|
Botan
1.11.15
|
#include <tls_handshake_state.h>
SSL/TLS Handshake State
Definition at line 46 of file tls_handshake_state.h.
| typedef std::function<void (const Handshake_Message&)> Botan::TLS::Handshake_State::hs_msg_cb |
Definition at line 49 of file tls_handshake_state.h.
Definition at line 86 of file tls_handshake_state.cpp.
:
m_msg_callback(cb),
m_handshake_io(io),
m_version(m_handshake_io->initial_record_version())
{
}
| Botan::TLS::Handshake_State::~Handshake_State | ( | ) | [virtual] |
Definition at line 93 of file tls_handshake_state.cpp.
{}
| void Botan::TLS::Handshake_State::cert_req | ( | Certificate_Req * | cert_req | ) |
Definition at line 130 of file tls_handshake_state.cpp.
References note_message().
{
m_cert_req.reset(cert_req);
note_message(*m_cert_req);
}
| const Certificate_Req* Botan::TLS::Handshake_State::cert_req | ( | ) | const [inline] |
Definition at line 131 of file tls_handshake_state.h.
Referenced by choose_sig_format().
{ return m_cert_req.get(); }
| std::pair< std::string, Signature_Format > Botan::TLS::Handshake_State::choose_sig_format | ( | const Private_Key & | key, |
| std::string & | hash_algo, | ||
| std::string & | sig_algo, | ||
| bool | for_client_auth, | ||
| const Policy & | policy | ||
| ) | const |
Definition at line 325 of file tls_handshake_state.cpp.
References Botan::Public_Key::algo_name(), cert_req(), client_hello(), Botan::DER_SEQUENCE, Botan::IEEE_1363, and version().
Referenced by Botan::TLS::Certificate_Verify::Certificate_Verify(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().
{
const std::string sig_algo = key.algo_name();
const std::string hash_algo =
choose_hash(sig_algo,
this->version(),
policy,
for_client_auth,
client_hello(),
cert_req());
if(this->version().supports_negotiable_signature_algorithms())
{
hash_algo_out = hash_algo;
sig_algo_out = sig_algo;
}
if(sig_algo == "RSA")
{
const std::string padding = "EMSA3(" + hash_algo + ")";
return std::make_pair(padding, IEEE_1363);
}
else if(sig_algo == "DSA" || sig_algo == "ECDSA")
{
const std::string padding = "EMSA1(" + hash_algo + ")";
return std::make_pair(padding, DER_SEQUENCE);
}
throw Invalid_Argument(sig_algo + " is invalid/unknown for TLS signatures");
}
| const Ciphersuite& Botan::TLS::Handshake_State::ciphersuite | ( | ) | const [inline] |
Definition at line 158 of file tls_handshake_state.h.
Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), protocol_specific_prf(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), and srp_identifier().
{ return m_ciphersuite; }
| void Botan::TLS::Handshake_State::client_certs | ( | Certificate * | client_certs | ) |
Definition at line 142 of file tls_handshake_state.cpp.
References note_message().
{
m_client_certs.reset(client_certs);
note_message(*m_client_certs);
}
| const Certificate* Botan::TLS::Handshake_State::client_certs | ( | ) | const [inline] |
Definition at line 137 of file tls_handshake_state.h.
{ return m_client_certs.get(); }
| void Botan::TLS::Handshake_State::client_finished | ( | Finished * | client_finished | ) |
Definition at line 178 of file tls_handshake_state.cpp.
References note_message().
{
m_client_finished.reset(client_finished);
note_message(*m_client_finished);
}
| const Finished* Botan::TLS::Handshake_State::client_finished | ( | ) | const [inline] |
Definition at line 155 of file tls_handshake_state.h.
{ return m_client_finished.get(); }
| void Botan::TLS::Handshake_State::client_hello | ( | Client_Hello * | client_hello | ) |
Definition at line 105 of file tls_handshake_state.cpp.
References note_message().
Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), and Botan::TLS::Server_Key_Exchange::verify().
{
m_client_hello.reset(client_hello);
note_message(*m_client_hello);
}
| const Client_Hello* Botan::TLS::Handshake_State::client_hello | ( | ) | const [inline] |
Definition at line 119 of file tls_handshake_state.h.
Referenced by choose_sig_format(), session_ticket(), and srp_identifier().
