From 05e7e7c4e0679a50d4031bb76e3f46179f82d811 Mon Sep 17 00:00:00 2001 From: Hannes Rantzsch Date: Wed, 8 Dec 2021 13:46:30 +0100 Subject: [PATCH] TLS 1.2 refactoring and cleanup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: René Meusel --- src/lib/tls/info.txt | 1 + src/lib/tls/msg_cert_req.cpp | 10 +- src/lib/tls/msg_cert_req_impl.cpp | 2 - src/lib/tls/msg_cert_req_impl.h | 2 - src/lib/tls/msg_cert_verify.cpp | 10 +- src/lib/tls/msg_cert_verify_impl.cpp | 2 - src/lib/tls/msg_cert_verify_impl.h | 12 +- src/lib/tls/msg_certificate.cpp | 10 +- src/lib/tls/msg_certificate_impl.cpp | 4 - src/lib/tls/msg_certificate_impl.h | 4 +- src/lib/tls/msg_client_hello.cpp | 20 +-- src/lib/tls/msg_client_hello_impl.cpp | 40 +++--- src/lib/tls/msg_client_hello_impl.h | 40 +++--- src/lib/tls/msg_finished.cpp | 10 +- src/lib/tls/msg_finished_impl.cpp | 14 +- src/lib/tls/msg_finished_impl.h | 10 +- src/lib/tls/msg_server_hello.cpp | 19 +-- src/lib/tls/msg_server_hello_impl.cpp | 4 +- src/lib/tls/msg_server_hello_impl.h | 24 ++-- src/lib/tls/tls12/tls_channel_impl_12.cpp | 10 -- src/lib/tls/tls12/tls_channel_impl_12.h | 23 ---- src/lib/tls/tls12/tls_server_impl_12.cpp | 6 +- src/lib/tls/tls_channel.cpp | 2 - src/lib/tls/tls_channel.h | 13 +- src/lib/tls/tls_channel_impl.h | 18 +-- src/lib/tls/tls_client.cpp | 10 -- src/lib/tls/tls_client.h | 10 +- src/lib/tls/tls_message_factory.h | 95 ++++++-------- src/lib/tls/tls_messages.h | 152 +++++++++++----------- src/lib/tls/tls_mock_msg_impl_13.h | 94 +++++++------ src/lib/tls/tls_server.cpp | 10 -- src/lib/tls/tls_server.h | 10 +- 32 files changed, 288 insertions(+), 403 deletions(-) diff --git a/src/lib/tls/info.txt b/src/lib/tls/info.txt index 0457cac5046..b0b9269a509 100644 --- a/src/lib/tls/info.txt +++ b/src/lib/tls/info.txt @@ -59,5 +59,6 @@ rng rsa sha2_32 sha2_64 +tls12 x509 diff --git a/src/lib/tls/msg_cert_req.cpp b/src/lib/tls/msg_cert_req.cpp index 864fe4791d9..5c680883c8d 100644 --- a/src/lib/tls/msg_cert_req.cpp +++ b/src/lib/tls/msg_cert_req.cpp @@ -49,9 +49,7 @@ Certificate_Req::Certificate_Req(const Protocol_Version& protocol_version, Handshake_Hash& hash, const Policy& policy, const std::vector& ca_certs) : - m_impl( protocol_version == Protocol_Version::TLS_V13 - ? TLS_Message_Factory::create() - : TLS_Message_Factory::create(io, hash, policy, ca_certs)) + m_impl(Message_Factory::create(protocol_version, io, hash, policy, ca_certs)) { } @@ -59,12 +57,12 @@ Certificate_Req::Certificate_Req(const Protocol_Version& protocol_version, * Deserialize a Certificate Request message */ Certificate_Req::Certificate_Req(const Protocol_Version& protocol_version, const std::vector& buf) : - m_impl( protocol_version == Protocol_Version::TLS_V13 - ? TLS_Message_Factory::create() - : TLS_Message_Factory::create(buf)) + m_impl(Message_Factory::create(protocol_version, buf)) { } +// Needed for std::unique_ptr<> m_impl member, as *_Impl type +// is available as a forward declaration in the header only. Certificate_Req::~Certificate_Req() = default; /** diff --git a/src/lib/tls/msg_cert_req_impl.cpp b/src/lib/tls/msg_cert_req_impl.cpp index 1f6068fa632..e00a3000318 100644 --- a/src/lib/tls/msg_cert_req_impl.cpp +++ b/src/lib/tls/msg_cert_req_impl.cpp @@ -21,8 +21,6 @@ namespace TLS { Certificate_Req_Impl::Certificate_Req_Impl() = default; -Certificate_Req_Impl::~Certificate_Req_Impl() = default; - Handshake_Type Certificate_Req_Impl::type() const { return CERTIFICATE_REQUEST; diff --git a/src/lib/tls/msg_cert_req_impl.h b/src/lib/tls/msg_cert_req_impl.h index d7bbeb217fb..b78edaf0289 100644 --- a/src/lib/tls/msg_cert_req_impl.h +++ b/src/lib/tls/msg_cert_req_impl.h @@ -36,8 +36,6 @@ class Certificate_Req_Impl : public Handshake_Message virtual const std::vector& signature_schemes() const = 0; explicit Certificate_Req_Impl(); - - virtual ~Certificate_Req_Impl() = 0; }; } diff --git a/src/lib/tls/msg_cert_verify.cpp b/src/lib/tls/msg_cert_verify.cpp index 43119a35cbf..bedb50aede8 100644 --- a/src/lib/tls/msg_cert_verify.cpp +++ b/src/lib/tls/msg_cert_verify.cpp @@ -28,9 +28,7 @@ Certificate_Verify::Certificate_Verify(Handshake_IO& io, const Policy& policy, RandomNumberGenerator& rng, const Private_Key* priv_key) : - m_impl( state.version() == Protocol_Version::TLS_V13 - ? TLS_Message_Factory::create(io, state, policy, rng, priv_key) - : TLS_Message_Factory::create(io, state, policy, rng, priv_key)) + m_impl(Message_Factory::create(state.version(), io, state, policy, rng, priv_key)) { } @@ -38,12 +36,12 @@ Certificate_Verify::Certificate_Verify(Handshake_IO& io, * Deserialize a Certificate Verify message */ Certificate_Verify::Certificate_Verify(const Protocol_Version& protocol_version, const std::vector& buf) : - m_impl( protocol_version == Protocol_Version::TLS_V13 - ? TLS_Message_Factory::create(buf) - : TLS_Message_Factory::create(buf)) + m_impl(Message_Factory::create(protocol_version, buf)) { } +// Needed for std::unique_ptr<> m_impl member, as *_Impl type +// is available as a forward declaration in the header only. Certificate_Verify::~Certificate_Verify() = default; /* diff --git a/src/lib/tls/msg_cert_verify_impl.cpp b/src/lib/tls/msg_cert_verify_impl.cpp index 7994a65679d..2d4e1e470a0 100644 --- a/src/lib/tls/msg_cert_verify_impl.cpp +++ b/src/lib/tls/msg_cert_verify_impl.cpp @@ -58,8 +58,6 @@ Certificate_Verify_Impl::Certificate_Verify_Impl(const std::vector& buf reader.assert_done(); } -Certificate_Verify_Impl::~Certificate_Verify_Impl() = default; - /* * Serialize a Certificate Verify message */ diff --git a/src/lib/tls/msg_cert_verify_impl.h b/src/lib/tls/msg_cert_verify_impl.h index 7a3728a524d..2aef067dfe0 100644 --- a/src/lib/tls/msg_cert_verify_impl.h +++ b/src/lib/tls/msg_cert_verify_impl.h @@ -44,16 +44,14 @@ class