Botan 2.19.1
Crypto and TLS for C&
tls_extensions.h
Go to the documentation of this file.
1/*
2* TLS Extensions
3* (C) 2011,2012,2016,2018,2019 Jack Lloyd
4* (C) 2016 Juraj Somorovsky
5* (C) 2016 Matthias Gierlings
6*
7* Botan is released under the Simplified BSD License (see license.txt)
8*/
9
10#ifndef BOTAN_TLS_EXTENSIONS_H_
11#define BOTAN_TLS_EXTENSIONS_H_
12
13#include <botan/tls_algos.h>
14#include <botan/tls_magic.h>
15#include <botan/tls_version.h>
16#include <botan/secmem.h>
17#include <botan/pkix_types.h>
18#include <vector>
19#include <string>
20#include <map>
21#include <set>
22
23namespace Botan {
24
25namespace TLS {
26
27class Policy;
28
29class TLS_Data_Reader;
30
31// This will become an enum class in a future major release
35
43
46
48
50
52};
53
54/**
55* Base class representing a TLS extension of some kind
56*/
58 {
59 public:
60 /**
61 * @return code number of the extension
62 */
63 virtual Handshake_Extension_Type type() const = 0;
64
65 /**
66 * @return serialized binary for the extension
67 */
68 virtual std::vector<uint8_t> serialize(Connection_Side whoami) const = 0;
69
70 /**
71 * @return if we should encode this extension or not
72 */
73 virtual bool empty() const = 0;
74
75 virtual ~Extension() = default;
76 };
77
78/**
79* Server Name Indicator extension (RFC 3546)
80*/
82 {
83 public:
86
87 Handshake_Extension_Type type() const override { return static_type(); }
88
89 explicit Server_Name_Indicator(const std::string& host_name) :
90 m_sni_host_name(host_name) {}
91
93 uint16_t extension_size);
94
95 std::string host_name() const { return m_sni_host_name; }
96
97 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
98
99 bool empty() const override { return m_sni_host_name.empty(); }
100 private:
101 std::string m_sni_host_name;
102 };
103
104#if defined(BOTAN_HAS_SRP6)
105/**
106* SRP identifier extension (RFC 5054)
107*/
108class BOTAN_UNSTABLE_API SRP_Identifier final : public Extension
109 {
110 public:
111 static Handshake_Extension_Type static_type()
112 { return TLSEXT_SRP_IDENTIFIER; }
113
114 Handshake_Extension_Type type() const override { return static_type(); }
115
116 explicit SRP_Identifier(const std::string& identifier) :
117 m_srp_identifier(identifier) {}
118
119 SRP_Identifier(TLS_Data_Reader& reader,
120 uint16_t extension_size);
121
122 std::string identifier() const { return m_srp_identifier; }
123
124 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
125
126 bool empty() const override { return m_srp_identifier.empty(); }
127 private:
128 std::string m_srp_identifier;
129 };
130#endif
131
132/**
133* Renegotiation Indication Extension (RFC 5746)
134*/
136 {
137 public:
139 { return TLSEXT_SAFE_RENEGOTIATION; }
140
141 Handshake_Extension_Type type() const override { return static_type(); }
142
144
145 explicit Renegotiation_Extension(const std::vector<uint8_t>& bits) :
146 m_reneg_data(bits) {}
147
149 uint16_t extension_size);
150
151 const std::vector<uint8_t>& renegotiation_info() const
152 { return m_reneg_data; }
153
154 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
155
156 bool empty() const override { return false; } // always send this
157 private:
158 std::vector<uint8_t> m_reneg_data;
159 };
160
161/**
162* ALPN (RFC 7301)
163*/
165 {
166 public:
168
169 Handshake_Extension_Type type() const override { return static_type(); }
170
171 const std::vector<std::string>& protocols() const { return m_protocols; }
172
173 const std::string& single_protocol() const;
174
175 /**
176 * Single protocol, used by server
177 */
178 explicit Application_Layer_Protocol_Notification(const std::string& protocol) :
179 m_protocols(1, protocol) {}
180
181 /**
182 * List of protocols, used by client
183 */
184 explicit Application_Layer_Protocol_Notification(const std::vector<std::string>& protocols) :
185 m_protocols(protocols) {}
186
