Botan
2.9.0
Crypto and TLS for C++11
|
#include <tls_client.h>
Public Types | |
typedef std::function< void(Alert, const uint8_t[], size_t)> | alert_cb |
typedef std::function< void(const uint8_t[], size_t)> | data_cb |
typedef std::function< bool(const Session &)> | handshake_cb |
typedef std::function< void(const Handshake_Message &)> | handshake_msg_cb |
typedef std::function< void(const uint8_t[], size_t)> | output_fn |
Public Member Functions | |
const std::string & | application_protocol () const |
Client (Callbacks &callbacks, Session_Manager &session_manager, Credentials_Manager &creds, const Policy &policy, RandomNumberGenerator &rng, const Server_Information &server_info=Server_Information(), const Protocol_Version &offer_version=Protocol_Version::latest_tls_version(), const std::vector< std::string > &next_protocols={}, size_t reserved_io_buffer_size=TLS::Client::IO_BUF_DEFAULT_SIZE) | |
Client (output_fn data_output_fn, data_cb app_data_cb, alert_cb recv_alert_cb, handshake_cb hs_cb, Session_Manager &session_manager, Credentials_Manager &creds, const Policy &policy, RandomNumberGenerator &rng, const Server_Information &server_info=Server_Information(), const Protocol_Version &offer_version=Protocol_Version::latest_tls_version(), const std::vector< std::string > &next_protocols={}, size_t reserved_io_buffer_size=TLS::Client::IO_BUF_DEFAULT_SIZE) | |
Client (output_fn out, data_cb app_data_cb, alert_cb alert_cb, handshake_cb hs_cb, handshake_msg_cb hs_msg_cb, Session_Manager &session_manager, Credentials_Manager &creds, const Policy &policy, RandomNumberGenerator &rng, const Server_Information &server_info=Server_Information(), const Protocol_Version &offer_version=Protocol_Version::latest_tls_version(), const std::vector< std::string > &next_protocols={}) | |
void | close () |
bool | is_active () const |
bool | is_closed () const |
SymmetricKey | key_material_export (const std::string &label, const std::string &context, size_t length) const |
std::vector< X509_Certificate > | peer_cert_chain () const |
size_t | received_data (const uint8_t buf[], size_t buf_size) |
size_t | received_data (const std::vector< uint8_t > &buf) |
void | renegotiate (bool force_full_renegotiation=false) |
bool | secure_renegotiation_supported () const |
void | send (const uint8_t buf[], size_t buf_size) |
void | send (const std::string &val) |
template<typename Alloc > | |
void | send (const std::vector< unsigned char, Alloc > &val) |
void | send_alert (const Alert &alert) |
void | send_fatal_alert (Alert::Type type) |
void | send_warning_alert (Alert::Type type) |
bool | timeout_check () |
Static Public Attributes | |
static size_t | IO_BUF_DEFAULT_SIZE = 10*1024 |
Protected Member Functions | |
void | activate_session () |
Callbacks & | callbacks () const |
void | change_cipher_spec_reader (Connection_Side side) |
void | change_cipher_spec_writer (Connection_Side side) |
Handshake_State & | create_handshake_state (Protocol_Version version) |
void | inspect_handshake_message (const Handshake_Message &msg) |
const Policy & | policy () const |
RandomNumberGenerator & | rng () |
bool | save_session (const Session &session) |
void | secure_renegotiation_check (const Client_Hello *client_hello) |
void | secure_renegotiation_check (const Server_Hello *server_hello) |
std::vector< uint8_t > | secure_renegotiation_data_for_client_hello () const |
std::vector< uint8_t > | secure_renegotiation_data_for_server_hello () const |
Session_Manager & | session_manager () |
SSL/TLS Client
Definition at line 24 of file tls_client.h.
|
inherited |
Definition at line 42 of file tls_channel.h.
|
inherited |
Definition at line 41 of file tls_channel.h.
|
inherited |
Definition at line 43 of file tls_channel.h.
|
inherited |
Definition at line 44 of file tls_channel.h.
|
inherited |
Definition at line 40 of file tls_channel.h.
Botan::TLS::Client::Client | ( | Callbacks & | callbacks, |
Session_Manager & | session_manager, | ||
Credentials_Manager & | creds, | ||
const Policy & | policy, | ||
RandomNumberGenerator & | rng, | ||
const Server_Information & | server_info = Server_Information() , |
||
const Protocol_Version & | offer_version = Protocol_Version::latest_tls_version() , |
||
const std::vector< std::string > & | next_protocols = {} , |
||
size_t | reserved_io_buffer_size = TLS::Client::IO_BUF_DEFAULT_SIZE |
||
) |
Set up a new TLS client session
callbacks | contains a set of callback function references required by the TLS client. |
session_manager | manages session state |
creds | manages application/user credentials |
policy | specifies other connection policy information |
rng | a random number generator |
server_info | is identifying information about the TLS server |
offer_version | specifies which version we will offer to the TLS server. |
next_protocols | specifies protocols to advertise with ALPN |
reserved_io_buffer_size | This many bytes of memory will be preallocated for the read and write buffers. Smaller values just mean reallocations and copies are more likely. |
Definition at line 50 of file tls_client.cpp.
