aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls/tls_messages.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/tls/tls_messages.h')
-rw-r--r--src/lib/tls/tls_messages.h111
1 files changed, 49 insertions, 62 deletions
diff --git a/src/lib/tls/tls_messages.h b/src/lib/tls/tls_messages.h
index 7a556a61c..3bee89e13 100644
--- a/src/lib/tls/tls_messages.h
+++ b/src/lib/tls/tls_messages.h
@@ -22,7 +22,10 @@
namespace Botan {
class Credentials_Manager;
+
+#if defined(BOTAN_HAS_SRP6)
class SRP6_Server_Session;
+#endif
namespace TLS {
@@ -35,7 +38,7 @@ std::vector<byte> make_hello_random(RandomNumberGenerator& rng,
/**
* DTLS Hello Verify Request
*/
-class Hello_Verify_Request : public Handshake_Message
+class Hello_Verify_Request final : public Handshake_Message
{
public:
std::vector<byte> serialize() const override;
@@ -43,7 +46,7 @@ class Hello_Verify_Request : public Handshake_Message
std::vector<byte> cookie() const { return m_cookie; }
- Hello_Verify_Request(const std::vector<byte>& buf);
+ explicit Hello_Verify_Request(const std::vector<byte>& buf);
Hello_Verify_Request(const std::vector<byte>& client_hello_bits,
const std::string& client_identity,
@@ -55,7 +58,7 @@ class Hello_Verify_Request : public Handshake_Message
/**
* Client Hello Message
*/
-class Client_Hello : public Handshake_Message
+class Client_Hello final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CLIENT_HELLO; }
@@ -95,12 +98,14 @@ class Client_Hello : public Handshake_Message
return "";
}
+#if defined(BOTAN_HAS_SRP6)
std::string srp_identifier() const
{
if(SRP_Identifier* srp = m_extensions.get<SRP_Identifier>())
return srp->identifier();
return "";
}
+#endif
bool secure_renegotiation() const
{
@@ -114,13 +119,6 @@ class Client_Hello : public Handshake_Message
return std::vector<byte>();
}
- size_t fragment_size() const
- {
- if(Maximum_Fragment_Length* frag = m_extensions.get<Maximum_Fragment_Length>())
- return frag->fragment_size();
- return 0;
- }
-
bool supports_session_ticket() const
{
return m_extensions.has<Session_Ticket>();
@@ -138,6 +136,11 @@ class Client_Hello : public Handshake_Message
return m_extensions.has<Application_Layer_Protocol_Notification>();
}
+ bool supports_extended_master_secret() const
+ {
+ return m_extensions.has<Extended_Master_Secret>();
+ }
+
std::vector<std::string> next_protocols() const
{
if(auto alpn = m_extensions.get<Application_Layer_Protocol_Notification>())
@@ -145,18 +148,6 @@ class Client_Hello : public Handshake_Message
return std::vector<std::string>();
}
- bool supports_heartbeats() const
- {
- return m_extensions.has<Heartbeat_Support_Indicator>();
- }
-
- bool peer_can_send_heartbeats() const
- {
- if(Heartbeat_Support_Indicator* hb = m_extensions.get<Heartbeat_Support_Indicator>())
- return hb->peer_allowed_to_send();
- return false;
- }
-
std::vector<u16bit> srtp_profiles() const
{
if(SRTP_Protection_Profiles* srtp = m_extensions.get<SRTP_Protection_Profiles>())
@@ -187,7 +178,7 @@ class Client_Hello : public Handshake_Message
const Session& resumed_session,
const std::vector<std::string>& next_protocols);
- Client_Hello(const std::vector<byte>& buf);
+ explicit Client_Hello(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
@@ -205,7 +196,7 @@ class Client_Hello : public Handshake_Message
/**
* Server Hello Message
*/
-class Server_Hello : public Handshake_Message
+class Server_Hello final : public Handshake_Message
{
public:
Handshake_Type type() const override { return SERVER_HELLO; }
@@ -232,11 +223,9 @@ class Server_Hello : public Handshake_Message
return std::vector<byte>();
}
- size_t fragment_size() const
+ bool supports_extended_master_secret() const
{
- if(Maximum_Fragment_Length* frag = m_extensions.get<Maximum_Fragment_Length>())
- return frag->fragment_size();
- return 0;
+ return m_extensions.has<Extended_Master_Secret>();
}
bool supports_session_ticket() const
@@ -244,18 +233,6 @@ class Server_Hello : public Handshake_Message
return m_extensions.has<Session_Ticket>();
}
- bool supports_heartbeats() const
- {
- return m_extensions.has<Heartbeat_Support_Indicator>();
- }
-
- bool peer_can_send_heartbeats() const
- {
- if(auto hb = m_extensions.get<Heartbeat_Support_Indicator>())
- return hb->peer_allowed_to_send();
- return false;
- }
-
u16bit srtp_profile() const
{
if(auto srtp = m_extensions.get<SRTP_Protection_Profiles>())
@@ -290,7 +267,7 @@ class Server_Hello : public Handshake_Message
u16bit ciphersuite,
byte compression,
bool offer_session_ticket,
- const std::string next_protocol);
+ const std::string& next_protocol);
Server_Hello(Handshake_IO& io,
Handshake_Hash& hash,
@@ -302,7 +279,7 @@ class Server_Hello : public Handshake_Message
bool offer_session_ticket,
const std::string& next_protocol);
- Server_Hello(const std::vector<byte>& buf);
+ explicit Server_Hello(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
@@ -317,7 +294,7 @@ class Server_Hello : public Handshake_Message
/**
* Client Key Exchange Message
*/
-class Client_Key_Exchange : public Handshake_Message
