ddn.net.tls.stream

Native TLS stream implementation.

Provides the encrypted stream for reading and writing application data over a TLS connection. Supports non-blocking I/O via TlsProgress return values. Manages handshake state, negotiated parameters, and the underlying transport.

enum ShutdownState

class NativeTlsStream

Types 2

enumShutdownState

Shutdown state machine phases.

NOT_STARTED

SEND_CLOSE_NOTIFY

WAIT_CLOSE_NOTIFY

DONE

classNativeTlsStream : TlsStream

Native TLS stream using pure D cryptographic primitives.

Wraps a TlsTransport and provides TLS encryption/decryption. All potentially-blocking operations return TlsProgress or TlsResult to support non-blocking I/O.

Fields

TlsTransport transport_

TlsRole role_

string serverName_

TlsHandshakeState handshakeState_

TlsVersion negotiatedVersion_

CipherSuiteId cipherSuiteId_

string cipherSuite_

string alpnProtocol_

TlsCertificateChain peerCerts_

TlsSession session_

TlsVerifyCallback verifyCallback_

TlsVerifyMode verifyMode_

ubyte[] readBuffer_

size_t readPos_

ubyte[] applicationReadBuffer_

size_t applicationReadPos_

TlsError lastError_

ShutdownState shutdownState_

bool receivedCloseNotify_

RecordLayer handshakeRecordLayer_

Tls13Client tls13Client_

Tls12Client tls12Client_

Tls13Server tls13Server_

Tls12Server tls12Server_

bool serverHelloPeeked_

bool serverUseTls13_

TlsVersion minVersion_

TlsVersion maxVersion_

string[] cipherSuites_

string[] alpnProtocols_

ubyte[][] serverCertChainDer_

string serverCertChainPem_

string serverPrivateKeyPem_

TlsSessionCache sessionCache_

NativeTlsTrustStore trustStore_

TlsAead writeAead_

TlsAead readAead_

Methods

TlsProgress handshake()Performs or continues the TLS handshake.

TlsHandshakeState handshakeState() @property const

TlsResult read(ubyte[] buffer)Reads decrypted application data.

TlsResult write(const(ubyte)[] data)Writes application data (will be encrypted).

TlsProgress flush()Flushes any buffered data through the TLS layer.

TlsProgress shutdown()Initiates graceful TLS shutdown (sends close_notify).

TlsError lastError() @property const

void close()

bool isOpen() @property const

bool isHandshakeComplete() @property const

bool receivedCloseNotify() @property const

TlsVersion negotiatedVersion() @property const

string cipherSuite() @property const

string alpnProtocol() @property const

TlsCertificateChain peerCertificates() @property const

TlsRole role() @property const

string serverName() @property const

TlsSession session() @property const

private TlsProgress sendCloseNotify()

private void initHandshakeEngine()

private TlsProgress driveHandshake()

private TlsProgress driveServerHandshake()

private void finalizeHandshake()

private bool detectTls13ClientHello(const(ubyte)[] fragment)

private

void applyEngineResult(CipherSuiteId cs,  string alpn,
          TlsCertificateChain peerCerts,  TlsSession tlsSession)

private TlsResult readEncrypted(ubyte[] buffer)

private TlsResult writeEncrypted(const(ubyte)[] data)

private TlsRecord readTlsRecord()

Constructors

this(TlsTransport transport,  TlsRole role,  string serverName,
          TlsVersion minVersion,  TlsVersion maxVersion,
          TlsVerifyMode verifyMode,  TlsVerifyCallback verifyCallback)

Constructs a NativeTlsStream.