msg_session_ticket_13.cpp

Go to the documentation of this file.

/*
* Session Tickets
* (C) 2021-2022 Jack Lloyd
*     2021 Elektrobit Automotive GmbH
*     2022 René Meusel, Hannes Rantzsch - neXenio GmbH
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
 
#include <botan/tls_messages_13.h>
 
#include <botan/tls_callbacks.h>
#include <botan/tls_exceptn.h>
#include <botan/tls_extensions_13.h>
#include <botan/tls_session.h>
#include <botan/internal/loadstor.h>
#include <botan/internal/tls_reader.h>
 
#include <span>
 
namespace Botan::TLS {
 
namespace {
 
template <typename lifetime_t = uint32_t>
void store_lifetime(std::span<uint8_t> sink, std::chrono::seconds lifetime) {
   BOTAN_ARG_CHECK(lifetime.count() >= 0 && lifetime.count() <= std::numeric_limits<lifetime_t>::max(),
                   "Ticket lifetime is out of range");
   store_be(static_cast<lifetime_t>(lifetime.count()), sink.data());
}
 
}  // namespace
 
New_Session_Ticket_13::New_Session_Ticket_13(Ticket_Nonce nonce,
                                             const Session& session,
                                             const Session_Handle& handle,
                                             Callbacks& callbacks) :
      m_ticket_lifetime_hint(session.lifetime_hint()),
      m_ticket_age_add(session.session_age_add()),
      m_ticket_nonce(std::move(nonce)),
      m_handle(handle.opaque_handle()) {
   callbacks.tls_modify_extensions(m_extensions, Connection_Side::Server, type());
}
 
New_Session_Ticket_13::New_Session_Ticket_13(const std::vector<uint8_t>& buf, Connection_Side from) {
   TLS_Data_Reader reader("New_Session_Ticket_13", buf);
 
   m_ticket_lifetime_hint = std::chrono::seconds(reader.get_uint32_t());
 
   // RFC 8446 4.6.1
   //    Servers MUST NOT use any value [of ticket_lifetime] greater than 604800
   //    seconds (7 days).
   if(m_ticket_lifetime_hint > std::chrono::days(7)) {
      throw TLS_Exception(Alert::IllegalParameter, "Received a session ticket with lifetime longer than one week.");
   }
 
   m_ticket_age_add = reader.get_uint32_t();
   m_ticket_nonce = Ticket_Nonce(reader.get_tls_length_value(1));
   m_handle = Opaque_Session_Handle(reader.get_tls_length_value(2));
 
   m_extensions.deserialize(reader, from, type());
 
   // RFC 8446 4.6.1
   //    The sole extension currently defined for NewSessionTicket is
   //    "early_data", indicating that the ticket may be used to send 0-RTT
   //    data [...]. Clients MUST ignore unrecognized extensions.
   if(m_extensions.contains_implemented_extensions_other_than({Extension_Code::EarlyData})) {
      throw TLS_Exception(Alert::IllegalParameter, "NewSessionTicket message contained unexpected extension");
   }
 
   reader.assert_done();
}
 
std::optional<uint32_t> New_Session_Ticket_13::early_data_byte_limit() const {
   if(!m_extensions.has<EarlyDataIndication>()) {
      return std::nullopt;
   }
 
   const EarlyDataIndication* ext = m_extensions.get<EarlyDataIndication>();
   BOTAN_ASSERT_NOMSG(ext->max_early_data_size().has_value());
   return ext->max_early_data_size();
}
 
std::vector<uint8_t> New_Session_Ticket_13::serialize() const {
   std::vector<uint8_t> result(8);
 
   store_lifetime(std::span(result.data(), 4), m_ticket_lifetime_hint);
   store_be(m_ticket_age_add, result.data() + 4);
   append_tls_length_value(result, m_ticket_nonce.get(), 1);
   append_tls_length_value(result, m_handle.get(), 2);
 
   // TODO: re-evaluate this construction when reworking message marshalling
   if(m_extensions.empty()) {
      result.push_back(0x00);
      result.push_back(0x00);
   } else {
      result += m_extensions.serialize(Connection_Side::Server);
   }
 
   return result;
}
 
}  // namespace Botan::TLS