conexus logo

Conexus::NSS::SSLSocket Class Reference
[Conexus I/O Endpoints with NSS supportConexus I/O Endpoints]

A NSS based SSL endpoint. More...

#include <sslsocket.h>

Inheritance diagram for Conexus::NSS::SSLSocket:

Inheritance graph
[legend]

List of all members.

Public Types

typedef ConexusPointer< SSLSocketpointer

Public Member Functions

virtual ~SSLSocket () throw ()
virtual void open () throw (open_exception)
virtual size_t input_available () throw ()
bool set_option (int32_t option, bool on=true)
bool is_option_set (int32_t option)
bool enable_cipher (int32_t cipher, bool enable=true)
bool is_cipher_enabled (int32_t cipher)
bool configure_as_server (Certificate::pointer cert, PrivateKey::pointer key, KEA kea_type)
bool set_url (const std::string &url)
std::string url ()
bool set_pkcs11_pin_arg (void *arg)
void * pkcs11_pin_arg ()
bool invalidate_session ()
SECURITY_STATUS security_status ()
std::string cipher ()
int session_key_size ()
int secret_key_size ()
std::string issuer ()
std::string subject ()
SECItem * session_id ()
bool set_peer_id (const std::string &peer_id)
Certificate::pointer peer_certificate ()
bool force_handshake ()
bool rehandshake (bool flush_cache=true)
bool reset_handshake (bool as_server=false)
void set_authenticate_certificate_callback (sigc::slot< bool, bool, bool > slot)
void unset_authenticate_certificate_callback ()
void set_bad_certificate_callback (sigc::slot< bool > slot)
void unset_bad_certificate_callback ()
void set_client_authentication_callback (sigc::slot< bool, struct CERTDistNamesStr *, struct CERTCertificateStr **, struct SECKEYPrivateKeyStr ** > slot)
void set_default_client_authentication_callback (char *nickname)
void unset_client_authentication_callback ()
sigc::signal< void > signal_handshake_complete ()

Static Public Member Functions

static pointer create (Conexus::NSPR::Socket::pointer socket, SSLSocket::pointer model=SSLSocket::pointer())

Protected Member Functions

 SSLSocket (Conexus::NSPR::Socket::pointer socket, SSLSocket::pointer model=SSLSocket::pointer())
virtual bool on_authenticate_certificate (bool checksig, bool isServer)
 Authenticates the peer certificate obtained through the peer_certificate() method.
virtual bool on_bad_certificate ()
virtual bool on_client_authentication (struct CERTDistNamesStr *ca_names, struct CERTCertificateStr **ret_cert, struct SECKEYPrivateKeyStr **ret_key)

Protected Attributes

sigc::slot< bool, bool, bool > m_authenticate_certificate_slot
sigc::slot< bool > m_bad_certificate_slot
sigc::slot< bool, struct
CERTDistNamesStr *, struct
CERTCertificateStr **, struct
SECKEYPrivateKeyStr ** > 		m_client_authentication_slot
sigc::signal< void > m_signal_handshake_complete

Static Private Member Functions

static SECStatus SSL_AuthCertificateHook_proxy (void *arg, PRFileDesc *socket, PRBool checksig, PRBool isServer)
static SECStatus SSL_BadCertHook_proxy (void *arg, PRFileDesc *socket)
static void SSL_HandshakeCallback_proxy (PRFileDesc *socket, void *arg)
static SECStatus SSL_GetClientAuthDataHook_proxy (void *arg, PRFileDesc *socket, struct CERTDistNamesStr *caNames, struct CERTCertificateStr **pRetCert, struct SECKEYPrivateKeyStr **pRetKey)

Detailed Description

A NSS based SSL endpoint.

Author:
Rick L Vinyard Jr <rvinyard@cs.nmsu.edu>

Member Typedef Documentation

typedef ConexusPointer<SSLSocket> Conexus::NSS::SSLSocket::pointer

Reimplemented from Conexus::NSPR::Socket.

Constructor & Destructor Documentation

Conexus::NSS::SSLSocket::SSLSocket ( Conexus::NSPR::Socket::pointer  socket,
SSLSocket::pointer  model = SSLSocket::pointer() 
) [protected]

References Conexus::NSPR::FileDescriptor::m_fd, Conexus::Endpoint::m_state, SSL_AuthCertificateHook_proxy(), and SSL_HandshakeCallback_proxy().

