doxygen/tls__server_8cpp_source.html

/*

* TLS Server

* (C) 2004-2011,2012,2016 Jack Lloyd

*     2016 Matthias Gierlings

*     2021 Elektrobit Automotive GmbH

*     2022 René Meusel, Hannes Rantzsch - neXenio GmbH

*

* Botan is released under the Simplified BSD License (see license.txt)

*/


#include <botan/tls_server.h>


#include <botan/tls_policy.h>

#include <botan/x509cert.h>

#include <botan/internal/tls_channel_impl.h>


#if defined(BOTAN_HAS_TLS_12)

   #include <botan/internal/tls_server_impl_12.h>

#endif


#if defined(BOTAN_HAS_TLS_13)

   #include <botan/internal/tls_server_impl_13.h>

#endif


namespace Botan::TLS {


/*

* TLS Server Constructor

*/


Server::Server(const std::shared_ptr<Callbacks>& callbacks,

               const std::shared_ptr<Session_Manager>& session_manager,

               const std::shared_ptr<Credentials_Manager>& creds,

               const std::shared_ptr<const Policy>& policy,

               const std::shared_ptr<RandomNumberGenerator>& rng,

               bool is_datagram,

               size_t io_buf_sz) {

   const auto max_version = policy->latest_supported_version(is_datagram);


#if defined(BOTAN_HAS_TLS_13)

   if(!max_version.is_pre_tls_13()) {

      m_impl = std::make_unique<Server_Impl_13>(callbacks, session_manager, creds, policy, rng);


      if(m_impl->expects_downgrade()) {

         m_impl->set_io_buffer_size(io_buf_sz);

      }


      return;

   }

#endif


#if defined(BOTAN_HAS_TLS_12)

   if(max_version.is_pre_tls_13()) {

      m_impl = std::make_unique<Server_Impl_12>(callbacks, session_manager, creds, policy, rng, is_datagram, io_buf_sz);

      return;

   }

#endif


   BOTAN_UNUSED(max_version, callbacks, session_manager, creds, policy, rng, is_datagram, io_buf_sz);

   throw Not_Implemented("Requested TLS server version is not available in this build");

}


Server::~Server() = default;


size_t Server::from_peer(std::span<const uint8_t> data) {

   auto read = m_impl->from_peer(data);


#if defined(BOTAN_HAS_TLS_12)

   // If TLS 1.2 is not available, we will never downgrade, the downgrade info

   // won't even be created and `is_downgrading()` would always return false.

   if(m_impl->is_downgrading()) {

      auto info = m_impl->extract_downgrade_info();

      m_impl = std::make_unique<Server_Impl_12>(*info);


      // replay peer data received so far

      read = m_impl->from_peer(info->peer_transcript);

   }

#endif


   return read;

}


bool Server::is_handshake_complete() const {

   return m_impl->is_handshake_complete();

}


bool Server::is_active() const {

   return m_impl->is_active();

}


bool Server::is_closed() const {

   return m_impl->is_closed();

}


bool Server::is_closed_for_reading() const {

   return m_impl->is_closed_for_reading();

}


bool Server::is_closed_for_writing() const {

   return m_impl->is_closed_for_writing();

}


std::vector<X509_Certificate> Server::peer_cert_chain() const {

   return m_impl->peer_cert_chain();

}


std::shared_ptr<const Public_Key> Server::peer_raw_public_key() const {

   return m_impl->peer_raw_public_key();

}


std::optional<std::string> Server::external_psk_identity() const {

   return m_impl->external_psk_identity();

}


SymmetricKey Server::key_material_export(std::string_view label, std::string_view context, size_t length) const {

   return m_impl->key_material_export(label, context, length);

}


void Server::renegotiate(bool force_full_renegotiation) {

   m_impl->renegotiate(force_full_renegotiation);

}


bool Server::new_session_ticket_supported() const {

   return m_impl->new_session_ticket_supported();

}


size_t Server::send_new_session_tickets(const size_t tickets) {

   return m_impl->send_new_session_tickets(tickets);

}


void Server::update_traffic_keys(bool request_peer_update) {

   m_impl->update_traffic_keys(request_peer_update);

}


bool Server::secure_renegotiation_supported() const {

   return m_impl->secure_renegotiation_supported();

}


void Server::to_peer(std::span<const uint8_t> data) {

   m_impl->to_peer(data);

