Botan  2.1.0
Crypto and TLS for C++11
Classes | Typedefs | Enumerations | Functions
Botan::TLS Namespace Reference

Classes

class  Alert
 
class  Application_Layer_Protocol_Notification
 
class  Blocking_Client
 
class  BSI_TR_02102_2
 
class  Callbacks
 
class  Certificate
 
class  Certificate_Req
 
class  Certificate_Status
 
class  Certificate_Status_Request
 
class  Certificate_Verify
 
class  Change_Cipher_Spec
 
class  Channel
 
class  Ciphersuite
 
class  Client
 
class  Client_Hello
 
class  Client_Key_Exchange
 
class  Compat_Callbacks
 
class  Connection_Cipher_State
 
class  Connection_Sequence_Numbers
 
class  Datagram_Handshake_IO
 
class  Datagram_Policy
 
class  Datagram_Sequence_Numbers
 
class  Encrypt_then_MAC
 
class  Extended_Master_Secret
 
class  Extension
 
class  Extensions
 
class  Finished
 
class  Handshake_Hash
 
class  Handshake_IO
 
class  Handshake_Message
 
class  Handshake_State
 
class  Hello_Request
 
class  Hello_Verify_Request
 
class  New_Session_Ticket
 
class  NSA_Suite_B_128
 
class  Policy
 
class  Protocol_Version
 
class  Record
 
class  Record_Message
 
class  Record_Raw_Input
 
class  Renegotiation_Extension
 
class  Server
 
class  Server_Hello
 
class  Server_Hello_Done
 
class  Server_Information
 
class  Server_Key_Exchange
 
class  Server_Name_Indicator
 
class  Session
 
class  Session_Keys
 
class  Session_Manager
 
class  Session_Manager_In_Memory
 
class  Session_Manager_Noop
 
class  Session_Manager_SQL
 
class  Session_Manager_SQLite
 
class  Session_Ticket
 
class  Signature_Algorithms
 
class  SRTP_Protection_Profiles
 
class  Stream_Handshake_IO
 
class  Stream_Sequence_Numbers
 
class  Strict_Policy
 
class  Supported_Elliptic_Curves
 
class  Supported_Point_Formats
 
class  Text_Policy
 
class  TLS_CBC_HMAC_AEAD_Decryption
 
class  TLS_CBC_HMAC_AEAD_Encryption
 
class  TLS_CBC_HMAC_AEAD_Mode
 
class  TLS_Data_Reader
 
class  TLS_Exception
 
struct  Unexpected_Message
 

Typedefs

typedef std::function< std::shared_ptr< Connection_Cipher_State >uint16_t)> get_cipherstate_fn
 

Enumerations

enum  { TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF, TLS_FALLBACK_SCSV = 0x5600 }
 
enum  Compression_Method { NO_COMPRESSION = 0x00, DEFLATE_COMPRESSION = 0x01 }
 
enum  Connection_Side { CLIENT = 1, SERVER = 2 }
 
enum  Handshake_Extension_Type {
  TLSEXT_SERVER_NAME_INDICATION = 0, TLSEXT_CERT_STATUS_REQUEST = 5, TLSEXT_CERTIFICATE_TYPES = 9, TLSEXT_USABLE_ELLIPTIC_CURVES = 10,
  TLSEXT_EC_POINT_FORMATS = 11, TLSEXT_SRP_IDENTIFIER = 12, TLSEXT_SIGNATURE_ALGORITHMS = 13, TLSEXT_USE_SRTP = 14,
  TLSEXT_ALPN = 16, TLSEXT_ENCRYPT_THEN_MAC = 22, TLSEXT_EXTENDED_MASTER_SECRET = 23, TLSEXT_SESSION_TICKET = 35,
  TLSEXT_SAFE_RENEGOTIATION = 65281
}
 
