Botan  2.13.0
Crypto and TLS for C++11
tls_client.cpp
Go to the documentation of this file.
1 /*
2 * TLS Client
3 * (C) 2004-2011,2012,2015,2016 Jack Lloyd
4 * 2016 Matthias Gierlings
5 * 2017 Harry Reimann, Rohde & Schwarz Cybersecurity
6 *
7 * Botan is released under the Simplified BSD License (see license.txt)
8 */
9 
10 #include <botan/tls_client.h>
11 #include <botan/tls_messages.h>
12 #include <botan/internal/tls_handshake_state.h>
13 #include <botan/internal/stl_util.h>
14 #include <iterator>
15 #include <sstream>
16 
17 namespace Botan {
18 
19 namespace TLS {
20 
21 namespace {
22 
23 class Client_Handshake_State final : public Handshake_State
24  {
25  public:
26  Client_Handshake_State(Handshake_IO* io, Callbacks& cb) :
27  Handshake_State(io, cb),
28  m_is_reneg(false)
29  {}
30 
31  const Public_Key& get_server_public_key() const
32  {
33  BOTAN_ASSERT(server_public_key, "Server sent us a certificate");
34  return *server_public_key.get();
35  }
36 
37  bool is_a_resumption() const { return (resumed_session != nullptr); }
38 
39  bool is_a_renegotiation() const { return m_is_reneg; }
40 
41  const secure_vector<uint8_t>& resume_master_secret() const
42  {
43  BOTAN_STATE_CHECK(is_a_resumption());
44  return resumed_session->master_secret();
45  }
46 
47  const std::vector<X509_Certificate>& resume_peer_certs() const
48  {
49  BOTAN_STATE_CHECK(is_a_resumption());
50  return resumed_session->peer_certs();
51  }
52 
53  std::unique_ptr<Public_Key> server_public_key;
54  // Used during session resumption
55  std::unique_ptr<Session> resumed_session;
56  bool m_is_reneg = false;
57  };
58 
59 }
60 
61 /*
62 * TLS Client Constructor
63 */
65  Session_Manager& session_manager,
66  Credentials_Manager& creds,
67  const Policy& policy,
69  const Server_Information& info,
70  const Protocol_Version& offer_version,
71  const std::vector<std::string>& next_protos,
72  size_t io_buf_sz) :
73  Channel(callbacks, session_manager, rng, policy,
74  false, offer_version.is_datagram_protocol(), io_buf_sz),
75  m_creds(creds),
76  m_info(info)
77  {
78  init(offer_version, next_protos);
79  }
80 
81 Client::Client(output_fn data_output_fn,
82  data_cb proc_cb,
83  alert_cb recv_alert_cb,
84  handshake_cb hs_cb,
85  Session_Manager& session_manager,
86  Credentials_Manager& creds,
87  const Policy& policy,
89  const Server_Information& info,
90  const Protocol_Version& offer_version,
91  const std::vector<std::string>& next_protos,
92  size_t io_buf_sz) :
93  Channel(data_output_fn, proc_cb, recv_alert_cb, hs_cb, Channel::handshake_msg_cb(),
94  session_manager, rng, policy, false, offer_version.is_datagram_protocol(), io_buf_sz),
95  m_creds(creds),
96  m_info(info)
97  {
98  init(offer_version, next_protos);
99  }
100 
101 Client::Client(output_fn data_output_fn,
102  data_cb proc_cb,
103  alert_cb recv_alert_cb,
104  handshake_cb hs_cb,
105  handshake_msg_cb hs_msg_cb,
106  Session_Manager& session_manager,
107  Credentials_Manager& creds,
108  const Policy& policy,
110  const Server_Information& info,
111  const Protocol_Version& offer_version,
112  const std::vector<std::string>& next_protos) :
113  Channel(data_output_fn, proc_cb, recv_alert_cb, hs_cb, hs_msg_cb,
114  session_manager, rng, policy, false, offer_version.is_datagram_protocol()),
115  m_creds(creds),
116  m_info(info)
117  {
118  init(offer_version, next_protos);
119  }
120 
121 void Client::init(const Protocol_Version& protocol_version,
122  const std::vector<std::string>& next_protocols)
123  {
124  const std::string srp_identifier = m_creds.srp_identifier("tls-client", m_info.hostname());
125 
126  Handshake_State& state = create_handshake_state(protocol_version);
127  send_client_hello(state, false, protocol_version,