Certificate_Verify_Impl : public Handshake_Message const Handshake_State& state, const Policy& policy) const; - explicit Certificate_Verify_Impl(Handshake_IO& io, - Handshake_State& state, - const Policy& policy, - RandomNumberGenerator& rng, - const Private_Key* key); + Certificate_Verify_Impl(Handshake_IO& io, + Handshake_State& state, + const Policy& policy, + RandomNumberGenerator& rng, + const Private_Key* key); explicit Certificate_Verify_Impl(const std::vector& buf); - virtual ~Certificate_Verify_Impl() = 0; - std::vector serialize() const override; private: std::vector m_signature; diff --git a/src/lib/tls/msg_certificate.cpp b/src/lib/tls/msg_certificate.cpp index 65c914f27c8..2c3e2937e00 100644 --- a/src/lib/tls/msg_certificate.cpp +++ b/src/lib/tls/msg_certificate.cpp @@ -45,9 +45,7 @@ Certificate::Certificate(const Protocol_Version& protocol_version, Handshake_IO& io, Handshake_Hash& hash, const std::vector& cert_list) : - m_impl( protocol_version == Protocol_Version::TLS_V13 - ? TLS_Message_Factory::create() - : TLS_Message_Factory::create(io, hash, cert_list)) + m_impl(Message_Factory::create(protocol_version, io, hash, cert_list)) { } @@ -56,12 +54,12 @@ Certificate::Certificate(const Protocol_Version& protocol_version, */ Certificate::Certificate(const Protocol_Version& protocol_version, const std::vector& buf, const Policy& policy) : - m_impl( protocol_version == Protocol_Version::TLS_V13 - ? TLS_Message_Factory::create() - : TLS_Message_Factory::create(buf, policy)) + m_impl(Message_Factory::create(protocol_version, buf, policy)) { } +// Needed for std::unique_ptr<> m_impl member, as *_Impl type +// is available as a forward declaration in the header only. Certificate::~Certificate() = default; /** diff --git a/src/lib/tls/msg_certificate_impl.cpp b/src/lib/tls/msg_certificate_impl.cpp index f7aa6d7f40f..95936a90517 100644 --- a/src/lib/tls/msg_certificate_impl.cpp +++ b/src/lib/tls/msg_certificate_impl.cpp @@ -18,10 +18,6 @@ Handshake_Type Certificate_Impl::type() const return CERTIFICATE; } -Certificate_Impl::Certificate_Impl() = default; - -Certificate_Impl::~Certificate_Impl() = default; - } } diff --git a/src/lib/tls/msg_certificate_impl.h b/src/lib/tls/msg_certificate_impl.h index e67234f3b36..9ec12af0124 100644 --- a/src/lib/tls/msg_certificate_impl.h +++ b/src/lib/tls/msg_certificate_impl.h @@ -31,9 +31,7 @@ class Certificate_Impl : public Handshake_Message virtual size_t count() const = 0; virtual bool empty() const = 0; - explicit Certificate_Impl(); - - virtual ~Certificate_Impl() = 0; + explicit Certificate_Impl() = default; }; } diff --git a/src/lib/tls/msg_client_hello.cpp b/src/lib/tls/msg_client_hello.cpp index 396b1d07129..d2f6c9b057a 100644 --- a/src/lib/tls/msg_client_hello.cpp +++ b/src/lib/tls/msg_client_hello.cpp @@ -22,7 +22,6 @@ #include #include #include -#include #include namespace Botan { @@ -65,9 +64,7 @@ Client_Hello::Client_Hello(Handshake_IO& io, const std::vector& reneg_info, const Client_Hello::Settings& client_settings, const std::vector& next_protocols) : - m_impl(client_settings.protocol_version() == Protocol_Version::TLS_V13 - ? TLS_Message_Factory::create(io, hash, policy, cb, rng, reneg_info, client_settings, next_protocols) - : TLS_Message_Factory::create(io, hash, policy, cb, rng, reneg_info, client_settings, next_protocols)) + m_impl(Message_Factory::create(client_settings.protocol_version(), io, hash, policy, cb, rng, reneg_info, client_settings, next_protocols)) { } @@ -82,9 +79,7 @@ Client_Hello::Client_Hello(Handshake_IO& io, const std::vector& reneg_info, const Session& session, const std::vector& next_protocols) : - m_impl(session.version() == Protocol_Version::TLS_V13 - ? TLS_Message_Factory::create(io, hash, policy, cb, rng, reneg_info, session, next_protocols) - : TLS_Message_Factory::create(io, hash, policy, cb, rng, reneg_info, session, next_protocols)) + m_impl(Message_Factory::create(session.version(), io, hash, policy, cb, rng, reneg_info, session, next_protocols)) { } @@ -95,11 +90,16 @@ Client_Hello::Client_Hello(const std::vector& buf) { auto supported_versions = Client_Hello_Impl(buf).supported_versions(); - m_impl = value_exists(supported_versions, Protocol_Version(Protocol_Version::TLS_V13)) - ? TLS_Message_Factory::create(buf) - : TLS_Message_Factory::create(buf); + const auto protocol_version = + value_exists(supported_versions, Protocol_Version(Protocol_Version::TLS_V13)) + ? Protocol_Version::TLS_V13 + : Protocol_Version::TLS_V12; + + m_impl = Message_Factory::create(protocol_version, buf); } +// Needed for std::unique_ptr<> m_impl member, as *_Impl type +// is available as a forward declaration in the header only. Client_Hello::~Client_Hello() = default; diff --git a/src/lib/tls/msg_client_hello_impl.cpp b/src/lib/tls/msg_client_hello_impl.cpp index 4917bd61ff1..e7401e93706 100644 --- a/src/lib/tls/msg_client_hello_impl.cpp +++ b/src/lib/tls/msg_client_hello_impl.cpp @@ -41,27 +41,25 @@ enum { }; std::vector make_hello_random(RandomNumberGenerator& rng, - const Policy& policy) -{ -std::vector buf(32); -rng.randomize(buf.data(), buf.size()); - -auto sha256 = HashFunction::create_or_throw("SHA-256"); -sha256->update(buf); -sha256->final(buf); - -if(policy.include_time_in_hello_random()) + const Policy& policy) { - const uint32_t time32 = static_cast( - std::chrono::system_clock::to_time_t(std::chrono::system_clock::now())); + std::vector buf(32); + rng.randomize(buf.data(), buf.size()); - store_be(time32, buf.data()); - } + auto sha256 = HashFunction::create_or_throw("SHA-256"); + sha256->update(buf); + sha256->final(buf); -return buf; -} + if(policy.include_time_in_hello_random()) + { + const uint32_t time32 = static_cast( + std::chrono::system_clock::to_time_t(std::chrono::system_clock::now())); -Client_Hello_Impl::Client_Hello_Impl() = default; + store_be(time32, buf.data()); + } + + return