doxygen/msg__session__ticket_8cpp_source.html

/*

* Session Tickets

* (C) 2012 Jack Lloyd

*

* Botan is released under the Simplified BSD License (see license.txt)

*/


#include <botan/tls_messages.h>


#include <botan/rng.h>

#include <botan/tls_callbacks.h>

#include <botan/tls_session.h>

#include <botan/tls_session_manager.h>

#include <botan/internal/loadstor.h>

#include <botan/internal/tls_handshake_hash.h>

#include <botan/internal/tls_handshake_io.h>

#include <botan/internal/tls_reader.h>


#include <botan/tls_exceptn.h>


#include <span>


namespace Botan::TLS {


New_Session_Ticket_12::New_Session_Ticket_12(Handshake_IO& io,

                                             Handshake_Hash& hash,

                                             Session_Ticket ticket,

                                             std::chrono::seconds lifetime) :

      m_ticket_lifetime_hint(lifetime), m_ticket(std::move(ticket)) {

   hash.update(io.send(*this));

}


New_Session_Ticket_12::New_Session_Ticket_12(Handshake_IO& io, Handshake_Hash& hash) {

   hash.update(io.send(*this));

}


New_Session_Ticket_12::New_Session_Ticket_12(const std::vector<uint8_t>& buf) {

   if(buf.size() < 6) {

      throw Decoding_Error("Session ticket message too short to be valid");

   }


   TLS_Data_Reader reader("SessionTicket", buf);


   m_ticket_lifetime_hint = std::chrono::seconds(reader.get_uint32_t());

   m_ticket = Session_Ticket(reader.get_range<uint8_t>(2, 0, 65535));

   reader.assert_done();

}


namespace {


template <typename lifetime_t = uint32_t>

void store_lifetime(std::span<uint8_t> sink, std::chrono::seconds lifetime) {

   BOTAN_ARG_CHECK(lifetime.count() >= 0 && lifetime.count() <= std::numeric_limits<lifetime_t>::max(),

                   "Ticket lifetime is out of range");

   store_be(static_cast<lifetime_t>(lifetime.count()), sink.data());

}


}  // namespace


std::vector<uint8_t> New_Session_Ticket_12::serialize() const {

   std::vector<uint8_t> buf(4);

   store_be(static_cast<uint32_t>(m_ticket_lifetime_hint.count()), buf.data());

   append_tls_length_value(buf, m_ticket.get(), 2);

   return buf;

}


#if defined(BOTAN_HAS_TLS_13)


New_Session_Ticket_13::New_Session_Ticket_13(Ticket_Nonce nonce,

                                             const Session& session,

                                             const Session_Handle& handle,

                                             Callbacks& callbacks) :

      m_ticket_lifetime_hint(session.lifetime_hint()),

      m_ticket_age_add(session.session_age_add()),

      m_ticket_nonce(std::move(nonce)),

      m_handle(handle.opaque_handle()) {

   callbacks.tls_modify_extensions(m_extensions, Connection_Side::Server, type());

}


New_Session_Ticket_13::New_Session_Ticket_13(const std::vector<uint8_t>& buf, Connection_Side from) {

   TLS_Data_Reader reader("New_Session_Ticket_13", buf);


   m_ticket_lifetime_hint = std::chrono::seconds(reader.get_uint32_t());


   // RFC 8446 4.6.1

   //    Servers MUST NOT use any value [of ticket_lifetime] greater than 604800

   //    seconds (7 days).

   if(m_ticket_lifetime_hint > std::chrono::days(7)) {

      throw TLS_Exception(Alert::IllegalParameter, "Received a session ticket with lifetime longer than one week.");

   }


   m_ticket_age_add = reader.get_uint32_t();

   m_ticket_nonce = Ticket_Nonce(reader.get_tls_length_value(1));

   m_handle = Opaque_Session_Handle(reader.get_tls_length_value(2));


   m_extensions.deserialize(reader, from, type());


   // RFC 8446 4.6.1

   //    The sole extension currently defined for NewSessionTicket is

   //    "early_data", indicating that the ticket may be used to send 0-RTT

   //    data [...]. Clients MUST ignore unrecognized extensions.

   if(m_extensions.contains_implemented_extensions_other_than({Extension_Code::EarlyData})) {

      throw TLS_Exception(Alert::IllegalParameter, "NewSessionTicket message contained unexpected extension");

   }


   reader.assert_done();

}


std::optional<uint32_t> New_Session_Ticket_13::early_data_byte_limit() const {

   if(!m_extensions.has<EarlyDataIndication>()) {

      return std::nullopt;

   }


   const EarlyDataIndication* ext = m_extensions.get<EarlyDataIndication>();

   BOTAN_ASSERT_NOMSG(ext->max_early_data_size().has_value());

   return ext->max_early_data_size();

}


std::vector<uint8_t> New_Session_Ticket_13::serialize() const {

   std::vector<uint8_t> result(8);


   store_lifetime(std::span(result.data(), 4), m_ticket_lifetime_hint);

   store_be(m_ticket_age_add, result.data() + 4);

   append_tls_length_value(result, m_ticket_nonce.get(), 1);

   append_tls_length_value(result, m_handle.get(), 2);


   // TODO: re-evaluate this construction when reworking message marshalling

   if(m_extensions.empty()) {

      result.push_back(0x00);

      result.push_back(0x00);

   } else {

      result += m_extensions.serialize(Connection_Side::Server);

   }


   return result;

