doxygen/msg__session__ticket_8cpp_source.html

/*

* Session Tickets

* (C) 2012 Jack Lloyd

*

* Botan is released under the Simplified BSD License (see license.txt)

*/


#include <botan/tls_messages.h>

#include <botan/rng.h>

#include <botan/tls_session.h>

#include <botan/tls_session_manager.h>

#include <botan/tls_callbacks.h>

#include <botan/internal/tls_reader.h>

#include <botan/internal/tls_handshake_io.h>

#include <botan/internal/tls_handshake_hash.h>

#include <botan/internal/loadstor.h>


#include <botan/tls_exceptn.h>


#include <span>


namespace Botan::TLS {


New_Session_Ticket_12::New_Session_Ticket_12(Handshake_IO& io,

                                             Handshake_Hash& hash,

                                             Session_Ticket ticket,

                                             std::chrono::seconds lifetime) :

   m_ticket_lifetime_hint(lifetime),

   m_ticket(std::move(ticket))

   {

   hash.update(io.send(*this));

   }


New_Session_Ticket_12::New_Session_Ticket_12(Handshake_IO& io,

                                       Handshake_Hash& hash)

   {

   hash.update(io.send(*this));

   }


New_Session_Ticket_12::New_Session_Ticket_12(const std::vector<uint8_t>& buf)

   {

   if(buf.size() < 6)

      throw Decoding_Error("Session ticket message too short to be valid");


   TLS_Data_Reader reader("SessionTicket", buf);


   m_ticket_lifetime_hint = std::chrono::seconds(reader.get_uint32_t());

   m_ticket = Session_Ticket(reader.get_range<uint8_t>(2, 0, 65535));

   reader.assert_done();

   }


namespace {


template <typename lifetime_t = uint32_t>

void store_lifetime(std::span<uint8_t> sink, std::chrono::seconds lifetime)

   {

   BOTAN_ARG_CHECK(lifetime.count() >= 0 && lifetime.count() <= std::numeric_limits<lifetime_t>::max(),

                   "Ticket lifetime is out of range");

   store_be(static_cast<lifetime_t>(lifetime.count()), sink.data());

   }


}


std::vector<uint8_t> New_Session_Ticket_12::serialize() const

   {

   std::vector<uint8_t> buf(4);

   store_be(static_cast<uint32_t>(m_ticket_lifetime_hint.count()), buf.data());

   append_tls_length_value(buf, m_ticket.get(), 2);

   return buf;

   }


#if defined (BOTAN_HAS_TLS_13)


New_Session_Ticket_13::New_Session_Ticket_13(Ticket_Nonce nonce,

                                             const Session& session,

                                             const Session_Handle& handle,

                                             Callbacks& callbacks)

   : m_ticket_lifetime_hint(session.lifetime_hint())

   , m_ticket_age_add(session.session_age_add())

   , m_ticket_nonce(std::move(nonce))

   , m_handle(handle.opaque_handle())

   {

   callbacks.tls_modify_extensions(m_extensions, Connection_Side::Server, type());

   }


New_Session_Ticket_13::New_Session_Ticket_13(const std::vector<uint8_t>& buf,

                                             Connection_Side from)

   {

   TLS_Data_Reader reader("New_Session_Ticket_13", buf);


   m_ticket_lifetime_hint = std::chrono::seconds(reader.get_uint32_t());


   // RFC 8446 4.6.1

   //    Servers MUST NOT use any value [of ticket_lifetime] greater than 604800

   //    seconds (7 days).

   if(m_ticket_lifetime_hint > std::chrono::days(7))

      {

      throw TLS_Exception(Alert::IllegalParameter,

                          "Received a session ticket with lifetime longer than one week.");

      }


   m_ticket_age_add = reader.get_uint32_t();

   m_ticket_nonce = Ticket_Nonce(reader.get_tls_length_value(1));

   m_handle = Opaque_Session_Handle(reader.get_tls_length_value(2));


   m_extensions.deserialize(reader, from, type());


   // RFC 8446 4.6.1

   //    The sole extension currently defined for NewSessionTicket is

   //    "early_data", indicating that the ticket may be used to send 0-RTT

   //    data [...]. Clients MUST ignore unrecognized extensions.

   if(m_extensions.contains_implemented_extensions_other_than({Extension_Code::EarlyData}))

      {

      throw TLS_Exception(Alert::IllegalParameter,

                          "NewSessionTicket message contained unexpected extension");

      }


   reader.assert_done();