buf; + } /* * Create a new Client Hello message @@ -236,9 +234,6 @@ Client_Hello_Impl::Client_Hello_Impl(const std::vector& buf) } } - -Client_Hello_Impl::~Client_Hello_Impl() = default; - Handshake_Type Client_Hello_Impl::type() const { return CLIENT_HELLO; @@ -330,10 +325,7 @@ std::vector Client_Hello_Impl::cookie_input_data() const */ bool Client_Hello_Impl::offered_suite(uint16_t ciphersuite) const { - for(size_t i = 0; i != m_suites.size(); ++i) - if(m_suites[i] == ciphersuite) - return true; - return false; + return std::find(m_suites.cbegin(), m_suites.cend(), ciphersuite) != m_suites.cend(); } std::vector Client_Hello_Impl::signature_schemes() const diff --git a/src/lib/tls/msg_client_hello_impl.h b/src/lib/tls/msg_client_hello_impl.h index db480b49cc8..908610f81d2 100644 --- a/src/lib/tls/msg_client_hello_impl.h +++ b/src/lib/tls/msg_client_hello_impl.h @@ -33,30 +33,28 @@ class Policy; class Client_Hello_Impl : public Handshake_Message { public: - explicit Client_Hello_Impl(); - - explicit Client_Hello_Impl(Handshake_IO& io, - Handshake_Hash& hash, - const Policy& policy, - Callbacks& cb, - RandomNumberGenerator& rng, - const std::vector& reneg_info, - const Client_Hello::Settings& client_settings, - const std::vector& next_protocols); - - explicit Client_Hello_Impl(Handshake_IO& io, - Handshake_Hash& hash, - const Policy& policy, - Callbacks& cb, - RandomNumberGenerator& rng, - const std::vector& reneg_info, - const Session& resumed_session, - const std::vector& next_protocols); + explicit Client_Hello_Impl() = default; + + Client_Hello_Impl(Handshake_IO& io, + Handshake_Hash& hash, + const Policy& policy, + Callbacks& cb, + RandomNumberGenerator& rng, + const std::vector& reneg_info, + const Client_Hello::Settings& client_settings, + const std::vector& next_protocols); + + Client_Hello_Impl(Handshake_IO& io, + Handshake_Hash& hash, + const Policy& policy, + Callbacks& cb, + RandomNumberGenerator& rng, + const std::vector& reneg_info, + const Session& resumed_session, + const std::vector& next_protocols); explicit Client_Hello_Impl(const std::vector& buf); - virtual ~Client_Hello_Impl(); - Handshake_Type type() const override; Protocol_Version version() const; diff --git a/src/lib/tls/msg_finished.cpp b/src/lib/tls/msg_finished.cpp index d4808a694be..6e7e4b7aa76 100644 --- a/src/lib/tls/msg_finished.cpp +++ b/src/lib/tls/msg_finished.cpp @@ -25,9 +25,7 @@ namespace TLS { Finished::Finished(Handshake_IO& io, Handshake_State& state, Connection_Side side) : - m_impl( state.version() == Protocol_Version::TLS_V13 - ? TLS_Message_Factory::create(io, state, side) - : TLS_Message_Factory::create(io, state, side)) + m_impl(Message_Factory::create(state.version(), io, state, side)) { } @@ -43,12 +41,12 @@ std::vector Finished::serialize() const * Deserialize a Finished message */ Finished::Finished(const Protocol_Version& protocol_version, const std::vector& buf): - m_impl( protocol_version == Protocol_Version::TLS_V13 - ? TLS_Message_Factory::create(buf) - : TLS_Message_Factory::create(buf)) + m_impl(Message_Factory::create(protocol_version, buf)) { } +// Needed for std::unique_ptr<> m_impl member, as *_Impl type +// is available as a forward declaration in the header only. Finished::~Finished() = default; diff --git a/src/lib/tls/msg_finished_impl.cpp b/src/lib/tls/msg_finished_impl.cpp index 4b7836485ce..9dc8f67fb04 100644 --- a/src/lib/tls/msg_finished_impl.cpp +++ b/src/lib/tls/msg_finished_impl.cpp @@ -37,10 +37,9 @@ std::vector finished_compute_verify(const Handshake_State& state, std::vector input; std::vector label; - if(side == CLIENT) - label += std::make_pair(TLS_CLIENT_LABEL, sizeof(TLS_CLIENT_LABEL)); - else - label += std::make_pair(TLS_SERVER_LABEL, sizeof(TLS_SERVER_LABEL)); + label += (side == CLIENT) + ? std::make_pair(TLS_CLIENT_LABEL, sizeof(TLS_CLIENT_LABEL)) + : std::make_pair(TLS_SERVER_LABEL, sizeof(TLS_SERVER_LABEL)); input += state.hash().final(state.ciphersuite().prf_algo()); @@ -60,6 +59,11 @@ Finished_Impl::Finished_Impl(Handshake_IO& io, state.hash().update(io.send(*this)); } +Handshake_Type Finished_Impl::type() const + { + return FINISHED; + } + /* * Serialize a Finished message */ @@ -74,8 +78,6 @@ std::vector Finished_Impl::serialize() const Finished_Impl::Finished_Impl(const std::vector& buf) : m_verification_data(buf) {} -Finished_Impl::~Finished_Impl() = default; - std::vector Finished_Impl::verify_data() const { return m_verification_data; diff --git a/src/lib/tls/msg_finished_impl.h b/src/lib/tls/msg_finished_impl.h index c43004fd9e3..42f02cc1ec0 100644 --- a/src/lib/tls/msg_finished_impl.h +++ b/src/lib/tls/msg_finished_impl.h @@ -27,21 +27,19 @@ class Handshake_State; class Finished_Impl : public Handshake_Message { public: - Handshake_Type type() const override { return FINISHED; } + Handshake_Type type() const override; virtual std::vector verify_data() const; virtual bool verify(const Handshake_State& state, Connection_Side side) const; - explicit Finished_Impl(Handshake_IO& io, - Handshake_State& state, - Connection_Side side); + Finished_Impl(Handshake_IO& io, + Handshake_State& state, + Connection_Side side); explicit Finished_Impl(const std::vector& buf); - virtual ~Finished_Impl() = 0; - std::vector serialize() const override; private: std::vector m_verification_data; diff --git a/src/lib/tls/msg_server_hello.cpp b/src/lib/tls/msg_server_hello.cpp index af49fe882f3..5f2bb062b05 100644 --- a/src/lib/tls/msg_server_hello.cpp +++ b/src/lib/tls/msg_server_hello.cpp @@ -34,9 +34,7 @@ Server_Hello::Server_Hello(Handshake_IO& io, const Client_Hello& client_hello, const Server_Hello::Settings& server_settings, const std::string