74 static std::unique_ptr<Cipher_State> init_with_psk(
Connection_Side side,
77 std::string_view prf_algo);
82 static std::unique_ptr<Cipher_State> init_with_server_hello(
Connection_Side side,
96 void advance_with_server_hello(
const Ciphersuite& cipher,
103 void advance_with_server_finished(
const Transcript_Hash& transcript_hash);
108 void advance_with_client_finished(
const Transcript_Hash& transcript_hash);
128 uint64_t decrypt_record_fragment(
const std::vector<uint8_t>& header,
secure_vector<uint8_t>& encrypted_fragment);
133 size_t encrypt_output_length(
size_t input_length)
const;
138 size_t decrypt_output_length(
size_t input_length)
const;
143 size_t minimum_decryption_input_length()
const;
150 std::vector<uint8_t> psk_binder_mac(
const Transcript_Hash& transcript_hash_with_truncated_client_hello)
const;
155 std::vector<uint8_t> finished_mac(
const Transcript_Hash& transcript_hash)
const;
160 bool verify_peer_finished_mac(
const Transcript_Hash& transcript_hash,
const std::vector<uint8_t>& peer_mac)
const;
196 return (m_state == State::EarlyTraffic || m_state == State::ServerApplicationTraffic ||
197 m_state == State::Completed) &&
198 !m_exporter_master_secret.empty();
204 bool must_expect_unprotected_alert_traffic()
const;
209 bool can_encrypt_application_traffic()
const;
214 bool can_decrypt_application_traffic()
const;
219 std::string hash_algorithm()
const;
228 bool is_compatible_with(
const Ciphersuite& cipher)
const;
237 void update_read_keys();
246 void update_write_keys();
251 void clear_read_keys();
256 void clear_write_keys();
266 void advance_without_psk();
269 bool handshake_traffic_secret =
false);
270 void derive_read_traffic_key(
const secure_vector<uint8_t>& traffic_secret,
bool handshake_traffic_secret =
false);
281 std::string_view label,
282 const std::vector<uint8_t>& context,
283 size_t length)
const;
289 std::string_view label,
292 std::vector<uint8_t> empty_hash()
const;
300 ServerApplicationTraffic,
306 Connection_Side m_connection_side;
311 std::unique_ptr<HKDF_Extract> m_extract;
312 std::unique_ptr<HKDF_Expand> m_expand;
313 std::unique_ptr<HashFunction> m_hash;
325 uint64_t m_write_seq_no;
326 uint64_t m_read_seq_no;
328 uint16_t m_ticket_nonce;
secure_vector< uint8_t > hkdf_expand_label(std::string_view hash_fn, const uint8_t secret[], size_t secret_len, std::string_view label, const uint8_t hash_val[], size_t hash_val_len, size_t length)