_types(), Botan::TLS::Protocol_Version::is_datagram_protocol(), Botan::TLS::Policy::negotiate_encrypt_then_mac(), Botan::TLS::Server_Hello::Settings::offer_session_ticket(), Botan::TLS::Client_Hello::secure_renegotiation(), Botan::TLS::Handshake_IO::send(), Botan::TLS::Client_Hello::srtp_profiles(), Botan::TLS::Policy::srtp_profiles(), Botan::TLS::Policy::support_cert_status_message(), Botan::TLS::Client_Hello::supports_alpn(), Botan::TLS::Client_Hello::supports_cert_status_message(), Botan::TLS::Client_Hello::supports_encrypt_then_mac(), Botan::TLS::Client_Hello::supports_extended_master_secret(), Botan::TLS::Client_Hello::supports_session_ticket(), Botan::TLS::TLSEXT_EC_POINT_FORMATS, Botan::TLS::Handshake_Hash::update(), and Botan::TLS::Policy::use_ecc_point_compression().

30  :
31  m_version(server_settings.protocol_version()),
32  m_session_id(server_settings.session_id()),
33  m_random(make_hello_random(rng, policy)),
34  m_ciphersuite(server_settings.ciphersuite()),
35  m_comp_method(server_settings.compression())
36  {
37  if(client_hello.supports_extended_master_secret())
38  m_extensions.add(new Extended_Master_Secret);
39 
40  // Sending the extension back does not commit us to sending a stapled response
41  if(client_hello.supports_cert_status_message() && policy.support_cert_status_message())
42  m_extensions.add(new Certificate_Status_Request);
43 
44  Ciphersuite c = Ciphersuite::by_id(m_ciphersuite);
45 
46  if(c.cbc_ciphersuite() && client_hello.supports_encrypt_then_mac() && policy.negotiate_encrypt_then_mac())
47  {
48  m_extensions.add(new Encrypt_then_MAC);
49  }
50 
51  if(c.ecc_ciphersuite() && client_hello.extension_types().count(TLSEXT_EC_POINT_FORMATS))
52  {
53  m_extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression()));
54  }
55 
56  if(client_hello.secure_renegotiation())
57  m_extensions.add(new Renegotiation_Extension(reneg_info));
58 
59  if(client_hello.supports_session_ticket() && server_settings.offer_session_ticket())
60  m_extensions.add(new Session_Ticket());
61 
62  if(!next_protocol.empty() && client_hello.supports_alpn())
63  m_extensions.add(new Application_Layer_Protocol_Notification(next_protocol));
64 
65  if(m_version.is_datagram_protocol())
66  {
67  const std::vector<uint16_t> server_srtp = policy.srtp_profiles();
68  const std::vector<uint16_t> client_srtp = client_hello.srtp_profiles();
69 
70  if(!server_srtp.empty() && !client_srtp.empty())
71  {
72  uint16_t shared = 0;
73  // always using server preferences for now
74  for(auto s_srtp : server_srtp)
75  for(auto c_srtp : client_srtp)
76  {
77  if(shared == 0 && s_srtp == c_srtp)
78  shared = s_srtp;
79  }
80 
81  if(shared)
82  m_extensions.add(new SRTP_Protection_Profiles(shared));
83  }
84  }
85 
86  hash.update(io.send(*this));
87  }
std::string next_protocol() const
Definition: tls_messages.h:273
void add(Extension *extn)
std::vector< uint8_t > make_hello_random(RandomNumberGenerator &rng, const Policy &policy)
static Ciphersuite by_id(uint16_t suite)
MechanismType hash

◆ Server_Hello() [2/3]

Botan::TLS::Server_Hello::Server_Hello ( Handshake_IO io,
Handshake_Hash hash,
const Policy policy,
RandomNumberGenerator rng,
const std::vector< uint8_t > &  secure_reneg_info,
const Client_Hello client_hello,
Session resumed_session,
bool  offer_session_ticket,
const std::string &  next_protocol 
)

Definition at line 90 of file msg_server_hello.cpp.

