Botan 3.6.1
Crypto and TLS for C&
tls_callbacks.cpp
Go to the documentation of this file.
1/*
2* TLS Callbacks
3* (C) 2016 Jack Lloyd
4* 2017 Harry Reimann, Rohde & Schwarz Cybersecurity
5* 2022 René Meusel, Hannes Rantzsch - neXenio GmbH
6* 2023 René Meusel - Rohde & Schwarz Cybersecurity
7*
8* Botan is released under the Simplified BSD License (see license.txt)
9*/
10
11#include <botan/tls_callbacks.h>
12
13#include <botan/dh.h>
14#include <botan/dl_group.h>
15#include <botan/ecdh.h>
16#include <botan/ocsp.h>
17#include <botan/pk_algs.h>
18#include <botan/tls_algos.h>
19#include <botan/tls_exceptn.h>
20#include <botan/tls_policy.h>
21#include <botan/x509path.h>
22#include <botan/internal/ct_utils.h>
23#include <botan/internal/stl_util.h>
24
25#if defined(BOTAN_HAS_X25519)
26 #include <botan/x25519.h>
27#endif
28
29#if defined(BOTAN_HAS_X448)
30 #include <botan/x448.h>
31#endif
32
33#if defined(BOTAN_HAS_KYBER)
34 #include <botan/kyber.h>
35#endif
36
37#if defined(BOTAN_HAS_FRODOKEM)
38 #include <botan/frodokem.h>
39#endif
40
41#if defined(BOTAN_HAS_TLS_13_PQC)
42 #include <botan/internal/hybrid_public_key.h>
43#endif
44
45namespace Botan {
46
47void TLS::Callbacks::tls_inspect_handshake_msg(const Handshake_Message& /*unused*/) {
48 // default is no op
49}
50
51std::string TLS::Callbacks::tls_server_choose_app_protocol(const std::vector<std::string>& /*unused*/) {
52 return "";
53}
54
55std::string TLS::Callbacks::tls_peer_network_identity() {
56 return "";
57}
58
59std::chrono::system_clock::time_point TLS::Callbacks::tls_current_timestamp() {
60 return std::chrono::system_clock::now();
61}
62
63void TLS::Callbacks::tls_modify_extensions(Extensions& /*unused*/,
64 Connection_Side /*unused*/,
65 Handshake_Type /*unused*/) {}
66
67void TLS::Callbacks::tls_examine_extensions(const Extensions& /*unused*/,
68 Connection_Side /*unused*/,
69 Handshake_Type /*unused*/) {}
70
71bool TLS::Callbacks::tls_should_persist_resumption_information(const Session& session) {
72 // RFC 5077 3.3
73 // The ticket_lifetime_hint field contains a hint from the server about
74 // how long the ticket should be stored. A value of zero is reserved to
75 // indicate that the lifetime of the ticket is unspecified.
76 //
77 // RFC 8446 4.6.1
78 // [A ticket_lifetime] of zero indicates that the ticket should be discarded
79 // immediately.
80 //
81 // By default we opt to keep all sessions, except for TLS 1.3 with a lifetime
82 // hint of zero.
83 return session.lifetime_hint().count() > 0 || session.version().is_pre_tls_13();
84}
85
86void TLS::Callbacks::tls_verify_cert_chain(const std::vector<X509_Certificate>& cert_chain,
87 const std::vector<std::optional<OCSP::Response>>& ocsp_responses,
88 const std::vector<Certificate_Store*>& trusted_roots,
89 Usage_Type usage,
90 std::string_view hostname,
91 const TLS::Policy& policy) {
92 if(cert_chain.empty()) {
93 throw Invalid_Argument("Certificate chain was empty");
94 }
95
96 Path_Validation_Restrictions restrictions(policy.require_cert_revocation_info(),
97 policy.minimum_signature_strength());
98
99 Path_Validation_Result result = x509_path_validate(cert_chain,
100 restrictions,
101 trusted_roots,
102 hostname,
103 usage,
104 tls_current_timestamp(),
105 tls_verify_cert_chain_ocsp_timeout(),
106 ocsp_responses);
107
108 if(!result.successful_validation()) {
109 throw TLS_Exception(Alert::BadCertificate, "Certificate validation failure: " + result.result_string());
110 }
111}
112
113void TLS::Callbacks::tls_verify_raw_public_key(const Public_Key& raw_public_key,
114 Usage_Type usage,
115 std::string_view hostname,
116 const TLS::Policy& policy) {
117 BOTAN_UNUSED(raw_public_key, usage, hostname, policy);
118 // There is no good default implementation for authenticating raw public key.
