10 #include <botan/tls_messages.h>
11 #include <botan/tls_extensions.h>
12 #include <botan/tls_callbacks.h>
13 #include <botan/internal/tls_reader.h>
14 #include <botan/internal/tls_session_key.h>
15 #include <botan/internal/tls_handshake_io.h>
16 #include <botan/internal/tls_handshake_hash.h>
17 #include <botan/internal/stl_util.h>
25 const uint64_t DOWNGRADE_TLS11 = 0x444F574E47524400;
29 make_server_hello_random(RandomNumberGenerator& rng,
30 Protocol_Version offered_version,
39 store_be(DOWNGRADE_TLS11, &random[24]);
44 store_be(DOWNGRADE_TLS11, &random[24]);
58 const std::vector<uint8_t>& reneg_info,
61 const std::string next_protocol) :
62 m_version(server_settings.protocol_version()),
63 m_session_id(server_settings.session_id()),
64 m_random(make_server_hello_random(rng, m_version, policy)),
65 m_ciphersuite(server_settings.ciphersuite()),
98 const std::vector<uint16_t> server_srtp = policy.
srtp_profiles();
99 const std::vector<uint16_t> client_srtp = client_hello.
srtp_profiles();
101 if(!server_srtp.empty() && !client_srtp.empty())
105 for(
auto s_srtp : server_srtp)
106 for(
auto c_srtp : client_srtp)
108 if(shared == 0 && s_srtp == c_srtp)
128 const std::vector<uint8_t>& reneg_info,
131 bool offer_session_ticket,
132 const std::string& next_protocol) :
133 m_version(resumed_session.version()),
134 m_session_id(client_hello.session_id()),
136 m_ciphersuite(resumed_session.ciphersuite_code()),
178 const uint8_t major_version = reader.
get_byte();
179 const uint8_t minor_version = reader.
get_byte();
183 m_random = reader.
get_fixed<uint8_t>(32);
185 m_session_id = reader.
get_range<uint8_t>(1, 0, 32);
197 std::vector<uint8_t> Server_Hello::serialize()
const
199 std::vector<uint8_t> buf;
207 buf.push_back(
get_byte(0, m_ciphersuite));
208 buf.push_back(
get_byte(1, m_ciphersuite));
210 buf.push_back(m_comp_method);
220 return (last8 == DOWNGRADE_TLS11);
238 throw Decoding_Error(
"Server_Hello_Done: Must be empty, and is not");
244 std::vector<uint8_t> Server_Hello_Done::serialize()
const
246 return std::vector<uint8_t>();
bool supports_cert_status_message() const
std::vector< T > get_fixed(size_t size)
bool cbc_ciphersuite() const
virtual std::vector< uint8_t > send(const Handshake_Message &msg)=0
uint8_t minor_version() const
Server_Hello_Done(Handshake_IO &io, Handshake_Hash &hash)
virtual bool support_cert_status_message() const
std::vector< uint8_t > serialize(Connection_Side whoami) const
bool supports_session_ticket() const
Ciphersuite ciphersuite() const
virtual std::vector< uint16_t > srtp_profiles() const
void add(Extension *extn)
std::unique_ptr< Session > resumed_session
constexpr uint8_t get_byte(size_t byte_num, T input)
void deserialize(TLS_Data_Reader &reader, Connection_Side from)
bool ecc_ciphersuite() const
uint64_t load_be< uint64_t >(const uint8_t in[], size_t off)
bool supports_alpn() const
bool random_signals_downgrade() const
bool offer_session_ticket() const
std::vector< T > get_range(size_t len_bytes, size_t min_elems, size_t max_elems)
Server_Hello(Handshake_IO &io, Handshake_Hash &hash, const Policy &policy, Callbacks &cb, RandomNumberGenerator &rng, const std::vector< uint8_t > &secure_reneg_info, const Client_Hello &client_hello, const Server_Hello::Settings &settings, const std::string next_protocol)
void update(const uint8_t in[], size_t length)
uint8_t major_version() const
bool supports_encrypt_then_mac() const
std::vector< uint8_t > make_hello_random(RandomNumberGenerator &rng, const Policy &policy)
virtual bool use_ecc_point_compression() const
virtual void tls_modify_extensions(Extensions &extn, Connection_Side which_side)
static Ciphersuite by_id(uint16_t suite)
std::vector< uint16_t > srtp_profiles() const
bool supports_extended_master_secret() const
std::set< Handshake_Extension_Type > extension_types() const
bool is_datagram_protocol() const
bool secure_renegotiation() const
virtual bool negotiate_encrypt_then_mac() const
void append_tls_length_value(std::vector< uint8_t, Alloc > &buf, const T *vals, size_t vals_size, size_t tag_size)