References Botan::TLS::Extensions::add(), Botan::TLS::Ciphersuite::cbc_ciphersuite(), Botan::TLS::Session::ciphersuite(), Botan::TLS::Ciphersuite::ecc_ciphersuite(), Botan::TLS::Policy::negotiate_encrypt_then_mac(), Botan::TLS::Client_Hello::secure_renegotiation(), Botan::TLS::Handshake_IO::send(), Botan::TLS::Policy::support_cert_status_message(), Botan::TLS::Client_Hello::supports_alpn(), Botan::TLS::Client_Hello::supports_cert_status_message(), Botan::TLS::Client_Hello::supports_encrypt_then_mac(), Botan::TLS::Client_Hello::supports_extended_master_secret(), Botan::TLS::Client_Hello::supports_session_ticket(), Botan::TLS::Handshake_Hash::update(), and Botan::TLS::Policy::use_ecc_point_compression().

98  :
99  m_version(resumed_session.version()),
100  m_session_id(client_hello.session_id()),
101  m_random(make_hello_random(rng, policy)),
102  m_ciphersuite(resumed_session.ciphersuite_code()),
103  m_comp_method(resumed_session.compression_method())
104  {
105  if(client_hello.supports_extended_master_secret())
106  m_extensions.add(new Extended_Master_Secret);
107 
108  // Sending the extension back does not commit us to sending a stapled response
109  if(client_hello.supports_cert_status_message() && policy.support_cert_status_message())
110  m_extensions.add(new Certificate_Status_Request);
111 
112  if(client_hello.supports_encrypt_then_mac() && policy.negotiate_encrypt_then_mac())
113  {
114  Ciphersuite c = resumed_session.ciphersuite();
115  if(c.cbc_ciphersuite())
116  m_extensions.add(new Encrypt_then_MAC);
117  }
118 
119  if(resumed_session.ciphersuite().ecc_ciphersuite())
120  {
121  m_extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression()));
122  }
123 
124  if(client_hello.secure_renegotiation())
125  m_extensions.add(new Renegotiation_Extension(reneg_info));
126 
127  if(client_hello.supports_session_ticket() && offer_session_ticket)
128  m_extensions.add(new Session_Ticket());
129 
130  if(!next_protocol.empty() && client_hello.supports_alpn())
131  m_extensions.add(new Application_Layer_Protocol_Notification(next_protocol));
132 
133  hash.update(io.send(*this));
134  }
std::string next_protocol() const
Definition: tls_messages.h:273
void add(Extension *extn)
std::vector< uint8_t > make_hello_random(RandomNumberGenerator &rng, const Policy &policy)
MechanismType hash

◆ Server_Hello() [3/3]

Botan::TLS::Server_Hello::Server_Hello ( const std::vector< uint8_t > &  buf)
explicit

Definition at line 139 of file msg_server_hello.cpp.

References Botan::TLS::append_tls_length_value(), Botan::TLS::Extensions::deserialize(), Botan::get_byte(), Botan::TLS::TLS_Data_Reader::get_byte(), Botan::TLS::TLS_Data_Reader::get_fixed(), Botan::TLS::TLS_Data_Reader::get_range(), Botan::TLS::TLS_Data_Reader::get_uint16_t(), Botan::TLS::Protocol_Version::major_version(), Botan::TLS::Protocol_Version::minor_version(), and Botan::TLS::Extensions::serialize().

140  {
141  if(buf.size() < 38)
142  throw Decoding_Error("Server_Hello: Packet corrupted");
143 
144  TLS_Data_Reader reader("ServerHello", buf);
145 
146  const uint8_t major_version = reader.get_byte();
147  const uint8_t minor_version = reader.get_byte();
148 
149  m_version = Protocol_Version(major_version, minor_version);
150 
151  m_random = reader.get_fixed<uint8_t>(32);
152 
153  m_session_id = reader.get_range<uint8_t>(1, 0, 32);
154 
155  m_ciphersuite = reader.get_uint16_t();
156 
157  m_comp_method = reader.get_byte();
158 
159  m_extensions.deserialize(reader);
160  }
void deserialize(TLS_Data_Reader &reader)

Member Function Documentation

◆ ciphersuite()

uint16_t Botan::TLS::Server_Hello::ciphersuite ( ) const
inline

Definition at line 224 of file tls_messages.h.

224 { return m_ciphersuite; }

◆ compression_method()

uint8_t Botan::TLS::Server_Hello::compression_method ( ) const
inline

Definition at line 226 of file tls_messages.h.

226 { return m_comp_method; }

◆ extension_types()

std::set<Handshake_Extension_Type> Botan::TLS::Server_Hello::extension_types ( ) const
inline

Definition at line 280 of file tls_messages.h.

