Botan  2.11.0
Crypto and TLS for C++11
tls_handshake_state.cpp
Go to the documentation of this file.
1 /*
2 * TLS Handshaking
3 * (C) 2004-2006,2011,2012,2015,2016 Jack Lloyd
4 * 2017 Harry Reimann, Rohde & Schwarz Cybersecurity
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #include <botan/internal/tls_handshake_state.h>
10 #include <botan/internal/tls_record.h>
11 #include <botan/tls_messages.h>
12 #include <botan/kdf.h>
13 #include <sstream>
14 
15 namespace Botan {
16 
17 namespace TLS {
18 
19 std::string Handshake_Message::type_string() const
20  {
21  return handshake_type_to_string(type());
22  }
23 
24 const char* handshake_type_to_string(Handshake_Type type)
25  {
26  switch(type)
27  {
28  case HELLO_VERIFY_REQUEST:
29  return "hello_verify_request";
30 
31  case HELLO_REQUEST:
32  return "hello_request";
33 
34  case CLIENT_HELLO:
35  return "client_hello";
36 
37  case SERVER_HELLO:
38  return "server_hello";
39 
40  case CERTIFICATE:
41  return "certificate";
42 
43  case CERTIFICATE_URL:
44  return "certificate_url";
45 
46  case CERTIFICATE_STATUS:
47  return "certificate_status";
48 
49  case SERVER_KEX:
50  return "server_key_exchange";
51 
52  case CERTIFICATE_REQUEST:
53  return "certificate_request";
54 
55  case SERVER_HELLO_DONE:
56  return "server_hello_done";
57 
58  case CERTIFICATE_VERIFY:
59  return "certificate_verify";
60 
61  case CLIENT_KEX:
62  return "client_key_exchange";
63 
64  case NEW_SESSION_TICKET:
65  return "new_session_ticket";
66 
67  case HANDSHAKE_CCS:
68  return "change_cipher_spec";
69 
70  case FINISHED:
71  return "finished";
72 
73  case HANDSHAKE_NONE:
74  return "invalid";
75  }
76 
77  throw TLS_Exception(Alert::UNEXPECTED_MESSAGE,
78  "Unknown TLS handshake message type " + std::to_string(type));
79  }
80 
81 namespace {
82 
83 uint32_t bitmask_for_handshake_type(Handshake_Type type)
84  {
85  switch(type)
86  {
87  case HELLO_VERIFY_REQUEST:
88  return (1 << 0);
89 
90  case HELLO_REQUEST:
91  return (1 << 1);
92 
93  case CLIENT_HELLO:
94  return (1 << 2);
95 
96  case SERVER_HELLO:
97  return (1 << 3);
98 
99  case CERTIFICATE:
100  return (1 << 4);
101 
102  case CERTIFICATE_URL:
103  return (1 << 5);
104 
105  case CERTIFICATE_STATUS:
106  return (1 << 6);
107 
108  case SERVER_KEX:
109  return (1 << 7);
110 
111  case CERTIFICATE_REQUEST:
112  return (1 << 8);
113 
114  case SERVER_HELLO_DONE:
115  return (1 << 9);
116 
117  case CERTIFICATE_VERIFY:
118  return (1 << 10);
119 
120  case CLIENT_KEX:
121  return (1 << 11);
122 
123  case NEW_SESSION_TICKET:
124  return (1 << 12);
125 
126  case HANDSHAKE_CCS:
127  return (1 << 13);
128 
129  case FINISHED:
130  return (1 << 14);
131 
132  // allow explicitly disabling new handshakes
133  case HANDSHAKE_NONE:
134  return 0;
135  }
136 
137  throw TLS_Exception(Alert::UNEXPECTED_MESSAGE,
138  "Unknown TLS handshake message type " + std::to_string(type));
139  }
140 
141 std::string handshake_mask_to_string(uint32_t mask, char combiner)
142  {
143  const Handshake_Type types[] = {
144  HELLO_VERIFY_REQUEST,
145  HELLO_REQUEST,
146  CLIENT_HELLO,
147  CERTIFICATE,
148  CERTIFICATE_URL,
149  CERTIFICATE_STATUS,
150  SERVER_KEX,
151  CERTIFICATE_REQUEST,
152  SERVER_HELLO_DONE,
153  CERTIFICATE_VERIFY,
154  CLIENT_KEX,
155  NEW_SESSION_TICKET,
156  HANDSHAKE_CCS,
157  FINISHED
158  };
159 
160  std::ostringstream o;
161  bool empty = true;
162 
163  for(auto&& t : types)
164  {
165  if(mask & bitmask_for_handshake_type(t))
166  {
167  if(!empty)
168  o << combiner;
169  o << handshake_type_to_string(t);
170  empty = false;
171  }
172  }
173 
174  return o.str();
175  }
176 
177 }
178 
179 /*
180 * Initialize the SSL/TLS Handshake State
181 */
182 Handshake_State::Handshake_State(Handshake_IO* io, Callbacks& cb) :
