Botan 3.11.0
Crypto and TLS for C&
tls_extensions.h
Go to the documentation of this file.
1/*
2* TLS Extensions
3* (C) 2011,2012,2016,2018,2019 Jack Lloyd
4* (C) 2016 Juraj Somorovsky
5* (C) 2016 Matthias Gierlings
6* (C) 2021 Elektrobit Automotive GmbH
7* (C) 2022 René Meusel, Hannes Rantzsch - neXenio GmbH
8* (C) 2023 Fabian Albert, René Meusel - Rohde & Schwarz Cybersecurity
9*
10* Botan is released under the Simplified BSD License (see license.txt)
11*/
12
13#ifndef BOTAN_TLS_EXTENSIONS_H_
14#define BOTAN_TLS_EXTENSIONS_H_
15
16#include <botan/assert.h>
17#include <botan/tls_algos.h>
18#include <botan/tls_magic.h>
19#include <botan/tls_signature_scheme.h>
20#include <botan/tls_version.h>
21
22#include <memory>
23#include <set>
24
25namespace Botan {
26
27class RandomNumberGenerator;
28class Credentials_Manager;
29class X509_DN;
30
31namespace TLS {
32
33class Policy;
34class TLS_Data_Reader;
35
36enum class Extension_Code : uint16_t {
37 ServerNameIndication = 0,
38 CertificateStatusRequest = 5,
39
40 SupportedGroups = 10,
41 EcPointFormats = 11, // TLS 1.2 exclusive
42 SignatureAlgorithms = 13,
43 CertSignatureAlgorithms = 50,
44 UseSrtp = 14,
45 ApplicationLayerProtocolNegotiation = 16,
46
47 // SignedCertificateTimestamp = 18, // NYI
48
49 // RFC 7250 (Raw Public Keys in TLS)
50 ClientCertificateType = 19,
51 ServerCertificateType = 20,
52
53 EncryptThenMac = 22, // TLS 1.2 exclusive
54 ExtendedMasterSecret = 23, // TLS 1.2 exclusive
55
56 RecordSizeLimit = 28,
57
58 SessionTicket = 35, // TLS 1.2 exclusive
59
60 SupportedVersions = 43,
61
62 PresharedKey = 41, // TLS 1.3 exclusive
63 EarlyData = 42, // TLS 1.3 exclusive
64 Cookie = 44, // TLS 1.3 exclusive
65 PskKeyExchangeModes = 45, // TLS 1.3 exclusive
66 CertificateAuthorities = 47, // TLS 1.3 exclusive
67 KeyShare = 51, // TLS 1.3 exclusive
68
69 SafeRenegotiation = 65281, // TLS 1.2 exclusive
70};
71
72/**
73* Base class representing a TLS extension of some kind
74*/
75class BOTAN_UNSTABLE_API Extension /* NOLINT(*-special-member-functions) */ {
76 public:
77 /**
78 * @return code number of the extension
79 */
80 virtual Extension_Code type() const = 0;
81
82 /**
83 * @return serialized binary for the extension
84 */
85 virtual std::vector<uint8_t> serialize(Connection_Side whoami) const = 0;
86
87 /**
88 * @return if we should encode this extension or not
89 */
90 virtual bool empty() const = 0;
91
92 /**
93 * @return true if this extension is known and implemented by Botan
94 */
95 virtual bool is_implemented() const { return true; }
96
97 virtual ~Extension() = default;
98};
99
100/**
101* Server Name Indicator extension (RFC 3546)
102*/
103class BOTAN_UNSTABLE_API Server_Name_Indicator final : public Extension {
104 public:
105 static Extension_Code static_type() { return Extension_Code::ServerNameIndication; }
106
107 Extension_Code type() const override { return static_type(); }
108
109 explicit Server_Name_Indicator(std::string_view host_name) : m_sni_host_name(host_name) {}
110
111 Server_Name_Indicator(TLS_Data_Reader& reader, uint16_t extension_size);
112
113 std::string host_name() const { return m_sni_host_name; }
114
115 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
116
117 bool empty() const override { return false; }
118
119 static bool hostname_acceptable_for_sni(std::string_view hostname);
120
121 private:
122 std::string m_sni_host_name;
