Conexus::SSL::Context Class Reference

#include <context.h>

List of all members.

Public Types

typedef ConexusPointer< Context > pointer

typedef sigc::slot< void,
std::string &, EncDecFlag > PasswordSlot

A callback slot which must be provided by the application, hands back the password to be used during decryption.

Public Member Functions

virtual ~Context ()

Method method ()

bool use_certificate (X509 *x)

loads the certificate x

bool use_certificate_asn1 (int len, unsigned char *d)

loads the ASN1 encoded certificate from the memory location d (with length len)

bool use_certificate_file (const std::string &file, FileType type)

loads the first certificate stored in file

bool use_certificate_chain_file (const std::string &file)

loads a certificate chain from file

bool use_private_key (EVP_PKEY *pkey)

adds pkey as private key to this context.

bool use_private_key_asn1 (int pk, unsigned char *d, long len)

adds the private key of type pk stored at memory location d (length len)

bool use_private_key_file (const std::string &file, FileType type)

adds the first private key found in file

bool use_rsa_private_key (RSA *rsa)

adds pkey as private key to this context.

bool use_rsa_private_key_asn1 (unsigned char *d, long len)

adds the private key of type pk stored at memory location d (length len)

bool use_rsa_private_key_file (const std::string &file, FileType type)

adds the first private key found in file

bool check_private_key () const

checks the consistency of a private key with the corresponding certificate loaded

void set_default_password_slot (PasswordSlot slot=PasswordSlot())

sets the default password callback slot called when loading/storing a PEM certificate with encryption

bool load_verify_locations (const std::string &ca_file, const std::string &ca_path=std::string())

set default locations for trusted CA certificates

void set_verify_depth (int depth)

sets the maximum depth for the certificate chain verification that shall be allowed

void set_read_ahead (bool set=true)

Sets the read ahead parameter for the context DTLS should have this set.

SSL_CTX * cobj ()

Returns the underlying C object.

Static Public Member Functions

static pointer create (Method m=SSLV23)

Protected Member Functions

Context (Method m)

Static Protected Member Functions

static int passwd_cb_proxy (char *buf, int size, int rwflag, void *userdata)

A static proxy used to provide a callback point for the C library.

Protected Attributes

Method m_method

The SSL method set in the constructor.

SSL_CTX * m_cobj

The underlying C object.

PasswordSlot m_default_password_slot

The default password callback slot.

Detailed Description

Author:: Rick L Vinyard Jr <rvinyard@cs.nmsu.edu>

Member Typedef Documentation

typedef sigc::slot<void,std::string&,EncDecFlag> Conexus::SSL::Context::PasswordSlot

A callback slot which must be provided by the application, hands back the password to be used during decryption.

The slot must fill the std::string& parameter with the password. The EncDecFlag parameter indicates whether the callback is used for encryption (parameter=ENCRYPTION) or decryption (parameter= DECRYPTION).

typedef ConexusPointer<Context> Conexus::SSL::Context::pointer

Constructor & Destructor Documentation

Conexus::SSL::Context::Context ( Method m ) [protected]

References Conexus::SSL::DTLSV1, Conexus::SSL::DTLSV1_CLIENT, Conexus::SSL::DTLSV1_SERVER, m_cobj, Conexus::SSL::SSLV2, Conexus::SSL::SSLV23, Conexus::SSL::SSLV23_CLIENT, Conexus::SSL::SSLV23_SERVER, Conexus::SSL::SSLV2_CLIENT, Conexus::SSL::SSLV2_SERVER, Conexus::SSL::SSLV3, Conexus::SSL::SSLV3_CLIENT, Conexus::SSL::SSLV3_SERVER, Conexus::throw_ssl_exception(), Conexus::SSL::TLSV1, Conexus::SSL::TLSV1_CLIENT, and Conexus::SSL::TLSV1_SERVER.

Conexus::SSL::Context::~Context ( ) [virtual]

References m_cobj.

Member Function Documentation

bool Conexus::SSL::Context::check_private_key ( ) const

checks the consistency of a private key with the corresponding certificate loaded

If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked.

References m_cobj.

SSL_CTX * Conexus::SSL::Context::cobj ( )

Returns the underlying C object.

References m_cobj.

Context::pointer Conexus::SSL::Context::create ( Method m = SSLV23 ) [static]

Referenced by Conexus::SSL::init().

bool Conexus::SSL::Context::load_verify_locations	(	const std::string &	ca_file,
		const std::string &	ca_path = `std::string()`
	)

set default locations for trusted CA certificates

References m_cobj.

Method Conexus::SSL::Context::method ( )

References m_method.

int Conexus::SSL::Context::passwd_cb_proxy	(	char *	buf,
		int	size,
		int	rwflag,
		void *	userdata
	)			`[static, protected]`

A static proxy used to provide a callback point for the C library.

References Conexus::SSL::context(), and m_default_password_slot.

Referenced by set_default_password_slot().

void Conexus::SSL::Context::set_default_password_slot ( PasswordSlot slot = PasswordSlot() )

sets the default password callback slot called when loading/storing a PEM certificate with encryption

References m_cobj, m_default_password_slot, and passwd_cb_proxy().

void Conexus::SSL::Context::set_read_ahead ( bool set = true )

Sets the read ahead parameter for the context DTLS should have this set.

