Namespaces | |
| namespace | Internal |
Typedefs | |
| using | BytesNeeded = size_t |
| using | Client_Handshake_13_Message |
| using | Client_Handshake_13_Message_Ref = as_wrapped_references_t<Client_Handshake_13_Message> |
| using | Client_Handshake_State_13 |
| using | Client_Post_Handshake_13_Message = std::variant<Key_Update> |
| typedef Policy | Default_Policy |
| typedef std::function< std::shared_ptr< Connection_Cipher_State >(uint16_t)> | get_cipherstate_fn |
| using | Handshake_Message_13 |
| using | Handshake_Message_13_Ref = as_wrapped_references_t<Handshake_Message_13> |
| using | Named_Group = Group_Params |
| using | Opaque_Session_Handle = Strong<std::vector<uint8_t>, struct Opaque_Session_Handle_> |
| holds an opaque session handle as used in TLS 1.3 that could be either a ticket for stateless resumption or a database handle. | |
| using | Post_Handshake_Message_13 = std::variant<New_Session_Ticket_13, Key_Update> |
| using | PresharedKeyID = Strong<std::string, struct PresharedKeyID_> |
| holds a PSK identity as used in TLS 1.3 | |
| using | Server_Handshake_13_Message |
| using | Server_Handshake_13_Message_Ref = as_wrapped_references_t<Server_Handshake_13_Message> |
| using | Server_Handshake_State_13 |
| using | Server_Post_Handshake_13_Message = std::variant<New_Session_Ticket_13, Key_Update> |
| using | Session_ID = Strong<std::vector<uint8_t>, struct Session_ID_> |
| holds a TLS 1.2 session ID for stateful resumption | |
| using | Session_Ticket = Strong<std::vector<uint8_t>, struct Session_Ticket_> |
| holds a TLS 1.2 session ticket for stateless resumption | |
| typedef PskIdentity | Ticket |
| using | Ticket_Nonce = Strong<std::vector<uint8_t>, struct Ticket_Nonce_> |
| Used to derive the ticket's PSK from the resumption_master_secret. | |
| using | Transcript_Hash = std::vector<uint8_t> |
Functions | |
| template<typename T , typename Alloc , typename Alloc2 > | |
| void | append_tls_length_value (std::vector< uint8_t, Alloc > &buf, const std::vector< T, Alloc2 > &vals, size_t tag_size) |
| template<typename T , typename Alloc > | |
| void | append_tls_length_value (std::vector< uint8_t, Alloc > &buf, const T *vals, size_t vals_size, size_t tag_size) |
| template<typename Alloc > | |
| void | append_tls_length_value (std::vector< uint8_t, Alloc > &buf, std::string_view str, size_t tag_size) |
| Auth_Method | auth_method_from_string (std::string_view str) |
| std::string | auth_method_to_string (Auth_Method method) |
| Certificate_Type | certificate_type_from_string (const std::string &type_str) |
| std::string | certificate_type_to_string (Certificate_Type type) |
| uint16_t | check_tls_cbc_padding (const uint8_t record[], size_t record_len) |
| const char * | handshake_type_to_string (Handshake_Type type) |
| std::string | kdf_algo_to_string (KDF_Algo algo) |
| Kex_Algo | kex_method_from_string (std::string_view str) |
| std::string | kex_method_to_string (Kex_Algo method) |
| bool | key_exchange_is_psk (Kex_Algo m) |
| std::vector< uint8_t > | make_hello_random (RandomNumberGenerator &rng, Callbacks &cb, const Policy &policy) |
| bool | operator!= (const Server_Information &a, const Server_Information &b) |
| bool | operator< (const Server_Information &a, const Server_Information &b) |
| auto | operator< (const Session_ID &id1, const Session_ID &id2) |
| bool | operator== (const Server_Information &a, const Server_Information &b) |
| Record_Header | read_record (bool is_datagram, secure_vector< uint8_t > &readbuf, const uint8_t input[], size_t input_len, size_t &consumed, secure_vector< uint8_t > &recbuf, Connection_Sequence_Numbers *sequence_numbers, const get_cipherstate_fn &get_cipherstate, bool allow_epoch0_restart) |
| std::vector< AlgorithmIdentifier > | to_algorithm_identifiers (const std::vector< Signature_Scheme > &schemes) |
| void | write_record (secure_vector< uint8_t > &output, Record_Type record_type, Protocol_Version version, uint64_t record_sequence, const uint8_t *message, size_t message_len, Connection_Cipher_State &cs, RandomNumberGenerator &rng) |
| void | write_unencrypted_record (secure_vector< uint8_t > &output, Record_Type record_type, Protocol_Version version, uint64_t record_sequence, const uint8_t *message, size_t message_len) |
Detailed Description
Cipher_State state machine adapted from RFC 8446 7.1.