{ return m_client_hello.get(); }
| void Botan::TLS::Handshake_State::client_kex | ( | Client_Key_Exchange * | client_kex | ) |
Definition at line 148 of file tls_handshake_state.cpp.
References note_message().
{
m_client_kex.reset(client_kex);
note_message(*m_client_kex);
}
| const Client_Key_Exchange* Botan::TLS::Handshake_State::client_kex | ( | ) | const [inline] |
Definition at line 140 of file tls_handshake_state.h.
Referenced by compute_session_keys().
{ return m_client_kex.get(); }
| void Botan::TLS::Handshake_State::client_verify | ( | Certificate_Verify * | client_verify | ) |
Definition at line 154 of file tls_handshake_state.cpp.
References note_message().
{
m_client_verify.reset(client_verify);
note_message(*m_client_verify);
}
| const Certificate_Verify* Botan::TLS::Handshake_State::client_verify | ( | ) | const [inline] |
Definition at line 143 of file tls_handshake_state.h.
{ return m_client_verify.get(); }
Definition at line 189 of file tls_handshake_state.cpp.
References client_kex().
{
m_session_keys = Session_Keys(this, client_kex()->pre_master_secret(), false);
}
| void Botan::TLS::Handshake_State::compute_session_keys | ( | const secure_vector< byte > & | resume_master_secret | ) |
Definition at line 194 of file tls_handshake_state.cpp.
{
m_session_keys = Session_Keys(this, resume_master_secret, true);
}
| void Botan::TLS::Handshake_State::confirm_transition_to | ( | Handshake_Type | msg_type | ) |
Confirm that we were expecting this message type
| msg_type | the message type |
Definition at line 199 of file tls_handshake_state.cpp.
References Botan::ASN1::to_string().
{
const u32bit mask = bitmask_for_handshake_type(handshake_msg);
m_hand_received_mask |= mask;
const bool ok = (m_hand_expecting_mask & mask); // overlap?
if(!ok)
throw Unexpected_Message("Unexpected state transition in handshake, got " +
std::to_string(handshake_msg) +
" expected " + std::to_string(m_hand_expecting_mask) +
" received " + std::to_string(m_hand_received_mask));
/* We don't know what to expect next, so force a call to
set_expected_next; if it doesn't happen, the next transition
check will always fail which is what we want.
*/
m_hand_expecting_mask = 0;
}
| std::pair< Handshake_Type, std::vector< byte > > Botan::TLS::Handshake_State::get_next_handshake_msg | ( | ) |
Definition at line 233 of file tls_handshake_state.cpp.
References Botan::TLS::HANDSHAKE_CCS.
{
const bool expecting_ccs =
(bitmask_for_handshake_type(HANDSHAKE_CCS) & m_hand_expecting_mask);
return m_handshake_io->get_next_record(expecting_ccs);
}
| Handshake_IO& Botan::TLS::Handshake_State::handshake_io | ( | ) | [inline] |
Definition at line 58 of file tls_handshake_state.h.
Referenced by hello_verify_request().
{ return *m_handshake_io; }
| Handshake_Hash& Botan::TLS::Handshake_State::hash | ( | ) | [inline] |
Definition at line 166 of file tls_handshake_state.h.
Referenced by Botan::TLS::Certificate_Verify::Certificate_Verify(), Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Finished::Finished(), hello_verify_request(), Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), and Botan::TLS::Certificate_Verify::verify().
{ return m_handshake_hash; }
| const Handshake_Hash& Botan::TLS::Handshake_State::hash | ( | ) | const [inline] |
Definition at line 168 of file tls_handshake_state.h.
{ return m_handshake_hash; }
| void Botan::TLS::Handshake_State::hello_verify_request | ( | const Hello_Verify_Request & | hello_verify | ) |
Definition at line 95 of file tls_handshake_state.cpp.
References handshake_io(), hash(), note_message(), Botan::TLS::Handshake_Hash::reset(), and Botan::TLS::Handshake_Hash::update().
{
note_message(hello_verify);
m_client_hello->update_hello_cookie(hello_verify);
hash().reset();
hash().update(handshake_io().send(*m_client_hello));
note_message(*m_client_hello);
}
| void Botan::TLS::Handshake_State::new_session_ticket | ( | New_Session_Ticket * | new_session_ticket | ) |
Definition at line 166 of file tls_handshake_state.cpp.
References note_message().
