Botan  2.13.0
Crypto and TLS for C++11
Namespaces | Classes | Typedefs | Enumerations | Functions
Botan::TLS Namespace Reference

Namespaces

 detail
 

Classes

class  Alert
 
class  Application_Layer_Protocol_Notification
 
class  Blocking_Client
 
struct  BotanAlertCategory
 An error category for TLS alerts. More...
 
class  BSI_TR_02102_2
 
class  Callbacks
 
class  Certificate
 
class  Certificate_Req
 
class  Certificate_Status
 
class  Certificate_Status_Request
 
class  Certificate_Verify
 
class  Change_Cipher_Spec
 
class  Channel
 
class  Ciphersuite
 
class  Client
 
class  Client_Hello
 
class  Client_Key_Exchange
 
class  Compat_Callbacks
 
class  Connection_Cipher_State
 
class  Connection_Sequence_Numbers
 
class  Context
 
class  Datagram_Handshake_IO
 
class  Datagram_Policy
 
class  Datagram_Sequence_Numbers
 
class  Encrypt_then_MAC
 
class  Extended_Master_Secret
 
class  Extension
 
class  Extensions
 
class  Finished
 
class  Handshake_Hash
 
class  Handshake_IO
 
class  Handshake_Message
 
class  Handshake_State
 
class  Hello_Request
 
class  Hello_Verify_Request
 
class  New_Session_Ticket
 
class  NSA_Suite_B_128
 
class  NSA_Suite_B_192
 
class  Policy
 
class  Protocol_Version
 
class  Record_Header
 
class  Renegotiation_Extension
 
class  Server
 
class  Server_Hello
 
class  Server_Hello_Done
 
class  Server_Information
 
class  Server_Key_Exchange
 
class  Server_Name_Indicator
 
class  Session
 
class  Session_Keys
 
class  Session_Manager
 
class  Session_Manager_In_Memory
 
class  Session_Manager_Noop
 
class  Session_Manager_SQL
 
class  Session_Manager_SQLite
 
class  Session_Ticket
 
class  Signature_Algorithms
 
class  SRTP_Protection_Profiles
 
class  Stream
 boost::asio compatible SSL/TLS stream More...
 
class  Stream_Handshake_IO
 
class  Stream_Sequence_Numbers
 
class  Strict_Policy
 
class  Supported_Groups
 
class  Supported_Point_Formats
 
class  Supported_Versions
 
class  Text_Policy
 
class  TLS_CBC_HMAC_AEAD_Decryption
 
class  TLS_CBC_HMAC_AEAD_Encryption
 
class  TLS_CBC_HMAC_AEAD_Mode
 
class  TLS_Data_Reader
 
class  TLS_Exception
 
class  Unexpected_Message
 
class  Unknown_Extension
 

Typedefs

typedef Policy Default_Policy
 
typedef std::function< std::shared_ptr< Connection_Cipher_State >uint16_t)> get_cipherstate_fn
 

Enumerations

enum  { TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF, TLS_FALLBACK_SCSV = 0x5600 }
 
enum  Auth_Method {
  Auth_Method::RSA, Auth_Method::DSA, Auth_Method::ECDSA, Auth_Method::IMPLICIT = 0x10000,
  Auth_Method::ANONYMOUS
}
 
enum  Cipher_Algo {
  Cipher_Algo::CHACHA20_POLY1305, Cipher_Algo::AES_128_CBC_HMAC_SHA1 = 100, Cipher_Algo::AES_128_CBC_HMAC_SHA256, Cipher_Algo::AES_128_CCM,
  Cipher_Algo::AES_128_CCM_8, Cipher_Algo::AES_128_GCM, Cipher_Algo::AES_128_OCB, Cipher_Algo::AES_256_CBC_HMAC_SHA1 = 200,
  Cipher_Algo::AES_256_CBC_HMAC_SHA256, Cipher_Algo::AES_256_CBC_HMAC_SHA384, Cipher_Algo::AES_256_CCM, Cipher_Algo::AES_256_CCM_8,
  Cipher_Algo::AES_256_GCM, Cipher_Algo::AES_256_OCB, Cipher_Algo::CAMELLIA_128_CBC_HMAC_SHA1 = 300, Cipher_Algo::CAMELLIA_128_CBC_HMAC_SHA256,
  Cipher_Algo::CAMELLIA_128_GCM, Cipher_Algo::CAMELLIA_256_CBC_HMAC_SHA1 = 400, Cipher_Algo::CAMELLIA_256_CBC_HMAC_SHA256, Cipher_Algo::CAMELLIA_256_CBC_HMAC_SHA384,
  Cipher_Algo::CAMELLIA_256_GCM, Cipher_Algo::ARIA_128_GCM = 500, Cipher_Algo::ARIA_256_GCM, Cipher_Algo::DES_EDE_CBC_HMAC_SHA1 = 1000,
  Cipher_Algo::SEED_CBC_HMAC_SHA1
}
 
enum  Connection_Side { CLIENT = 1, SERVER = 2 }
 
enum  Group_Params : uint16_t {
  Group_Params::NONE = 0, Group_Params::SECP256R1 = 23, Group_Params::SECP384R1 = 24, Group_Params::SECP521R1 = 25,
  Group_Params::BRAINPOOL256R1 = 26, Group_Params::BRAINPOOL384R1 = 27, Group_Params::BRAINPOOL512R1 = 28, Group_Params::X25519 = 29,
  Group_Params::FFDHE_2048 = 256, Group_Params::FFDHE_3072 = 257, Group_Params::FFDHE_4096 = 258, Group_Params::FFDHE_6144 = 259,
  Group_Params::FFDHE_8192 = 260
}
 
enum  Handshake_Extension_Type {
  TLSEXT_SERVER_NAME_INDICATION = 0, TLSEXT_CERT_STATUS_REQUEST = 5, TLSEXT_CERTIFICATE_TYPES = 9, TLSEXT_SUPPORTED_GROUPS = 10,
  TLSEXT_EC_POINT_FORMATS = 11, TLSEXT_SRP_IDENTIFIER = 12, TLSEXT_SIGNATURE_ALGORITHMS = 13, TLSEXT_USE_SRTP = 14,
  TLSEXT_ALPN = 16, TLSEXT_ENCRYPT_THEN_MAC = 22, TLSEXT_EXTENDED_MASTER_SECRET = 23, TLSEXT_SESSION_TICKET = 35,
  TLSEXT_SUPPORTED_VERSIONS = 43, TLSEXT_SAFE_RENEGOTIATION = 65281
}
 
enum  Handshake_Type {
  HELLO_REQUEST = 0, CLIENT_HELLO = 1, SERVER_HELLO = 2, HELLO_VERIFY_REQUEST = 3,
  NEW_SESSION_TICKET = 4, CERTIFICATE = 11, SERVER_KEX = 12, CERTIFICATE_REQUEST = 13,
  SERVER_HELLO_DONE = 14, CERTIFICATE_VERIFY = 15, CLIENT_KEX = 16, FINISHED = 20,
  CERTIFICATE_URL = 21, CERTIFICATE_STATUS = 22, HANDSHAKE_CCS = 254, HANDSHAKE_NONE = 255
}
 
enum  KDF_Algo { KDF_Algo::SHA_1, KDF_Algo::SHA_256, KDF_Algo::SHA_384 }
 
enum  Kex_Algo {
  Kex_Algo::STATIC_RSA, Kex_Algo::DH, Kex_Algo::ECDH, Kex_Algo::CECPQ1,
  Kex_Algo::SRP_SHA, Kex_Algo::PSK, Kex_Algo::DHE_PSK, Kex_Algo::ECDHE_PSK
}
 
