Botan 3.5.0
Crypto and TLS for C&
tls_client.cpp
Go to the documentation of this file.
1/*
2* TLS Client
3* (C) 2004-2011,2012,2015,2016 Jack Lloyd
4* 2016 Matthias Gierlings
5* 2017 Harry Reimann, Rohde & Schwarz Cybersecurity
6* 2021 Elektrobit Automotive GmbH
7*
8* Botan is released under the Simplified BSD License (see license.txt)
9*/
10
11#include <botan/tls_client.h>
12
13#include <botan/tls_messages.h>
14#include <botan/internal/stl_util.h>
15#include <botan/internal/tls_handshake_state.h>
16
17#include <botan/internal/tls_client_impl_12.h>
18#if defined(BOTAN_HAS_TLS_13)
19 #include <botan/internal/tls_client_impl_13.h>
20#endif
21
22#include <iterator>
23#include <sstream>
24
25namespace Botan::TLS {
26
27/*
28* TLS Client Constructor
29*/
30Client::Client(const std::shared_ptr<Callbacks>& callbacks,
31 const std::shared_ptr<Session_Manager>& session_manager,
32 const std::shared_ptr<Credentials_Manager>& creds,
33 const std::shared_ptr<const Policy>& policy,
34 const std::shared_ptr<RandomNumberGenerator>& rng,
36 Protocol_Version offer_version,
37 const std::vector<std::string>& next_protocols,
38 size_t io_buf_sz) {
39 BOTAN_ARG_CHECK(policy->acceptable_protocol_version(offer_version),
40 "Policy does not allow to offer requested protocol version");
41
42#if defined(BOTAN_HAS_TLS_13)
43 if(offer_version == Protocol_Version::TLS_V13) {
44 m_impl = std::make_unique<Client_Impl_13>(
45 callbacks, session_manager, creds, policy, rng, std::move(info), next_protocols);
46
47 if(m_impl->expects_downgrade()) {
48 m_impl->set_io_buffer_size(io_buf_sz);
49 }
50
51 if(m_impl->is_downgrading()) {
52 // TLS 1.3 implementation found a resumable TLS 1.2 session and
53 // requested a downgrade right away.
54 downgrade();
55 }
56
57 return;
58 }
59#endif
60
61 m_impl = std::make_unique<Client_Impl_12>(callbacks,
62 session_manager,
63 creds,
64 policy,
65 rng,
66 std::move(info),
67 offer_version.is_datagram_protocol(),
68 next_protocols,
69 io_buf_sz);
70}
71
72Client::~Client() = default;
73
74size_t Client::downgrade() {
75 BOTAN_ASSERT_NOMSG(m_impl->is_downgrading());
76
77 auto info = m_impl->extract_downgrade_info();
78 m_impl = std::make_unique<Client_Impl_12>(*info);
79
80 if(!info->peer_transcript.empty()) {
81 // replay peer data received so far
82 return m_impl->from_peer(info->peer_transcript);
83 } else {
84 // the downgrade happened due to a resumable TLS 1.2 session
85 // before any data was transferred
86 return 0;
87 }
88}
89
90size_t Client::from_peer(std::span<const uint8_t> data) {
91 auto read = m_impl->from_peer(data);
92
93 if(m_impl->is_downgrading()) {
94 read = downgrade();
95 }
96
97 return read;
98}
99
101 return m_impl->is_handshake_complete();
102}
103
104bool Client::is_active() const {
105 return m_impl->is_active();
106}
107
108bool Client::is_closed() const {
109 return m_impl->is_closed();
110}
111
113 return m_impl->is_closed_for_reading();
114}
115
117 return m_impl->is_closed_for_writing();
118}
119
120std::vector<X509_Certificate> Client::peer_cert_chain() const {
121 return m_impl->peer_cert_chain();
122}
123
124std::shared_ptr<const Public_Key> Client::peer_raw_public_key() const {
125 return m_impl->peer_raw_public_key();
126}
127
128std::optional<std::string> Client::external_psk_identity() const {
129 return m_impl->external_psk_identity();
130}
131
132SymmetricKey Client::key_material_export(std::string_view label, std::string_view context, size_t length) const {
133 return m_impl->key_material_export(label, context, length);
134}
135
136void Client::renegotiate(bool force_full_renegotiation) {
137 m_impl->renegotiate(force_full_renegotiation);
138}
139
140void Client::update_traffic_keys(bool request_peer_update) {
141 m_impl->update_traffic_keys(request_peer_update);
142}
143
145 return m_impl->secure_renegotiation_supported();
146}
147
148void Client::to_peer(std::span<const uint8_t> data) {
149 m_impl->to_peer(data);
150}
151
152void Client::send_alert(const Alert& alert) {
153 m_impl->send_alert(alert);
154}
155
157 m_impl->send_warning_alert(type);
158}
159
161 m_impl->send_fatal_alert(type);
162}
163
165 m_impl->close();
166}
167
169 return m_impl->timeout_check();
170}
171
172std::string Client::application_protocol() const {
173 return m_impl->application_protocol();
174}
175
176} // namespace Botan::TLS
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:59
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:29
bool is_closed_for_reading() const override
bool is_handshake_complete() const override
void renegotiate(bool force_full_renegotiation=false) override
void close() override
std::string application_protocol() const override
std::shared_ptr< const Public_Key > peer_raw_public_key() const override
Client(const std::shared_ptr< Callbacks > &callbacks, const std::shared_ptr< Session_Manager > &session_manager, const std::shared_ptr< Credentials_Manager > &creds, const std::shared_ptr< const Policy > &policy, const std::shared_ptr< RandomNumberGenerator > &rng, Server_Information server_info=Server_Information(), Protocol_Version offer_version=Protocol_Version::latest_tls_version(), const std::vector< std::string > &next_protocols={}, size_t reserved_io_buffer_size=TLS::Client::IO_BUF_DEFAULT_SIZE)
bool secure_renegotiation_supported() const override
bool is_active() const override
SymmetricKey key_material_export(std::string_view label, std::string_view context, size_t length) const override
bool is_closed_for_writing() const override
void send_fatal_alert(Alert::Type type) override
bool timeout_check() override
void send_warning_alert(Alert::Type type) override
void to_peer(std::span< const uint8_t > data) override
~Client() override
std::vector< X509_Certificate > peer_cert_chain() const override
bool is_closed() const override
void update_traffic_keys(bool request_peer_update=false) override
std::optional< std::string > external_psk_identity() const override
void send_alert(const Alert &alert) override
size_t from_peer(std::span< const uint8_t > data) override