119 // Applications that wish to use them for authentication, must override this.
120 throw TLS_Exception(Alert::CertificateUnknown, "Application did not provide a means to validate the raw public key");
121}
122
123std::optional<OCSP::Response> TLS::Callbacks::tls_parse_ocsp_response(const std::vector<uint8_t>& raw_response) {
124 try {
125 return OCSP::Response(raw_response);
126 } catch(const Decoding_Error&) {
127 // ignore parsing errors and just ignore the broken OCSP response
128 return std::nullopt;
129 }
130}
131
132std::vector<std::vector<uint8_t>> TLS::Callbacks::tls_provide_cert_chain_status(
133 const std::vector<X509_Certificate>& chain, const Certificate_Status_Request& csr) {
134 std::vector<std::vector<uint8_t>> result(chain.size());
135 if(!chain.empty()) {
136 result[0] = tls_provide_cert_status(chain, csr);
137 }
138 return result;
139}
140
141std::vector<uint8_t> TLS::Callbacks::tls_sign_message(const Private_Key& key,
142 RandomNumberGenerator& rng,
143 std::string_view padding,
144 Signature_Format format,
145 const std::vector<uint8_t>& msg) {
146 PK_Signer signer(key, rng, padding, format);
147
148 return signer.sign_message(msg, rng);
149}
150
151bool TLS::Callbacks::tls_verify_message(const Public_Key& key,
152 std::string_view padding,
153 Signature_Format format,
154 const std::vector<uint8_t>& msg,
155 const std::vector<uint8_t>& sig) {
156 PK_Verifier verifier(key, padding, format);
157
158 return verifier.verify_message(msg, sig);
159}
160
161namespace {
162
163bool is_dh_group(const std::variant<TLS::Group_Params, DL_Group>& group) {
164 return std::holds_alternative<DL_Group>(group) || std::get<TLS::Group_Params>(group).is_dh_named_group();
165}
166
167DL_Group get_dl_group(const std::variant<TLS::Group_Params, DL_Group>& group) {
168 BOTAN_ASSERT_NOMSG(is_dh_group(group));
169
170 // TLS 1.2 allows specifying arbitrary DL_Group parameters in-lieu of
171 // a standardized DH group identifier. TLS 1.3 just offers pre-defined
172 // groups.
173 return std::visit(
174 overloaded{[](const DL_Group& dl_group) { return dl_group; },
175 [&](TLS::Group_Params group_param) { return DL_Group(group_param.to_string().value()); }},
176 group);
177}
178
179} // namespace
180
181std::unique_ptr<Public_Key> TLS::Callbacks::tls_deserialize_peer_public_key(
182 const std::variant<TLS::Group_Params, DL_Group>& group, std::span<const uint8_t> key_bits) {
183 if(is_dh_group(group)) {
184 // TLS 1.2 allows specifying arbitrary DL_Group parameters in-lieu of
185 // a standardized DH group identifier.
186 const auto dl_group = get_dl_group(group);
187
188 auto Y = BigInt::from_bytes(key_bits);
189
190 /*
191 * A basic check for key validity. As we do not know q here we
192 * cannot check that Y is in the right subgroup. However since
193 * our key is ephemeral there does not seem to be any
194 * advantage to bogus keys anyway.
