Botan::TLS::Server_Hello_12 Class Reference

#include <tls_messages.h>

Inheritance diagram for Botan::TLS::Server_Hello_12:

Classes
class	Settings

Public Member Functions
uint16_t	ciphersuite () const
uint8_t	compression_method () const
std::set< Handshake_Extension_Type >	extension_types () const
const Extensions &	extensions () const
Protocol_Version	legacy_version () const
std::string	next_protocol () const
bool	prefers_compressed_ec_points () const
const std::vector< uint8_t > &	random () const
std::optional< Protocol_Version >	random_signals_downgrade () const
std::vector< uint8_t >	renegotiation_info () const
bool	secure_renegotiation () const
Protocol_Version	selected_version () const override
std::vector< uint8_t >	serialize () const override
	Server_Hello_12 (const std::vector< uint8_t > &buf)
	Server_Hello_12 (Handshake_IO &io, Handshake_Hash &hash, const Policy &policy, Callbacks &cb, RandomNumberGenerator &rng, const std::vector< uint8_t > &secure_reneg_info, const Client_Hello_12 &client_hello, const Settings &settings, const std::string &next_protocol)
	Server_Hello_12 (Handshake_IO &io, Handshake_Hash &hash, const Policy &policy, Callbacks &cb, RandomNumberGenerator &rng, const std::vector< uint8_t > &secure_reneg_info, const Client_Hello_12 &client_hello, Session &resumed_session, bool offer_session_ticket, const std::string &next_protocol)
const std::vector< uint8_t > &	session_id () const
uint16_t	srtp_profile () const
bool	supports_certificate_status_message () const
bool	supports_encrypt_then_mac () const
bool	supports_extended_master_secret () const
bool	supports_session_ticket () const
Handshake_Type	type () const override
std::string	type_string () const
virtual Handshake_Type	wire_type () const

Protected Member Functions
	Server_Hello_12 (std::unique_ptr< Server_Hello_Internal > data)

Protected Attributes
std::unique_ptr< Server_Hello_Internal >	m_data

Friends
class	Server_Hello_13

Detailed Description

Definition at line 285 of file tls_messages.h.

Constructor & Destructor Documentation

Server_Hello_12() [1/4]

Botan::TLS::Server_Hello_12::Server_Hello_12	(	Handshake_IO &	io,
		Handshake_Hash &	hash,
		const Policy &	policy,
		Callbacks &	cb,
		RandomNumberGenerator &	rng,
		const std::vector< uint8_t > &	secure_reneg_info,
		const Client_Hello_12 &	client_hello,
		const Settings &	settings,
		const std::string &	next_protocol
	)

Definition at line 216 of file msg_server_hello.cpp.

                                                                 :
   Server_Hello(std::make_unique<Server_Hello_Internal>(
                   server_settings.protocol_version(),
                   server_settings.session_id(),
                   make_server_hello_random(rng, server_settings.protocol_version(), cb, policy),
                   server_settings.ciphersuite(),
                   uint8_t(0)))
   {
   if(client_hello.supports_extended_master_secret())
      {
      m_data->extensions.add(new Extended_Master_Secret);
      }
 
   // Sending the extension back does not commit us to sending a stapled response
   if(client_hello.supports_cert_status_message() && policy.support_cert_status_message())
      {
      m_data->extensions.add(new Certificate_Status_Request);
      }
 
   if(!next_protocol.empty() && client_hello.supports_alpn())
      {
      m_data->extensions.add(new Application_Layer_Protocol_Notification(next_protocol));
      }
 
   const auto c = Ciphersuite::by_id(m_data->ciphersuite);
 
   if(c && c->cbc_ciphersuite() && client_hello.supports_encrypt_then_mac() && policy.negotiate_encrypt_then_mac())
      {
      m_data->extensions.add(new Encrypt_then_MAC);
      }
 
   if(c && c->ecc_ciphersuite() && client_hello.extension_types().count(TLSEXT_EC_POINT_FORMATS))
      {
      m_data->extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression()));
      }
 