123};
124
125/**
126* ALPN (RFC 7301)
127*/
128class BOTAN_UNSTABLE_API Application_Layer_Protocol_Notification final : public Extension {
129 public:
130 static Extension_Code static_type() { return Extension_Code::ApplicationLayerProtocolNegotiation; }
131
132 Extension_Code type() const override { return static_type(); }
133
134 const std::vector<std::string>& protocols() const { return m_protocols; }
135
136 std::string single_protocol() const;
137
138 /**
139 * Single protocol, used by server
140 */
141 explicit Application_Layer_Protocol_Notification(std::string_view protocol) :
142 m_protocols(1, std::string(protocol)) {}
143
144 /**
145 * List of protocols, used by client
146 */
147 explicit Application_Layer_Protocol_Notification(const std::vector<std::string>& protocols) :
148 m_protocols(protocols) {}
149
150 Application_Layer_Protocol_Notification(TLS_Data_Reader& reader, uint16_t extension_size, Connection_Side from);
151
152 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
153
154 bool empty() const override { return m_protocols.empty(); }
155
156 private:
157 std::vector<std::string> m_protocols;
158};
159
160/**
161 * RFC 7250
162 * Base class for 'client_certificate_type' and 'server_certificate_type' extensions.
163 */
164class BOTAN_UNSTABLE_API Certificate_Type_Base : public Extension {
165 public:
166 /**
167 * Called by the client to advertise support for a number of cert types.
168 */
169 explicit Certificate_Type_Base(std::vector<Certificate_Type> supported_cert_types);
170
171 protected:
172 /**
173 * Called by the server to select a cert type to be used in the handshake.
174 */
175 Certificate_Type_Base(const Certificate_Type_Base& certificate_type_from_client,
176 const std::vector<Certificate_Type>& server_preference);
177
178 public:
179 Certificate_Type_Base(TLS_Data_Reader& reader, uint16_t extension_size, Connection_Side from);
180
181 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
182
183 void validate_selection(const Certificate_Type_Base& from_server) const;
184 Certificate_Type selected_certificate_type() const;
185
186 bool empty() const override {
187 // RFC 7250 4.1
188 // If the client has no remaining certificate types to send in the
189 // client hello, other than the default X.509 type, it MUST omit the
190 // entire client[/server]_certificate_type extension [...].
191 return m_from == Connection_Side::Client && m_certificate_types.size() == 1 &&
192 m_certificate_types.front() == Certificate_Type::X509;
193 }
194
195 private:
196 std::vector<Certificate_Type> m_certificate_types;
197 Connection_Side m_from;
198};
199
200class BOTAN_UNSTABLE_API Client_Certificate_Type final : public Certificate_Type_Base {
201 public:
202 using Certificate_Type_Base::Certificate_Type_Base;
203
204 /**
205 * Creates the Server Hello extension from the received client preferences.
206 */
207 Client_Certificate_Type(const Client_Certificate_Type& cct, const Policy& policy);
208
209 static Extension_Code static_type() { return Extension_Code::ClientCertificateType; }
210
211 Extension_Code type() const override { return static_type(); }
212};
213
214class BOTAN_UNSTABLE_API Server_Certificate_Type final : public Certificate_Type_Base {
215 public:
216 using Certificate_Type_Base::Certificate_Type_Base;
217
218 /**
219 * Creates the Server Hello extension from the received client preferences.