195 */
196 if(Y <= 1 || Y >= dl_group.get_p() - 1) {
197 throw Decoding_Error("Server sent bad DH key for DHE exchange");
198 }
199
200 return std::make_unique<DH_PublicKey>(dl_group, Y);
201 }
202
203 // The special case for TLS 1.2 with an explicit DH group definition is
204 // handled above. All other cases are based on the opaque group definition.
205 BOTAN_ASSERT_NOMSG(std::holds_alternative<TLS::Group_Params>(group));
206 const auto group_params = std::get<TLS::Group_Params>(group);
207
208 if(group_params.is_ecdh_named_curve()) {
209 const auto ec_group = EC_Group::from_name(group_params.to_string().value());
210 return std::make_unique<ECDH_PublicKey>(ec_group, ec_group.OS2ECP(key_bits));
211 }
212
213#if defined(BOTAN_HAS_X25519)
214 if(group_params.is_x25519()) {
215 return std::make_unique<X25519_PublicKey>(key_bits);
216 }
217#endif
218
219#if defined(BOTAN_HAS_X448)
220 if(group_params.is_x448()) {
221 return std::make_unique<X448_PublicKey>(key_bits);
222 }
223#endif
224
225#if defined(BOTAN_HAS_TLS_13_PQC)
226 if(group_params.is_pqc_hybrid()) {
227 return Hybrid_KEM_PublicKey::load_for_group(group_params, key_bits);
228 }
229#endif
230
231#if defined(BOTAN_HAS_KYBER)
232 if(group_params.is_pure_kyber()) {
233 return std::make_unique<Kyber_PublicKey>(key_bits, KyberMode(group_params.to_string().value()));
234 }
235#endif
236
237#if defined(BOTAN_HAS_FRODOKEM)
238 if(group_params.is_pure_frodokem()) {
239 return std::make_unique<FrodoKEM_PublicKey>(key_bits, FrodoKEMMode(group_params.to_string().value()));
240 }
241#endif
242
243 throw Decoding_Error("cannot create a key offering without a group definition");
244}
245
246std::unique_ptr<Private_Key> TLS::Callbacks::tls_kem_generate_key(TLS::Group_Params group, RandomNumberGenerator& rng) {
247#if defined(BOTAN_HAS_KYBER)
248 if(group.is_pure_kyber()) {
249 return std::make_unique<Kyber_PrivateKey>(rng, KyberMode(group.to_string().value()));
250 }
251#endif
252
253#if defined(BOTAN_HAS_FRODOKEM)
254 if(group.is_pure_frodokem()) {
255 return std::make_unique<FrodoKEM_PrivateKey>(rng, FrodoKEMMode(group.to_string().value()));
256 }
257#endif
258
259#if defined(BOTAN_HAS_TLS_13_PQC)
260 if(group.is_pqc_hybrid()) {
261 return Hybrid_KEM_PrivateKey::generate_from_group(group, rng);
262 }
263#endif
264
265 return tls_generate_ephemeral_key(group, rng);
266}
267
268KEM_Encapsulation TLS::Callbacks::tls_kem_encapsulate(TLS::Group_Params group,
269 const std::vector<uint8_t>& encoded_public_key,
270 RandomNumberGenerator& rng,
271 const Policy& policy) {
272 if(group.is_kem()) {
273 auto kem_pub_key = [&] {
274 try {
275 return tls_deserialize_peer_public_key(group, encoded_public_key);
276 } catch(const Decoding_Error& ex) {
277 // This exception means that the public key was invalid. However,
278 // TLS' DecodeError would imply that a protocol message was invalid.
279 throw TLS_Exception(Alert::IllegalParameter, ex.what());
280 }
281 }();
282
283 BOTAN_ASSERT_NONNULL(kem_pub_key);
284 policy.check_peer_key_acceptable(*kem_pub_key);
285
286 try {
287 return PK_KEM_Encryptor(*kem_pub_key, "Raw").encrypt(rng);
288 } catch(const Invalid_Argument& ex) {
289 throw TLS_Exception(Alert::IllegalParameter, ex.what());
290 }
291 } else {
292 // TODO: We could use the KEX_to_KEM_Adapter to remove the case distinction
293 // of KEM and KEX. However, the workarounds in this adapter class
294 // should first be addressed.