188 uint16_t extension_size);
189
190 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
191
192 bool empty() const override { return m_protocols.empty(); }
193 private:
194 std::vector<std::string> m_protocols;
195 };
196
197/**
198* Session Ticket Extension (RFC 5077)
199*/
201 {
202 public:
204 { return TLSEXT_SESSION_TICKET; }
205
206 Handshake_Extension_Type type() const override { return static_type(); }
207
208 /**
209 * @return contents of the session ticket
210 */
211 const std::vector<uint8_t>& contents() const { return m_ticket; }
212
213 /**
214 * Create empty extension, used by both client and server
215 */
216 Session_Ticket() = default;
217
218 /**
219 * Extension with ticket, used by client
220 */
221 explicit Session_Ticket(const std::vector<uint8_t>& session_ticket) :
222 m_ticket(session_ticket) {}
223
224 /**
225 * Deserialize a session ticket
226 */
227 Session_Ticket(TLS_Data_Reader& reader, uint16_t extension_size);
228
229 std::vector<uint8_t> serialize(Connection_Side) const override { return m_ticket; }
230
231 bool empty() const override { return false; }
232 private:
233 std::vector<uint8_t> m_ticket;
234 };
235
236
237/**
238* Supported Groups Extension (RFC 7919)
239*/
241 {
242 public:
244 { return TLSEXT_SUPPORTED_GROUPS; }
245
246 Handshake_Extension_Type type() const override { return static_type(); }
247
248 std::vector<Group_Params> ec_groups() const;
249 std::vector<Group_Params> dh_groups() const;
250
251 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
252
253 explicit Supported_Groups(const std::vector<Group_Params>& groups);
254
256 uint16_t extension_size);
257
258 bool empty() const override { return m_groups.empty(); }
259 private:
260 std::vector<Group_Params> m_groups;
261 };
262
263// previously Supported Elliptic Curves Extension (RFC 4492)
264//using Supported_Elliptic_Curves = Supported_Groups;
265
266/**
267* Supported Point Formats Extension (RFC 4492)
268*/
270 {
271 public:
272 enum ECPointFormat : uint8_t {
273 UNCOMPRESSED = 0,
274 ANSIX962_COMPRESSED_PRIME = 1,
275 ANSIX962_COMPRESSED_CHAR2 = 2, // don't support these curves
276 };
277
279 { return TLSEXT_EC_POINT_FORMATS; }
280
281 Handshake_Extension_Type type() const override { return static_type(); }
282
283 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
284
285 explicit Supported_Point_Formats(bool prefer_compressed) :
286 m_prefers_compressed(prefer_compressed) {}
287
289 uint16_t extension_size);
290
291 bool empty() const override { return false; }
292
293 bool prefers_compressed() { return m_prefers_compressed; }
294
295 private:
296 bool m_prefers_compressed = false;
297 };
298
299/**
300* Signature Algorithms Extension for TLS 1.2 (RFC 5246)
301*/
303 {
304 public:
307
308 Handshake_Extension_Type type() const override { return static_type(); }
309
310 const std::vector<Signature_Scheme>& supported_schemes() const { return m_schemes; }
311
312 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
313
314 bool empty() const override { return m_schemes.empty(); }
315
316 explicit Signature_Algorithms(const std::vector<Signature_Scheme>& schemes) :
317 m_schemes(schemes) {}
318
320 uint16_t extension_size);
321 private:
322 std::vector<Signature_Scheme> m_schemes;
323 };
324
325/**
326* Used to indicate SRTP algorithms for DTLS (RFC 5764)
327*/
329 {
330 public:
332 { return TLSEXT_USE_SRTP; }
333
334 Handshake_Extension_Type type() const override { return static_type(); }
335
336 const std::vector<uint16_t>& profiles() const { return m_pp; }
337
338 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
339
340 bool empty() const override { return m_pp.empty(); }
341
342 explicit SRTP_Protection_Profiles(const std::vector<uint16_t>& pp) : m_pp(pp) {}
343
344 explicit SRTP_Protection_Profiles(uint16_t pp) : m_pp(1, pp) {}
345
346 SRTP_Protection_Profiles(TLS_Data_Reader& reader, uint16_t extension_size);
