Class TlsProtocol
- Namespace
- Org.BouncyCastle.Tls
- Assembly
- BouncyCastle.Cryptography.dll
public abstract class TlsProtocol : TlsCloseable- Inheritance
-
TlsProtocol
- Implements
- Derived
- Inherited Members
Constructors
TlsProtocol()
protected TlsProtocol()TlsProtocol(Stream)
public TlsProtocol(Stream stream)Parameters
streamStream
TlsProtocol(Stream, Stream)
public TlsProtocol(Stream input, Stream output)Parameters
Fields
ADS_MODE_0_N
protected const short ADS_MODE_0_N = 1Field Value
ADS_MODE_0_N_FIRSTONLY
protected const short ADS_MODE_0_N_FIRSTONLY = 2Field Value
ADS_MODE_1_Nsub1
protected const short ADS_MODE_1_Nsub1 = 0Field Value
CS_CLIENT_CERTIFICATE
protected const short CS_CLIENT_CERTIFICATE = 15Field Value
CS_CLIENT_CERTIFICATE_VERIFY
protected const short CS_CLIENT_CERTIFICATE_VERIFY = 17Field Value
CS_CLIENT_END_OF_EARLY_DATA
protected const short CS_CLIENT_END_OF_EARLY_DATA = 13Field Value
CS_CLIENT_FINISHED
protected const short CS_CLIENT_FINISHED = 18Field Value
CS_CLIENT_HELLO
protected const short CS_CLIENT_HELLO = 1Field Value
CS_CLIENT_HELLO_RETRY
protected const short CS_CLIENT_HELLO_RETRY = 3Field Value
CS_CLIENT_KEY_EXCHANGE
protected const short CS_CLIENT_KEY_EXCHANGE = 16Field Value
CS_CLIENT_SUPPLEMENTAL_DATA
protected const short CS_CLIENT_SUPPLEMENTAL_DATA = 14Field Value
CS_END
protected const short CS_END = 21Field Value
CS_SERVER_CERTIFICATE
protected const short CS_SERVER_CERTIFICATE = 7Field Value
CS_SERVER_CERTIFICATE_REQUEST
protected const short CS_SERVER_CERTIFICATE_REQUEST = 11Field Value
CS_SERVER_CERTIFICATE_STATUS
protected const short CS_SERVER_CERTIFICATE_STATUS = 8Field Value
CS_SERVER_CERTIFICATE_VERIFY
protected const short CS_SERVER_CERTIFICATE_VERIFY = 9Field Value
CS_SERVER_ENCRYPTED_EXTENSIONS
protected const short CS_SERVER_ENCRYPTED_EXTENSIONS = 5Field Value
CS_SERVER_FINISHED
protected const short CS_SERVER_FINISHED = 20Field Value
CS_SERVER_HELLO
protected const short CS_SERVER_HELLO = 4Field Value
CS_SERVER_HELLO_DONE
protected const short CS_SERVER_HELLO_DONE = 12Field Value
CS_SERVER_HELLO_RETRY_REQUEST
protected const short CS_SERVER_HELLO_RETRY_REQUEST = 2Field Value
CS_SERVER_KEY_EXCHANGE
protected const short CS_SERVER_KEY_EXCHANGE = 10Field Value
CS_SERVER_SESSION_TICKET
protected const short CS_SERVER_SESSION_TICKET = 19Field Value
CS_SERVER_SUPPLEMENTAL_DATA
protected const short CS_SERVER_SUPPLEMENTAL_DATA = 6Field Value
CS_START
protected const short CS_START = 0Field Value
m_blocking
protected readonly bool m_blockingField Value
m_clientExtensions
protected IDictionary<int, byte[]> m_clientExtensionsField Value
- IDictionary<int, byte[]>
m_connectionState
protected short m_connectionStateField Value
m_expectSessionTicket
protected bool m_expectSessionTicketField Value
m_inputBuffers
protected readonly ByteQueueInputStream m_inputBuffersField Value
m_outputBuffer
protected readonly ByteQueueOutputStream m_outputBufferField Value
m_receivedChangeCipherSpec
protected bool m_receivedChangeCipherSpecField Value
m_retryCookie
protected byte[] m_retryCookieField Value
- byte[]
m_retryGroup
protected int m_retryGroupField Value
m_selectedPsk13
protected bool m_selectedPsk13Field Value
m_serverExtensions
protected IDictionary<int, byte[]> m_serverExtensionsField Value
- IDictionary<int, byte[]>
m_sessionMasterSecret
protected TlsSecret m_sessionMasterSecretField Value
m_sessionParameters
protected SessionParameters m_sessionParametersField Value
m_tlsSession
protected TlsSession m_tlsSessionField Value
Properties
AppDataSplitMode
public virtual int AppDataSplitMode { get; set; }Property Value
ApplicationDataAvailable
