Botan 3.10.0
Crypto and TLS for C&
tls_client.cpp
Go to the documentation of this file.
1/*
2* TLS Client
3* (C) 2004-2011,2012,2015,2016 Jack Lloyd
4* 2016 Matthias Gierlings
5* 2017 Harry Reimann, Rohde & Schwarz Cybersecurity
6* 2021 Elektrobit Automotive GmbH
7*
8* Botan is released under the Simplified BSD License (see license.txt)
9*/
10
11#include <botan/tls_client.h>
12
13#include <botan/tls_messages.h>
14#include <botan/internal/tls_handshake_state.h>
15
16#include <botan/internal/tls_client_impl_12.h>
17#if defined(BOTAN_HAS_TLS_13)
18 #include <botan/internal/tls_client_impl_13.h>
19#endif
20
21namespace Botan::TLS {
22
23/*
24* TLS Client Constructor
25*/
26Client::Client(const std::shared_ptr<Callbacks>& callbacks,
27 const std::shared_ptr<Session_Manager>& session_manager,
28 const std::shared_ptr<Credentials_Manager>& creds,
29 const std::shared_ptr<const Policy>& policy,
30 const std::shared_ptr<RandomNumberGenerator>& rng,
31 Server_Information info,
32 Protocol_Version offer_version,
33 const std::vector<std::string>& next_protocols,
34 size_t io_buf_sz) {
35 BOTAN_ARG_CHECK(policy->acceptable_protocol_version(offer_version),
36 "Policy does not allow to offer requested protocol version");
37
38#if defined(BOTAN_HAS_TLS_13)
39 if(offer_version == Protocol_Version::TLS_V13) {
40 m_impl = std::make_unique<Client_Impl_13>(
41 callbacks, session_manager, creds, policy, rng, std::move(info), next_protocols);
42
43 if(m_impl->expects_downgrade()) {
44 m_impl->set_io_buffer_size(io_buf_sz);
45 }
46
47 if(m_impl->is_downgrading()) {
48 // TLS 1.3 implementation found a resumable TLS 1.2 session and
49 // requested a downgrade right away.
50 downgrade();
51 }
52
53 return;
54 }
55#endif
56
57 m_impl = std::make_unique<Client_Impl_12>(callbacks,
58 session_manager,
59 creds,
60 policy,
61 rng,
62 std::move(info),
63 offer_version.is_datagram_protocol(),
64 next_protocols,
65 io_buf_sz);
66}
67
68Client::~Client() = default;
69
70size_t Client::downgrade() {
71 BOTAN_ASSERT_NOMSG(m_impl->is_downgrading());
72
73 auto info = m_impl->extract_downgrade_info();
74 m_impl = std::make_unique<Client_Impl_12>(*info);
75
76 if(!info->peer_transcript.empty()) {
77 // replay peer data received so far
78 return m_impl->from_peer(info->peer_transcript);
79 } else {
80 // the downgrade happened due to a resumable TLS 1.2 session
81 // before any data was transferred
82 return 0;
83 }
84}
85
86size_t Client::from_peer(std::span<const uint8_t> data) {
87 auto read = m_impl->from_peer(data);
88
89 if(m_impl->is_downgrading()) {
90 read = downgrade();
91 }
92
93 return read;
94}
95
96bool Client::is_handshake_complete() const {
97 return m_impl->is_handshake_complete();
98}
99
100bool Client::is_active() const {
101 return m_impl->is_active();
102}
103
104bool Client::is_closed() const {
105 return m_impl->is_closed();
106}
107
108bool Client::is_closed_for_reading() const {
109 return m_impl->is_closed_for_reading();
110}
111
112bool Client::is_closed_for_writing() const {
113 return m_impl->is_closed_for_writing();
114}
115
116std::vector<X509_Certificate> Client::peer_cert_chain() const {
117 return m_impl->peer_cert_chain();
118}
119
120std::shared_ptr<const Public_Key> Client::peer_raw_public_key() const {
121 return m_impl->peer_raw_public_key();
122}
123
124std::optional<std::string> Client::external_psk_identity() const {
125 return m_impl->external_psk_identity();
126}
127
128SymmetricKey Client::key_material_export(std::string_view label, std::string_view context, size_t length) const {
129 return m_impl->key_material_export(label, context, length);
130}
131
132void Client::renegotiate(bool force_full_renegotiation) {
133 m_impl->renegotiate(force_full_renegotiation);
134}
135
136void Client::update_traffic_keys(bool request_peer_update) {
137 m_impl->update_traffic_keys(request_peer_update);
138}
139
140bool Client::secure_renegotiation_supported() const {
141 return m_impl->secure_renegotiation_supported();
142}
143
144void Client::to_peer(std::span<const uint8_t> data) {
145 m_impl->to_peer(data);
146}
147