next_protocol) : - m_impl(server_settings.protocol_version() == Protocol_Version::TLS_V13 - ? TLS_Message_Factory::create(io, hash, policy, cb, rng, reneg_info, client_hello, server_settings, next_protocol) - : TLS_Message_Factory::create(io, hash, policy, cb, rng, reneg_info, client_hello, server_settings, next_protocol)) + m_impl(Message_Factory::create(client_hello.version(), io, hash, policy, cb, rng, reneg_info, client_hello, server_settings, next_protocol)) { } @@ -51,9 +49,7 @@ Server_Hello::Server_Hello(Handshake_IO& io, Session& resumed_session, bool offer_session_ticket, const std::string& next_protocol) : - m_impl(client_hello.version() == Protocol_Version::TLS_V13 - ? TLS_Message_Factory::create(io, hash, policy, cb, rng, reneg_info, client_hello, resumed_session, offer_session_ticket, next_protocol) - : TLS_Message_Factory::create(io, hash, policy, cb, rng, reneg_info, client_hello, resumed_session, offer_session_ticket, next_protocol)) + m_impl(Message_Factory::create(client_hello.version(), io, hash, policy, cb, rng, reneg_info, client_hello, resumed_session, offer_session_ticket, next_protocol)) { } @@ -64,11 +60,16 @@ Server_Hello::Server_Hello(const std::vector& buf) { auto supported_versions = Server_Hello_Impl(buf).supported_versions(); - m_impl = value_exists(supported_versions, Protocol_Version(Protocol_Version::TLS_V13)) - ? TLS_Message_Factory::create(buf) - : TLS_Message_Factory::create(buf); + const auto protocol_version = + value_exists(supported_versions, Protocol_Version(Protocol_Version::TLS_V13)) + ? Protocol_Version::TLS_V13 + : Protocol_Version::TLS_V12; + + m_impl = Message_Factory::create(protocol_version, buf); } +// Needed for std::unique_ptr<> m_impl member, as *_Impl type +// is available as a forward declaration in the header only. Server_Hello::~Server_Hello() = default; Handshake_Type Server_Hello::type() const diff --git a/src/lib/tls/msg_server_hello_impl.cpp b/src/lib/tls/msg_server_hello_impl.cpp index cb7159cfca1..a93823dcf48 100644 --- a/src/lib/tls/msg_server_hello_impl.cpp +++ b/src/lib/tls/msg_server_hello_impl.cpp @@ -33,7 +33,7 @@ make_server_hello_random(RandomNumberGenerator& rng, Protocol_Version offered_version, const Policy& policy) { - BOTAN_UNUSED(offered_version, policy); + BOTAN_UNUSED(offered_version); auto random = make_hello_random(rng, policy); return random; } @@ -119,8 +119,6 @@ Server_Hello_Impl::Server_Hello_Impl(const std::vector& buf) m_extensions.deserialize(reader, Connection_Side::SERVER); } -Server_Hello_Impl::~Server_Hello_Impl() = default; - Handshake_Type Server_Hello_Impl::type() const { return SERVER_HELLO; diff --git a/src/lib/tls/msg_server_hello_impl.h b/src/lib/tls/msg_server_hello_impl.h index 7275261c902..0a455c10aef 100644 --- a/src/lib/tls/msg_server_hello_impl.h +++ b/src/lib/tls/msg_server_hello_impl.h @@ -33,22 +33,20 @@ class Server_Hello_Impl : public Handshake_Message public: explicit Server_Hello_Impl(); - explicit Server_Hello_Impl(const Policy& policy, - RandomNumberGenerator& rng, - const Client_Hello& client_hello, - const Server_Hello::Settings& settings, - const std::string next_protocol); - - explicit Server_Hello_Impl(const Policy& policy, - RandomNumberGenerator& rng, - const Client_Hello& client_hello, - Session& resumed_session, - const std::string next_protocol); + Server_Hello_Impl(const Policy& policy, + RandomNumberGenerator& rng, + const Client_Hello& client_hello, + const Server_Hello::Settings& settings, + const std::string next_protocol); + + Server_Hello_Impl(const Policy& policy, + RandomNumberGenerator& rng, + const Client_Hello& client_hello, + Session& resumed_session, + const std::string next_protocol); explicit Server_Hello_Impl(const std::vector& buf); - virtual ~Server_Hello_Impl(); - Handshake_Type type() const override; Protocol_Version version() const; diff --git a/src/lib/tls/tls12/tls_channel_impl_12.cpp b/src/lib/tls/tls12/tls_channel_impl_12.cpp index d9dccce42de..35ac6eb6457 100644 --- a/src/lib/tls/tls12/tls_channel_impl_12.cpp +++ b/src/lib/tls/tls12/tls_channel_impl_12.cpp @@ -273,11 +273,6 @@ void Channel_Impl_12::activate_session() callbacks().tls_session_activated(); } -size_t Channel_Impl_12::received_data(const std::vector& buf) - { - return this->received_data(buf.data(), buf.size()); - } - size_t Channel_Impl_12::received_data(const uint8_t input[], size_t input_size) { const bool allow_epoch0_restart = m_is_datagram && m_is_server && policy().allow_dtls_epoch0_restart(); @@ -577,11 +572,6 @@ void Channel_Impl_12::send(const uint8_t buf[], size_t buf_size) APPLICATION_DATA, buf, buf_size); } -void Channel_Impl_12::send(const std::string& string) - { - this->send(cast_char_ptr_to_uint8(string.data()), string.size()); - } - void Channel_Impl_12::send_alert(const Alert& alert) { if(alert.is_valid() && !is_closed()) diff --git a/src/lib/tls/tls12/tls_channel_impl_12.h b/src/lib/tls/tls12/tls_channel_impl_12.h index e2b961b7ca5..15854066b6f 100644 --- a/src/lib/tls/tls12/tls_channel_impl_12.h +++ b/src/lib/tls/tls12/tls_channel_impl_12.h @@ -76,25 +76,12 @@ class Channel_Impl_12 : public Channel_Impl size_t received_data(const uint8_t buf[], size_t buf_size) override; - /** - * Inject TLS traffic received from counterparty - * @return a hint as the how many more bytes we need to process the - * current record (this may be 0 if on a record boundary) - */ - size_t received_data(const std::vector& buf) override; - /** * Inject plaintext intended for counterparty * Throws an exception if is_active() is false */ void send(const uint8_t buf[], size_t buf_size) override; - /** - * Inject plaintext intended for counterparty - * Throws an exception if is_active() is false - */ - void send(const std::string& val) override; - /** * Send a TLS alert message. If the