   if(client_hello.secure_renegotiation())
      {
      m_data->extensions.add(new Renegotiation_Extension(reneg_info));
      }
 
   if(client_hello.supports_session_ticket() && server_settings.offer_session_ticket())
      {
      m_data->extensions.add(new Session_Ticket());
      }
 
   if(m_data->legacy_version.is_datagram_protocol())
      {
      const std::vector<uint16_t> server_srtp = policy.srtp_profiles();
      const std::vector<uint16_t> client_srtp = client_hello.srtp_profiles();
 
      if(!server_srtp.empty() && !client_srtp.empty())
         {
         uint16_t shared = 0;
         // always using server preferences for now
         for(auto s_srtp : server_srtp)
            for(auto c_srtp : client_srtp)
               {
               if(shared == 0 && s_srtp == c_srtp)
                  { shared = s_srtp; }
               }
 
         if(shared)
            {
            m_data->extensions.add(new SRTP_Protection_Profiles(shared));
            }
         }
      }
 
   cb.tls_modify_extensions(m_data->extensions, SERVER);
 
   hash.update(io.send(*this));
   }

References Botan::TLS::Ciphersuite::by_id(), Botan::TLS::Client_Hello::extension_types(), Botan::TLS::Server_Hello::m_data, Botan::TLS::Policy::negotiate_encrypt_then_mac(), next_protocol(), Botan::TLS::Server_Hello_12::Settings::offer_session_ticket(), Botan::TLS::Client_Hello_12::secure_renegotiation(), Botan::TLS::Client_Hello::srtp_profiles(), Botan::TLS::Policy::srtp_profiles(), Botan::TLS::Policy::support_cert_status_message(), Botan::TLS::Client_Hello::supports_alpn(), Botan::TLS::Client_Hello_12::supports_cert_status_message(), Botan::TLS::Client_Hello_12::supports_encrypt_then_mac(), Botan::TLS::Client_Hello_12::supports_extended_master_secret(), Botan::TLS::Client_Hello_12::supports_session_ticket(), Botan::TLS::TLSEXT_EC_POINT_FORMATS, and Botan::TLS::Policy::use_ecc_point_compression().

Server_Hello_12() [2/4]

Botan::TLS::Server_Hello_12::Server_Hello_12	(	Handshake_IO &	io,
		Handshake_Hash &	hash,
		const Policy &	policy,
		Callbacks &	cb,
		RandomNumberGenerator &	rng,
		const std::vector< uint8_t > &	secure_reneg_info,
		const Client_Hello_12 &	client_hello,
		Session &	resumed_session,
		bool	offer_session_ticket,
		const std::string &	next_protocol
	)

Definition at line 299 of file msg_server_hello.cpp.

                                                                 :
   Server_Hello(std::make_unique<Server_Hello_Internal>(
                   resumed_session.version(),
                   client_hello.session_id(),
                   make_hello_random(rng, cb, policy),
                   resumed_session.ciphersuite_code(),
                   uint8_t(0)))
   {
   if(client_hello.supports_extended_master_secret())
      {
      m_data->extensions.add(new Extended_Master_Secret);
      }
 
   if(!next_protocol.empty() && client_hello.supports_alpn())
      {
      m_data->extensions.add(new Application_Layer_Protocol_Notification(next_protocol));
      }
 
   if(client_hello.supports_encrypt_then_mac() && policy.negotiate_encrypt_then_mac())
      {
      Ciphersuite c = resumed_session.ciphersuite();
      if(c.cbc_ciphersuite())
         {
         m_data->extensions.add(new Encrypt_then_MAC);
         }
      }
 
   if(resumed_session.ciphersuite().ecc_ciphersuite() && client_hello.extension_types().count(TLSEXT_EC_POINT_FORMATS))
      {
      m_data->extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression()));
      }
 