}


void Server::send_alert(const Alert& alert) {

   m_impl->send_alert(alert);

}


void Server::send_warning_alert(Alert::Type type) {

   m_impl->send_warning_alert(type);

}


void Server::send_fatal_alert(Alert::Type type) {

   m_impl->send_fatal_alert(type);

}


void Server::close() {

   m_impl->close();

}


bool Server::timeout_check() {

   return m_impl->timeout_check();

}


std::string Server::application_protocol() const {

   return m_impl->application_protocol();

}


}  // namespace Botan::TLS

BOTAN_UNUSED
#define BOTAN_UNUSED
Definition assert.h:144

Botan::Not_Implemented
Definition exceptn.h:335

Botan::TLS::Alert
Definition tls_alert.h:70

Botan::TLS::Alert::Type
AlertType Type
Definition tls_alert.h:72

Botan::TLS::Server::update_traffic_keys
void update_traffic_keys(bool request_peer_update=false) override
Definition tls_server.cpp:130

Botan::TLS::Server::key_material_export
SymmetricKey key_material_export(std::string_view label, std::string_view context, size_t length) const override
Definition tls_server.cpp:114

Botan::TLS::Server::~Server
~Server() override

Botan::TLS::Server::timeout_check
bool timeout_check() override
Definition tls_server.cpp:158

Botan::TLS::Server::close
void close() override
Definition tls_server.cpp:154

Botan::TLS::Server::secure_renegotiation_supported
bool secure_renegotiation_supported() const override
Definition tls_server.cpp:134

Botan::TLS::Server::send_fatal_alert
void send_fatal_alert(Alert::Type type) override
Definition tls_server.cpp:150

Botan::TLS::Server::is_closed
bool is_closed() const override
Definition tls_server.cpp:90

Botan::TLS::Server::is_closed_for_writing
bool is_closed_for_writing() const override
Definition tls_server.cpp:98

Botan::TLS::Server::application_protocol
std::string application_protocol() const override
Definition tls_server.cpp:162

Botan::TLS::Server::send_new_session_tickets
size_t send_new_session_tickets(size_t tickets=1)
Definition tls_server.cpp:126

Botan::TLS::Server::Server
Server(const std::shared_ptr< Callbacks > &callbacks, const std::shared_ptr< Session_Manager > &session_manager, const std::shared_ptr< Credentials_Manager > &creds, const std::shared_ptr< const Policy > &policy, const std::shared_ptr< RandomNumberGenerator > &rng, bool is_datagram=false, size_t reserved_io_buffer_size=TLS::Channel::IO_BUF_DEFAULT_SIZE)
Definition tls_server.cpp:30

Botan::TLS::Server::is_handshake_complete
bool is_handshake_complete() const override
Definition tls_server.cpp:82

Botan::TLS::Server::renegotiate
void renegotiate(bool force_full_renegotiation=false) override
Definition tls_server.cpp:118

Botan::TLS::Server::external_psk_identity
std::optional< std::string > external_psk_identity() const override
Definition tls_server.cpp:110

Botan::TLS::Server::peer_raw_public_key
std::shared_ptr< const Public_Key > peer_raw_public_key() const override
Definition tls_server.cpp:106

Botan::TLS::Server::send_alert
void send_alert(const Alert &alert) override
Definition tls_server.cpp:142

Botan::TLS::Server::send_warning_alert
void send_warning_alert(Alert::Type type) override
Definition tls_server.cpp:146

Botan::TLS::Server::new_session_ticket_supported
bool new_session_ticket_supported() const
Definition tls_server.cpp:122

Botan::TLS::Server::peer_cert_chain
std::vector< X509_Certificate > peer_cert_chain() const override
Definition tls_server.cpp:102

Botan::TLS::Server::to_peer
void to_peer(std::span< const uint8_t > data) override
Definition tls_server.cpp:138

Botan::TLS::Server::is_active
bool is_active() const override
Definition tls_server.cpp:86

Botan::TLS::Server::from_peer
size_t from_peer(std::span< const uint8_t > data) override
Definition tls_server.cpp:64

Botan::TLS::Server::is_closed_for_reading
bool is_closed_for_reading() const override
Definition tls_server.cpp:94

Botan::TLS
Definition asio_context.cpp:18

Botan::SymmetricKey
OctetString SymmetricKey
Definition symkey.h:140