public virtual int ApplicationDataAvailable { get; }Property Value
ApplicationDataLimit
public virtual int ApplicationDataLimit { get; }Property Value
Context
protected abstract TlsContext Context { get; }Property Value
IsClosed
public virtual bool IsClosed { get; }Property Value
IsConnected
public virtual bool IsConnected { get; }Property Value
IsHandshaking
public virtual bool IsHandshaking { get; }Property Value
IsResumableHandshake
public virtual bool IsResumableHandshake { get; set; }Property Value
Peer
protected abstract TlsPeer Peer { get; }Property Value
Stream
The secure bidirectional stream for this connection
public virtual Stream Stream { get; }Property Value
Remarks
Only allowed in blocking mode.
Methods
ApplyMaxFragmentLengthExtension(short)
protected virtual void ApplyMaxFragmentLengthExtension(short maxFragmentLength)Parameters
maxFragmentLengthshort
Exceptions
BeginHandshake()
protected virtual void BeginHandshake()Exceptions
BlockForHandshake()
protected virtual void BlockForHandshake()Exceptions
CancelSession()
protected virtual void CancelSession()CheckReceivedChangeCipherSpec(bool)
protected virtual void CheckReceivedChangeCipherSpec(bool expected)Parameters
expectedbool
Exceptions
CleanupHandshake()
protected virtual void CleanupHandshake()Close()
public virtual void Close()Exceptions
CloseConnection()
protected virtual void CloseConnection()Exceptions
CloseInput()
Should be called in non-blocking mode when the input data reaches EOF.
public virtual void CloseInput()Exceptions
CompleteHandshake()
protected virtual void CompleteHandshake()Exceptions
EstablishSession(TlsSession)
protected virtual bool EstablishSession(TlsSession sessionToResume)Parameters
sessionToResumeTlsSession
Returns
Flush()
public virtual void Flush()GetAvailableInputBytes()
Gets the amount of received application data.
public virtual int GetAvailableInputBytes()Returns
- int
The number of bytes of available application data.
Remarks
A call to ReadInput(byte[], int, int) is guaranteed to be able to return at least
this much data.
Only allowed in non-blocking mode.
GetAvailableOutputBytes()
Gets the amount of encrypted data available to be sent.
public virtual int GetAvailableOutputBytes()Returns
- int
The number of bytes of available encrypted data.
Remarks
A call to ReadOutput(byte[], int, int) is guaranteed to be able to return at least this much data. Only allowed in non-blocking mode.
HandleAlertMessage(short, short)
protected virtual void HandleAlertMessage(short alertLevel, short alertDescription)Parameters
Exceptions
HandleAlertWarningMessage(short)
protected virtual void HandleAlertWarningMessage(short alertDescription)Parameters
alertDescriptionshort
Exceptions
HandleChangeCipherSpecMessage()
protected virtual void HandleChangeCipherSpecMessage()Exceptions
HandleClose(bool)
protected virtual void HandleClose(bool user_canceled)Parameters
user_canceledbool
Exceptions
HandleException(short, string, Exception)
protected virtual void HandleException(short alertDescription, string message, Exception e)Parameters
Exceptions
HandleFailure()
protected virtual void HandleFailure()Exceptions
HandleHandshakeMessage(short, HandshakeMessageInput)
protected abstract void HandleHandshakeMessage(short type, HandshakeMessageInput buf)Parameters
typeshortbufHandshakeMessageInput
Exceptions
InvalidateSession()
protected virtual void InvalidateSession()IsLegacyConnectionState()
protected bool IsLegacyConnectionState()Returns
IsTlsV13ConnectionState()
protected bool IsTlsV13ConnectionState()Returns
OfferInput(byte[])
Equivalent to
OfferInput(input, 0, input.Length)public virtual void OfferInput(byte[] input)Parameters
inputbyte[]The input buffer to offer.