128  srp_identifier, next_protocols);
129  }
130 
131 Handshake_State* Client::new_handshake_state(Handshake_IO* io)
132  {
133  return new Client_Handshake_State(io, callbacks());
134  }
135 
136 std::vector<X509_Certificate>
137 Client::get_peer_cert_chain(const Handshake_State& state) const
138  {
139  const Client_Handshake_State& cstate = dynamic_cast<const Client_Handshake_State&>(state);
140 
141  if(cstate.is_a_resumption())
142  return cstate.resume_peer_certs();
143 
144  if(state.server_certs())
145  return state.server_certs()->cert_chain();
146  return std::vector<X509_Certificate>();
147  }
148 
149 /*
150 * Send a new client hello to renegotiate
151 */
152 void Client::initiate_handshake(Handshake_State& state,
153  bool force_full_renegotiation)
154  {
155  send_client_hello(state, force_full_renegotiation,
156  policy().latest_supported_version(state.version().is_datagram_protocol()));
157  }
158 
159 void Client::send_client_hello(Handshake_State& state_base,
160  bool force_full_renegotiation,
161  Protocol_Version version,
162  const std::string& srp_identifier,
163  const std::vector<std::string>& next_protocols)
164  {
165  Client_Handshake_State& state = dynamic_cast<Client_Handshake_State&>(state_base);
166 
167  if(state.version().is_datagram_protocol())
168  state.set_expected_next(HELLO_VERIFY_REQUEST); // optional
169  state.set_expected_next(SERVER_HELLO);
170 
171  if(!force_full_renegotiation && !m_info.empty())
172  {
173  std::unique_ptr<Session> session_info(new Session);;
174  if(session_manager().load_from_server_info(m_info, *session_info))
175  {
176  /*
177  Ensure that the session protocol cipher and version are acceptable
178  If not skip the resume and establish a new session
179  */
180  const bool exact_version = session_info->version() == version;
181  const bool ok_version =
182  (session_info->version().is_datagram_protocol() == version.is_datagram_protocol()) &&
183  policy().acceptable_protocol_version(session_info->version());
184 
185  const bool session_version_ok = policy().only_resume_with_exact_version() ? exact_version : ok_version;
186 
187  if(policy().acceptable_ciphersuite(session_info->ciphersuite()) && session_version_ok)
188  {
189  if(srp_identifier == "" || session_info->srp_identifier() == srp_identifier)
190  {
191  state.client_hello(
192  new Client_Hello(state.handshake_io(),
193  state.hash(),
194  policy(),
195  callbacks(),
196  rng(),
198  *session_info,
199  next_protocols));
200 
201  state.resumed_session = std::move(session_info);
202  }
203  }
204  }
205  }
206 
207  if(!state.client_hello()) // not resuming
208  {
209  Client_Hello::Settings client_settings(version, m_info.hostname(), srp_identifier);
210  state.client_hello(new Client_Hello(
211  state.handshake_io(),
212  state.hash(),
213  policy(),
214  callbacks(),
215  rng(),
217  client_settings,
218  next_protocols));
219  }
220 
221  secure_renegotiation_check(state.client_hello());
222  }
223 
224 /*
225 * Process a handshake message
226 */
227 void Client::process_handshake_msg(const Handshake_State* active_state,
228  Handshake_State& state_base,
230  const std::vector<uint8_t>& contents,
231  bool epoch0_restart)
232  {
233  BOTAN_ASSERT_NOMSG(epoch0_restart == false); // only happens on server side
234 
235  Client_Handshake_State& state = dynamic_cast<Client_Handshake_State&>(state_base);
236 
237  if(type == HELLO_REQUEST && active_state)
238  {
239  Hello_Request hello_request(contents);
240 
241  if(state.client_hello())
242  {
243  throw TLS_Exception(Alert::HANDSHAKE_FAILURE, "Cannot renegotiate during a handshake");
244  }
245 
246  if(policy().allow_server_initiated_renegotiation())
247  {