347 private:
348 std::vector<uint16_t> m_pp;
349 };
350
351/**
352* Extended Master Secret Extension (RFC 7627)
353*/
355 {
356 public:
359
360 Handshake_Extension_Type type() const override { return static_type(); }
361
362 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
363
364 bool empty() const override { return false; }
365
367
368 Extended_Master_Secret(TLS_Data_Reader& reader, uint16_t extension_size);
369 };
370
371/**
372* Encrypt-then-MAC Extension (RFC 7366)
373*/
375 {
376 public:
378 { return TLSEXT_ENCRYPT_THEN_MAC; }
379
380 Handshake_Extension_Type type() const override { return static_type(); }
381
382 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
383
384 bool empty() const override { return false; }
385
386 Encrypt_then_MAC() = default;
387
388 Encrypt_then_MAC(TLS_Data_Reader& reader, uint16_t extension_size);
389 };
390
391/**
392* Certificate Status Request (RFC 6066)
393*/
395 {
396 public:
399
400 Handshake_Extension_Type type() const override { return static_type(); }
401
402 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
403
404 bool empty() const override { return false; }
405
406 const std::vector<uint8_t>& get_responder_id_list() const
407 {
408 return m_ocsp_names;
409 }
410
411 const std::vector<uint8_t>& get_request_extensions() const
412 {
413 return m_extension_bytes;
414 }
415
416 // Server generated version: empty
418
419 // Client version, both lists can be empty
420 Certificate_Status_Request(const std::vector<uint8_t>& ocsp_responder_ids,
421 const std::vector<std::vector<uint8_t>>& ocsp_key_ids);
422
424 uint16_t extension_size,
425 Connection_Side side);
426 private:
427 std::vector<uint8_t> m_ocsp_names;
428 std::vector<std::vector<uint8_t>> m_ocsp_keys; // is this field really needed
429 std::vector<uint8_t> m_extension_bytes;
430 };
431
432/**
433* Supported Versions from RFC 8446
434*/
436 {
437 public:
439 { return TLSEXT_SUPPORTED_VERSIONS; }
440
441 Handshake_Extension_Type type() const override { return static_type(); }
442
443 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
444
445 bool empty() const override { return m_versions.empty(); }
446
447 Supported_Versions(Protocol_Version version, const Policy& policy);
448
450 {
451 m_versions.push_back(version);
452 }
453
455 uint16_t extension_size,
456 Connection_Side from);
457
458 bool supports(Protocol_Version version) const;
459
460 const std::vector<Protocol_Version> versions() const { return m_versions; }
461 private:
462 std::vector<Protocol_Version> m_versions;
463 };
464
465/**
466* Unknown extensions are deserialized as this type
467*/
469 {
470 public:
472 TLS_Data_Reader& reader,
473 uint16_t extension_size);
474
475 std::vector<uint8_t> serialize(Connection_Side whoami) const override; // always fails
476
477 const std::vector<uint8_t>& value() { return m_value; }
478
479 bool empty() const override { return false; }
480
481 Handshake_Extension_Type type() const override { return m_type; }
482
483 private:
485 std::vector<uint8_t> m_value;
486 };
487
488/**
489* Represents a block of extensions in a hello message
490*/
492 {
493 public:
494 std::set<Handshake_Extension_Type> extension_types() const;
495
496 template<typename T>
497 T* get() const
498 {
499 return dynamic_cast<T*>(get(T::static_type()));
500 }
501
502 template<typename T>
503 bool has() const
504 {
505 return get<T>() != nullptr;
506 }
507
508 void add(Extension* extn)
509 {
510 m_extensions[extn->type()].reset(extn);
511 }
512
514 {
515 auto i = m_extensions.find(type);
516
517 if(i != m_extensions.end())
518 return i->second.get();
519 return nullptr;
520 }
521
522 std::vector<uint8_t> serialize(Connection_Side whoami) const;
523
524 void deserialize(TLS_Data_Reader& reader, Connection_Side from);
525
526 /**
527 * Remvoe an extension from this extensions object, if it exists.