Botan::TLS::Client::Client | ( | output_fn | data_output_fn, |
data_cb | app_data_cb, | ||
alert_cb | recv_alert_cb, | ||
handshake_cb | hs_cb, | ||
Session_Manager & | session_manager, | ||
Credentials_Manager & | creds, | ||
const Policy & | policy, | ||
RandomNumberGenerator & | rng, | ||
const Server_Information & | server_info = Server_Information() , |
||
const Protocol_Version & | offer_version = Protocol_Version::latest_tls_version() , |
||
const std::vector< std::string > & | next_protocols = {} , |
||
size_t | reserved_io_buffer_size = TLS::Client::IO_BUF_DEFAULT_SIZE |
||
) |
DEPRECATED. This constructor is only provided for backward compatibility and should not be used in new code. It will be removed in a future release.
Set up a new TLS client session
data_output_fn | is called with data for the outbound socket |
app_data_cb | is called when new application data is received |
recv_alert_cb | is called when a TLS alert is received |
hs_cb | is called when a handshake is completed |
session_manager | manages session state |
creds | manages application/user credentials |
policy | specifies other connection policy information |
rng | a random number generator |
server_info | is identifying information about the TLS server |
offer_version | specifies which version we will offer to the TLS server. |
next_protocols | specifies protocols to advertise with ALPN |
reserved_io_buffer_size | This many bytes of memory will be preallocated for the read and write buffers. Smaller values just mean reallocations and copies are more likely. |
Definition at line 67 of file tls_client.cpp.
Botan::TLS::Client::Client | ( | output_fn | out, |
data_cb | app_data_cb, | ||
alert_cb | alert_cb, | ||
handshake_cb | hs_cb, | ||
handshake_msg_cb | hs_msg_cb, | ||
Session_Manager & | session_manager, | ||
Credentials_Manager & | creds, | ||
const Policy & | policy, | ||
RandomNumberGenerator & | rng, | ||
const Server_Information & | server_info = Server_Information() , |
||
const Protocol_Version & | offer_version = Protocol_Version::latest_tls_version() , |
||
const std::vector< std::string > & | next_protocols = {} |
||
) |
DEPRECATED. This constructor is only provided for backward compatibility and should not be used in new implementations.
Definition at line 87 of file tls_client.cpp.
|
protectedinherited |
Definition at line 272 of file tls_channel.cpp.
References Botan::TLS::Channel::callbacks(), Botan::TLS::Connection_Sequence_Numbers::current_write_epoch(), Botan::map_remove_if(), and Botan::TLS::Callbacks::tls_session_activated().
|
inline |
Definition at line 135 of file tls_client.h.
|
inlineprotectedinherited |
Definition at line 242 of file tls_channel.h.
Referenced by Botan::TLS::Channel::activate_session(), and Botan::TLS::Channel::save_session().
|
protectedinherited |
Definition at line 196 of file tls_channel.cpp.
References BOTAN_ASSERT, Botan::TLS::CLIENT, Botan::TLS::Connection_Sequence_Numbers::current_read_epoch(), Botan::TLS::Connection_Sequence_Numbers::new_read_cipher_state(), and Botan::TLS::SERVER.
|
protectedinherited |
Definition at line 225 of file tls_channel.cpp.
References BOTAN_ASSERT, Botan::TLS::Connection_Sequence_Numbers::current_write_epoch(), and Botan::TLS::Connection_Sequence_Numbers::new_write_cipher_state().
|
inlineinherited |
Send a close notification alert
Definition at line 151 of file tls_channel.h.
References Botan::TLS::Alert::CLOSE_NOTIFY.
|
protectedinherited |
Definition at line 125 of file tls_channel.cpp.
References Botan::TLS::Protocol_Version::is_datagram_protocol(), Botan::TLS::Channel::new_handshake_state(), Botan::TLS::Alert::PROTOCOL_VERSION, and Botan::TLS::Protocol_Version::to_string().
Referenced by Botan::TLS::Channel::renegotiate().
|
protectedinherited |
|
inherited |
Definition at line 253 of file tls_channel.cpp.
Referenced by Botan::TLS::Blocking_Client::do_handshake(), and Botan::TLS::Channel::send().
|
inherited |
Definition at line 258 of file tls_channel.cpp.
Referenced by Botan::TLS::Blocking_Client::do_handshake(), Botan::TLS::Blocking_Client::read(), Botan::TLS::Channel::received_data(), and Botan::TLS::Channel::send_alert().
|
inherited |
Key material export (RFC 5705)
label | a disambiguating label string |
context | a per-association context value |
length | the length of the desired key in bytes |
Definition at line 663 of file tls_channel.cpp.
