conexus logo

Conexus::NSS::SSLSocket Class Reference
[Conexus I/O Endpoints with NSS supportConexus I/O Endpoints]

A NSS based SSL endpoint. More...

#include <sslsocket.h>

Inheritance diagram for Conexus::NSS::SSLSocket:

Inheritance graph

List of all members.

Public Types

typedef ConexusPointer< SSLSocketpointer

Public Member Functions

virtual ~SSLSocket () throw ()
virtual void open () throw (open_exception)
virtual size_t input_available () throw ()
bool set_option (int32_t option, bool on=true)
bool is_option_set (int32_t option)
bool enable_cipher (int32_t cipher, bool enable=true)
bool is_cipher_enabled (int32_t cipher)
bool configure_as_server (Certificate::pointer cert, PrivateKey::pointer key, KEA kea_type)
bool set_url (const std::string &url)
std::string url ()
bool set_pkcs11_pin_arg (void *arg)
void * pkcs11_pin_arg ()
bool invalidate_session ()
SECURITY_STATUS security_status ()
std::string cipher ()
int session_key_size ()
int secret_key_size ()
std::string issuer ()
std::string subject ()
SECItem * session_id ()
bool set_peer_id (const std::string &peer_id)
Certificate::pointer peer_certificate ()
bool force_handshake ()
bool rehandshake (bool flush_cache=true)
bool reset_handshake (bool as_server=false)
void set_authenticate_certificate_callback (sigc::slot< bool, bool, bool > slot)
void unset_authenticate_certificate_callback ()
void set_bad_certificate_callback (sigc::slot< bool > slot)
void unset_bad_certificate_callback ()
void set_client_authentication_callback (sigc::slot< bool, struct CERTDistNamesStr *, struct CERTCertificateStr **, struct SECKEYPrivateKeyStr ** > slot)
void set_default_client_authentication_callback (char *nickname)
void unset_client_authentication_callback ()
sigc::signal< void > signal_handshake_complete ()

Static Public Member Functions

static pointer create (Conexus::NSPR::Socket::pointer socket, SSLSocket::pointer model=SSLSocket::pointer())

Protected Member Functions

 SSLSocket (Conexus::NSPR::Socket::pointer socket, SSLSocket::pointer model=SSLSocket::pointer())
virtual bool on_authenticate_certificate (bool checksig, bool isServer)
 Authenticates the peer certificate obtained through the peer_certificate() method.
virtual bool on_bad_certificate ()
virtual bool on_client_authentication (struct CERTDistNamesStr *ca_names, struct CERTCertificateStr **ret_cert, struct SECKEYPrivateKeyStr **ret_key)

Protected Attributes

sigc::slot< bool, bool, bool > m_authenticate_certificate_slot
sigc::slot< bool > m_bad_certificate_slot
sigc::slot< bool, struct
CERTDistNamesStr *, struct
CERTCertificateStr **, struct
SECKEYPrivateKeyStr ** > 
sigc::signal< void > m_signal_handshake_complete

Static Private Member Functions

static SECStatus SSL_AuthCertificateHook_proxy (void *arg, PRFileDesc *socket, PRBool checksig, PRBool isServer)
static SECStatus SSL_BadCertHook_proxy (void *arg, PRFileDesc *socket)
static void SSL_HandshakeCallback_proxy (PRFileDesc *socket, void *arg)
static SECStatus SSL_GetClientAuthDataHook_proxy (void *arg, PRFileDesc *socket, struct CERTDistNamesStr *caNames, struct CERTCertificateStr **pRetCert, struct SECKEYPrivateKeyStr **pRetKey)

Detailed Description

A NSS based SSL endpoint.

Rick L Vinyard Jr <>

Member Typedef Documentation

Reimplemented from Conexus::NSPR::Socket.

Constructor & Destructor Documentation

Conexus::NSS::SSLSocket::SSLSocket ( Conexus::NSPR::Socket::pointer  socket,
SSLSocket::pointer  model = SSLSocket::pointer() 
) [protected]

Conexus::NSS::SSLSocket::~SSLSocket (  )  throw () [virtual]

Member Function Documentation

std::string Conexus::NSS::SSLSocket::cipher (  ) 

bool Conexus::NSS::SSLSocket::configure_as_server ( Certificate::pointer  cert,
PrivateKey::pointer  key,
KEA  kea_type 

SSLSocket::pointer Conexus::NSS::SSLSocket::create ( Conexus::NSPR::Socket::pointer  socket,
SSLSocket::pointer  model = SSLSocket::pointer() 
) [static]

Referenced by peer_certificate().

bool Conexus::NSS::SSLSocket::enable_cipher ( int32_t  cipher,
bool  enable = true 

bool Conexus::NSS::SSLSocket::force_handshake (  ) 

size_t Conexus::NSS::SSLSocket::input_available (  )  throw () [virtual]

bool Conexus::NSS::SSLSocket::invalidate_session (  ) 

bool Conexus::NSS::SSLSocket::is_cipher_enabled ( int32_t  cipher  ) 

bool Conexus::NSS::SSLSocket::is_option_set ( int32_t  option  ) 

std::string Conexus::NSS::SSLSocket::issuer (  ) 

bool Conexus::NSS::SSLSocket::on_authenticate_certificate ( bool  checksig,
bool  isServer 
) [protected, virtual]

Authenticates the peer certificate obtained through the peer_certificate() method.

true if certificate is authenticated, false otherwise
There are two ways to change certificate authentication:
  • Provide an certificate authentication callback: The base method of this class checks to see if the authenticate_certificate_slot has been set. If authenticate_certificate_slot has been set, the slot is called to authenticate the certificate. If the slot has not been set, the default SSL_AuthCertificate() function is called.
  • Subclass SSLSocket and reimplement on_authenticate_certificate() : Note that if you subclass this virtual method you will be responsible for checking authenticate_certificate_slot and deciding whether you want to call it.