0
|
v
PSK -> HKDF-Extract = Early Secret
|
+-----> Derive-Secret(., "ext binder" | "res binder", "")
| = binder_key
STATE PSK BINDER
This state is reached by constructing the Cipher_State using init_with_psk(). The state can then be further advanced using advance_with_client_hello() once the initial Client Hello is fully generated. | +-----> Derive-Secret(., "c e traffic", ClientHello) | = client_early_traffic_secret | +-----> Derive-Secret(., "e exp master", ClientHello) | = early_exporter_master_secret v Derive-Secret(., "derived", "") |
- STATE EARLY TRAFFIC This state is reached by calling advance_with_client_hello(). In this state the early data traffic secrets are available. TODO: implement early data. The state can then be further advanced using advance_with_server_hello().
- | v (EC)DHE -> HKDF-Extract = Handshake Secret | +-----> Derive-Secret(., "c hs traffic", | ClientHello...ServerHello) | = client_handshake_traffic_secret | +-----> Derive-Secret(., "s hs traffic", | ClientHello...ServerHello) | = server_handshake_traffic_secret v Derive-Secret(., "derived", "") |
- STATE HANDSHAKE TRAFFIC This state is reached by constructing Cipher_State using init_with_server_hello() or advance_with_server_hello(). In this state the handshake traffic secrets are available. The state can then be further advanced using advance_with_server_finished().
- | v 0 -> HKDF-Extract = Master Secret | +-----> Derive-Secret(., "c ap traffic", | ClientHello...server Finished) | = client_application_traffic_secret_0 | +-----> Derive-Secret(., "s ap traffic", | ClientHello...server Finished) | = server_application_traffic_secret_0 | +-----> Derive-Secret(., "exp master", | ClientHello...server Finished) | = exporter_master_secret
- STATE SERVER APPLICATION TRAFFIC This state is reached by calling advance_with_server_finished(). It allows the server to send application traffic and the client to receive it. The opposite direction is not yet possible in this state. The state can then be further advanced using advance_with_client_finished().
- | +-----> Derive-Secret(., "res master", ClientHello...client Finished) = resumption_master_secret STATE COMPLETED Once this state is reached the handshake is finished, both client and server can exchange application data and no further cipher state advances are possible.
Wrapper type for a TLS 1.3 session ticket (C) 2023 Jack Lloyd 2023 René Meusel - Rohde & Schwarz Cybersecurity
Botan is released under the Simplified BSD License (see license.txt)
Composite key pair that exposes the Public/Private key API but combines multiple key agreement schemes into a hybrid algorithm.
(C) 2023 Jack Lloyd 2023 Fabian Albert, René Meusel - Rohde & Schwarz Cybersecurity
Botan is released under the Simplified BSD License (see license.txt)
Adapter that allows using a KEX key as a KEM, using an ephemeral key in the KEM encapsulation.
(C) 2023 Jack Lloyd 2023 Fabian Albert, René Meusel - Rohde & Schwarz Cybersecurity
Botan is released under the Simplified BSD License (see license.txt)
TLS Session Manger base class implementations (C) 2011-2023 Jack Lloyd 2022-2023 René Meusel - Rohde & Schwarz Cybersecurity
Botan is released under the Simplified BSD License (see license.txt)
Hybrid Session Manager that emits both IDs and Tickets (C) 2023 Jack Lloyd 2023 René Meusel - Rohde & Schwarz Cybersecurity
Botan is released under the Simplified BSD License (see license.txt)
TLS Session Management (C) 2011,2012 Jack Lloyd 2023 René Meusel - Rohde & Schwarz Cybersecurity
Botan is released under the Simplified BSD License (see license.txt)
TLS Stateless Session Manager for stateless servers (C) 2023 Jack Lloyd 2023 René Meusel - Rohde & Schwarz Cybersecurity
Botan is released under the Simplified BSD License (see license.txt)
Typedef Documentation
◆ BytesNeeded
| using Botan::TLS::BytesNeeded = size_t |
Definition at line 36 of file tls_record_layer_13.h.
◆ Client_Handshake_13_Message
Definition at line 1086 of file tls_messages.h.
◆ Client_Handshake_13_Message_Ref
| using Botan::TLS::Client_Handshake_13_Message_Ref = as_wrapped_references_t<Client_Handshake_13_Message> |
Definition at line 1091 of file tls_messages.h.
◆ Client_Handshake_State_13
Definition at line 179 of file tls_handshake_state_13.h.
◆ Client_Post_Handshake_13_Message
| using Botan::TLS::Client_Post_Handshake_13_Message = std::variant<Key_Update> |
Definition at line 1074 of file tls_messages.h.
◆ Default_Policy
| typedef Policy Botan::TLS::Default_Policy |
Definition at line 567 of file tls_policy.h.
◆ get_cipherstate_fn
| typedef std::function<std::shared_ptr<Connection_Cipher_State>(uint16_t)> Botan::TLS::get_cipherstate_fn |
Definition at line 141 of file tls_record.h.
◆ Handshake_Message_13
Definition at line 1055 of file tls_messages.h.
◆ Handshake_Message_13_Ref
| using Botan::TLS::Handshake_Message_13_Ref = as_wrapped_references_t<Handshake_Message_13> |
Definition at line 1066 of file tls_messages.h.
◆ Named_Group
| typedef Group_Params Botan::TLS::Named_Group = Group_Params |
Definition at line 560 of file tls_extensions.h.
◆ Opaque_Session_Handle
| using Botan::TLS::Opaque_Session_Handle = Strong<std::vector<uint8_t>, struct Opaque_Session_Handle_> |
holds an opaque session handle as used in TLS 1.3 that could be either a ticket for stateless resumption or a database handle.
Definition at line 39 of file tls_session.h.
◆ Post_Handshake_Message_13
| using Botan::TLS::Post_Handshake_Message_13 = std::variant<New_Session_Ticket_13, Key_Update> |
Definition at line 1068 of file tls_messages.h.
◆ PresharedKeyID
| using Botan::TLS::PresharedKeyID = Strong<std::string, struct PresharedKeyID_> |
holds a PSK identity as used in TLS 1.3
Definition at line 23 of file tls_psk_identity_13.h.
◆ Server_Handshake_13_Message
Definition at line 1076 of file tls_messages.h.
◆ Server_Handshake_13_Message_Ref
| using Botan::TLS::Server_Handshake_13_Message_Ref = as_wrapped_references_t<Server_Handshake_13_Message> |
Definition at line 1084 of file tls_messages.h.
◆ Server_Handshake_State_13
Definition at line 184 of file tls_handshake_state_13.h.
◆ Server_Post_Handshake_13_Message
| using Botan::TLS::Server_Post_Handshake_13_Message = std::variant<New_Session_Ticket_13, Key_Update> |
Definition at line 1073 of file tls_messages.h.
◆ Session_ID
| using Botan::TLS::Session_ID = Strong<std::vector<uint8_t>, struct Session_ID_> |
holds a TLS 1.2 session ID for stateful resumption
Definition at line 32 of file tls_session.h.
◆ Session_Ticket
| using Botan::TLS::Session_Ticket = Strong<std::vector<uint8_t>, struct Session_Ticket_> |
holds a TLS 1.2 session ticket for stateless resumption
Definition at line 35 of file tls_session.h.
◆ Ticket
| typedef PskIdentity Botan::TLS::Ticket |
Botan 3.0.0 used the class name "Ticket". In Botan 3.1.0 we decided to re-name it to the more generic term "PskIdentity" to better reflect its dual use case for resumption and externally provided PSKs.
Definition at line 72 of file tls_psk_identity_13.h.
◆ Ticket_Nonce
| using Botan::TLS::Ticket_Nonce = Strong<std::vector<uint8_t>, struct Ticket_Nonce_> |
Used to derive the ticket's PSK from the resumption_master_secret.
Definition at line 966 of file tls_messages.h.
◆ Transcript_Hash
| using Botan::TLS::Transcript_Hash = std::vector<uint8_t> |
Definition at line 81 of file tls_magic.h.
Enumeration Type Documentation
◆ AlertType
|
strong |
Type codes for TLS alerts
The enumeration value matches the wire encoding
Definition at line 21 of file tls_alert.h.
◆ Auth_Method
|
strong |
| Enumerator | |
|---|---|
| RSA | |
| ECDSA | |
| UNDEFINED | |
| IMPLICIT | |
Definition at line 65 of file tls_algos.h.