183  m_callbacks(cb),
184  m_handshake_io(io),
185  m_version(m_handshake_io->initial_record_version())
186  {
187  }
188 
189 void Handshake_State::note_message(const Handshake_Message& msg)
190  {
191  m_callbacks.tls_inspect_handshake_msg(msg);
192  }
193 
194 void Handshake_State::hello_verify_request(const Hello_Verify_Request& hello_verify)
195  {
196  note_message(hello_verify);
197 
198  m_client_hello->update_hello_cookie(hello_verify);
199  hash().reset();
200  hash().update(handshake_io().send(*m_client_hello));
201  note_message(*m_client_hello);
202  }
203 
204 void Handshake_State::client_hello(Client_Hello* client_hello)
205  {
206  if(client_hello == nullptr)
207  {
208  m_client_hello.reset();
209  hash().reset();
210  }
211  else
212  {
213  m_client_hello.reset(client_hello);
214  note_message(*m_client_hello);
215  }
216  }
217 
218 void Handshake_State::server_hello(Server_Hello* server_hello)
219  {
220  m_server_hello.reset(server_hello);
221  m_ciphersuite = Ciphersuite::by_id(m_server_hello->ciphersuite());
222  note_message(*m_server_hello);
223  }
224 
225 void Handshake_State::server_certs(Certificate* server_certs)
226  {
227  m_server_certs.reset(server_certs);
228  note_message(*m_server_certs);
229  }
230 
231 void Handshake_State::server_cert_status(Certificate_Status* server_cert_status)
232  {
233  m_server_cert_status.reset(server_cert_status);
234  note_message(*m_server_cert_status);
235  }
236 
237 void Handshake_State::server_kex(Server_Key_Exchange* server_kex)
238  {
239  m_server_kex.reset(server_kex);
240  note_message(*m_server_kex);
241  }
242 
243 void Handshake_State::cert_req(Certificate_Req* cert_req)
244  {
245  m_cert_req.reset(cert_req);
246  note_message(*m_cert_req);
247  }
248 
249 void Handshake_State::server_hello_done(Server_Hello_Done* server_hello_done)
250  {
251  m_server_hello_done.reset(server_hello_done);
252  note_message(*m_server_hello_done);
253  }
254 
255 void Handshake_State::client_certs(Certificate* client_certs)
256  {
257  m_client_certs.reset(client_certs);
258  note_message(*m_client_certs);
259  }
260 
261 void Handshake_State::client_kex(Client_Key_Exchange* client_kex)
262  {
263  m_client_kex.reset(client_kex);
264  note_message(*m_client_kex);
265  }
266 
267 void Handshake_State::client_verify(Certificate_Verify* client_verify)
268  {
269  m_client_verify.reset(client_verify);
270  note_message(*m_client_verify);
271  }
272 
273 void Handshake_State::new_session_ticket(New_Session_Ticket* new_session_ticket)
274  {
275  m_new_session_ticket.reset(new_session_ticket);
276  note_message(*m_new_session_ticket);
277  }
278 
279 void Handshake_State::server_finished(Finished* server_finished)
280  {
281  m_server_finished.reset(server_finished);
282  note_message(*m_server_finished);
283  }
284 
285 void Handshake_State::client_finished(Finished* client_finished)
286  {
287  m_client_finished.reset(client_finished);
288  note_message(*m_client_finished);
289  }
290 
291 void Handshake_State::set_version(const Protocol_Version& version)
292  {
293  m_version = version;
294  }
295 
296 void Handshake_State::compute_session_keys()
297  {
298  m_session_keys = Session_Keys(this, client_kex()->pre_master_secret(), false);
299  }
300 
301 void Handshake_State::compute_session_keys(const secure_vector<uint8_t>& resume_master_secret)
302  {
303  m_session_keys = Session_Keys(this, resume_master_secret, true);
304  }
305 
306 void Handshake_State::confirm_transition_to(Handshake_Type handshake_msg)
307  {
308  const uint32_t mask = bitmask_for_handshake_type(handshake_msg);
309 
310  m_hand_received_mask |= mask;
311 
312  const bool ok = (m_hand_expecting_mask & mask) != 0; // overlap?
