1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
|
/*
* TLS Extensions
* (C) 2011 Jack Lloyd
*
* Released under the terms of the Botan license
*/
#include <botan/internal/tls_extensions.h>
#include <botan/internal/tls_reader.h>
#include <stdio.h>
namespace Botan {
TLS_Extensions::TLS_Extensions(class TLS_Data_Reader& reader)
{
if(reader.has_remaining())
{
const u16bit all_extn_size = reader.get_u16bit();
if(reader.remaining_bytes() != all_extn_size)
throw Decoding_Error("Bad extension size");
while(reader.has_remaining())
{
const u16bit extension_code = reader.get_u16bit();
const u16bit extension_size = reader.get_u16bit();
if(extension_code == TLSEXT_SERVER_NAME_INDICATION)
extensions.push_back(new Server_Name_Indicator(reader));
else if(extension_code == TLSEXT_SRP_IDENTIFIER)
extensions.push_back(new SRP_Identifier(reader));
else if(extension_code == TLSEXT_SAFE_RENEGOTIATION)
extensions.push_back(new Renegotation_Extension(reader));
else // unknown/unhandled extension
{
printf("Unknown extension code %d\n", extension_code);
reader.discard_next(extension_size);
}
}
}
}
MemoryVector<byte> TLS_Extensions::serialize() const
{
MemoryVector<byte> buf(2); // 2 bytes for length field
for(size_t i = 0; i != extensions.size(); ++i)
{
if(extensions[i]->empty())
continue;
const u16bit extn_code = extensions[i]->type();
MemoryVector<byte> extn_val = extensions[i]->serialize();
buf.push_back(get_byte(0, extn_code));
buf.push_back(get_byte(1, extn_code));
buf.push_back(get_byte<u16bit>(0, extn_val.size()));
buf.push_back(get_byte<u16bit>(1, extn_val.size()));
buf += extn_val;
}
const u16bit extn_size = buf.size() - 2;
buf[0] = get_byte(0, extn_size);
buf[1] = get_byte(1, extn_size);
// avoid sending a completely empty extensions block
if(buf.size() == 2)
return MemoryVector<byte>();
return buf;
}
TLS_Extensions::~TLS_Extensions()
{
for(size_t i = 0; i != extensions.size(); ++i)
delete extensions[i];
extensions.clear();
}
Server_Name_Indicator::Server_Name_Indicator(TLS_Data_Reader& reader)
{
u16bit name_bytes = reader.get_u16bit();
while(name_bytes)
{
byte name_type = reader.get_byte();
name_bytes--;
if(name_type == 0) // DNS
{
sni_host_name = reader.get_string(2, 1, 65535);
name_bytes -= (2 + sni_host_name.size());
}
else // some other unknown name type
{
reader.discard_next(name_bytes);
name_bytes = 0;
}
}
}
MemoryVector<byte> Server_Name_Indicator::serialize() const
{
MemoryVector<byte> buf;
size_t name_len = sni_host_name.size();
buf.push_back(get_byte<u16bit>(0, name_len+3));
buf.push_back(get_byte<u16bit>(1, name_len+3));
buf.push_back(0); // DNS
buf.push_back(get_byte<u16bit>(0, name_len));
buf.push_back(get_byte<u16bit>(1, name_len));
buf += std::make_pair(
reinterpret_cast<const byte*>(sni_host_name.data()),
sni_host_name.size());
return buf;
}
SRP_Identifier::SRP_Identifier(TLS_Data_Reader& reader)
{
srp_identifier = reader.get_string(1, 1, 255);
}
MemoryVector<byte> SRP_Identifier::serialize() const
{
MemoryVector<byte> buf;
const byte* srp_bytes =
reinterpret_cast<const byte*>(srp_identifier.data());
append_tls_length_value(buf, srp_bytes, srp_identifier.size(), 1);
return buf;
}
Renegotation_Extension::Renegotation_Extension(TLS_Data_Reader& reader)
{
reneg_data = reader.get_range<byte>(1, 0, 255);
}
MemoryVector<byte> Renegotation_Extension::serialize() const
{
MemoryVector<byte> buf;
append_tls_length_value(buf, reneg_data, 1);
return buf;
}
}
|