◆ Certificate_Type
|
strong |
| Enumerator | |
|---|---|
| X509 | |
| RawPublicKey | |
Definition at line 205 of file tls_extensions.h.
◆ Cipher_Algo
|
strong |
Definition at line 21 of file tls_algos.h.
◆ Connection_Side
|
strong |
| Enumerator | |
|---|---|
| Client | |
| Server | |
| CLIENT | |
| SERVER | |
Definition at line 43 of file tls_magic.h.
◆ Extension_Code
|
strong |
Definition at line 53 of file tls_extensions.h.
◆ Group_Params_Code
|
strong |
Definition at line 82 of file tls_algos.h.
◆ Handshake_Type
|
strong |
Definition at line 51 of file tls_magic.h.
◆ KDF_Algo
|
strong |
| Enumerator | |
|---|---|
| SHA_1 | |
| SHA_256 | |
| SHA_384 | |
Definition at line 49 of file tls_algos.h.
◆ Kex_Algo
|
strong |
| Enumerator | |
|---|---|
| STATIC_RSA | |
| DH | |
| ECDH | |
| PSK | |
| ECDHE_PSK | |
| DHE_PSK | |
| KEM | |
| KEM_PSK | |
| HYBRID | |
| HYBRID_PSK | |
| UNDEFINED | |
Definition at line 251 of file tls_algos.h.
◆ Nonce_Format
|
strong |
| Enumerator | |
|---|---|
| CBC_MODE | |
| AEAD_IMPLICIT_4 | |
| AEAD_XOR_12 | |
Definition at line 57 of file tls_algos.h.
◆ PSK_Key_Exchange_Mode
|
strong |
◆ Record_Type
|
strong |
| Enumerator | |
|---|---|
| Invalid | |
| ChangeCipherSpec | |
| Alert | |
| Handshake | |
| ApplicationData | |
| Heartbeat | |
Definition at line 32 of file tls_channel_impl.h.
◆ Size_Limits
| enum Botan::TLS::Size_Limits : size_t |
Protocol Constants for SSL/TLS
TODO: this should not be an enum
| Enumerator | |
|---|---|
| TLS_HEADER_SIZE | |
| DTLS_HEADER_SIZE | |
| MAX_PLAINTEXT_SIZE | |
| MAX_COMPRESSED_SIZE | |
| MAX_CIPHERTEXT_SIZE | |
| MAX_AEAD_EXPANSION_SIZE_TLS13 | |
| MAX_CIPHERTEXT_SIZE_TLS13 | |
Definition at line 24 of file tls_magic.h.
◆ Version_Code
|
strong |
| Enumerator | |
|---|---|
| TLS_V11 | TLSv1.1 (no longer supported) |
| TLS_V12 | TLSv1.2. |
| TLS_V13 | TLSv1.3. |
| DTLS_V12 | DTLSv1.2. |
| DTLS_V13 | DTLSv1.3 (not supported yet) |
Definition at line 18 of file tls_version.h.
Function Documentation
◆ append_tls_length_value() [1/3]
| void Botan::TLS::append_tls_length_value | ( | std::vector< uint8_t, Alloc > & | buf, |
| const std::vector< T, Alloc2 > & | vals, | ||
| size_t | tag_size ) |
Definition at line 205 of file tls_reader.h.
References append_tls_length_value().
◆ append_tls_length_value() [2/3]
| void Botan::TLS::append_tls_length_value | ( | std::vector< uint8_t, Alloc > & | buf, |
| const T * | vals, | ||
| size_t | vals_size, | ||
| size_t | tag_size ) |
Helper function for encoding length-tagged vectors
Definition at line 180 of file tls_reader.h.
References Botan::get_byte_var(), and T.
Referenced by append_tls_length_value(), append_tls_length_value(), Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Application_Layer_Protocol_Notification::serialize(), Botan::TLS::Certificate_13::serialize(), Botan::TLS::Certificate_Authorities::serialize(), Botan::TLS::Certificate_Request_12::serialize(), Botan::TLS::Certificate_Request_13::serialize(), Botan::TLS::Certificate_Type_Base::serialize(), Botan::TLS::Client_Hello::serialize(), Botan::TLS::New_Session_Ticket_12::serialize(), Botan::TLS::New_Session_Ticket_13::serialize(), Botan::TLS::PSK::serialize(), Botan::TLS::Renegotiation_Extension::serialize(), Botan::TLS::Server_Hello::serialize(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().