248  if(secure_renegotiation_supported() || policy().allow_insecure_renegotiation())
249  {
250  state.m_is_reneg = true;
251  this->initiate_handshake(state, true);
252  }
253  else
254  {
255  throw TLS_Exception(Alert::HANDSHAKE_FAILURE, "Client policy prohibits insecure renegotiation");
256  }
257  }
258  else
259  {
260  if(policy().abort_connection_on_undesired_renegotiation())
261  {
262  throw TLS_Exception(Alert::NO_RENEGOTIATION, "Client policy prohibits renegotiation");
263  }
264  else
265  {
266  // RFC 5746 section 4.2
268  }
269  }
270 
271  return;
272  }
273 
274  state.confirm_transition_to(type);
275 
277  state.hash().update(state.handshake_io().format(contents, type));
278 
280  {
281  state.set_expected_next(SERVER_HELLO);
282  state.set_expected_next(HELLO_VERIFY_REQUEST); // might get it again
283 
284  Hello_Verify_Request hello_verify_request(contents);
285  state.hello_verify_request(hello_verify_request);
286  }
287  else if(type == SERVER_HELLO)
288  {
289  state.server_hello(new Server_Hello(contents));
290 
291  if(!state.client_hello()->offered_suite(state.server_hello()->ciphersuite()))
292  {
293  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
294  "Server replied with ciphersuite we didn't send");
295  }
296 
297  if(!Ciphersuite::by_id(state.server_hello()->ciphersuite()).usable_in_version(state.server_hello()->version()))
298  {
299  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
300  "Server replied using a ciphersuite not allowed in version it offered");
301  }
302 
303  if(Ciphersuite::is_scsv(state.server_hello()->ciphersuite()))
304  {
305  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
306  "Server replied with a signaling ciphersuite");
307  }
308 
309  if(state.server_hello()->compression_method() != 0)
310  {
311  throw TLS_Exception(Alert::ILLEGAL_PARAMETER,
312  "Server replied with non-null compression method");
313  }
314 
315  if(state.client_hello()->version() > state.server_hello()->version())
316  {
317  if(state.server_hello()->random_signals_downgrade())
318  throw TLS_Exception(Alert::ILLEGAL_PARAMETER, "Downgrade attack detected");
319  }
320 
321  auto client_extn = state.client_hello()->extension_types();
322  auto server_extn = state.server_hello()->extension_types();
323 
324  std::vector<Handshake_Extension_Type> diff;
325 
326  std::set_difference(server_extn.begin(), server_extn.end(),
327  client_extn.begin(), client_extn.end(),
328  std::back_inserter(diff));
329 
330  if(!diff.empty())
331  {
332  // Server sent us back an extension we did not send!
333 
334  std::ostringstream msg;
335  msg << "Server replied with unsupported extensions:";
336  for(auto&& d : diff)
337  msg << " " << static_cast<int>(d);
338  throw TLS_Exception(Alert::UNSUPPORTED_EXTENSION, msg.str());
339  }
340 
341  if(uint16_t srtp = state.server_hello()->srtp_profile())
342  {
343  if(!value_exists(state.client_hello()->srtp_profiles(), srtp))
344  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
345  "Server replied with DTLS-SRTP alg we did not send");
346  }
347 
348  callbacks().tls_examine_extensions(state.server_hello()->extensions(), SERVER);
349 
350  state.set_version(state.server_hello()->version());
351  m_application_protocol = state.server_hello()->next_protocol();
352 
353  secure_renegotiation_check(state.server_hello());
354 
355  const bool server_returned_same_session_id =
356  !state.server_hello()->session_id().empty() &&
357  (state.server_hello()->session_id() == state.client_hello()->session_id());
358 
359  if(server_returned_same_session_id)
360  {
361  // successful resumption
362 
363  /*
364  * In this case, we offered the version used in the original
365  * session, and the server must resume with the same version.