Conexus::NSS::SSLSocket::~SSLSocket (  )  throw () [virtual]

Member Function Documentation

std::string Conexus::NSS::SSLSocket::cipher (  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

bool Conexus::NSS::SSLSocket::configure_as_server ( Certificate::pointer  cert,
PrivateKey::pointer  key,
KEA  kea_type 
)

References Conexus::NSPR::FileDescriptor::m_fd.

SSLSocket::pointer Conexus::NSS::SSLSocket::create ( Conexus::NSPR::Socket::pointer  socket,
SSLSocket::pointer  model = SSLSocket::pointer() 
) [static]

Referenced by peer_certificate().

bool Conexus::NSS::SSLSocket::enable_cipher ( int32_t  cipher,
bool  enable = true 
)

References Conexus::NSPR::FileDescriptor::m_fd.

bool Conexus::NSS::SSLSocket::force_handshake (  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

size_t Conexus::NSS::SSLSocket::input_available (  )  throw () [virtual]

Reimplemented from Conexus::NSPR::FileDescriptor.

References Conexus::NSPR::FileDescriptor::m_fd.

bool Conexus::NSS::SSLSocket::invalidate_session (  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

bool Conexus::NSS::SSLSocket::is_cipher_enabled ( int32_t  cipher  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

bool Conexus::NSS::SSLSocket::is_option_set ( int32_t  option  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

std::string Conexus::NSS::SSLSocket::issuer (  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

bool Conexus::NSS::SSLSocket::on_authenticate_certificate ( bool  checksig,
bool  isServer 
) [protected, virtual]

Authenticates the peer certificate obtained through the peer_certificate() method.

Returns:
true if certificate is authenticated, false otherwise
There are two ways to change certificate authentication:
  • Provide an certificate authentication callback: The base method of this class checks to see if the authenticate_certificate_slot has been set. If authenticate_certificate_slot has been set, the slot is called to authenticate the certificate. If the slot has not been set, the default SSL_AuthCertificate() function is called.
  • Subclass SSLSocket and reimplement on_authenticate_certificate() : Note that if you subclass this virtual method you will be responsible for checking authenticate_certificate_slot and deciding whether you want to call it.

References m_authenticate_certificate_slot, and Conexus::NSPR::FileDescriptor::m_fd.

Referenced by SSL_AuthCertificateHook_proxy().

bool Conexus::NSS::SSLSocket::on_bad_certificate (  )  [protected, virtual]

References m_bad_certificate_slot.

Referenced by SSL_BadCertHook_proxy().

bool Conexus::NSS::SSLSocket::on_client_authentication ( struct CERTDistNamesStr *  ca_names,
struct CERTCertificateStr **  ret_cert,
struct SECKEYPrivateKeyStr **  ret_key 
) [protected, virtual]

References m_client_authentication_slot.

Referenced by SSL_GetClientAuthDataHook_proxy().

void Conexus::NSS::SSLSocket::open (  )  throw (open_exception) [virtual]

Implements Conexus::Endpoint.

Certificate::pointer Conexus::NSS::SSLSocket::peer_certificate (  ) 

References create(), and Conexus::NSPR::FileDescriptor::m_fd.

void * Conexus::NSS::SSLSocket::pkcs11_pin_arg (  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

bool Conexus::NSS::SSLSocket::rehandshake ( bool  flush_cache = true  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

bool Conexus::NSS::SSLSocket::reset_handshake ( bool  as_server = false  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

int Conexus::NSS::SSLSocket::secret_key_size (  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

SECURITY_STATUS Conexus::NSS::SSLSocket::security_status (  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

SECItem * Conexus::NSS::SSLSocket::session_id (  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

int Conexus::NSS::SSLSocket::session_key_size (  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

void Conexus::NSS::SSLSocket::set_authenticate_certificate_callback ( sigc::slot< bool, bool, bool >  slot  ) 

References m_authenticate_certificate_slot.

void Conexus::NSS::SSLSocket::set_bad_certificate_callback ( sigc::slot< bool >  slot  ) 