313 
314  if(!ok)
315  {
316  throw Unexpected_Message("Unexpected state transition in handshake, expected " +
317  handshake_mask_to_string(m_hand_expecting_mask, '|') +
318  " received " + handshake_mask_to_string(m_hand_received_mask, '+'));
319  }
320 
321  /* We don't know what to expect next, so force a call to
322  set_expected_next; if it doesn't happen, the next transition
323  check will always fail which is what we want.
324  */
325  m_hand_expecting_mask = 0;
326  }
327 
328 void Handshake_State::set_expected_next(Handshake_Type handshake_msg)
329  {
330  m_hand_expecting_mask |= bitmask_for_handshake_type(handshake_msg);
331  }
332 
333 bool Handshake_State::received_handshake_msg(Handshake_Type handshake_msg) const
334  {
335  const uint32_t mask = bitmask_for_handshake_type(handshake_msg);
336 
337  return (m_hand_received_mask & mask) != 0;
338  }
339 
340 std::pair<Handshake_Type, std::vector<uint8_t>>
341 Handshake_State::get_next_handshake_msg()
342  {
343  const bool expecting_ccs =
344  (bitmask_for_handshake_type(HANDSHAKE_CCS) & m_hand_expecting_mask) != 0;
345 
346  return m_handshake_io->get_next_record(expecting_ccs);
347  }
348 
349 std::string Handshake_State::srp_identifier() const
350  {
351 #if defined(BOTAN_HAS_SRP6)
352  // Authenticated via the successful key exchange
353  if(ciphersuite().valid() && ciphersuite().kex_method() == Kex_Algo::SRP_SHA)
354  return client_hello()->srp_identifier();
355 #endif
356 
357  return "";
358  }
359 
360 
361 std::vector<uint8_t> Handshake_State::session_ticket() const
362  {
363  if(new_session_ticket() && !new_session_ticket()->ticket().empty())
364  return new_session_ticket()->ticket();
365 
366  return client_hello()->session_ticket();
367  }
368 
369 KDF* Handshake_State::protocol_specific_prf() const
370  {
371  if(version().supports_ciphersuite_specific_prf())
372  {
373  const std::string prf_algo = ciphersuite().prf_algo();
374 
375  if(prf_algo == "MD5" || prf_algo == "SHA-1")
376  return get_kdf("TLS-12-PRF(SHA-256)");
377 
378  return get_kdf("TLS-12-PRF(" + prf_algo + ")");
379  }
380 
381  // Old PRF used in TLS v1.0, v1.1 and DTLS v1.0
382  return get_kdf("TLS-PRF");
383  }
384 
385 std::pair<std::string, Signature_Format>
386 Handshake_State::choose_sig_format(const Private_Key& key,
387  Signature_Scheme& chosen_scheme,
388  bool for_client_auth,
389  const Policy& policy) const
390  {
391  const std::string sig_algo = key.algo_name();
392 
393  if(this->version().supports_negotiable_signature_algorithms())
394  {
395  const std::vector<Signature_Scheme> allowed = policy.allowed_signature_schemes();
396 
397  std::vector<Signature_Scheme> requested =
398  (for_client_auth) ? cert_req()->signature_schemes() : client_hello()->signature_schemes();
399 
400  if(requested.empty())
401  {
402  // Implicit SHA-1
403  requested.push_back(Signature_Scheme::RSA_PKCS1_SHA1);
404  requested.push_back(Signature_Scheme::ECDSA_SHA1);
405  requested.push_back(Signature_Scheme::DSA_SHA1);
406  }
407 
408  for(Signature_Scheme scheme : allowed)
409  {
410  if(signature_scheme_is_known(scheme) == false)
411  {
412  continue;
413  }
414 
415  if(signature_algorithm_of_scheme(scheme) == sig_algo)
416  {
417  if(std::find(requested.begin(), requested.end(), scheme) != requested.end())