220 */
221 Server_Certificate_Type(const Server_Certificate_Type& sct, const Policy& policy);
222
223 static Extension_Code static_type() { return Extension_Code::ServerCertificateType; }
224
225 Extension_Code type() const override { return static_type(); }
226};
227
228/**
229* Supported Groups Extension (RFC 7919)
230*/
231class BOTAN_UNSTABLE_API Supported_Groups final : public Extension {
232 public:
233 static Extension_Code static_type() { return Extension_Code::SupportedGroups; }
234
235 Extension_Code type() const override { return static_type(); }
236
237 const std::vector<Group_Params>& groups() const;
238
239 // Returns the list of groups we recognize as ECDH curves
240 std::vector<Group_Params> ec_groups() const;
241
242 // Returns the list of any groups in the FFDHE range
243 std::vector<Group_Params> dh_groups() const;
244
245 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
246
247 explicit Supported_Groups(const std::vector<Group_Params>& groups);
248
249 Supported_Groups(TLS_Data_Reader& reader, uint16_t extension_size);
250
251 bool empty() const override { return m_groups.empty(); }
252
253 private:
254 std::vector<Group_Params> m_groups;
255};
256
257/**
258* Signature Algorithms Extension for TLS 1.2 (RFC 5246)
259*/
260class BOTAN_UNSTABLE_API Signature_Algorithms final : public Extension {
261 public:
262 static Extension_Code static_type() { return Extension_Code::SignatureAlgorithms; }
263
264 Extension_Code type() const override { return static_type(); }
265
266 const std::vector<Signature_Scheme>& supported_schemes() const { return m_schemes; }
267
268 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
269
270 bool empty() const override { return m_schemes.empty(); }
271
272 explicit Signature_Algorithms(std::vector<Signature_Scheme> schemes) : m_schemes(std::move(schemes)) {}
273
274 Signature_Algorithms(TLS_Data_Reader& reader, uint16_t extension_size);
275
276 private:
277 std::vector<Signature_Scheme> m_schemes;
278};
279
280/**
281* Signature_Algorithms_Cert for TLS 1.3 (RFC 8446)
282*
283* RFC 8446 4.2.3
284* TLS 1.3 provides two extensions for indicating which signature algorithms
285* may be used in digital signatures. The "signature_algorithms_cert"
286* extension applies to signatures in certificates, and the
287* "signature_algorithms" extension, which originally appeared in TLS 1.2,
288* applies to signatures in CertificateVerify messages.
289*
290* RFC 8446 4.2.3
291* TLS 1.2 implementations SHOULD also process this extension.
292*/
293class BOTAN_UNSTABLE_API Signature_Algorithms_Cert final : public Extension {
294 public:
295 static Extension_Code static_type() { return Extension_Code::CertSignatureAlgorithms; }
296
297 Extension_Code type() const override { return static_type(); }
298
299 const std::vector<Signature_Scheme>& supported_schemes() const { return m_schemes; }
300
301 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
302
303 bool empty() const override { return m_schemes.empty(); }
304
305 explicit Signature_Algorithms_Cert(std::vector<Signature_Scheme> schemes) : m_schemes(std::move(schemes)) {}
306
307 Signature_Algorithms_Cert(TLS_Data_Reader& reader, uint16_t extension_size);
308
309 private:
310 std::vector<Signature_Scheme> m_schemes;
311};
312
313/**
314* Used to indicate SRTP algorithms for DTLS (RFC 5764)
315*/
316class BOTAN_UNSTABLE_API SRTP_Protection_Profiles final : public Extension {
317 public:
318 static Extension_Code static_type() { return Extension_Code::UseSrtp; }
319
320 Extension_Code type() const override { return static_type(); }
321
322 const std::vector<uint16_t>& profiles() const { return m_pp; }
323
324 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
325
326 bool empty() const override { return m_pp.empty(); }
327
328 explicit SRTP_Protection_Profiles(const std::vector<uint16_t>& pp) : m_pp(pp) {}
329
330 explicit SRTP_Protection_Profiles(uint16_t pp) : m_pp(1, pp) {}
331
332 SRTP_Protection_Profiles(TLS_Data_Reader& reader, uint16_t extension_size);
333
334 private:
335 std::vector<uint16_t> m_pp;
336};
337
338class Certificate_Status_Request_Internal;
339
340/**
341* Certificate Status Request (RFC 6066)
342*/
343class BOTAN_UNSTABLE_API Certificate_Status_Request final : public Extension /* NOLINT(*-special-member-functions) */ {
344 public:
345 static Extension_Code static_type() { return Extension_Code::CertificateStatusRequest; }
346
347 Extension_Code type() const override { return static_type(); }
348
349 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