enum  Handshake_Type {
  HELLO_REQUEST = 0, CLIENT_HELLO = 1, SERVER_HELLO = 2, HELLO_VERIFY_REQUEST = 3,
  NEW_SESSION_TICKET = 4, CERTIFICATE = 11, SERVER_KEX = 12, CERTIFICATE_REQUEST = 13,
  SERVER_HELLO_DONE = 14, CERTIFICATE_VERIFY = 15, CLIENT_KEX = 16, FINISHED = 20,
  CERTIFICATE_URL = 21, CERTIFICATE_STATUS = 22, HANDSHAKE_CCS = 254, HANDSHAKE_NONE = 255
}
 
enum  Record_Type {
  CHANGE_CIPHER_SPEC = 20, ALERT = 21, HANDSHAKE = 22, APPLICATION_DATA = 23,
  NO_RECORD = 256
}
 
enum  Size_Limits {
  TLS_HEADER_SIZE = 5, DTLS_HEADER_SIZE = TLS_HEADER_SIZE + 8, MAX_PLAINTEXT_SIZE = 16*1024, MAX_COMPRESSED_SIZE = MAX_PLAINTEXT_SIZE + 1024,
  MAX_CIPHERTEXT_SIZE = MAX_COMPRESSED_SIZE + 1024
}
 

Functions

template<typename T , typename Alloc >
void append_tls_length_value (std::vector< uint8_t, Alloc > &buf, const T *vals, size_t vals_size, size_t tag_size)
 
template<typename T , typename Alloc , typename Alloc2 >
void append_tls_length_value (std::vector< uint8_t, Alloc > &buf, const std::vector< T, Alloc2 > &vals, size_t tag_size)
 
template<typename Alloc >
void append_tls_length_value (std::vector< uint8_t, Alloc > &buf, const std::string &str, size_t tag_size)
 
const char * handshake_type_to_string (Handshake_Type type)
 
std::vector< uint8_t > make_hello_random (RandomNumberGenerator &rng, const Policy &policy)
 
bool operator!= (const Server_Information &a, const Server_Information &b)
 
bool operator< (const Server_Information &a, const Server_Information &b)
 
bool operator== (const Server_Information &a, const Server_Information &b)
 
size_t read_record (secure_vector< uint8_t > &readbuf, Record_Raw_Input &raw_input, Record &rec, Connection_Sequence_Numbers *sequence_numbers, get_cipherstate_fn get_cipherstate)
 
void write_record (secure_vector< uint8_t > &output, Record_Message msg, Protocol_Version version, uint64_t seq, Connection_Cipher_State *cs, RandomNumberGenerator &rng)
 

Typedef Documentation

typedef std::function<std::shared_ptr<Connection_Cipher_State>uint16_t)> Botan::TLS::get_cipherstate_fn

Definition at line 166 of file tls_record.h.

Enumeration Type Documentation

anonymous enum
Enumerator
TLS_EMPTY_RENEGOTIATION_INFO_SCSV 
TLS_FALLBACK_SCSV 

Definition at line 23 of file msg_client_hello.cpp.

Enumerator
NO_COMPRESSION 
DEFLATE_COMPRESSION 

Definition at line 61 of file tls_magic.h.

Enumerator
CLIENT 
SERVER 

Definition at line 27 of file tls_magic.h.

Enumerator
TLSEXT_SERVER_NAME_INDICATION 
TLSEXT_CERT_STATUS_REQUEST 
TLSEXT_CERTIFICATE_TYPES 
TLSEXT_USABLE_ELLIPTIC_CURVES 
TLSEXT_EC_POINT_FORMATS 
TLSEXT_SRP_IDENTIFIER 
TLSEXT_SIGNATURE_ALGORITHMS 
TLSEXT_USE_SRTP 
TLSEXT_ALPN 
TLSEXT_ENCRYPT_THEN_MAC 
TLSEXT_EXTENDED_MASTER_SECRET 
TLSEXT_SESSION_TICKET 
TLSEXT_SAFE_RENEGOTIATION 

Definition at line 27 of file tls_extensions.h.