{
m_new_session_ticket.reset(new_session_ticket);
note_message(*m_new_session_ticket);
}
| const New_Session_Ticket* Botan::TLS::Handshake_State::new_session_ticket | ( | ) | const [inline] |
Definition at line 149 of file tls_handshake_state.h.
Referenced by session_ticket().
{ return m_new_session_ticket.get(); }
| void Botan::TLS::Handshake_State::next_protocol | ( | Next_Protocol * | next_protocol | ) |
Definition at line 160 of file tls_handshake_state.cpp.
References note_message().
{
m_next_protocol.reset(next_protocol);
note_message(*m_next_protocol);
}
| const Next_Protocol* Botan::TLS::Handshake_State::next_protocol | ( | ) | const [inline] |
Definition at line 146 of file tls_handshake_state.h.
{ return m_next_protocol.get(); }
| void Botan::TLS::Handshake_State::note_message | ( | const Handshake_Message & | msg | ) | [inline] |
Definition at line 170 of file tls_handshake_state.h.
Referenced by cert_req(), client_certs(), client_finished(), client_hello(), client_kex(), client_verify(), hello_verify_request(), new_session_ticket(), next_protocol(), server_certs(), server_finished(), server_hello(), server_hello_done(), and server_kex().
{
if(m_msg_callback)
m_msg_callback(msg);
}
| Handshake_State& Botan::TLS::Handshake_State::operator= | ( | const Handshake_State & | ) |
Definition at line 257 of file tls_handshake_state.cpp.
References ciphersuite(), Botan::get_kdf(), Botan::TLS::Ciphersuite::prf_algo(), and version().
{
if(version().supports_ciphersuite_specific_prf())
{
const std::string prf_algo = ciphersuite().prf_algo();
if(prf_algo == "MD5" || prf_algo == "SHA-1")
return get_kdf("TLS-12-PRF(SHA-256)");
return get_kdf("TLS-12-PRF(" + prf_algo + ")");
}
// Old PRF used in TLS v1.0, v1.1 and DTLS v1.0
return get_kdf("TLS-PRF");
}
| bool Botan::TLS::Handshake_State::received_handshake_msg | ( | Handshake_Type | msg_type | ) | const |
Return true iff we have received a particular message already
| msg_type | the message type |
Definition at line 225 of file tls_handshake_state.cpp.
{
const u32bit mask = bitmask_for_handshake_type(handshake_msg);
return (m_hand_received_mask & mask);
}
| void Botan::TLS::Handshake_State::server_certs | ( | Certificate * | server_certs | ) |
Definition at line 118 of file tls_handshake_state.cpp.
References note_message().
Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange().
{
m_server_certs.reset(server_certs);
note_message(*m_server_certs);
}
| const Certificate* Botan::TLS::Handshake_State::server_certs | ( | ) | const [inline] |
Definition at line 125 of file tls_handshake_state.h.
{ return m_server_certs.get(); }
| void Botan::TLS::Handshake_State::server_finished | ( | Finished * | server_finished | ) |
Definition at line 172 of file tls_handshake_state.cpp.
References note_message().
{
m_server_finished.reset(server_finished);
note_message(*m_server_finished);
}
| const Finished* Botan::TLS::Handshake_State::server_finished | ( | ) | const [inline] |
Definition at line 152 of file tls_handshake_state.h.
{ return m_server_finished.get(); }
| void Botan::TLS::Handshake_State::server_hello | ( | Server_Hello * | server_hello | ) |
Definition at line 111 of file tls_handshake_state.cpp.
References Botan::TLS::Ciphersuite::by_id(), and note_message().
Referenced by Botan::TLS::Server_Key_Exchange::Server_Key_Exchange(), and Botan::TLS::Server_Key_Exchange::verify().
{
m_server_hello.reset(server_hello);
m_ciphersuite = Ciphersuite::by_id(m_server_hello->ciphersuite());
note_message(*m_server_hello);
}
| const Server_Hello* Botan::TLS::Handshake_State::server_hello | ( | ) | const [inline] |
Definition at line 122 of file tls_handshake_state.h.
{ return m_server_hello.get(); }
| void Botan::TLS::Handshake_State::server_hello_done | ( | Server_Hello_Done * | server_hello_done | ) |
Definition at line 136 of file tls_handshake_state.cpp.
References note_message().
{
m_server_hello_done.reset(server_hello_done);
note_message(*m_server_hello_done);
}
| const Server_Hello_Done* Botan::TLS::Handshake_State::server_hello_done | ( | ) | const [inline] |
Definition at line 134 of file tls_handshake_state.h.