alert is fatal, the internal * state (keys, etc) will be reset. @@ -102,16 +89,6 @@ class Channel_Impl_12 : public Channel_Impl */ void send_alert(const Alert& alert) override; - /** - * Send a warning alert - */ - void send_warning_alert(Alert::Type type) override { send_alert(Alert(type, false)); } - - /** - * Send a fatal alert - */ - void send_fatal_alert(Alert::Type type) override { send_alert(Alert(type, true)); } - /** * Send a close notification alert */ diff --git a/src/lib/tls/tls12/tls_server_impl_12.cpp b/src/lib/tls/tls12/tls_server_impl_12.cpp index 6698363761c..59f1c6b3f6a 100644 --- a/src/lib/tls/tls12/tls_server_impl_12.cpp +++ b/src/lib/tls/tls12/tls_server_impl_12.cpp @@ -109,11 +109,9 @@ bool check_for_resume(Session& session_info, return false; // client sent a different SNI hostname - if(client_hello->sni_hostname() != "") - { - if(client_hello->sni_hostname() != session_info.server_info().hostname()) + if(client_hello->sni_hostname() != "" && + client_hello->sni_hostname() != session_info.server_info().hostname()) return false; - } // Checking extended_master_secret on resume (RFC 7627 section 5.3) if(client_hello->supports_extended_master_secret() != session_info.supports_extended_master_secret()) diff --git a/src/lib/tls/tls_channel.cpp b/src/lib/tls/tls_channel.cpp index ded661729b1..a97b72ca8e0 100644 --- a/src/lib/tls/tls_channel.cpp +++ b/src/lib/tls/tls_channel.cpp @@ -13,8 +13,6 @@ namespace Botan { namespace TLS { -Channel::~Channel() = default; - size_t TLS::Channel::IO_BUF_DEFAULT_SIZE = 10*1024; } diff --git a/src/lib/tls/tls_channel.h b/src/lib/tls/tls_channel.h index f88fd9b936b..2a4ae282b34 100644 --- a/src/lib/tls/tls_channel.h +++ b/src/lib/tls/tls_channel.h @@ -40,7 +40,7 @@ class BOTAN_PUBLIC_API(2,0) Channel public: static size_t IO_BUF_DEFAULT_SIZE; - virtual ~Channel() = 0; + virtual ~Channel() = default; /** * Inject TLS traffic received from counterparty @@ -49,13 +49,15 @@ class BOTAN_PUBLIC_API(2,0) Channel */ virtual size_t received_data(const uint8_t buf[], size_t buf_size) = 0; - /** * Inject TLS traffic received from counterparty * @return a hint as the how many more bytes we need to process the * current record (this may be 0 if on a record boundary) */ - virtual size_t received_data(const std::vector& buf) = 0; + size_t received_data(const std::vector& buf) + { + return this->received_data(buf.data(), buf.size()); + } /** * Inject plaintext intended for counterparty @@ -67,7 +69,10 @@ class BOTAN_PUBLIC_API(2,0) Channel * Inject plaintext intended for counterparty * Throws an exception if is_active() is false */ - virtual void send(const std::string& val) = 0; + void send(const std::string& val) + { + this->send(cast_char_ptr_to_uint8(val.data()), val.size()); + } /** * Inject plaintext intended for counterparty diff --git a/src/lib/tls/tls_channel_impl.h b/src/lib/tls/tls_channel_impl.h index f31f6cf7f12..e9f0fe33a9f 100644 --- a/src/lib/tls/tls_channel_impl.h +++ b/src/lib/tls/tls_channel_impl.h @@ -41,26 +41,12 @@ class Channel_Impl */ virtual size_t received_data(const uint8_t buf[], size_t buf_size) = 0; - - /** - * Inject TLS traffic received from counterparty - * @return a hint as the how many more bytes we need to process the - * current record (this may be 0 if on a record boundary) - */ - virtual size_t received_data(const std::vector& buf) = 0; - /** * Inject plaintext intended for counterparty * Throws an exception if is_active() is false */ virtual void send(const uint8_t buf[], size_t buf_size) = 0; - /** - * Inject plaintext intended for counterparty - * Throws an exception if is_active() is false - */ - virtual void send(const std::string& val) = 0; - /** * Send a TLS alert message. If the alert is fatal, the internal * state (keys, etc) will be reset. @@ -71,12 +57,12 @@ class Channel_Impl /** * Send a warning alert */ - virtual void send_warning_alert(Alert::Type type) = 0; + void send_warning_alert(Alert::Type type) { send_alert(Alert(type, false)); } /** * Send a fatal alert */ - virtual void send_fatal_alert(Alert::Type type) = 0; + void send_fatal_alert(Alert::Type type) { send_alert(Alert(type, true)); } /** * Send a close notification alert diff --git a/src/lib/tls/tls_client.cpp b/src/lib/tls/tls_client.cpp index 40f4e4a519d..84180353bd5 100644 --- a/src/lib/tls/tls_client.cpp +++ b/src/lib/tls/tls_client.cpp @@ -46,11 +46,6 @@ size_t Client::received_data(const uint8_t buf[], size_t buf_size) return m_impl->channel().received_data(buf, buf_size); } -size_t Client::received_data(const std::vector& buf) - { - return m_impl->channel().received_data(buf); - } - bool Client::is_active() const { return m_impl->channel().is_active(); @@ -88,11 +83,6 @@ void Client::send(const uint8_t buf[], size_t buf_size) m_impl->channel().send(buf, buf_size); } -void Client::send(const std::string& val) - { - m_impl->channel().send(val); - } - void Client::send_alert(const Alert& alert) { m_impl->channel().send_alert(alert); diff --git a/src/lib/tls/tls_client.h b/src/lib/tls/tls_client.h index 79e1862c21c..e9de7ae0734 100644 --- a/src/lib/tls/tls_client.h +++ b/src/lib/tls/tls_client.h @@ -75,7 +75,7 @@ class BOTAN_PUBLIC_API(2,0) Client final : public Channel size_t received_data(const uint8_t buf[], size_t buf_size) override; - size_t received_data(const std::vector& buf) override; + using Channel::received_data; bool is_active() const override; @@ -93,13 +93,7 @@ class BOTAN_PUBLIC_API(2,0) Client final : public Channel void send(const uint8_t buf[], size_t buf_size) override; - void send(const std::string& val) override; - - template - void send(const std::vector& val) - { - send(val.data(), val.size()); - } + using Channel::send; void send_alert(const Alert& alert) override; diff --git a/src/lib/tls/tls_message_factory.h