/src/botan/build/include/botan/tls_channel.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * TLS Channel |
3 | | * (C) 2011,2012,2014,2015 Jack Lloyd |
4 | | * 2016 Matthias Gierlings |
5 | | * 2021 Elektrobit Automotive GmbH |
6 | | * 2022 René Meusel, Hannes Rantzsch - neXenio GmbH |
7 | | * |
8 | | * Botan is released under the Simplified BSD License (see license.txt) |
9 | | */ |
10 | | |
11 | | #ifndef BOTAN_TLS_CHANNEL_H_ |
12 | | #define BOTAN_TLS_CHANNEL_H_ |
13 | | |
14 | | #include <botan/tls_session.h> |
15 | | #include <botan/tls_alert.h> |
16 | | #include <botan/tls_session_manager.h> |
17 | | #include <botan/tls_callbacks.h> |
18 | | #include <botan/x509cert.h> |
19 | | |
20 | | #include <vector> |
21 | | #include <string> |
22 | | |
23 | | namespace Botan::TLS { |
24 | | |
25 | | /** |
26 | | * Generic interface for TLS endpoint |
27 | | */ |
28 | | class BOTAN_PUBLIC_API(2,0) Channel |
29 | | { |
30 | | public: |
31 | | static constexpr size_t IO_BUF_DEFAULT_SIZE = 10*1024; |
32 | | |
33 | 5.96k | virtual ~Channel() = default; |
34 | | |
35 | | /** |
36 | | * Inject TLS traffic received from counterparty |
37 | | * @return a hint as the how many more bytes we need to process the |
38 | | * current record (this may be 0 if on a record boundary) |
39 | | */ |
40 | | virtual size_t received_data(const uint8_t buf[], size_t buf_size) = 0; |
41 | | |
42 | | /** |
43 | | * Inject TLS traffic received from counterparty |
44 | | * @return a hint as the how many more bytes we need to process the |
45 | | * current record (this may be 0 if on a record boundary) |
46 | | */ |
47 | | size_t received_data(const std::vector<uint8_t>& buf) |
48 | 0 | { |
49 | 0 | return this->received_data(buf.data(), buf.size()); |
50 | 0 | } |
51 | | |
52 | | /** |
53 | | * Inject plaintext intended for counterparty |
54 | | * Throws an exception if is_active() is false |
55 | | */ |
56 | | virtual void send(const uint8_t buf[], size_t buf_size) = 0; |
57 | | |
58 | | /** |
59 | | * Inject plaintext intended for counterparty |
60 | | * Throws an exception if is_active() is false |
61 | | */ |
62 | | void send(const std::string& val) |
63 | 0 | { |
64 | 0 | this->send(cast_char_ptr_to_uint8(val.data()), val.size()); |
65 | 0 | } |
66 | | |
67 | | /** |
68 | | * Inject plaintext intended for counterparty |
69 | | * Throws an exception if is_active() is false |
70 | | */ |
71 | | template<typename Alloc> |
72 | | void send(const std::vector<unsigned char, Alloc>& val) |
73 | | { |
74 | | send(val.data(), val.size()); |
75 | | } |
76 | | |
77 | | /** |
78 | | * Send a TLS alert message. If the alert is fatal, the internal |
79 | | * state (keys, etc) will be reset. |
80 | | * @param alert the Alert to send |
81 | | */ |
82 | | virtual void send_alert(const Alert& alert) = 0; |
83 | | |
84 | | /** |
85 | | * Send a warning alert |
86 | | */ |
87 | | virtual void send_warning_alert(Alert::Type type) = 0; |
88 | | |
89 | | /** |
90 | | * Send a fatal alert |
91 | | */ |
92 | | virtual void send_fatal_alert(Alert::Type type) = 0; |
93 | | |
94 | | /** |
95 | | * Send a close notification alert |
96 | | */ |
97 | | virtual void close() = 0; |
98 | | |
99 | | /** |
100 | | * @return true iff the connection is active for sending application data |
101 | | */ |
102 | | virtual bool is_active() const = 0; |
103 | | |
104 | | /** |
105 | | * @return true iff the connection has been definitely closed |
106 | | */ |
107 | | virtual bool is_closed() const = 0; |
108 | | |
109 | | /** |
110 | | * @return certificate chain of the peer (may be empty) |
111 | | */ |
112 | | virtual std::vector<X509_Certificate> peer_cert_chain() const = 0; |
113 | | |
114 | | /** |
115 | | * Key material export (RFC 5705) |
116 | | * @param label a disambiguating label string |
117 | | * @param context a per-association context value |
118 | | * @param length the length of the desired key in bytes |
119 | | * @return key of length bytes |
120 | | */ |
121 | | virtual SymmetricKey key_material_export(const std::string& label, |
122 | | const std::string& context, |
123 | | size_t length) const = 0; |
124 | | |
125 | | /** |
126 | | * Attempt to renegotiate the session |
127 | | * @param force_full_renegotiation if true, require a full renegotiation, |
128 | | * otherwise allow session resumption |
129 | | */ |
130 | | virtual void renegotiate(bool force_full_renegotiation = false) = 0; |
131 | | |
132 | | /** |
133 | | * @return true iff the counterparty supports the secure |
134 | | * renegotiation extensions. |
135 | | */ |
136 | | virtual bool secure_renegotiation_supported() const = 0; |
137 | | |
138 | | /** |
139 | | * Perform a handshake timeout check. This does nothing unless |
140 | | * this is a DTLS channel with a pending handshake state, in |
141 | | * which case we check for timeout and potentially retransmit |
142 | | * handshake packets. |
143 | | */ |
144 | | virtual bool timeout_check() = 0; |
145 | | |
146 | | virtual std::string application_protocol() const = 0; |
147 | | }; |
148 | | } |
149 | | |
150 | | #endif |