295 auto ephemeral_keypair = tls_generate_ephemeral_key(group, rng);
296 BOTAN_ASSERT_NONNULL(ephemeral_keypair);
297 return {ephemeral_keypair->public_value(),
298 tls_ephemeral_key_agreement(group, *ephemeral_keypair, encoded_public_key, rng, policy)};
299 }
300}
301
302secure_vector<uint8_t> TLS::Callbacks::tls_kem_decapsulate(TLS::Group_Params group,
303 const Private_Key& private_key,
304 const std::vector<uint8_t>& encapsulated_bytes,
305 RandomNumberGenerator& rng,
306 const Policy& policy) {
307 if(group.is_kem()) {
308 PK_KEM_Decryptor kemdec(private_key, rng, "Raw");
309 if(encapsulated_bytes.size() != kemdec.encapsulated_key_length()) {
310 throw TLS_Exception(Alert::IllegalParameter, "Invalid encapsulated key length");
311 }
312 return kemdec.decrypt(encapsulated_bytes, 0, {});
313 }
314
315 try {
316 auto& key_agreement_key = dynamic_cast<const PK_Key_Agreement_Key&>(private_key);
317 return tls_ephemeral_key_agreement(group, key_agreement_key, encapsulated_bytes, rng, policy);
318 } catch(const std::bad_cast&) {
319 throw Invalid_Argument("provided ephemeral key is not a PK_Key_Agreement_Key");
320 }
321}
322
323std::unique_ptr<PK_Key_Agreement_Key> TLS::Callbacks::tls_generate_ephemeral_key(
324 const std::variant<TLS::Group_Params, DL_Group>& group, RandomNumberGenerator& rng) {
325 if(is_dh_group(group)) {
326 const DL_Group dl_group = get_dl_group(group);
327 return std::make_unique<DH_PrivateKey>(rng, dl_group);
328 }
329
330 BOTAN_ASSERT_NOMSG(std::holds_alternative<TLS::Group_Params>(group));
331 const auto group_params = std::get<TLS::Group_Params>(group);
332
333 if(group_params.is_ecdh_named_curve()) {
334 const auto ec_group = EC_Group::from_name(group_params.to_string().value());
335 return std::make_unique<ECDH_PrivateKey>(rng, ec_group);
336 }
337
338#if defined(BOTAN_HAS_X25519)
339 if(group_params.is_x25519()) {
340 return std::make_unique<X25519_PrivateKey>(rng);
341 }
342#endif
343
344#if defined(BOTAN_HAS_X448)
345 if(group_params.is_x448()) {
346 return std::make_unique<X448_PrivateKey>(rng);
347 }
348#endif
349
350 if(group_params.is_kem()) {
351 throw TLS_Exception(Alert::IllegalParameter, "cannot generate an ephemeral KEX key for a KEM");
352 }
353
354 throw TLS_Exception(Alert::DecodeError, "cannot create a key offering without a group definition");
355}
356
357secure_vector<uint8_t> TLS::Callbacks::tls_ephemeral_key_agreement(
358 const std::variant<TLS::Group_Params, DL_Group>& group,
359 const PK_Key_Agreement_Key& private_key,
360 const std::vector<uint8_t>& public_value,
361 RandomNumberGenerator& rng,
362 const Policy& policy) {
363 const auto kex_pub_key = [&]() {
364 try {
365 return tls_deserialize_peer_public_key(group, public_value);
366 } catch(const Decoding_Error& ex) {
367 // This exception means that the public key was invalid. However,
368 // TLS' DecodeError would imply that a protocol message was invalid.
369 throw TLS_Exception(Alert::IllegalParameter, ex.what());
370 }
371 }();
372
373 BOTAN_ASSERT_NONNULL(kex_pub_key);
374 policy.check_peer_key_acceptable(*kex_pub_key);
375
376 // RFC 8422 - 5.11.