350
351 bool empty() const override { return false; }
352
353 const std::vector<uint8_t>& get_responder_id_list() const;
354 const std::vector<uint8_t>& get_request_extensions() const;
355 const std::vector<uint8_t>& get_ocsp_response() const;
356
357 // TLS 1.2 Server generated version: empty
358 Certificate_Status_Request();
359
360 // TLS 1.2 Client version, both lists can be empty
361 Certificate_Status_Request(std::vector<uint8_t> ocsp_responder_ids,
362 std::vector<std::vector<uint8_t>> ocsp_key_ids);
363
364 // TLS 1.3 version
365 explicit Certificate_Status_Request(std::vector<uint8_t> response);
366
367 Certificate_Status_Request(TLS_Data_Reader& reader,
368 uint16_t extension_size,
369 Handshake_Type message_type,
370 Connection_Side from);
371
372 ~Certificate_Status_Request() override;
373
374 private:
375 std::unique_ptr<Certificate_Status_Request_Internal> m_impl;
376};
377
378/**
379* Supported Versions from RFC 8446
380*/
381class BOTAN_UNSTABLE_API Supported_Versions final : public Extension {
382 public:
383 static Extension_Code static_type() { return Extension_Code::SupportedVersions; }
384
385 Extension_Code type() const override { return static_type(); }
386
387 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
388
389 bool empty() const override { return m_versions.empty(); }
390
391 Supported_Versions(Protocol_Version version, const Policy& policy);
392
393 explicit Supported_Versions(Protocol_Version version) { m_versions.push_back(version); }
394
395 Supported_Versions(TLS_Data_Reader& reader, uint16_t extension_size, Connection_Side from);
396
397 bool supports(Protocol_Version version) const;
398
399 const std::vector<Protocol_Version>& versions() const { return m_versions; }
400
401 private:
402 std::vector<Protocol_Version> m_versions;
403};
404
405using Named_Group = Group_Params;
406
407/**
408* Record Size Limit (RFC 8449)
409*
410* TODO: the record size limit is currently not honored by the TLS 1.2 stack
411*/
412class BOTAN_UNSTABLE_API Record_Size_Limit final : public Extension {
413 public:
414 static Extension_Code static_type() { return Extension_Code::RecordSizeLimit; }
415
416 Extension_Code type() const override { return static_type(); }
417
418 explicit Record_Size_Limit(uint16_t limit);
419
420 Record_Size_Limit(TLS_Data_Reader& reader, uint16_t extension_size, Connection_Side from);
421
422 uint16_t limit() const { return m_limit; }
423
424 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
425
426 bool empty() const override { return m_limit == 0; }
427
428 private:
429 uint16_t m_limit;
430};
431
432/**
433* Unknown extensions are deserialized as this type
434*/
435class BOTAN_UNSTABLE_API Unknown_Extension final : public Extension {
436 public:
437 Unknown_Extension(Extension_Code type, TLS_Data_Reader& reader, uint16_t extension_size);
438
439 std::vector<uint8_t> serialize(Connection_Side whoami) const override;
440
441 const std::vector<uint8_t>& value() { return m_value; }
442
443 bool empty() const override { return false; }
444
445 Extension_Code type() const override { return m_type; }
446
447 bool is_implemented() const override { return false; }
448
449 private:
450 Extension_Code m_type;
451 std::vector<uint8_t> m_value;
452};
453
454/**
455* Represents a block of extensions in a hello message
456*/
457class BOTAN_UNSTABLE_API Extensions final {
458 public:
459 std::set<Extension_Code> extension_types() const;
460
461 const std::vector<std::unique_ptr<Extension>>& all() const { return m_extensions; }
462
463 template <typename T>
464 T* get() const {
465 return dynamic_cast<T*>(get(T::static_type()));
466 }
467
468 template <typename T>
469 bool has() const {
470 return get<T>() != nullptr;
471 }
472
473 bool has(Extension_Code type) const { return get(type) != nullptr; }
474
475 size_t size() const { return m_extensions.size(); }
476
477 bool empty() const { return m_extensions.empty(); }
478
479 void add(std::unique_ptr<Extension> extn);
480
481 void add(Extension* extn) { add(std::unique_ptr<Extension>(extn)); }
482
483 Extension* get(Extension_Code type) const;
484
485 std::vector<uint8_t> serialize(Connection_Side whoami) const;
486
487 void deserialize(TLS_Data_Reader& reader, Connection_Side from, Handshake_Type message_type);
488
489 /**
490 * @param allowed_extensions extension types that are allowed
491 * @param allow_unknown_extensions if true, ignores unrecognized extensions
492 * @returns true if this contains any extensions that are not contained in @p allowed_extensions.