281  { return m_extensions.extension_types(); }
std::set< Handshake_Extension_Type > extension_types() const

◆ next_protocol()

std::string Botan::TLS::Server_Hello::next_protocol ( ) const
inline

Definition at line 273 of file tls_messages.h.

274  {
275  if(auto alpn = m_extensions.get<Application_Layer_Protocol_Notification>())
276  return alpn->single_protocol();
277  return "";
278  }

◆ prefers_compressed_ec_points()

bool Botan::TLS::Server_Hello::prefers_compressed_ec_points ( ) const
inline

Definition at line 283 of file tls_messages.h.

References hash.

284  {
285  if(auto ecc_formats = m_extensions.get<Supported_Point_Formats>())
286  {
287  return ecc_formats->prefers_compressed();
288  }
289  return false;
290  }

◆ random()

const std::vector<uint8_t>& Botan::TLS::Server_Hello::random ( ) const
inline

Definition at line 220 of file tls_messages.h.

220 { return m_random; }

◆ renegotiation_info()

std::vector<uint8_t> Botan::TLS::Server_Hello::renegotiation_info ( ) const
inline

Definition at line 233 of file tls_messages.h.

Referenced by Botan::TLS::Channel::secure_renegotiation_check().

234  {
235  if(Renegotiation_Extension* reneg = m_extensions.get<Renegotiation_Extension>())
236  return reneg->renegotiation_info();
237  return std::vector<uint8_t>();
238  }

◆ secure_renegotiation()

bool Botan::TLS::Server_Hello::secure_renegotiation ( ) const
inline

Definition at line 228 of file tls_messages.h.

Referenced by Botan::TLS::Channel::secure_renegotiation_check().

229  {
230  return m_extensions.has<Renegotiation_Extension>();
231  }

◆ session_id()

const std::vector<uint8_t>& Botan::TLS::Server_Hello::session_id ( ) const
inline

Definition at line 222 of file tls_messages.h.

222 { return m_session_id; }

◆ srtp_profile()

uint16_t Botan::TLS::Server_Hello::srtp_profile ( ) const
inline

Definition at line 260 of file tls_messages.h.

261  {
262  if(auto srtp = m_extensions.get<SRTP_Protection_Profiles>())
263  {
264  auto prof = srtp->profiles();
265  if(prof.size() != 1 || prof[0] == 0)
266  throw Decoding_Error("Server sent malformed DTLS-SRTP extension");
267  return prof[0];
268  }
269 
270  return 0;
271  }

◆ supports_certificate_status_message()

bool Botan::TLS::Server_Hello::supports_certificate_status_message ( ) const
inline

Definition at line 250 of file tls_messages.h.

251  {
252  return m_extensions.has<Certificate_Status_Request>();
253  }

◆ supports_encrypt_then_mac()

bool Botan::TLS::Server_Hello::supports_encrypt_then_mac ( ) const
inline

Definition at line 245 of file tls_messages.h.

246  {
247  return m_extensions.has<Encrypt_then_MAC>();
248  }

◆ supports_extended_master_secret()

bool Botan::TLS::Server_Hello::supports_extended_master_secret ( ) const
inline

Definition at line 240 of file tls_messages.h.

241  {
242  return m_extensions.has<Extended_Master_Secret>();
243  }

◆ supports_session_ticket()

bool Botan::TLS::Server_Hello::supports_session_ticket ( ) const
inline

Definition at line 255 of file tls_messages.h.

256  {
257  return m_extensions.has<Session_Ticket>();
258  }

◆ type()

Handshake_Type Botan::TLS::Server_Hello::type ( ) const
inlineoverridevirtual
Returns
the message type

Implements Botan::TLS::Handshake_Message.

Definition at line 216 of file tls_messages.h.

References Botan::TLS::SERVER_HELLO.

◆ type_string()

std::string Botan::TLS::Handshake_Message::type_string ( ) const
inherited
Returns
string representation of this message type

Definition at line 19 of file tls_handshake_state.cpp.

References Botan::TLS::handshake_type_to_string(), and Botan::TLS::Handshake_Message::type().

20  {
22  }
virtual Handshake_Type type() const =0
const char * handshake_type_to_string(Handshake_Type type)

◆ version()

Protocol_Version Botan::TLS::Server_Hello::version ( ) const
inline

Definition at line 218 of file tls_messages.h.

218 { return m_version; }

The documentation for this class was generated from the following files: