Botan  2.4.0
Crypto and TLS for C++11
msg_hello_verify.cpp
Go to the documentation of this file.
1 /*
2 * DTLS Hello Verify Request
3 * (C) 2012 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #include <botan/tls_messages.h>
9 #include <botan/mac.h>
10 
11 namespace Botan {
12 
13 namespace TLS {
14 
15 Hello_Verify_Request::Hello_Verify_Request(const std::vector<uint8_t>& buf)
16  {
17  if(buf.size() < 3)
18  throw Decoding_Error("Hello verify request too small");
19 
20  Protocol_Version version(buf[0], buf[1]);
21 
22  if(version != Protocol_Version::DTLS_V10 &&
23  version != Protocol_Version::DTLS_V12)
24  {
25  throw Decoding_Error("Unknown version from server in hello verify request");
26  }
27 
28  if(static_cast<size_t>(buf[2]) + 3 != buf.size())
29  throw Decoding_Error("Bad length in hello verify request");
30 
31  m_cookie.assign(buf.begin() + 3, buf.end());
32  }
33 
34 Hello_Verify_Request::Hello_Verify_Request(const std::vector<uint8_t>& client_hello_bits,
35  const std::string& client_identity,
36  const SymmetricKey& secret_key)
37  {
38  std::unique_ptr<MessageAuthenticationCode> hmac(MessageAuthenticationCode::create("HMAC(SHA-256)"));
39  hmac->set_key(secret_key);
40 
41  hmac->update_be(client_hello_bits.size());
42  hmac->update(client_hello_bits);
43  hmac->update_be(client_identity.size());
44  hmac->update(client_identity);
45 
46  m_cookie = unlock(hmac->final());
47  }
48 
49 std::vector<uint8_t> Hello_Verify_Request::serialize() const
50  {
51  /* DTLS 1.2 server implementations SHOULD use DTLS version 1.0
52  regardless of the version of TLS that is expected to be
53  negotiated (RFC 6347, section 4.2.1)
54  */
55 
57 
58  std::vector<uint8_t> bits;
59  bits.push_back(format_version.major_version());
60  bits.push_back(format_version.minor_version());
61  bits.push_back(static_cast<uint8_t>(m_cookie.size()));
62  bits += m_cookie;
63  return bits;
64  }
65 
66 }
67 
68 }
static std::unique_ptr< MessageAuthenticationCode > create(const std::string &algo_spec, const std::string &provider="")
Definition: mac.cpp:45
uint8_t minor_version() const
Definition: tls_version.h:82
std::vector< uint8_t > serialize() const override
Definition: alg_id.cpp:13
std::vector< T > unlock(const secure_vector< T > &in)
Definition: secmem.h:95
Hello_Verify_Request(const std::vector< uint8_t > &buf)
uint8_t major_version() const
Definition: tls_version.h:77