tls_client.h - mozsearch

Enable keyboard shortcuts

/*

* TLS Client

* (C) 2004-2011 Jack Lloyd

*     2016 Matthias Gierlings

* Botan is released under the Simplified BSD License (see license.txt)

*/

#ifndef BOTAN_TLS_CLIENT_H_

#define BOTAN_TLS_CLIENT_H_

#include <botan/tls_channel.h>

#include <botan/tls_policy.h>

#include <botan/credentials_manager.h>

#include <vector>

namespace Botan {

namespace TLS {

/**

* SSL/TLS Client

*/

class BOTAN_PUBLIC_API(2,0) Client final : public Channel

   public:

/**

      * Set up a new TLS client session

      * @param callbacks contains a set of callback function references

      *        required by the TLS client.

      * @param session_manager manages session state

      * @param creds manages application/user credentials

      * @param policy specifies other connection policy information

      * @param rng a random number generator

      * @param server_info is identifying information about the TLS server

      * @param offer_version specifies which version we will offer

      *        to the TLS server.

      * @param next_protocols specifies protocols to advertise with ALPN

      * @param reserved_io_buffer_size This many bytes of memory will

      *        be preallocated for the read and write buffers. Smaller

      *        values just mean reallocations and copies are more likely.

*/

     Client(Callbacks& callbacks,

            Session_Manager& session_manager,

            Credentials_Manager& creds,

            const Policy& policy,

            RandomNumberGenerator& rng,

            const Server_Information& server_info = Server_Information(),

            const Protocol_Version& offer_version = Protocol_Version::latest_tls_version(),

            const std::vector<std::string>& next_protocols = {},

            size_t reserved_io_buffer_size = TLS::Client::IO_BUF_DEFAULT_SIZE

);

/**

      * DEPRECATED. This constructor is only provided for backward

      * compatibility and should not be used in new code. It will be

      * removed in a future release.

      * Set up a new TLS client session

      * @param data_output_fn is called with data for the outbound socket

      * @param app_data_cb is called when new application data is received

      * @param recv_alert_cb is called when a TLS alert is received

      * @param hs_cb is called when a handshake is completed

      * @param session_manager manages session state

      * @param creds manages application/user credentials

      * @param policy specifies other connection policy information

      * @param rng a random number generator

      * @param server_info is identifying information about the TLS server

      * @param offer_version specifies which version we will offer

      *        to the TLS server.

      * @param next_protocols specifies protocols to advertise with ALPN

      * @param reserved_io_buffer_size This many bytes of memory will

      *        be preallocated for the read and write buffers. Smaller

      *        values just mean reallocations and copies are more likely.

*/

      BOTAN_DEPRECATED("Use TLS::Client(TLS::Callbacks ...)")

      Client(output_fn data_output_fn,

             data_cb app_data_cb,

             alert_cb recv_alert_cb,

             handshake_cb hs_cb,

             Session_Manager& session_manager,

             Credentials_Manager& creds,

             const Policy& policy,

             RandomNumberGenerator& rng,

             const Server_Information& server_info = Server_Information(),

             const Protocol_Version& offer_version = Protocol_Version::latest_tls_version(),

             const std::vector<std::string>& next_protocols = {},

             size_t reserved_io_buffer_size = TLS::Client::IO_BUF_DEFAULT_SIZE

);

/**

       * DEPRECATED. This constructor is only provided for backward

       * compatibility and should not be used in new implementations.

*/

      BOTAN_DEPRECATED("Use TLS::Client(TLS::Callbacks ...)")

      Client(output_fn out,

             data_cb app_data_cb,

             alert_cb alert_cb,

             handshake_cb hs_cb,

             handshake_msg_cb hs_msg_cb,

             Session_Manager& session_manager,

             Credentials_Manager& creds,

             const Policy& policy,

             RandomNumberGenerator& rng,

             const Server_Information& server_info = Server_Information(),

             const Protocol_Version& offer_version = Protocol_Version::latest_tls_version(),

             const std::vector<std::string>& next_protocols = {}

);

/**

      * @return network protocol as advertised by the TLS server, if server sent the ALPN extension

*/

      std::string application_protocol() const override { return m_application_protocol; }

   private:

      void init(const Protocol_Version& protocol_version,

                const std::vector<std::string>& next_protocols);

      std::vector<X509_Certificate>

         get_peer_cert_chain(const Handshake_State& state) const override;

      void initiate_handshake(Handshake_State& state,

                              bool force_full_renegotiation) override;

      void send_client_hello(Handshake_State& state,

                             bool force_full_renegotiation,

                             Protocol_Version version,

                             const std::string& srp_identifier = "",

                             const std::vector<std::string>& next_protocols = {});

      void process_handshake_msg(const Handshake_State* active_state,

                                 Handshake_State& pending_state,

                                 Handshake_Type type,

                                 const std::vector<uint8_t>& contents,

                                 bool epoch0_restart) override;

      Handshake_State* new_handshake_state(Handshake_IO* io) override;

      Credentials_Manager& m_creds;

      const Server_Information m_info;

      std::string m_application_protocol;

};

#endif