1 // Copyright 2012 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_SOCKET_SSL_SOCKET_H_ 6 #define NET_SOCKET_SSL_SOCKET_H_ 7 8 #include <string_view> 9 10 #include "base/containers/span.h" 11 #include "net/base/net_export.h" 12 #include "net/socket/stream_socket.h" 13 14 namespace net { 15 16 // SSLSocket interface defines method that are common between client 17 // and server SSL sockets. 18 class NET_EXPORT SSLSocket : public StreamSocket { 19 public: 20 ~SSLSocket() override = default; 21 22 // Exports data derived from the SSL master-secret (see RFC 5705). The call 23 // will fail with an error if the socket is not connected or the SSL 24 // implementation does not support the operation. Note that |label| is 25 // required (per RFC 5705 section 4) to be ASCII and subclasses enforce this 26 // requirement. 27 // 28 // Note that in TLS < 1.3, passing std::nullopt for context produces a 29 // different result from passing a populated option containing an empty span. 30 // TLS 1.3 did away with this distinction and passing std::nullopt has the 31 // same behavior as passing base::span(). See RFC 5705 section 4 for TLS < 32 // 1.3 and RFC 8446 section 7.5 for TLS 1.3. 33 // 34 // Once we drop support for TLS < 1.3 (some day...) the context argument here 35 // can cease being optional. 36 virtual int ExportKeyingMaterial( 37 std::string_view label, 38 std::optional<base::span<const uint8_t>> context, 39 base::span<uint8_t> out) = 0; 40 }; 41 42 } // namespace net 43 44 #endif // NET_SOCKET_SSL_SOCKET_H_ 45