493 */
494 bool contains_other_than(const std::set<Extension_Code>& allowed_extensions,
495 bool allow_unknown_extensions = false) const;
496
497 /**
498 * @param allowed_extensions extension types that are allowed
499 * @returns true if this contains any extensions implemented by Botan that
500 * are not contained in @p allowed_extensions.
501 */
502 bool contains_implemented_extensions_other_than(const std::set<Extension_Code>& allowed_extensions) const {
503 return contains_other_than(allowed_extensions, true);
504 }
505
506 /**
507 * Take the extension with the given type out of the extensions list.
508 * Returns a nullptr if the extension didn't exist.
509 */
510 template <typename T>
511 decltype(auto) take() {
512 std::unique_ptr<T> out_ptr;
513
514 auto ext = take(T::static_type());
515 if(ext != nullptr) {
516 out_ptr.reset(dynamic_cast<T*>(ext.get()));
517 BOTAN_ASSERT_NOMSG(out_ptr != nullptr);
518 ext.release();
519 }
520
521 return out_ptr;
522 }
523
524 /**
525 * Take the extension with the given type out of the extensions list.
526 * Returns a nullptr if the extension didn't exist.
527 */
528 std::unique_ptr<Extension> take(Extension_Code type);
529
530 /**
531 * Remove an extension from this extensions object, if it exists.
532 * Returns true if the extension existed (and thus is now removed),
533 * otherwise false (the extension wasn't set in the first place).
534 *
535 * Note: not used internally, might be used in Callbacks::tls_modify_extensions()
536 */
537 bool remove_extension(Extension_Code type) { return take(type) != nullptr; }
538
539 Extensions() = default;
540 Extensions(const Extensions&) = delete;
541 Extensions& operator=(const Extensions&) = delete;
542 Extensions(Extensions&&) = default;
543 Extensions& operator=(Extensions&&) = default;
544 ~Extensions();
545
546 Extensions(TLS_Data_Reader& reader, Connection_Side side, Handshake_Type message_type) {
547 deserialize(reader, side, message_type);
548 }
549
550 private:
551 std::vector<std::unique_ptr<Extension>> m_extensions;
552};
553
554} // namespace TLS
555
556} // namespace Botan
557
558#endif
BOTAN_UNSTABLE_API
#define BOTAN_UNSTABLE_API
Definition api.h:34
BOTAN_ASSERT_NOMSG
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:75
Botan::Credentials_Manager
Definition credentials_manager.h:40
Botan::TLS::Application_Layer_Protocol_Notification
Definition tls_extensions.h:128
Botan::TLS::Application_Layer_Protocol_Notification::Application_Layer_Protocol_Notification
Application_Layer_Protocol_Notification(std::string_view protocol)
Definition tls_extensions.h:141
Botan::TLS::Application_Layer_Protocol_Notification::protocols
const std::vector< std::string > & protocols() const
Definition tls_extensions.h:134
Botan::TLS::Application_Layer_Protocol_Notification::Application_Layer_Protocol_Notification
Application_Layer_Protocol_Notification(const std::vector< std::string > &protocols)
Definition tls_extensions.h:147
Botan::TLS::Application_Layer_Protocol_Notification::type
Extension_Code type() const override
Definition tls_extensions.h:132
Botan::TLS::Application_Layer_Protocol_Notification::empty
bool empty() const override
Definition tls_extensions.h:154
Botan::TLS::Application_Layer_Protocol_Notification::static_type
static Extension_Code static_type()
Definition tls_extensions.h:130
Botan::TLS::Certificate_Status_Request::get_request_extensions
const std::vector< uint8_t > & get_request_extensions() const
Botan::TLS::Certificate_Status_Request::~Certificate_Status_Request
