diff options
Diffstat (limited to 'crypto/src/tls/TlsContext.cs')
| -rw-r--r-- | crypto/src/tls/TlsContext.cs | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/crypto/src/tls/TlsContext.cs b/crypto/src/tls/TlsContext.cs new file mode 100644 index 000000000..5a2802f56 --- /dev/null +++ b/crypto/src/tls/TlsContext.cs @@ -0,0 +1,79 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// <summary>Base interface for a TLS context implementation.</summary> + public interface TlsContext + { + TlsCrypto Crypto { get; } + + TlsNonceGenerator NonceGenerator { get; } + + SecurityParameters SecurityParameters { get; } + + /// <summary>Return true if this context is for a server, false otherwise.</summary> + /// <returns>true for a server based context, false for a client based one.</returns> + bool IsServer { get; } + + ProtocolVersion[] ClientSupportedVersions { get; } + + ProtocolVersion ClientVersion { get; } + + ProtocolVersion RsaPreMasterSecretVersion { get; } + + ProtocolVersion ServerVersion { get; } + + /// <summary>Used to get the resumable session, if any, used by this connection.</summary> + /// <remarks> + /// Only available after the handshake has successfully completed. + /// </remarks> + /// <returns>A <see cref="TlsSession"/> representing the resumable session used by this connection, or null if + /// no resumable session available.</returns> + /// <seealso cref="TlsPeer.NotifyHandshakeComplete"/> + TlsSession ResumableSession { get; } + + /// <summary>Used to get the session information for this connection.</summary> + /// <remarks> + /// Only available after the handshake has successfully completed. Use <see cref="TlsSession.IsResumable"/> + /// to find out if the session is resumable. + /// </remarks> + /// <returns>A <see cref="TlsSession"/> representing the session used by this connection.</returns> + /// <seealso cref="TlsPeer.NotifyHandshakeComplete"/> + TlsSession Session { get; } + + object UserObject { get; set; } + + /// <summary>Export the value of the specified channel binding.</summary> + /// <remarks> + /// Only available after the handshake has successfully completed. + /// </remarks> + /// <param name="channelBinding">A <see cref="ChannelBinding"/> constant specifying the channel binding to + /// export.</param> + /// <returns>A copy of the channel binding data as a <c>byte[]</c>, or null if the binding could not be + /// determined.</returns> + byte[] ExportChannelBinding(int channelBinding); + + /// <summary>Export (early data) keying material according to RFC 5705: "Keying Material Exporters for TLS", as + /// updated for TLS 1.3 (RFC 8446).</summary> + /// <remarks> + /// NOTE: for use in settings where an exporter is needed for 0-RTT data. + /// </remarks> + /// <param name="asciiLabel">indicates which application will use the exported keys.</param> + /// <param name="context_value">allows the application using the exporter to mix its own data with the TLS PRF + /// for the exporter output.</param> + /// <param name="length">the number of bytes to generate.</param> + /// <returns>a pseudorandom bit string of 'length' bytes generated from the (exporter_)master_secret.</returns> + byte[] ExportEarlyKeyingMaterial(string asciiLabel, byte[] context_value, int length); + + /// <summary>Export keying material according to RFC 5705: "Keying Material Exporters for TLS", as updated for + /// TLS 1.3 (RFC 8446) when negotiated.</summary> + /// <param name="asciiLabel">indicates which application will use the exported keys.</param> + /// <param name="context_value">allows the application using the exporter to mix its own data with the TLS PRF + /// for the exporter output.</param> + /// <param name="length">the number of bytes to generate.</param> + /// <returns>a pseudorandom bit string of 'length' bytes generated from the (exporter_)master_secret.</returns> + byte[] ExportKeyingMaterial(string asciiLabel, byte[] context_value, int length); + } +} |