528 * Returns true if the extension existed (and thus is now removed),
529 * otherwise false (the extension wasn't set in the first place).
530 */
531 bool remove_extension(Handshake_Extension_Type typ);
532
533 Extensions() = default;
534
536 {
537 deserialize(reader, side);
538 }
539
540 private:
541 Extensions(const Extensions&) = delete;
542 Extensions& operator=(const Extensions&) = delete;
543
544 std::map<Handshake_Extension_Type, std::unique_ptr<Extension>> m_extensions;
545 };
546
547}
548
549}
550
551#endif
const std::vector< std::string > & protocols() const
Application_Layer_Protocol_Notification(const std::vector< std::string > &protocols)
Application_Layer_Protocol_Notification(const std::string &protocol)
Handshake_Extension_Type type() const override
static Handshake_Extension_Type static_type()
const std::vector< uint8_t > & get_request_extensions() const
Handshake_Extension_Type type() const override
const std::vector< uint8_t > & get_responder_id_list() const
static Handshake_Extension_Type static_type()
Handshake_Extension_Type type() const override
static Handshake_Extension_Type static_type()
bool empty() const override
static Handshake_Extension_Type static_type()
Handshake_Extension_Type type() const override
virtual std::vector< uint8_t > serialize(Connection_Side whoami) const =0
virtual bool empty() const =0
virtual Handshake_Extension_Type type() const =0
virtual ~Extension()=default
void add(Extension *extn)
Extensions(TLS_Data_Reader &reader, Connection_Side side)
Extension * get(Handshake_Extension_Type type) const
Renegotiation_Extension(const std::vector< uint8_t > &bits)
Handshake_Extension_Type type() const override
const std::vector< uint8_t > & renegotiation_info() const
static Handshake_Extension_Type static_type()
SRTP_Protection_Profiles(const std::vector< uint16_t > &pp)
Handshake_Extension_Type type() const override
static Handshake_Extension_Type static_type()
const std::vector< uint16_t > & profiles() const
Handshake_Extension_Type type() const override
static Handshake_Extension_Type static_type()
Server_Name_Indicator(const std::string &host_name)
Handshake_Extension_Type type() const override
Session_Ticket(const std::vector< uint8_t > &session_ticket)
bool empty() const override
const std::vector< uint8_t > & contents() const
static Handshake_Extension_Type static_type()
std::vector< uint8_t > serialize(Connection_Side) const override
static Handshake_Extension_Type static_type()
Signature_Algorithms(const std::vector< Signature_Scheme > &schemes)
const std::vector< Signature_Scheme > & supported_schemes() const
Handshake_Extension_Type type() const override
bool empty() const override
static Handshake_Extension_Type static_type()
Handshake_Extension_Type type() const override
Supported_Point_Formats(bool prefer_compressed)
static Handshake_Extension_Type static_type()
Handshake_Extension_Type type() const override
Handshake_Extension_Type type() const override
const std::vector< Protocol_Version > versions() const
static Handshake_Extension_Type static_type()
bool empty() const override
Supported_Versions(Protocol_Version version)
bool empty() const override
Handshake_Extension_Type type() const override
const std::vector< uint8_t > & value()
int(* final)(unsigned char *, CTX *)
#define BOTAN_UNSTABLE_API
Definition: compiler.h:44
fe T
Definition: ge.cpp:37
@ TLSEXT_ENCRYPT_THEN_MAC
@ TLSEXT_SIGNATURE_ALGORITHMS
@ TLSEXT_CERTIFICATE_TYPES
@ TLSEXT_SUPPORTED_VERSIONS
@ TLSEXT_CERT_STATUS_REQUEST
@ TLSEXT_SRP_IDENTIFIER
@ TLSEXT_SERVER_NAME_INDICATION
@ TLSEXT_SESSION_TICKET
@ TLSEXT_SAFE_RENEGOTIATION
@ TLSEXT_SUPPORTED_GROUPS
@ TLSEXT_EXTENDED_MASTER_SECRET
@ TLSEXT_EC_POINT_FORMATS
Definition: alg_id.cpp:13
MechanismType type