use crate::msgs::handshake::CertificatePayload; use crate::msgs::handshake::DigitallySignedStruct; use crate::msgs::handshake::SessionID; use crate::msgs::handshake::SCTList; use crate::msgs::handshake::ServerExtension; use crate::msgs::handshake::ClientExtension; use crate::msgs::persist; use crate::msgs::enums::ExtensionType; use crate::msgs::enums::NamedGroup; use crate::session::SessionRandoms; use crate::hash_hs; use crate::sign; use crate::suites; #[cfg(feature = "logging")] use crate::log::trace; use webpki; use std::mem; pub struct ServerCertDetails { pub cert_chain: CertificatePayload, pub ocsp_response: Vec, pub scts: Option, } impl ServerCertDetails { pub fn new() -> ServerCertDetails { ServerCertDetails { cert_chain: Vec::new(), ocsp_response: Vec::new(), scts: None, } } pub fn take_chain(&mut self) -> CertificatePayload { mem::replace(&mut self.cert_chain, Vec::new()) } } pub struct ServerKXDetails { pub kx_params: Vec, pub kx_sig: DigitallySignedStruct, } impl ServerKXDetails { pub fn new(params: Vec, sig: DigitallySignedStruct) -> ServerKXDetails { ServerKXDetails { kx_params: params, kx_sig: sig, } } } pub struct HandshakeDetails { pub resuming_session: Option, pub transcript: hash_hs::HandshakeHash, pub hash_at_client_recvd_server_hello: Vec, pub randoms: SessionRandoms, pub using_ems: bool, pub session_id: SessionID, pub sent_tls13_fake_ccs: bool, pub dns_name: webpki::DNSName, pub extra_exts: Vec, } impl HandshakeDetails { pub fn new(host_name: webpki::DNSName, extra_exts: Vec) -> HandshakeDetails { HandshakeDetails { resuming_session: None, transcript: hash_hs::HandshakeHash::new(), hash_at_client_recvd_server_hello: Vec::new(), randoms: SessionRandoms::for_client(), using_ems: false, session_id: SessionID::empty(), sent_tls13_fake_ccs: false, dns_name: host_name, extra_exts, } } } pub struct ClientHelloDetails { pub sent_extensions: Vec, pub offered_key_shares: Vec, } impl ClientHelloDetails { pub fn new() -> ClientHelloDetails { ClientHelloDetails { sent_extensions: Vec::new(), offered_key_shares: Vec::new(), } } pub fn has_key_share(&self, group: NamedGroup) -> bool { self.offered_key_shares .iter() .any(|share| share.group == group) } pub fn find_key_share(&mut self, group: NamedGroup) -> Option { self.offered_key_shares.iter() .position(|s| s.group == group) .map(|idx| self.offered_key_shares.remove(idx)) } pub fn find_key_share_and_discard_others(&mut self, group: NamedGroup) -> Option { match self.find_key_share(group) { Some(group) => { self.offered_key_shares.clear(); Some(group) } None => { None } } } pub fn server_sent_unsolicited_extensions(&self, received_exts: &[ServerExtension], allowed_unsolicited: &[ExtensionType]) -> bool { for ext in received_exts { let ext_type = ext.get_type(); if !self.sent_extensions.contains(&ext_type) && !allowed_unsolicited.contains(&ext_type) { trace!("Unsolicited extension {:?}", ext_type); return true; } } false } } pub struct ReceivedTicketDetails { pub new_ticket: Vec, pub new_ticket_lifetime: u32, } impl ReceivedTicketDetails { pub fn new() -> ReceivedTicketDetails { ReceivedTicketDetails::from(Vec::new(), 0) } pub fn from(ticket: Vec, lifetime: u32) -> ReceivedTicketDetails { ReceivedTicketDetails { new_ticket: ticket, new_ticket_lifetime: lifetime, } } } pub struct ClientAuthDetails { pub cert: Option, pub signer: Option>, pub auth_context: Option>, } impl ClientAuthDetails { pub fn new() -> ClientAuthDetails { ClientAuthDetails { cert: None, signer: None, auth_context: None, } } }