1 use crate::hash_hs; 2 #[cfg(feature = "logging")] 3 use crate::log::trace; 4 use crate::msgs::enums::ExtensionType; 5 use crate::msgs::enums::NamedGroup; 6 use crate::msgs::handshake::CertificatePayload; 7 use crate::msgs::handshake::ClientExtension; 8 use crate::msgs::handshake::DigitallySignedStruct; 9 use crate::msgs::handshake::SCTList; 10 use crate::msgs::handshake::ServerExtension; 11 use crate::msgs::handshake::SessionID; 12 use crate::msgs::persist; 13 use crate::session::SessionRandoms; 14 use crate::sign; 15 use crate::suites; 16 use webpki; 17 18 use std::mem; 19 20 pub struct ServerCertDetails { 21 pub cert_chain: CertificatePayload, 22 pub ocsp_response: Vec<u8>, 23 pub scts: Option<SCTList>, 24 } 25 26 impl ServerCertDetails { new() -> ServerCertDetails27 pub fn new() -> ServerCertDetails { 28 ServerCertDetails { 29 cert_chain: Vec::new(), 30 ocsp_response: Vec::new(), 31 scts: None, 32 } 33 } 34 take_chain(&mut self) -> CertificatePayload35 pub fn take_chain(&mut self) -> CertificatePayload { 36 mem::replace(&mut self.cert_chain, Vec::new()) 37 } 38 } 39 40 pub struct ServerKXDetails { 41 pub kx_params: Vec<u8>, 42 pub kx_sig: DigitallySignedStruct, 43 } 44 45 impl ServerKXDetails { new(params: Vec<u8>, sig: DigitallySignedStruct) -> ServerKXDetails46 pub fn new(params: Vec<u8>, sig: DigitallySignedStruct) -> ServerKXDetails { 47 ServerKXDetails { 48 kx_params: params, 49 kx_sig: sig, 50 } 51 } 52 } 53 54 pub struct HandshakeDetails { 55 pub resuming_session: Option<persist::ClientSessionValue>, 56 pub transcript: hash_hs::HandshakeHash, 57 pub hash_at_client_recvd_server_hello: Vec<u8>, 58 pub randoms: SessionRandoms, 59 pub using_ems: bool, 60 pub session_id: SessionID, 61 pub sent_tls13_fake_ccs: bool, 62 pub dns_name: webpki::DNSName, 63 pub extra_exts: Vec<ClientExtension>, 64 } 65 66 impl HandshakeDetails { new(host_name: webpki::DNSName, extra_exts: Vec<ClientExtension>) -> HandshakeDetails67 pub fn new(host_name: webpki::DNSName, extra_exts: Vec<ClientExtension>) -> HandshakeDetails { 68 HandshakeDetails { 69 resuming_session: None, 70 transcript: hash_hs::HandshakeHash::new(), 71 hash_at_client_recvd_server_hello: Vec::new(), 72 randoms: SessionRandoms::for_client(), 73 using_ems: false, 74 session_id: SessionID::empty(), 75 sent_tls13_fake_ccs: false, 76 dns_name: host_name, 77 extra_exts, 78 } 79 } 80 } 81 82 pub struct ClientHelloDetails { 83 pub sent_extensions: Vec<ExtensionType>, 84 pub offered_key_shares: Vec<suites::KeyExchange>, 85 } 86 87 impl ClientHelloDetails { new() -> ClientHelloDetails88 pub fn new() -> ClientHelloDetails { 89 ClientHelloDetails { 90 sent_extensions: Vec::new(), 91 offered_key_shares: Vec::new(), 92 } 93 } 94 has_key_share(&self, group: NamedGroup) -> bool95 pub fn has_key_share(&self, group: NamedGroup) -> bool { 96 self.offered_key_shares 97 .iter() 98 .any(|share| share.group == group) 99 } 100 find_key_share(&mut self, group: NamedGroup) -> Option<suites::KeyExchange>101 pub fn find_key_share(&mut self, group: NamedGroup) -> Option<suites::KeyExchange> { 102 self.offered_key_shares 103 .iter() 104 .position(|s| s.group == group) 105 .map(|idx| self.offered_key_shares.remove(idx)) 106 } 107 find_key_share_and_discard_others( &mut self, group: NamedGroup, ) -> Option<suites::KeyExchange>108 pub fn find_key_share_and_discard_others( 109 &mut self, 110 group: NamedGroup, 111 ) -> Option<suites::KeyExchange> { 112 match self.find_key_share(group) { 113 Some(group) => { 114 self.offered_key_shares.clear(); 115 Some(group) 116 } 117 None => None, 118 } 119 } 120 server_sent_unsolicited_extensions( &self, received_exts: &[ServerExtension], allowed_unsolicited: &[ExtensionType], ) -> bool121 pub fn server_sent_unsolicited_extensions( 122 &self, 123 received_exts: &[ServerExtension], 124 allowed_unsolicited: &[ExtensionType], 125 ) -> bool { 126 for ext in received_exts { 127 let ext_type = ext.get_type(); 128 if !self.sent_extensions.contains(&ext_type) && !allowed_unsolicited.contains(&ext_type) 129 { 130 trace!("Unsolicited extension {:?}", ext_type); 131 return true; 132 } 133 } 134 135 false 136 } 137 } 138 139 pub struct ReceivedTicketDetails { 140 pub new_ticket: Vec<u8>, 141 pub new_ticket_lifetime: u32, 142 } 143 144 impl ReceivedTicketDetails { new() -> ReceivedTicketDetails145 pub fn new() -> ReceivedTicketDetails { 146 ReceivedTicketDetails::from(Vec::new(), 0) 147 } 148 from(ticket: Vec<u8>, lifetime: u32) -> ReceivedTicketDetails149 pub fn from(ticket: Vec<u8>, lifetime: u32) -> ReceivedTicketDetails { 150 ReceivedTicketDetails { 151 new_ticket: ticket, 152 new_ticket_lifetime: lifetime, 153 } 154 } 155 } 156 157 pub struct ClientAuthDetails { 158 pub cert: Option<CertificatePayload>, 159 pub signer: Option<Box<dyn sign::Signer>>, 160 pub auth_context: Option<Vec<u8>>, 161 } 162 163 impl ClientAuthDetails { new() -> ClientAuthDetails164 pub fn new() -> ClientAuthDetails { 165 ClientAuthDetails { 166 cert: None, 167 signer: None, 168 auth_context: None, 169 } 170 } 171 } 172