~Certificate_Status_Request() override
Botan::TLS::Certificate_Status_Request::get_responder_id_list
const std::vector< uint8_t > & get_responder_id_list() const
Botan::TLS::Certificate_Status_Request::Certificate_Status_Request
Certificate_Status_Request()
Definition tls_extensions_cert_status_req.cpp:150
Botan::TLS::Certificate_Status_Request::static_type
static Extension_Code static_type()
Definition tls_extensions.h:345
Botan::TLS::Certificate_Status_Request::get_ocsp_response
const std::vector< uint8_t > & get_ocsp_response() const
Definition tls_extensions_cert_status_req.cpp:163
Botan::TLS::Certificate_Status_Request::type
Extension_Code type() const override
Definition tls_extensions.h:347
Botan::TLS::Certificate_Status_Request::empty
bool empty() const override
Definition tls_extensions.h:351
Botan::TLS::Certificate_Type_Base::empty
bool empty() const override
Definition tls_extensions.h:186
Botan::TLS::Certificate_Type_Base::selected_certificate_type
Certificate_Type selected_certificate_type() const
Definition tls_extensions.cpp:498
Botan::TLS::Certificate_Type_Base::Certificate_Type_Base
Certificate_Type_Base(std::vector< Certificate_Type > supported_cert_types)
Definition tls_extensions.cpp:405
Botan::TLS::Certificate_Type_Base::validate_selection
void validate_selection(const Certificate_Type_Base &from_server) const
Definition tls_extensions.cpp:483
Botan::TLS::Certificate_Type_Base::serialize
std::vector< uint8_t > serialize(Connection_Side whoami) const override
Definition tls_extensions.cpp:467
Botan::TLS::Client_Certificate_Type::type
Extension_Code type() const override
Definition tls_extensions.h:211
Botan::TLS::Client_Certificate_Type::Client_Certificate_Type
Client_Certificate_Type(const Client_Certificate_Type &cct, const Policy &policy)
Definition tls_extensions.cpp:410
Botan::TLS::Client_Certificate_Type::Certificate_Type_Base
Certificate_Type_Base(std::vector< Certificate_Type > supported_cert_types)
Definition tls_extensions.cpp:405
Botan::TLS::Client_Certificate_Type::static_type
static Extension_Code static_type()
Definition tls_extensions.h:209
Botan::TLS::Extension::serialize
virtual std::vector< uint8_t > serialize(Connection_Side whoami) const =0
Botan::TLS::Extension::is_implemented
virtual bool is_implemented() const
Definition tls_extensions.h:95
Botan::TLS::Extension::type
virtual Extension_Code type() const =0
Botan::TLS::Extension::empty
virtual bool empty() const =0
Botan::TLS::Extension::~Extension
virtual ~Extension()=default
Botan::TLS::Extensions::Extensions
Extensions(Extensions &&)=default
Botan::TLS::Extensions::add
void add(Extension *extn)
Definition tls_extensions.h:481
Botan::TLS::Extensions::contains_implemented_extensions_other_than
bool contains_implemented_extensions_other_than(const std::set< Extension_Code > &allowed_extensions) const
Definition tls_extensions.h:502
Botan::TLS::Extensions::operator=
Extensions & operator=(const Extensions &)=delete
Botan::TLS::Extensions::Extensions
Extensions(const Extensions &)=delete
Botan::TLS::Extensions::deserialize
void deserialize(TLS_Data_Reader &reader, Connection_Side from, Handshake_Type message_type)
Definition tls_extensions.cpp:152
Botan::TLS::Extensions::Extensions
Extensions(TLS_Data_Reader &reader, Connection_Side side, Handshake_Type message_type)
Definition tls_extensions.h:546
Botan::TLS::Extensions::take
decltype(auto) take()
Definition tls_extensions.h:511
Botan::TLS::Extensions::operator=
Extensions & operator=(Extensions &&)=default
Botan::TLS::Extensions::remove_extension