◆ append_tls_length_value() [3/3]
| void Botan::TLS::append_tls_length_value | ( | std::vector< uint8_t, Alloc > & | buf, |
| std::string_view | str, | ||
| size_t | tag_size ) |
Definition at line 210 of file tls_reader.h.
References append_tls_length_value(), and Botan::cast_char_ptr_to_uint8().
◆ auth_method_from_string()
| Auth_Method BOTAN_TEST_API Botan::TLS::auth_method_from_string | ( | std::string_view | str | ) |
Definition at line 120 of file tls_algos.cpp.
References ECDSA, Botan::fmt(), IMPLICIT, RSA, and UNDEFINED.
◆ auth_method_to_string()
| std::string BOTAN_TEST_API Botan::TLS::auth_method_to_string | ( | Auth_Method | method | ) |
Definition at line 105 of file tls_algos.cpp.
References ECDSA, IMPLICIT, RSA, and UNDEFINED.
Referenced by Botan::TLS::Ciphersuite::sig_algo().
◆ certificate_type_from_string()
| Certificate_Type Botan::TLS::certificate_type_from_string | ( | const std::string & | type_str | ) |
Definition at line 377 of file tls_extensions.cpp.
References RawPublicKey, and X509.
Referenced by Botan::TLS::Text_Policy::read_cert_type_list().
◆ certificate_type_to_string()
| std::string Botan::TLS::certificate_type_to_string | ( | Certificate_Type | type | ) |
Definition at line 366 of file tls_extensions.cpp.
References RawPublicKey, and X509.
Referenced by Botan::TLS::Certificate_Type_Base::validate_selection().
◆ check_tls_cbc_padding()
| BOTAN_TEST_API uint16_t Botan::TLS::check_tls_cbc_padding | ( | const uint8_t | record[], |
| size_t | record_len ) |
Check the TLS padding of a record
- Parameters
-
record the record bits record_len length of record
- Returns
- 0 if padding is invalid, otherwise padding_bytes + 1
Definition at line 237 of file tls_cbc.cpp.
References Botan::CT::Mask< T >::is_equal(), Botan::CT::Mask< T >::is_lt(), and Botan::CT::Mask< T >::is_lte().
◆ handshake_type_to_string()
| BOTAN_TEST_API const char * Botan::TLS::handshake_type_to_string | ( | Handshake_Type | type | ) |
Definition at line 23 of file tls_handshake_state.cpp.
References Certificate, CertificateRequest, CertificateStatus, CertificateUrl, CertificateVerify, ClientHello, ClientKeyExchange, EncryptedExtensions, EndOfEarlyData, Finished, HandshakeCCS, HelloRequest, HelloRetryRequest, HelloVerifyRequest, KeyUpdate, NewSessionTicket, None, ServerHello, ServerHelloDone, and ServerKeyExchange.
Referenced by Botan::TLS::Handshake_Transitions::confirm_transition_to(), Botan::TLS::Key_Share::Key_Share(), and Botan::TLS::Handshake_Message::type_string().
◆ kdf_algo_to_string()
Definition at line 15 of file tls_algos.cpp.
References SHA_1, SHA_256, and SHA_384.
Referenced by Botan::TLS::Ciphersuite::prf_algo().
◆ kex_method_from_string()
| Kex_Algo BOTAN_TEST_API Botan::TLS::kex_method_from_string | ( | std::string_view | str | ) |
Definition at line 57 of file tls_algos.cpp.
References DH, DHE_PSK, ECDH, ECDHE_PSK, Botan::fmt(), HYBRID, HYBRID_PSK, KEM, KEM_PSK, PSK, STATIC_RSA, and UNDEFINED.
◆ kex_method_to_string()
| std::string BOTAN_TEST_API Botan::TLS::kex_method_to_string | ( | Kex_Algo | method | ) |
Definition at line 28 of file tls_algos.cpp.
References DH, DHE_PSK, ECDH, ECDHE_PSK, HYBRID, HYBRID_PSK, KEM, KEM_PSK, PSK, STATIC_RSA, and UNDEFINED.
Referenced by Botan::TLS::Ciphersuite::kex_algo(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().
◆ key_exchange_is_psk()
|
inline |
Definition at line 270 of file tls_algos.h.
References DHE_PSK, ECDHE_PSK, and PSK.
Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange().
◆ make_hello_random()
| std::vector< uint8_t > Botan::TLS::make_hello_random | ( | RandomNumberGenerator & | rng, |
| Callbacks & | cb, | ||
| const Policy & | policy ) |
Definition at line 38 of file msg_client_hello.cpp.