366  */
367  if(state.server_hello()->version() != state.client_hello()->version())
368  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
369  "Server resumed session but with wrong version");
370 
371  if(state.server_hello()->supports_extended_master_secret() &&
372  !state.resumed_session->supports_extended_master_secret())
373  {
374  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
375  "Server resumed session but added extended master secret");
376  }
377 
378  if(!state.server_hello()->supports_extended_master_secret() &&
379  state.resumed_session->supports_extended_master_secret())
380  {
381  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
382  "Server resumed session and removed extended master secret");
383  }
384 
385  state.compute_session_keys(state.resume_master_secret());
386 
387  if(state.server_hello()->supports_session_ticket())
388  {
389  state.set_expected_next(NEW_SESSION_TICKET);
390  }
391  else
392  {
393  state.set_expected_next(HANDSHAKE_CCS);
394  }
395  }
396  else
397  {
398  // new session
399 
400  if(active_state)
401  {
402  // Here we are testing things that should not change during a renegotation,
403  // even if the server creates a new session. Howerver they might change
404  // in a resumption scenario.
405 
406  if(active_state->version() != state.server_hello()->version())
407  throw TLS_Exception(Alert::PROTOCOL_VERSION,
408  "Server changed version after renegotiation");
409 
410  if(state.server_hello()->supports_extended_master_secret() !=
411  active_state->server_hello()->supports_extended_master_secret())
412  {
413  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
414  "Server changed its mind about extended master secret");
415  }
416  }
417 
418  state.resumed_session.reset(); // non-null if we were attempting a resumption
419 
420  if(state.client_hello()->version().is_datagram_protocol() !=
421  state.server_hello()->version().is_datagram_protocol())
422  {
423  throw TLS_Exception(Alert::PROTOCOL_VERSION,
424  "Server replied with different protocol type than we offered");
425  }
426 
427  if(state.version() > state.client_hello()->version())
428  {
429  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
430  "Server replied with later version than client offered");
431  }
432 
433  if(state.version().major_version() == 3 && state.version().minor_version() == 0)
434  {
435  throw TLS_Exception(Alert::PROTOCOL_VERSION,
436  "Server attempting to negotiate SSLv3 which is not supported");
437  }
438 
439  if(!policy().acceptable_protocol_version(state.version()))
440  {
441  throw TLS_Exception(Alert::PROTOCOL_VERSION,
442  "Server version " + state.version().to_string() +
443  " is unacceptable by policy");
444  }
445 
446  if(state.ciphersuite().signature_used() || state.ciphersuite().kex_method() == Kex_Algo::STATIC_RSA)
447  {
448  state.set_expected_next(CERTIFICATE);
449  }
450  else if(state.ciphersuite().kex_method() == Kex_Algo::PSK)
451  {
452  /* PSK is anonymous so no certificate/cert req message is
453  ever sent. The server may or may not send a server kex,
454  depending on if it has an identity hint for us.