References Botan::get_byte(), Botan::OctetString::length(), and Botan::to_byte_vector().
|
inherited |
Definition at line 113 of file tls_channel.cpp.
References Botan::TLS::Channel::get_peer_cert_chain().
|
inlineprotectedinherited |
Definition at line 238 of file tls_channel.h.
|
inherited |
Inject TLS traffic received from counterparty
Definition at line 297 of file tls_channel.cpp.
References Botan::TLS::ALERT, Botan::TLS::APPLICATION_DATA, Botan::TLS::Alert::BAD_RECORD_MAC, BOTAN_ASSERT, Botan::TLS::CHANGE_CIPHER_SPEC, Botan::TLS::Alert::DECODE_ERROR, Botan::TLS::HANDSHAKE, Botan::TLS::Alert::INTERNAL_ERROR, Botan::TLS::Channel::is_closed(), Botan::TLS::MAX_PLAINTEXT_SIZE, Botan::TLS::NO_RECORD, Botan::TLS::read_record(), Botan::TLS::Alert::RECORD_OVERFLOW, Botan::TLS::Channel::send_fatal_alert(), Botan::ASN1::to_string(), and Botan::TLS::TLS_Exception::type().
Referenced by Botan::TLS::Blocking_Client::do_handshake(), Botan::TLS::Blocking_Client::read(), and Botan::TLS::Channel::received_data().
|
inherited |
Inject TLS traffic received from counterparty
Definition at line 292 of file tls_channel.cpp.
References Botan::TLS::Channel::received_data().
|
inherited |
Attempt to renegotiate the session
force_full_renegotiation | if true, require a full renegotiation, otherwise allow session resumption |
Definition at line 184 of file tls_channel.cpp.
References Botan::TLS::Channel::create_handshake_state(), and Botan::TLS::Channel::initiate_handshake().
|
inlineprotectedinherited |
Definition at line 234 of file tls_channel.h.
|
protectedinherited |
Definition at line 120 of file tls_channel.cpp.
References Botan::TLS::Channel::callbacks(), and Botan::TLS::Callbacks::tls_session_established().
|
protectedinherited |
Definition at line 586 of file tls_channel.cpp.
References Botan::TLS::Alert::HANDSHAKE_FAILURE, Botan::TLS::Client_Hello::renegotiation_info(), Botan::TLS::Client_Hello::secure_renegotiation(), and Botan::TLS::Channel::secure_renegotiation_data_for_client_hello().
|
protectedinherited |
Definition at line 609 of file tls_channel.cpp.
References Botan::TLS::Alert::HANDSHAKE_FAILURE, Botan::TLS::Server_Hello::renegotiation_info(), Botan::TLS::Server_Hello::secure_renegotiation(), and Botan::TLS::Channel::secure_renegotiation_data_for_server_hello().
|
protectedinherited |
Definition at line 632 of file tls_channel.cpp.
Referenced by Botan::TLS::Channel::secure_renegotiation_check().
|
protectedinherited |
Definition at line 639 of file tls_channel.cpp.
Referenced by Botan::TLS::Channel::secure_renegotiation_check().
|
inherited |
Definition at line 651 of file tls_channel.cpp.
|
inherited |
Inject plaintext intended for counterparty Throws an exception if is_active() is false
Definition at line 550 of file tls_channel.cpp.
References Botan::TLS::APPLICATION_DATA, and Botan::TLS::Channel::is_active().
Referenced by Botan::TLS::Channel::send().
|
inherited |
Inject plaintext intended for counterparty Throws an exception if is_active() is false
Definition at line 559 of file tls_channel.cpp.
References Botan::cast_char_ptr_to_uint8(), and Botan::TLS::Channel::send().
|
inlineinherited |
Inject plaintext intended for counterparty Throws an exception if is_active() is false
Definition at line 126 of file tls_channel.h.
|
inherited |
Send a TLS alert message. If the alert is fatal, the internal state (keys, etc) will be reset.
alert | the Alert to send |
Definition at line 564 of file tls_channel.cpp.
References Botan::TLS::ALERT, Botan::TLS::Alert::CLOSE_NOTIFY, Botan::TLS::Channel::is_closed(), Botan::TLS::Alert::is_fatal(), Botan::TLS::Alert::is_valid(), Botan::TLS::Alert::NO_RENEGOTIATION, Botan::TLS::Session_Manager::remove_entry(), Botan::TLS::Alert::serialize(), and Botan::TLS::Alert::type().
|
inlineinherited |
Send a fatal alert
Definition at line 146 of file tls_channel.h.
References type.
Referenced by Botan::TLS::Channel::received_data().
|
inlineinherited |
|
inlineprotectedinherited |
Definition at line 236 of file tls_channel.h.
|
inherited |
Perform a handshake timeout check. This does nothing unless this is a DTLS channel with a pending handshake state, in which case we check for timeout and potentially retransmit handshake packets.
Definition at line 175 of file tls_channel.cpp.
|
staticinherited |
Definition at line 45 of file tls_channel.h.