Botan  2.1.0
Crypto and TLS for C++11
tls_handshake_state.h
Go to the documentation of this file.
1 /*
2 * TLS Handshake State
3 * (C) 2004-2006,2011,2012 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #ifndef BOTAN_TLS_HANDSHAKE_STATE_H__
9 #define BOTAN_TLS_HANDSHAKE_STATE_H__
10 
11 #include <botan/internal/tls_handshake_hash.h>
12 #include <botan/internal/tls_handshake_io.h>
13 #include <botan/internal/tls_session_key.h>
14 #include <botan/tls_ciphersuite.h>
15 #include <botan/tls_exceptn.h>
16 #include <botan/tls_handshake_msg.h>
17 #include <botan/pk_keys.h>
18 #include <botan/pubkey.h>
19 #include <functional>
20 
21 namespace Botan {
22 
23 class KDF;
24 
25 namespace TLS {
26 
27 class Callbacks;
28 class Policy;
29 
30 class Hello_Verify_Request;
31 class Client_Hello;
32 class Server_Hello;
33 class Certificate;
34 class Certificate_Status;
35 class Server_Key_Exchange;
36 class Certificate_Req;
37 class Server_Hello_Done;
38 class Certificate;
39 class Client_Key_Exchange;
40 class Certificate_Verify;
41 class New_Session_Ticket;
42 class Finished;
43 
44 /**
45 * SSL/TLS Handshake State
46 */
48  {
49  public:
50  Handshake_State(Handshake_IO* io, Callbacks& callbacks);
51 
52  virtual ~Handshake_State() = default;
53 
54  Handshake_State(const Handshake_State&) = delete;
55  Handshake_State& operator=(const Handshake_State&) = delete;
56 
57  Handshake_IO& handshake_io() { return *m_handshake_io; }
58 
59  /**
60  * Return true iff we have received a particular message already
61  * @param msg_type the message type
62  */
63  bool received_handshake_msg(Handshake_Type msg_type) const;
64 
65  /**
66  * Confirm that we were expecting this message type
67  * @param msg_type the message type
68  */
70 
71  /**
72  * Record that we are expecting a particular message type next
73  * @param msg_type the message type
74  */
75  void set_expected_next(Handshake_Type msg_type);
76 
77  std::pair<Handshake_Type, std::vector<uint8_t>>
79 
80  std::vector<uint8_t> session_ticket() const;
81 
82  std::pair<std::string, Signature_Format>
83  parse_sig_format(const Public_Key& key,
84  const std::string& hash_algo,
85  const std::string& sig_algo,
86  bool for_client_auth,
87  const Policy& policy) const;
88 
89  std::pair<std::string, Signature_Format>
90  choose_sig_format(const Private_Key& key,
91  std::string& hash_algo,
92  std::string& sig_algo,
93  bool for_client_auth,
94  const Policy& policy) const;
95 
96  std::string srp_identifier() const;
97 
98  KDF* protocol_specific_prf() const;
99 
100  Protocol_Version version() const { return m_version; }
101 
102  void set_version(const Protocol_Version& version);
103 
104  void hello_verify_request(const Hello_Verify_Request& hello_verify);
105 
119 
120  const Client_Hello* client_hello() const
121  { return m_client_hello.get(); }
122 
123  const Server_Hello* server_hello() const
124  { return m_server_hello.get(); }
125 
126  const Certificate* server_certs() const
127  { return m_server_certs.get(); }
128 
130  { return m_server_kex.get(); }
131 
132  const Certificate_Req* cert_req() const
133  { return m_cert_req.get(); }
134 
136  { return m_server_hello_done.get(); }
137 
138  const Certificate* client_certs() const
139  { return m_client_certs.get(); }
140 
142  { return m_client_kex.get(); }
143 
145  { return m_client_verify.get(); }
146 
148  { return m_server_cert_status.get(); }
149 
151  { return m_new_session_ticket.get(); }
152 
153  const Finished* server_finished() const
154  { return m_server_finished.get(); }