References m_bad_certificate_slot, Conexus::NSPR::FileDescriptor::m_fd, and SSL_BadCertHook_proxy().

void Conexus::NSS::SSLSocket::set_client_authentication_callback ( sigc::slot< bool, struct CERTDistNamesStr *, struct CERTCertificateStr **, struct SECKEYPrivateKeyStr ** >  slot  ) 

References m_client_authentication_slot, Conexus::NSPR::FileDescriptor::m_fd, and SSL_GetClientAuthDataHook_proxy().

void Conexus::NSS::SSLSocket::set_default_client_authentication_callback ( char *  nickname  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

bool Conexus::NSS::SSLSocket::set_option ( int32_t  option,
bool  on = true 
)

References Conexus::NSPR::FileDescriptor::m_fd.

bool Conexus::NSS::SSLSocket::set_peer_id ( const std::string &  peer_id  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

bool Conexus::NSS::SSLSocket::set_pkcs11_pin_arg ( void *  arg  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

bool Conexus::NSS::SSLSocket::set_url ( const std::string &  url  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

sigc::signal< void > Conexus::NSS::SSLSocket::signal_handshake_complete (  ) 

References m_signal_handshake_complete.

SECStatus Conexus::NSS::SSLSocket::SSL_AuthCertificateHook_proxy ( void *  arg,
PRFileDesc *  socket,
PRBool  checksig,
PRBool  isServer 
) [static, private]

References on_authenticate_certificate().

Referenced by SSLSocket().

SECStatus Conexus::NSS::SSLSocket::SSL_BadCertHook_proxy ( void *  arg,
PRFileDesc *  socket 
) [static, private]

References on_bad_certificate().

Referenced by set_bad_certificate_callback().

SECStatus Conexus::NSS::SSLSocket::SSL_GetClientAuthDataHook_proxy ( void *  arg,
PRFileDesc *  socket,
struct CERTDistNamesStr *  caNames,
struct CERTCertificateStr **  pRetCert,
struct SECKEYPrivateKeyStr **  pRetKey 
) [static, private]

References on_client_authentication().

Referenced by set_client_authentication_callback().

void Conexus::NSS::SSLSocket::SSL_HandshakeCallback_proxy ( PRFileDesc *  socket,
void *  arg 
) [static, private]

References m_signal_handshake_complete.

Referenced by SSLSocket().

std::string Conexus::NSS::SSLSocket::subject (  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

void Conexus::NSS::SSLSocket::unset_authenticate_certificate_callback (  ) 

References m_authenticate_certificate_slot.

void Conexus::NSS::SSLSocket::unset_bad_certificate_callback (  ) 

References m_bad_certificate_slot, and Conexus::NSPR::FileDescriptor::m_fd.

void Conexus::NSS::SSLSocket::unset_client_authentication_callback (  ) 

References m_client_authentication_slot, and Conexus::NSPR::FileDescriptor::m_fd.

std::string Conexus::NSS::SSLSocket::url (  ) 

References Conexus::NSPR::FileDescriptor::m_fd.

Member Data Documentation

sigc::slot<bool,bool,bool> Conexus::NSS::SSLSocket::m_authenticate_certificate_slot [protected]

Referenced by on_authenticate_certificate(), set_authenticate_certificate_callback(), and unset_authenticate_certificate_callback().

sigc::slot<bool> Conexus::NSS::SSLSocket::m_bad_certificate_slot [protected]

Referenced by on_bad_certificate(), set_bad_certificate_callback(), and unset_bad_certificate_callback().

sigc::slot<bool,struct CERTDistNamesStr*, struct CERTCertificateStr**, struct SECKEYPrivateKeyStr**> Conexus::NSS::SSLSocket::m_client_authentication_slot [protected]

Referenced by on_client_authentication(), set_client_authentication_callback(), and unset_client_authentication_callback().

sigc::signal<void> Conexus::NSS::SSLSocket::m_signal_handshake_complete [protected]

Referenced by signal_handshake_complete(), and SSL_HandshakeCallback_proxy().

The documentation for this class was generated from the following files:
Generated on Wed Jul 8 15:51:29 2009 for conexus by doxygen 1.5.8