enum  Nonce_Format { Nonce_Format::CBC_MODE, Nonce_Format::AEAD_IMPLICIT_4, Nonce_Format::AEAD_XOR_12 }
 
enum  Record_Type {
  CHANGE_CIPHER_SPEC = 20, ALERT = 21, HANDSHAKE = 22, APPLICATION_DATA = 23,
  NO_RECORD = 256
}
 
enum  Signature_Scheme : uint16_t {
  Signature_Scheme::NONE = 0x0000, Signature_Scheme::RSA_PKCS1_SHA1 = 0x0201, Signature_Scheme::RSA_PKCS1_SHA256 = 0x0401, Signature_Scheme::RSA_PKCS1_SHA384 = 0x0501,
  Signature_Scheme::RSA_PKCS1_SHA512 = 0x0601, Signature_Scheme::DSA_SHA1 = 0x0202, Signature_Scheme::DSA_SHA256 = 0x0402, Signature_Scheme::DSA_SHA384 = 0x0502,
  Signature_Scheme::DSA_SHA512 = 0x0602, Signature_Scheme::ECDSA_SHA1 = 0x0203, Signature_Scheme::ECDSA_SHA256 = 0x0403, Signature_Scheme::ECDSA_SHA384 = 0x0503,
  Signature_Scheme::ECDSA_SHA512 = 0x0603, Signature_Scheme::RSA_PSS_SHA256 = 0x0804, Signature_Scheme::RSA_PSS_SHA384 = 0x0805, Signature_Scheme::RSA_PSS_SHA512 = 0x0806,
  Signature_Scheme::EDDSA_25519 = 0x0807, Signature_Scheme::EDDSA_448 = 0x0808
}
 
enum  Size_Limits {
  TLS_HEADER_SIZE = 5, DTLS_HEADER_SIZE = TLS_HEADER_SIZE + 8, MAX_PLAINTEXT_SIZE = 16*1024, MAX_COMPRESSED_SIZE = MAX_PLAINTEXT_SIZE + 1024,
  MAX_CIPHERTEXT_SIZE = MAX_COMPRESSED_SIZE + 1024
}
 

Functions

const std::vector< Signature_Scheme > & all_signature_schemes ()
 
template<typename T , typename Alloc >
void append_tls_length_value (std::vector< uint8_t, Alloc > &buf, const T *vals, size_t vals_size, size_t tag_size)
 
template<typename T , typename Alloc , typename Alloc2 >
void append_tls_length_value (std::vector< uint8_t, Alloc > &buf, const std::vector< T, Alloc2 > &vals, size_t tag_size)
 
template<typename Alloc >
void append_tls_length_value (std::vector< uint8_t, Alloc > &buf, const std::string &str, size_t tag_size)
 
Auth_Method auth_method_from_string (const std::string &str)
 
std::string auth_method_to_string (Auth_Method method)
 
const BotanAlertCategorybotan_alert_category () noexcept
 
uint16_t check_tls_cbc_padding (const uint8_t record[], size_t record_len)
 
Group_Params group_param_from_string (const std::string &group_name)
 
bool group_param_is_dh (Group_Params group)
 
std::string group_param_to_string (Group_Params group)
 
const char * handshake_type_to_string (Handshake_Type type)
 
std::string hash_function_of_scheme (Signature_Scheme scheme)
 
std::string kdf_algo_to_string (KDF_Algo algo)
 
Kex_Algo kex_method_from_string (const std::string &str)
 
std::string kex_method_to_string (Kex_Algo method)
 
bool key_exchange_is_psk (Kex_Algo m)
 
boost::system::error_code make_error_code (Botan::TLS::Alert::Type c)
 
std::vector< uint8_t > make_hello_random (RandomNumberGenerator &rng, const Policy &policy)
 
bool operator!= (const Server_Information &a, const Server_Information &b)
 
bool operator< (const Server_Information &a, const Server_Information &b)
 
bool operator== (const Server_Information &a, const Server_Information &b)
 
std::string padding_string_for_scheme (Signature_Scheme scheme)
 
Record_Header read_record (bool is_datagram, secure_vector< uint8_t > &readbuf, const uint8_t input[], size_t input_len, size_t &consumed, secure_vector< uint8_t > &recbuf, Connection_Sequence_Numbers *sequence_numbers, get_cipherstate_fn get_cipherstate, bool allow_epoch0_restart)
 
std::string sig_scheme_to_string (Signature_Scheme scheme)
 
std::string signature_algorithm_of_scheme (Signature_Scheme scheme)
 
bool signature_scheme_is_known (Signature_Scheme scheme)
 
void write_record (secure_vector< uint8_t > &output, uint8_t record_type, Protocol_Version version, uint64_t record_sequence, const uint8_t *message, size_t message_len, Connection_Cipher_State *cs, RandomNumberGenerator &rng)
 

Typedef Documentation

typedef Policy Botan::TLS::Default_Policy

Definition at line 344 of file tls_policy.h.

typedef std::function<std::shared_ptr<Connection_Cipher_State>uint16_t)> Botan::TLS::get_cipherstate_fn

Definition at line 152 of file tls_record.h.

Enumeration Type Documentation

anonymous enum
Enumerator
TLS_EMPTY_RENEGOTIATION_INFO_SCSV 
TLS_FALLBACK_SCSV 

Definition at line 28 of file msg_client_hello.cpp.

28  {
29  TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF,
30  TLS_FALLBACK_SCSV = 0x5600
31 };
enum Botan::TLS::Auth_Method
strong
Enumerator
RSA 
DSA 
ECDSA 
IMPLICIT 
ANONYMOUS 

Definition at line 70 of file tls_algos.h.

70  {
71  RSA,
72  DSA,
73  ECDSA,
74 
75  // These are placed outside the encodable range
76  IMPLICIT = 0x10000,
77  ANONYMOUS
78 };
enum Botan::TLS::Cipher_Algo
strong
Enumerator
CHACHA20_POLY1305 
AES_128_CBC_HMAC_SHA1 
AES_128_CBC_HMAC_SHA256 
AES_128_CCM 
AES_128_CCM_8 
AES_128_GCM 
AES_128_OCB 
AES_256_CBC_HMAC_SHA1 
AES_256_CBC_HMAC_SHA256 
AES_256_CBC_HMAC_SHA384 
AES_256_CCM 
AES_256_CCM_8 
AES_256_GCM 
AES_256_OCB 
CAMELLIA_128_CBC_HMAC_SHA1 
CAMELLIA_128_CBC_HMAC_SHA256 
CAMELLIA_128_GCM 
CAMELLIA_256_CBC_HMAC_SHA1 
CAMELLIA_256_CBC_HMAC_SHA256 
CAMELLIA_256_CBC_HMAC_SHA384 
CAMELLIA_256_GCM 
ARIA_128_GCM 
ARIA_256_GCM 
DES_EDE_CBC_HMAC_SHA1 
SEED_CBC_HMAC_SHA1 

Definition at line 20 of file tls_algos.h.