155 
156  const Finished* client_finished() const
157  { return m_client_finished.get(); }
158 
159  const Ciphersuite& ciphersuite() const { return m_ciphersuite; }
160 
161  const Session_Keys& session_keys() const { return m_session_keys; }
162 
163  void compute_session_keys();
164 
166 
167  Handshake_Hash& hash() { return m_handshake_hash; }
168 
169  const Handshake_Hash& hash() const { return m_handshake_hash; }
170 
171  void note_message(const Handshake_Message& msg);
172  private:
173 
174  Callbacks& m_callbacks;
175 
176  std::unique_ptr<Handshake_IO> m_handshake_io;
177 
178  uint32_t m_hand_expecting_mask = 0;
179  uint32_t m_hand_received_mask = 0;
180  Protocol_Version m_version;
181  Ciphersuite m_ciphersuite;
182  Session_Keys m_session_keys;
183  Handshake_Hash m_handshake_hash;
184 
185  std::unique_ptr<Client_Hello> m_client_hello;
186  std::unique_ptr<Server_Hello> m_server_hello;
187  std::unique_ptr<Certificate> m_server_certs;
188  std::unique_ptr<Certificate_Status> m_server_cert_status;
189  std::unique_ptr<Server_Key_Exchange> m_server_kex;
190  std::unique_ptr<Certificate_Req> m_cert_req;
191  std::unique_ptr<Server_Hello_Done> m_server_hello_done;
192  std::unique_ptr<Certificate> m_client_certs;
193  std::unique_ptr<Client_Key_Exchange> m_client_kex;
194  std::unique_ptr<Certificate_Verify> m_client_verify;
195  std::unique_ptr<New_Session_Ticket> m_new_session_ticket;
196  std::unique_ptr<Finished> m_server_finished;
197  std::unique_ptr<Finished> m_client_finished;
198  };
199 
200 }
201 
202 }
203 
204 #endif
std::pair< std::string, Signature_Format > parse_sig_format(const Public_Key &key, const std::string &hash_algo, const std::string &sig_algo, bool for_client_auth, const Policy &policy) const
Handshake_State & operator=(const Handshake_State &)=delete
virtual ~Handshake_State()=default
const Server_Hello_Done * server_hello_done() const
const Finished * client_finished() const
const Session_Keys & session_keys() const
const Server_Hello * server_hello() const
const Finished * server_finished() const
const Certificate * server_certs() const
Handshake_State(Handshake_IO *io, Callbacks &callbacks)
const Certificate_Status * server_cert_status() const
void set_version(const Protocol_Version &version)
const Server_Key_Exchange * server_kex() const
std::vector< T, secure_allocator< T >> secure_vector
Definition: secmem.h:121
std::pair< Handshake_Type, std::vector< uint8_t > > get_next_handshake_msg()
const Certificate_Verify * client_verify() const
const Handshake_Hash & hash() const
Definition: alg_id.cpp:13
void confirm_transition_to(Handshake_Type msg_type)
std::vector< uint8_t > session_ticket() const
secure_vector< uint8_t > resume_master_secret
Definition: tls_client.cpp:38
void note_message(const Handshake_Message &msg)
Definition: kdf.h:20
void hello_verify_request(const Hello_Verify_Request &hello_verify)
std::string srp_identifier() const
std::pair< std::string, Signature_Format > choose_sig_format(const Private_Key &key, std::string &hash_algo, std::string &sig_algo, bool for_client_auth, const Policy &policy) const
const New_Session_Ticket * new_session_ticket() const
const Ciphersuite & ciphersuite() const
bool received_handshake_msg(Handshake_Type msg_type) const
const Certificate * client_certs() const
void set_expected_next(Handshake_Type msg_type)
const Certificate_Req * cert_req() const
Protocol_Version version() const
const Client_Hello * client_hello() const
const Client_Key_Exchange * client_kex() const