1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
|
/*
* TLS Channel
* (C) 2011,2012 Jack Lloyd
*
* Released under the terms of the Botan license
*/
#ifndef BOTAN_TLS_CHANNEL_H__
#define BOTAN_TLS_CHANNEL_H__
#include <botan/tls_policy.h>
#include <botan/tls_session.h>
#include <botan/tls_alert.h>
#include <botan/tls_session_manager.h>
#include <botan/x509cert.h>
#include <vector>
#include <string>
#include <memory>
namespace Botan {
namespace TLS {
class Handshake_IO;
class Handshake_State;
/**
* Generic interface for TLS endpoint
*/
class BOTAN_DLL Channel
{
public:
/**
* Inject TLS traffic received from counterparty
* @return a hint as the how many more bytes we need to process the
* current record (this may be 0 if on a record boundary)
*/
virtual size_t received_data(const byte buf[], size_t buf_size);
/**
* Inject plaintext intended for counterparty
*/
void send(const byte buf[], size_t buf_size);
/**
* Inject plaintext intended for counterparty
*/
void send(const std::string& string);
/**
* Send a close notification alert
*/
void close() { send_alert(Alert(Alert::CLOSE_NOTIFY)); }
/**
* @return true iff the connection is active for sending application data
*/
bool is_active() const { return m_active_state && !is_closed(); }
/**
* @return true iff the connection has been definitely closed
*/
bool is_closed() const { return m_connection_closed; }
/**
* Attempt to renegotiate the session
* @param force_full_renegotiation if true, require a full renegotiation,
* otherwise allow session resumption
*/
void renegotiate(bool force_full_renegotiation = false);
/**
* Attempt to send a heartbeat message (if negotiated with counterparty)
* @param payload will be echoed back
* @param payload_size size of payload in bytes
*/
void heartbeat(const byte payload[], size_t payload_size);
/**
* Attempt to send a heartbeat message (if negotiated with counterparty)
*/
void heartbeat() { heartbeat(nullptr, 0); }
/**
* @return certificate chain of the peer (may be empty)
*/
std::vector<X509_Certificate> peer_cert_chain() const;
/**
* Key material export (RFC 5705)
* @param label a disambiguating label string
* @param context a per-association context value
* @param length the length of the desired key in bytes
* @return key of length bytes
*/
SymmetricKey key_material_export(const std::string& label,
const std::string& context,
size_t length) const;
Channel(std::function<void (const byte[], size_t)> socket_output_fn,
std::function<void (const byte[], size_t, Alert)> proc_fn,
std::function<bool (const Session&)> handshake_complete,
Session_Manager& session_manager,
RandomNumberGenerator& rng);
Channel(const Channel&) = delete;
Channel& operator=(const Channel&) = delete;
virtual ~Channel();
protected:
virtual void process_handshake_msg(const Handshake_State* active_state,
Handshake_State& pending_state,
Handshake_Type type,
const std::vector<byte>& contents) = 0;
virtual void initiate_handshake(Handshake_State& state,
bool force_full_renegotiation) = 0;
virtual std::vector<X509_Certificate>
get_peer_cert_chain(const Handshake_State& state) const = 0;
virtual Handshake_State* new_handshake_state(Handshake_IO* io) = 0;
Handshake_State& create_handshake_state(Protocol_Version version);
/**
* Send a TLS alert message. If the alert is fatal, the internal
* state (keys, etc) will be reset.
* @param alert the Alert to send
*/
void send_alert(const Alert& alert);
void activate_session();
void set_maximum_fragment_size(size_t maximum);
void change_cipher_spec_reader(Connection_Side side);
void change_cipher_spec_writer(Connection_Side side);
/* secure renegotiation handling */
void secure_renegotiation_check(const class Client_Hello* client_hello);
void secure_renegotiation_check(const class Server_Hello* server_hello);
std::vector<byte> secure_renegotiation_data_for_client_hello() const;
std::vector<byte> secure_renegotiation_data_for_server_hello() const;
bool secure_renegotiation_supported() const;
RandomNumberGenerator& rng() { return m_rng; }
Session_Manager& session_manager() { return m_session_manager; }
bool save_session(const Session& session) const { return m_handshake_fn(session); }
private:
void send_record(byte record_type, const std::vector<byte>& record);
void send_record_array(byte type, const byte input[], size_t length);
void write_record(byte type, const byte input[], size_t length);
bool peer_supports_heartbeats() const;
bool heartbeat_sending_allowed() const;
/* callbacks */
std::function<bool (const Session&)> m_handshake_fn;
std::function<void (const byte[], size_t, Alert)> m_proc_fn;
std::function<void (const byte[], size_t)> m_output_fn;
/* external state */
RandomNumberGenerator& m_rng;
Session_Manager& m_session_manager;
/* writing cipher state */
std::vector<byte> m_writebuf;
std::unique_ptr<class Connection_Cipher_State> m_write_cipherstate;
u64bit m_write_seq_no = 0;
/* reading cipher state */
std::vector<byte> m_readbuf;
size_t m_readbuf_pos = 0;
std::unique_ptr<class Connection_Cipher_State> m_read_cipherstate;
u64bit m_read_seq_no = 0;
/* connection parameters */
std::unique_ptr<Handshake_State> m_active_state;
std::unique_ptr<Handshake_State> m_pending_state;
size_t m_max_fragment = MAX_PLAINTEXT_SIZE;
bool m_secure_renegotiation = false;
bool m_connection_closed = false;
};
}
}
#endif
|
