78 std::string_view prf_algo);
199 return (m_state == State::EarlyTraffic || m_state == State::ServerApplicationTraffic ||
200 m_state == State::Completed) &&
201 !m_exporter_master_secret.empty();
207 bool must_expect_unprotected_alert_traffic()
const;
212 bool can_encrypt_application_traffic()
const;
217 bool can_decrypt_application_traffic()
const;
222 std::string hash_algorithm()
const;
231 bool is_compatible_with(
const Ciphersuite& cipher)
const;
254 void clear_read_keys();
259 void clear_write_keys();
269 void advance_without_psk();
272 bool handshake_traffic_secret =
false);
273 void derive_read_traffic_key(
const secure_vector<uint8_t>& traffic_secret,
bool handshake_traffic_secret =
false);
284 std::string_view label,
285 const std::vector<uint8_t>& context,
286 size_t length)
const;
292 std::string_view label,
295 std::vector<uint8_t> empty_hash()
const;
303 ServerApplicationTraffic,
309 Connection_Side m_connection_side;
311 std::unique_ptr<AEAD_Mode> m_encrypt;
312 std::unique_ptr<AEAD_Mode> m_decrypt;
314 std::unique_ptr<HKDF_Extract> m_extract;
315 std::unique_ptr<HKDF_Expand> m_expand;
316 std::unique_ptr<HashFunction> m_hash;
328 uint64_t m_write_seq_no;
329 uint64_t m_read_seq_no;
331 uint32_t m_write_key_update_count;
332 uint32_t m_read_key_update_count;
334 uint16_t m_ticket_nonce;
static std::unique_ptr< Cipher_State > init_with_server_hello(Connection_Side side, secure_vector< uint8_t > &&shared_secret, const Ciphersuite &cipher, const Transcript_Hash &transcript_hash, const Secret_Logger &channel)
secure_vector< uint8_t > hkdf_expand_label(std::string_view hash_fn, std::span< const uint8_t > secret, std::string_view label, std::span< const uint8_t > hash_val, size_t length)