9#include <botan/tls_extensions.h>
10#include <botan/internal/tls_reader.h>
11#include <botan/tls_exceptn.h>
12#include <botan/tls_policy.h>
25 return new Server_Name_Indicator(reader, size);
27#if defined(BOTAN_HAS_SRP6)
29 return new SRP_Identifier(reader, size);
33 return new Supported_Groups(reader, size);
36 return new Certificate_Status_Request(reader, size, from);
39 return new Supported_Point_Formats(reader, size);
42 return new Renegotiation_Extension(reader, size);
45 return new Signature_Algorithms(reader, size);
48 return new SRTP_Protection_Profiles(reader, size);
51 return new Application_Layer_Protocol_Notification(reader, size);
54 return new Extended_Master_Secret(reader, size);
57 return new Encrypt_then_MAC(reader, size);
60 return new Session_Ticket(reader, size);
63 return new Supported_Versions(reader, size, from);
88 if(m_extensions.find(
type) != m_extensions.end())
90 "Peer sent duplicated extensions");
93 reader, extension_code, extension_size, from);
102 std::vector<uint8_t> buf(2);
104 for(
auto& extn : m_extensions)
106 if(extn.second->empty())
109 const uint16_t extn_code =
static_cast<uint16_t
>(extn.second->type());
111 const std::vector<uint8_t> extn_val = extn.second->serialize(whoami);
113 buf.push_back(
get_byte(0, extn_code));
114 buf.push_back(
get_byte(1, extn_code));
116 buf.push_back(
get_byte(0,
static_cast<uint16_t
>(extn_val.size())));
117 buf.push_back(
get_byte(1,
static_cast<uint16_t
>(extn_val.size())));
122 const uint16_t extn_size =
static_cast<uint16_t
>(buf.size() - 2);
129 return std::vector<uint8_t>();
136 auto i = m_extensions.find(typ);
137 if(i == m_extensions.end())
139 m_extensions.erase(i);
145 std::set<Handshake_Extension_Type> offers;
146 for(
auto i = m_extensions.begin(); i != m_extensions.end(); ++i)
147 offers.insert(i->first);
153 uint16_t extension_size) :
155 m_value(reader.get_fixed<uint8_t>(extension_size))
161 throw Invalid_State(
"Cannot encode an unknown TLS extension");
165 uint16_t extension_size)
170 if(extension_size == 0)
175 if(name_bytes + 2 != extension_size)
180 uint8_t name_type = reader.
get_byte();
185 m_sni_host_name = reader.
get_string(2, 1, 65535);
186 name_bytes -=
static_cast<uint16_t
>(2 + m_sni_host_name.size());
198 std::vector<uint8_t> buf;
200 size_t name_len = m_sni_host_name.size();
202 buf.push_back(
get_byte(0,
static_cast<uint16_t
>(name_len+3)));
203 buf.push_back(
get_byte(1,
static_cast<uint16_t
>(name_len+3)));
206 buf.push_back(
get_byte(0,
static_cast<uint16_t
>(name_len)));
207 buf.push_back(
get_byte(1,
static_cast<uint16_t
>(name_len)));
209 buf += std::make_pair(
211 m_sni_host_name.size());
216#if defined(BOTAN_HAS_SRP6)
219 uint16_t extension_size) : m_srp_identifier(reader.get_string(1, 1, 255))
221 if(m_srp_identifier.size() + 1 != extension_size)
222 throw Decoding_Error(
"Bad encoding for SRP identifier extension");
227 std::vector<uint8_t> buf;
238 uint16_t extension_size) : m_reneg_data(reader.get_range<uint8_t>(1, 0, 255))
240 if(m_reneg_data.size() + 1 != extension_size)
241 throw Decoding_Error(
"Bad encoding for secure renegotiation extn");
246 std::vector<uint8_t> buf;
252 uint16_t extension_size)
254 if(extension_size == 0)
259 size_t bytes_remaining = extension_size - 2;
261 if(name_bytes != bytes_remaining)
262 throw Decoding_Error(
"Bad encoding of ALPN extension, bad length field");
264 while(bytes_remaining)
266 const std::string p = reader.