377 // With X25519 and X448, a receiving party MUST check whether the
378 // computed premaster secret is the all-zero value and abort the
379 // handshake if so, as described in Section 6 of [RFC7748].
380 //
381 // This is done within the key agreement operation and throws
382 // an Invalid_Argument exception if the shared secret is all-zero.
383 try {
384 PK_Key_Agreement ka(private_key, rng, "Raw");
385 return ka.derive_key(0, kex_pub_key->raw_public_key_bits()).bits_of();
386 } catch(const Invalid_Argument& ex) {
387 throw TLS_Exception(Alert::IllegalParameter, ex.what());
388 }
389}
390
391} // namespace Botan
BOTAN_UNUSED
#define BOTAN_UNUSED
Definition assert.h:118
BOTAN_ASSERT_NOMSG
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:59
BOTAN_ASSERT_NONNULL
#define BOTAN_ASSERT_NONNULL(ptr)
Definition assert.h:86
Botan::BigInt::from_bytes
static BigInt from_bytes(std::span< const uint8_t > bytes)
Definition bigint.cpp:95
Botan::DL_Group
Definition dl_group.h:44
Botan::Decoding_Error
Definition exceptn.h:191
Botan::EC_Group::from_name
static EC_Group from_name(std::string_view name)
Definition ec_group.cpp:307
Botan::Exception::what
const char * what() const noexcept override
Definition exceptn.h:93
Botan::Invalid_Argument
Definition exceptn.h:131
Botan::KEM_Encapsulation
Definition pubkey.h:548
Botan::OctetString::bits_of
secure_vector< uint8_t > bits_of() const
Definition symkey.h:36
Botan::PK_KEM_Decryptor
Definition pubkey.h:724
Botan::PK_KEM_Decryptor::encapsulated_key_length
size_t encapsulated_key_length() const
Definition pubkey.cpp:172
Botan::PK_KEM_Decryptor::decrypt
void decrypt(std::span< uint8_t > out_shared_key, std::span< const uint8_t > encap_key, size_t desired_shared_key_len=32, std::span< const uint8_t > salt={})
Definition pubkey.cpp:191
Botan::PK_KEM_Encryptor
Definition pubkey.h:584
Botan::PK_KEM_Encryptor::encrypt
KEM_Encapsulation encrypt(RandomNumberGenerator &rng, size_t desired_shared_key_len=32, std::span< const uint8_t > salt={})
Definition pubkey.h:650
Botan::PK_Key_Agreement_Key
Definition pk_keys.h:387
Botan::PK_Key_Agreement
Definition pubkey.h:397
Botan::PK_Key_Agreement::derive_key
SymmetricKey derive_key(size_t key_len, const uint8_t in[], size_t in_len, const uint8_t params[], size_t params_len) const
Definition pubkey.cpp:232
Botan::PK_Signer
Definition pubkey.h:155
Botan::PK_Signer::sign_message
std::vector< uint8_t > sign_message(const uint8_t in[], size_t length, RandomNumberGenerator &rng)
Definition pubkey.h:186
Botan::PK_Verifier
Definition pubkey.h:272
Botan::PK_Verifier::verify_message
bool verify_message(const uint8_t msg[], size_t msg_length, const uint8_t sig[], size_t sig_length)
Definition pubkey.cpp:371
Botan::Path_Validation_Restrictions
Definition x509path.h:34
Botan::Path_Validation_Result
Definition x509path.h:157
Botan::Path_Validation_Result::successful_validation
bool successful_validation() const
Definition x509path.cpp:1046
Botan::Path_Validation_Result::result_string
std::string result_string() const
Definition x509path.cpp:1064
Botan::Private_Key
Definition pk_keys.h:263
Botan::Public_Key
Definition pk_keys.h:119
Botan::TLS::Callbacks::tls_peer_network_identity
virtual std::string tls_peer_network_identity()
Definition tls_callbacks.cpp:55
Botan::TLS::Callbacks::tls_modify_extensions
