00001 #ifndef SSLCONTEXT_H 00002 #define SSLCONTEXT_H 00003 /// $Id: sslcontext.h,v 1.8 2003/07/23 16:33:05 dvermeir Exp $ 00004 00005 /*! \mainpage 00006 \author dvermeir@vub.ac.be 00007 00008 <a href="../download/">Download</a> 00009 00010 \section install_dvssl Installation 00011 00012 Standard. See the INSTALL file in the top directory. 00013 \section Dependencies Dependencies 00014 00015 <a href="http://tinf2.vub.ac.be/~dvermeir/software/dv/dvnet/html/index.html">dvnet</a>, 00016 <a href="http://tinf2.vub.ac.be/~dvermeir/software/dv/dvutil/html/index.html">dvutil</a>, 00017 <a href="http://www.openssl.org/">openssl</a>. 00018 00019 \section intro_dvssl Introduction 00020 00021 This package provides a rudimentary interface to openssl. 00022 00023 <ul> 00024 <li> The classes Dv::Ssl::SslContextV2, Dv::Ssl::SslContextV3 and 00025 Dv::Ssl::SslContextV23 represenst SSL contexts. They are derived 00026 from a common base class Dv::Ssl::SslContext. 00027 <li> The class Dv::Ssl::SslSocket represents a client SSL connection. It 00028 is derived from Dv::Ssl::Socket (from the dvnet package) and thus 00029 from iostream. 00030 <li> The class Dv::Ssl::SslServerSocket is the SSL equivalent of 00031 Dv::Net::ServerSocket, from which it is derived. 00032 <li> The class Dv::Ssl::X509Certificate represents a (server) certificate. 00033 </ul> 00034 00035 */ 00036 00037 /*! \file 00038 This file defines Dv::Ssl::SslContext and its derived classes 00039 Dv::Ssl::SslContextV2, Dv::Ssl::SslContextV3 and Dv::Ssl::SslContextV23. 00040 */ 00041 00042 #include <string> 00043 #include <stdexcept> 00044 00045 //! Namespace for all dvxyz packages. 00046 namespace Dv { 00047 //! Dv::Ssl is the namespace for this package. 00048 namespace Ssl { 00049 //! Common base class represensting an SSL context. 00050 /*! The constructors for a a Dv::Ssl::SslSocket and a Dv::Ssl::SslServerSocket 00051 both have a required Dv::Ssl::SslSocket& argument. 00052 00053 Example usage: 00054 <ul> 00055 <li> For a server, the key and certificate file names are obligatory. 00056 \code 00057 try { 00058 SslContextV23 context("key.pem","cert.pem"); 00059 SslServerSocket server(context,9999); 00060 .. 00061 } 00062 catch (exception& e) { 00063 .. 00064 } 00065 \endcode 00066 <li> For a client, the key and certificate file are optional (and 00067 not used if present). 00068 \code 00069 try { 00070 SslContextV23 context; 00071 SslSocket client(context,"host.domain",9999); 00072 .. 00073 } 00074 catch (exception& e) { 00075 .. 00076 } 00077 \endcode 00078 </ul> 00079 00080 */ 00081 class SslContext { 00082 public: 00083 //! Destructor. 00084 virtual ~SslContext(); 00085 //! Return pointer to en openssl SSL_CTX structure. 00086 /*! The pointer is declared void to avoid inclusion of openssl 00087 header files. 00088 */ 00089 void* context() { return context_; } 00090 00091 //! Return name of private key filename or 0 if none. 00092 const std::string* rsa_private_key_file() const { return rsa_private_key_file_; } 00093 //! Return name of certificate filename or 0 if none. 00094 const std::string* certificate_file() const { return certificate_file_; } 00095 00096 protected: 00097 //! Constructor is protected because only derived objects make sense. 00098 SslContext() throw (std::runtime_error); 00099 //! Associated private key file name with this context. 00100 /*! Fails is filename==0 or SSL_CTX_useBLBLA fails. */ 00101 bool rsa_private_key_file(const char* filename); 00102 //! Associated certificate file name with this context. 00103 /*! Fails is filename==0 or SSL_CTX_useBLBLA fails. */ 00104 bool certificate_file(const char* filename); 00105 //! Pointer to SSL_CTX structure. 00106 void* context_; 00107 /*! The pointer is declared void to avoid inclusion of openssl 00108 header files. 00109 */ 00110 00111 private: 00112 SslContext(const SslContext&); // forbidden 00113 SslContext& operator=(const SslContext&); // forbidden 00114 00115 std::string* rsa_private_key_file_; 00116 std::string* certificate_file_; 00117 }; 00118 00119 //! SSl V2 context, see Dv::Ssl::SslContext. 00120 class SslContextV2: public SslContext { 00121 public: 00122 //! Constructor. 00123 /*! If the context is to be used with a Dv::Ssl::SslServerSocket object, 00124 both filename arguments are obligatory. If the context is 00125 to be used with a Dv::Ssl::SslSocket object, the filename arguments 00126 are optional (but will not be used). 00127 */ 00128 SslContextV2(const char* keyfilename=0, const char* certfilename=0) 00129 throw (std::runtime_error); 00130 //! Destructor. 00131 ~SslContextV2(); 00132 }; 00133 00134 //! SSl V23 context, see Dv::Ssl::SslContext. 00135 class SslContextV23: public SslContext { 00136 public: 00137 //! Constructor. 00138 /*! If the context is to be used with a Dv::Ssl::SslServerSocket object, 00139 both filename arguments are obligatory. If the context is 00140 to be used with a Dv::Ssl::SslSocket object, the filename arguments 00141 are optional (but will not be used). 00142 */ 00143 SslContextV23(const char* keyfilename = 0, const char* certfilename = 0) 00144 throw (std::runtime_error); 00145 //! Destructor. 00146 ~SslContextV23(); 00147 }; 00148 00149 //! SSl V3 context, see Dv::Ssl::SslContext. 00150 class SslContextV3: public SslContext { 00151 public: 00152 //! Constructor. 00153 /*! If the context is to be used with a Dv::Ssl::SslServerSocket object, 00154 both filename arguments are obligatory. If the context is 00155 to be used with a Dv::Ssl::SslSocket object, the filename arguments 00156 are optional (but will not be used). 00157 */ 00158 SslContextV3(const char* keyfilename = 0, const char* certfilename = 0) 00159 throw (std::runtime_error); 00160 //! Destructor. 00161 ~SslContextV3(); 00162 }; 00163 00164 }} 00165 00166 #endif 00167