- Generated on Mon Nov 14 2011 for The Micro C++ Library by
1.7.4
|
The Micro C++ Library
|
The SSLProtocol provides a Secure Socket Layer protocol implementation. More...
#include <micxx.hxx>
Inherits micxx::Mutex, and micxx::traits::BiDiConnection.
Public Member Functions | |
| virtual | ~SSLProtocol () |
| Destroys the sslContext. | |
| virtual void | accept (int aserverSessionIDContext=rand()) |
| Accept this instance as a server endpoint to the underlying connection. | |
| virtual void | connect () |
| Connect this instance as a client endpoint to the underlying connection. | |
| virtual void | close (ClosingMode closingMode=BiDirectional) |
| Close this SSL communication link and release all associated resources. | |
| virtual const X509CertificateList & | getCACertificates () const |
| Return the list of trusted CAs certificates. | |
| virtual const X509Certificate & | getCertificate () const |
| Return either the server or client certificate. | |
| virtual bool | getPeerAuthentication () const |
| Return if peer authentication is enabled / disabled. | |
| virtual const X509Certificate & | getPeerCertificate () const |
| Return the peer certificate from the remote peer. | |
| virtual const PrivateKey & | getPrivateKey () const |
| Return the private key. | |
| virtual int | recv (void *bytes, size_t size, bool blocking=true) |
| virtual int | send (const void *bytes, size_t size, bool blocking=true) |
| virtual void | setCACertificates (const X509CertificateList &certificates) |
| Set the list of trusted CAs certificates. | |
| virtual void | setCACertificates (const std::string &url) |
| Try to load a list of trusted CA certificates from URL url. | |
| virtual void | setCertificate (const X509Certificate &certificate) |
| Sets either the own server or client certificate. | |
| virtual void | setCertificate (const std::string &url) |
| Try to load either the own server or client certificate from URL url. | |
| virtual void | setCertificates (const PKCS12Store &pkcs12Store) |
| Set either a private key and/or a certificate and/or a list of CA certificates from URL pkcs12. | |
| virtual void | setCertificates (const std::string &url, const std::string *passphrase=0) |
| Try to load either a private key and/or a certificate and/or a list of CA certificates from URL url. | |
| virtual void | setPeerAuthentication (bool value) |
| Enable (default) / Disable peer authentication. | |
| virtual void | setPrivateKey (const PrivateKey &privateKey) |
| Sets the private key. | |
| virtual void | setPrivateKey (const std::string &url, const std::string *passphrase=0) |
| Set the URL url and the passphrase to the private key resource. | |
| virtual void | setSocket (Socket *socket) |
| Connect this SSL protocol instance with the specified socket. | |
| virtual std::string | toString () const |
| Returns a printable representation. | |
Protected Member Functions | |
| void | doPeerAuthentication () |
Protected Attributes | |
| PKCS12Store | pkcs12Store |
| A PKCS#12 store containing a private key, a certificate and a list of trusted CA certificate. | |
| X509Certificate | peerCertificate |
| The received certificate of the other peer. | |
| bool | peerAuthentication |
| std::string | address |
| The address of this SSLProtocol instance. | |
| bool | closed |
| SSLProtocol is either closed or connected. | |
| bool | checkCertificate |
| Tracks if either the server or client certificate should be verified against the private key. | |
The SSLProtocol provides a Secure Socket Layer protocol implementation.
The following example shows how to use this class with a TCP connection:
// Create and connect the TCP client socket micxx::InetAddress inetAddress(addr.c_str()); micxx::ClientSocket clientSocket; clientSocket.connect(inetAddress); // Create and customize the SSL protocol layer micxx::SSLProtocol sslProtocol; sslProtocol.setCACertificatesFile(caStore); // Connect the SSL protocol with the TCP socket sslProtocol.setSocket(clientSocket); // Connect the SSL client to the SSL Server endpoint (SSL Handshake) sslProtocol.connect(); // Exchange encrypted data ... sslProtocol.send(MESSAGE.c_str(), MESSAGE.length()); cout << sslProtocol.readLn(); // Shutdown the SSL communication sslProtocol.close(); // Close the TCP connection clientSocket.close();
| virtual micxx::SSLProtocol::~SSLProtocol | ( | ) | [virtual] |
Destroys the sslContext.
| virtual void micxx::SSLProtocol::accept | ( | int | aserverSessionIDContext = rand() | ) | [virtual] |
Accept this instance as a server endpoint to the underlying connection.
| virtual void micxx::SSLProtocol::close | ( | ClosingMode | closingMode = BiDirectional | ) | [virtual] |
Close this SSL communication link and release all associated resources.
