blob: 5a2802f5645a9062b571c8206e28f779951e4879 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
using System;
using Org.BouncyCastle.Tls.Crypto;
namespace Org.BouncyCastle.Tls
{
/// <summary>Base interface for a TLS context implementation.</summary>
public interface TlsContext
{
TlsCrypto Crypto { get; }
TlsNonceGenerator NonceGenerator { get; }
SecurityParameters SecurityParameters { get; }
/// <summary>Return true if this context is for a server, false otherwise.</summary>
/// <returns>true for a server based context, false for a client based one.</returns>
bool IsServer { get; }
ProtocolVersion[] ClientSupportedVersions { get; }
ProtocolVersion ClientVersion { get; }
ProtocolVersion RsaPreMasterSecretVersion { get; }
ProtocolVersion ServerVersion { get; }
/// <summary>Used to get the resumable session, if any, used by this connection.</summary>
/// <remarks>
/// Only available after the handshake has successfully completed.
/// </remarks>
/// <returns>A <see cref="TlsSession"/> representing the resumable session used by this connection, or null if
/// no resumable session available.</returns>
/// <seealso cref="TlsPeer.NotifyHandshakeComplete"/>
TlsSession ResumableSession { get; }
/// <summary>Used to get the session information for this connection.</summary>
/// <remarks>
/// Only available after the handshake has successfully completed. Use <see cref="TlsSession.IsResumable"/>
/// to find out if the session is resumable.
/// </remarks>
/// <returns>A <see cref="TlsSession"/> representing the session used by this connection.</returns>
/// <seealso cref="TlsPeer.NotifyHandshakeComplete"/>
TlsSession Session { get; }
object UserObject { get; set; }
/// <summary>Export the value of the specified channel binding.</summary>
/// <remarks>
/// Only available after the handshake has successfully completed.
/// </remarks>
/// <param name="channelBinding">A <see cref="ChannelBinding"/> constant specifying the channel binding to
/// export.</param>
/// <returns>A copy of the channel binding data as a <c>byte[]</c>, or null if the binding could not be
/// determined.</returns>
byte[] ExportChannelBinding(int channelBinding);
/// <summary>Export (early data) keying material according to RFC 5705: "Keying Material Exporters for TLS", as
/// updated for TLS 1.3 (RFC 8446).</summary>
/// <remarks>
/// NOTE: for use in settings where an exporter is needed for 0-RTT data.
/// </remarks>
/// <param name="asciiLabel">indicates which application will use the exported keys.</param>
/// <param name="context_value">allows the application using the exporter to mix its own data with the TLS PRF
/// for the exporter output.</param>
/// <param name="length">the number of bytes to generate.</param>
/// <returns>a pseudorandom bit string of 'length' bytes generated from the (exporter_)master_secret.</returns>
byte[] ExportEarlyKeyingMaterial(string asciiLabel, byte[] context_value, int length);
/// <summary>Export keying material according to RFC 5705: "Keying Material Exporters for TLS", as updated for
/// TLS 1.3 (RFC 8446) when negotiated.</summary>
/// <param name="asciiLabel">indicates which application will use the exported keys.</param>
/// <param name="context_value">allows the application using the exporter to mix its own data with the TLS PRF
/// for the exporter output.</param>
/// <param name="length">the number of bytes to generate.</param>
/// <returns>a pseudorandom bit string of 'length' bytes generated from the (exporter_)master_secret.</returns>
byte[] ExportKeyingMaterial(string asciiLabel, byte[] context_value, int length);
}
}
|