   if(client_hello.secure_renegotiation())
      {
      m_data->extensions.add(new Renegotiation_Extension(reneg_info));
      }
 
   if(client_hello.supports_session_ticket() && offer_session_ticket)
      {
      m_data->extensions.add(new Session_Ticket());
      }
 
   cb.tls_modify_extensions(m_data->extensions, SERVER);
 
   hash.update(io.send(*this));
   }

References Botan::TLS::Ciphersuite::cbc_ciphersuite(), Botan::TLS::Client_Hello::extension_types(), hash, Botan::TLS::Server_Hello::m_data, Botan::TLS::Policy::negotiate_encrypt_then_mac(), next_protocol(), resumed_session, Botan::TLS::Client_Hello_12::secure_renegotiation(), Botan::TLS::Handshake_IO::send(), Botan::TLS::SERVER, Botan::TLS::Client_Hello::supports_alpn(), Botan::TLS::Client_Hello_12::supports_encrypt_then_mac(), Botan::TLS::Client_Hello_12::supports_extended_master_secret(), Botan::TLS::Client_Hello_12::supports_session_ticket(), Botan::TLS::Callbacks::tls_modify_extensions(), Botan::TLS::TLSEXT_EC_POINT_FORMATS, and Botan::TLS::Policy::use_ecc_point_compression().

Server_Hello_12() [3/4]

Botan::TLS::Server_Hello_12::Server_Hello_12 ( const std::vector< uint8_t > &  buf )

explicit

Definition at line 356 of file msg_server_hello.cpp.

   : Server_Hello_12(std::make_unique<Server_Hello_Internal>(buf))
   {}

Server_Hello_12() [4/4]

Botan::TLS::Server_Hello_12::Server_Hello_12 ( std::unique_ptr< Server_Hello_Internal >  data )

explicitprotected

Definition at line 360 of file msg_server_hello.cpp.

   : Server_Hello(std::move(data))
   {
   if(!m_data->version().is_pre_tls_13())
      {
      throw TLS_Exception(Alert::PROTOCOL_VERSION, "Expected server hello of (D)TLS 1.2 or lower");
      }
   }

References Botan::TLS::Server_Hello::m_data, and Botan::TLS::Alert::PROTOCOL_VERSION.

Member Function Documentation

ciphersuite()

uint16_t Botan::TLS::Server_Hello::ciphersuite ( ) const

inherited

Definition at line 200 of file msg_server_hello.cpp.

   {
   return m_data->ciphersuite;
   }

References Botan::TLS::Server_Hello::m_data.

compression_method()

uint8_t Botan::TLS::Server_Hello::compression_method

(

)

const

Definition at line 278 of file msg_server_hello.cpp.

   {
   return m_data->comp_method;
   }

extension_types()

std::set< Handshake_Extension_Type > Botan::TLS::Server_Hello::extension_types

(

)

const

Definition at line 276 of file msg_server_hello.cpp.

   {
   return m_data->extensions.extension_types();
   }

extensions()

const Extensions & Botan::TLS::Server_Hello::extensions ( ) const

inherited

Definition at line 210 of file msg_server_hello.cpp.

   {
   return m_data->extensions;
   }

References Botan::TLS::Server_Hello::m_data.

legacy_version()

Protocol_Version Botan::TLS::Server_Hello::legacy_version

(

)

const

Definition at line 279 of file msg_server_hello.cpp.

   {
   return m_data->legacy_version;
   }

Referenced by selected_version().

next_protocol()

std::string Botan::TLS::Server_Hello_12::next_protocol

(

)

const

Definition at line 419 of file msg_server_hello.cpp.

   {
   if(auto alpn = m_data->extensions.get<Application_Layer_Protocol_Notification>())
      {
      return alpn->single_protocol();
      }
   return "";
   }

References Botan::TLS::Server_Hello::m_data.

Referenced by Server_Hello_12().

prefers_compressed_ec_points()

bool Botan::TLS::Server_Hello_12::prefers_compressed_ec_points

(

)

const

Definition at line 428 of file msg_server_hello.cpp.

