Botan 2.19.1
Crypto and TLS for C&
tls_handshake_state.h
Go to the documentation of this file.
1/*
2* TLS Handshake State
3* (C) 2004-2006,2011,2012 Jack Lloyd
4* 2017 Harry Reimann, Rohde & Schwarz Cybersecurity
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_TLS_HANDSHAKE_STATE_H_
10#define BOTAN_TLS_HANDSHAKE_STATE_H_
11
12#include <botan/internal/tls_handshake_hash.h>
13#include <botan/internal/tls_handshake_io.h>
14#include <botan/internal/tls_session_key.h>
15#include <botan/tls_ciphersuite.h>
16#include <botan/tls_exceptn.h>
17#include <botan/tls_handshake_msg.h>
18#include <botan/tls_callbacks.h>
19#include <botan/pk_keys.h>
20#include <botan/pubkey.h>
21#include <functional>
22
23namespace Botan {
24
25class KDF;
26
27namespace TLS {
28
29class Callbacks;
30class Policy;
31
32class Hello_Verify_Request;
33class Client_Hello;
34class Server_Hello;
35class Certificate;
36class Certificate_Status;
37class Server_Key_Exchange;
38class Certificate_Req;
39class Server_Hello_Done;
40class Certificate;
41class Client_Key_Exchange;
42class Certificate_Verify;
43class New_Session_Ticket;
44class Finished;
45
46/**
47* SSL/TLS Handshake State
48*/
50 {
51 public:
53
54 virtual ~Handshake_State() = default;
55
58
59 Handshake_IO& handshake_io() { return *m_handshake_io; }
60
61 /**
62 * Return true iff we have received a particular message already
63 * @param msg_type the message type
64 */
65 bool received_handshake_msg(Handshake_Type msg_type) const;
66
67 /**
68 * Confirm that we were expecting this message type
69 * @param msg_type the message type
70 */
72
73 /**
74 * Record that we are expecting a particular message type next
75 * @param msg_type the message type
76 */
77 void set_expected_next(Handshake_Type msg_type);
78
79 std::pair<Handshake_Type, std::vector<uint8_t>>
81
82 std::vector<uint8_t> session_ticket() const;
83
84 std::pair<std::string, Signature_Format>
86 Signature_Scheme scheme,
87 bool for_client_auth,
88 const Policy& policy) const;
89
90 std::pair<std::string, Signature_Format>
92 Signature_Scheme& scheme,
93 bool for_client_auth,
94 const Policy& policy) const;
95
96 std::string srp_identifier() const;
97
99
100 Protocol_Version version() const { return m_version; }
101
103
104 void hello_verify_request(const Hello_Verify_Request& hello_verify);
105
119
121 { return m_client_hello.get(); }
122
124 { return m_server_hello.get(); }
125
127 { return m_server_certs.get(); }
128
130 { return m_server_kex.get(); }
131
133 { return m_cert_req.get(); }
134
136 { return m_server_hello_done.get(); }
137
139 { return m_client_certs.get(); }
140
142 { return m_client_kex.get(); }
143
145 { return m_client_verify.get(); }
146
148 { return m_server_cert_status.get(); }
149
151 { return m_new_session_ticket.get(); }
152
154 { return m_server_finished.get(); }
155
157 { return m_client_finished.get(); }
158
159 const Ciphersuite& ciphersuite() const { return m_ciphersuite; }
160
161 const Session_Keys& session_keys() const { return m_session_keys; }
162
163 Callbacks& callbacks() const { return m_callbacks; }
164
166
167 void compute_session_keys(const secure_vector<uint8_t>& resume_master_secret);
168
169 Handshake_Hash& hash() { return m_handshake_hash; }
170
171 const Handshake_Hash& hash() const { return m_handshake_hash; }
172
173 void note_message(const Handshake_Message& msg);
174 private:
175
176 Callbacks& m_callbacks;
177
178 std::unique_ptr<Handshake_IO> m_handshake_io;
179
180 uint32_t m_hand_expecting_mask = 0;
181 uint32_t m_hand_received_mask = 0;
182 Protocol_Version m_version;
183 Ciphersuite m_ciphersuite;
184 Session_Keys m_session_keys;
185 Handshake_Hash m_handshake_hash;
186
187 std::unique_ptr<Client_Hello> m_client_hello;
188 std::unique_ptr<Server_Hello> m_server_hello;
189 std::unique_ptr<Certificate> m_server_certs;
190 std::unique_ptr<Certificate_Status> m_server_cert_status;
191 std::unique_ptr<Server_Key_Exchange> m_server_kex;
192 std::unique_ptr<Certificate_Req> m_cert_req;
193 std::unique_ptr<Server_Hello_Done> m_server_hello_done;
194 std::unique_ptr<Certificate> m_client_certs;
195 std::unique_ptr<Client_Key_Exchange> m_client_kex;
196 std::unique_ptr<Certificate_Verify> m_client_verify;
197 std::unique_ptr<New_Session_Ticket> m_new_session_ticket;
198 std::unique_ptr<Finished> m_server_finished;
199 std::unique_ptr<Finished> m_client_finished;
200 };
201
202}
203
204}
205
206#endif
Definition: kdf.h:21
Handshake_State(Handshake_IO *io, Callbacks &callbacks)
virtual ~Handshake_State()=default
std::pair< Handshake_Type, std::vector< uint8_t > > get_next_handshake_msg()
const Certificate_Verify * client_verify() const
const Client_Hello * client_hello() const
const Server_Hello_Done * server_hello_done() const
void hello_verify_request(const Hello_Verify_Request &hello_verify)
void set_expected_next(Handshake_Type msg_type)
void note_message(const Handshake_Message &msg)
const Server_Key_Exchange * server_kex() const
const Certificate_Status * server_cert_status() const
const Finished * client_finished() const
const Certificate_Req * cert_req() const
Handshake_State & operator=(const Handshake_State &)=delete
std::vector< uint8_t > session_ticket() const
const Session_Keys & session_keys() const
Handshake_State(const Handshake_State &)=delete
const Client_Key_Exchange * client_kex() const
const Certificate * client_certs() const
const Finished * server_finished() const
const Handshake_Hash & hash() const
std::pair< std::string, Signature_Format > parse_sig_format(const Public_Key &key, Signature_Scheme scheme, bool for_client_auth, const Policy &policy) const
void confirm_transition_to(Handshake_Type msg_type)
const New_Session_Ticket * new_session_ticket() const
void set_version(const Protocol_Version &version)
const Ciphersuite & ciphersuite() const
bool received_handshake_msg(Handshake_Type msg_type) const
const Server_Hello * server_hello() const
const Certificate * server_certs() const
std::pair< std::string, Signature_Format > choose_sig_format(const Private_Key &key, Signature_Scheme &scheme, bool for_client_auth, const Policy &policy) const
Protocol_Version version() const
Signature_Scheme
Definition: tls_algos.h:86
Definition: alg_id.cpp:13
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65