00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031 #ifndef PTLIB_PSSL_H
00032 #define PTLIB_PSSL_H
00033
00034 #ifdef P_USE_PRAGMA
00035 #pragma interface
00036 #endif
00037
00038 #include <ptlib/sockets.h>
00039
00040
00041 struct ssl_st;
00042 struct ssl_ctx_st;
00043 struct x509_st;
00044 struct evp_pkey_st;
00045 struct dh_st;
00046
00047 enum PSSLFileTypes {
00048 PSSLFileTypePEM,
00049 PSSLFileTypeASN1,
00050 PSSLFileTypeDEFAULT
00051 };
00052
00053
00058 class PSSLPrivateKey : public PObject
00059 {
00060 PCLASSINFO(PSSLPrivateKey, PObject);
00061 public:
00064 PSSLPrivateKey();
00065
00068 PSSLPrivateKey(
00069 unsigned modulus,
00070 void (*callback)(int,int,void *) = NULL,
00071 void *cb_arg = NULL
00072 );
00073
00079 PSSLPrivateKey(
00080 const PFilePath & keyFile,
00081 PSSLFileTypes fileType = PSSLFileTypeDEFAULT
00082 );
00083
00086 PSSLPrivateKey(
00087 const BYTE * keyData,
00088 PINDEX keySize
00089 );
00090
00093 PSSLPrivateKey(
00094 const PBYTEArray & keyData
00095 );
00096
00099 PSSLPrivateKey(
00100 const PSSLPrivateKey & privKey
00101 );
00102
00105 PSSLPrivateKey & operator=(
00106 const PSSLPrivateKey & privKay
00107 );
00108
00111 ~PSSLPrivateKey();
00112
00115 operator evp_pkey_st *() const { return key; }
00116
00119 PBoolean Create(
00120 unsigned modulus,
00121 void (*callback)(int,int,void *) = NULL,
00122 void *cb_arg = NULL
00123 );
00124
00127 PBYTEArray GetData() const;
00128
00131 PString AsString() const;
00132
00138 PBoolean Load(
00139 const PFilePath & keyFile,
00140 PSSLFileTypes fileType = PSSLFileTypeDEFAULT
00141 );
00142
00148 PBoolean Save(
00149 const PFilePath & keyFile,
00150 PBoolean append = false,
00151 PSSLFileTypes fileType = PSSLFileTypeDEFAULT
00152 );
00153
00154
00155 protected:
00156 evp_pkey_st * key;
00157 };
00158
00159
00164 class PSSLCertificate : public PObject
00165 {
00166 PCLASSINFO(PSSLCertificate, PObject);
00167 public:
00170 PSSLCertificate();
00171
00177 PSSLCertificate(
00178 const PFilePath & certFile,
00179 PSSLFileTypes fileType = PSSLFileTypeDEFAULT
00180 );
00181
00184 PSSLCertificate(
00185 const BYTE * certData,
00186 PINDEX certSize
00187 );
00188
00191 PSSLCertificate(
00192 const PBYTEArray & certData
00193 );
00194
00197 PSSLCertificate(
00198 const PString & certString
00199 );
00200
00203 PSSLCertificate(
00204 const PSSLCertificate & cert
00205 );
00206
00209 PSSLCertificate & operator=(
00210 const PSSLCertificate & cert
00211 );
00212
00215 ~PSSLCertificate();
00216
00219 operator x509_st *() const { return certificate; }
00220
00229 PBoolean CreateRoot(
00230 const PString & subject,
00231 const PSSLPrivateKey & key
00232 );
00233
00236 PBYTEArray GetData() const;
00237
00240 PString AsString() const;
00241
00247 PBoolean Load(
00248 const PFilePath & certFile,
00249 PSSLFileTypes fileType = PSSLFileTypeDEFAULT
00250 );
00251
00257 PBoolean Save(
00258 const PFilePath & keyFile,
00259 PBoolean append = false,
00260 PSSLFileTypes fileType = PSSLFileTypeDEFAULT
00261 );
00262
00263
00264 protected:
00265 x509_st * certificate;
00266 };
00267
00268
00273 class PSSLDiffieHellman : public PObject
00274 {
00275 PCLASSINFO(PSSLDiffieHellman, PObject);
00276 public:
00279 PSSLDiffieHellman();
00280
00286 PSSLDiffieHellman(
00287 const PFilePath & dhFile,
00288 PSSLFileTypes fileType = PSSLFileTypeDEFAULT
00289 );