References Botan::TLS::Policy::allow_dtls12(), Botan::TLS::Policy::allow_tls12(), Botan::HashFunction::create_or_throw(), Botan::TLS::Policy::hash_hello_random(), Botan::TLS::Policy::include_time_in_hello_random(), Botan::RandomNumberGenerator::random_vec(), Botan::store_be(), and Botan::TLS::Callbacks::tls_current_timestamp().
Referenced by Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_12::Client_Hello_12(), Botan::TLS::Client_Hello_13::Client_Hello_13(), and Botan::TLS::Server_Hello_12::Server_Hello_12().
◆ operator!=()
|
inline |
Definition at line 74 of file tls_server_info.h.
References Botan::b.
◆ operator<() [1/2]
|
inline |
Definition at line 78 of file tls_server_info.h.
References Botan::b, Botan::TLS::Server_Information::hostname(), Botan::TLS::Server_Information::port(), and Botan::TLS::Server_Information::service().
◆ operator<() [2/2]
|
inline |
Definition at line 41 of file tls_session.h.
◆ operator==()
|
inline |
Definition at line 70 of file tls_server_info.h.
References Botan::b, Botan::TLS::Server_Information::hostname(), Botan::TLS::Server_Information::port(), and Botan::TLS::Server_Information::service().
◆ read_record()
| Record_Header Botan::TLS::read_record | ( | bool | is_datagram, |
| secure_vector< uint8_t > & | read_buffer, | ||
| const uint8_t | input[], | ||
| size_t | input_len, | ||
| size_t & | consumed, | ||
| secure_vector< uint8_t > & | record_buf, | ||
| Connection_Sequence_Numbers * | sequence_numbers, | ||
| const get_cipherstate_fn & | get_cipherstate, | ||
| bool | allow_epoch0_restart ) |
Decode a TLS record
- Returns
- zero if full message, else number of bytes still needed
Definition at line 488 of file tls_record.cpp.
Referenced by Botan::TLS::Channel_Impl_12::from_peer().
◆ to_algorithm_identifiers()
| std::vector< AlgorithmIdentifier > Botan::TLS::to_algorithm_identifiers | ( | const std::vector< Signature_Scheme > & | schemes | ) |
Definition at line 332 of file tls_signature_scheme.cpp.
Referenced by Botan::TLS::Certificate_13::Certificate_13(), and Botan::TLS::Certificate_13::Certificate_13().
◆ write_record()
| void Botan::TLS::write_record | ( | secure_vector< uint8_t > & | write_buffer, |
| Record_Type | record_type, | ||
| Protocol_Version | record_version, | ||
| uint64_t | record_sequence, | ||
| const uint8_t * | message, | ||
| size_t | message_len, | ||
| Connection_Cipher_State & | cipherstate, | ||
| RandomNumberGenerator & | rng ) |
Create a TLS record
- Parameters
-
write_buffer the output record is placed here record_type the record layer type record_version the record layer version record_sequence the record layer sequence number message the record contents message_len is size of message cipherstate is the writing cipher state rng is a random number generator
Definition at line 200 of file tls_record.cpp.
References Botan::TLS::Connection_Cipher_State::aead(), Botan::TLS::Connection_Cipher_State::aead_nonce(), BOTAN_ASSERT, CBC_MODE, Botan::Cipher_Mode::finish(), Botan::TLS::Connection_Cipher_State::format_ad(), MAX_CIPHERTEXT_SIZE, Botan::TLS::Connection_Cipher_State::nonce_bytes_from_handshake(), Botan::TLS::Connection_Cipher_State::nonce_bytes_from_record(), Botan::TLS::Connection_Cipher_State::nonce_format(), Botan::Cipher_Mode::output_length(), Botan::AEAD_Mode::set_associated_data(), and Botan::Cipher_Mode::start().
◆ write_unencrypted_record()
| void Botan::TLS::write_unencrypted_record | ( | secure_vector< uint8_t > & | write_buffer, |
| Record_Type | record_type, | ||
| Protocol_Version | record_version, | ||
| uint64_t | record_sequence, | ||
| const uint8_t * | message, | ||
| size_t | message_len ) |
Create an initial (unencrypted) TLS handshake record
- Parameters
-
write_buffer the output record is placed here record_type the record layer type record_version the record layer version record_sequence the record layer sequence number message the record contents message_len is size of message
Definition at line 186 of file tls_record.cpp.
References ApplicationData.
Generated by
1.12.0