20  {
21  CHACHA20_POLY1305,
22 
23  AES_128_CBC_HMAC_SHA1 = 100,
24  AES_128_CBC_HMAC_SHA256,
25  AES_128_CCM,
26  AES_128_CCM_8,
27  AES_128_GCM,
28  AES_128_OCB,
29 
30  AES_256_CBC_HMAC_SHA1 = 200,
31  AES_256_CBC_HMAC_SHA256,
32  AES_256_CBC_HMAC_SHA384,
33  AES_256_CCM,
34  AES_256_CCM_8,
35  AES_256_GCM,
36  AES_256_OCB,
37 
38  CAMELLIA_128_CBC_HMAC_SHA1 = 300,
39  CAMELLIA_128_CBC_HMAC_SHA256,
40  CAMELLIA_128_GCM,
41 
42  CAMELLIA_256_CBC_HMAC_SHA1 = 400,
43  CAMELLIA_256_CBC_HMAC_SHA256,
44  CAMELLIA_256_CBC_HMAC_SHA384,
45  CAMELLIA_256_GCM,
46 
47  ARIA_128_GCM = 500,
48  ARIA_256_GCM,
49 
50  DES_EDE_CBC_HMAC_SHA1 = 1000,
51  SEED_CBC_HMAC_SHA1,
52 };
enum Botan::TLS::Connection_Side
Enumerator
CLIENT 
SERVER 

Definition at line 32 of file tls_magic.h.

32 { CLIENT = 1, SERVER = 2 };
enum Botan::TLS::Group_Params : uint16_t
strong
Enumerator
NONE 
SECP256R1 
SECP384R1 
SECP521R1 
BRAINPOOL256R1 
BRAINPOOL384R1 
BRAINPOOL512R1 
X25519 
FFDHE_2048 
FFDHE_3072 
FFDHE_4096 
FFDHE_6144 
FFDHE_8192 

Definition at line 123 of file tls_algos.h.

123  : uint16_t {
124  NONE = 0,
125 
126  SECP256R1 = 23,
127  SECP384R1 = 24,
128  SECP521R1 = 25,
129  BRAINPOOL256R1 = 26,
130  BRAINPOOL384R1 = 27,
131  BRAINPOOL512R1 = 28,
132 
133  X25519 = 29,
134 
135  FFDHE_2048 = 256,
136  FFDHE_3072 = 257,
137  FFDHE_4096 = 258,
138  FFDHE_6144 = 259,
139  FFDHE_8192 = 260,
140 };
enum Botan::TLS::Handshake_Extension_Type
Enumerator
TLSEXT_SERVER_NAME_INDICATION 
TLSEXT_CERT_STATUS_REQUEST 
TLSEXT_CERTIFICATE_TYPES 
TLSEXT_SUPPORTED_GROUPS 
TLSEXT_EC_POINT_FORMATS 
TLSEXT_SRP_IDENTIFIER 
TLSEXT_SIGNATURE_ALGORITHMS 
TLSEXT_USE_SRTP 
TLSEXT_ALPN 
TLSEXT_ENCRYPT_THEN_MAC 
TLSEXT_EXTENDED_MASTER_SECRET 
TLSEXT_SESSION_TICKET 
TLSEXT_SUPPORTED_VERSIONS 
TLSEXT_SAFE_RENEGOTIATION 

Definition at line 32 of file tls_extensions.h.

32  {
33  TLSEXT_SERVER_NAME_INDICATION = 0,
34  TLSEXT_CERT_STATUS_REQUEST = 5,
35 
36  TLSEXT_CERTIFICATE_TYPES = 9,
37  TLSEXT_SUPPORTED_GROUPS = 10,
38  TLSEXT_EC_POINT_FORMATS = 11,
39  TLSEXT_SRP_IDENTIFIER = 12,
40  TLSEXT_SIGNATURE_ALGORITHMS = 13,
41  TLSEXT_USE_SRTP = 14,
42  TLSEXT_ALPN = 16,
43 
44  TLSEXT_ENCRYPT_THEN_MAC = 22,
45  TLSEXT_EXTENDED_MASTER_SECRET = 23,
46 
47  TLSEXT_SESSION_TICKET = 35,
48 
49  TLSEXT_SUPPORTED_VERSIONS = 43,
50 
51  TLSEXT_SAFE_RENEGOTIATION = 65281,
52 };
enum Botan::TLS::Handshake_Type
Enumerator
HELLO_REQUEST 
CLIENT_HELLO 
SERVER_HELLO 
HELLO_VERIFY_REQUEST 
NEW_SESSION_TICKET 
CERTIFICATE 
SERVER_KEX 
CERTIFICATE_REQUEST 
SERVER_HELLO_DONE 
CERTIFICATE_VERIFY 
CLIENT_KEX 
FINISHED 
CERTIFICATE_URL 
CERTIFICATE_STATUS 
HANDSHAKE_CCS 
HANDSHAKE_NONE 

Definition at line 45 of file tls_magic.h.

45  {
46  HELLO_REQUEST = 0,
47  CLIENT_HELLO = 1,
48  SERVER_HELLO = 2,
49  HELLO_VERIFY_REQUEST = 3,
50  NEW_SESSION_TICKET = 4, // RFC 5077
51  CERTIFICATE = 11,
52  SERVER_KEX = 12,
53  CERTIFICATE_REQUEST = 13,
54  SERVER_HELLO_DONE = 14,
55  CERTIFICATE_VERIFY = 15,
56  CLIENT_KEX = 16,
57  FINISHED = 20,
58 
59  CERTIFICATE_URL = 21,
60  CERTIFICATE_STATUS = 22,
61 
62  HANDSHAKE_CCS = 254, // Not a wire value
63  HANDSHAKE_NONE = 255 // Null value
64 };
enum Botan::TLS::KDF_Algo
strong
Enumerator
SHA_1 
SHA_256 
SHA_384 

Definition at line 54 of file tls_algos.h.

54  {
55  SHA_1,
56  SHA_256,
57  SHA_384,
58 };
Botan::SHA_1
SHA_160 SHA_1
Definition: sha160.h:71
enum Botan::TLS::Kex_Algo
strong
Enumerator
STATIC_RSA 
DH 
ECDH 
CECPQ1 
SRP_SHA 
PSK 
DHE_PSK 
ECDHE_PSK 

Definition at line 146 of file tls_algos.h.

146  {
147  STATIC_RSA,
148  DH,
149  ECDH,
150  CECPQ1,
151  SRP_SHA,
152  PSK,
153  DHE_PSK,
154  ECDHE_PSK,
155 };
enum Botan::TLS::Nonce_Format
strong
Enumerator
CBC_MODE 
AEAD_IMPLICIT_4 
AEAD_XOR_12 

Definition at line 62 of file tls_algos.h.

62  {
63  CBC_MODE,
64  AEAD_IMPLICIT_4,
65  AEAD_XOR_12,
66 };
enum Botan::TLS::Record_Type
Enumerator
CHANGE_CIPHER_SPEC 
ALERT 
HANDSHAKE 
APPLICATION_DATA 
NO_RECORD 

Definition at line 35 of file tls_magic.h.

35  {
36  CHANGE_CIPHER_SPEC = 20,
37  ALERT = 21,
38  HANDSHAKE = 22,
39  APPLICATION_DATA = 23,
40 
41  NO_RECORD = 256
42 };
enum Botan::TLS::Signature_Scheme : uint16_t
strong
Enumerator
NONE 
RSA_PKCS1_SHA1 
RSA_PKCS1_SHA256 
RSA_PKCS1_SHA384 
RSA_PKCS1_SHA512 
DSA_SHA1 
DSA_SHA256 
DSA_SHA384 
DSA_SHA512 
ECDSA_SHA1 
ECDSA_SHA256 
ECDSA_SHA384 
ECDSA_SHA512 
RSA_PSS_SHA256 
RSA_PSS_SHA384 
RSA_PSS_SHA512 
EDDSA_25519 
EDDSA_448 

Definition at line 86 of file tls_algos.h.

