/* * TLS Messages * (C) 2004-2011,2015 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ #ifndef BOTAN_TLS_MESSAGES_H__ #define BOTAN_TLS_MESSAGES_H__ #include #include #include #include #include #include #include #include #include #include namespace Botan { class Credentials_Manager; #if defined(BOTAN_HAS_SRP6) class SRP6_Server_Session; #endif namespace TLS { class Session; class Handshake_IO; std::vector make_hello_random(RandomNumberGenerator& rng, const Policy& policy); /** * DTLS Hello Verify Request */ class Hello_Verify_Request final : public Handshake_Message { public: std::vector serialize() const override; Handshake_Type type() const override { return HELLO_VERIFY_REQUEST; } std::vector cookie() const { return m_cookie; } explicit Hello_Verify_Request(const std::vector& buf); Hello_Verify_Request(const std::vector& client_hello_bits, const std::string& client_identity, const SymmetricKey& secret_key); private: std::vector m_cookie; }; /** * Client Hello Message */ class Client_Hello final : public Handshake_Message { public: Handshake_Type type() const override { return CLIENT_HELLO; } Protocol_Version version() const { return m_version; } const std::vector& random() const { return m_random; } const std::vector& session_id() const { return m_session_id; } std::vector ciphersuites() const { return m_suites; } std::vector compression_methods() const { return m_comp_methods; } bool offered_suite(u16bit ciphersuite) const; bool sent_fallback_scsv() const; std::vector> supported_algos() const { if(Signature_Algorithms* sigs = m_extensions.get()) return sigs->supported_signature_algorthms(); return std::vector>(); } std::vector supported_ecc_curves() const { if(Supported_Elliptic_Curves* ecc = m_extensions.get()) return ecc->curves(); return std::vector(); } std::string sni_hostname() const { if(Server_Name_Indicator* sni = m_extensions.get()) return sni->host_name(); return ""; } #if defined(BOTAN_HAS_SRP6) std::string srp_identifier() const { if(SRP_Identifier* srp = m_extensions.get()) return srp->identifier(); return ""; } #endif bool secure_renegotiation() const { return m_extensions.has(); } std::vector renegotiation_info() const { if(Renegotiation_Extension* reneg = m_extensions.get()) return reneg->renegotiation_info(); return std::vector(); } bool supports_session_ticket() const { return m_extensions.has(); } std::vector session_ticket() const { if(Session_Ticket* ticket = m_extensions.get()) return ticket->contents(); return std::vector(); } bool supports_alpn() const { return m_extensions.has(); } bool supports_extended_master_secret() const { return m_extensions.has(); } std::vector next_protocols() const { if(auto alpn = m_extensions.get()) return alpn->protocols(); return std::vector(); } std::vector srtp_profiles() const { if(SRTP_Protection_Profiles* srtp = m_extensions.get()) return srtp->profiles(); return std::vector(); } void update_hello_cookie(const Hello_Verify_Request& hello_verify); std::set extension_types() const { return m_extensions.extension_types(); } Client_Hello(Handshake_IO& io, Handshake_Hash& hash, Protocol_Version version, const Policy& policy, RandomNumberGenerator& rng, const std::vector& reneg_info, const std::vector& next_protocols, const std::string& hostname = "", const std::string& srp_identifier = ""); Client_Hello(Handshake_IO& io, Handshake_Hash& hash, const Policy& policy, RandomNumberGenerator& rng, const std::vector& reneg_info, const Session& resumed_session, const std::vector& next_protocols); explicit Client_Hello(const std::vector& buf); private: std::vector serialize() const override; Protocol_Version m_version; std::vector m_session_id; std::vector m_random; std::vector m_suites; std::vector m_comp_methods; std::vector m_hello_cookie; // DTLS only Extensions m_extensions; }; /** * Server Hello Message */ class Server_Hello final : public Handshake_Message { public: Handshake_Type type() const override { return SERVER_HELLO; } Protocol_Version version() const { return m_version; } const std::vector& random() const { return m_random; } const std::vector& session_id() const { return m_session_id; } u16bit ciphersuite() const { return m_ciphersuite; } byte compression_method() const { return m_comp_method; } bool secure_renegotiation() const { return m_extensions.has(); } std::vector renegotiation_info() const { if(Renegotiation_Extension* reneg = m_extensions.get()) return reneg->renegotiation_info(); return std::vector(); } bool supports_extended_master_secret() const { return m_extensions.has(); } bool supports_session_ticket() const { return m_extensions.has(); } u16bit srtp_profile() const { if(auto srtp = m_extensions.get()) { auto prof = srtp->profiles(); if(prof.size() != 1 || prof[0] == 0) throw Decoding_Error("Server sent malformed DTLS-SRTP extension"); return prof[0]; } return 0; } std::string next_protocol() const { if(auto alpn = m_extensions.get()) return alpn->single_protocol(); return ""; } std::set extension_types() const { return m_extensions.extension_types(); } Server_Hello(Handshake_IO& io, Handshake_Hash& hash, const Policy& policy, RandomNumberGenerator& rng, const std::vector& secure_reneg_info, const Client_Hello& client_hello, const std::vector& new_session_id, Protocol_Version new_session_version, u16bit ciphersuite, byte compression, bool offer_session_ticket, const std::string& next_protocol); Server_Hello(Handshake_IO& io, Handshake_Hash& hash, const Policy& policy, RandomNumberGenerator& rng, const std::vector& secure_reneg_info, const Client_Hello& client_hello, Session& resumed_session, bool offer_session_ticket, const std::string& next_protocol); explicit Server_Hello(const std::vector& buf); private: std::vector serialize() const override; Protocol_Version m_version; std::vector m_session_id, m_random; u16bit m_ciphersuite; byte m_comp_method; Extensions m_extensions; }; /** * Client Key Exchange Message */ class Client_Key_Exchange final : public Handshake_Message { public: Handshake_Type type() const override { return CLIENT_KEX; } const secure_vector& pre_master_secret() const { return m_pre_master; } Client_Key_Exchange(Handshake_IO& io, Handshake_State& state, const Policy& policy, Credentials_Manager& creds, const Public_Key* server_public_key, const std::string& hostname, RandomNumberGenerator& rng); Client_Key_Exchange(const std::vector& buf, const Handshake_State& state, const Private_Key* server_rsa_kex_key, Credentials_Manager& creds, const Policy& policy, RandomNumberGenerator& rng); private: std::vector serialize() const override { return m_key_material; } std::vector m_key_material; secure_vector m_pre_master; }; /** * Certificate Message */ class Certificate final : public Handshake_Message { public: Handshake_Type type() const override { return CERTIFICATE; } const std::vector& cert_chain() const { return m_certs; } size_t count() const { return m_certs.size(); } bool empty() const { return m_certs.empty(); } Certificate(Handshake_IO& io, Handshake_Hash& hash, const std::vector& certs); explicit Certificate(const std::vector& buf); private: std::vector serialize() const override; std::vector m_certs; }; /** * Certificate Request Message */ class Certificate_Req final : public Handshake_Message { public: Handshake_Type type() const override { return CERTIFICATE_REQUEST; } const std::vector& acceptable_cert_types() const { return m_cert_key_types; } std::vector acceptable_CAs() const { return m_names; } std::vector > supported_algos() const { return m_supported_algos; } Certificate_Req(Handshake_IO& io, Handshake_Hash& hash, const Policy& policy, const std::vector& allowed_cas, Protocol_Version version); Certificate_Req(const std::vector& buf, Protocol_Version version); private: std::vector serialize() const override; std::vector m_names; std::vector m_cert_key_types; std::vector > m_supported_algos; }; /** * Certificate Verify