bool remove_extension(Extension_Code type)
Definition tls_extensions.h:537
Botan::TLS::Extensions::extension_types
std::set< Extension_Code > extension_types() const
Definition tls_extensions.cpp:250
Botan::TLS::Extensions::has
bool has(Extension_Code type) const
Definition tls_extensions.h:473
Botan::TLS::Extensions::all
const std::vector< std::unique_ptr< Extension > > & all() const
Definition tls_extensions.h:461
Botan::TLS::Extensions::contains_other_than
bool contains_other_than(const std::set< Extension_Code > &allowed_extensions, bool allow_unknown_extensions=false) const
Definition tls_extensions.cpp:180
Botan::TLS::Group_Params
Definition tls_algos.h:137
Botan::TLS::Protocol_Version
Definition tls_version.h:34
Botan::TLS::Record_Size_Limit
Definition tls_extensions.h:412
Botan::TLS::Record_Size_Limit::limit
uint16_t limit() const
Definition tls_extensions.h:422
Botan::TLS::Record_Size_Limit::Record_Size_Limit
Record_Size_Limit(uint16_t limit)
Definition tls_extensions.cpp:735
Botan::TLS::Record_Size_Limit::type
Extension_Code type() const override
Definition tls_extensions.h:416
Botan::TLS::Record_Size_Limit::static_type
static Extension_Code static_type()
Definition tls_extensions.h:414
Botan::TLS::Record_Size_Limit::empty
bool empty() const override
Definition tls_extensions.h:426
Botan::TLS::SRTP_Protection_Profiles
Definition tls_extensions.h:316
Botan::TLS::SRTP_Protection_Profiles::type
Extension_Code type() const override
Definition tls_extensions.h:320
Botan::TLS::SRTP_Protection_Profiles::SRTP_Protection_Profiles
SRTP_Protection_Profiles(uint16_t pp)
Definition tls_extensions.h:330
Botan::TLS::SRTP_Protection_Profiles::empty
bool empty() const override
Definition tls_extensions.h:326
Botan::TLS::SRTP_Protection_Profiles::SRTP_Protection_Profiles
SRTP_Protection_Profiles(const std::vector< uint16_t > &pp)
Definition tls_extensions.h:328
Botan::TLS::SRTP_Protection_Profiles::profiles
const std::vector< uint16_t > & profiles() const
Definition tls_extensions.h:322
Botan::TLS::SRTP_Protection_Profiles::static_type
static Extension_Code static_type()
Definition tls_extensions.h:318
Botan::TLS::Server_Certificate_Type::static_type
static Extension_Code static_type()
Definition tls_extensions.h:223
Botan::TLS::Server_Certificate_Type::Server_Certificate_Type
Server_Certificate_Type(const Server_Certificate_Type &sct, const Policy &policy)
Definition tls_extensions.cpp:413
Botan::TLS::Server_Certificate_Type::Certificate_Type_Base
Certificate_Type_Base(std::vector< Certificate_Type > supported_cert_types)
Definition tls_extensions.cpp:405
Botan::TLS::Server_Certificate_Type::type
Extension_Code type() const override
Definition tls_extensions.h:225
Botan::TLS::Server_Name_Indicator
Definition tls_extensions.h:103
Botan::TLS::Server_Name_Indicator::static_type
static Extension_Code static_type()
Definition tls_extensions.h:105
Botan::TLS::Server_Name_Indicator::type
Extension_Code type() const override
Definition tls_extensions.h:107
Botan::TLS::Server_Name_Indicator::host_name
std::string host_name() const
Definition tls_extensions.h:113
Botan::TLS::Server_Name_Indicator::empty
bool empty() const override
Definition tls_extensions.h:117
Botan::TLS::Server_Name_Indicator::Server_Name_Indicator
Server_Name_Indicator(std::string_view host_name)
Definition tls_extensions.h:109
Botan::TLS::Signature_Algorithms_Cert
Definition tls_extensions.h:293
Botan::TLS::Signature_Algorithms_Cert::static_type
static Extension_Code static_type()
Definition tls_extensions.h:295