455 
456  (EC)DHE_PSK always sends a server key exchange for the
457  DH exchange portion, and is covered by block below
458  */
459 
460  state.set_expected_next(SERVER_KEX);
461  state.set_expected_next(SERVER_HELLO_DONE);
462  }
463  else if(state.ciphersuite().kex_method() != Kex_Algo::STATIC_RSA)
464  {
465  state.set_expected_next(SERVER_KEX);
466  }
467  else
468  {
469  state.set_expected_next(CERTIFICATE_REQUEST); // optional
470  state.set_expected_next(SERVER_HELLO_DONE);
471  }
472  }
473  }
474  else if(type == CERTIFICATE)
475  {
476  state.server_certs(new Certificate(contents, policy()));
477 
478  const std::vector<X509_Certificate>& server_certs =
479  state.server_certs()->cert_chain();
480 
481  if(server_certs.empty())
482  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
483  "Client: No certificates sent by server");
484 
485  /*
486  If the server supports certificate status messages,
487  certificate verification happens after we receive the server hello done,
488  in case an OCSP response was also available
489  */
490 
491  X509_Certificate server_cert = server_certs[0];
492 
493  if(active_state && active_state->server_certs())
494  {
495  X509_Certificate current_cert = active_state->server_certs()->cert_chain().at(0);
496 
497  if(current_cert != server_cert)
498  throw TLS_Exception(Alert::BAD_CERTIFICATE, "Server certificate changed during renegotiation");
499  }
500 
501  std::unique_ptr<Public_Key> peer_key(server_cert.subject_public_key());
502 
503  const std::string expected_key_type =
504  state.ciphersuite().signature_used() ? state.ciphersuite().sig_algo() : "RSA";
505 
506  if(peer_key->algo_name() != expected_key_type)
507  throw TLS_Exception(Alert::ILLEGAL_PARAMETER,
508  "Certificate key type did not match ciphersuite");
509 
510  state.server_public_key.reset(peer_key.release());
511 
512  if(state.ciphersuite().kex_method() != Kex_Algo::STATIC_RSA)
513  {
514  state.set_expected_next(SERVER_KEX);
515  }
516  else
517  {
518  state.set_expected_next(CERTIFICATE_REQUEST); // optional
519  state.set_expected_next(SERVER_HELLO_DONE);
520  }
521 
522  if(state.server_hello()->supports_certificate_status_message())
523  {
524  state.set_expected_next(CERTIFICATE_STATUS); // optional
525  }
526  else
527  {
528  try
529  {
530  auto trusted_CAs = m_creds.trusted_certificate_authorities("tls-client", m_info.hostname());
531 
532  callbacks().tls_verify_cert_chain(server_certs,
533  {},
534  trusted_CAs,
536  m_info.hostname(),
537  policy());
538  }
539  catch(TLS_Exception&)
540  {
541  throw;
542  }
543  catch(std::exception& e)
544  {
545  throw TLS_Exception(Alert::INTERNAL_ERROR, e.what());
546  }
547  }
548  }
549  else if(type == CERTIFICATE_STATUS)
550  {
551  state.server_cert_status(new Certificate_Status(contents));
552 
553  if(state.ciphersuite().kex_method() != Kex_Algo::STATIC_RSA)
554  {
555  state.set_expected_next(SERVER_KEX);
556  }
557  else
558  {
559  state.set_expected_next(CERTIFICATE_REQUEST); // optional
560  state.set_expected_next(SERVER_HELLO_DONE);
561  }
562  }
563  else if(type == SERVER_KEX)
564  {
565  if(state.ciphersuite().psk_ciphersuite() == false)
566  state.set_expected_next(CERTIFICATE_REQUEST); // optional
567  state.set_expected_next(SERVER_HELLO_DONE);
568 
569  state.server_kex(
570  new Server_Key_Exchange(contents,
571  state.ciphersuite().kex_method(),
572  state.ciphersuite().auth_method(),
573  state.version())
574  );
575 
576  if(state.ciphersuite().signature_used())
577  {
578  const Public_Key& server_key = state.get_server_public_key();
579 
580  if(!state.server_kex()->verify(server_key, state, policy()))
581  {
582  throw TLS_Exception(Alert::DECRYPT_ERROR,
583  "Bad signature on server key exchange");
584  }
585  }
586  }
587  else if(type == CERTIFICATE_REQUEST)
588  {
589  state.set_expected_next(SERVER_HELLO_DONE);