References m_authenticate_certificate_slot, and Conexus::NSPR::FileDescriptor::m_fd.

Referenced by SSL_AuthCertificateHook_proxy().

bool Conexus::NSS::SSLSocket::on_bad_certificate (  )  [protected, virtual]

References m_bad_certificate_slot.

Referenced by SSL_BadCertHook_proxy().

bool Conexus::NSS::SSLSocket::on_client_authentication ( struct CERTDistNamesStr *  ca_names,
struct CERTCertificateStr **  ret_cert,
struct SECKEYPrivateKeyStr **  ret_key 
) [protected, virtual]

void Conexus::NSS::SSLSocket::open (  )  throw (open_exception) [virtual]

Implements Conexus::Endpoint.

Certificate::pointer Conexus::NSS::SSLSocket::peer_certificate (  ) 

void * Conexus::NSS::SSLSocket::pkcs11_pin_arg (  ) 

bool Conexus::NSS::SSLSocket::rehandshake ( bool  flush_cache = true  ) 

bool Conexus::NSS::SSLSocket::reset_handshake ( bool  as_server = false  ) 

int Conexus::NSS::SSLSocket::secret_key_size (  ) 

SECURITY_STATUS Conexus::NSS::SSLSocket::security_status (  ) 

SECItem * Conexus::NSS::SSLSocket::session_id (  ) 

int Conexus::NSS::SSLSocket::session_key_size (  ) 

void Conexus::NSS::SSLSocket::set_authenticate_certificate_callback ( sigc::slot< bool, bool, bool >  slot  ) 

void Conexus::NSS::SSLSocket::set_bad_certificate_callback ( sigc::slot< bool >  slot  ) 

void Conexus::NSS::SSLSocket::set_client_authentication_callback ( sigc::slot< bool, struct CERTDistNamesStr *, struct CERTCertificateStr **, struct SECKEYPrivateKeyStr ** >  slot  ) 

void Conexus::NSS::SSLSocket::set_default_client_authentication_callback ( char *  nickname  ) 

bool Conexus::NSS::SSLSocket::set_option ( int32_t  option,
bool  on = true 

bool Conexus::NSS::SSLSocket::set_peer_id ( const std::string &  peer_id  ) 

bool Conexus::NSS::SSLSocket::set_pkcs11_pin_arg ( void *  arg  ) 

bool Conexus::NSS::SSLSocket::set_url ( const std::string &  url  ) 

sigc::signal< void > Conexus::NSS::SSLSocket::signal_handshake_complete (  ) 

SECStatus Conexus::NSS::SSLSocket::SSL_AuthCertificateHook_proxy ( void *  arg,
PRFileDesc *  socket,
PRBool  checksig,
PRBool  isServer 
) [static, private]

References on_authenticate_certificate().

Referenced by SSLSocket().

SECStatus Conexus::NSS::SSLSocket::SSL_BadCertHook_proxy ( void *  arg,
PRFileDesc *  socket 
) [static, private]

SECStatus Conexus::NSS::SSLSocket::SSL_GetClientAuthDataHook_proxy ( void *  arg,
PRFileDesc *  socket,
struct CERTDistNamesStr *  caNames,
struct CERTCertificateStr **  pRetCert,
struct SECKEYPrivateKeyStr **  pRetKey 
) [static, private]

void Conexus::NSS::SSLSocket::SSL_HandshakeCallback_proxy ( PRFileDesc *  socket,
void *  arg 
) [static, private]

References m_signal_handshake_complete.

Referenced by SSLSocket().

std::string Conexus::NSS::SSLSocket::subject (  ) 

void Conexus::NSS::SSLSocket::unset_authenticate_certificate_callback (  ) 

void Conexus::NSS::SSLSocket::unset_bad_certificate_callback (  ) 

void Conexus::NSS::SSLSocket::unset_client_authentication_callback (  ) 

std::string Conexus::NSS::SSLSocket::url (  ) 

Member Data Documentation

sigc::slot<bool,bool,bool> Conexus::NSS::SSLSocket::m_authenticate_certificate_slot [protected]

sigc::slot<bool,struct CERTDistNamesStr*, struct CERTCertificateStr**, struct SECKEYPrivateKeyStr**> Conexus::NSS::SSLSocket::m_client_authentication_slot [protected]

The documentation for this class was generated from the following files:

Generated on Wed Jul 8 15:51:29 2009 for conexus by doxygen 1.5.8