doxygen/tls__handshake__transitions_8cpp_source.html

/*

* TLS Handshake State Transitions

* (C) 2004-2006,2011,2012 Jack Lloyd

*     2017 Harry Reimann, Rohde & Schwarz Cybersecurity

*

* Botan is released under the Simplified BSD License (see license.txt)

*/


#include <botan/internal/tls_handshake_transitions.h>


#include <botan/tls_exceptn.h>


#include <sstream>


namespace Botan::TLS {


namespace {


uint32_t bitmask_for_handshake_type(Handshake_Type type)

   {

   switch(type)

      {

      case HELLO_VERIFY_REQUEST:

         return (1 << 0);


      case HELLO_REQUEST:

         return (1 << 1);


      case CLIENT_HELLO:

         return (1 << 2);


      case SERVER_HELLO:

         return (1 << 3);


      case CERTIFICATE:

         return (1 << 4);


      case CERTIFICATE_URL:

         return (1 << 5);


      case CERTIFICATE_STATUS:

         return (1 << 6);


      case SERVER_KEX:

         return (1 << 7);


      case CERTIFICATE_REQUEST:

         return (1 << 8);


      case SERVER_HELLO_DONE:

         return (1 << 9);


      case CERTIFICATE_VERIFY:

         return (1 << 10);


      case CLIENT_KEX:

         return (1 << 11);


      case NEW_SESSION_TICKET:

         return (1 << 12);


      case HANDSHAKE_CCS:

         return (1 << 13);


      case FINISHED:

         return (1 << 14);


      case END_OF_EARLY_DATA:     // RFC 8446

         return (1 << 15);


      case ENCRYPTED_EXTENSIONS:  // RFC 8446

         return (1 << 16);


      case KEY_UPDATE:            // RFC 8446

         return (1 << 17);


      case HELLO_RETRY_REQUEST:   // RFC 8446

         return (1 << 18);


      // allow explicitly disabling new handshakes

      case HANDSHAKE_NONE:

         return 0;

      }


   throw TLS_Exception(Alert::UNEXPECTED_MESSAGE,

                       "Unknown TLS handshake message type " + std::to_string(type));

   }


std::string handshake_mask_to_string(uint32_t mask, char combiner)

   {

   const Handshake_Type types[] =

      {

      HELLO_VERIFY_REQUEST,

      HELLO_REQUEST,

      CLIENT_HELLO,

      SERVER_HELLO,

      CERTIFICATE,

      CERTIFICATE_URL,

      CERTIFICATE_STATUS,

      SERVER_KEX,

      CERTIFICATE_REQUEST,

      SERVER_HELLO_DONE,

      CERTIFICATE_VERIFY,

      CLIENT_KEX,

      NEW_SESSION_TICKET,

      HANDSHAKE_CCS,

      FINISHED,

      END_OF_EARLY_DATA,

      ENCRYPTED_EXTENSIONS,

      KEY_UPDATE

      };


   std::ostringstream o;

   bool empty = true;


   for(auto&& t : types)

      {

      if(mask & bitmask_for_handshake_type(t))

         {

         if(!empty)

            { o << combiner; }

         o << handshake_type_to_string(t);

         empty = false;

         }

      }


   return o.str();

   }


}


bool Handshake_Transitions::received_handshake_msg(Handshake_Type msg_type) const

   {

   const uint32_t mask = bitmask_for_handshake_type(msg_type);


   return (m_hand_received_mask & mask) != 0;

   }


void Handshake_Transitions::confirm_transition_to(Handshake_Type msg_type)

   {

   const uint32_t mask = bitmask_for_handshake_type(msg_type);


   m_hand_received_mask |= mask;


   const bool ok = (m_hand_expecting_mask & mask) != 0; // overlap?


   if(!ok)

      {

      const uint32_t seen_so_far = m_hand_received_mask & ~mask;


      std::ostringstream msg;


      msg << "Unexpected state transition in handshake got a " << handshake_type_to_string(msg_type);


      if(m_hand_expecting_mask == 0)

         { msg << " not expecting messages"; }

      else

         { msg << " expected " << handshake_mask_to_string(m_hand_expecting_mask, '|'); }


      if(seen_so_far != 0)

         { msg << " seen " << handshake_mask_to_string(seen_so_far, '+'); }


      throw Unexpected_Message(msg.str());

      }


   /* We don't know what to expect next, so force a call to

      set_expected_next; if it doesn't happen, the next transition

      check will always fail which is what we want.