418  {
419  chosen_scheme = scheme;
420  break;
421  }
422  }
423  }
424 
425  const std::string hash = hash_function_of_scheme(chosen_scheme);
426 
427  if(!policy.allowed_signature_hash(hash))
428  {
429  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
430  "Policy refuses to accept signing with any hash supported by peer");
431  }
432 
433  if(sig_algo == "RSA")
434  {
435  return std::make_pair(padding_string_for_scheme(chosen_scheme), IEEE_1363);
436  }
437  else if(sig_algo == "DSA" || sig_algo == "ECDSA")
438  {
439  return std::make_pair(padding_string_for_scheme(chosen_scheme), DER_SEQUENCE);
440  }
441  }
442  else
443  {
444  if(sig_algo == "RSA")
445  {
446  const std::string padding = "PKCS1v15(Parallel(MD5,SHA-160))";
447  return std::make_pair(padding, IEEE_1363);
448  }
449  else if(sig_algo == "DSA" || sig_algo == "ECDSA")
450  {
451  const std::string padding = "EMSA1(SHA-1)";
452  return std::make_pair(padding, DER_SEQUENCE);
453  }
454  }
455 
456  throw Invalid_Argument(sig_algo + " is invalid/unknown for TLS signatures");
457  }
458 
459 namespace {
460 
461 bool supported_algos_include(
462  const std::vector<Signature_Scheme>& schemes,
463  const std::string& key_type,
464  const std::string& hash_type)
465  {
466  for(Signature_Scheme scheme : schemes)
467  {
468  if(signature_scheme_is_known(scheme) &&
469  hash_function_of_scheme(scheme) == hash_type &&
470  signature_algorithm_of_scheme(scheme) == key_type)
471  {
472  return true;
473  }
474  }
475 
476  return false;
477  }
478 
479 }
480 
481 std::pair<std::string, Signature_Format>
482 Handshake_State::parse_sig_format(const Public_Key& key,
483  Signature_Scheme scheme,
484  bool for_client_auth,
485  const Policy& policy) const
486  {
487  const std::string key_type = key.algo_name();
488 
489  if(!policy.allowed_signature_method(key_type))
490  {
491  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
492  "Rejecting " + key_type + " signature");
493  }
494 
495  if(this->version().supports_negotiable_signature_algorithms() == false)
496  {
497  if(scheme != Signature_Scheme::NONE)
498  throw Decoding_Error("Counterparty sent hash/sig IDs with old version");
499 
500  /*
501  There is no check on the acceptability of a v1.0/v1.1 hash type,
502  since it's implicit with use of the protocol
503  */
504 
505  if(key_type == "RSA")
506  {
507  const std::string padding = "PKCS1v15(Parallel(MD5,SHA-160))";
508  return std::make_pair(padding, IEEE_1363);
509  }
510  else if(key_type == "DSA" || key_type == "ECDSA")
511  {
512  const std::string padding = "EMSA1(SHA-1)";
513  return std::make_pair(padding, DER_SEQUENCE);
514  }
515  else
516  throw Invalid_Argument(key_type + " is invalid/unknown for TLS signatures");
517  }
518 
519  if(scheme == Signature_Scheme::NONE)
520  throw Decoding_Error("Counterparty did not send hash/sig IDS");
521 
522  if(key_type != signature_algorithm_of_scheme(scheme))
523  throw Decoding_Error("Counterparty sent inconsistent key and sig types");
524 
525  if(for_client_auth && !cert_req())
526  {
527  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
528  "No certificate verify set");
529  }
530 
531  /*
532  Confirm the signature type we just received against the
533  supported_algos list that we sent; it better be there.