86  : uint16_t {
87  NONE = 0x0000,
88 
89  RSA_PKCS1_SHA1 = 0x0201,
90  RSA_PKCS1_SHA256 = 0x0401,
91  RSA_PKCS1_SHA384 = 0x0501,
92  RSA_PKCS1_SHA512 = 0x0601,
93 
94  DSA_SHA1 = 0x0202,
95  DSA_SHA256 = 0x0402,
96  DSA_SHA384 = 0x0502,
97  DSA_SHA512 = 0x0602,
98 
99  ECDSA_SHA1 = 0x0203,
100  ECDSA_SHA256 = 0x0403,
101  ECDSA_SHA384 = 0x0503,
102  ECDSA_SHA512 = 0x0603,
103 
104  RSA_PSS_SHA256 = 0x0804,
105  RSA_PSS_SHA384 = 0x0805,
106  RSA_PSS_SHA512 = 0x0806,
107 
108  EDDSA_25519 = 0x0807,
109  EDDSA_448 = 0x0808,
110 };
enum Botan::TLS::Size_Limits

Protocol Constants for SSL/TLS

Enumerator
TLS_HEADER_SIZE 
DTLS_HEADER_SIZE 
MAX_PLAINTEXT_SIZE 
MAX_COMPRESSED_SIZE 
MAX_CIPHERTEXT_SIZE 

Definition at line 22 of file tls_magic.h.

22  {
23  TLS_HEADER_SIZE = 5,
24  DTLS_HEADER_SIZE = TLS_HEADER_SIZE + 8,
25 
26  MAX_PLAINTEXT_SIZE = 16*1024,
27  MAX_COMPRESSED_SIZE = MAX_PLAINTEXT_SIZE + 1024,
28  MAX_CIPHERTEXT_SIZE = MAX_COMPRESSED_SIZE + 1024,
29 };

Function Documentation

BOTAN_UNSTABLE_API const std::vector< Signature_Scheme > & Botan::TLS::all_signature_schemes ( )

Definition at line 229 of file tls_algos.cpp.

References DSA_SHA1, DSA_SHA256, DSA_SHA384, DSA_SHA512, ECDSA_SHA1, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, RSA_PKCS1_SHA1, RSA_PKCS1_SHA256, RSA_PKCS1_SHA384, RSA_PKCS1_SHA512, RSA_PSS_SHA256, RSA_PSS_SHA384, and RSA_PSS_SHA512.

Referenced by Botan::TLS::Policy::allowed_signature_schemes().

230  {
231  /*
232  * This is ordered in some approximate order of preference
233  */
234  static const std::vector<Signature_Scheme> all_schemes = {
235  //Signature_Scheme::EDDSA_448,
236  //Signature_Scheme::EDDSA_25519,
237 
238  Signature_Scheme::RSA_PSS_SHA384,
239  Signature_Scheme::RSA_PSS_SHA256,
240  Signature_Scheme::RSA_PSS_SHA512,
241 
242  Signature_Scheme::RSA_PKCS1_SHA384,
243  Signature_Scheme::RSA_PKCS1_SHA512,
244  Signature_Scheme::RSA_PKCS1_SHA256,
245 
246  Signature_Scheme::ECDSA_SHA384,
247  Signature_Scheme::ECDSA_SHA512,
248  Signature_Scheme::ECDSA_SHA256,
249 
250  Signature_Scheme::DSA_SHA384,
251  Signature_Scheme::DSA_SHA512,
252  Signature_Scheme::DSA_SHA256,
253 
254  Signature_Scheme::RSA_PKCS1_SHA1,
255  Signature_Scheme::ECDSA_SHA1,
256  Signature_Scheme::DSA_SHA1,
257  };
258 
259  return all_schemes;
260  }
template<typename T , typename Alloc >
void Botan::TLS::append_tls_length_value ( std::vector< uint8_t, Alloc > &  buf,
const T vals,
size_t  vals_size,
size_t  tag_size 
)

Helper function for encoding length-tagged vectors

Definition at line 185 of file tls_reader.h.

References Botan::get_byte(), and T.

Referenced by append_tls_length_value(), Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Client_Hello::cookie_input_data(), Botan::TLS::Renegotiation_Extension::serialize(), Botan::TLS::Application_Layer_Protocol_Notification::serialize(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

189  {
190  const size_t T_size = sizeof(T);
191  const size_t val_bytes = T_size * vals_size;
192 
193  if(tag_size != 1 && tag_size != 2)
194  throw Invalid_Argument("append_tls_length_value: invalid tag size");
195 
196  if((tag_size == 1 && val_bytes > 255) ||
197  (tag_size == 2 && val_bytes > 65535))
198  throw Invalid_Argument("append_tls_length_value: value too large");
199 
200  for(size_t i = 0; i != tag_size; ++i)
201  buf.push_back(get_byte(sizeof(val_bytes)-tag_size+i, val_bytes));
202 
203  for(size_t i = 0; i != vals_size; ++i)
204  for(size_t j = 0; j != T_size; ++j)
205  buf.push_back(get_byte(j, vals[i]));
206  }
Botan::get_byte
constexpr uint8_t get_byte(size_t byte_num, T input)
Definition: loadstor.h:41
T
fe T
Definition: ge.cpp:37
template<typename T , typename Alloc , typename Alloc2 >
void Botan::TLS::append_tls_length_value ( std::vector< uint8_t, Alloc > &  buf,
const std::vector< T, Alloc2 > &  vals,
size_t  tag_size 
)

Definition at line 209 of file tls_reader.h.

References append_tls_length_value().

212  {
213  append_tls_length_value(buf, vals.data(), vals.size(), tag_size);
214  }
Botan::TLS::append_tls_length_value
void append_tls_length_value(std::vector< uint8_t, Alloc > &buf, const std::string &str, size_t tag_size)
Definition: tls_reader.h:217
template<typename Alloc >
void Botan::TLS::append_tls_length_value ( std::vector< uint8_t, Alloc > &  buf,
const std::string &  str,
size_t  tag_size 
)

Definition at line 217 of file tls_reader.h.

References append_tls_length_value(), and Botan::cast_char_ptr_to_uint8().

220  {
221  append_tls_length_value(buf,
222  cast_char_ptr_to_uint8(str.data()),
223  str.size(),
224  tag_size);
225  }
Botan::TLS::append_tls_length_value
void append_tls_length_value(std::vector< uint8_t, Alloc > &buf, const std::string &str, size_t tag_size)
Definition: tls_reader.h:217
Botan::cast_char_ptr_to_uint8
const uint8_t * cast_char_ptr_to_uint8(const char *s)
Definition: mem_ops.h:189
Auth_Method BOTAN_TEST_API Botan::TLS::auth_method_from_string ( const std::string &  str)

Definition at line 102 of file tls_algos.cpp.

References ANONYMOUS, DSA, ECDSA, IMPLICIT, and RSA.

103  {
104  if(str == "RSA")
105  return Auth_Method::RSA;
106  if(str == "DSA")
107  return Auth_Method::DSA;
108  if(str == "ECDSA")
109  return Auth_Method::ECDSA;
110  if(str == "IMPLICIT")
111  return Auth_Method::IMPLICIT;
112  if(str == "ANONYMOUS" || str == "")
113  return Auth_Method::ANONYMOUS;
114 
115  throw Invalid_Argument("Bad signature method " + str);
116  }
std::string BOTAN_TEST_API Botan::TLS::auth_method_to_string ( Auth_Method  method)

Definition at line 83 of file tls_algos.cpp.

References ANONYMOUS, DSA, ECDSA, IMPLICIT, and RSA.

Referenced by Botan::TLS::Ciphersuite::sig_algo().