virtual void tls_modify_extensions(Extensions &extn, Connection_Side which_side, Handshake_Type which_message)
Definition tls_callbacks.cpp:63
Botan::TLS::Callbacks::tls_provide_cert_chain_status
virtual std::vector< std::vector< uint8_t > > tls_provide_cert_chain_status(const std::vector< X509_Certificate > &chain, const Certificate_Status_Request &csr)
Definition tls_callbacks.cpp:132
Botan::TLS::Callbacks::tls_server_choose_app_protocol
virtual std::string tls_server_choose_app_protocol(const std::vector< std::string > &client_protos)
Definition tls_callbacks.cpp:51
Botan::TLS::Callbacks::tls_parse_ocsp_response
virtual std::optional< OCSP::Response > tls_parse_ocsp_response(const std::vector< uint8_t > &raw_response)
Definition tls_callbacks.cpp:123
Botan::TLS::Callbacks::tls_examine_extensions
virtual void tls_examine_extensions(const Extensions &extn, Connection_Side which_side, Handshake_Type which_message)
Definition tls_callbacks.cpp:67
Botan::TLS::Callbacks::tls_sign_message
virtual std::vector< uint8_t > tls_sign_message(const Private_Key &key, RandomNumberGenerator &rng, std::string_view padding, Signature_Format format, const std::vector< uint8_t > &msg)
Definition tls_callbacks.cpp:141
Botan::TLS::Callbacks::tls_verify_raw_public_key
virtual void tls_verify_raw_public_key(const Public_Key &raw_public_key, Usage_Type usage, std::string_view hostname, const TLS::Policy &policy)
Definition tls_callbacks.cpp:113
Botan::TLS::Callbacks::tls_kem_encapsulate
virtual KEM_Encapsulation tls_kem_encapsulate(TLS::Group_Params group, const std::vector< uint8_t > &encoded_public_key, RandomNumberGenerator &rng, const Policy &policy)
Definition tls_callbacks.cpp:268
Botan::TLS::Callbacks::tls_should_persist_resumption_information
virtual bool tls_should_persist_resumption_information(const Session &session)
Definition tls_callbacks.cpp:71
Botan::TLS::Callbacks::tls_kem_generate_key
virtual std::unique_ptr< Private_Key > tls_kem_generate_key(TLS::Group_Params group, RandomNumberGenerator &rng)
Definition tls_callbacks.cpp:246
Botan::TLS::Callbacks::tls_deserialize_peer_public_key
virtual std::unique_ptr< Public_Key > tls_deserialize_peer_public_key(const std::variant< TLS::Group_Params, DL_Group > &group, std::span< const uint8_t > key_bits)
Definition tls_callbacks.cpp:181
Botan::TLS::Callbacks::tls_ephemeral_key_agreement
virtual secure_vector< uint8_t > tls_ephemeral_key_agreement(const std::variant< TLS::Group_Params, DL_Group > &group, const PK_Key_Agreement_Key &private_key, const std::vector< uint8_t > &public_value, RandomNumberGenerator &rng, const Policy &policy)
Definition tls_callbacks.cpp:357
Botan::TLS::Callbacks::tls_kem_decapsulate
virtual secure_vector< uint8_t > tls_kem_decapsulate(TLS::Group_Params group, const Private_Key &private_key, const std::vector< uint8_t > &encapsulated_bytes, RandomNumberGenerator &rng, const Policy &policy)
Definition tls_callbacks.cpp:302
Botan::TLS::Callbacks::tls_current_timestamp
virtual std::chrono::system_clock::time_point tls_current_timestamp()
Definition tls_callbacks.cpp:59
Botan::TLS::Callbacks::tls_generate_ephemeral_key
virtual std::unique_ptr< PK_Key_Agreement_Key > tls_generate_ephemeral_key(const std::variant< TLS::Group_Params, DL_Group > &group, RandomNumberGenerator &rng)
Definition tls_callbacks.cpp:323
Botan::TLS::Callbacks::tls_verify_cert_chain
