1 pub mod handshake_cache; 2 pub mod handshake_header; 3 pub mod handshake_message_certificate; 4 pub mod handshake_message_certificate_request; 5 pub mod handshake_message_certificate_verify; 6 pub mod handshake_message_client_hello; 7 pub mod handshake_message_client_key_exchange; 8 pub mod handshake_message_finished; 9 pub mod handshake_message_hello_verify_request; 10 pub mod handshake_message_server_hello; 11 pub mod handshake_message_server_hello_done; 12 pub mod handshake_message_server_key_exchange; 13 pub mod handshake_random; 14 15 #[cfg(test)] 16 mod handshake_test; 17 18 use std::fmt; 19 use std::io::{Read, Write}; 20 21 use super::content::*; 22 use super::error::*; 23 24 use handshake_header::*; 25 use handshake_message_certificate::*; 26 use handshake_message_certificate_request::*; 27 use handshake_message_certificate_verify::*; 28 use handshake_message_client_hello::*; 29 use handshake_message_client_key_exchange::*; 30 use handshake_message_finished::*; 31 use handshake_message_hello_verify_request::*; 32 use handshake_message_server_hello::*; 33 use handshake_message_server_hello_done::*; 34 use handshake_message_server_key_exchange::*; 35 36 // https://tools.ietf.org/html/rfc5246#section-7.4 37 #[derive(Default, Copy, Clone, Debug, PartialEq, Eq, Hash)] 38 pub enum HandshakeType { 39 HelloRequest = 0, 40 ClientHello = 1, 41 ServerHello = 2, 42 HelloVerifyRequest = 3, 43 Certificate = 11, 44 ServerKeyExchange = 12, 45 CertificateRequest = 13, 46 ServerHelloDone = 14, 47 CertificateVerify = 15, 48 ClientKeyExchange = 16, 49 Finished = 20, 50 #[default] 51 Invalid, 52 } 53 54 impl fmt::Display for HandshakeType { fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result55 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { 56 match *self { 57 HandshakeType::HelloRequest => write!(f, "HelloRequest"), 58 HandshakeType::ClientHello => write!(f, "ClientHello"), 59 HandshakeType::ServerHello => write!(f, "ServerHello"), 60 HandshakeType::HelloVerifyRequest => write!(f, "HelloVerifyRequest"), 61 HandshakeType::Certificate => write!(f, "Certificate"), 62 HandshakeType::ServerKeyExchange => write!(f, "ServerKeyExchange"), 63 HandshakeType::CertificateRequest => write!(f, "CertificateRequest"), 64 HandshakeType::ServerHelloDone => write!(f, "ServerHelloDone"), 65 HandshakeType::CertificateVerify => write!(f, "CertificateVerify"), 66 HandshakeType::ClientKeyExchange => write!(f, "ClientKeyExchange"), 67 HandshakeType::Finished => write!(f, "Finished"), 68 HandshakeType::Invalid => write!(f, "Invalid"), 69 } 70 } 71 } 72 73 impl From<u8> for HandshakeType { from(val: u8) -> Self74 fn from(val: u8) -> Self { 75 match val { 76 0 => HandshakeType::HelloRequest, 77 1 => HandshakeType::ClientHello, 78 2 => HandshakeType::ServerHello, 79 3 => HandshakeType::HelloVerifyRequest, 80 11 => HandshakeType::Certificate, 81 12 => HandshakeType::ServerKeyExchange, 82 13 => HandshakeType::CertificateRequest, 83 14 => HandshakeType::ServerHelloDone, 84 15 => HandshakeType::CertificateVerify, 85 16 => HandshakeType::ClientKeyExchange, 86 20 => HandshakeType::Finished, 87 _ => HandshakeType::Invalid, 88 } 89 } 90 } 91 92 #[derive(PartialEq, Debug, Clone)] 93 pub enum HandshakeMessage { 94 //HelloRequest(errNotImplemented), 95 ClientHello(HandshakeMessageClientHello), 96 ServerHello(HandshakeMessageServerHello), 97 HelloVerifyRequest(HandshakeMessageHelloVerifyRequest), 98 Certificate(HandshakeMessageCertificate), 99 ServerKeyExchange(HandshakeMessageServerKeyExchange), 100 CertificateRequest(HandshakeMessageCertificateRequest), 101 ServerHelloDone(HandshakeMessageServerHelloDone), 102 CertificateVerify(HandshakeMessageCertificateVerify), 103 ClientKeyExchange(HandshakeMessageClientKeyExchange), 104 Finished(HandshakeMessageFinished), 105 } 106 107 impl HandshakeMessage { handshake_type(&self) -> HandshakeType108 pub fn handshake_type(&self) -> HandshakeType { 109 match self { 110 HandshakeMessage::ClientHello(msg) => msg.handshake_type(), 111 HandshakeMessage::ServerHello(msg) => msg.handshake_type(), 112 HandshakeMessage::HelloVerifyRequest(msg) => msg.handshake_type(), 113 HandshakeMessage::Certificate(msg) => msg.handshake_type(), 114 HandshakeMessage::ServerKeyExchange(msg) => msg.handshake_type(), 115 HandshakeMessage::CertificateRequest(msg) => msg.handshake_type(), 116 HandshakeMessage::ServerHelloDone(msg) => msg.handshake_type(), 117 HandshakeMessage::CertificateVerify(msg) => msg.handshake_type(), 118 HandshakeMessage::ClientKeyExchange(msg) => msg.handshake_type(), 119 HandshakeMessage::Finished(msg) => msg.handshake_type(), 120 } 121 } 122 size(&self) -> usize123 pub fn size(&self) -> usize { 124 match