84  {
85  switch(method)
86  {
87  case Auth_Method::RSA:
88  return "RSA";
89  case Auth_Method::DSA:
90  return "DSA";
91  case Auth_Method::ECDSA:
92  return "ECDSA";
93  case Auth_Method::IMPLICIT:
94  return "IMPLICIT";
95  case Auth_Method::ANONYMOUS:
96  return "ANONYMOUS";
97  }
98 
99  throw Invalid_State("auth_method_to_string unknown enum value");
100  }
const BotanAlertCategory& Botan::TLS::botan_alert_category ( )
inlinenoexcept

Definition at line 41 of file asio_error.h.

Referenced by make_error_code().

42  {
43  static BotanAlertCategory category;
44  return category;
45  }
BOTAN_TEST_API uint16_t Botan::TLS::check_tls_cbc_padding ( const uint8_t  record[],
size_t  record_len 
)

Check the TLS padding of a record

Parameters
recordthe record bits
record_lenlength of record
Returns
0 if padding is invalid, otherwise padding_bytes + 1

Definition at line 225 of file tls_cbc.cpp.

References Botan::CT::Mask< T >::is_equal(), Botan::CT::Mask< T >::is_lt(), and Botan::CT::Mask< T >::is_lte().

Referenced by Botan::TLS::TLS_CBC_HMAC_AEAD_Decryption::finish().

226  {
227  if(record_len == 0 || record_len > 0xFFFF)
228  return 0;
229 
230  const uint16_t rec16 = static_cast<uint16_t>(record_len);
231 
232  /*
233  * TLS v1.0 and up require all the padding bytes be the same value
234  * and allows up to 255 bytes.
235  */
236 
237  const uint16_t to_check = std::min<uint16_t>(256, static_cast<uint16_t>(record_len));
238  const uint8_t pad_byte = record[record_len-1];
239  const uint16_t pad_bytes = 1 + pad_byte;
240 
241  auto pad_invalid = CT::Mask<uint16_t>::is_lt(rec16, pad_bytes);
242 
243  for(uint16_t i = rec16 - to_check; i != rec16; ++i)
244  {
245  const uint16_t offset = rec16 - i;
246  const auto in_pad_range = CT::Mask<uint16_t>::is_lte(offset, pad_bytes);
247  const auto pad_correct = CT::Mask<uint16_t>::is_equal(record[i], pad_byte);
248  pad_invalid |= in_pad_range & ~pad_correct;
249  }
250 
251  return pad_invalid.if_not_set_return(pad_bytes);
252  }
Group_Params Botan::TLS::group_param_from_string ( const std::string &  group_name)

Definition at line 124 of file tls_algos.cpp.

References BRAINPOOL256R1, BRAINPOOL384R1, BRAINPOOL512R1, FFDHE_2048, FFDHE_3072, FFDHE_4096, FFDHE_6144, FFDHE_8192, NONE, SECP256R1, SECP384R1, SECP521R1, and X25519.

Referenced by Botan::TLS::Text_Policy::key_exchange_groups().

125  {
126  if(group_name == "secp256r1")
127  return Group_Params::SECP256R1;
128  if(group_name == "secp384r1")
129  return Group_Params::SECP384R1;
130  if(group_name == "secp521r1")
131  return Group_Params::SECP521R1;
132  if(group_name == "brainpool256r1")
133  return Group_Params::BRAINPOOL256R1;
134  if(group_name == "brainpool384r1")
135  return Group_Params::BRAINPOOL384R1;
136  if(group_name == "brainpool512r1")
137  return Group_Params::BRAINPOOL512R1;
138  if(group_name == "x25519")
139  return Group_Params::X25519;
140 
141  if(group_name == "ffdhe/ietf/2048")
142  return Group_Params::FFDHE_2048;
143  if(group_name == "ffdhe/ietf/3072")
144  return Group_Params::FFDHE_3072;
145  if(group_name == "ffdhe/ietf/4096")
146  return Group_Params::FFDHE_4096;
147  if(group_name == "ffdhe/ietf/6144")
148  return Group_Params::FFDHE_6144;
149  if(group_name == "ffdhe/ietf/8192")
150  return Group_Params::FFDHE_8192;
151 
152  return Group_Params::NONE; // unknown
153  }
bool Botan::TLS::group_param_is_dh ( Group_Params  group)

Definition at line 118 of file tls_algos.cpp.

Referenced by Botan::TLS::Policy::default_dh_group(), Botan::TLS::Supported_Groups::dh_groups(), Botan::TLS::Supported_Groups::ec_groups(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

119  {
120  uint16_t group_id = static_cast<uint16_t>(group);
121  return (group_id >= 256 && group_id < 512);
122  }
std::string Botan::TLS::group_param_to_string ( Group_Params  group)

Definition at line 155 of file tls_algos.cpp.

References BRAINPOOL256R1, BRAINPOOL384R1, BRAINPOOL512R1, FFDHE_2048, FFDHE_3072, FFDHE_4096, FFDHE_6144, FFDHE_8192, SECP256R1, SECP384R1, SECP521R1, and X25519.

Referenced by Botan::TLS::Callbacks::tls_decode_group_param().

156  {
157  switch(group)
158  {
159  case Group_Params::SECP256R1:
160  return "secp256r1";
161  case Group_Params::SECP384R1:
162  return "secp384r1";
163  case Group_Params::SECP521R1:
164  return "secp521r1";
165  case Group_Params::BRAINPOOL256R1:
166  return "brainpool256r1";
167  case Group_Params::BRAINPOOL384R1:
168  return "brainpool384r1";
169  case Group_Params::BRAINPOOL512R1:
170  return "brainpool512r1";
171  case Group_Params::X25519:
172  return "x25519";
173 
174  case Group_Params::FFDHE_2048:
175  return "ffdhe/ietf/2048";
176  case Group_Params::FFDHE_3072:
177  return "ffdhe/ietf/3072";
178  case Group_Params::FFDHE_4096:
179  return "ffdhe/ietf/4096";
180  case Group_Params::FFDHE_6144:
181  return "ffdhe/ietf/6144";
182  case Group_Params::FFDHE_8192:
183  return "ffdhe/ietf/8192";
184 
185  default:
186  return "";
187  }
188  }
const char * Botan::TLS::handshake_type_to_string ( Handshake_Type  type)

Definition at line 24 of file tls_handshake_state.cpp.

References CERTIFICATE, CERTIFICATE_REQUEST, CERTIFICATE_STATUS, CERTIFICATE_URL, CERTIFICATE_VERIFY, CLIENT_HELLO, CLIENT_KEX, FINISHED, HANDSHAKE_CCS, HANDSHAKE_NONE, HELLO_REQUEST, HELLO_VERIFY_REQUEST, NEW_SESSION_TICKET, SERVER_HELLO, SERVER_HELLO_DONE, SERVER_KEX, Botan::ASN1::to_string(), and Botan::TLS::Alert::UNEXPECTED_MESSAGE.

Referenced by Botan::TLS::Handshake_State::confirm_transition_to(), and Botan::TLS::Handshake_Message::type_string().

