conexus logo

sslsocket.h

Go to the documentation of this file.
00001 /***************************************************************************
00002  *   Copyright (C) 2007 by Rick L. Vinyard, Jr.                            *
00003  *   rvinyard@cs.nmsu.edu                                                  *
00004  *                                                                         *
00005  *   This file is part of the conexus library.                             *
00006  *                                                                         *
00007  *   The conexus library is free software; you can redistribute it and/or  *
00008  *   modify it under the terms of the GNU General Public License           *
00009  *   version 3 as published by the Free Software Foundation.               *
00010  *                                                                         *
00011  *   The conexus library is distributed in the hope that it will be        *
00012  *   useful, but WITHOUT ANY WARRANTY; without even the implied warranty   *
00013  *   of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU   *
00014  *   General Public License for more details.                              *
00015  *                                                                         *
00016  *   You should have received a copy of the GNU General Public License     *
00017  *   along with this software. If not see <http://www.gnu.org/licenses/>.  *
00018  ***************************************************************************/
00019 #ifndef CONEXUSNSSSSLSOCKET_H
00020 #define CONEXUSNSSSSLSOCKET_H
00021 
00022 #include <conexus-nspr/socket.h>
00023 #include <conexus-nspr/udp.h>
00024 #include <conexus-nss/certificate.h>
00025 #include <conexus-nss/privatekey.h>
00026 
00027 namespace Conexus
00028 {
00029 
00030   namespace NSS
00031   {
00043     class SSLSocket : public Conexus::NSPR::Socket
00044     {
00045       public:
00046         typedef ConexusPointer<SSLSocket> pointer;
00047 
00048       protected:
00049         SSLSocket( Conexus::NSPR::Socket::pointer socket, SSLSocket::pointer model = SSLSocket::pointer() );
00050 
00051       public:
00052         static pointer create( Conexus::NSPR::Socket::pointer socket, SSLSocket::pointer model = SSLSocket::pointer() );
00053         
00054         virtual ~SSLSocket() throw();
00055 
00056         virtual void open() throw (open_exception);
00057 
00058         virtual size_t input_available() throw();
00059 
00060         bool set_option( int32_t option, bool on=true );
00061 
00062         bool is_option_set( int32_t option );
00063 
00064         bool enable_cipher( int32_t cipher, bool enable=true );
00065 
00066         bool is_cipher_enabled( int32_t cipher );
00067 
00068         bool configure_as_server( Certificate::pointer cert, PrivateKey::pointer key, KEA kea_type );
00069 
00070         bool set_url( const std::string& url );
00071 
00072         std::string url();
00073 
00074         bool set_pkcs11_pin_arg( void* arg );
00075 
00076         void* pkcs11_pin_arg();
00077 
00078         bool invalidate_session();
00079 
00080         SECURITY_STATUS security_status();
00081 
00082         std::string cipher();
00083 
00084         int session_key_size();
00085 
00086         int secret_key_size();
00087 
00088         std::string issuer();
00089 
00090         std::string subject();
00091 
00092         // TODO return a wrapped object
00093         SECItem* session_id();
00094 
00095         bool set_peer_id( const std::string& peer_id );
00096 
00097         Certificate::pointer peer_certificate();
00098         
00099         bool force_handshake();
00100 
00101         bool rehandshake( bool flush_cache = true );
00102 
00103         bool reset_handshake( bool as_server = false );
00104 
00105         void set_authenticate_certificate_callback( sigc::slot<bool,bool,bool> slot );
00106 
00107         void unset_authenticate_certificate_callback();
00108 
00109         void set_bad_certificate_callback( sigc::slot<bool> slot );
00110 
00111         void unset_bad_certificate_callback();
00112 
00113         void set_client_authentication_callback( sigc::slot<bool,struct CERTDistNamesStr*, struct CERTCertificateStr**, struct SECKEYPrivateKeyStr**> slot );
00114 
00115         void set_default_client_authentication_callback(char* nickname);
00116 
00117         void unset_client_authentication_callback();
00118 
00119         sigc::signal<void> signal_handshake_complete();
00120 
00121       protected:
00122 
00123         sigc::slot<bool,bool,bool> m_authenticate_certificate_slot;
00124 
00125         sigc::slot<bool> m_bad_certificate_slot;
00126 
00127         sigc::slot<bool,struct CERTDistNamesStr*, struct CERTCertificateStr**, struct SECKEYPrivateKeyStr**> m_client_authentication_slot;
00128 
00129         sigc::signal<void> m_signal_handshake_complete;
00130         
00145         virtual bool on_authenticate_certificate( bool checksig, bool isServer );
00146 
00147         virtual bool on_bad_certificate();
00148 
00149         virtual bool on_client_authentication( struct CERTDistNamesStr* ca_names, struct CERTCertificateStr** ret_cert, struct SECKEYPrivateKeyStr** ret_key );
00150 
00151       private:
00152         static SECStatus SSL_AuthCertificateHook_proxy( void *arg, PRFileDesc *socket, PRBool checksig, PRBool isServer );
00153 
00154         static SECStatus SSL_BadCertHook_proxy( void *arg, PRFileDesc *socket );
00155 
00156         static void SSL_HandshakeCallback_proxy( PRFileDesc *socket, void *arg );
00157 
00158         static SECStatus SSL_GetClientAuthDataHook_proxy( void *arg, PRFileDesc *socket,
00159             struct CERTDistNamesStr *caNames,
00160             struct CERTCertificateStr **pRetCert,
00161             struct SECKEYPrivateKeyStr **pRetKey );
00162 
00163 
00164     };
00165 
00166   }
00167 
00168 }
00169 
00170 //         void enable_ssl( bool as_server );
00171 
00172 
00173 
00174 #endif
Generated on Wed Jul 8 15:50:08 2009 for conexus by doxygen 1.5.8