/*
* Read a counterparty client hello
*/
Client_Hello::Client_Hello(const std::vector<uint8_t>& buf)
{
if(buf.size() < 41)
throw Decoding_Error("Client_Hello: Packet corrupted");
TLS_Data_Reader reader("ClientHello", buf);
const uint8_t major_version = reader.get_byte();
const uint8_t minor_version = reader.get_byte();
m_version = Protocol_Version(major_version, minor_version);
m_random = reader.get_fixed<uint8_t>(32);
m_session_id = reader.get_range<uint8_t>(1, 0, 32);
if(m_version.is_datagram_protocol())
m_hello_cookie = reader.get_range<uint8_t>(1, 0, 255);
m_suites = reader.get_range_vector<uint16_t>(2, 1, 32767);
m_comp_methods = reader.get_range_vector<uint8_t>(1, 1, 255);
m_extensions.deserialize(reader);
if(offered_suite(static_cast<uint16_t>(TLS_EMPTY_RENEGOTIATION_INFO_SCSV)))
{
if(Renegotiation_Extension* reneg = m_extensions.get<Renegotiation_Extension>())
{
if(!reneg->renegotiation_info().empty())
throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
"Client sent renegotiation SCSV and non-empty extension");
}
else
{
// add fake extension
m_extensions.add(new Renegotiation_Extension());
}
}
// Parsing complete, now any additional decoding checks
if(m_version.supports_negotiable_signature_algorithms() == false)
{
if(m_extensions.has<Signature_Algorithms>())
throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
"Client sent signature_algorithms extension in version that doesn't support it");
}
}
/*
* Deserialize a Server Hello message
*/
Server_Hello::Server_Hello(const std::vector<byte>& buf)
{
if(buf.size() < 38)
throw Decoding_Error("Server_Hello: Packet corrupted");
TLS_Data_Reader reader("ServerHello", buf);
const byte major_version = reader.get_byte();
const byte minor_version = reader.get_byte();
m_version = Protocol_Version(major_version, minor_version);
m_random = reader.get_fixed<byte>(32);
m_session_id = reader.get_range<byte>(1, 0, 32);
m_ciphersuite = reader.get_u16bit();
m_comp_method = reader.get_byte();
m_extensions.deserialize(reader);
}