25  {
26  switch(type)
27  {
28  case HELLO_VERIFY_REQUEST:
29  return "hello_verify_request";
30 
31  case HELLO_REQUEST:
32  return "hello_request";
33 
34  case CLIENT_HELLO:
35  return "client_hello";
36 
37  case SERVER_HELLO:
38  return "server_hello";
39 
40  case CERTIFICATE:
41  return "certificate";
42 
43  case CERTIFICATE_URL:
44  return "certificate_url";
45 
46  case CERTIFICATE_STATUS:
47  return "certificate_status";
48 
49  case SERVER_KEX:
50  return "server_key_exchange";
51 
52  case CERTIFICATE_REQUEST:
53  return "certificate_request";
54 
55  case SERVER_HELLO_DONE:
56  return "server_hello_done";
57 
58  case CERTIFICATE_VERIFY:
59  return "certificate_verify";
60 
61  case CLIENT_KEX:
62  return "client_key_exchange";
63 
64  case NEW_SESSION_TICKET:
65  return "new_session_ticket";
66 
67  case HANDSHAKE_CCS:
68  return "change_cipher_spec";
69 
70  case FINISHED:
71  return "finished";
72 
73  case HANDSHAKE_NONE:
74  return "invalid";
75  }
76 
77  throw TLS_Exception(Alert::UNEXPECTED_MESSAGE,
78  "Unknown TLS handshake message type " + std::to_string(type));
79  }
Botan::ASN1::to_string
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:213
type
MechanismType type
Definition: p11_mechanism.cpp:44
std::string BOTAN_UNSTABLE_API Botan::TLS::hash_function_of_scheme ( Signature_Scheme  scheme)

Definition at line 191 of file tls_algos.cpp.

References DSA_SHA1, DSA_SHA256, DSA_SHA384, DSA_SHA512, ECDSA_SHA1, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, EDDSA_25519, EDDSA_448, NONE, RSA_PKCS1_SHA1, RSA_PKCS1_SHA256, RSA_PKCS1_SHA384, RSA_PKCS1_SHA512, RSA_PSS_SHA256, RSA_PSS_SHA384, and RSA_PSS_SHA512.

Referenced by Botan::TLS::Policy::allowed_signature_schemes(), Botan::TLS::Handshake_State::choose_sig_format(), and Botan::TLS::Handshake_State::parse_sig_format().

192  {
193  switch(scheme)
194  {
195  case Signature_Scheme::DSA_SHA1:
196  case Signature_Scheme::ECDSA_SHA1:
197  case Signature_Scheme::RSA_PKCS1_SHA1:
198  return "SHA-1";
199 
200  case Signature_Scheme::DSA_SHA256:
201  case Signature_Scheme::ECDSA_SHA256:
202  case Signature_Scheme::RSA_PKCS1_SHA256:
203  case Signature_Scheme::RSA_PSS_SHA256:
204  return "SHA-256";
205 
206  case Signature_Scheme::DSA_SHA384:
207  case Signature_Scheme::ECDSA_SHA384:
208  case Signature_Scheme::RSA_PKCS1_SHA384:
209  case Signature_Scheme::RSA_PSS_SHA384:
210  return "SHA-384";
211 
212  case Signature_Scheme::DSA_SHA512:
213  case Signature_Scheme::ECDSA_SHA512:
214  case Signature_Scheme::RSA_PKCS1_SHA512:
215  case Signature_Scheme::RSA_PSS_SHA512:
216  return "SHA-512";
217 
218  case Signature_Scheme::EDDSA_25519:
219  case Signature_Scheme::EDDSA_448:
220  return "Pure";
221 
222  case Signature_Scheme::NONE:
223  return "";
224  }
225 
226  throw Invalid_State("hash_function_of_scheme: Unknown signature algorithm enum");
227  }
std::string BOTAN_DLL Botan::TLS::kdf_algo_to_string ( KDF_Algo  algo)

Definition at line 14 of file tls_algos.cpp.

References SHA_1, SHA_256, and SHA_384.

Referenced by Botan::TLS::Ciphersuite::prf_algo().

15  {
16  switch(algo)
17  {
18  case KDF_Algo::SHA_1:
19  return "SHA-1";
20  case KDF_Algo::SHA_256:
21  return "SHA-256";
22  case KDF_Algo::SHA_384:
23  return "SHA-384";
24  }
25 
26  throw Invalid_State("kdf_algo_to_string unknown enum value");
27  }
Botan::SHA_1
SHA_160 SHA_1
Definition: sha160.h:71
Kex_Algo BOTAN_TEST_API Botan::TLS::kex_method_from_string ( const std::string &  str)

Definition at line 54 of file tls_algos.cpp.

References CECPQ1, DH, DHE_PSK, ECDH, ECDHE_PSK, PSK, SRP_SHA, and STATIC_RSA.

55  {
56  if(str == "RSA")
57  return Kex_Algo::STATIC_RSA;
58 
59  if(str == "DH")
60  return Kex_Algo::DH;
61 
62  if(str == "ECDH")
63  return Kex_Algo::ECDH;
64 
65  if(str == "CECPQ1")
66  return Kex_Algo::CECPQ1;
67 
68  if(str == "SRP_SHA")
69  return Kex_Algo::SRP_SHA;
70 
71  if(str == "PSK")
72  return Kex_Algo::PSK;
73 
74  if(str == "DHE_PSK")
75  return Kex_Algo::DHE_PSK;
76 
77  if(str == "ECDHE_PSK")
78  return Kex_Algo::ECDHE_PSK;
79 
80  throw Invalid_Argument("Unknown kex method " + str);
81  }
std::string BOTAN_TEST_API Botan::TLS::kex_method_to_string ( Kex_Algo  method)

Definition at line 29 of file tls_algos.cpp.

References CECPQ1, DH, DHE_PSK, ECDH, ECDHE_PSK, PSK, SRP_SHA, and STATIC_RSA.

Referenced by Botan::TLS::Ciphersuite::kex_algo(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

30  {
31  switch(method)
32  {
33  case Kex_Algo::STATIC_RSA:
34  return "RSA";
35  case Kex_Algo::DH:
36  return "DH";
37  case Kex_Algo::ECDH:
38  return "ECDH";
39  case Kex_Algo::CECPQ1:
40  return "CECPQ1";
41  case Kex_Algo::SRP_SHA:
42  return "SRP_SHA";
43  case Kex_Algo::PSK:
44  return "PSK";
45  case Kex_Algo::DHE_PSK:
46  return "DHE_PSK";
47  case Kex_Algo::ECDHE_PSK:
48  return "ECDHE_PSK";
49  }
50 
51  throw Invalid_State("kex_method_to_string unknown enum value");
52  }
bool Botan::TLS::key_exchange_is_psk ( Kex_Algo  m)
inline

Definition at line 160 of file tls_algos.h.

References DHE_PSK, ECDHE_PSK, and PSK.

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange().

161  {
162  return (m == Kex_Algo::PSK ||
163  m == Kex_Algo::DHE_PSK ||
164  m == Kex_Algo::ECDHE_PSK);
165  }
boost::system::error_code Botan::TLS::make_error_code ( Botan::TLS::Alert::Type  c)
inline

Definition at line 47 of file asio_error.h.

References botan_alert_category().

48  {
49  return boost::system::error_code(static_cast<int>(c), Botan::TLS::botan_alert_category());
50  }
Botan::TLS::botan_alert_category
const BotanAlertCategory & botan_alert_category() noexcept
Definition: asio_error.h:41
std::vector< uint8_t > Botan::TLS::make_hello_random ( RandomNumberGenerator rng,
const Policy policy 
)

Definition at line 33 of file msg_client_hello.cpp.

References Botan::HashFunction::create_or_throw(), Botan::TLS::Policy::include_time_in_hello_random(), Botan::RandomNumberGenerator::randomize(), and Botan::store_be().