References m_cobj.

void Conexus::SSL::Context::set_verify_depth ( int depth )

sets the maximum depth for the certificate chain verification that shall be allowed

References m_cobj.

bool Conexus::SSL::Context::use_certificate ( X509 * x )

loads the certificate x

The rest of the certificates needed to form the complete certificate chain can be specified using add_extra_chain_cert().

References m_cobj.

bool Conexus::SSL::Context::use_certificate_asn1	(	int	len,
		unsigned char *	d
	)

loads the ASN1 encoded certificate from the memory location d (with length len)

References m_cobj.

bool Conexus::SSL::Context::use_certificate_chain_file ( const std::string & file )

loads a certificate chain from file

The certificates must be in PEM format and must be sorted starting with the subject’s certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA.

References m_cobj.

bool Conexus::SSL::Context::use_certificate_file	(	const std::string &	file,
		FileType	type
	)

loads the first certificate stored in file

The formatting type of the certificate must be specified from the known types PEM or ASN1.

References m_cobj.

bool Conexus::SSL::Context::use_private_key ( EVP_PKEY * pkey )

adds pkey as private key to this context.

If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with use_certificate() before setting the private key with use_private_key()

References m_cobj.

bool Conexus::SSL::Context::use_private_key_asn1	(	int	pk,
		unsigned char *	d,
		long	len
	)

adds the private key of type pk stored at memory location d (length len)

References m_cobj.

bool Conexus::SSL::Context::use_private_key_file	(	const std::string &	file,
		FileType	type
	)

adds the first private key found in file

The formatting type of the certificate must be specified from the known types PEM or ASN1.

References m_cobj.

bool Conexus::SSL::Context::use_rsa_private_key ( RSA * rsa )

adds pkey as private key to this context.

If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with use_certificate() before setting the private key with use_private_key()

References m_cobj.

bool Conexus::SSL::Context::use_rsa_private_key_asn1	(	unsigned char *	d,
		long	len
	)

adds the private key of type pk stored at memory location d (length len)

References m_cobj.

bool Conexus::SSL::Context::use_rsa_private_key_file	(	const std::string &	file,
		FileType	type
	)

adds the first private key found in file

The formatting type of the certificate must be specified from the known types PEM or ASN1.

References m_cobj.

Member Data Documentation

SSL_CTX* Conexus::SSL::Context::m_cobj [protected]

The underlying C object.

Referenced by check_private_key(), cobj(), Context(), load_verify_locations(), set_default_password_slot(), set_read_ahead(), set_verify_depth(), use_certificate(), use_certificate_asn1(), use_certificate_chain_file(), use_certificate_file(), use_private_key(), use_private_key_asn1(), use_private_key_file(), use_rsa_private_key(), use_rsa_private_key_asn1(), use_rsa_private_key_file(), and ~Context().

PasswordSlot Conexus::SSL::Context::m_default_password_slot [protected]

The default password callback slot.

Referenced by passwd_cb_proxy(), and set_default_password_slot().

Method Conexus::SSL::Context::m_method [protected]

The SSL method set in the constructor.

Referenced by method().

The documentation for this class was generated from the following files:


Public Types
typedef ConexusPointer< Context >	pointer
typedef sigc::slot< void, std::string &, EncDecFlag >	PasswordSlot
	A callback slot which must be provided by the application, hands back the password to be used during decryption.
Public Member Functions
virtual	~Context ()
Method	method ()
bool	use_certificate (X509 *x)
	loads the certificate x
bool	use_certificate_asn1 (int len, unsigned char *d)
	loads the ASN1 encoded certificate from the memory location d (with length len)
bool	use_certificate_file (const std::string &file, FileType type)
	loads the first certificate stored in file
bool	use_certificate_chain_file (const std::string &file)
	loads a certificate chain from file
bool	use_private_key (EVP_PKEY *pkey)
	adds pkey as private key to this context.
bool	use_private_key_asn1 (int pk, unsigned char *d, long len)
	adds the private key of type pk stored at memory location d (length len)
bool	use_private_key_file (const std::string &file, FileType type)
	adds the first private key found in file
bool	use_rsa_private_key (RSA *rsa)
	adds pkey as private key to this context.
bool	use_rsa_private_key_asn1 (unsigned char *d, long len)
	adds the private key of type pk stored at memory location d (length len)
bool	use_rsa_private_key_file (const std::string &file, FileType type)
	adds the first private key found in file
bool	check_private_key () const
	checks the consistency of a private key with the corresponding certificate loaded
void	set_default_password_slot (PasswordSlot slot=PasswordSlot())
	sets the default password callback slot called when loading/storing a PEM certificate with encryption
bool	load_verify_locations (const std::string &ca_file, const std::string &ca_path=std::string())
	set default locations for trusted CA certificates
void	set_verify_depth (int depth)
	sets the maximum depth for the certificate chain verification that shall be allowed
void	set_read_ahead (bool set=true)
	Sets the read ahead parameter for the context DTLS should have this set.
SSL_CTX *	cobj ()
	Returns the underlying C object.
Static Public Member Functions
static pointer	create (Method m=SSLV23)
Protected Member Functions
	Context (Method m)
Static Protected Member Functions
static int	passwd_cb_proxy (char buf, int size, int rwflag, void userdata)
	A static proxy used to provide a callback point for the C library.
Protected Attributes
Method	m_method
	The SSL method set in the constructor.
SSL_CTX *	m_cobj
	The underlying C object.
PasswordSlot	m_default_password_slot
	The default password callback slot.