Enumerator
HELLO_REQUEST 
CLIENT_HELLO 
SERVER_HELLO 
HELLO_VERIFY_REQUEST 
NEW_SESSION_TICKET 
CERTIFICATE 
SERVER_KEX 
CERTIFICATE_REQUEST 
SERVER_HELLO_DONE 
CERTIFICATE_VERIFY 
CLIENT_KEX 
FINISHED 
CERTIFICATE_URL 
CERTIFICATE_STATUS 
HANDSHAKE_CCS 
HANDSHAKE_NONE 

Definition at line 38 of file tls_magic.h.

Enumerator
CHANGE_CIPHER_SPEC 
ALERT 
HANDSHAKE 
APPLICATION_DATA 
NO_RECORD 

Definition at line 29 of file tls_magic.h.

Protocol Constants for SSL/TLS

Enumerator
TLS_HEADER_SIZE 
DTLS_HEADER_SIZE 
MAX_PLAINTEXT_SIZE 
MAX_COMPRESSED_SIZE 
MAX_CIPHERTEXT_SIZE 

Definition at line 18 of file tls_magic.h.

Function Documentation

template<typename T , typename Alloc >
void Botan::TLS::append_tls_length_value ( std::vector< uint8_t, Alloc > &  buf,
const T *  vals,
size_t  vals_size,
size_t  tag_size 
)

Helper function for encoding length-tagged vectors

Definition at line 185 of file tls_reader.h.

References Botan::get_byte().

Referenced by append_tls_length_value(), Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Renegotiation_Extension::serialize(), Botan::TLS::Application_Layer_Protocol_Notification::serialize(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

189  {
190  const size_t T_size = sizeof(T);
191  const size_t val_bytes = T_size * vals_size;
192 
193  if(tag_size != 1 && tag_size != 2)
194  throw Invalid_Argument("append_tls_length_value: invalid tag size");
195 
196  if((tag_size == 1 && val_bytes > 255) ||
197  (tag_size == 2 && val_bytes > 65535))
198  throw Invalid_Argument("append_tls_length_value: value too large");
199 
200  for(size_t i = 0; i != tag_size; ++i)
201  buf.push_back(get_byte(sizeof(val_bytes)-tag_size+i, val_bytes));
202 
203  for(size_t i = 0; i != vals_size; ++i)
204  for(size_t j = 0; j != T_size; ++j)
205  buf.push_back(get_byte(j, vals[i]));
206  }
uint8_t get_byte(size_t byte_num, T input)
Definition: loadstor.h:47
template<typename T , typename Alloc , typename Alloc2 >
void Botan::TLS::append_tls_length_value ( std::vector< uint8_t, Alloc > &  buf,
const std::vector< T, Alloc2 > &  vals,
size_t  tag_size 
)

Definition at line 209 of file tls_reader.h.

References append_tls_length_value().

212  {
213  append_tls_length_value(buf, vals.data(), vals.size(), tag_size);
214  }
void append_tls_length_value(std::vector< uint8_t, Alloc > &buf, const std::string &str, size_t tag_size)
Definition: tls_reader.h:217
template<typename Alloc >
void Botan::TLS::append_tls_length_value ( std::vector< uint8_t, Alloc > &  buf,
const std::string &  str,
size_t  tag_size 
)

Definition at line 217 of file tls_reader.h.

References append_tls_length_value().

220  {
222  reinterpret_cast<const uint8_t*>(str.data()),
223  str.size(),
224  tag_size);
225  }
void append_tls_length_value(std::vector< uint8_t, Alloc > &buf, const std::string &str, size_t tag_size)
Definition: tls_reader.h:217
const char * Botan::TLS::handshake_type_to_string ( Handshake_Type  type)

Definition at line 22 of file tls_handshake_state.cpp.

