doxygen/msg__finished_8cpp_source.html

/*

* Finished Message

* (C) 2004-2006,2012 Jack Lloyd

*     2021 Elektrobit Automotive GmbH

*     2022 René Meusel, Hannes Rantzsch - neXenio GmbH

*

* Botan is released under the Simplified BSD License (see license.txt)

*/


#include <botan/tls_messages.h>


#include <botan/kdf.h>

#include <botan/internal/ct_utils.h>

#include <botan/internal/target_info.h>

#include <botan/internal/tls_handshake_io.h>

#include <botan/internal/tls_handshake_state.h>


#if defined(BOTAN_HAS_TLS_13)

   #include <botan/internal/tls_cipher_state.h>

#endif


namespace Botan::TLS {


namespace {


/*

* Compute the verify_data for TLS 1.2

*/

std::vector<uint8_t> finished_compute_verify_12(const Handshake_State& state, Connection_Side side) {

   const uint8_t TLS_CLIENT_LABEL[] = {

      0x63, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x66, 0x69, 0x6E, 0x69, 0x73, 0x68, 0x65, 0x64};


   const uint8_t TLS_SERVER_LABEL[] = {

      0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x66, 0x69, 0x6E, 0x69, 0x73, 0x68, 0x65, 0x64};


   auto prf = state.protocol_specific_prf();


   std::vector<uint8_t> input;

   std::vector<uint8_t> label;

   label += (side == Connection_Side::Client) ? std::make_pair(TLS_CLIENT_LABEL, sizeof(TLS_CLIENT_LABEL))

                                              : std::make_pair(TLS_SERVER_LABEL, sizeof(TLS_SERVER_LABEL));


   input += state.hash().final(state.ciphersuite().prf_algo());


   return unlock(prf->derive_key(12, state.session_keys().master_secret(), input, label));

}


}  // namespace


std::vector<uint8_t> Finished::serialize() const {

   return m_verification_data;

}

std::vector<uint8_t> Finished::serialize() const  {…}


Finished::Finished(const std::vector<uint8_t>& buf) : m_verification_data(buf) {}


std::vector<uint8_t> Finished::verify_data() const {

   return m_verification_data;

}

std::vector<uint8_t> Finished::verify_data() const  {…}


Finished_12::Finished_12(Handshake_IO& io, Handshake_State& state, Connection_Side side) {

   m_verification_data = finished_compute_verify_12(state, side);

   state.hash().update(io.send(*this));

}

Finished_12::Finished_12(Handshake_IO& io, Handshake_State& state, Connection_Side side) {…}


bool Finished_12::verify(const Handshake_State& state, Connection_Side side) const {

   std::vector<uint8_t> computed_verify = finished_compute_verify_12(state, side);


#if defined(BOTAN_UNSAFE_FUZZER_MODE)

   return true;

#else

   // first check the size:

   if(m_verification_data.size() != computed_verify.size()) {

      return false;

   }


   return CT::is_equal(m_verification_data.data(), computed_verify.data(), computed_verify.size()).as_bool();

#endif

}

bool Finished_12::verify(const Handshake_State& state, Connection_Side side) const  {…}


#if defined(BOTAN_HAS_TLS_13)


Finished_13::Finished_13(Cipher_State* cipher_state, const Transcript_Hash& transcript_hash) {

   m_verification_data = cipher_state->finished_mac(transcript_hash);

}

Finished_13::Finished_13(Cipher_State* cipher_state, const Transcript_Hash& transcript_hash) {…}


bool Finished_13::verify(Cipher_State* cipher_state, const Transcript_Hash& transcript_hash) const {

   return cipher_state->verify_peer_finished_mac(transcript_hash, m_verification_data);

}

bool Finished_13::verify(Cipher_State* cipher_state, const Transcript_Hash& transcript_hash) const  {…}

#endif

}  // namespace Botan::TLS

Botan::TLS::Cipher_State
Definition tls_cipher_state.h:62

Botan::TLS::Cipher_State::verify_peer_finished_mac
bool verify_peer_finished_mac(const Transcript_Hash &transcript_hash, const std::vector< uint8_t > &peer_mac) const
Definition tls_cipher_state.cpp:392

Botan::TLS::Cipher_State::finished_mac
std::vector< uint8_t > finished_mac(const Transcript_Hash &transcript_hash) const
Definition tls_cipher_state.cpp:381

Botan::TLS::Finished_12::verify
bool verify(const Handshake_State &state, Connection_Side side) const
Definition msg_finished.cpp:65

Botan::TLS::Finished_12::Finished_12
Finished_12(Handshake_IO &io, Handshake_State &state, Connection_Side side)
Definition msg_finished.cpp:60

Botan::TLS::Finished_13::verify
bool verify(Cipher_State *cipher_state, const Transcript_Hash &transcript_hash) const
Definition msg_finished.cpp:85

Botan::TLS::Finished_13::Finished_13
Finished_13(Cipher_State *cipher_state, const Transcript_Hash &transcript_hash)
Definition msg_finished.cpp:81

Botan::TLS::Finished::Finished
Finished(const std::vector< uint8_t > &buf)
Definition msg_finished.cpp:54

Botan::TLS::Finished::serialize
std::vector< uint8_t > serialize() const override
Definition msg_finished.cpp:50

Botan::TLS::Finished::verify_data
std::vector< uint8_t > verify_data() const
Definition msg_finished.cpp:56

Botan::TLS::Finished::m_verification_data
std::vector< uint8_t > m_verification_data
Definition tls_messages.h:843

Botan::TLS::Handshake_Hash::update
void update(const uint8_t in[], size_t length)
Definition tls_handshake_hash.h:21

Botan::TLS::Handshake_IO
Definition tls_handshake_io.h:44

Botan::TLS::Handshake_IO::send
virtual std::vector< uint8_t > send(const Handshake_Message &msg)=0

Botan::TLS::Handshake_State
Definition tls_handshake_state.h:59

Botan::TLS::Handshake_State::hash
Handshake_Hash & hash()
Definition tls_handshake_state.h:171

Botan::CT::is_equal
constexpr CT::Mask< T > is_equal(const T x[], const T y[], size_t len)
Definition ct_utils.h:789

Botan::TLS
Definition asio_context.cpp:17

Botan::TLS::Transcript_Hash
std::vector< uint8_t > Transcript_Hash
Definition tls_magic.h:81

Botan::TLS::Connection_Side
Connection_Side
Definition tls_magic.h:43

Botan::TLS::Connection_Side::Client
@ Client
Definition tls_magic.h:44

Botan::unlock
std::vector< T > unlock(const secure_vector< T > &in)
Definition secmem.h:82