10 #include <botan/tls_messages.h> 11 #include <botan/tls_alert.h> 12 #include <botan/tls_exceptn.h> 13 #include <botan/tls_callbacks.h> 14 #include <botan/rng.h> 15 #include <botan/hash.h> 17 #include <botan/internal/tls_reader.h> 18 #include <botan/internal/tls_session_key.h> 19 #include <botan/internal/tls_handshake_io.h> 20 #include <botan/internal/tls_handshake_hash.h> 21 #include <botan/internal/stl_util.h> 36 std::vector<uint8_t> buf(32);
45 const uint32_t time32 =
static_cast<uint32_t
>(
46 std::chrono::system_clock::to_time_t(std::chrono::system_clock::now()));
74 std::vector<uint8_t> Hello_Request::serialize()
const 76 return std::vector<uint8_t>();
87 const std::vector<uint8_t>& reneg_info,
89 const std::vector<std::string>& next_protocols) :
90 m_version(client_settings.protocol_version()),
92 m_suites(policy.ciphersuite_list(m_version, !client_settings.srp_identifier().empty())),
97 " but our own policy does not accept it");
113 if(client_settings.
hostname() !=
"")
128 #if defined(BOTAN_HAS_SRP6) 133 throw Invalid_State(
"Attempting to initiate SRP session but TLS-SRP support disabled");
139 if(supported_groups->ec_groups().size() > 0)
144 m_extensions.
add(supported_groups.release());
162 const std::vector<uint8_t>& reneg_info,
164 const std::vector<std::string>& next_protocols) :
165 m_version(session.version()),
166 m_session_id(session.session_id()),
168 m_suites(policy.ciphersuite_list(m_version, (session.srp_identifier() !=
""))),
173 " but our own policy does not accept it");
194 if(supported_groups->ec_groups().size() > 0)
199 m_extensions.
add(supported_groups.release());
204 #if defined(BOTAN_HAS_SRP6) 209 throw Invalid_State(
"Attempting to resume SRP session but TLS-SRP support disabled");
227 throw Invalid_State(
"Cannot use hello cookie with stream protocol");
229 m_hello_cookie = hello_verify.
cookie();
235 std::vector<uint8_t> Client_Hello::serialize()
const 237 std::vector<uint8_t> buf;
264 std::vector<uint8_t> buf;
291 const uint8_t major_version = reader.
get_byte();
292 const uint8_t minor_version = reader.
get_byte();
296 m_random = reader.
get_fixed<uint8_t>(32);
298 m_session_id = reader.
get_range<uint8_t>(1, 0, 32);
301 m_hello_cookie = reader.
get_range<uint8_t>(1, 0, 255);
313 if(!reneg->renegotiation_info().empty())
315 "Client sent renegotiation SCSV and non-empty extension");
335 for(
size_t i = 0; i != m_suites.size(); ++i)
336 if(m_suites[i] == ciphersuite)
343 std::vector<Signature_Scheme> schemes;
347 schemes = sigs->supported_schemes();
356 return groups->ec_groups();
357 return std::vector<Group_Params>();
363 return groups->dh_groups();
364 return std::vector<Group_Params>();
371 return ecc_formats->prefers_compressed();
379 return sni->host_name();
383 #if defined(BOTAN_HAS_SRP6) 384 std::string Client_Hello::srp_identifier()
const 386 if(SRP_Identifier* srp = m_extensions.
get<SRP_Identifier>())
387 return srp->identifier();
400 return reneg->renegotiation_info();
401 return std::vector<uint8_t>();
407 return versions->versions();
419 return ticket->contents();
420 return std::vector<uint8_t>();
451 return alpn->protocols();
452 return std::vector<std::string>();
458 return srtp->profiles();
459 return std::vector<uint16_t>();
const Protocol_Version protocol_version() const
std::vector< T > get_fixed(size_t size)
virtual std::vector< uint8_t > send(const Handshake_Message &msg)=0
Client_Hello(Handshake_IO &io, Handshake_Hash &hash, const Policy &policy, Callbacks &cb, RandomNumberGenerator &rng, const std::vector< uint8_t > &reneg_info, const Client_Hello::Settings &client_settings, const std::vector< std::string > &next_protocols)
uint16_t ciphersuite_code() const
bool prefers_compressed_ec_points() const
std::vector< Group_Params > supported_dh_groups() const
static std::unique_ptr< HashFunction > create_or_throw(const std::string &algo_spec, const std::string &provider="")
void store_be(uint16_t in, uint8_t out[2])
std::vector< uint8_t > session_ticket() const
uint8_t minor_version() const
virtual void randomize(uint8_t output[], size_t length)=0
bool supports_encrypt_then_mac() const
std::vector< uint8_t > serialize(Connection_Side whoami) const
std::vector< uint8_t > renegotiation_info() const
void add(Extension *extn)
virtual bool negotiate_encrypt_then_mac() const
void update_hello_cookie(const Hello_Verify_Request &hello_verify)
virtual bool include_time_in_hello_random() const
bool supports_alpn() const
virtual std::vector< uint16_t > srtp_profiles() const
virtual bool use_ecc_point_compression() const
const std::string & hostname() const
bool supports_session_ticket() const
const Server_Information & server_info() const
void deserialize(TLS_Data_Reader &reader, Connection_Side from)
bool supports_negotiable_signature_algorithms() const
bool is_datagram_protocol() const
std::string to_string() const
virtual std::vector< Group_Params > key_exchange_groups() const
std::vector< uint8_t > cookie_input_data() const
bool secure_renegotiation() const
Hello_Request(Handshake_IO &io)
const std::vector< uint8_t > & cookie() const
std::vector< T > get_range_vector(size_t len_bytes, size_t min_elems, size_t max_elems)
std::vector< T > get_range(size_t len_bytes, size_t min_elems, size_t max_elems)
std::vector< Signature_Scheme > signature_schemes() const
virtual bool send_fallback_scsv(Protocol_Version version) const
const std::vector< uint8_t > & session_ticket() const
std::vector< std::string > next_protocols() const
bool offered_suite(uint16_t ciphersuite) const
const std::string & srp_identifier() const
virtual bool support_cert_status_message() const
std::vector< uint8_t > make_hello_random(RandomNumberGenerator &rng, const Policy &policy)
virtual void tls_modify_extensions(Extensions &extn, Connection_Side which_side)
bool supports_encrypt_then_mac() const
bool value_exists(const std::vector< T > &vec, const T &val)
bool sent_signature_algorithms() const
bool supports_cert_status_message() const
uint8_t major_version() const
std::vector< Protocol_Version > supported_versions() const
virtual bool acceptable_protocol_version(Protocol_Version version) const
bool sent_fallback_scsv() const
std::vector< uint16_t > srtp_profiles() const
std::string sni_hostname() const
bool supports_extended_master_secret() const
virtual std::vector< Signature_Scheme > allowed_signature_schemes() const
std::vector< Group_Params > supported_ecc_curves() const
const std::string & srp_identifier() const
void append_tls_length_value(std::vector< uint8_t, Alloc > &buf, const T *vals, size_t vals_size, size_t tag_size)