Exceptions
- See Also
OfferInput(byte[], int, int)
Offer input from an arbitrary source.
public virtual void OfferInput(byte[] input, int inputOff, int inputLen)Parameters
inputbyte[]The input buffer to offer.
inputOffintThe offset within the input buffer that input begins.
inputLenintThe number of bytes of input being offered.
Remarks
Only allowed in non-blocking mode.
This method will decrypt and process all records that are fully available. If only part of a record is
available, the buffer will be retained until the remainder of the record is offered.
If any records containing application data were processed, the decrypted data can be obtained using
ReadInput(byte[], int, int). If any records containing protocol data were processed, a
response may have been generated. You should always check to see if there is any available output after
calling this method by calling GetAvailableOutputBytes().
Exceptions
- IOException
If an error occurs while decrypting or processing a record.
PreviewInputRecord(byte[])
public virtual RecordPreview PreviewInputRecord(byte[] recordHeader)Parameters
recordHeaderbyte[]
Returns
Exceptions
PreviewOutputRecord()
public virtual int PreviewOutputRecord()Returns
PreviewOutputRecord(int)
public virtual RecordPreview PreviewOutputRecord(int applicationDataSize)Parameters
applicationDataSizeint
Returns
Exceptions
Process13FinishedMessage(MemoryStream)
protected virtual void Process13FinishedMessage(MemoryStream buf)Parameters
bufMemoryStream
Exceptions
ProcessFinishedMessage(MemoryStream)
protected virtual void ProcessFinishedMessage(MemoryStream buf)Parameters
bufMemoryStream
Exceptions
ProcessMaxFragmentLengthExtension(IDictionary<int, byte[]>, IDictionary<int, byte[]>, short)
[Obsolete("Will be removed")]
protected virtual short ProcessMaxFragmentLengthExtension(IDictionary<int, byte[]> clientExtensions, IDictionary<int, byte[]> serverExtensions, short alertDescription)Parameters
clientExtensionsIDictionary<int, byte[]>serverExtensionsIDictionary<int, byte[]>alertDescriptionshort
Returns
Exceptions
RaiseAlertFatal(short, string, Exception)
protected virtual void RaiseAlertFatal(short alertDescription, string message, Exception cause)Parameters
Exceptions
RaiseAlertWarning(short, string)
protected virtual void RaiseAlertWarning(short alertDescription, string message)Parameters
Exceptions
ReadApplicationData(byte[], int, int)
Read data from the network.
public virtual int ReadApplicationData(byte[] buffer, int offset, int count)Parameters
bufferbyte[]The buffer where the data will be copied to.
offsetintThe position where the data will be placed in the buffer.
countintThe maximum number of bytes to read.
Returns
- int
The number of bytes read.
Remarks
The method will return immediately, if there is still some data left in the buffer, or block until some application data has been read from the network.
Exceptions
- IOException
If something goes wrong during reading data.
ReadApplicationData(Span<byte>)
public virtual int ReadApplicationData(Span<byte> buffer)Parameters
Returns
ReadInput(byte[], int, int)
Retrieves received application data.
public virtual int ReadInput(byte[] buf, int off, int len)Parameters
bufbyte[]The buffer to hold the application data.
offintThe start offset in the buffer at which the data is written.
lenintThe maximum number of bytes to read.
Returns
- int
The total number of bytes copied to the buffer. May be less than the length specified if the length was greater than the amount of available data.
Remarks
Use GetAvailableInputBytes() to check how much application data is currently available. This
method functions similarly to Read(byte[], int, int), except that it never blocks. If
no data is available, nothing will be copied and zero will be returned.
Only allowed in non-blocking mode.