References CERTIFICATE, CERTIFICATE_REQUEST, CERTIFICATE_STATUS, CERTIFICATE_URL, CERTIFICATE_VERIFY, CLIENT_HELLO, CLIENT_KEX, FINISHED, HANDSHAKE_CCS, HANDSHAKE_NONE, HELLO_REQUEST, HELLO_VERIFY_REQUEST, NEW_SESSION_TICKET, SERVER_HELLO, SERVER_HELLO_DONE, SERVER_KEX, and Botan::ASN1::to_string().

Referenced by Botan::TLS::Handshake_Message::type_string().

23  {
24  switch(type)
25  {
27  return "hello_verify_request";
28 
29  case HELLO_REQUEST:
30  return "hello_request";
31 
32  case CLIENT_HELLO:
33  return "client_hello";
34 
35  case SERVER_HELLO:
36  return "server_hello";
37 
38  case CERTIFICATE:
39  return "certificate";
40 
41  case CERTIFICATE_URL:
42  return "certificate_url";
43 
44  case CERTIFICATE_STATUS:
45  return "certificate_status";
46 
47  case SERVER_KEX:
48  return "server_key_exchange";
49 
51  return "certificate_request";
52 
53  case SERVER_HELLO_DONE:
54  return "server_hello_done";
55 
56  case CERTIFICATE_VERIFY:
57  return "certificate_verify";
58 
59  case CLIENT_KEX:
60  return "client_key_exchange";
61 
62  case NEW_SESSION_TICKET:
63  return "new_session_ticket";
64 
65  case HANDSHAKE_CCS:
66  return "change_cipher_spec";
67 
68  case FINISHED:
69  return "finished";
70 
71  case HANDSHAKE_NONE:
72  return "invalid";
73  }
74 
75  throw Internal_Error("Unknown TLS handshake message type " + std::to_string(type));
76  }
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:47
MechanismType type
std::vector< uint8_t > Botan::TLS::make_hello_random ( RandomNumberGenerator rng,
const Policy policy 
)

Definition at line 28 of file msg_client_hello.cpp.

References Botan::TLS::Policy::include_time_in_hello_random(), Botan::RandomNumberGenerator::randomize(), and Botan::store_be().

30  {
31  std::vector<uint8_t> buf(32);
32  rng.randomize(buf.data(), buf.size());
33 
34  if(policy.include_time_in_hello_random())
35  {
36  const uint32_t time32 = static_cast<uint32_t>(
37  std::chrono::system_clock::to_time_t(std::chrono::system_clock::now()));
38 
39  store_be(time32, buf.data());
40  }
41 
42  return buf;
43  }
void store_be(uint16_t in, uint8_t out[2])
Definition: loadstor.h:441
bool Botan::TLS::operator!= ( const Server_Information a,
const Server_Information b 
)
inline

Definition at line 84 of file tls_server_info.h.

85  {
86  return !(a == b);
87  }
bool Botan::TLS::operator< ( const Server_Information a,
const Server_Information b 
)
inline

Definition at line 89 of file tls_server_info.h.

References Botan::TLS::Server_Information::hostname(), Botan::TLS::Server_Information::port(), and Botan::TLS::Server_Information::service().

90  {
91  if(a.hostname() != b.hostname())
92  return (a.hostname() < b.hostname());
93  if(a.service() != b.service())
94  return (a.service() < b.service());
95  if(a.port() != b.port())
96  return (a.port() < b.port());
97  return false; // equal
98  }
bool Botan::TLS::operator== ( const Server_Information a,
const Server_Information b 
)
inline

Definition at line 76 of file tls_server_info.h.

References Botan::TLS::Server_Information::hostname(), Botan::TLS::Server_Information::port(), and Botan::TLS::Server_Information::service().

77  {
78  return (a.hostname() == b.hostname()) &&
79  (a.service() == b.service()) &&
80  (a.port() == b.port());
81 
82  }
size_t Botan::TLS::read_record ( secure_vector< uint8_t > &  read_buffer,
Record_Raw_Input raw_input,
Record rec,
Connection_Sequence_Numbers sequence_numbers,
get_cipherstate_fn  get_cipherstate 
)

Decode a TLS record

Returns
zero if full message, else number of bytes still needed

Definition at line 494 of file tls_record.cpp.