}


#endif


}  // namespace Botan::TLS

BOTAN_ASSERT_NOMSG
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:59

BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:29

Botan::Decoding_Error
Definition exceptn.h:191

Botan::Strong< std::vector< uint8_t >, struct Session_Ticket_ >

Botan::TLS::Callbacks
Definition tls_callbacks.h:44

Botan::TLS::Callbacks::tls_modify_extensions
virtual void tls_modify_extensions(Extensions &extn, Connection_Side which_side, Handshake_Type which_message)
Definition tls_callbacks.cpp:63

Botan::TLS::EarlyDataIndication
Definition tls_extensions.h:855

Botan::TLS::EarlyDataIndication::max_early_data_size
std::optional< uint32_t > max_early_data_size() const
Definition tls_extensions.h:865

Botan::TLS::Extensions::contains_implemented_extensions_other_than
bool contains_implemented_extensions_other_than(const std::set< Extension_Code > &allowed_extensions) const
Definition tls_extensions.h:958

Botan::TLS::Extensions::serialize
std::vector< uint8_t > serialize(Connection_Side whoami) const
Definition tls_extensions.cpp:183

Botan::TLS::Extensions::deserialize
void deserialize(TLS_Data_Reader &reader, Connection_Side from, Handshake_Type message_type)
Definition tls_extensions.cpp:119

Botan::TLS::Extensions::get
T * get() const
Definition tls_extensions.h:915

Botan::TLS::Extensions::empty
bool empty() const
Definition tls_extensions.h:928

Botan::TLS::Extensions::has
bool has() const
Definition tls_extensions.h:920

Botan::TLS::Handshake_Hash
Definition tls_handshake_hash.h:19

Botan::TLS::Handshake_Hash::update
void update(const uint8_t in[], size_t length)
Definition tls_handshake_hash.h:21

Botan::TLS::Handshake_IO
Definition tls_handshake_io.h:44

Botan::TLS::Handshake_IO::send
virtual std::vector< uint8_t > send(const Handshake_Message &msg)=0

Botan::TLS::New_Session_Ticket_12::serialize
std::vector< uint8_t > serialize() const override
Definition msg_session_ticket.cpp:60

Botan::TLS::New_Session_Ticket_12::New_Session_Ticket_12
New_Session_Ticket_12(Handshake_IO &io, Handshake_Hash &hash, Session_Ticket ticket, std::chrono::seconds lifetime)
Definition msg_session_ticket.cpp:25

Botan::TLS::New_Session_Ticket_13::type
Handshake_Type type() const override
Definition tls_messages.h:970

Botan::TLS::New_Session_Ticket_13::early_data_byte_limit
std::optional< uint32_t > early_data_byte_limit() const
Definition msg_session_ticket.cpp:109

Botan::TLS::New_Session_Ticket_13::New_Session_Ticket_13
New_Session_Ticket_13(Ticket_Nonce nonce, const Session &session, const Session_Handle &handle, Callbacks &callbacks)
Definition msg_session_ticket.cpp:69

Botan::TLS::New_Session_Ticket_13::serialize
std::vector< uint8_t > serialize() const override
Definition msg_session_ticket.cpp:119

Botan::TLS::Session_Handle
Helper class to embody a session handle in all protocol versions.
Definition tls_session.h:64

Botan::TLS::Session
Definition tls_session.h:336

Botan::TLS::TLS_Data_Reader
Definition tls_reader.h:24

Botan::TLS::TLS_Data_Reader::assert_done
void assert_done() const
Definition tls_reader.h:29

Botan::TLS::TLS_Data_Reader::get_range
std::vector< T > get_range(size_t len_bytes, size_t min_elems, size_t max_elems)
Definition tls_reader.h:105

Botan::TLS::TLS_Data_Reader::get_tls_length_value
std::vector< uint8_t > get_tls_length_value(size_t len_bytes)
Definition tls_reader.h:100

Botan::TLS::TLS_Data_Reader::get_uint32_t
uint32_t get_uint32_t()
Definition tls_reader.h:52

Botan::TLS::TLS_Exception
Definition tls_exceptn.h:19

Botan::detail::Strong_Base::get
constexpr T & get() &
Definition strong_type.h:50

Botan::TLS
Definition asio_context.cpp:17

Botan::TLS::append_tls_length_value
void append_tls_length_value(std::vector< uint8_t, Alloc > &buf, const T *vals, size_t vals_size, size_t tag_size)
Definition tls_reader.h:180

Botan::TLS::Connection_Side
Connection_Side
Definition tls_magic.h:43

Botan::TLS::Connection_Side::Server
@ Server

Botan::TLS::Ticket_Nonce
Strong< std::vector< uint8_t >, struct Ticket_Nonce_ > Ticket_Nonce
Used to derive the ticket's PSK from the resumption_master_secret.
Definition tls_messages.h:966

Botan::TLS::Session_Ticket
Strong< std::vector< uint8_t >, struct Session_Ticket_ > Session_Ticket
holds a TLS 1.2 session ticket for stateless resumption
Definition tls_session.h:35

Botan::TLS::Opaque_Session_Handle
Strong< std::vector< uint8_t >, struct Opaque_Session_Handle_ > Opaque_Session_Handle
holds an opaque session handle as used in TLS 1.3 that could be either a ticket for stateless resumpt...
Definition tls_session.h:39

Botan::store_be
constexpr auto store_be(ParamTs &&... params)
Definition loadstor.h:773