ddn.net.tls.context

Native TLS context implementation.

Holds TLS configuration (certificates, keys, protocol versions, cipher suites, verification settings) and creates TlsStream instances for client and server connections.

class NativeTlsContext

Types 1

classNativeTlsContext : TlsContext

Pure D TLS context backed by ddn-crypto primitives.

Contexts are created once and reused for many connections. Configuration is set before creating streams via the setter methods.

Fields

NativeTlsTrustStore trustStore_

TlsVerifyMode verifyMode_

TlsVerifyCallback verifyCallback_

TlsVersion minVersion_

TlsVersion maxVersion_

string[] cipherSuites_

bool sniEnabled_

string[] alpnProtocols_

TlsSessionCache sessionCache_

string certChainPem_

ubyte[][] certChainDer_

string privateKeyPem_

string privateKeyPassword_

ubyte[] privateKeyDer_

Methods

void setCertificateChain(const(char)[] pemData)Sets the certificate chain from PEM-encoded data.

void setCertificateChainDer(const(ubyte[])[] derCertificates)Sets the certificate chain from DER-encoded certificates.

void setPrivateKey(const(char)[] pemData, const(char)[] password = null)Sets the private key from PEM-encoded data.

void setPrivateKeyDer(const(ubyte)[] derData, const(char)[] password = null)Sets the private key from DER-encoded data.

TlsTrustStore trustStore() @propertyReturns: The trust store for adding trusted CA certificates.

void setVerifyMode(TlsVerifyMode mode)Sets the certificate verification mode.

void setVerifyCallback(TlsVerifyCallback callback)Sets a custom peer verification callback.

void setMinVersion(TlsVersion ver)Sets the minimum TLS protocol version.

void setMaxVersion(TlsVersion ver)Sets the maximum TLS protocol version.

void setCipherSuites(const(TlsCipherSuite)[] cipherSuites)Sets the list of allowed cipher suites using type-safe enum values.

void setCipherSuiteStrings(const(string)[] cipherSuites)Sets the list of allowed cipher suites using string names.

void setSniEnabled(bool enabled)Enables or disables Server Name Indication (SNI).

void setAlpnProtocols(const(string)[] protocols)Sets Application-Layer Protocol Negotiation (ALPN) protocols.

void setSessionCache(TlsSessionCache cache)Sets a session cache for session resumption.

TlsSession deserializeSession(const(ubyte)[] data)Reconstructs a session from serialized bytes.

TlsStream clientStream(TlsTransport transport, string serverName = null)Creates a client-side TLS stream.

TlsStream serverStream(TlsTransport transport)Creates a server-side TLS stream.

Constructors

this()Constructs a NativeTlsContext with secure defaults.