534  */
535 
536  const std::vector<Signature_Scheme> supported_algos =
537  for_client_auth ? cert_req()->signature_schemes() :
538  client_hello()->signature_schemes();
539 
540  if(!signature_scheme_is_known(scheme))
541  throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
542  "Peer sent unknown signature scheme");
543 
544  const std::string hash_algo = hash_function_of_scheme(scheme);
545 
546  if(!supported_algos_include(supported_algos, key_type, hash_algo))
547  {
548  throw TLS_Exception(Alert::ILLEGAL_PARAMETER,
549  "TLS signature extension did not allow for " +
550  key_type + "/" + hash_algo + " signature");
551  }
552 
553  if(key_type == "RSA")
554  {
555  return std::make_pair(padding_string_for_scheme(scheme), IEEE_1363);
556  }
557  else if(key_type == "DSA" || key_type == "ECDSA")
558  {
559  return std::make_pair(padding_string_for_scheme(scheme), DER_SEQUENCE);
560  }
561 
562  throw Invalid_Argument(key_type + " is invalid/unknown for TLS signatures");
563  }
564 
565 }
566 
567 }
Botan::TLS::Certificate_Req
Definition: tls_messages.h:423
Botan::TLS::Server_Hello
Definition: tls_messages.h:194
Botan::TLS::Hello_Verify_Request
Definition: tls_messages.h:50
Botan::TLS::Handshake_State::client_kex
const Client_Key_Exchange * client_kex() const
Definition: tls_handshake_state.h:141
Botan::TLS::Handshake_State::parse_sig_format
std::pair< std::string, Signature_Format > parse_sig_format(const Public_Key &key, Signature_Scheme scheme, bool for_client_auth, const Policy &policy) const
Definition: tls_handshake_state.cpp:482
Botan::TLS::Handshake_State::session_ticket
std::vector< uint8_t > session_ticket() const
Definition: tls_handshake_state.cpp:361
Botan::TLS::Client_Hello::session_ticket
std::vector< uint8_t > session_ticket() const
Definition: msg_client_hello.cpp:416
Botan::TLS::Certificate_Verify
Definition: tls_messages.h:458
Botan::TLS::hash_function_of_scheme
std::string hash_function_of_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:191
Botan::get_kdf
KDF * get_kdf(const std::string &algo_spec)
Definition: kdf.cpp:237
padding
botan_pubkey_t const char * padding
Definition: ffi.h:1341
Botan::TLS::Signature_Scheme
Signature_Scheme
Definition: tls_algos.h:84
Botan::TLS::Handshake_State::choose_sig_format
std::pair< std::string, Signature_Format > choose_sig_format(const Private_Key &key, Signature_Scheme &scheme, bool for_client_auth, const Policy &policy) const
Definition: tls_handshake_state.cpp:386
Botan::TLS::Handshake_Hash::reset
void reset()
Definition: tls_handshake_hash.h:35
Botan::TLS::Handshake_State::server_hello
const Server_Hello * server_hello() const
Definition: tls_handshake_state.h:123
Botan::TLS::Handshake_State::server_certs
const Certificate * server_certs() const
Definition: tls_handshake_state.h:126
Botan::ASN1::to_string
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:213
Botan::TLS::Handshake_State::Handshake_State
Handshake_State(Handshake_IO *io, Callbacks &callbacks)
Definition: tls_handshake_state.cpp:182
Botan::TLS::Handshake_State::server_finished
const Finished * server_finished() const
Definition: tls_handshake_state.h:153
type
MechanismType type
Definition: p11_mechanism.cpp:44
Botan::TLS::Server_Key_Exchange
Definition: tls_messages.h:530
Botan::TLS::padding_string_for_scheme
std::string padding_string_for_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:379
Botan::TLS::Session_Keys
Definition: tls_session_key.h:23
Botan::TLS::Handshake_State::server_kex
const Server_Key_Exchange * server_kex() const
Definition: tls_handshake_state.h:129
Botan::TLS::Handshake_State::srp_identifier
std::string srp_identifier() const
Definition: tls_handshake_state.cpp:349
Botan::TLS::Server_Hello_Done
Definition: tls_messages.h:597
Botan::TLS::Handshake_State::protocol_specific_prf
KDF * protocol_specific_prf() const
Definition: tls_handshake_state.cpp:369
Botan::TLS::Handshake_State::ciphersuite
const Ciphersuite & ciphersuite() const
Definition: tls_handshake_state.h:159
Botan::TLS::Handshake_State::compute_session_keys
void compute_session_keys()
Definition: tls_handshake_state.cpp:296
Botan::TLS::signature_scheme_is_known
bool signature_scheme_is_known(Signature_Scheme scheme)