148void Client::send_alert(const Alert& alert) {
149 m_impl->send_alert(alert);
150}
151
152void Client::send_warning_alert(Alert::Type type) {
153 m_impl->send_warning_alert(type);
154}
155
156void Client::send_fatal_alert(Alert::Type type) {
157 m_impl->send_fatal_alert(type);
158}
159
160void Client::close() {
161 m_impl->close();
162}
163
164bool Client::timeout_check() {
165 return m_impl->timeout_check();
166}
167
168std::string Client::application_protocol() const {
169 return m_impl->application_protocol();
170}
171
172} // namespace Botan::TLS
BOTAN_ASSERT_NOMSG
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:75
BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:33
Botan::TLS::Alert::Type
AlertType Type
Definition tls_alert.h:71
Botan::TLS::Client::is_closed_for_reading
bool is_closed_for_reading() const override
Definition tls_client.cpp:108
Botan::TLS::Client::is_handshake_complete
bool is_handshake_complete() const override
Definition tls_client.cpp:96
Botan::TLS::Client::renegotiate
void renegotiate(bool force_full_renegotiation=false) override
Definition tls_client.cpp:132
Botan::TLS::Client::close
void close() override
Definition tls_client.cpp:160
Botan::TLS::Client::application_protocol
std::string application_protocol() const override
Definition tls_client.cpp:168
Botan::TLS::Client::peer_raw_public_key
std::shared_ptr< const Public_Key > peer_raw_public_key() const override
Definition tls_client.cpp:120
Botan::TLS::Client::Client
Client(const std::shared_ptr< Callbacks > &callbacks, const std::shared_ptr< Session_Manager > &session_manager, const std::shared_ptr< Credentials_Manager > &creds, const std::shared_ptr< const Policy > &policy, const std::shared_ptr< RandomNumberGenerator > &rng, Server_Information server_info=Server_Information(), Protocol_Version offer_version=Protocol_Version::latest_tls_version(), const std::vector< std::string > &next_protocols={}, size_t reserved_io_buffer_size=TLS::Client::IO_BUF_DEFAULT_SIZE)
Definition tls_client.cpp:26
Botan::TLS::Client::secure_renegotiation_supported
bool secure_renegotiation_supported() const override
Definition tls_client.cpp:140
Botan::TLS::Client::is_active
bool is_active() const override
Definition tls_client.cpp:100
Botan::TLS::Client::key_material_export
SymmetricKey key_material_export(std::string_view label, std::string_view context, size_t length) const override
Definition tls_client.cpp:128
Botan::TLS::Client::is_closed_for_writing
bool is_closed_for_writing() const override
Definition tls_client.cpp:112
Botan::TLS::Client::send_fatal_alert
void send_fatal_alert(Alert::Type type) override
Definition tls_client.cpp:156
Botan::TLS::Client::timeout_check
bool timeout_check() override
Definition tls_client.cpp:164
Botan::TLS::Client::send_warning_alert
void send_warning_alert(Alert::Type type) override
Definition tls_client.cpp:152
Botan::TLS::Client::to_peer
void to_peer(std::span< const uint8_t > data) override
Definition tls_client.cpp:144
Botan::TLS::Client::~Client
~Client() override
Botan::TLS::Client::peer_cert_chain
std::vector< X509_Certificate > peer_cert_chain() const override
Definition tls_client.cpp:116
Botan::TLS::Client::is_closed
bool is_closed() const override
Definition tls_client.cpp:104
Botan::TLS::Client::update_traffic_keys
void update_traffic_keys(bool request_peer_update=false) override
Definition tls_client.cpp:136
Botan::TLS::Client::external_psk_identity
std::optional< std::string > external_psk_identity() const override
Definition tls_client.cpp:124
Botan::TLS::Client::send_alert
void send_alert(const Alert &alert) override
Definition tls_client.cpp:148
Botan::TLS::Client::from_peer
size_t from_peer(std::span< const uint8_t > data) override
Definition tls_client.cpp:86
Botan::TLS::Protocol_Version
Definition tls_version.h:34
Botan::TLS::Protocol_Version::is_datagram_protocol
bool is_datagram_protocol() const
Definition tls_version.cpp:36
Botan::TLS::Server_Information
Definition tls_server_info.h:19
Botan::SymmetricKey
OctetString SymmetricKey
Definition symkey.h:140
Generated by doxygen 1.15.0