{ return m_server_hello_done.get(); }
| void Botan::TLS::Handshake_State::server_kex | ( | Server_Key_Exchange * | server_kex | ) |
Definition at line 124 of file tls_handshake_state.cpp.
References note_message().
Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange().
{
m_server_kex.reset(server_kex);
note_message(*m_server_kex);
}
| const Server_Key_Exchange* Botan::TLS::Handshake_State::server_kex | ( | ) | const [inline] |
Definition at line 128 of file tls_handshake_state.h.
{ return m_server_kex.get(); }
| const Session_Keys& Botan::TLS::Handshake_State::session_keys | ( | ) | const [inline] |
Definition at line 160 of file tls_handshake_state.h.
{ return m_session_keys; }
| std::vector< byte > Botan::TLS::Handshake_State::session_ticket | ( | ) | const |
Definition at line 249 of file tls_handshake_state.cpp.
References client_hello(), new_session_ticket(), Botan::TLS::Client_Hello::session_ticket(), and Botan::TLS::New_Session_Ticket::ticket().
{
if(new_session_ticket() && !new_session_ticket()->ticket().empty())
return new_session_ticket()->ticket();
return client_hello()->session_ticket();
}
| void Botan::TLS::Handshake_State::set_expected_next | ( | Handshake_Type | msg_type | ) |
Record that we are expecting a particular message type next
| msg_type | the message type |
Definition at line 220 of file tls_handshake_state.cpp.
{
m_hand_expecting_mask |= bitmask_for_handshake_type(handshake_msg);
}
| void Botan::TLS::Handshake_State::set_version | ( | const Protocol_Version & | version | ) |
Definition at line 184 of file tls_handshake_state.cpp.
References version().
{
m_version = version;
}
| std::string Botan::TLS::Handshake_State::srp_identifier | ( | ) | const |
Definition at line 241 of file tls_handshake_state.cpp.
References ciphersuite(), client_hello(), Botan::TLS::Client_Hello::srp_identifier(), and valid.
{
if(ciphersuite().valid() && ciphersuite().kex_algo() == "SRP_SHA")
return client_hello()->srp_identifier();
return "";
}
| std::pair< std::string, Signature_Format > Botan::TLS::Handshake_State::understand_sig_format | ( | const Public_Key & | key, |
| std::string | hash_algo, | ||
| std::string | sig_algo | ||
| ) | const |
Definition at line 364 of file tls_handshake_state.cpp.
References Botan::Public_Key::algo_name(), Botan::DER_SEQUENCE, Botan::IEEE_1363, and version().
Referenced by Botan::TLS::Certificate_Verify::verify(), and Botan::TLS::Server_Key_Exchange::verify().
{
const std::string algo_name = key.algo_name();
/*
FIXME: This should check what was sent against the client hello
preferences, or the certificate request, to ensure it was allowed
by those restrictions.
Or not?
*/
if(this->version().supports_negotiable_signature_algorithms())
{
if(hash_algo == "")
throw Decoding_Error("Counterparty did not send hash/sig IDS");
if(sig_algo != algo_name)
throw Decoding_Error("Counterparty sent inconsistent key and sig types");
}
else
{
if(hash_algo != "" || sig_algo != "")
throw Decoding_Error("Counterparty sent hash/sig IDs with old version");
}
if(algo_name == "RSA")
{
if(!this->version().supports_negotiable_signature_algorithms())
{
hash_algo = "Parallel(MD5,SHA-160)";
}
const std::string padding = "EMSA3(" + hash_algo + ")";
return std::make_pair(padding, IEEE_1363);
}
else if(algo_name == "DSA" || algo_name == "ECDSA")
{
if(!this->version().supports_negotiable_signature_algorithms())
{
hash_algo = "SHA-1";
}
const std::string padding = "EMSA1(" + hash_algo + ")";
return std::make_pair(padding, DER_SEQUENCE);
}
throw Invalid_Argument(algo_name + " is invalid/unknown for TLS signatures");
}
| Protocol_Version Botan::TLS::Handshake_State::version | ( | ) | const [inline] |
Definition at line 99 of file tls_handshake_state.h.
Referenced by choose_sig_format(), protocol_specific_prf(), set_version(), and understand_sig_format().
{ return m_version; }
1.7.6.1