9#ifndef BOTAN_TLS_CHANNEL_H_
10#define BOTAN_TLS_CHANNEL_H_
12#include <botan/tls_session.h>
13#include <botan/tls_alert.h>
14#include <botan/tls_session_manager.h>
15#include <botan/tls_callbacks.h>
16#include <botan/x509cert.h>
26class Connection_Cipher_State;
27class Connection_Sequence_Numbers;
29class Handshake_Message;
40 typedef std::function<void (
const uint8_t[],
size_t)>
output_fn;
41 typedef std::function<void (
const uint8_t[],
size_t)>
data_cb;
67 size_t io_buf_sz = IO_BUF_DEFAULT_SIZE);
85 size_t io_buf_sz = IO_BUF_DEFAULT_SIZE);
98 size_t received_data(
const uint8_t buf[],
size_t buf_size);
105 size_t received_data(
const std::vector<uint8_t>& buf);
111 void send(
const uint8_t buf[],
size_t buf_size);
117 void send(
const std::string& val);
123 template<
typename Alloc>
124 void send(
const std::vector<unsigned char, Alloc>& val)
126 send(val.data(), val.size());
134 void send_alert(
const Alert& alert);
154 bool is_active()
const;
159 bool is_closed()
const;
164 std::vector<X509_Certificate> peer_cert_chain()
const;
173 SymmetricKey key_material_export(
const std::string& label,
174 const std::string& context,
175 size_t length)
const;
182 void renegotiate(
bool force_full_renegotiation =
false);
188 bool secure_renegotiation_supported()
const;
196 bool timeout_check();
205 const std::vector<uint8_t>& contents,
206 bool epoch0_restart) = 0;
209 bool force_full_renegotiation) = 0;
211 virtual std::vector<X509_Certificate>
220 void activate_session();
228 void secure_renegotiation_check(
const Client_Hello* client_hello);
229 void secure_renegotiation_check(
const Server_Hello* server_hello);
231 std::vector<uint8_t> secure_renegotiation_data_for_client_hello()
const;
232 std::vector<uint8_t> secure_renegotiation_data_for_server_hello()
const;
240 bool save_session(
const Session& session);
244 void reset_active_association_state();
247 void init(
size_t io_buf_sze);
249 void send_record(uint8_t record_type,
const std::vector<uint8_t>& record);
251 void send_record_under_epoch(uint16_t epoch, uint8_t record_type,
252 const std::vector<uint8_t>& record);
254 void send_record_array(uint16_t epoch, uint8_t record_type,
255 const uint8_t input[],
size_t length);
258 uint16_t epoch, uint8_t
type,
const uint8_t input[],
size_t length);
264 std::shared_ptr<Connection_Cipher_State> read_cipher_state_epoch(uint16_t epoch)
const;
266 std::shared_ptr<Connection_Cipher_State> write_cipher_state_epoch(uint16_t epoch)
const;
268 const Handshake_State* active_state()
const {
return m_active_state.get(); }
270 const Handshake_State* pending_state()
const {
return m_pending_state.get(); }
273 void process_handshake_ccs(
const secure_vector<uint8_t>& record,
274 uint64_t record_sequence,
276 Protocol_Version record_version,
277 bool epoch0_restart);
279 void process_application_data(uint64_t req_no,
const secure_vector<uint8_t>& record);
281 void process_alert(
const secure_vector<uint8_t>& record);
283 const bool m_is_server;
284 const bool m_is_datagram;
287 std::unique_ptr<Compat_Callbacks> m_compat_callbacks;
288 Callbacks& m_callbacks;
291 Session_Manager& m_session_manager;
292 const Policy& m_policy;
293 RandomNumberGenerator& m_rng;
296 std::unique_ptr<Connection_Sequence_Numbers> m_sequence_numbers;
299 std::unique_ptr<Handshake_State> m_active_state;
300 std::unique_ptr<Handshake_State> m_pending_state;
303 std::map<uint16_t, std::shared_ptr<Connection_Cipher_State>> m_write_cipher_states;
304 std::map<uint16_t, std::shared_ptr<Connection_Cipher_State>> m_read_cipher_states;
307 secure_vector<uint8_t> m_writebuf;
308 secure_vector<uint8_t> m_readbuf;
309 secure_vector<uint8_t> m_record_buf;
311 bool m_has_been_closed;
void send(const std::vector< unsigned char, Alloc > &val)
virtual Handshake_State * new_handshake_state(class Handshake_IO *io)=0
virtual std::vector< X509_Certificate > get_peer_cert_chain(const Handshake_State &state) const =0
void send_warning_alert(Alert::Type type)
Callbacks & callbacks() const
virtual void initiate_handshake(Handshake_State &state, bool force_full_renegotiation)=0
virtual std::string application_protocol() const =0
void inspect_handshake_message(const Handshake_Message &msg)
std::function< bool(const Session &)> handshake_cb
virtual void process_handshake_msg(const Handshake_State *active_state, Handshake_State &pending_state, Handshake_Type type, const std::vector< uint8_t > &contents, bool epoch0_restart)=0
Channel & operator=(const Channel &)=delete
std::function< void(Alert, const uint8_t[], size_t)> alert_cb
Session_Manager & session_manager()
std::function< void(const Handshake_Message &)> handshake_msg_cb
Channel(const Channel &)=delete
void send_fatal_alert(Alert::Type type)
const Policy & policy() const
RandomNumberGenerator & rng()
std::function< void(const uint8_t[], size_t)> output_fn
static size_t IO_BUF_DEFAULT_SIZE
std::function< void(const uint8_t[], size_t)> data_cb
#define BOTAN_PUBLIC_API(maj, min)
void write_record(secure_vector< uint8_t > &output, uint8_t record_type, Protocol_Version version, uint64_t record_sequence, const uint8_t *message, size_t message_len, Connection_Cipher_State &cs, RandomNumberGenerator &rng)