self { 125 HandshakeMessage::ClientHello(msg) => msg.size(), 126 HandshakeMessage::ServerHello(msg) => msg.size(), 127 HandshakeMessage::HelloVerifyRequest(msg) => msg.size(), 128 HandshakeMessage::Certificate(msg) => msg.size(), 129 HandshakeMessage::ServerKeyExchange(msg) => msg.size(), 130 HandshakeMessage::CertificateRequest(msg) => msg.size(), 131 HandshakeMessage::ServerHelloDone(msg) => msg.size(), 132 HandshakeMessage::CertificateVerify(msg) => msg.size(), 133 HandshakeMessage::ClientKeyExchange(msg) => msg.size(), 134 HandshakeMessage::Finished(msg) => msg.size(), 135 } 136 } 137 marshal<W: Write>(&self, writer: &mut W) -> Result<()>138 pub fn marshal<W: Write>(&self, writer: &mut W) -> Result<()> { 139 match self { 140 HandshakeMessage::ClientHello(msg) => msg.marshal(writer)?, 141 HandshakeMessage::ServerHello(msg) => msg.marshal(writer)?, 142 HandshakeMessage::HelloVerifyRequest(msg) => msg.marshal(writer)?, 143 HandshakeMessage::Certificate(msg) => msg.marshal(writer)?, 144 HandshakeMessage::ServerKeyExchange(msg) => msg.marshal(writer)?, 145 HandshakeMessage::CertificateRequest(msg) => msg.marshal(writer)?, 146 HandshakeMessage::ServerHelloDone(msg) => msg.marshal(writer)?, 147 HandshakeMessage::CertificateVerify(msg) => msg.marshal(writer)?, 148 HandshakeMessage::ClientKeyExchange(msg) => msg.marshal(writer)?, 149 HandshakeMessage::Finished(msg) => msg.marshal(writer)?, 150 } 151 152 Ok(()) 153 } 154 } 155 156 // The handshake protocol is responsible for selecting a cipher spec and 157 // generating a master secret, which together comprise the primary 158 // cryptographic parameters associated with a secure session. The 159 // handshake protocol can also optionally authenticate parties who have 160 // certificates signed by a trusted certificate authority. 161 // https://tools.ietf.org/html/rfc5246#section-7.3 162 #[derive(PartialEq, Debug, Clone)] 163 pub struct Handshake { 164 pub(crate) handshake_header: HandshakeHeader, 165 pub(crate) handshake_message: HandshakeMessage, 166 } 167 168 impl Handshake { new(handshake_message: HandshakeMessage) -> Self169 pub fn new(handshake_message: HandshakeMessage) -> Self { 170 Handshake { 171 handshake_header: HandshakeHeader { 172 handshake_type: handshake_message.handshake_type(), 173 length: handshake_message.size() as u32, 174 message_sequence: 0, 175 fragment_offset: 0, 176 fragment_length: handshake_message.size() as u32, 177 }, 178 handshake_message, 179 } 180 } 181 content_type(&self) -> ContentType182 pub fn content_type(&self) -> ContentType { 183 ContentType::Handshake 184 } 185 size(&self) -> usize186 pub fn size(&self) -> usize { 187 self.handshake_header.size() + self.handshake_message.size() 188 } 189 marshal<W: Write>(&self, writer: &mut W) -> Result<()>190 pub fn marshal<W: Write>(&self, writer: &mut W) -> Result<()> { 191 self.handshake_header.marshal(writer)?; 192 self.handshake_message.marshal(writer)?; 193 Ok(()) 194 } 195 unmarshal<R: Read>(reader: &mut R) -> Result<Self>196 pub fn unmarshal<R: Read>(reader: &mut R) -> Result<Self> { 197 let handshake_header = HandshakeHeader::unmarshal(reader)?; 198 199 let handshake_message = match handshake_header.handshake_type { 200 HandshakeType::ClientHello => { 201 HandshakeMessage::ClientHello(HandshakeMessageClientHello::unmarshal(reader)?) 202 } 203 HandshakeType::ServerHello => { 204 HandshakeMessage::ServerHello(HandshakeMessageServerHello::unmarshal(reader)?) 205 } 206 HandshakeType::HelloVerifyRequest => HandshakeMessage::HelloVerifyRequest( 207 HandshakeMessageHelloVerifyRequest::unmarshal(reader)?, 208 ), 209 HandshakeType::Certificate => { 210 HandshakeMessage::Certificate(HandshakeMessageCertificate::unmarshal(reader)?) 211 } 212 HandshakeType::ServerKeyExchange => HandshakeMessage::ServerKeyExchange( 213 HandshakeMessageServerKeyExchange::unmarshal(reader)?, 214 ), 215 HandshakeType::CertificateRequest => HandshakeMessage::CertificateRequest( 216 HandshakeMessageCertificateRequest::unmarshal(reader)?, 217 ), 218 HandshakeType::ServerHelloDone => HandshakeMessage::ServerHelloDone( 219 HandshakeMessageServerHelloDone::unmarshal(reader)?, 220 ), 221 HandshakeType::CertificateVerify => HandshakeMessage::CertificateVerify( 222 HandshakeMessageCertificateVerify::unmarshal(reader)?, 223 ), 224 HandshakeType::ClientKeyExchange => HandshakeMessage::ClientKeyExchange( 225 HandshakeMessageClientKeyExchange::unmarshal(reader)?, 226 ), 227 HandshakeType::Finished => { 228 HandshakeMessage::Finished(HandshakeMessageFinished::unmarshal(reader)?) 229 } 230 _ => return Err(Error::ErrNotImplemented), 231 }; 232 233 Ok(Handshake { 234 handshake_header, 235 handshake_message, 236 }) 237 } 238 } 239