diff options
Diffstat (limited to 'src/lib/tls/tls_messages.h')
-rw-r--r-- | src/lib/tls/tls_messages.h | 111 |
1 files changed, 49 insertions, 62 deletions
diff --git a/src/lib/tls/tls_messages.h b/src/lib/tls/tls_messages.h index 7a556a61c..3bee89e13 100644 --- a/src/lib/tls/tls_messages.h +++ b/src/lib/tls/tls_messages.h @@ -22,7 +22,10 @@ namespace Botan { class Credentials_Manager; + +#if defined(BOTAN_HAS_SRP6) class SRP6_Server_Session; +#endif namespace TLS { @@ -35,7 +38,7 @@ std::vector<byte> make_hello_random(RandomNumberGenerator& rng, /** * DTLS Hello Verify Request */ -class Hello_Verify_Request : public Handshake_Message +class Hello_Verify_Request final : public Handshake_Message { public: std::vector<byte> serialize() const override; @@ -43,7 +46,7 @@ class Hello_Verify_Request : public Handshake_Message std::vector<byte> cookie() const { return m_cookie; } - Hello_Verify_Request(const std::vector<byte>& buf); + explicit Hello_Verify_Request(const std::vector<byte>& buf); Hello_Verify_Request(const std::vector<byte>& client_hello_bits, const std::string& client_identity, @@ -55,7 +58,7 @@ class Hello_Verify_Request : public Handshake_Message /** * Client Hello Message */ -class Client_Hello : public Handshake_Message +class Client_Hello final : public Handshake_Message { public: Handshake_Type type() const override { return CLIENT_HELLO; } @@ -95,12 +98,14 @@ class Client_Hello : public Handshake_Message return ""; } +#if defined(BOTAN_HAS_SRP6) std::string srp_identifier() const { if(SRP_Identifier* srp = m_extensions.get<SRP_Identifier>()) return srp->identifier(); return ""; } +#endif bool secure_renegotiation() const { @@ -114,13 +119,6 @@ class Client_Hello : public Handshake_Message return std::vector<byte>(); } - size_t fragment_size() const - { - if(Maximum_Fragment_Length* frag = m_extensions.get<Maximum_Fragment_Length>()) - return frag->fragment_size(); - return 0; - } - bool supports_session_ticket() const { return m_extensions.has<Session_Ticket>(); @@ -138,6 +136,11 @@ class Client_Hello : public Handshake_Message return m_extensions.has<Application_Layer_Protocol_Notification>(); } + bool supports_extended_master_secret() const + { + return m_extensions.has<Extended_Master_Secret>(); + } + std::vector<std::string> next_protocols() const { if(auto alpn = m_extensions.get<Application_Layer_Protocol_Notification>()) @@ -145,18 +148,6 @@ class Client_Hello : public Handshake_Message return std::vector<std::string>(); } - bool supports_heartbeats() const - { - return m_extensions.has<Heartbeat_Support_Indicator>(); - } - - bool peer_can_send_heartbeats() const - { - if(Heartbeat_Support_Indicator* hb = m_extensions.get<Heartbeat_Support_Indicator>()) - return hb->peer_allowed_to_send(); - return false; - } - std::vector<u16bit> srtp_profiles() const { if(SRTP_Protection_Profiles* srtp = m_extensions.get<SRTP_Protection_Profiles>()) @@ -187,7 +178,7 @@ class Client_Hello : public Handshake_Message const Session& resumed_session, const std::vector<std::string>& next_protocols); - Client_Hello(const std::vector<byte>& buf); + explicit Client_Hello(const std::vector<byte>& buf); private: std::vector<byte> serialize() const override; @@ -205,7 +196,7 @@ class Client_Hello : public Handshake_Message /** * Server Hello Message */ -class Server_Hello : public Handshake_Message +class Server_Hello final : public Handshake_Message { public: Handshake_Type type() const override { return SERVER_HELLO; } @@ -232,11 +223,9 @@ class Server_Hello : public Handshake_Message return std::vector<byte>(); } - size_t fragment_size() const + bool supports_extended_master_secret() const { - if(Maximum_Fragment_Length* frag = m_extensions.get<Maximum_Fragment_Length>()) - return frag->fragment_size(); - return 0; + return m_extensions.has<Extended_Master_Secret>(); } bool supports_session_ticket() const @@ -244,18 +233,6 @@ class Server_Hello : public Handshake_Message return m_extensions.has<Session_Ticket>(); } - bool supports_heartbeats() const - { - return m_extensions.has<Heartbeat_Support_Indicator>(); - } - - bool peer_can_send_heartbeats() const - { - if(auto hb = m_extensions.get<Heartbeat_Support_Indicator>()) - return hb->peer_allowed_to_send(); - return false; - } - u16bit srtp_profile() const { if(auto srtp = m_extensions.get<SRTP_Protection_Profiles>()) @@ -290,7 +267,7 @@ class Server_Hello : public Handshake_Message u16bit ciphersuite, byte compression, bool offer_session_ticket, - const std::string next_protocol); + const std::string& next_protocol); Server_Hello(Handshake_IO& io, Handshake_Hash& hash, @@ -302,7 +279,7 @@ class Server_Hello : public Handshake_Message bool offer_session_ticket, const std::string& next_protocol); - Server_Hello(const std::vector<byte>& buf); + explicit Server_Hello(const std::vector<byte>& buf); private: std::vector<byte> serialize() const override; @@ -317,7 +294,7 @@ class Server_Hello : public Handshake_Message /** * Client Key Exchange Message */ -class Client_Key_Exchange : public Handshake_Message +class Client_Key_Exchange final : public Handshake_Message { public: Handshake_Type type() const override { return