virtual void tls_verify_cert_chain(const std::vector< X509_Certificate > &cert_chain, const std::vector< std::optional< OCSP::Response > > &ocsp_responses, const std::vector< Certificate_Store * > &trusted_roots, Usage_Type usage, std::string_view hostname, const TLS::Policy &policy)
Definition tls_callbacks.cpp:86
Botan::TLS::Callbacks::tls_verify_message
virtual bool tls_verify_message(const Public_Key &key, std::string_view padding, Signature_Format format, const std::vector< uint8_t > &msg, const std::vector< uint8_t > &sig)
Definition tls_callbacks.cpp:151
Botan::TLS::Callbacks::tls_inspect_handshake_msg
virtual void tls_inspect_handshake_msg(const Handshake_Message &message)
Definition tls_callbacks.cpp:47
Botan::TLS::Certificate_Status_Request
Definition tls_extensions.h:498
Botan::TLS::Group_Params
Definition tls_algos.h:159
Botan::TLS::Group_Params::is_pqc_hybrid
constexpr bool is_pqc_hybrid() const
Definition tls_algos.h:235
Botan::TLS::Group_Params::is_kem
constexpr bool is_kem() const
Definition tls_algos.h:263
Botan::TLS::Group_Params::is_pure_frodokem
constexpr bool is_pure_frodokem() const
Definition tls_algos.h:215
Botan::TLS::Group_Params::is_pure_kyber
constexpr bool is_pure_kyber() const
Definition tls_algos.h:205
Botan::TLS::Group_Params::to_string
std::optional< std::string > to_string() const
Definition tls_algos.cpp:277
Botan::TLS::Handshake_Message
Definition tls_handshake_msg.h:24
Botan::TLS::Hybrid_KEM_PrivateKey::generate_from_group
static std::unique_ptr< Hybrid_KEM_PrivateKey > generate_from_group(Group_Params group, RandomNumberGenerator &rng)
Definition hybrid_public_key.cpp:338
Botan::TLS::Hybrid_KEM_PublicKey::load_for_group
static std::unique_ptr< Hybrid_KEM_PublicKey > load_for_group(Group_Params group, std::span< const uint8_t > concatenated_public_values)
Definition hybrid_public_key.cpp:168
Botan::TLS::Policy::check_peer_key_acceptable
virtual void check_peer_key_acceptable(const Public_Key &public_key) const
Definition tls_policy.cpp:224
Botan::TLS::Policy::require_cert_revocation_info
virtual bool require_cert_revocation_info() const
Definition tls_policy.cpp:209
Botan::TLS::Policy::minimum_signature_strength
virtual size_t minimum_signature_strength() const
Definition tls_policy.cpp:205
Botan::TLS::Protocol_Version::is_pre_tls_13
bool is_pre_tls_13() const
Definition tls_version.cpp:40
Botan::TLS::Session_Base::version
Protocol_Version version() const
Definition tls_session.h:172
Botan::TLS::Session::lifetime_hint
std::chrono::seconds lifetime_hint() const
Definition tls_session.h:459
Botan::TLS::TLS_Exception
Definition tls_exceptn.h:19
Y
FE_25519 Y
Definition ge.cpp:26
Botan::x509_path_validate
Path_Validation_Result x509_path_validate(const std::vector< X509_Certificate > &end_certs, const Path_Validation_Restrictions &restrictions, const std::vector< Certificate_Store * > &trusted_roots, std::string_view hostname, Usage_Type usage, std::chrono::system_clock::time_point ref_time, std::chrono::milliseconds ocsp_timeout, const std::vector< std::optional< OCSP::Response > > &ocsp_resp)
Definition x509path.cpp:882
Botan::Usage_Type
Usage_Type
Definition x509cert.h:22
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61
Botan::Signature_Format
Signature_Format
Definition pk_keys.h:31
Generated by doxygen 1.12.0