Botan  2.4.0
Crypto and TLS for C++11
tls_handshake_state.h
Go to the documentation of this file.
1 /*
2 * TLS Handshake State
3 * (C) 2004-2006,2011,2012 Jack Lloyd
4 * 2017 Harry Reimann, Rohde & Schwarz Cybersecurity
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #ifndef BOTAN_TLS_HANDSHAKE_STATE_H_
10 #define BOTAN_TLS_HANDSHAKE_STATE_H_
11 
12 #include <botan/internal/tls_handshake_hash.h>
13 #include <botan/internal/tls_handshake_io.h>
14 #include <botan/internal/tls_session_key.h>
15 #include <botan/tls_ciphersuite.h>
16 #include <botan/tls_exceptn.h>
17 #include <botan/tls_handshake_msg.h>
18 #include <botan/tls_callbacks.h>
19 #include <botan/pk_keys.h>
20 #include <botan/pubkey.h>
21 #include <functional>
22 
23 namespace Botan {
24 
25 class KDF;
26 
27 namespace TLS {
28 
29 class Callbacks;
30 class Policy;
31 
32 class Hello_Verify_Request;
33 class Client_Hello;
34 class Server_Hello;
35 class Certificate;
36 class Certificate_Status;
37 class Server_Key_Exchange;
38 class Certificate_Req;
39 class Server_Hello_Done;
40 class Certificate;
41 class Client_Key_Exchange;
42 class Certificate_Verify;
43 class New_Session_Ticket;
44 class Finished;
45 
46 /**
47 * SSL/TLS Handshake State
48 */
50  {
51  public:
53 
54  virtual ~Handshake_State() = default;
55 
56  Handshake_State(const Handshake_State&) = delete;
57  Handshake_State& operator=(const Handshake_State&) = delete;
58 
59  Handshake_IO& handshake_io() { return *m_handshake_io; }
60 
61  /**
62  * Return true iff we have received a particular message already
63  * @param msg_type the message type
64  */
65  bool received_handshake_msg(Handshake_Type msg_type) const;
66 
67  /**
68  * Confirm that we were expecting this message type
69  * @param msg_type the message type
70  */
72 
73  /**
74  * Record that we are expecting a particular message type next
75  * @param msg_type the message type
76  */
77  void set_expected_next(Handshake_Type msg_type);
78 
79  std::pair<Handshake_Type, std::vector<uint8_t>>
81 
82  std::vector<uint8_t> session_ticket() const;
83 
84  std::pair<std::string, Signature_Format>
85  parse_sig_format(const Public_Key& key,
86  const std::string& hash_algo,
87  const std::string& sig_algo,
88  bool for_client_auth,
89  const Policy& policy) const;
90 
91  std::pair<std::string, Signature_Format>
92  choose_sig_format(const Private_Key& key,
93  std::string& hash_algo,
94  std::string& sig_algo,
95  bool for_client_auth,
96  const Policy& policy) const;
97 
98  std::string srp_identifier() const;
99 
100  KDF* protocol_specific_prf() const;
101 
102  Protocol_Version version() const { return m_version; }
103 
104  void set_version(const Protocol_Version& version);
105 
106  void hello_verify_request(const Hello_Verify_Request& hello_verify);
107 
121 
122  const Client_Hello* client_hello() const
123  { return m_client_hello.get(); }
124 
125  const Server_Hello* server_hello() const
126  { return m_server_hello.get(); }
127 
128  const Certificate* server_certs() const
129  { return m_server_certs.get(); }
130 
132  { return m_server_kex.get(); }
133 
134  const Certificate_Req* cert_req() const
135  { return m_cert_req.get(); }
136 
138  { return m_server_hello_done.get(); }
139 
140  const Certificate* client_certs() const
141  { return m_client_certs.get(); }
142 
144  { return m_client_kex.get(); }
145 
147  { return m_client_verify.get(); }
148 
150  { return m_server_cert_status.get(); }
151 
153  { return m_new_session_ticket.get(); }
154 
155  const Finished* server_finished() const
156  { return m_server_finished.get(); }
