9 #include <botan/tls_extensions.h>
10 #include <botan/internal/tls_reader.h>
11 #include <botan/tls_exceptn.h>
19 Extension* make_extension(TLS_Data_Reader& reader, uint16_t code, uint16_t size)
24 return new Server_Name_Indicator(reader, size);
26 #if defined(BOTAN_HAS_SRP6)
28 return new SRP_Identifier(reader, size);
32 return new Supported_Elliptic_Curves(reader, size);
35 return new Certificate_Status_Request(reader, size);
38 return new Supported_Point_Formats(reader, size);
41 return new Renegotiation_Extension(reader, size);
44 return new Signature_Algorithms(reader, size);
47 return new SRTP_Protection_Profiles(reader, size);
50 return new Application_Layer_Protocol_Notification(reader, size);
53 return new Extended_Master_Secret(reader, size);
56 return new Encrypt_then_MAC(reader, size);
59 return new Session_Ticket(reader, size);
95 std::vector<uint8_t> buf(2);
97 for(
auto& extn : m_extensions)
99 if(extn.second->empty())
102 const uint16_t extn_code = extn.second->type();
104 std::vector<uint8_t> extn_val = extn.second->serialize();
106 buf.push_back(
get_byte(0, extn_code));
107 buf.push_back(
get_byte(1, extn_code));
109 buf.push_back(
get_byte(0, static_cast<uint16_t>(extn_val.size())));
110 buf.push_back(
get_byte(1, static_cast<uint16_t>(extn_val.size())));
115 const uint16_t extn_size =
static_cast<uint16_t
>(buf.size() - 2);
122 return std::vector<uint8_t>();
129 std::set<Handshake_Extension_Type> offers;
130 for(
auto i = m_extensions.begin(); i != m_extensions.end(); ++i)
131 offers.insert(i->first);
136 uint16_t extension_size)
141 if(extension_size == 0)
146 if(name_bytes + 2 != extension_size)
151 uint8_t name_type = reader.
get_byte();
156 m_sni_host_name = reader.
get_string(2, 1, 65535);
157 name_bytes -=
static_cast<uint16_t
>(2 + m_sni_host_name.size());
169 std::vector<uint8_t> buf;
171 size_t name_len = m_sni_host_name.size();
173 buf.push_back(
get_byte(0, static_cast<uint16_t>(name_len+3)));
174 buf.push_back(
get_byte(1, static_cast<uint16_t>(name_len+3)));
177 buf.push_back(
get_byte(0, static_cast<uint16_t>(name_len)));
178 buf.push_back(
get_byte(1, static_cast<uint16_t>(name_len)));
180 buf += std::make_pair(
181 reinterpret_cast<const uint8_t*>(m_sni_host_name.data()),
182 m_sni_host_name.size());
187 #if defined(BOTAN_HAS_SRP6)
190 uint16_t extension_size) : m_srp_identifier(reader.get_string(1, 1, 255))
192 if(m_srp_identifier.size() + 1 != extension_size)
193 throw Decoding_Error(
"Bad encoding for SRP identifier extension");
196 std::vector<uint8_t> SRP_Identifier::serialize()
const
198 std::vector<uint8_t> buf;
200 const uint8_t* srp_bytes =
201 reinterpret_cast<const uint8_t*
>(m_srp_identifier.data());
211 uint16_t extension_size) : m_reneg_data(reader.get_range<uint8_t>(1, 0, 255))
213 if(m_reneg_data.size() + 1 != extension_size)
214 throw Decoding_Error(
"Bad encoding for secure renegotiation extn");
219 std::vector<uint8_t> buf;
225 uint16_t extension_size)
227 if(extension_size == 0)
232 size_t bytes_remaining = extension_size - 2;
234 if(name_bytes != bytes_remaining)
235 throw Decoding_Error(
"Bad encoding of ALPN extension, bad length field");
237 while(bytes_remaining)
239 const std::string p = reader.
get_string(1, 0, 255);
241 if(bytes_remaining < p.size() + 1)
242 throw Decoding_Error(
"Bad encoding of ALPN, length field too long");
244 bytes_remaining -= (p.size() + 1);
246 m_protocols.push_back(p);
252 if(m_protocols.size() != 1)
255 " protocols in ALPN extension response");
256 return m_protocols[0];
261 std::vector<uint8_t> buf(2);
263 for(
auto&& p: m_protocols)
265 if(p.length() >= 256)
269 reinterpret_cast<const uint8_t*>(p.data()),
274 buf[0] =
get_byte(0, static_cast<uint16_t>(buf.size()-2));
275 buf[1] =
get_byte(1, static_cast<uint16_t>(buf.size()-2));
291 return "brainpool256r1";
293 return "brainpool384r1";
295 return "brainpool512r1";
297 #if defined(BOTAN_HAS_CURVE_25519)
302 #if defined(BOTAN_HOUSE_ECC_CURVE_NAME)
303 case BOTAN_HOUSE_ECC_CURVE_TLS_ID:
304 return BOTAN_HOUSE_ECC_CURVE_NAME;
314 if(name ==
"secp256r1")
316 if(name ==
"secp384r1")
318 if(name ==
"secp521r1")
320 if(name ==
"brainpool256r1")
322 if(name ==
"brainpool384r1")
324 if(name ==
"brainpool512r1")
327 #if defined(BOTAN_HAS_CURVE_25519)
332 #if defined(BOTAN_HOUSE_ECC_CURVE_NAME)
333 if(name == BOTAN_HOUSE_ECC_CURVE_NAME)
334 return BOTAN_HOUSE_ECC_CURVE_TLS_ID;
343 std::vector<uint8_t> buf(2);
345 for(
size_t i = 0; i != m_curves.size(); ++i)
356 buf[0] =
get_byte(0, static_cast<uint16_t>(buf.size()-2));
357 buf[1] =
get_byte(1, static_cast<uint16_t>(buf.size()-2));
363 uint16_t extension_size)
367 if(len + 2 != extension_size)
368 throw Decoding_Error(
"Inconsistent length field in elliptic curve list");
375 for(
size_t i = 0; i != len; ++i)
381 m_curves.push_back(name);
388 if(m_prefers_compressed)
399 uint16_t extension_size)
403 if(len + 1 != extension_size)
404 throw Decoding_Error(
"Inconsistent length field in supported point formats list");
406 for(
size_t i = 0; i != len; ++i)
412 m_prefers_compressed =
false;
418 m_prefers_compressed =
true;
454 if(name ==
"SHA-256")
457 if(name ==
"SHA-384")
460 if(name ==
"SHA-512")
463 throw Internal_Error(
"Unknown hash ID " + name +
" for signature_algorithms");
492 throw Internal_Error(
"Unknown sig ID " + name +
" for signature_algorithms");
497 std::vector<uint8_t> buf(2);
499 for(
size_t i = 0; i != m_supported_algos.size(); ++i)
503 const uint8_t hash_code =
hash_algo_code(m_supported_algos[i].first);
504 const uint8_t sig_code =
sig_algo_code(m_supported_algos[i].second);
506 buf.push_back(hash_code);
507 buf.push_back(sig_code);
513 buf[0] =
get_byte(0, static_cast<uint16_t>(buf.size()-2));
514 buf[1] =
get_byte(1, static_cast<uint16_t>(buf.size()-2));
520 const std::vector<std::string>& sigs)
522 for(
size_t i = 0; i != hashes.size(); ++i)
523 for(
size_t j = 0; j != sigs.size(); ++j)
524 m_supported_algos.push_back(std::make_pair(hashes[i], sigs[j]));
528 uint16_t extension_size)
532 if(len + 2 != extension_size)
533 throw Decoding_Error(
"Bad encoding on signature algorithms extension");
537 const uint8_t hash_code = reader.
get_byte();
538 const uint8_t sig_code = reader.
get_byte();
554 if(hash_name.empty() || sig_name.empty())
557 m_supported_algos.push_back(std::make_pair(hash_name, sig_name));
562 uint16_t extension_size) : m_ticket(reader.get_elem<uint8_t,
std::vector<uint8_t>>(extension_size))
566 uint16_t extension_size) : m_pp(reader.get_range<uint16_t>(2, 0, 65535))
568 const std::vector<uint8_t> mki = reader.
get_range<uint8_t>(1, 0, 255);
570 if(m_pp.size() * 2 + mki.size() + 3 != extension_size)
571 throw Decoding_Error(
"Bad encoding for SRTP protection extension");
574 throw Decoding_Error(
"Unhandled non-empty MKI for SRTP protection extension");
579 std::vector<uint8_t> buf;
581 const uint16_t pp_len =
static_cast<uint16_t
>(m_pp.size() * 2);
585 for(uint16_t pp : m_pp)
597 uint16_t extension_size)
599 if(extension_size != 0)
605 return std::vector<uint8_t>();
609 uint16_t extension_size)
611 if(extension_size != 0)
617 return std::vector<uint8_t>();
622 std::vector<uint8_t> buf;
647 uint16_t extension_size)
649 if(extension_size > 0)
664 const std::vector<std::vector<uint8_t>>& ocsp_key_ids) :
665 m_ocsp_names(ocsp_responder_ids),
666 m_ocsp_keys(ocsp_key_ids),
std::vector< uint8_t > serialize() const
std::vector< uint8_t > serialize() const override
std::vector< uint8_t > serialize() const override
static uint8_t sig_algo_code(const std::string &name)
Handshake_Extension_Type type() const override
Server_Name_Indicator(const std::string &host_name)
const std::string & single_protocol() const
size_t remaining_bytes() const
Supported_Elliptic_Curves(const std::vector< std::string > &curves)
void add(Extension *extn)
static uint16_t name_to_curve_id(const std::string &name)
std::string to_string(const BER_Object &obj)
Certificate_Status_Request()
std::vector< uint8_t > serialize() const override
static uint8_t hash_algo_code(const std::string &name)
Extended_Master_Secret()=default
std::vector< uint8_t > serialize() const override
static std::string curve_id_to_name(uint16_t id)
std::string get_string(size_t len_bytes, size_t min_bytes, size_t max_bytes)
std::vector< T > get_range(size_t len_bytes, size_t min_elems, size_t max_elems)
std::vector< uint8_t > serialize() const override
Application_Layer_Protocol_Notification(const std::string &protocol)
std::vector< uint8_t > serialize() const override
bool has_remaining() const
Signature_Algorithms(const std::vector< std::string > &hashes, const std::vector< std::string > &sig_algos)
Renegotiation_Extension()=default
static std::string sig_algo_name(uint8_t code)
std::vector< uint8_t > serialize() const override
std::vector< uint8_t > serialize() const override
std::set< Handshake_Extension_Type > extension_types() const
void discard_next(size_t bytes)
Encrypt_then_MAC()=default
SRTP_Protection_Profiles(const std::vector< uint16_t > &pp)
uint8_t get_byte(size_t byte_num, T input)
void deserialize(TLS_Data_Reader &reader)
std::vector< uint8_t > serialize() const override
static std::string hash_algo_name(uint8_t code)
void append_tls_length_value(std::vector< uint8_t, Alloc > &buf, const T *vals, size_t vals_size, size_t tag_size)