References Botan::TLS::Record_Raw_Input::is_datagram().

Referenced by Botan::TLS::Channel::received_data().

499  {
500  if(raw_input.is_datagram())
501  return read_dtls_record(readbuf, raw_input, rec,
502  sequence_numbers, get_cipherstate);
503  else
504  return read_tls_record(readbuf, raw_input, rec,
505  sequence_numbers, get_cipherstate);
506  }
void Botan::TLS::write_record ( secure_vector< uint8_t > &  write_buffer,
Record_Message  rec_msg,
Protocol_Version  version,
uint64_t  msg_sequence,
Connection_Cipher_State cipherstate,
RandomNumberGenerator rng 
)

Create a TLS record

Parameters
write_bufferthe output record is placed here
rec_msgis the plaintext message
versionis the protocol version
msg_sequenceis the sequence number
cipherstateis the writing cipher state
rngis a random number generator

Definition at line 213 of file tls_record.cpp.

References Botan::TLS::Connection_Cipher_State::aead(), Botan::TLS::Connection_Cipher_State::aead_nonce(), BOTAN_ASSERT, Botan::TLS::Connection_Cipher_State::cbc_nonce(), Botan::Cipher_Mode::finish(), Botan::TLS::Connection_Cipher_State::format_ad(), Botan::get_byte(), Botan::TLS::Record_Message::get_data(), Botan::TLS::Record_Message::get_size(), Botan::TLS::Record_Message::get_type(), Botan::TLS::Protocol_Version::is_datagram_protocol(), Botan::TLS::Protocol_Version::major_version(), MAX_CIPHERTEXT_SIZE, Botan::TLS::Protocol_Version::minor_version(), Botan::TLS::Connection_Cipher_State::nonce_bytes_from_handshake(), Botan::TLS::Connection_Cipher_State::nonce_bytes_from_record(), Botan::Cipher_Mode::output_length(), Botan::AEAD_Mode::set_ad(), and Botan::Cipher_Mode::start().

219  {
220  output.clear();
221 
222  output.push_back(msg.get_type());
223  output.push_back(version.major_version());
224  output.push_back(version.minor_version());
225 
226  if(version.is_datagram_protocol())
227  {
228  for(size_t i = 0; i != 8; ++i)
229  output.push_back(get_byte(i, seq));
230  }
231 
232  if(!cs) // initial unencrypted handshake records
233  {
234  append_u16_len(output, msg.get_size());
235  output.insert(output.end(), msg.get_data(), msg.get_data() + msg.get_size());
236  return;
237  }
238 
239  AEAD_Mode* aead = cs->aead();
240  std::vector<uint8_t> aad = cs->format_ad(seq, msg.get_type(), version, static_cast<uint16_t>(msg.get_size()));
241 
242  const size_t ctext_size = aead->output_length(msg.get_size());
243 
244  const size_t rec_size = ctext_size + cs->nonce_bytes_from_record();
245 
246  aead->set_ad(aad);
247 
248  const std::vector<uint8_t> nonce = cs->aead_nonce(seq, rng);
249 
250  append_u16_len(output, rec_size);
251 
252  if(cs->nonce_bytes_from_record() > 0)
253  {
254  if(cs->cbc_nonce())
255  output += nonce;
256  else
257  output += std::make_pair(&nonce[cs->nonce_bytes_from_handshake()], cs->nonce_bytes_from_record());
258  }
259 
260  const size_t header_size = output.size();
261  output += std::make_pair(msg.get_data(), msg.get_size());
262 
263  aead->start(nonce);
264  aead->finish(output, header_size);
265 
266  BOTAN_ASSERT(output.size() < MAX_CIPHERTEXT_SIZE,
267  "Produced ciphertext larger than protocol allows");
268  }
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:27
uint8_t get_byte(size_t byte_num, T input)
Definition: loadstor.h:47