Botan 3.5.0
Crypto and TLS for C&
|
#include <tls_record_layer_13.h>
Public Types | |
template<typename ResT > | |
using | ReadResult = std::variant<BytesNeeded, ResT> |
Public Member Functions | |
void | clear_read_buffer () |
void | copy_data (std::span< const uint8_t > data_from_peer) |
void | disable_receiving_compat_mode () |
void | disable_sending_compat_mode () |
ReadResult< Record > | next_record (Cipher_State *cipher_state=nullptr) |
std::vector< uint8_t > | prepare_records (Record_Type type, std::span< const uint8_t > data, Cipher_State *cipher_state=nullptr) const |
Record_Layer (Connection_Side side) | |
void | set_record_size_limits (uint16_t outgoing_limit, uint16_t incoming_limit) |
Implementation of the TLS 1.3 record protocol layer
This component transforms bytes received from the peer into bytes containing plaintext TLS messages and vice versa.
Definition at line 46 of file tls_record_layer_13.h.
using Botan::TLS::Record_Layer::ReadResult = std::variant<BytesNeeded, ResT> |
Definition at line 51 of file tls_record_layer_13.h.
Botan::TLS::Record_Layer::Record_Layer | ( | Connection_Side | side | ) |
Definition at line 143 of file tls_record_layer_13.cpp.
|
inline |
Clears any data currently stored in the read buffer. This is typically used for memory cleanup when the peer sent a CloseNotify alert.
Definition at line 82 of file tls_record_layer_13.h.
References Botan::zap().
void Botan::TLS::Record_Layer::copy_data | ( | std::span< const uint8_t > | data_from_peer | ) |
Reads data that was received by the peer and stores it internally for further processing during the invocation of next_record()
.
data_from_peer | The data to be parsed. |
Definition at line 170 of file tls_record_layer_13.cpp.
Referenced by Botan::TLS::Channel_Impl_13::from_peer().
|
inline |
Definition at line 101 of file tls_record_layer_13.h.
Referenced by Botan::TLS::Channel_Impl_13::from_peer().
|
inline |
Definition at line 99 of file tls_record_layer_13.h.
Record_Layer::ReadResult< Record > Botan::TLS::Record_Layer::next_record | ( | Cipher_State * | cipher_state = nullptr | ) |
Parses one record off the internal buffer that is being filled using copy_data
.
Return value contains either the number of bytes (size_t
) needed to proceed with processing TLS records or a single plaintext TLS record content containing higher level protocol or application data.
cipher_state | Optional pointer to a Cipher_State instance. If provided, the cipher_state should be ready to decrypt data. Pass nullptr to process plaintext data. |
Definition at line 279 of file tls_record_layer_13.cpp.
References Botan::TLS::Alert, Botan::TLS::ApplicationData, Botan::TLS::ChangeCipherSpec, Botan::TLS::Cipher_State::decrypt_output_length(), Botan::TLS::Cipher_State::decrypt_record_fragment(), Botan::TLS::Record::fragment, Botan::TLS::Cipher_State::minimum_decryption_input_length(), Botan::TLS::Cipher_State::must_expect_unprotected_alert_traffic(), Botan::TLS::Record::seq_no, Botan::TLS::TLS_HEADER_SIZE, and Botan::TLS::Record::type.
Referenced by Botan::TLS::Channel_Impl_13::from_peer().
std::vector< uint8_t > Botan::TLS::Record_Layer::prepare_records | ( | Record_Type | type, |
std::span< const uint8_t > | data, | ||
Cipher_State * | cipher_state = nullptr ) const |
Definition at line 174 of file tls_record_layer_13.cpp.
References Botan::TLS::ApplicationData, BOTAN_ASSERT, BOTAN_ASSERT_NOMSG, Botan::TLS::ChangeCipherSpec, Botan::TLS::Cipher_State::encrypt_output_length(), Botan::TLS::Cipher_State::encrypt_record_fragment(), Botan::TLS::MAX_PLAINTEXT_SIZE, and Botan::TLS::TLS_HEADER_SIZE.
void Botan::TLS::Record_Layer::set_record_size_limits | ( | uint16_t | outgoing_limit, |
uint16_t | incoming_limit ) |
Set the record size limits as negotiated by the "record_size_limit" extension (RFC 8449). The limits refer to the number of plaintext bytes to be encrypted/decrypted – INCLUDING the encrypted content type byte introduced with TLS 1.3. The record size limit is not applied to unprotected records. Incoming records that exceed the set limit will result in a fatal alert.
outgoing_limit | the maximal number of plaintext bytes to be sent in a protected record |
incoming_limit | the maximal number of plaintext bytes to be accepted in a received protected record |
Definition at line 368 of file tls_record_layer_13.cpp.
References BOTAN_ARG_CHECK, and Botan::TLS::MAX_PLAINTEXT_SIZE.
Referenced by Botan::TLS::Channel_Impl_13::set_record_size_limits().