Definition: tls_algos.cpp:262
Botan::TLS::Handshake_State::hash
Handshake_Hash & hash()
Definition: tls_handshake_state.h:169
Botan::TLS::Handshake_State::set_version
void set_version(const Protocol_Version &version)
Definition: tls_handshake_state.cpp:291
Botan::TLS::Handshake_State::cert_req
const Certificate_Req * cert_req() const
Definition: tls_handshake_state.h:132
Botan::TLS::Handshake_State::client_verify
const Certificate_Verify * client_verify() const
Definition: tls_handshake_state.h:144
Botan::TLS::Handshake_State::server_cert_status
const Certificate_Status * server_cert_status() const
Definition: tls_handshake_state.h:147
Botan::TLS::Client_Key_Exchange
Definition: tls_messages.h:336
Botan::TLS::Handshake_State::get_next_handshake_msg
std::pair< Handshake_Type, std::vector< uint8_t > > get_next_handshake_msg()
Definition: tls_handshake_state.cpp:341
Botan::TLS::Handshake_State::client_finished
const Finished * client_finished() const
Definition: tls_handshake_state.h:156
Botan::send
void uint8_t send[]
Definition: newhope.h:72
Botan::TLS::Handshake_Hash::update
void update(const uint8_t in[], size_t length)
Definition: tls_handshake_hash.h:24
Botan::TLS::Client_Hello::signature_schemes
std::vector< Signature_Scheme > signature_schemes() const
Definition: msg_client_hello.cpp:341
Botan::TLS::Handshake_State::client_certs
const Certificate * client_certs() const
Definition: tls_handshake_state.h:138
Botan::key
class BOTAN_PUBLIC_API(2, 11) Argon2 final class BOTAN_PUBLIC_API(2, 11) Argon2_Family final void size_t const char size_t const uint8_t size_t const uint8_t key[]
Definition: argon2.h:87
Botan::TLS::Handshake_IO
Definition: tls_handshake_io.h:29
Botan
Definition: alg_id.cpp:13
Botan::TLS::Handshake_State::received_handshake_msg
bool received_handshake_msg(Handshake_Type msg_type) const
Definition: tls_handshake_state.cpp:333
Botan::TLS::Handshake_State::confirm_transition_to
void confirm_transition_to(Handshake_Type msg_type)
Definition: tls_handshake_state.cpp:306
hash_algo
AlgorithmIdentifier hash_algo
Definition: x509_obj.cpp:23
Botan::TLS::Handshake_State::note_message
void note_message(const Handshake_Message &msg)
Definition: tls_handshake_state.cpp:189
Botan::TLS::New_Session_Ticket::ticket
const std::vector< uint8_t > & ticket() const
Definition: tls_messages.h:617
Botan::TLS::Handshake_State::new_session_ticket
const New_Session_Ticket * new_session_ticket() const
Definition: tls_handshake_state.h:150
Botan::TLS::signature_algorithm_of_scheme
std::string signature_algorithm_of_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:291
Botan::TLS::Handshake_State::server_hello_done
const Server_Hello_Done * server_hello_done() const
Definition: tls_handshake_state.h:135
Botan::TLS::Handshake_State::handshake_io
Handshake_IO & handshake_io()
Definition: tls_handshake_state.h:59
Botan::TLS::Handshake_State::hello_verify_request
void hello_verify_request(const Hello_Verify_Request &hello_verify)
Definition: tls_handshake_state.cpp:194
Botan::TLS::New_Session_Ticket
Definition: tls_messages.h:611
Botan::TLS::Handshake_State::version
Protocol_Version version() const
Definition: tls_handshake_state.h:100
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65
Botan::TLS::Handshake_State::client_hello
const Client_Hello * client_hello() const
Definition: tls_handshake_state.h:120
Botan::TLS::Certificate_Req::signature_schemes
const std::vector< Signature_Scheme > & signature_schemes() const
Definition: tls_messages.h:433
Botan::TLS::handshake_type_to_string
const char * handshake_type_to_string(Handshake_Type type)
Definition: tls_handshake_state.cpp:24
Botan::t
class BOTAN_PUBLIC_API(2, 11) Argon2 final class BOTAN_PUBLIC_API(2, 11) Argon2_Family final void size_t const char size_t const uint8_t size_t const uint8_t size_t const uint8_t size_t uint8_t size_t size_t size_t t
Definition: argon2.h:87
Botan::TLS::Handshake_State::set_expected_next
void set_expected_next(Handshake_Type msg_type)
Definition: tls_handshake_state.cpp:328
Botan::TLS::Certificate_Status
Definition: tls_messages.h:393
Botan::TLS::Client_Hello
Definition: tls_messages.h:70
Generated by   doxygen 1.8.15