/* * TLS Server - implementation for TLS 1.3 * (C) 2022 Jack Lloyd * 2022 René Meusel - Rohde & Schwarz Cybersecurity * * Botan is released under the Simplified BSD License (see license.txt) */ #ifndef BOTAN_TLS_SERVER_IMPL_13_H_ #define BOTAN_TLS_SERVER_IMPL_13_H_ #include #include #include #include namespace Botan::TLS { /** * SSL/TLS Server 1.3 implementation */ class Server_Impl_13 : public Channel_Impl_13 { public: explicit Server_Impl_13(const std::shared_ptr& callbacks, const std::shared_ptr& session_manager, const std::shared_ptr& credentials_manager, const std::shared_ptr& policy, const std::shared_ptr& rng); std::string application_protocol() const override; std::vector peer_cert_chain() const override; std::shared_ptr peer_raw_public_key() const override; std::optional external_psk_identity() const override; bool new_session_ticket_supported() const override; size_t send_new_session_tickets(size_t tickets) override; bool is_handshake_complete() const override; private: void process_handshake_msg(Handshake_Message_13 msg) override; void process_post_handshake_msg(Post_Handshake_Message_13 msg) override; void process_dummy_change_cipher_spec() override; using Channel_Impl_13::handle; void handle(const Client_Hello_12& client_hello_msg); void handle(const Client_Hello_13& client_hello_msg); void handle(const Certificate_13& certificate_msg); void handle(const Certificate_Verify_13& certificate_verify_msg); void handle(const Finished_13& finished_msg); void handle_reply_to_client_hello(Server_Hello_13 server_hello); void handle_reply_to_client_hello(Hello_Retry_Request hello_retry_request); void maybe_handle_compatibility_mode(); void maybe_log_secret(std::string_view label, std::span secret) const override; void downgrade(); private: Server_Handshake_State_13 m_handshake_state; Handshake_Transitions m_transitions; std::optional m_resumed_session; std::optional m_psk_identity; }; } // namespace Botan::TLS #endif