b/src/lib/tls/tls_message_factory.h index 124e50078f9..ddda65ae869 100644 --- a/src/lib/tls/tls_message_factory.h +++ b/src/lib/tls/tls_message_factory.h @@ -10,7 +10,6 @@ #include #include -#include #include #include @@ -30,99 +29,79 @@ class Certificate_Impl; class Server_Hello_Impl_12; class Client_Hello_Impl_12; -class Client_Hello_Impl_13; class Certificate_Req_Impl_12; class Certificate_Verify_Impl_12; class Certificate_Impl_12; class Finished_Impl_12; -class TLS_Message_Factory - { - public: - template - struct Impl_Version_Trait{}; - - template - static std::unique_ptr create(Args&& ... args) - { - return std::make_unique::Ver_Impl>(std::forward(args) ... ); - } - }; - -template<> -struct TLS_Message_Factory::Impl_Version_Trait - { - using Ver_Impl = Server_Hello_Impl_12; - }; +namespace { -template<> -struct TLS_Message_Factory::Impl_Version_Trait - { - using Ver_Impl = Server_Hello_Impl_12; // TODO using Ver_Impl = Server_Hello_Impl_13 - }; - -template<> -struct TLS_Message_Factory::Impl_Version_Trait - { - using Ver_Impl = Client_Hello_Impl_12; - }; +template +struct implementation_trait{}; template<> -struct TLS_Message_Factory::Impl_Version_Trait +struct implementation_trait { - using Ver_Impl = Mock_Impl_13; // TODO using Ver_Impl = Client_Hello_Impl_13 + using v12 = Server_Hello_Impl_12; + using v13 = Mock_Impl_13; }; template<> -struct TLS_Message_Factory::Impl_Version_Trait +struct implementation_trait { - using Ver_Impl = Certificate_Req_Impl_12; + using v12 = Client_Hello_Impl_12; + using v13 = Mock_Impl_13; }; template<> -struct TLS_Message_Factory::Impl_Version_Trait +struct implementation_trait { - using Ver_Impl = Mock_Certificate_Req_Impl_13; // TODO using Ver_Impl = Certificate_Req_Impl_13 + using v12 = Certificate_Req_Impl_12; + using v13 = Mock_Impl_13; }; template<> -struct TLS_Message_Factory::Impl_Version_Trait +struct implementation_trait { - using Ver_Impl = Certificate_Verify_Impl_12; + using v12 = Certificate_Verify_Impl_12; + using v13 = Mock_Impl_13; }; template<> -struct TLS_Message_Factory::Impl_Version_Trait +struct implementation_trait { - using Ver_Impl = Mock_Impl_13; // TODO using Ver_Impl = Certificate_Verify_Impl_13 + using v12 = Certificate_Impl_12; + using v13 = Mock_Impl_13; }; template<> -struct TLS_Message_Factory::Impl_Version_Trait +struct implementation_trait { - using Ver_Impl = Certificate_Impl_12; + using v12 = Finished_Impl_12; + using v13 = Mock_Impl_13; }; -template<> -struct TLS_Message_Factory::Impl_Version_Trait - { - using Ver_Impl = Mock_Certificate_Impl_13; // TODO using Ver_Impl = Certificate_Impl_13 - }; +} -template<> -struct TLS_Message_Factory::Impl_Version_Trait - { - using Ver_Impl = Finished_Impl_12; - }; +namespace Message_Factory { -template<> -struct TLS_Message_Factory::Impl_Version_Trait +template +std::unique_ptr create(const Protocol_Version &protocol_version, ParamTs&&... parameters) { - using Ver_Impl = Mock_Impl_13; // TODO using Ver_Impl = Finished_Impl_13 - }; + using impl_t = implementation_trait; + + if (protocol_version == Protocol_Version::TLS_V13) + { + return std::make_unique(std::forward(parameters)...); + } + else + { + return std::make_unique(std::forward(parameters)...); + } + } } } - +} #endif diff --git a/src/lib/tls/tls_messages.h b/src/lib/tls/tls_messages.h index a8dab0d5b38..d98a4b62e81 100644 --- a/src/lib/tls/tls_messages.h +++ b/src/lib/tls/tls_messages.h @@ -61,9 +61,10 @@ class BOTAN_UNSTABLE_API Hello_Verify_Request final : public Handshake_Message explicit Hello_Verify_Request(const std::vector& buf); - explicit Hello_Verify_Request(const std::vector& client_hello_bits, - const std::string& client_identity, - const SymmetricKey& secret_key); + Hello_Verify_Request(const std::vector& client_hello_bits, + const std::string& client_identity, + const SymmetricKey& secret_key); + private: std::vector m_cookie; }; @@ -150,7 +151,7 @@ class BOTAN_UNSTABLE_API Client_Hello final : public Handshake_Message const Extensions& extensions() const; - explicit Client_Hello(Handshake_IO& io, + Client_Hello(Handshake_IO& io, Handshake_Hash& hash, const Policy& policy, Callbacks& cb, @@ -159,7 +160,7 @@ class BOTAN_UNSTABLE_API Client_Hello final : public Handshake_Message const Client_Hello::Settings& client_settings, const std::vector& next_protocols); - explicit Client_Hello(Handshake_IO& io, + Client_Hello(Handshake_IO& io, Handshake_Hash& hash, const Policy& policy, Callbacks& cb, @@ -170,7 +171,7 @@ class BOTAN_UNSTABLE_API Client_Hello final : public Handshake_Message explicit Client_Hello(const std::vector& buf); - ~Client_Hello(); + ~Client_Hello() override; private: std::unique_ptr m_impl; @@ -242,7 +243,7 @@ class BOTAN_UNSTABLE_API Server_Hello final : public Handshake_Message bool random_signals_downgrade() const; - explicit Server_Hello(Handshake_IO& io, + Server_Hello(Handshake_IO& io, Handshake_Hash& hash, const Policy& policy, Callbacks& cb, @@ -252,7 +253,7 @@ class BOTAN_UNSTABLE_API Server_Hello final : public Handshake_Message const Server_Hello::Settings& settings, const std::string next_protocol); - explicit Server_Hello(Handshake_IO& io, + Server_Hello(Handshake_IO& io, Handshake_Hash& hash, const Policy& policy, Callbacks& cb, @@ -265,7 +266,7 @@ class BOTAN_UNSTABLE_API Server_Hello final : public Handshake_Message explicit Server_Hello(const std::vector& buf); - ~Server_Hello(); + ~Server_Hello() override; private: std::vector serialize() const override; @@ -284,20 +285,20 @@ class BOTAN_UNSTABLE_API Client_Key_Exchange final : public Handshake_Message const secure_vector& pre_master_secret() const { return m_pre_master; } - explicit Client_Key_Exchange(Handshake_IO& io, - Handshake_State& state, - const Policy& policy, - Credentials_Manager& creds, - const