+class Client_Key_Exchange final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CLIENT_KEX; }
@@ -351,7 +328,7 @@ class Client_Key_Exchange : public Handshake_Message
/**
* Certificate Message
*/
-class Certificate : public Handshake_Message
+class Certificate final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CERTIFICATE; }
@@ -364,7 +341,7 @@ class Certificate : public Handshake_Message
Handshake_Hash& hash,
const std::vector<X509_Certificate>& certs);
- Certificate(const std::vector<byte>& buf);
+ explicit Certificate(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
@@ -374,7 +351,7 @@ class Certificate : public Handshake_Message
/**
* Certificate Request Message
*/
-class Certificate_Req : public Handshake_Message
+class Certificate_Req final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CERTIFICATE_REQUEST; }
@@ -407,7 +384,7 @@ class Certificate_Req : public Handshake_Message
/**
* Certificate Verify Message
*/
-class Certificate_Verify : public Handshake_Message
+class Certificate_Verify final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CERTIFICATE_VERIFY; }
@@ -418,7 +395,8 @@ class Certificate_Verify : public Handshake_Message
* @param state the handshake state
*/
bool verify(const X509_Certificate& cert,
- const Handshake_State& state) const;
+ const Handshake_State& state,
+ const Policy& policy) const;
Certificate_Verify(Handshake_IO& io,
Handshake_State& state,
@@ -439,7 +417,7 @@ class Certificate_Verify : public Handshake_Message
/**
* Finished Message
*/
-class Finished : public Handshake_Message
+class Finished final : public Handshake_Message
{
public:
Handshake_Type type() const override { return FINISHED; }
@@ -454,7 +432,7 @@ class Finished : public Handshake_Message
Handshake_State& state,
Connection_Side side);
- Finished(const std::vector<byte>& buf);
+ explicit Finished(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
@@ -464,13 +442,13 @@ class Finished : public Handshake_Message
/**
* Hello Request Message
*/
-class Hello_Request : public Handshake_Message
+class Hello_Request final : public Handshake_Message
{
public:
Handshake_Type type() const override { return HELLO_REQUEST; }
- Hello_Request(Handshake_IO& io);
- Hello_Request(const std::vector<byte>& buf);
+ explicit Hello_Request(Handshake_IO& io);
+ explicit Hello_Request(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
};
@@ -478,7 +456,7 @@ class Hello_Request : public Handshake_Message
/**
* Server Key Exchange Message
*/
-class Server_Key_Exchange : public Handshake_Message
+class Server_Key_Exchange final : public Handshake_Message
{
public:
Handshake_Type type() const override { return SERVER_KEX; }
@@ -486,13 +464,20 @@ class Server_Key_Exchange : public Handshake_Message
const std::vector<byte>& params() const { return m_params; }
bool verify(const Public_Key& server_key,
- const Handshake_State& state) const;
+ const Handshake_State& state,
+ const Policy& policy) const;
// Only valid for certain kex types
const Private_Key& server_kex_key() const;
+#if defined(BOTAN_HAS_SRP6)
// Only valid for SRP negotiation
- SRP6_Server_Session& server_srp_params() const;
+ SRP6_Server_Session& server_srp_params() const
+ {
+ BOTAN_ASSERT_NONNULL(m_srp_params);
+ return *m_srp_params;
+ }
+#endif
Server_Key_Exchange(Handshake_IO& io,
Handshake_State& state,
@@ -510,8 +495,10 @@ class Server_Key_Exchange : public Handshake_Message
private:
std::vector<byte> serialize() const override;
- std::unique_ptr<Private_Key> m_kex_key;
+#if defined(BOTAN_HAS_SRP6)
std::unique_ptr<SRP6_Server_Session> m_srp_params;
+#endif
+ std::unique_ptr<Private_Key> m_kex_key;
std::vector<byte> m_params;
@@ -523,13 +510,13 @@ class Server_Key_Exchange : public Handshake_Message
/**
* Server Hello Done Message
*/
-class Server_Hello_Done : public Handshake_Message
+class Server_Hello_Done final : public Handshake_Message
{
public:
Handshake_Type type() const override { return SERVER_HELLO_DONE; }
Server_Hello_Done(Handshake_IO& io, Handshake_Hash& hash);
- Server_Hello_Done(const std::vector<byte>& buf);
+ explicit Server_Hello_Done(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
};
@@ -537,7 +524,7 @@ class Server_Hello_Done : public Handshake_Message
/**
* New Session Ticket Message
*/
-class New_Session_Ticket : public Handshake_Message
+class New_Session_Ticket final : public Handshake_Message
{
public:
Handshake_Type type() const override { return NEW_SESSION_TICKET; }
@@ -553,7 +540,7 @@ class New_Session_Ticket : public Handshake_Message
New_Session_Ticket(Handshake_IO& io,
Handshake_Hash& hash);
- New_Session_Ticket(const std::vector<byte>& buf);
+ explicit New_Session_Ticket(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
@@ -564,7 +551,7 @@ class New_Session_Ticket : public Handshake_Message
/**
* Change Cipher Spec
*/
-class Change_Cipher_Spec : public Handshake_Message
+class Change_Cipher_Spec final : public Handshake_Message
{
public:
Handshake_Type type() const override { return HANDSHAKE_CCS; }