get_string(1, 0, 255);
268 if(bytes_remaining < p.size() + 1)
269 throw Decoding_Error(
"Bad encoding of ALPN, length field too long");
274 bytes_remaining -= (p.size() + 1);
276 m_protocols.push_back(p);
282 if(m_protocols.size() != 1)
284 "Server sent " + std::to_string(m_protocols.size()) +
285 " protocols in ALPN extension response");
286 return m_protocols[0];
291 std::vector<uint8_t> buf(2);
293 for(
auto&& p: m_protocols)
295 if(p.length() >= 256)
304 buf[0] =
get_byte(0,
static_cast<uint16_t
>(buf.size()-2));
305 buf[1] =
get_byte(1,
static_cast<uint16_t
>(buf.size()-2));
316 std::vector<Group_Params> ec;
317 for(
auto g : m_groups)
327 std::vector<Group_Params> dh;
328 for(
auto g : m_groups)
338 std::vector<uint8_t> buf(2);
340 for(
auto g : m_groups)
342 const uint16_t
id =
static_cast<uint16_t
>(g);
351 buf[0] =
get_byte(0,
static_cast<uint16_t
>(buf.size()-2));
352 buf[1] =
get_byte(1,
static_cast<uint16_t
>(buf.size()-2));
358 uint16_t extension_size)
362 if(len + 2 != extension_size)
363 throw Decoding_Error(
"Inconsistent length field in supported groups list");
368 const size_t elems = len / 2;
370 for(
size_t i = 0; i != elems; ++i)
380 if(m_prefers_compressed)
391 uint16_t extension_size)
395 if(len + 1 != extension_size)
396 throw Decoding_Error(
"Inconsistent length field in supported point formats list");
398 for(
size_t i = 0; i != len; ++i)
404 m_prefers_compressed =
false;
410 m_prefers_compressed =
true;
421 BOTAN_ASSERT(m_schemes.size() < 256,
"Too many signature schemes");
423 std::vector<uint8_t> buf;
425 const uint16_t len =
static_cast<uint16_t
>(m_schemes.size() * 2);
432 const uint16_t scheme_code =
static_cast<uint16_t
>(scheme);
434 buf.push_back(
get_byte(0, scheme_code));
435 buf.push_back(
get_byte(1, scheme_code));
442 uint16_t extension_size)
446 if(len + 2 != extension_size || len % 2 == 1 || len == 0)
448 throw Decoding_Error(
"Bad encoding on signature algorithms extension");
460 uint16_t extension_size) : m_ticket(reader.get_elem<uint8_t,
std::vector<uint8_t>>(extension_size))
464 uint16_t extension_size) : m_pp(reader.get_range<uint16_t>(2, 0, 65535))
466 const std::vector<uint8_t> mki = reader.
get_range<uint8_t>(1, 0, 255);
468 if(m_pp.size() * 2 + mki.size() + 3 != extension_size)
469 throw Decoding_Error(
"Bad encoding for SRTP protection extension");
472 throw Decoding_Error(
"Unhandled non-empty MKI for SRTP protection extension");
477 std::vector<uint8_t> buf;
479 const uint16_t pp_len =
static_cast<uint16_t
>(m_pp.size() * 2);
483 for(uint16_t pp : m_pp)
495 uint16_t extension_size)
497 if(extension_size != 0)
503 return std::vector<uint8_t>();
507 uint16_t extension_size)
509 if(extension_size != 0)
515 return std::vector<uint8_t>();
520 std::vector<uint8_t> buf;
545 uint16_t extension_size,
550 if(extension_size != 0)
551 throw Decoding_Error(
"Server sent non-empty Certificate_Status_Request extension");
553 else if(extension_size > 0)
559 m_ocsp_names = reader.
get_fixed<uint8_t>(len_resp_id_list);
561 m_extension_bytes = reader.