   {
   if(auto ecc_formats = m_data->extensions.get<Supported_Point_Formats>())
      {
      return ecc_formats->prefers_compressed();
      }
   return false;
   }

References Botan::TLS::Server_Hello::m_data.

random()

const std::vector< uint8_t > & Botan::TLS::Server_Hello::random

(

)

const

Definition at line 277 of file msg_server_hello.cpp.

   {
   return m_data->random;
   }

random_signals_downgrade()

std::optional< Protocol_Version > Botan::TLS::Server_Hello_12::random_signals_downgrade

(

)

const

Return desired downgrade version indicated by hello random, if any.

Definition at line 437 of file msg_server_hello.cpp.

   {
   const uint64_t last8 = load_be<uint64_t>(m_data->random.data(), 3);
   if(last8 == DOWNGRADE_TLS11)
      { return Protocol_Version::TLS_V11; }
   if(last8 == DOWNGRADE_TLS12)
      { return Protocol_Version::TLS_V12; }
 
   return std::nullopt;
   }

References Botan::load_be< uint64_t >(), Botan::TLS::Server_Hello::m_data, Botan::TLS::Protocol_Version::TLS_V11, and Botan::TLS::Protocol_Version::TLS_V12.

renegotiation_info()

std::vector< uint8_t > Botan::TLS::Server_Hello_12::renegotiation_info

(

)

const

Definition at line 379 of file msg_server_hello.cpp.

   {
   if(Renegotiation_Extension* reneg = m_data->extensions.get<Renegotiation_Extension>())
      { return reneg->renegotiation_info(); }
   return std::vector<uint8_t>();
   }

References Botan::TLS::Server_Hello::m_data.

Referenced by Botan::TLS::Channel_Impl_12::secure_renegotiation_check().

secure_renegotiation()

bool Botan::TLS::Server_Hello_12::secure_renegotiation

(

)

const

Definition at line 374 of file msg_server_hello.cpp.

   {
   return m_data->extensions.has<Renegotiation_Extension>();
   }

References Botan::TLS::Server_Hello::m_data.

Referenced by Botan::TLS::Channel_Impl_12::secure_renegotiation_check().

selected_version()

Protocol_Version Botan::TLS::Server_Hello_12::selected_version ( ) const

overridevirtual

Returns

the selected version as indicated in the legacy_version field

Implements Botan::TLS::Server_Hello.

Definition at line 369 of file msg_server_hello.cpp.

   {
   return legacy_version();
   }

References legacy_version().

serialize()

std::vector< uint8_t > Botan::TLS::Server_Hello::serialize ( ) const

overridevirtualinherited

Returns

DER representation of this message

Implements Botan::TLS::Handshake_Message.

Definition at line 154 of file msg_server_hello.cpp.

   {
   std::vector<uint8_t> buf;
 
   buf.push_back(m_data->legacy_version.major_version());
   buf.push_back(m_data->legacy_version.minor_version());
   buf += m_data->random;
 
   append_tls_length_value(buf, m_data->session_id, 1);
 
   buf.push_back(get_byte<0>(m_data->ciphersuite));
   buf.push_back(get_byte<1>(m_data->ciphersuite));
 
   buf.push_back(m_data->comp_method);
 
   buf += m_data->extensions.serialize(Connection_Side::SERVER);
 
   return buf;
   }

References Botan::TLS::append_tls_length_value(), Botan::TLS::Server_Hello::m_data, and Botan::TLS::SERVER.

session_id()

const std::vector< uint8_t > & Botan::TLS::Server_Hello::session_id ( ) const

inherited

Definition at line 195 of file msg_server_hello.cpp.

   {
   return m_data->session_id;
   }

References Botan::TLS::Server_Hello::m_data.

srtp_profile()

uint16_t Botan::TLS::Server_Hello_12::srtp_profile

(

)

const

Definition at line 406 of file msg_server_hello.cpp.

