Botan 3.6.1
Crypto and TLS for C&
tls_server_impl_13.h
Go to the documentation of this file.
1/*
2* TLS Server - implementation for TLS 1.3
3* (C) 2022 Jack Lloyd
4* 2022 René Meusel - Rohde & Schwarz Cybersecurity
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_TLS_SERVER_IMPL_13_H_
10#define BOTAN_TLS_SERVER_IMPL_13_H_
11
12#include <botan/internal/tls_channel_impl_13.h>
13#include <botan/internal/tls_cipher_state.h>
14#include <botan/internal/tls_handshake_state_13.h>
15#include <botan/internal/tls_handshake_transitions.h>
16
17namespace Botan::TLS {
18
19/**
20* SSL/TLS Server 1.3 implementation
21*/
22class Server_Impl_13 : public Channel_Impl_13 {
23 public:
24 explicit Server_Impl_13(const std::shared_ptr<Callbacks>& callbacks,
25 const std::shared_ptr<Session_Manager>& session_manager,
26 const std::shared_ptr<Credentials_Manager>& credentials_manager,
27 const std::shared_ptr<const Policy>& policy,
28 const std::shared_ptr<RandomNumberGenerator>& rng);
29
30 std::string application_protocol() const override;
31 std::vector<X509_Certificate> peer_cert_chain() const override;
32 std::shared_ptr<const Public_Key> peer_raw_public_key() const override;
33 std::optional<std::string> external_psk_identity() const override;
34
35 bool new_session_ticket_supported() const override;
36 size_t send_new_session_tickets(size_t tickets) override;
37
38 bool is_handshake_complete() const override;
39
40 private:
41 void process_handshake_msg(Handshake_Message_13 msg) override;
42 void process_post_handshake_msg(Post_Handshake_Message_13 msg) override;
43 void process_dummy_change_cipher_spec() override;
44
45 using Channel_Impl_13::handle;
46 void handle(const Client_Hello_12& client_hello_msg);
47 void handle(const Client_Hello_13& client_hello_msg);
48 void handle(const Certificate_13& certificate_msg);
49 void handle(const Certificate_Verify_13& certificate_verify_msg);
50 void handle(const Finished_13& finished_msg);
51
52 void handle_reply_to_client_hello(Server_Hello_13 server_hello);
53 void handle_reply_to_client_hello(Hello_Retry_Request hello_retry_request);
54
55 void maybe_handle_compatibility_mode();
56 void maybe_log_secret(std::string_view label, std::span<const uint8_t> secret) const override;
57
58 void downgrade();
59
60 private:
61 Server_Handshake_State_13 m_handshake_state;
62 Handshake_Transitions m_transitions;
63
64 std::optional<Session> m_resumed_session;
65 std::optional<std::string> m_psk_identity;
66};
67
68} // namespace Botan::TLS
69
70#endif
Botan::TLS::Certificate_13
Definition tls_messages.h:549
Botan::TLS::Certificate_Verify_13
Definition tls_messages.h:801
Botan::TLS::Channel_Impl_13
Definition tls_channel_impl_13.h:49
Botan::TLS::Channel_Impl_13::policy
const Policy & policy() const
Definition tls_channel_impl_13.h:272
Botan::TLS::Channel_Impl_13::handle
void handle(const Key_Update &key_update)
Definition tls_channel_impl_13.cpp:195
Botan::TLS::Channel_Impl_13::credentials_manager
Credentials_Manager & credentials_manager()
Definition tls_channel_impl_13.h:268
Botan::TLS::Channel_Impl_13::rng
RandomNumberGenerator & rng()
Definition tls_channel_impl_13.h:270
Botan::TLS::Channel_Impl_13::session_manager
Session_Manager & session_manager()
Definition tls_channel_impl_13.h:266
Botan::TLS::Channel_Impl_13::callbacks
Callbacks & callbacks() const
Definition tls_channel_impl_13.h:264
Botan::TLS::Client_Hello_12
Definition tls_messages.h:147
Botan::TLS::Client_Hello_13
Definition tls_messages.h:218
Botan::TLS::Finished_13
Definition tls_messages.h:855
Botan::TLS::Handshake_State_13< Connection_Side::Server, Server_Handshake_13_Message, Client_Handshake_13_Message, Client_Post_Handshake_13_Message >
Botan::TLS::Handshake_Transitions
Definition tls_handshake_transitions.h:24
Botan::TLS::Hello_Retry_Request
Definition tls_messages.h:453
Botan::TLS::Server_Hello_13
Definition tls_messages.h:400
Botan::TLS::Server_Impl_13
Definition tls_server_impl_13.h:22
Botan::TLS::Server_Impl_13::peer_cert_chain
std::vector< X509_Certificate > peer_cert_chain() const override
Definition tls_server_impl_13.cpp:45
Botan::TLS::Server_Impl_13::send_new_session_tickets
size_t send_new_session_tickets(size_t tickets) override
Definition tls_server_impl_13.cpp:90
Botan::TLS::Server_Impl_13::external_psk_identity
std::optional< std::string > external_psk_identity() const override
Definition tls_server_impl_13.cpp:70
Botan::TLS::Server_Impl_13::peer_raw_public_key
std::shared_ptr< const Public_Key > peer_raw_public_key() const override
Definition tls_server_impl_13.cpp:58
Botan::TLS::Server_Impl_13::is_handshake_complete
bool is_handshake_complete() const override
Definition tls_server_impl_13.cpp:166
Botan::TLS::Server_Impl_13::application_protocol
std::string application_protocol() const override
Definition tls_server_impl_13.cpp:34
Botan::TLS::Server_Impl_13::new_session_ticket_supported
bool new_session_ticket_supported() const override
Definition tls_server_impl_13.cpp:74
Botan::TLS::Server_Impl_13::Server_Impl_13
Server_Impl_13(const std::shared_ptr< Callbacks > &callbacks, const std::shared_ptr< Session_Manager > &session_manager, const std::shared_ptr< Credentials_Manager > &credentials_manager, const std::shared_ptr< const Policy > &policy, const std::shared_ptr< RandomNumberGenerator > &rng)
Definition tls_server_impl_13.cpp:19
Botan::TLS::Post_Handshake_Message_13
std::variant< New_Session_Ticket_13, Key_Update > Post_Handshake_Message_13
Definition tls_messages.h:1068
Botan::TLS::Handshake_Message_13
std::variant< Client_Hello_13, Client_Hello_12, Server_Hello_13, Server_Hello_12, Hello_Retry_Request, Encrypted_Extensions, Certificate_13, Certificate_Request_13, Certificate_Verify_13, Finished_13 > Handshake_Message_13
Definition tls_messages.h:1055
Generated by doxygen 1.12.0