Implements micxx::traits::BiDiConnection.
| virtual void micxx::SSLProtocol::connect | ( | ) | [virtual] |
Connect this instance as a client endpoint to the underlying connection.
| void micxx::SSLProtocol::doPeerAuthentication | ( | ) | [protected] |
| virtual const X509CertificateList& micxx::SSLProtocol::getCACertificates | ( | ) | const [inline, virtual] |
Return the list of trusted CAs certificates.
{
return pkcs12Store.getCACertificates();
}
| virtual const X509Certificate& micxx::SSLProtocol::getCertificate | ( | ) | const [inline, virtual] |
Return either the server or client certificate.
{
return pkcs12Store.getCertificate();
}
| virtual bool micxx::SSLProtocol::getPeerAuthentication | ( | ) | const [inline, virtual] |
Return if peer authentication is enabled / disabled.
{
return peerAuthentication;
}
| virtual const X509Certificate& micxx::SSLProtocol::getPeerCertificate | ( | ) | const [inline, virtual] |
Return the peer certificate from the remote peer.
{
return peerCertificate;
}
| virtual const PrivateKey& micxx::SSLProtocol::getPrivateKey | ( | ) | const [inline, virtual] |
Return the private key.
{
return pkcs12Store.getPrivateKey();
}
| virtual int micxx::SSLProtocol::recv | ( | void * | bytes, |
| size_t | size, | ||
| bool | blocking = true |
||
| ) | [virtual] |
| virtual int micxx::SSLProtocol::send | ( | const void * | bytes, |
| size_t | size, | ||
| bool | blocking = true |
||
| ) | [virtual] |
| bytes | The pointer to the sending buffer |
| size | The number of bytes to be expected to be sent |
| blocking | If blocking is true, then the call waits until all size bytes were sent. Otherwise, it returns as soon as possible. |
Implements micxx::traits::Sender.
| virtual void micxx::SSLProtocol::setCACertificates | ( | const X509CertificateList & | certificates | ) | [virtual] |
Set the list of trusted CAs certificates.
| virtual void micxx::SSLProtocol::setCACertificates | ( | const std::string & | url | ) | [virtual] |
Try to load a list of trusted CA certificates from URL url.
| virtual void micxx::SSLProtocol::setCertificate | ( | const X509Certificate & | certificate | ) | [virtual] |
Sets either the own server or client certificate.
| virtual void micxx::SSLProtocol::setCertificate | ( | const std::string & | url | ) | [virtual] |
Try to load either the own server or client certificate from URL url.
| virtual void micxx::SSLProtocol::setCertificates | ( | const PKCS12Store & | pkcs12Store | ) | [virtual] |
Set either a private key and/or a certificate and/or a list of CA certificates from URL pkcs12.
| virtual void micxx::SSLProtocol::setCertificates | ( | const std::string & | url, |
| const std::string * | passphrase = 0 |
||
| ) | [virtual] |
Try to load either a private key and/or a certificate and/or a list of CA certificates from URL url.
| virtual void micxx::SSLProtocol::setPeerAuthentication | ( | bool | value | ) | [inline, virtual] |
Enable (default) / Disable peer authentication.
If this is a client endpoint, this will enable server authentication and requires a valid certificate chain provided by the server endpoint.
{
peerAuthentication = value;
}
| virtual void micxx::SSLProtocol::setPrivateKey | ( | const std::string & | url, |
| const std::string * | passphrase = 0 |
||
| ) | [virtual] |
Set the URL url and the passphrase to the private key resource.
| virtual void micxx::SSLProtocol::setPrivateKey | ( | const PrivateKey & | privateKey | ) | [virtual] |
Sets the private key.
| virtual void micxx::SSLProtocol::setSocket | ( | Socket * | socket | ) | [virtual] |
Connect this SSL protocol instance with the specified socket.
If this instance was already connected to a connection, the old connection is deleted before.
| socket | Either a pointer to a valid socket instance to setup a new communication link, or 0 in which case only the old communication link is deleted. |
| virtual std::string micxx::SSLProtocol::toString | ( | ) | const [virtual] |
Returns a printable representation.
Reimplemented from micxx::Mutex.
std::string micxx::SSLProtocol::address [protected] |
The address of this SSLProtocol instance.
bool micxx::SSLProtocol::checkCertificate [protected] |
Tracks if either the server or client certificate should be verified against the private key.
bool micxx::SSLProtocol::closed [protected] |
SSLProtocol is either closed or connected.
bool micxx::SSLProtocol::peerAuthentication [protected] |
X509Certificate micxx::SSLProtocol::peerCertificate [protected] |
The received certificate of the other peer.
PKCS12Store micxx::SSLProtocol::pkcs12Store [protected] |
A PKCS#12 store containing a private key, a certificate and a list of trusted CA certificate.
1.7.4