ReadOutput(byte[], int, int)
Retrieves encrypted data to be sent.
public virtual int ReadOutput(byte[] buffer, int offset, int length)Parameters
bufferbyte[]The buffer to hold the encrypted data.
offsetintThe start offset in the buffer at which the data is written.
lengthintThe maximum number of bytes to read.
Returns
- int
The total number of bytes copied to the buffer. May be less than the length specified if the length was greater than the amount of available data.
Remarks
Use GetAvailableOutputBytes() to check how much encrypted data is currently available. This method functions similarly to Read(byte[], int, int), except that it never blocks. If no data is available, nothing will be copied and zero will be returned. Only allowed in non-blocking mode.
Receive13KeyUpdate(MemoryStream)
protected virtual void Receive13KeyUpdate(MemoryStream buf)Parameters
bufMemoryStream
Exceptions
RefuseRenegotiation()
protected virtual void RefuseRenegotiation()Exceptions
ResumeHandshake()
public virtual void ResumeHandshake()Exceptions
SafePreviewRecordHeader(byte[])
protected virtual RecordPreview SafePreviewRecordHeader(byte[] recordHeader)Parameters
recordHeaderbyte[]
Returns
Exceptions
SafeReadFullRecord(byte[], int, int)
protected virtual bool SafeReadFullRecord(byte[] input, int inputOff, int inputLen)Parameters
Returns
Exceptions
SafeReadRecord()
protected virtual void SafeReadRecord()Exceptions
SafeWriteRecord(short, byte[], int, int)
protected virtual void SafeWriteRecord(short type, byte[] buf, int offset, int len)Parameters
Exceptions
SafeWriteRecord(short, ReadOnlySpan<byte>)
protected virtual void SafeWriteRecord(short type, ReadOnlySpan<byte> buffer)Parameters
typeshortbufferReadOnlySpan<byte>
Exceptions
Send13CertificateMessage(Certificate)
protected virtual void Send13CertificateMessage(Certificate certificate)Parameters
certificateCertificate
Exceptions
Send13CertificateVerifyMessage(DigitallySigned)
protected virtual void Send13CertificateVerifyMessage(DigitallySigned certificateVerify)Parameters
certificateVerifyDigitallySigned
Exceptions
Send13FinishedMessage()
protected virtual void Send13FinishedMessage()Exceptions
Send13KeyUpdate(bool)
protected virtual void Send13KeyUpdate(bool updateRequested)Parameters
updateRequestedbool
Exceptions
SendCertificateMessage(Certificate, Stream)
protected virtual void SendCertificateMessage(Certificate certificate, Stream endPointHash)Parameters
certificateCertificateendPointHashStream
Exceptions
SendChangeCipherSpec()
protected virtual void SendChangeCipherSpec()Exceptions
SendChangeCipherSpecMessage()
protected virtual void SendChangeCipherSpecMessage()Exceptions
SendFinishedMessage()
protected virtual void SendFinishedMessage()Exceptions
SendSupplementalDataMessage(IList<SupplementalDataEntry>)
protected virtual void SendSupplementalDataMessage(IList<SupplementalDataEntry> supplementalData)Parameters
supplementalDataIList<SupplementalDataEntry>
Exceptions
WriteApplicationData(byte[], int, int)
Write some application data.
public virtual void WriteApplicationData(byte[] buffer, int offset, int count)Parameters
bufferbyte[]The buffer containing application data to send.
offsetintThe offset at which the application data begins
countintThe number of bytes of application data.
Remarks
Fragmentation is handled internally. Usable in both blocking/non-blocking modes.
In blocking mode, the output will be automatically sent via the underlying transport. In non-blocking mode,
call ReadOutput(byte[], int, int) to get the output bytes to send to the peer.
This method must not be called until after the initial handshake is complete. Attempting to call it earlier
will result in an InvalidOperationException.
Exceptions
- InvalidOperationException
If called before the initial handshake has completed.
- IOException
If connection is already closed, or for encryption or transport errors.
WriteApplicationData(ReadOnlySpan<byte>)
public virtual void WriteApplicationData(ReadOnlySpan<byte> buffer)Parameters
bufferReadOnlySpan<byte>