8 #include <botan/tls_client.h> 9 #include <botan/internal/tls_alerts.h> 10 #include <botan/internal/tls_state.h> 11 #include <botan/loadstor.h> 12 #include <botan/rsa.h> 13 #include <botan/dsa.h> 24 void client_check_state(
Handshake_Type new_msg, Handshake_State* state)
26 class State_Transition_Error :
public Unexpected_Message
29 State_Transition_Error(
const std::string& err) :
30 Unexpected_Message(
"State transition error from " + err) {}
35 if(state->client_hello)
36 throw State_Transition_Error(
"HelloRequest");
40 if(!state->client_hello || state->server_hello)
41 throw State_Transition_Error(
"ServerHello");
45 if(!state->server_hello || state->server_kex ||
46 state->cert_req || state->server_hello_done)
47 throw State_Transition_Error(
"ServerCertificate");
51 if(!state->server_hello || state->server_kex ||
52 state->cert_req || state->server_hello_done)
53 throw State_Transition_Error(
"ServerKeyExchange");
57 if(!state->server_certs || state->cert_req || state->server_hello_done)
58 throw State_Transition_Error(
"CertificateRequest");
62 if(!state->server_hello || state->server_hello_done)
63 throw State_Transition_Error(
"ServerHelloDone");
67 if(!state->client_finished || state->server_finished)
68 throw State_Transition_Error(
"ServerChangeCipherSpec");
72 if(!state->got_server_ccs)
73 throw State_Transition_Error(
"ServerFinished");
76 throw Unexpected_Message(
"Unexpected message in handshake");
85 std::tr1::function<
void (
const byte[],
size_t)> output_fn,
99 certs.push_back(std::make_pair(cert, cert_key));
108 for(
size_t i = 0; i != certs.size(); i++)
109 delete certs[i].second;
116 void TLS_Client::initialize()
118 std::string error_str;
129 error_str = e.what();
130 error_type = e.
type();
132 catch(std::exception& e)
134 error_str = e.what();
174 "TLS_Client::write called while closed");
189 while(read_buf.
size() == 0)
196 size_t got = std::min<size_t>(read_buf.
size(), length);
197 read_buf.
read(out, got);
227 writer.
alert(level, alert_code);
239 void TLS_Client::state_machine()
244 size_t bytes_needed = reader.
get_record(rec_type, record);
248 size_t to_get = std::min<size_t>(record.
size(), bytes_needed);
249 size_t got = input_fn(&record[0], to_get);
259 bytes_needed = reader.
get_record(rec_type, record);
271 read_buf.
write(&record[0], record.
size());
276 read_handshake(rec_type, record);
277 else if(rec_type ==
ALERT)
303 void TLS_Client::read_handshake(
byte rec_type,
311 state->queue.write(&rec_buf[0], rec_buf.
size());
321 if(state->queue.size() >= 4)
323 byte head[4] = { 0 };
324 state->queue.peek(head, 4);
326 const size_t length =
make_u32bit(0, head[1], head[2], head[3]);
328 if(state->queue.size() >= length + 4)
332 state->queue.read(head, 4);
333 state->queue.read(&contents[0], contents.
size());
339 if(state->queue.size() == 0 && rec_buf.
size() == 1 && rec_buf[0] == 1)
345 throw Decoding_Error(
"Unknown message type in handshake processing");
350 process_handshake_msg(type, contents);
371 state->hash.update(static_cast<byte>(type));
372 const size_t record_length = contents.
size();
373 for(
size_t i = 0; i != 3; i++)
374 state->hash.update(get_byte<u32bit>(i+1, record_length));
375 state->hash.update(contents);
380 client_check_state(type, state);
384 if(!state->client_hello->offered_suite(
385 state->server_hello->ciphersuite()
389 "TLS_Client: Server replied with bad ciphersuite");
391 state->version = state->server_hello->version();
393 if(state->version > state->client_hello->version())
395 "TLS_Client: Server replied with bad version");
399 "TLS_Client: Server is too old for specified policy");
404 state->suite =
CipherSuite(state->server_hello->ciphersuite());
408 client_check_state(type, state);
415 peer_certs = state->server_certs->cert_chain();
416 if(peer_certs.size() == 0)
418 "TLS_Client: No certificates sent by server");
422 "TLS_Client: Server certificate is not valid");
424 state->kex_pub = peer_certs[0].subject_public_key();
426 bool is_dsa =
false, is_rsa =
false;
428 if(dynamic_cast<DSA_PublicKey*>(state->kex_pub))
430 else if(dynamic_cast<RSA_PublicKey*>(state->kex_pub))
434 "Unknown key type received in server kex");
439 "Certificate key type did not match ciphersuite");
443 client_check_state(type, state);
451 delete state->kex_pub;
453 state->kex_pub = state->server_kex->key();
455 bool is_dh =
false, is_rsa =
false;
457 if(dynamic_cast<DH_PublicKey*>(state->kex_pub))
459 else if(dynamic_cast<RSA_PublicKey*>(state->kex_pub))
463 "Unknown key type received in server kex");
468 "Certificate key type did not match ciphersuite");
472 if(!state->server_kex->verify(peer_certs[0],
473 state->client_hello->random(),
474 state->server_hello->random()))
476 "Bad signature on server key exchange");
481 client_check_state(type, state);
484 state->do_client_auth =
true;
488 client_check_state(type, state);
492 if(state->do_client_auth)
494 std::vector<X509_Certificate> send_certs;
496 std::vector<Certificate_Type> types =
497 state->cert_req->acceptable_types();
500 state->client_certs =
new Certificate(writer, send_certs,
506 state->kex_pub, state->version,
507 state->client_hello->version());
509 if(state->do_client_auth)
517 state->keys =
SessionKeys(state->suite, state->version,
518 state->client_kex->pre_master_secret(),
519 state->client_hello->random(),
520 state->server_hello->random());
527 state->client_finished =
new Finished(writer, state->version,
CLIENT,
528 state->keys.master_secret(),
533 client_check_state(type, state);
536 state->got_server_ccs =
true;
540 client_check_state(type, state);
542 state->server_finished =
new Finished(contents);
544 if(!state->server_finished->verify(state->keys.master_secret(),
545 state->version, state->hash,
SERVER))
547 "Finished message didn't verify");
560 void TLS_Client::do_handshake()
570 if(!active && !state)
Client_Hello * client_hello
size_t get_record(byte &msg_type, MemoryRegion< byte > &buffer)
size_t read(byte[], size_t)
virtual bool check_cert(const std::vector< X509_Certificate > &cert_chain) const =0
void add_input(const byte input[], size_t input_size)
std::vector< X509_Certificate > peer_cert_chain() const
void set_version(Version_Code)
virtual Version_Code pref_version() const
void set_keys(const CipherSuite &, const SessionKeys &, Connection_Side)
void set_version(Version_Code version)
TLS_Client(std::tr1::function< size_t(byte[], size_t)> input_fn, std::tr1::function< void(const byte[], size_t)> output_fn, const TLS_Policy &policy, RandomNumberGenerator &rng)
void add_client_cert(const X509_Certificate &cert, Private_Key *cert_key)
virtual Version_Code min_version() const
size_t read(byte buf[], size_t buf_len)
void set_keys(const CipherSuite &suite, const SessionKeys &keys, Connection_Side side)
void write(const byte[], size_t)
void alert(Alert_Level, Alert_Type)
u32bit make_u32bit(byte i0, byte i1, byte i2, byte i3)
void write(const byte buf[], size_t buf_len)
void send(byte type, const byte input[], size_t length)