00290
00293 PSSLDiffieHellman(
00294 const BYTE * pData,
00295 PINDEX pSize,
00296 const BYTE * gData,
00297 PINDEX gSize
00298 );
00299
00302 PSSLDiffieHellman(
00303 const PSSLDiffieHellman & dh
00304 );
00305
00308 PSSLDiffieHellman & operator=(
00309 const PSSLDiffieHellman & dh
00310 );
00311
00314 ~PSSLDiffieHellman();
00315
00318 operator dh_st *() const { return dh; }
00319
00325 PBoolean Load(
00326 const PFilePath & dhFile,
00327 PSSLFileTypes fileType = PSSLFileTypeDEFAULT
00328 );
00329
00330 protected:
00331 dh_st * dh;
00332 };
00333
00334
00340 class PSSLContext {
00341 public:
00342 enum Method {
00343 SSLv23,
00344 SSLv3,
00345 TLSv1
00346 };
00347
00356 PSSLContext(
00357 const void * sessionId = NULL,
00358 PINDEX idSize = 0
00359 );
00360 PSSLContext(
00361 Method method,
00362 const void * sessionId = NULL,
00363 PINDEX idSize = 0
00364 );
00365
00368 ~PSSLContext();
00369
00372 operator ssl_ctx_st *() const { return context; }
00373
00376 PBoolean SetCAPath(
00377 const PDirectory & caPath
00378 );
00379
00382 PBoolean SetCAFile(
00383 const PFilePath & caFile
00384 );
00385
00388 PBoolean UseCertificate(
00389 const PSSLCertificate & certificate
00390 );
00391
00394 PBoolean UsePrivateKey(
00395 const PSSLPrivateKey & key
00396 );
00397
00400 PBoolean UseDiffieHellman(
00401 const PSSLDiffieHellman & dh
00402 );
00403
00406 PBoolean SetCipherList(
00407 const PString & ciphers
00408 );
00409
00410 protected:
00411 void Construct(Method method, const void * sessionId, PINDEX idSize);
00412 ssl_ctx_st * context;
00413 };
00414
00415
00418 class PSSLChannel : public PIndirectChannel
00419 {
00420 PCLASSINFO(PSSLChannel, PIndirectChannel)
00421 public:
00425 PSSLChannel(
00426 PSSLContext * context = NULL,
00427 PBoolean autoDeleteContext = false
00428 );
00429 PSSLChannel(
00430 PSSLContext & context
00431 );
00432
00435 ~PSSLChannel();
00436
00437
00438 virtual PBoolean Read(void * buf, PINDEX len);
00439 virtual PBoolean Write(const void * buf, PINDEX len);
00440 virtual PBoolean Close();
00441 virtual PBoolean Shutdown(ShutdownValue) { return true; }
00442 virtual PString GetErrorText(ErrorGroup group = NumErrorGroups) const;
00443 virtual PBoolean ConvertOSError(int error, ErrorGroup group = LastGeneralError);
00444
00445
00450 PBoolean Accept();
00451
00454 PBoolean Accept(
00455 PChannel & channel
00456 );
00457
00460 PBoolean Accept(
00461 PChannel * channel,
00462 PBoolean autoDelete = true
00463 );
00464
00465
00470 PBoolean Connect();
00471
00474 PBoolean Connect(
00475 PChannel & channel
00476 );
00477
00480 PBoolean Connect(
00481 PChannel * channel,
00482 PBoolean autoDelete = true
00483 );
00484
00487 PBoolean UseCertificate(
00488 const PSSLCertificate & certificate
00489 );
00490
00493 PBoolean UsePrivateKey(
00494 const PSSLPrivateKey & key
00495 );
00496
00497 enum VerifyMode {
00498 VerifyNone,
00499 VerifyPeer,
00500 VerifyPeerMandatory,
00501 };
00502
00503 void SetVerifyMode(
00504 VerifyMode mode
00505 );
00506
00507 PSSLContext * GetContext() const { return context; }
00508
00509 virtual PBoolean RawSSLRead(void * buf, PINDEX & len);
00510
00511 protected:
00521 virtual PBoolean OnOpen();
00522
00523 protected:
00524 PSSLContext * context;
00525 PBoolean autoDeleteContext;
00526 ssl_st * ssl;
00527 };
00528
00529 #endif // PTLIB_PSSL_H
00530
00531
00532