35  {
36  std::vector<uint8_t> buf(32);
37  rng.randomize(buf.data(), buf.size());
38 
39  std::unique_ptr<HashFunction> sha256 = HashFunction::create_or_throw("SHA-256");
40  sha256->update(buf);
41  sha256->final(buf);
42 
43  if(policy.include_time_in_hello_random())
44  {
45  const uint32_t time32 = static_cast<uint32_t>(
46  std::chrono::system_clock::to_time_t(std::chrono::system_clock::now()));
47 
48  store_be(time32, buf.data());
49  }
50 
51  return buf;
52  }
Botan::store_be
void store_be(uint16_t in, uint8_t out[2])
Definition: loadstor.h:438
bool Botan::TLS::operator!= ( const Server_Information a,
const Server_Information b 
)
inline

Definition at line 84 of file tls_server_info.h.

85  {
86  return !(a == b);
87  }
bool Botan::TLS::operator< ( const Server_Information a,
const Server_Information b 
)
inline

Definition at line 89 of file tls_server_info.h.

References Botan::TLS::Server_Information::hostname(), Botan::TLS::Server_Information::port(), and Botan::TLS::Server_Information::service().

90  {
91  if(a.hostname() != b.hostname())
92  return (a.hostname() < b.hostname());
93  if(a.service() != b.service())
94  return (a.service() < b.service());
95  if(a.port() != b.port())
96  return (a.port() < b.port());
97  return false; // equal
98  }
bool Botan::TLS::operator== ( const Server_Information a,
const Server_Information b 
)
inline

Definition at line 76 of file tls_server_info.h.

References Botan::TLS::Server_Information::hostname(), Botan::TLS::Server_Information::port(), and Botan::TLS::Server_Information::service().

77  {
78  return (a.hostname() == b.hostname()) &&
79  (a.service() == b.service()) &&
80  (a.port() == b.port());
81 
82  }
std::string BOTAN_UNSTABLE_API Botan::TLS::padding_string_for_scheme ( Signature_Scheme  scheme)

Definition at line 379 of file tls_algos.cpp.

References DSA_SHA1, DSA_SHA256, DSA_SHA384, DSA_SHA512, ECDSA_SHA1, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, EDDSA_25519, EDDSA_448, NONE, RSA_PKCS1_SHA1, RSA_PKCS1_SHA256, RSA_PKCS1_SHA384, RSA_PKCS1_SHA512, RSA_PSS_SHA256, RSA_PSS_SHA384, and RSA_PSS_SHA512.

Referenced by Botan::TLS::Handshake_State::choose_sig_format(), and Botan::TLS::Handshake_State::parse_sig_format().

380  {
381  switch(scheme)
382  {
383  case Signature_Scheme::RSA_PKCS1_SHA1:
384  return "EMSA_PKCS1(SHA-1)";
385  case Signature_Scheme::RSA_PKCS1_SHA256:
386  return "EMSA_PKCS1(SHA-256)";
387  case Signature_Scheme::RSA_PKCS1_SHA384:
388  return "EMSA_PKCS1(SHA-384)";
389  case Signature_Scheme::RSA_PKCS1_SHA512:
390  return "EMSA_PKCS1(SHA-512)";
391 
392  case Signature_Scheme::DSA_SHA1:
393  case Signature_Scheme::ECDSA_SHA1:
394  return "EMSA1(SHA-1)";
395  case Signature_Scheme::DSA_SHA256:
396  case Signature_Scheme::ECDSA_SHA256:
397  return "EMSA1(SHA-256)";
398  case Signature_Scheme::DSA_SHA384:
399  case Signature_Scheme::ECDSA_SHA384:
400  return "EMSA1(SHA-384)";
401  case Signature_Scheme::DSA_SHA512:
402  case Signature_Scheme::ECDSA_SHA512:
403  return "EMSA1(SHA-512)";
404 
405  case Signature_Scheme::RSA_PSS_SHA256:
406  return "PSSR(SHA-256,MGF1,32)";
407  case Signature_Scheme::RSA_PSS_SHA384:
408  return "PSSR(SHA-384,MGF1,48)";
409  case Signature_Scheme::RSA_PSS_SHA512:
410  return "PSSR(SHA-512,MGF1,64)";
411 
412  case Signature_Scheme::EDDSA_25519:
413  return "Pure";
414  case Signature_Scheme::EDDSA_448:
415  return "Pure";
416 
417  case Signature_Scheme::NONE:
418  return "";
419  }
420 
421  throw Invalid_State("padding_string_for_scheme: Unknown signature algorithm enum");
422  }
Record_Header Botan::TLS::read_record ( bool  is_datagram,
secure_vector< uint8_t > &  read_buffer,
const uint8_t  input[],
size_t  input_len,
size_t &  consumed,
secure_vector< uint8_t > &  record_buf,
Connection_Sequence_Numbers sequence_numbers,
get_cipherstate_fn  get_cipherstate,
bool  allow_epoch0_restart 
)

Decode a TLS record

Returns
zero if full message, else number of bytes still needed

Definition at line 497 of file tls_record.cpp.

Referenced by Botan::TLS::Channel::received_data().

506  {
507  if(is_datagram)
508  return read_dtls_record(readbuf, input, input_len, consumed,
509  recbuf, sequence_numbers, get_cipherstate, allow_epoch0_restart);
510  else
511  return read_tls_record(readbuf, input, input_len, consumed,
512  recbuf, sequence_numbers, get_cipherstate);
513  }
std::string BOTAN_UNSTABLE_API Botan::TLS::sig_scheme_to_string ( Signature_Scheme  scheme)

Definition at line 329 of file tls_algos.cpp.

References DSA_SHA1, DSA_SHA256, DSA_SHA384, DSA_SHA512, ECDSA_SHA1, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, EDDSA_25519, EDDSA_448, NONE, RSA_PKCS1_SHA1, RSA_PKCS1_SHA256, RSA_PKCS1_SHA384, RSA_PKCS1_SHA512, RSA_PSS_SHA256, RSA_PSS_SHA384, and RSA_PSS_SHA512.

330  {
331  switch(scheme)
332  {
333  case Signature_Scheme::RSA_PKCS1_SHA1:
334  return "RSA_PKCS1_SHA1";
335  case Signature_Scheme::RSA_PKCS1_SHA256:
336  return "RSA_PKCS1_SHA256";
337  case Signature_Scheme::RSA_PKCS1_SHA384:
338  return "RSA_PKCS1_SHA384";
339  case Signature_Scheme::RSA_PKCS1_SHA512:
340  return "RSA_PKCS1_SHA512";
341 
342  case Signature_Scheme::DSA_SHA1:
343  return "DSA_SHA1";
344  case Signature_Scheme::DSA_SHA256:
345  return "DSA_SHA256";
346  case Signature_Scheme::DSA_SHA384:
347  return "DSA_SHA384";
348  case Signature_Scheme::DSA_SHA512:
349  return "DSA_SHA512";
350 
351  case Signature_Scheme::ECDSA_SHA1:
352  return "ECDSA_SHA1";
353  case Signature_Scheme::ECDSA_SHA256:
354  return "ECDSA_SHA256";
355  case Signature_Scheme::ECDSA_SHA384:
356  return "ECDSA_SHA384";
357  case Signature_Scheme::ECDSA_SHA512:
358  return "ECDSA_SHA512";
359 
360  case Signature_Scheme::RSA_PSS_SHA256:
361  return "RSA_PSS_SHA256";
362  case Signature_Scheme::RSA_PSS_SHA384:
363  return "RSA_PSS_SHA384";
364  case Signature_Scheme::RSA_PSS_SHA512:
365  return "RSA_PSS_SHA512";
366 
367  case Signature_Scheme::EDDSA_25519:
368  return "EDDSA_25519";
369  case Signature_Scheme::EDDSA_448:
370  return "EDDSA_448";
371 
372  case Signature_Scheme::NONE:
373  return "";
374  }
375 
376  throw Invalid_State("sig_scheme_to_string: Unknown signature algorithm enum");
377  }
std::string Botan::TLS::signature_algorithm_of_scheme ( Signature_Scheme  scheme)

Definition at line 291 of file tls_algos.cpp.