   {
   if(auto srtp = m_data->extensions.get<SRTP_Protection_Profiles>())
      {
      auto prof = srtp->profiles();
      if(prof.size() != 1 || prof[0] == 0)
         { throw Decoding_Error("Server sent malformed DTLS-SRTP extension"); }
      return prof[0];
      }
 
   return 0;
   }

References Botan::TLS::Server_Hello::m_data.

supports_certificate_status_message()

bool Botan::TLS::Server_Hello_12::supports_certificate_status_message

(

)

const

Definition at line 396 of file msg_server_hello.cpp.

   {
   return m_data->extensions.has<Certificate_Status_Request>();
   }

References Botan::TLS::Server_Hello::m_data.

supports_encrypt_then_mac()

bool Botan::TLS::Server_Hello_12::supports_encrypt_then_mac

(

)

const

Definition at line 391 of file msg_server_hello.cpp.

   {
   return m_data->extensions.has<Encrypt_then_MAC>();
   }

References Botan::TLS::Server_Hello::m_data.

supports_extended_master_secret()

bool Botan::TLS::Server_Hello_12::supports_extended_master_secret

(

)

const

Definition at line 386 of file msg_server_hello.cpp.

   {
   return m_data->extensions.has<Extended_Master_Secret>();
   }

References Botan::TLS::Server_Hello::m_data.

supports_session_ticket()

bool Botan::TLS::Server_Hello_12::supports_session_ticket

(

)

const

Definition at line 401 of file msg_server_hello.cpp.

   {
   return m_data->extensions.has<Session_Ticket>();
   }

References Botan::TLS::Server_Hello::m_data.

type()

Handshake_Type Botan::TLS::Server_Hello::type ( ) const

overridevirtualinherited

Returns

the message type

Implements Botan::TLS::Handshake_Message.

Definition at line 175 of file msg_server_hello.cpp.

   {
   return SERVER_HELLO;
   }

References Botan::TLS::SERVER_HELLO.

type_string()

std::string Botan::TLS::Handshake_Message::type_string ( ) const

inherited

Returns

string representation of this message type

Definition at line 18 of file tls_handshake_state.cpp.

   {
   return handshake_type_to_string(type());
   }

References Botan::TLS::handshake_type_to_string(), and Botan::TLS::Handshake_Message::type().

wire_type()

virtual Handshake_Type Botan::TLS::Handshake_Message::wire_type ( ) const

inlinevirtualinherited

Returns

the wire representation of the message's type

Definition at line 42 of file tls_handshake_msg.h.

         {
         // Usually equal to the Handshake_Type enum value,
         // with the exception of TLS 1.3 Hello Retry Request.
         return type();
         }

References type.

Referenced by Botan::TLS::Stream_Handshake_IO::send().

Friends And Related Function Documentation

Server_Hello_13

friend class Server_Hello_13

friend

Definition at line 336 of file tls_messages.h.

Member Data Documentation

m_data

std::unique_ptr<Server_Hello_Internal> Botan::TLS::Server_Hello::m_data

protectedinherited

Definition at line 282 of file tls_messages.h.

Referenced by Botan::TLS::Server_Hello::ciphersuite(), Botan::TLS::Server_Hello::compression_method(), Botan::TLS::Server_Hello::extension_types(), Botan::TLS::Server_Hello::extensions(), Botan::TLS::Server_Hello::legacy_version(), next_protocol(), prefers_compressed_ec_points(), Botan::TLS::Server_Hello::random(), random_signals_downgrade(), renegotiation_info(), secure_renegotiation(), Botan::TLS::Server_Hello::serialize(), Server_Hello_12(), Botan::TLS::Server_Hello::session_id(), srtp_profile(), supports_certificate_status_message(), supports_encrypt_then_mac(), supports_extended_master_secret(), and supports_session_ticket().

---

The documentation for this class was generated from the following files:

• src/lib/tls/tls_messages.h
• src/lib/tls/msg_server_hello.cpp