Public_Key* server_public_key, - const std::string& hostname, - RandomNumberGenerator& rng); - - explicit Client_Key_Exchange(const std::vector& buf, - const Handshake_State& state, - const Private_Key* server_rsa_kex_key, - Credentials_Manager& creds, - const Policy& policy, - RandomNumberGenerator& rng); + Client_Key_Exchange(Handshake_IO& io, + Handshake_State& state, + const Policy& policy, + Credentials_Manager& creds, + const Public_Key* server_public_key, + const std::string& hostname, + RandomNumberGenerator& rng); + + Client_Key_Exchange(const std::vector& buf, + const Handshake_State& state, + const Private_Key* server_rsa_kex_key, + Credentials_Manager& creds, + const Policy& policy, + RandomNumberGenerator& rng); private: std::vector serialize() const override @@ -319,15 +320,15 @@ class BOTAN_UNSTABLE_API Certificate final : public Handshake_Message size_t count() const; bool empty() const; - explicit Certificate(const Protocol_Version& protocol_version, - Handshake_IO& io, - Handshake_Hash& hash, - const std::vector& certs); + Certificate(const Protocol_Version& protocol_version, + Handshake_IO& io, + Handshake_Hash& hash, + const std::vector& certs); - explicit Certificate(const Protocol_Version& protocol_version, - const std::vector& buf, const Policy &policy); + Certificate(const Protocol_Version& protocol_version, + const std::vector& buf, const Policy &policy); - ~Certificate(); + ~Certificate() override; std::vector serialize() const override; @@ -349,16 +350,16 @@ class BOTAN_UNSTABLE_API Certificate_Status final : public Handshake_Message explicit Certificate_Status(const std::vector& buf); - explicit Certificate_Status(Handshake_IO& io, - Handshake_Hash& hash, - std::shared_ptr response); + Certificate_Status(Handshake_IO& io, + Handshake_Hash& hash, + std::shared_ptr response); /* * Create a Certificate_Status message using an already DER encoded OCSP response. */ - explicit Certificate_Status(Handshake_IO& io, - Handshake_Hash& hash, - std::vector const& raw_response_bytes ); + Certificate_Status(Handshake_IO& io, + Handshake_Hash& hash, + std::vector const& raw_response_bytes ); private: std::vector serialize() const override; @@ -379,17 +380,18 @@ class BOTAN_UNSTABLE_API Certificate_Req final : public Handshake_Message const std::vector& signature_schemes() const; - explicit Certificate_Req(const Protocol_Version& protocol_version, - Handshake_IO& io, - Handshake_Hash& hash, - const Policy& policy, - const std::vector& allowed_cas); + Certificate_Req(const Protocol_Version& protocol_version, + Handshake_IO& io, + Handshake_Hash& hash, + const Policy& policy, + const std::vector& allowed_cas); explicit Certificate_Req(const Protocol_Version& protocol_version, const std::vector& buf); - ~Certificate_Req(); - std::vector serialize() const override; + + ~Certificate_Req() override; + private: std::unique_ptr m_impl; }; @@ -412,21 +414,20 @@ class BOTAN_UNSTABLE_API Certificate_Verify final : public Handshake_Message const Handshake_State& state, const Policy& policy) const; - explicit Certificate_Verify(Handshake_IO& io, - Handshake_State& state, - const Policy& policy, - RandomNumberGenerator& rng, - const Private_Key* key); + Certificate_Verify(Handshake_IO& io, + Handshake_State& state, + const Policy& policy, + RandomNumberGenerator& rng, + const Private_Key* key); - explicit Certificate_Verify(const Protocol_Version& protocol_version, + Certificate_Verify(const Protocol_Version& protocol_version, const std::vector& buf); - ~Certificate_Verify(); + + ~Certificate_Verify() override; + private: std::vector serialize() const override; - std::vector m_signature; - Signature_Scheme m_scheme = Signature_Scheme::NONE; - std::unique_ptr m_impl; }; @@ -443,13 +444,14 @@ class BOTAN_UNSTABLE_API Finished final : public Handshake_Message bool verify(const Handshake_State& state, Connection_Side side) const; - explicit Finished(Handshake_IO& io, - Handshake_State& state, - Connection_Side side); + Finished(Handshake_IO& io, + Handshake_State& state, + Connection_Side side); explicit Finished(const Protocol_Version& protocol_version, const std::vector& buf); - ~Finished(); + ~Finished() override; + private: std::vector serialize() const override; std::unique_ptr m_impl; @@ -466,6 +468,7 @@ class BOTAN_UNSTABLE_API Hello_Request final : public Handshake_Message explicit Hello_Request(Handshake_IO& io); explicit Hello_Request(const std::vector& buf); + private: std::vector serialize() const override; }; @@ -496,19 +499,18 @@ class BOTAN_UNSTABLE_API Server_Key_Exchange final : public Handshake_Message } #endif - explicit Server_Key_Exchange(Handshake_IO& io, - Handshake_State& state, - const Policy& policy, - Credentials_Manager& creds, - RandomNumberGenerator& rng, - const Private_Key* signing_key = nullptr); + Server_Key_Exchange(Handshake_IO& io, + Handshake_State& state, + const Policy& policy, + Credentials_Manager& creds, + RandomNumberGenerator& rng, + const Private_Key* signing_key = nullptr); - explicit Server_Key_Exchange(const std::vector& buf, - Kex_Algo kex_alg, - Auth_Method sig_alg, - Protocol_Version version); + Server_Key_Exchange(const std::vector& buf, + Kex_Algo kex_alg, + Auth_Method sig_alg, + Protocol_Version version); - ~Server_Key_Exchange() = default; private: std::vector serialize() const override; @@ -534,6 +536,7 @@ class BOTAN_UNSTABLE_API Server_Hello_Done final : public Handshake_Message explicit Server_Hello_Done(Handshake_IO& io, Handshake_Hash& hash); explicit Server_Hello_Done(const std::vector& buf); + private: std::vector serialize() const override; }; @@ -549,15 +552,16 @@ class BOTAN_UNSTABLE_API New_Session_Ticket final : public Handshake_Message uint32_t ticket_lifetime_hint() const { return m_ticket_lifetime_hint; } const