590  state.cert_req(new Certificate_Req(contents, state.version()));
591  }
592  else if(type == SERVER_HELLO_DONE)
593  {
594  state.server_hello_done(new Server_Hello_Done(contents));
595 
596  if(state.server_certs() != nullptr &&
597  state.server_hello()->supports_certificate_status_message())
598  {
599  try
600  {
601  auto trusted_CAs = m_creds.trusted_certificate_authorities("tls-client", m_info.hostname());
602 
603  std::vector<std::shared_ptr<const OCSP::Response>> ocsp;
604  if(state.server_cert_status() != nullptr)
605  {
606  try {
607  ocsp.push_back(std::make_shared<OCSP::Response>(state.server_cert_status()->response()));
608  }
609  catch(Decoding_Error&)
610  {
611  // ignore it here because it might be our fault
612  }
613  }
614 
615  callbacks().tls_verify_cert_chain(state.server_certs()->cert_chain(),
616  ocsp,
617  trusted_CAs,
619  m_info.hostname(),
620  policy());
621  }
622  catch(TLS_Exception&)
623  {
624  throw;
625  }
626  catch(std::exception& e)
627  {
628  throw TLS_Exception(Alert::INTERNAL_ERROR, e.what());
629  }
630  }
631 
632  if(state.received_handshake_msg(CERTIFICATE_REQUEST))
633  {
634  const auto& types = state.cert_req()->acceptable_cert_types();
635 
636  std::vector<X509_Certificate> client_certs =
637  m_creds.find_cert_chain(types,
638  state.cert_req()->acceptable_CAs(),
639  "tls-client",
640  m_info.hostname());
641 
642  state.client_certs(new Certificate(state.handshake_io(),
643  state.hash(),
644  client_certs));
645  }
646 
647  state.client_kex(
648  new Client_Key_Exchange(state.handshake_io(),
649  state,
650  policy(),
651  m_creds,
652  state.server_public_key.get(),
653  m_info.hostname(),
654  rng())
655  );
656 
657  state.compute_session_keys();
658 
659  if(state.received_handshake_msg(CERTIFICATE_REQUEST) &&
660  !state.client_certs()->empty())
661  {
662  Private_Key* private_key =
663  m_creds.private_key_for(state.client_certs()->cert_chain()[0],
664  "tls-client",
665  m_info.hostname());
666 
667  state.client_verify(
668  new Certificate_Verify(state.handshake_io(),
669  state,
670  policy(),
671  rng(),
672  private_key)
673  );
674  }
675 
676  state.handshake_io().send(Change_Cipher_Spec());
677 
679 
680  state.client_finished(new Finished(state.handshake_io(), state, CLIENT));
681 
682  if(state.server_hello()->supports_session_ticket())
683  state.set_expected_next(NEW_SESSION_TICKET);
684  else
685  state.set_expected_next(HANDSHAKE_CCS);
686  }
687  else if(type == NEW_SESSION_TICKET)
688  {
689  state.new_session_ticket(new New_Session_Ticket(contents));
690 
691  state.set_expected_next(HANDSHAKE_CCS);
692  }
693  else if(type == HANDSHAKE_CCS)
694  {
695  state.set_expected_next(FINISHED);
696 
698  }
699  else if(type == FINISHED)
700  {
701  state.server_finished(new Finished(contents));
702 
703  if(!state.server_finished()->verify(state, SERVER))
704  throw TLS_Exception(Alert::DECRYPT_ERROR,
705  "Finished message didn't verify");
706 
707  state.hash().update(state.handshake_io().format(contents, type));
708 
709  if(!state.client_finished()) // session resume case
710  {
711  state.handshake_io().send(Change_Cipher_Spec());
713  state.client_finished(new Finished(state.handshake_io(), state, CLIENT));
714  }
715 
716  std::vector<uint8_t> session_id = state.server_hello()->session_id();
717 
718  const std::vector<uint8_t>& session_ticket = state.session_ticket();
719 
720  if(session_id.empty() && !session_ticket.empty())
721  session_id = make_hello_random(rng(), policy());
722 
723  Session session_info(
724  session_id,
725  state.session_keys().master_secret(),
726  state.server_hello()->version(),
727  state.server_hello()->ciphersuite(),
728  CLIENT,
729  state.server_hello()->supports_extended_master_secret(),
730  state.server_hello()->supports_encrypt_then_mac(),
731  get_peer_cert_chain(state),
732  session_ticket,