Botan::TLS::Signature_Algorithms_Cert::empty
bool empty() const override
Definition tls_extensions.h:303
Botan::TLS::Signature_Algorithms_Cert::Signature_Algorithms_Cert
Signature_Algorithms_Cert(std::vector< Signature_Scheme > schemes)
Definition tls_extensions.h:305
Botan::TLS::Signature_Algorithms_Cert::supported_schemes
const std::vector< Signature_Scheme > & supported_schemes() const
Definition tls_extensions.h:299
Botan::TLS::Signature_Algorithms_Cert::type
Extension_Code type() const override
Definition tls_extensions.h:297
Botan::TLS::Signature_Algorithms
Definition tls_extensions.h:260
Botan::TLS::Signature_Algorithms::Signature_Algorithms
Signature_Algorithms(std::vector< Signature_Scheme > schemes)
Definition tls_extensions.h:272
Botan::TLS::Signature_Algorithms::supported_schemes
const std::vector< Signature_Scheme > & supported_schemes() const
Definition tls_extensions.h:266
Botan::TLS::Signature_Algorithms::empty
bool empty() const override
Definition tls_extensions.h:270
Botan::TLS::Signature_Algorithms::static_type
static Extension_Code static_type()
Definition tls_extensions.h:262
Botan::TLS::Signature_Algorithms::type
Extension_Code type() const override
Definition tls_extensions.h:264
Botan::TLS::Supported_Groups
Definition tls_extensions.h:231
Botan::TLS::Supported_Groups::empty
bool empty() const override
Definition tls_extensions.h:251
Botan::TLS::Supported_Groups::Supported_Groups
Supported_Groups(const std::vector< Group_Params > &groups)
Definition tls_extensions.cpp:504
Botan::TLS::Supported_Groups::type
Extension_Code type() const override
Definition tls_extensions.h:235
Botan::TLS::Supported_Groups::static_type
static Extension_Code static_type()
Definition tls_extensions.h:233
Botan::TLS::Supported_Versions
Definition tls_extensions.h:381
Botan::TLS::Supported_Versions::static_type
static Extension_Code static_type()
Definition tls_extensions.h:383
Botan::TLS::Supported_Versions::Supported_Versions
Supported_Versions(Protocol_Version version, const Policy &policy)
Definition tls_extensions.cpp:675
Botan::TLS::Supported_Versions::versions
const std::vector< Protocol_Version > & versions() const
Definition tls_extensions.h:399
Botan::TLS::Supported_Versions::empty
bool empty() const override
Definition tls_extensions.h:389
Botan::TLS::Supported_Versions::Supported_Versions
Supported_Versions(Protocol_Version version)
Definition tls_extensions.h:393
Botan::TLS::Supported_Versions::type
Extension_Code type() const override
Definition tls_extensions.h:385
Botan::TLS::TLS_Data_Reader
Definition tls_reader.h:24
Botan::TLS::Unknown_Extension::empty
bool empty() const override
Definition tls_extensions.h:443
Botan::TLS::Unknown_Extension::serialize
std::vector< uint8_t > serialize(Connection_Side whoami) const override
Definition tls_extensions.cpp:262
Botan::TLS::Unknown_Extension::Unknown_Extension
Unknown_Extension(Extension_Code type, TLS_Data_Reader &reader, uint16_t extension_size)
Definition tls_extensions.cpp:259
Botan::TLS::Unknown_Extension::value
const std::vector< uint8_t > & value()
Definition tls_extensions.h:441
Botan::TLS::Unknown_Extension::is_implemented
bool is_implemented() const override
Definition tls_extensions.h:447
Botan::TLS::Unknown_Extension::type
Extension_Code type() const override
Definition tls_extensions.h:445
Botan::X509_DN
Definition pkix_types.h:41
Botan::TLS::Named_Group
Group_Params Named_Group
Definition tls_extensions.h:405
Botan::out_ptr
constexpr auto out_ptr(T &outptr) noexcept
Definition stl_util.h:127
Generated by doxygen 1.15.0