std::vector& ticket() const { return m_ticket; } - explicit New_Session_Ticket(Handshake_IO& io, - Handshake_Hash& hash, - const std::vector& ticket, - uint32_t lifetime); + New_Session_Ticket(Handshake_IO& io, + Handshake_Hash& hash, + const std::vector& ticket, + uint32_t lifetime); - explicit New_Session_Ticket(Handshake_IO& io, - Handshake_Hash& hash); + New_Session_Ticket(Handshake_IO& io, + Handshake_Hash& hash); explicit New_Session_Ticket(const std::vector& buf); + private: std::vector serialize() const override; diff --git a/src/lib/tls/tls_mock_msg_impl_13.h b/src/lib/tls/tls_mock_msg_impl_13.h index 692bee30f9a..f9d29964db4 100644 --- a/src/lib/tls/tls_mock_msg_impl_13.h +++ b/src/lib/tls/tls_mock_msg_impl_13.h @@ -8,71 +8,85 @@ #ifndef BOTAN_TLS_MOCK_MSG_IMPL_13_H_ #define BOTAN_TLS_MOCK_MSG_IMPL_13_H_ -#include +#include #include #include #include #include #include +#include namespace Botan { namespace TLS { -#include -template< typename T > -class Mock_Impl_13: public T +namespace detail { + +template +[[noreturn]] RetT nyi() + { + throw Not_Implemented("Implementation for TLSv1.3 not ready yet. You are welcome to implement it."); + } + +template +inline constexpr bool must_be_upcalled = !std::is_abstract_v && !std::is_default_constructible_v; + +template +class Mock_Impl_13_Internal; + +template +class Mock_Impl_13_Internal>> : public T { - public: - template - explicit Mock_Impl_13(Args&& ... args) - : T(std::forward(args) ... ) +public: + template + Mock_Impl_13_Internal(Args&&...) { - // TODO throw std::runtime_error("Implemenation for TLSv1.3 not ready yet. You are welcome to implement it."); + nyi(); } + }; -class Mock_Certificate_Impl_13 : public Certificate_Impl +template +class Mock_Impl_13_Internal>> : public T { - public: - template - explicit Mock_Certificate_Impl_13(Args&& ... args) - : Certificate_Impl(std::forward(args) ... ) +public: + template + Mock_Impl_13_Internal(Args&&... args) + : T(std::forward(args)...) { - // TODO throw std::runtime_error("Implemenation for TLSv1.3 not ready yet. You are welcome to implement it."); + nyi(); } - // from Certificate_Impl - std::vector serialize() const override { return {}; } - const std::vector& cert_chain() const override { return m_mock_cert_chain; } - std::size_t count() const override { return {}; } - bool empty() const override { return {}; } +}; + +} - private: - std::vector m_mock_cert_chain; +template +class Mock_Impl_13 : public detail::Mock_Impl_13_Internal { + using detail::Mock_Impl_13_Internal::Mock_Impl_13_Internal; }; -class Mock_Certificate_Req_Impl_13 : public Certificate_Req_Impl -{ - public: - template - explicit Mock_Certificate_Req_Impl_13(Args&& ... args) - : Certificate_Req_Impl(std::forward(args) ... ) - { - // throw std::runtime_error("Implemenation for TLSv1.3 not ready yet. You are welcome to implement it."); - } +template<> +class Mock_Impl_13 : public detail::Mock_Impl_13_Internal { +public: + using Mock_Impl_13_Internal::Mock_Impl_13_Internal; + + const std::vector& cert_chain() const override { return detail::nyi&>(); } + size_t count() const override { return detail::nyi(); } + bool empty() const override { return detail::nyi(); } + std::vector serialize() const override { return detail::nyi>(); } +}; - // from Certificate_Req_Impl - std::vector serialize() const override { return {}; } - const std::vector& acceptable_cert_types() const override { return m_acceptable_cert_types; } - const std::vector& acceptable_CAs() const override { return m_mock_acceptable_CAs; } - const std::vector& signature_schemes() const override { return m_mock_signature_schemes; } +template<> +class Mock_Impl_13 : public detail::Mock_Impl_13_Internal { +public: + using Mock_Impl_13_Internal::Mock_Impl_13_Internal; - private: - std::vector m_acceptable_cert_types; - std::vector m_mock_acceptable_CAs; - std::vector m_mock_signature_schemes; + const std::vector& acceptable_cert_types() const override { return detail::nyi&>(); } + const std::vector& acceptable_CAs() const override { return detail::nyi&>(); } + const std::vector& signature_schemes() const override { return detail::nyi&>(); } + std::vector serialize() const override { return detail::nyi>(); } }; } diff --git a/src/lib/tls/tls_server.cpp b/src/lib/tls/tls_server.cpp index bea0a6309e0..09bd163da7b 100644 --- a/src/lib/tls/tls_server.cpp +++ b/src/lib/tls/tls_server.cpp @@ -41,11 +41,6 @@ size_t Server::received_data(const uint8_t buf[], size_t buf_size) return m_impl->channel().received_data(buf, buf_size); } -size_t Server::received_data(const std::vector& buf) - { - return m_impl->channel().received_data(buf); - } - bool Server::is_active() const { return m_impl->channel().is_active(); @@ -83,11 +78,6 @@ void Server::send(const uint8_t buf[], size_t buf_size) m_impl->channel().send(buf, buf_size); } -void Server::send(const std::string& val) - { - m_impl->channel().send(val); - } - void Server::send_alert(const Alert& alert) { m_impl->channel().send_alert(alert); diff --git a/src/lib/tls/tls_server.h b/src/lib/tls/tls_server.h index 3987fd35935..29f0439658d 100644 --- a/src/lib/tls/tls_server.h +++ b/src/lib/tls/tls_server.h @@ -78,7 +78,7 @@ class BOTAN_PUBLIC_API(2,0) Server final : public Channel size_t received_data(const uint8_t buf[], size_t buf_size) override; - size_t received_data(const std::vector& buf) override; + using Channel::received_data; bool is_active() const override; @@ -96,13 +96,7 @@ class BOTAN_PUBLIC_API(2,0) Server final : public Channel void send(const uint8_t buf[], size_t buf_size) override; - void send(const std::string& val) override; - - template - void send(const std::vector& val) - { - send(val.data(), val.size()); - } + using Channel::send; void send_alert(const Alert& alert) override;