   }


std::optional<uint32_t> New_Session_Ticket_13::early_data_byte_limit() const

   {

   if(!m_extensions.has<EarlyDataIndication>())

      return std::nullopt;


   const EarlyDataIndication* ext = m_extensions.get<EarlyDataIndication>();

   BOTAN_ASSERT_NOMSG(ext->max_early_data_size().has_value());

   return ext->max_early_data_size().value();

   }


std::vector<uint8_t> New_Session_Ticket_13::serialize() const

   {

   std::vector<uint8_t> result(8);


   store_lifetime(std::span(result.data(), 4), m_ticket_lifetime_hint);

   store_be(m_ticket_age_add, result.data() + 4);

   append_tls_length_value(result, m_ticket_nonce.get(), 1);

   append_tls_length_value(result, m_handle.get(), 2);


   // TODO: re-evaluate this construction when reworking message marshalling

   if(m_extensions.size() == 0)

      {

      result.push_back(0x00);

      result.push_back(0x00);

      }

   else

      {

      result += m_extensions.serialize(Connection_Side::Server);

      }


   return result;

   }


#endif


}

BOTAN_ASSERT_NOMSG
#define BOTAN_ASSERT_NOMSG(expr)
Definition: assert.h:67

BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition: assert.h:36

Botan::Decoding_Error
Definition: exceptn.h:197

Botan::Strong< std::vector< uint8_t >, struct Session_Ticket_ >

Botan::TLS::Callbacks
Definition: tls_callbacks.h:45

Botan::TLS::Callbacks::tls_modify_extensions
virtual void tls_modify_extensions(Extensions &extn, Connection_Side which_side, Handshake_Type which_message)
Definition: tls_callbacks.cpp:49

Botan::TLS::Handshake_Hash
Definition: tls_handshake_hash.h:22

Botan::TLS::Handshake_Hash::update
void update(const uint8_t in[], size_t length)
Definition: tls_handshake_hash.h:24

Botan::TLS::Handshake_IO
Definition: tls_handshake_io.h:47

Botan::TLS::Handshake_IO::send
virtual std::vector< uint8_t > send(const Handshake_Message &msg)=0

Botan::TLS::New_Session_Ticket_12::serialize
std::vector< uint8_t > serialize() const override
Definition: msg_session_ticket.cpp:64

Botan::TLS::New_Session_Ticket_12::type
Handshake_Type type() const override
Definition: tls_messages.h:920

Botan::TLS::New_Session_Ticket_12::New_Session_Ticket_12
New_Session_Ticket_12(Handshake_IO &io, Handshake_Hash &hash, Session_Ticket ticket, std::chrono::seconds lifetime)
Definition: msg_session_ticket.cpp:24

Botan::TLS::Session_Handle
Helper class to embody a session handle in all protocol versions.
Definition: tls_session.h:69

Botan::TLS::Session
Definition: tls_session.h:299

Botan::TLS::TLS_Data_Reader
Definition: tls_reader.h:27

Botan::TLS::TLS_Data_Reader::assert_done
void assert_done() const
Definition: tls_reader.h:32

Botan::TLS::TLS_Data_Reader::get_range
std::vector< T > get_range(size_t len_bytes, size_t min_elems, size_t max_elems)
Definition: tls_reader.h:121

Botan::TLS::TLS_Data_Reader::get_uint32_t
uint32_t get_uint32_t()
Definition: tls_reader.h:60

Botan::detail::Strong_Base::get
T & get()
Definition: strong_type.h:38

Botan::TLS
Definition: asio_async_ops.h:26

Botan::TLS::Session_Ticket
Strong< std::vector< uint8_t >, struct Session_Ticket_ > Session_Ticket
holds a TLS 1.2 session ticket for stateless resumption
Definition: tls_session.h:37

Botan::TLS::append_tls_length_value
void append_tls_length_value(std::vector< uint8_t, Alloc > &buf, const T *vals, size_t vals_size, size_t tag_size)
Definition: tls_reader.h:214

Botan::TLS::Opaque_Session_Handle
Strong< std::vector< uint8_t >, struct Opaque_Session_Handle_ > Opaque_Session_Handle
holds an opaque session handle as used in TLS 1.3 that could be either a ticket for stateless resumpt...
Definition: tls_session.h:41

Botan::TLS::Connection_Side
Connection_Side
Definition: tls_magic.h:45

Botan::TLS::Connection_Side::Server
@ Server

Botan::store_be
constexpr void store_be(uint16_t in, uint8_t out[2])
Definition: loadstor.h:449

std
Definition: bigint.h:1092