Message */ class Certificate_Verify final : public Handshake_Message { public: Handshake_Type type() const override { return CERTIFICATE_VERIFY; } /** * Check the signature on a certificate verify message * @param cert the purported certificate * @param state the handshake state */ bool verify(const X509_Certificate& cert, const Handshake_State& state) const; Certificate_Verify(Handshake_IO& io, Handshake_State& state, const Policy& policy, RandomNumberGenerator& rng, const Private_Key* key); Certificate_Verify(const std::vector& buf, Protocol_Version version); private: std::vector serialize() const override; std::string m_sig_algo; // sig algo used to create signature std::string m_hash_algo; // hash used to create signature std::vector m_signature; }; /** * Finished Message */ class Finished final : public Handshake_Message { public: Handshake_Type type() const override { return FINISHED; } std::vector verify_data() const { return m_verification_data; } bool verify(const Handshake_State& state, Connection_Side side) const; Finished(Handshake_IO& io, Handshake_State& state, Connection_Side side); explicit Finished(const std::vector& buf); private: std::vector serialize() const override; std::vector m_verification_data; }; /** * Hello Request Message */ class Hello_Request final : public Handshake_Message { public: Handshake_Type type() const override { return HELLO_REQUEST; } explicit Hello_Request(Handshake_IO& io); explicit Hello_Request(const std::vector& buf); private: std::vector serialize() const override; }; /** * Server Key Exchange Message */ class Server_Key_Exchange final : public Handshake_Message { public: Handshake_Type type() const override { return SERVER_KEX; } const std::vector& params() const { return m_params; } bool verify(const Public_Key& server_key, const Handshake_State& state) const; // Only valid for certain kex types const Private_Key& server_kex_key() const; #if defined(BOTAN_HAS_SRP6) // Only valid for SRP negotiation SRP6_Server_Session& server_srp_params() const { BOTAN_ASSERT_NONNULL(m_srp_params); return *m_srp_params; } #endif Server_Key_Exchange(Handshake_IO& io, Handshake_State& state, const Policy& policy, Credentials_Manager& creds, RandomNumberGenerator& rng, const Private_Key* signing_key = nullptr); Server_Key_Exchange(const std::vector& buf, const std::string& kex_alg, const std::string& sig_alg, Protocol_Version version); ~Server_Key_Exchange(); private: std::vector serialize() const override; #if defined(BOTAN_HAS_SRP6) std::unique_ptr m_srp_params; #endif std::unique_ptr m_kex_key; std::vector m_params; std::string m_sig_algo; // sig algo used to create signature std::string m_hash_algo; // hash used to create signature std::vector m_signature; }; /** * Server Hello Done Message */ class Server_Hello_Done final : public Handshake_Message { public: Handshake_Type type() const override { return SERVER_HELLO_DONE; } Server_Hello_Done(Handshake_IO& io, Handshake_Hash& hash); explicit Server_Hello_Done(const std::vector& buf); private: std::vector serialize() const override; }; /** * New Session Ticket Message */ class New_Session_Ticket final : public Handshake_Message { public: Handshake_Type type() const override { return NEW_SESSION_TICKET; } u32bit ticket_lifetime_hint() const { return m_ticket_lifetime_hint; } const std::vector& ticket() const { return m_ticket; } New_Session_Ticket(Handshake_IO& io, Handshake_Hash& hash, const std::vector& ticket, u32bit lifetime); New_Session_Ticket(Handshake_IO& io, Handshake_Hash& hash); explicit New_Session_Ticket(const std::vector& buf); private: std::vector serialize() const override; u32bit m_ticket_lifetime_hint = 0; std::vector m_ticket; }; /** * Change Cipher Spec */ class Change_Cipher_Spec final : public Handshake_Message { public: Handshake_Type type() const override { return HANDSHAKE_CCS; } std::vector serialize() const override { return std::vector(1, 1); } }; } } #endif