733  m_info,
734  "",
735  state.server_hello()->srtp_profile()
736  );
737 
738  const bool should_save = save_session(session_info);
739 
740  if(session_id.size() > 0 && state.is_a_resumption() == false)
741  {
742  if(should_save)
743  session_manager().save(session_info);
744  else
745  session_manager().remove_entry(session_info.session_id());
746  }
747 
749  }
750  else
751  throw Unexpected_Message("Unknown handshake message received");
752  }
753 
754 }
755 
756 }
virtual std::vector< X509_Certificate > find_cert_chain(const std::vector< std::string > &cert_key_types, const std::vector< X509_DN > &acceptable_CAs, const std::string &type, const std::string &context)
virtual void remove_entry(const std::vector< uint8_t > &session_id)=0
virtual std::string srp_identifier(const std::string &type, const std::string &context)
std::function< void(Alert, const uint8_t[], size_t)> alert_cb
Definition: tls_channel.h:42
void change_cipher_spec_reader(Connection_Side side)
std::unique_ptr< Session > resumed_session
Definition: tls_client.cpp:55
int(* final)(unsigned char *, CTX *)
static bool is_scsv(uint16_t suite)
void change_cipher_spec_writer(Connection_Side side)
Client(Callbacks &callbacks, Session_Manager &session_manager, Credentials_Manager &creds, const Policy &policy, RandomNumberGenerator &rng, const Server_Information &server_info=Server_Information(), const Protocol_Version &offer_version=Protocol_Version::latest_tls_version(), const std::vector< std::string > &next_protocols={}, size_t reserved_io_buffer_size=TLS::Client::IO_BUF_DEFAULT_SIZE)
Definition: tls_client.cpp:64
void send_warning_alert(Alert::Type type)
Definition: tls_channel.h:139
std::function< void(const uint8_t[], size_t)> output_fn
Definition: tls_channel.h:40
bool secure_renegotiation_supported() const
#define BOTAN_STATE_CHECK(expr)
Definition: assert.h:49
Handshake_State & create_handshake_state(Protocol_Version version)
#define BOTAN_ASSERT_NOMSG(expr)
Definition: assert.h:68
RandomNumberGenerator & rng()
Definition: tls_channel.h:234
std::string hostname() const
MechanismType type
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:55
std::vector< uint8_t > secure_renegotiation_data_for_client_hello() const
std::function< bool(const Session &)> handshake_cb
Definition: tls_channel.h:43
bool save_session(const Session &session)
virtual bool only_resume_with_exact_version() const
Definition: tls_policy.cpp:346
virtual void tls_verify_cert_chain(const std::vector< X509_Certificate > &cert_chain, const std::vector< std::shared_ptr< const OCSP::Response >> &ocsp_responses, const std::vector< Certificate_Store *> &trusted_roots, Usage_Type usage, const std::string &hostname, const TLS::Policy &policy)
Definition: alg_id.cpp:13
virtual void tls_examine_extensions(const Extensions &extn, Connection_Side which_side)
void secure_renegotiation_check(const Client_Hello *client_hello)
std::vector< uint8_t > make_hello_random(RandomNumberGenerator &rng, const Policy &policy)
std::function< void(const uint8_t[], size_t)> data_cb
Definition: tls_channel.h:41
std::unique_ptr< Public_Key > server_public_key
Definition: tls_client.cpp:53
bool value_exists(const std::vector< T > &vec, const T &val)
Definition: stl_util.h:86
static Ciphersuite by_id(uint16_t suite)
virtual std::vector< Certificate_Store * > trusted_certificate_authorities(const std::string &type, const std::string &context)
Callbacks & callbacks() const
Definition: tls_channel.h:242
const Policy & policy() const
Definition: tls_channel.h:238
virtual bool acceptable_protocol_version(Protocol_Version version) const
Definition: tls_policy.cpp:278
virtual void save(const Session &session)=0
bool m_is_reneg
Definition: tls_client.cpp:56
Session_Manager & session_manager()
Definition: tls_channel.h:236
std::function< void(const Handshake_Message &)> handshake_msg_cb
Definition: tls_channel.h:44