Botan 3.5.0
Crypto and TLS for C&
tls_handshake_layer_13.h
Go to the documentation of this file.
1/*
2* TLS handshake layer implementation for TLS 1.3
3* (C) 2022 Jack Lloyd
4* 2022 Hannes Rantzsch, René Meusel - neXenio GmbH
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_TLS_HANDSHAKE_LAYER_13_H_
10#define BOTAN_TLS_HANDSHAKE_LAYER_13_H_
11
12#include <optional>
13#include <vector>
14
15#include <botan/tls_magic.h>
16#include <botan/tls_messages.h>
17
18namespace Botan::TLS {
19
20class Transcript_Hash_State;
21
22/**
23 * Implementation of the TLS 1.3 handshake protocol layer
24 *
25 * This component transforms payload bytes received in TLS records
26 * from the peer into parsed handshake messages and vice versa.
27 */
29 public:
32 // RFC 8446 4.4.2
33 // If the corresponding certificate type extension
34 // ("server_certificate_type" or "client_certificate_type") was not
35 // negotiated in EncryptedExtensions, or the X.509 certificate type
36 // was negotiated, then each CertificateEntry contains a DER-encoded
37 // X.509 certificate.
38 //
39 // We need the certificate_type info to parse Certificate messages.
40 ,
41 m_certificate_type(Certificate_Type::X509) {}
42
43 /**
44 * Reads data that was received in handshake records and stores it internally for further
45 * processing during the invocation of `next_message()`.
46 *
47 * @param data_from_peer The data to be parsed.
48 */
49 void copy_data(std::span<const uint8_t> data_from_peer);
50
51 /**
52 * Parses one handshake message off the internal buffer that is being filled using `copy_data`.
53 *
54 * @param policy the TLS policy
55 * @param transcript_hash the transcript hash state to be updated
56 *
57 * @return the parsed handshake message, or nullopt if more data is needed to complete the message
58 */
59 std::optional<Handshake_Message_13> next_message(const Policy& policy, Transcript_Hash_State& transcript_hash);
60
61 /**
62 * Parses one post-handshake message off the internal buffer that is being filled using `copy_data`.
63 *
64 * @param policy the TLS policy
65 *
66 * @return the parsed post-handshake message, or nullopt if more data is needed to complete the message
67 */
68 std::optional<Post_Handshake_Message_13> next_post_handshake_message(const Policy& policy);
69
70 /**
71 * Marshalls one handshake message for sending in an (encrypted) record and updates the
72 * provided transcript hash state accordingly.
73 *
74 * @param message the handshake message to be marshalled
75 * @param transcript_hash the transcript hash state to be updated
76 *
77 * @return the marshalled handshake message
78 */
79 static std::vector<uint8_t> prepare_message(Handshake_Message_13_Ref message,
80 Transcript_Hash_State& transcript_hash);
81
82 /**
83 * Marshalls one post-handshake message for sending in an (encrypted) record.
84 *
85 * @param message the post handshake message to be marshalled
86 *
87 * @return the marshalled post-handshake message
88 */
89 static std::vector<uint8_t> prepare_post_handshake_message(const Post_Handshake_Message_13& message);
90
91 /**
92 * Check if the Handshake_Layer has stored a partial message in its internal buffer.
93 * This can happen if a handshake message spans multiple records.
94 */
95 bool has_pending_data() const { return !m_read_buffer.empty(); }
96
97 /**
98 * Set the certificate_type used for parsing Certificate messages. This
99 * is determined via (client/server)_certificate_type extensions during
100 * the handshake.
101 *
102 * RFC 7250 4.3 and 4.4
103 * When the TLS server has specified RawPublicKey as the
104 * [client_certificate_type/server_certificate_type], authentication
105 * of the TLS [client/server] to the TLS [server/client] is supported
106 * only through authentication of the received client
107 * SubjectPublicKeyInfo via an out-of-band method.
108 *
109 * If the peer sends a Certificate message containing an incompatible
110 * means of authentication, a 'decode_error' will be generated.
111 */
112 void set_selected_certificate_type(Certificate_Type cert_type) { m_certificate_type = cert_type; }
113
114 private:
115 std::vector<uint8_t> m_read_buffer;
116 Connection_Side m_peer;
117 Certificate_Type m_certificate_type;
118};
119
120} // namespace Botan::TLS
121
122#endif
Handshake_Layer(Connection_Side whoami)
void set_selected_certificate_type(Certificate_Type cert_type)
#define BOTAN_TEST_API
Definition compiler.h:51
as_wrapped_references_t< Handshake_Message_13 > Handshake_Message_13_Ref
std::variant< New_Session_Ticket_13, Key_Update > Post_Handshake_Message_13