References DSA_SHA1, DSA_SHA256, DSA_SHA384, DSA_SHA512, ECDSA_SHA1, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, EDDSA_25519, EDDSA_448, NONE, RSA_PKCS1_SHA1, RSA_PKCS1_SHA256, RSA_PKCS1_SHA384, RSA_PKCS1_SHA512, RSA_PSS_SHA256, RSA_PSS_SHA384, and RSA_PSS_SHA512.

Referenced by Botan::TLS::Policy::allowed_signature_schemes(), Botan::TLS::Handshake_State::choose_sig_format(), and Botan::TLS::Handshake_State::parse_sig_format().

292  {
293  switch(scheme)
294  {
295  case Signature_Scheme::RSA_PKCS1_SHA1:
296  case Signature_Scheme::RSA_PKCS1_SHA256:
297  case Signature_Scheme::RSA_PKCS1_SHA384:
298  case Signature_Scheme::RSA_PKCS1_SHA512:
299  case Signature_Scheme::RSA_PSS_SHA256:
300  case Signature_Scheme::RSA_PSS_SHA384:
301  case Signature_Scheme::RSA_PSS_SHA512:
302  return "RSA";
303 
304  case Signature_Scheme::DSA_SHA1:
305  case Signature_Scheme::DSA_SHA256:
306  case Signature_Scheme::DSA_SHA384:
307  case Signature_Scheme::DSA_SHA512:
308  return "DSA";
309 
310  case Signature_Scheme::ECDSA_SHA1:
311  case Signature_Scheme::ECDSA_SHA256:
312  case Signature_Scheme::ECDSA_SHA384:
313  case Signature_Scheme::ECDSA_SHA512:
314  return "ECDSA";
315 
316  case Signature_Scheme::EDDSA_25519:
317  return "Ed25519";
318 
319  case Signature_Scheme::EDDSA_448:
320  return "Ed448";
321 
322  case Signature_Scheme::NONE:
323  return "";
324  }
325 
326  throw Invalid_State("signature_algorithm_of_scheme: Unknown signature algorithm enum");
327  }
bool BOTAN_UNSTABLE_API Botan::TLS::signature_scheme_is_known ( Signature_Scheme  scheme)

Definition at line 262 of file tls_algos.cpp.

References DSA_SHA1, DSA_SHA256, DSA_SHA384, DSA_SHA512, ECDSA_SHA1, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, RSA_PKCS1_SHA1, RSA_PKCS1_SHA256, RSA_PKCS1_SHA384, RSA_PKCS1_SHA512, RSA_PSS_SHA256, RSA_PSS_SHA384, and RSA_PSS_SHA512.

Referenced by Botan::TLS::Policy::allowed_signature_schemes(), Botan::TLS::Handshake_State::choose_sig_format(), and Botan::TLS::Handshake_State::parse_sig_format().

263  {
264  switch(scheme)
265  {
266  case Signature_Scheme::RSA_PKCS1_SHA1:
267  case Signature_Scheme::RSA_PKCS1_SHA256:
268  case Signature_Scheme::RSA_PKCS1_SHA384:
269  case Signature_Scheme::RSA_PKCS1_SHA512:
270  case Signature_Scheme::RSA_PSS_SHA256:
271  case Signature_Scheme::RSA_PSS_SHA384:
272  case Signature_Scheme::RSA_PSS_SHA512:
273 
274  case Signature_Scheme::DSA_SHA1:
275  case Signature_Scheme::DSA_SHA256:
276  case Signature_Scheme::DSA_SHA384:
277  case Signature_Scheme::DSA_SHA512:
278 
279  case Signature_Scheme::ECDSA_SHA1:
280  case Signature_Scheme::ECDSA_SHA256:
281  case Signature_Scheme::ECDSA_SHA384:
282  case Signature_Scheme::ECDSA_SHA512:
283  return true;
284 
285  default:
286  return false;
287  }
288 
289  }
void Botan::TLS::write_record ( secure_vector< uint8_t > &  write_buffer,
uint8_t  record_type,
Protocol_Version  record_version,
uint64_t  record_sequence,
const uint8_t *  message,
size_t  message_len,
Connection_Cipher_State cipherstate,
RandomNumberGenerator rng 
)

Create a TLS record

Parameters
write_bufferthe output record is placed here
record_typethe record layer type
record_versionthe record layer version
record_sequencethe record layer sequence number
messagethe record contents
message_lenis size of message
cipherstateis the writing cipher state
rngis a random number generator

Definition at line 192 of file tls_record.cpp.

References Botan::TLS::Connection_Cipher_State::aead(), Botan::TLS::Connection_Cipher_State::aead_nonce(), BOTAN_ASSERT, CBC_MODE, Botan::Cipher_Mode::finish(), Botan::TLS::Connection_Cipher_State::format_ad(), Botan::get_byte(), Botan::TLS::Protocol_Version::is_datagram_protocol(), Botan::TLS::Protocol_Version::major_version(), MAX_CIPHERTEXT_SIZE, Botan::TLS::Protocol_Version::minor_version(), Botan::TLS::Connection_Cipher_State::nonce_bytes_from_handshake(), Botan::TLS::Connection_Cipher_State::nonce_bytes_from_record(), Botan::TLS::Connection_Cipher_State::nonce_format(), Botan::Cipher_Mode::output_length(), Botan::AEAD_Mode::set_ad(), and Botan::Cipher_Mode::start().

200  {
201  output.clear();
202 
203  output.push_back(record_type);
204  output.push_back(version.major_version());
205  output.push_back(version.minor_version());
206 
207  if(version.is_datagram_protocol())
208  {
209  for(size_t i = 0; i != 8; ++i)
210  output.push_back(get_byte(i, record_sequence));
211  }
212 
213  if(!cs) // initial unencrypted handshake records
214  {
215  append_u16_len(output, message_len);
216  output.insert(output.end(), message, message + message_len);
217  return;
218  }
219 
220  AEAD_Mode& aead = cs->aead();
221  std::vector<uint8_t> aad = cs->format_ad(record_sequence, record_type, version, static_cast<uint16_t>(message_len));
222 
223  const size_t ctext_size = aead.output_length(message_len);
224 
225  const size_t rec_size = ctext_size + cs->nonce_bytes_from_record();
226 
227  aead.set_ad(aad);
228 
229  const std::vector<uint8_t> nonce = cs->aead_nonce(record_sequence, rng);
230 
231  append_u16_len(output, rec_size);
232 
233  if(cs->nonce_bytes_from_record() > 0)
234  {
235  if(cs->nonce_format() == Nonce_Format::CBC_MODE)
236  output += nonce;
237  else
238  output += std::make_pair(&nonce[cs->nonce_bytes_from_handshake()], cs->nonce_bytes_from_record());
239  }
240 
241  const size_t header_size = output.size();
242  output += std::make_pair(message, message_len);
243 
244  aead.start(nonce);
245  aead.finish(output, header_size);
246 
247  BOTAN_ASSERT(output.size() < MAX_CIPHERTEXT_SIZE,
248  "Produced ciphertext larger than protocol allows");
249  }
Botan::get_byte
constexpr uint8_t get_byte(size_t byte_num, T input)
Definition: loadstor.h:41
BOTAN_ASSERT
#define BOTAN_ASSERT(expr, assertion_made)
Definition: assert.h:55
Generated on Mon Jan 13 2020 21:02:56 for Botan by   doxygen 1.8.9.1