1 use crate::msgs::handshake::CertificatePayload; 2 use crate::msgs::handshake::DigitallySignedStruct; 3 use crate::msgs::handshake::SessionID; 4 use crate::msgs::handshake::SCTList; 5 use crate::msgs::handshake::ServerExtension; 6 use crate::msgs::handshake::ClientExtension; 7 use crate::msgs::persist; 8 use crate::msgs::enums::ExtensionType; 9 use crate::msgs::enums::NamedGroup; 10 use crate::session::SessionRandoms; 11 use crate::hash_hs; 12 use crate::sign; 13 use crate::suites; 14 #[cfg(feature = "logging")] 15 use crate::log::trace; 16 use webpki; 17 18 use std::mem; 19 20 pub struct ServerCertDetails { 21 pub cert_chain: CertificatePayload, 22 pub ocsp_response: Vec<u8>, 23 pub scts: Option<SCTList>, 24 } 25 26 impl ServerCertDetails { new() -> ServerCertDetails27 pub fn new() -> ServerCertDetails { 28 ServerCertDetails { 29 cert_chain: Vec::new(), 30 ocsp_response: Vec::new(), 31 scts: None, 32 } 33 } 34 take_chain(&mut self) -> CertificatePayload35 pub fn take_chain(&mut self) -> CertificatePayload { 36 mem::replace(&mut self.cert_chain, Vec::new()) 37 } 38 } 39 40 pub struct ServerKXDetails { 41 pub kx_params: Vec<u8>, 42 pub kx_sig: DigitallySignedStruct, 43 } 44 45 impl ServerKXDetails { new(params: Vec<u8>, sig: DigitallySignedStruct) -> ServerKXDetails46 pub fn new(params: Vec<u8>, sig: DigitallySignedStruct) -> ServerKXDetails { 47 ServerKXDetails { 48 kx_params: params, 49 kx_sig: sig, 50 } 51 } 52 } 53 54 pub struct HandshakeDetails { 55 pub resuming_session: Option<persist::ClientSessionValue>, 56 pub transcript: hash_hs::HandshakeHash, 57 pub hash_at_client_recvd_server_hello: Vec<u8>, 58 pub randoms: SessionRandoms, 59 pub using_ems: bool, 60 pub session_id: SessionID, 61 pub sent_tls13_fake_ccs: bool, 62 pub dns_name: webpki::DNSName, 63 pub extra_exts: Vec<ClientExtension>, 64 } 65 66 impl HandshakeDetails { new(host_name: webpki::DNSName, extra_exts: Vec<ClientExtension>) -> HandshakeDetails67 pub fn new(host_name: webpki::DNSName, extra_exts: Vec<ClientExtension>) -> HandshakeDetails { 68 HandshakeDetails { 69 resuming_session: None, 70 transcript: hash_hs::HandshakeHash::new(), 71 hash_at_client_recvd_server_hello: Vec::new(), 72 randoms: SessionRandoms::for_client(), 73 using_ems: false, 74 session_id: SessionID::empty(), 75 sent_tls13_fake_ccs: false, 76 dns_name: host_name, 77 extra_exts, 78 } 79 } 80 } 81 82 pub struct ClientHelloDetails { 83 pub sent_extensions: Vec<ExtensionType>, 84 pub offered_key_shares: Vec<suites::KeyExchange>, 85 } 86 87 impl ClientHelloDetails { new() -> ClientHelloDetails88 pub fn new() -> ClientHelloDetails { 89 ClientHelloDetails { 90 sent_extensions: Vec::new(), 91 offered_key_shares: Vec::new(), 92 } 93 } 94 has_key_share(&self, group: NamedGroup) -> bool95 pub fn has_key_share(&self, group: NamedGroup) -> bool { 96 self.offered_key_shares 97 .iter() 98 .any(|share| share.group == group) 99 } 100 find_key_share(&mut self, group: NamedGroup) -> Option<suites::KeyExchange>101 pub fn find_key_share(&mut self, group: NamedGroup) -> Option<suites::KeyExchange> { 102 self.offered_key_shares.iter() 103 .position(|s| s.group == group) 104 .map(|idx| self.offered_key_shares.remove(idx)) 105 } 106 find_key_share_and_discard_others(&mut self, group: NamedGroup) -> Option<suites::KeyExchange>107 pub fn find_key_share_and_discard_others(&mut self, group: NamedGroup) 108 -> Option<suites::KeyExchange> { 109 match self.find_key_share(group) { 110 Some(group) => { 111 self.offered_key_shares.clear(); 112 Some(group) 113 } 114 None => { 115 None 116 } 117 } 118 } 119 server_sent_unsolicited_extensions(&self, received_exts: &[ServerExtension], allowed_unsolicited: &[ExtensionType]) -> bool120 pub fn server_sent_unsolicited_extensions(&self, 121 received_exts: &[ServerExtension], 122 allowed_unsolicited: &[ExtensionType]) -> bool { 123 for ext in received_exts { 124 let ext_type = ext.get_type(); 125 if !self.sent_extensions.contains(&ext_type) && !allowed_unsolicited.contains(&ext_type) { 126 trace!("Unsolicited extension {:?}", ext_type); 127 return true; 128 } 129 } 130 131 false 132 } 133 } 134 135 pub struct ReceivedTicketDetails { 136 pub new_ticket: Vec<u8>, 137 pub new_ticket_lifetime: u32, 138 } 139 140 impl ReceivedTicketDetails { new() -> ReceivedTicketDetails141 pub fn new() -> ReceivedTicketDetails { 142 ReceivedTicketDetails::from(Vec::new(), 0) 143 } 144 from(ticket: Vec<u8>, lifetime: u32) -> ReceivedTicketDetails145 pub fn from(ticket: Vec<u8>, lifetime: u32) -> ReceivedTicketDetails { 146 ReceivedTicketDetails { 147 new_ticket: ticket, 148 new_ticket_lifetime: lifetime, 149 } 150 } 151 } 152 153 pub struct ClientAuthDetails { 154 pub cert: Option<CertificatePayload>, 155 pub signer: Option<Box<dyn sign::Signer>>, 156 pub auth_context: Option<Vec<u8>>, 157 } 158 159 impl ClientAuthDetails { new() -> ClientAuthDetails160 pub fn new() -> ClientAuthDetails { 161 ClientAuthDetails { 162 cert: None, 163 signer: None, 164 auth_context: None, 165 } 166 } 167 } 168