CLIENT_KEX; } @@ -351,7 +328,7 @@ class Client_Key_Exchange : public Handshake_Message /** * Certificate Message */ -class Certificate : public Handshake_Message +class Certificate final : public Handshake_Message { public: Handshake_Type type() const override { return CERTIFICATE; } @@ -364,7 +341,7 @@ class Certificate : public Handshake_Message Handshake_Hash& hash, const std::vector<X509_Certificate>& certs); - Certificate(const std::vector<byte>& buf); + explicit Certificate(const std::vector<byte>& buf); private: std::vector<byte> serialize() const override; @@ -374,7 +351,7 @@ class Certificate : public Handshake_Message /** * Certificate Request Message */ -class Certificate_Req : public Handshake_Message +class Certificate_Req final : public Handshake_Message { public: Handshake_Type type() const override { return CERTIFICATE_REQUEST; } @@ -407,7 +384,7 @@ class Certificate_Req : public Handshake_Message /** * Certificate Verify Message */ -class Certificate_Verify : public Handshake_Message +class Certificate_Verify final : public Handshake_Message { public: Handshake_Type type() const override { return CERTIFICATE_VERIFY; } @@ -418,7 +395,8 @@ class Certificate_Verify : public Handshake_Message * @param state the handshake state */ bool verify(const X509_Certificate& cert, - const Handshake_State& state) const; + const Handshake_State& state, + const Policy& policy) const; Certificate_Verify(Handshake_IO& io, Handshake_State& state, @@ -439,7 +417,7 @@ class Certificate_Verify : public Handshake_Message /** * Finished Message */ -class Finished : public Handshake_Message +class Finished final : public Handshake_Message { public: Handshake_Type type() const override { return FINISHED; } @@ -454,7 +432,7 @@ class Finished : public Handshake_Message Handshake_State& state, Connection_Side side); - Finished(const std::vector<byte>& buf); + explicit Finished(const std::vector<byte>& buf); private: std::vector<byte> serialize() const override; @@ -464,13 +442,13 @@ class Finished : public Handshake_Message /** * Hello Request Message */ -class Hello_Request : public Handshake_Message +class Hello_Request final : public Handshake_Message { public: Handshake_Type type() const override { return HELLO_REQUEST; } - Hello_Request(Handshake_IO& io); - Hello_Request(const std::vector<byte>& buf); + explicit Hello_Request(Handshake_IO& io); + explicit Hello_Request(const std::vector<byte>& buf); private: std::vector<byte> serialize() const override; }; @@ -478,7 +456,7 @@ class Hello_Request : public Handshake_Message /** * Server Key Exchange Message */ -class Server_Key_Exchange : public Handshake_Message +class Server_Key_Exchange final : public Handshake_Message { public: Handshake_Type type() const override { return SERVER_KEX; } @@ -486,13 +464,20 @@ class Server_Key_Exchange : public Handshake_Message const std::vector<byte>& params() const { return m_params; } bool verify(const Public_Key& server_key, - const Handshake_State& state) const; + const Handshake_State& state, + const Policy& policy) const; // Only valid for certain kex types const Private_Key& server_kex_key() const; +#if defined(BOTAN_HAS_SRP6) // Only valid for SRP negotiation - SRP6_Server_Session& server_srp_params() const; + SRP6_Server_Session& server_srp_params() const + { + BOTAN_ASSERT_NONNULL(m_srp_params); + return *m_srp_params; + } +#endif Server_Key_Exchange(Handshake_IO& io, Handshake_State& state, @@ -510,8 +495,10 @@ class Server_Key_Exchange : public Handshake_Message private: std::vector<byte> serialize() const override; - std::unique_ptr<Private_Key> m_kex_key; +#if defined(BOTAN_HAS_SRP6) std::unique_ptr<SRP6_Server_Session> m_srp_params; +#endif + std::unique_ptr<Private_Key> m_kex_key; std::vector<byte> m_params; @@ -523,13 +510,13 @@ class Server_Key_Exchange : public Handshake_Message /** * Server Hello Done Message */ -class Server_Hello_Done : public Handshake_Message +class Server_Hello_Done final : public Handshake_Message { public: Handshake_Type type() const override { return SERVER_HELLO_DONE; } Server_Hello_Done(Handshake_IO& io, Handshake_Hash& hash); - Server_Hello_Done(const std::vector<byte>& buf); + explicit Server_Hello_Done(const std::vector<byte>& buf); private: std::vector<byte> serialize() const override; }; @@ -537,7 +524,7 @@ class Server_Hello_Done : public Handshake_Message /** * New Session Ticket Message */ -class New_Session_Ticket : public Handshake_Message +class New_Session_Ticket final : public Handshake_Message { public: Handshake_Type type() const override { return NEW_SESSION_TICKET; } @@ -553,7 +540,7 @@ class New_Session_Ticket : public Handshake_Message New_Session_Ticket(Handshake_IO& io, Handshake_Hash& hash); - New_Session_Ticket(const std::vector<byte>& buf); + explicit New_Session_Ticket(const std::vector<byte>& buf); private: std::vector<byte> serialize() const override; @@ -564,7 +551,7 @@ class New_Session_Ticket : public Handshake_Message /** * Change Cipher Spec */ -class Change_Cipher_Spec : public Handshake_Message +class Change_Cipher_Spec final : public Handshake_Message { public: Handshake_Type type() const override { return HANDSHAKE_CCS; } |