   */

   m_hand_expecting_mask = 0;

   }


void Handshake_Transitions::set_expected_next(Handshake_Type msg_type)

   {

   m_hand_expecting_mask |= bitmask_for_handshake_type(msg_type);

   }


void Handshake_Transitions::set_expected_next(const std::vector<Handshake_Type>& msg_types)

   {

   for (const auto type : msg_types)

      {

      set_expected_next(type);

      }

   }


bool Handshake_Transitions::change_cipher_spec_expected() const

   {

   return (bitmask_for_handshake_type(HANDSHAKE_CCS) & m_hand_expecting_mask) != 0;

   }


}

Botan::TLS::Alert::UNEXPECTED_MESSAGE
@ UNEXPECTED_MESSAGE
Definition: tls_alert.h:29

Botan::TLS::Handshake_Transitions::confirm_transition_to
void confirm_transition_to(Handshake_Type msg_type)
Definition: tls_handshake_transitions.cpp:139

Botan::TLS::Handshake_Transitions::received_handshake_msg
bool received_handshake_msg(Handshake_Type msg_type) const
Definition: tls_handshake_transitions.cpp:132

Botan::TLS::Handshake_Transitions::set_expected_next
void set_expected_next(Handshake_Type msg_type)
Definition: tls_handshake_transitions.cpp:173

Botan::TLS::Handshake_Transitions::change_cipher_spec_expected
bool change_cipher_spec_expected() const
Definition: tls_handshake_transitions.cpp:186

Botan::TLS::Unexpected_Message
Definition: tls_exceptn.h:42

Botan::ASN1::to_string
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:209

Botan::TLS
Definition: asio_async_ops.h:26

Botan::TLS::Handshake_Type
Handshake_Type
Definition: tls_magic.h:63

Botan::TLS::HELLO_VERIFY_REQUEST
@ HELLO_VERIFY_REQUEST
Definition: tls_magic.h:67

Botan::TLS::CLIENT_KEX
@ CLIENT_KEX
Definition: tls_magic.h:78

Botan::TLS::HANDSHAKE_CCS
@ HANDSHAKE_CCS
Definition: tls_magic.h:87

Botan::TLS::ENCRYPTED_EXTENSIONS
@ ENCRYPTED_EXTENSIONS
Definition: tls_magic.h:71

Botan::TLS::CERTIFICATE_URL
@ CERTIFICATE_URL
Definition: tls_magic.h:81

Botan::TLS::SERVER_HELLO
@ SERVER_HELLO
Definition: tls_magic.h:66

Botan::TLS::HELLO_RETRY_REQUEST
@ HELLO_RETRY_REQUEST
Definition: tls_magic.h:86

Botan::TLS::NEW_SESSION_TICKET
@ NEW_SESSION_TICKET
Definition: tls_magic.h:68

Botan::TLS::END_OF_EARLY_DATA
@ END_OF_EARLY_DATA
Definition: tls_magic.h:70

Botan::TLS::KEY_UPDATE
@ KEY_UPDATE
Definition: tls_magic.h:84

Botan::TLS::SERVER_HELLO_DONE
@ SERVER_HELLO_DONE
Definition: tls_magic.h:76

Botan::TLS::HELLO_REQUEST
@ HELLO_REQUEST
Definition: tls_magic.h:64

Botan::TLS::CERTIFICATE_REQUEST
@ CERTIFICATE_REQUEST
Definition: tls_magic.h:75

Botan::TLS::CERTIFICATE
@ CERTIFICATE
Definition: tls_magic.h:73

Botan::TLS::CERTIFICATE_STATUS
@ CERTIFICATE_STATUS
Definition: tls_magic.h:82

Botan::TLS::CERTIFICATE_VERIFY
@ CERTIFICATE_VERIFY
Definition: tls_magic.h:77

Botan::TLS::HANDSHAKE_NONE
@ HANDSHAKE_NONE
Definition: tls_magic.h:88

Botan::TLS::FINISHED
@ FINISHED
Definition: tls_magic.h:79

Botan::TLS::SERVER_KEX
@ SERVER_KEX
Definition: tls_magic.h:74

Botan::TLS::CLIENT_HELLO
@ CLIENT_HELLO
Definition: tls_magic.h:65

Botan::TLS::handshake_type_to_string
const char * handshake_type_to_string(Handshake_Type type)
Definition: tls_handshake_state.cpp:23

type
MechanismType type
Definition: p11_mechanism.cpp:47