get_fixed<uint8_t>(len_requ_ext);
571 const std::vector<std::vector<uint8_t>>& ocsp_key_ids) :
572 m_ocsp_names(ocsp_responder_ids),
573 m_ocsp_keys(ocsp_key_ids)
579 std::vector<uint8_t> buf;
584 buf.push_back(m_versions[0].major_version());
585 buf.push_back(m_versions[0].minor_version());
590 const uint8_t len =
static_cast<uint8_t
>(m_versions.size() * 2);
596 buf.push_back(
get_byte(0, version.major_version()));
597 buf.push_back(
get_byte(1, version.minor_version()));
610#if defined(BOTAN_HAS_TLS_V10)
619#if defined(BOTAN_HAS_TLS_V10)
629 uint16_t extension_size,
634 if(extension_size != 2)
635 throw Decoding_Error(
"Server sent invalid supported_versions extension");
645 if(extension_size != 1+2*
versions.size())
646 throw Decoding_Error(
"Client sent invalid supported_versions extension");
652 for(
auto v : m_versions)
#define BOTAN_ASSERT_NOMSG(expr)
#define BOTAN_ASSERT(expr, assertion_made)
Application_Layer_Protocol_Notification(const std::string &protocol)
const std::string & single_protocol() const
std::vector< uint8_t > serialize(Connection_Side whoami) const override
Handshake_Extension_Type type() const override
Certificate_Status_Request()
std::vector< uint8_t > serialize(Connection_Side whoami) const override
Encrypt_then_MAC()=default
std::vector< uint8_t > serialize(Connection_Side whoami) const override
std::vector< uint8_t > serialize(Connection_Side whoami) const override
Extended_Master_Secret()=default
void add(Extension *extn)
std::vector< uint8_t > serialize(Connection_Side whoami) const
bool remove_extension(Handshake_Extension_Type typ)
std::set< Handshake_Extension_Type > extension_types() const
void deserialize(TLS_Data_Reader &reader, Connection_Side from)
virtual bool allow_tls12() const
virtual bool allow_dtls10() const
virtual bool allow_tls10() const
virtual bool allow_tls11() const
virtual bool allow_dtls12() const
bool is_datagram_protocol() const
std::vector< uint8_t > serialize(Connection_Side whoami) const override
Renegotiation_Extension()=default
SRTP_Protection_Profiles(const std::vector< uint16_t > &pp)
std::vector< uint8_t > serialize(Connection_Side whoami) const override
std::vector< uint8_t > serialize(Connection_Side whoami) const override
Server_Name_Indicator(const std::string &host_name)
Signature_Algorithms(const std::vector< Signature_Scheme > &schemes)
std::vector< uint8_t > serialize(Connection_Side whoami) const override
Supported_Groups(const std::vector< Group_Params > &groups)
std::vector< Group_Params > ec_groups() const
std::vector< uint8_t > serialize(Connection_Side whoami) const override
std::vector< Group_Params > dh_groups() const
bool supports(Protocol_Version version) const
Supported_Versions(Protocol_Version version, const Policy &policy)
const std::vector< Protocol_Version > versions() const
std::vector< uint8_t > serialize(Connection_Side whoami) const override
std::string get_string(size_t len_bytes, size_t min_bytes, size_t max_bytes)
bool has_remaining() const
void discard_next(size_t bytes)
std::vector< T > get_range(size_t len_bytes, size_t min_elems, size_t max_elems)
size_t remaining_bytes() const
std::vector< T > get_fixed(size_t size)
std::vector< uint8_t > serialize(Connection_Side whoami) const override
Unknown_Extension(Handshake_Extension_Type type, TLS_Data_Reader &reader, uint16_t extension_size)
void append_tls_length_value(std::vector< uint8_t, Alloc > &buf, const T *vals, size_t vals_size, size_t tag_size)
@ TLSEXT_ENCRYPT_THEN_MAC
@ TLSEXT_SIGNATURE_ALGORITHMS
@ TLSEXT_SUPPORTED_VERSIONS
@ TLSEXT_CERT_STATUS_REQUEST
@ TLSEXT_SERVER_NAME_INDICATION
@ TLSEXT_SAFE_RENEGOTIATION
@ TLSEXT_SUPPORTED_GROUPS
@ TLSEXT_EXTENDED_MASTER_SECRET
@ TLSEXT_EC_POINT_FORMATS
bool group_param_is_dh(Group_Params group)
constexpr uint8_t get_byte(size_t byte_num, T input)
const uint8_t * cast_char_ptr_to_uint8(const char *s)