271 lines
5.9 KiB
C++
271 lines
5.9 KiB
C++
/***
|
|
Copyright (C) 2022 J Reece Wilson (a/k/a "Reece"). All rights reserved.
|
|
|
|
File: ITLSContext.hpp
|
|
Date: 2022-8-24
|
|
Author: Reece
|
|
***/
|
|
#pragma once
|
|
|
|
namespace Aurora::IO::Protocol
|
|
{
|
|
struct IProtocolStack;
|
|
}
|
|
|
|
namespace Aurora::IO::Net
|
|
{
|
|
struct ISocket;
|
|
}
|
|
|
|
#include <Aurora/IO/Net/ETransportProtocol.hpp>
|
|
|
|
namespace Aurora::IO::TLS
|
|
{
|
|
struct TLSMetaDTLS
|
|
{
|
|
/**
|
|
* @brief
|
|
*/
|
|
AuByteBuffer serverTransportId {};
|
|
|
|
int iServerCookies { 0 };
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
bool bServerNoRelay { true };
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
int iServerBadMacLimit { 0 };
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
int iMTUSize { 0 };
|
|
};
|
|
|
|
struct TLSMetaTCP
|
|
{
|
|
|
|
};
|
|
|
|
struct TLSServer
|
|
{
|
|
/**
|
|
* @brief
|
|
*/
|
|
bool bSessionCache { true };
|
|
|
|
/**
|
|
* @brief Forces server side pinning of clients
|
|
*/
|
|
bool bPinServerPeers { false };
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
int iCacheMax { -1 };
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
int iCacheTimeout { 0 };
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
bool bEnableTickets { true };
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
bool bTicketsRotate { false };
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
int iTicketTimeout { 300 }; // 5m
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
AuString alternativeTicketCipher;
|
|
};
|
|
|
|
struct TLSClient
|
|
{
|
|
/**
|
|
* @brief
|
|
*/
|
|
AuString sSNIServerName;
|
|
};
|
|
|
|
struct TLSMeta
|
|
{
|
|
/**
|
|
* @brief Input to-send, output-buffer size
|
|
*/
|
|
AuUInt uOutPageSize {};
|
|
|
|
/**
|
|
* @brief Switches between server/client mode
|
|
*/
|
|
bool bIsClient { true };
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
AuNet::ETransportProtocol transportProtocol { AuNet::ETransportProtocol::eProtocolTCP };
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
AuSPtr<IPinCertificate> pCertPin;
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
AuSPtr<ITLSPrivateKeyPair> pKeyPair;
|
|
|
|
/**
|
|
* @brief Override the cipersuites defined by ::GetDefaultCipherSuites()
|
|
*/
|
|
AuList<AuUInt16> cipherSuites;
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
TLSMetaDTLS dtls;
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
TLSMetaTCP tcp;
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
TLSServer server;
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
TLSClient client;
|
|
};
|
|
|
|
struct ITLSContext
|
|
{
|
|
/**
|
|
* @brief Returns the protocol stack provided to NewTLSContextEx
|
|
* @return
|
|
*/
|
|
virtual AuSPtr<Protocol::IProtocolStack> ToReadStack() = 0;
|
|
|
|
/**
|
|
* @brief Returns the protocol stack provided to NewTLSContextEx
|
|
* @return
|
|
*/
|
|
virtual AuSPtr<Protocol::IProtocolStack> ToWriteStack() = 0;
|
|
|
|
/**
|
|
* @brief Returns the input buffered inbound interceptor
|
|
* @return
|
|
*/
|
|
virtual AuSPtr<Protocol::IProtocolInterceptorEx> GetRecvInterceptor() = 0;
|
|
|
|
/**
|
|
* @brief Returns the to-send outbound interceptor
|
|
* @return
|
|
*/
|
|
virtual AuSPtr<Protocol::IProtocolInterceptorEx> GetSendInterceptor() = 0;
|
|
|
|
/**
|
|
* @brief Attaches the context to a socket such that
|
|
* 1) the sockets inbound protocol is specified as this->ToReadStack()
|
|
* 2) the sockets outbound protocol is specified as this->ToWriteStack()
|
|
* 3) a weak reference is attached internally for internal shutdown/error triggers
|
|
*
|
|
* This is optional. You could just use a buffered protocol stack
|
|
*
|
|
* @param pSocket
|
|
* @warning reminder: Creating a tls context is to merely add interceptors to a new protocol stack.
|
|
* This function is a hybrid utility that does one internal action and calls
|
|
* ISocketChannel::SpecifyRecvProtocol, ISocketChannel::SpecifySendProtocol to
|
|
* activate the protocol stack on the socket (if not already).
|
|
*/
|
|
virtual void Attach(const AuSPtr<Net::ISocket> &pSocket) = 0;
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
virtual void StartHandshake() = 0;
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
virtual void StartClose() = 0;
|
|
|
|
/**
|
|
* @brief
|
|
* @return
|
|
*/
|
|
virtual bool HasCompletedHandshake() = 0;
|
|
|
|
/**
|
|
* @brief
|
|
* @return
|
|
*/
|
|
virtual AuUInt16 GetCurrentCipherSuite() = 0;
|
|
|
|
/**
|
|
* @brief
|
|
* @return
|
|
*/
|
|
virtual bool HasFailed() = 0;
|
|
|
|
/**
|
|
* @brief
|
|
* @return
|
|
*/
|
|
virtual bool HasEnded() = 0;
|
|
|
|
/**
|
|
* @brief
|
|
* @return
|
|
*/
|
|
virtual int GetFatalErrorCode() = 0;
|
|
|
|
/**
|
|
* @brief
|
|
* @return
|
|
*/
|
|
virtual AuString GetFatalErrorCodeAsString() = 0;
|
|
|
|
/**
|
|
* @brief
|
|
*/
|
|
virtual void Destroy() = 0;
|
|
};
|
|
|
|
/**
|
|
* @brief
|
|
* @param meta
|
|
* @return
|
|
*/
|
|
AUKN_SYM AuSPtr<ITLSContext> NewTLSContext(const TLSMeta &meta);
|
|
|
|
/**
|
|
* @brief
|
|
* @param pSendStack
|
|
* A buffered or socket protocol stack to add one extended TLS intercepter to
|
|
* @param pRecvStack
|
|
* A buffered or socket protocol stack to add one extended TLS intercepter to
|
|
* @param meta
|
|
* @return
|
|
*/
|
|
AUKN_SYM AuSPtr<ITLSContext> NewTLSContextEx(const AuSPtr<Protocol::IProtocolStack> &pSendStack,
|
|
const AuSPtr<Protocol::IProtocolStack> &pRecvStack,
|
|
const TLSMeta &meta);
|
|
} |