157 
158  const Finished* client_finished() const
159  { return m_client_finished.get(); }
160 
161  const Ciphersuite& ciphersuite() const { return m_ciphersuite; }
162 
163  const Session_Keys& session_keys() const { return m_session_keys; }
164 
165  Callbacks& callbacks() const { return m_callbacks; }
166 
167  void compute_session_keys();
168 
170 
171  Handshake_Hash& hash() { return m_handshake_hash; }
172 
173  const Handshake_Hash& hash() const { return m_handshake_hash; }
174 
175  void note_message(const Handshake_Message& msg);
176  private:
177 
178  Callbacks& m_callbacks;
179 
180  std::unique_ptr<Handshake_IO> m_handshake_io;
181 
182  uint32_t m_hand_expecting_mask = 0;
183  uint32_t m_hand_received_mask = 0;
184  Protocol_Version m_version;
185  Ciphersuite m_ciphersuite;
186  Session_Keys m_session_keys;
187  Handshake_Hash m_handshake_hash;
188 
189  std::unique_ptr<Client_Hello> m_client_hello;
190  std::unique_ptr<Server_Hello> m_server_hello;
191  std::unique_ptr<Certificate> m_server_certs;
192  std::unique_ptr<Certificate_Status> m_server_cert_status;
193  std::unique_ptr<Server_Key_Exchange> m_server_kex;
194  std::unique_ptr<Certificate_Req> m_cert_req;
195  std::unique_ptr<Server_Hello_Done> m_server_hello_done;
196  std::unique_ptr<Certificate> m_client_certs;
197  std::unique_ptr<Client_Key_Exchange> m_client_kex;
198  std::unique_ptr<Certificate_Verify> m_client_verify;
199  std::unique_ptr<New_Session_Ticket> m_new_session_ticket;
200  std::unique_ptr<Finished> m_server_finished;
201  std::unique_ptr<Finished> m_client_finished;
202  };
203 
204 }
205 
206 }
207 
208 #endif
Handshake_State & operator=(const Handshake_State &)=delete
virtual ~Handshake_State()=default
const Client_Key_Exchange * client_kex() const
std::vector< uint8_t > session_ticket() const
std::pair< std::string, Signature_Format > parse_sig_format(const Public_Key &key, const std::string &hash_algo, const std::string &sig_algo, bool for_client_auth, const Policy &policy) const
const Server_Hello * server_hello() const
const Certificate * server_certs() const
Handshake_State(Handshake_IO *io, Callbacks &callbacks)
const Finished * server_finished() const
std::pair< std::string, Signature_Format > choose_sig_format(const Private_Key &key, std::string &hash_algo, std::string &sig_algo, bool for_client_auth, const Policy &policy) const
const Server_Key_Exchange * server_kex() const
const Ciphersuite & ciphersuite() const
void set_version(const Protocol_Version &version)
const Certificate_Req * cert_req() const
const Certificate_Verify * client_verify() const
const Certificate_Status * server_cert_status() const
std::pair< Handshake_Type, std::vector< uint8_t > > get_next_handshake_msg()
const Finished * client_finished() const
const Session_Keys & session_keys() const
const Certificate * client_certs() const
Definition: alg_id.cpp:13
bool received_handshake_msg(Handshake_Type msg_type) const
void confirm_transition_to(Handshake_Type msg_type)
secure_vector< uint8_t > resume_master_secret
Definition: tls_client.cpp:41
AlgorithmIdentifier hash_algo
Definition: x509_obj.cpp:22
void note_message(const Handshake_Message &msg)
Definition: kdf.h:20
const New_Session_Ticket * new_session_ticket() const
const Server_Hello_Done * server_hello_done() const
void hello_verify_request(const Hello_Verify_Request &hello_verify)
const Handshake_Hash & hash() const
Protocol_Version version() const
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:88
const Client_Hello * client_hello() const
void set_expected_next(Handshake_Type msg_type)