#include <tls_channel.h>
|
virtual size_t | from_peer (std::span< const uint8_t > data)=0 |
|
virtual void | to_peer (std::span< const uint8_t > data)=0 |
|
Generic interface for TLS endpoint
Definition at line 30 of file tls_channel.h.
◆ ~Channel()
virtual Botan::TLS::Channel::~Channel |
( |
| ) |
|
|
virtualdefault |
◆ application_protocol()
virtual std::string Botan::TLS::Channel::application_protocol |
( |
| ) |
const |
|
pure virtual |
◆ close()
virtual void Botan::TLS::Channel::close |
( |
| ) |
|
|
pure virtual |
◆ external_psk_identity()
virtual std::optional< std::string > Botan::TLS::Channel::external_psk_identity |
( |
| ) |
const |
|
pure virtual |
◆ from_peer()
virtual size_t Botan::TLS::Channel::from_peer |
( |
std::span< const uint8_t > | data | ) |
|
|
protectedpure virtual |
◆ is_active()
virtual bool Botan::TLS::Channel::is_active |
( |
| ) |
const |
|
pure virtual |
Check whether the connection is ready to send application data. Note that a TLS 1.3 server MAY send data before receiving the client's Finished message. Only after receiving the client's Finished, can the server be sure about the client's liveness and (optional) identity.
Consider using is_handshake_complete() if you need to wait until the handshake if fully complete.
- Returns
- true iff the connection is active for sending application data
Implemented in Botan::TLS::Client, and Botan::TLS::Server.
◆ is_closed()
virtual bool Botan::TLS::Channel::is_closed |
( |
| ) |
const |
|
pure virtual |
Note: For TLS 1.3 a connection is closed only after both peers have signaled a "close_notify". While TLS 1.2 automatically responded in suit once the peer had sent "close_notify", TLS 1.3 allows to continue transmitting data even if the peer closed their writing end.
- Returns
- true iff the connection has been definitely closed
Implemented in Botan::TLS::Client, and Botan::TLS::Server.
◆ is_closed_for_reading()
virtual bool Botan::TLS::Channel::is_closed_for_reading |
( |
| ) |
const |
|
pure virtual |
◆ is_closed_for_writing()
virtual bool Botan::TLS::Channel::is_closed_for_writing |
( |
| ) |
const |
|
pure virtual |
◆ is_handshake_complete()
virtual bool Botan::TLS::Channel::is_handshake_complete |
( |
| ) |
const |
|
pure virtual |
Becomes true as soon as the TLS handshake is fully complete and all security assurances TLS provides can be guaranteed.
- Returns
- true once the TLS handshake has finished successfully
Implemented in Botan::TLS::Client, and Botan::TLS::Server.
◆ key_material_export()
virtual SymmetricKey Botan::TLS::Channel::key_material_export |
( |
std::string_view | label, |
|
|
std::string_view | context, |
|
|
size_t | length ) const |
|
pure virtual |
Key material export (RFC 5705)
- Parameters
-
label | a disambiguating label string |
context | a per-association context value |
length | the length of the desired key in bytes |
- Returns
- key of length bytes
Implemented in Botan::TLS::Client, and Botan::TLS::Server.
◆ peer_cert_chain()
virtual std::vector< X509_Certificate > Botan::TLS::Channel::peer_cert_chain |
( |
| ) |
const |
|
pure virtual |
◆ peer_raw_public_key()
virtual std::shared_ptr< const Public_Key > Botan::TLS::Channel::peer_raw_public_key |
( |
| ) |
const |
|
pure virtual |
◆ received_data() [1/2]
size_t Botan::TLS::Channel::received_data |
( |
const uint8_t | buf[], |
|
|
size_t | buf_size ) |
|
inline |
Definition at line 48 of file tls_channel.h.
48{
return this->
from_peer(std::span(buf, buf_size)); }
virtual size_t from_peer(std::span< const uint8_t > data)=0
◆ received_data() [2/2]
size_t Botan::TLS::Channel::received_data |
( |
std::span< const uint8_t > | data | ) |
|
|
inline |
Inject TLS traffic received from counterparty
- Returns
- a hint as to how many more bytes we need to process the current record (this may be 0 if on a record boundary)
Definition at line 46 of file tls_channel.h.
◆ renegotiate()
virtual void Botan::TLS::Channel::renegotiate |
( |
bool | force_full_renegotiation = false | ) |
|
|
pure virtual |
Attempt to renegotiate the session
- Parameters
-
force_full_renegotiation | if true, require a full renegotiation, otherwise allow session resumption |
Implemented in Botan::TLS::Client, and Botan::TLS::Server.
◆ secure_renegotiation_supported()
virtual bool Botan::TLS::Channel::secure_renegotiation_supported |
( |
| ) |
const |
|
pure virtual |
◆ send() [1/3]
void Botan::TLS::Channel::send |
( |
const uint8_t | buf[], |
|
|
size_t | buf_size ) |
|
inline |
Definition at line 56 of file tls_channel.h.
56{ this->
to_peer(std::span(buf, buf_size)); }
virtual void to_peer(std::span< const uint8_t > data)=0
◆ send() [2/3]
void Botan::TLS::Channel::send |
( |
std::span< const uint8_t > | data | ) |
|
|
inline |
Inject plaintext intended for counterparty Throws an exception if is_active() is false
Definition at line 54 of file tls_channel.h.
◆ send() [3/3]
void Botan::TLS::Channel::send |
( |
std::string_view | val | ) |
|
|
inline |
◆ send_alert()
virtual void Botan::TLS::Channel::send_alert |
( |
const Alert & | alert | ) |
|
|
pure virtual |
Inject plaintext intended for counterparty Throws an exception if is_active() is false Send a TLS alert message. If the alert is fatal, the internal state (keys, etc) will be reset.
- Parameters
-
Implemented in Botan::TLS::Client, and Botan::TLS::Server.
◆ send_fatal_alert()
virtual void Botan::TLS::Channel::send_fatal_alert |
( |
Alert::Type | type | ) |
|
|
pure virtual |
◆ send_warning_alert()
virtual void Botan::TLS::Channel::send_warning_alert |
( |
Alert::Type | type | ) |
|
|
pure virtual |
◆ timeout_check()
virtual bool Botan::TLS::Channel::timeout_check |
( |
| ) |
|
|
pure virtual |
Perform a handshake timeout check. This does nothing unless this is a DTLS channel with a pending handshake state, in which case we check for timeout and potentially retransmit handshake packets.
Implemented in Botan::TLS::Client, and Botan::TLS::Server.
◆ to_peer()
virtual void Botan::TLS::Channel::to_peer |
( |
std::span< const uint8_t > | data | ) |
|
|
protectedpure virtual |
◆ update_traffic_keys()
virtual void Botan::TLS::Channel::update_traffic_keys |
( |
bool | request_peer_update = false | ) |
|
|
pure virtual |
Attempt to update the session's traffic key material Note that this is possible with a TLS 1.3 channel, only.
- Parameters
-
request_peer_update | if true, require a reciprocal key update |
Implemented in Botan::TLS::Client, and Botan::TLS::Server.
◆ IO_BUF_DEFAULT_SIZE
size_t Botan::TLS::Channel::IO_BUF_DEFAULT_SIZE = 10 * 1024 |
|
staticconstexpr |
The documentation for this class was generated from the following file: