21#ifndef G_SSL_OPENSSL_H
22#define G_SSL_OPENSSL_H
27#include <openssl/ssl.h>
28#include <openssl/err.h>
29#include <openssl/rand.h>
30#include <openssl/md5.h>
31#include <openssl/sha.h>
32#include <openssl/evp.h>
75 std::string str()
const ;
87 using Fn =
const SSL_METHOD *(*)() ;
89 Fn fn(
bool server ) ;
94 bool noverify()
const ;
98 static int map(
int ,
int ) ;
106 long m_options_reset ;
117 std::string str()
const ;
129 explicit Error(
const std::string & ) ;
130 Error(
const std::string & ,
unsigned long ) ;
131 Error(
const std::string & ,
unsigned long ,
const std::string & path ) ;
132 static void clearErrors() ;
135 static std::string text(
unsigned long ) ;
147 const std::string & cert_file ,
const std::string & ca_file ,
148 const std::string & default_peer_certificate_name ,
const std::string & default_peer_host_name ,
149 const std::string & profile_config ) ;
151 SSL_CTX * p()
const ;
153 const std::string & defaultPeerCertificateName()
const ;
154 const std::string & defaultPeerHostName()
const ;
155 void apply(
const Config & ) ;
158 std::unique_ptr<ProtocolImpBase> newProtocol(
const std::string & ,
const std::string & )
const override ;
163 void operator=(
const ProfileImp & ) = delete ;
167 static void check(
int ,
const std::string & ,
const std::string & = std::string() ) ;
168 static int verifyPass(
int , X509_STORE_CTX * ) ;
169 static int verifyPeerName(
int , X509_STORE_CTX * ) ;
170 static std::string name( X509_NAME * ) ;
171 static void deleter( SSL_CTX * ) ;
175 const std::string m_default_peer_certificate_name ;
176 const std::string m_default_peer_host_name ;
177 std::unique_ptr<SSL_CTX,std::function<void(SSL_CTX*)>> m_ssl_ctx ;
191 bool noverify()
const ;
193 Library::LogFn log()
const ;
194 bool verbose()
const ;
196 static std::string credit(
const std::string & prefix ,
const std::string & eol ,
const std::string & eot ) ;
197 static std::string sid() ;
200 void addProfile(
const std::string & name ,
bool is_server_profile ,
201 const std::string & key_file ,
const std::string & cert_file ,
const std::string & ca_file ,
202 const std::string & default_peer_certificate_name ,
const std::string & default_peer_host_name ,
203 const std::string & profile_config )
override ;
204 bool hasProfile(
const std::string & )
const override ;
205 const GSsl::Profile & profile(
const std::string & )
const override ;
206 std::string id()
const override ;
207 bool generateKeyAvailable()
const override ;
208 std::string generateKey(
const std::string & )
const override ;
210 Digester digester(
const std::string & ,
const std::string & ,
bool )
const override ;
215 void operator=(
const LibraryImp & ) = delete ;
219 static void cleanup() ;
222 using Map = std::map<std::string,std::shared_ptr<ProfileImp>> ;
223 std::string m_library_config ;
224 Library::LogFn m_log_fn ;
237 using Result = Protocol::Result ;
244 std::string requiredPeerCertificateName()
const ;
249 Result shutdown()
override ;
250 Result read(
char * buffer , std::size_t buffer_size , ssize_t & read_size )
override ;
251 Result write(
const char * buffer , std::size_t size_in , ssize_t & size_out )
override ;
252 std::string peerCertificate()
const override ;
253 std::string peerCertificateChain()
const override ;
254 std::string protocol()
const override ;
255 std::string cipher()
const override ;
256 bool verified()
const override ;
265 int error(
const char * ,
int )
const ;
269 static Result convert(
int ) ;
270 static void clearErrors() ;
271 void logErrors(
const std::string & op ,
int rc ,
int e ,
const std::string & )
const ;
273 static void deleter( SSL * ) ;
276 std::unique_ptr<SSL,std::function<void(SSL*)>> m_ssl ;
277 Library::LogFn m_log_fn ;
280 std::string m_required_peer_certificate_name ;
281 std::string m_peer_certificate ;
282 std::string m_peer_certificate_chain ;
292 DigesterImp(
const std::string & ,
const std::string & ,
bool ) ;
296 void add(
const std::string & )
override ;
297 std::string value()
override ;
298 std::string state()
override ;
299 std::size_t blocksize()
const override ;
300 std::size_t valuesize()
const override ;
301 std::size_t statesize()
const override ;
310 enum class Type { Md5 , Sha1 , Sha256 , Other } ;
314 SHA256_CTX m_sha256 {} ;
315 EVP_MD_CTX * m_evp_ctx ;
316 std::size_t m_block_size {0} ;
317 std::size_t m_value_size {0} ;
318 std::size_t m_state_size {0} ;
A base interface for GSsl::Digester pimple classes.
A class for objects that can perform a cryptographic hash.
A base interface for GSsl::Library pimple classes.
Holds a certificate chain taken from a stack of OpenSSL X509 structures.
Holds a certificate taken from an OpenSSL X509 structure.
Holds protocol version information, etc.
An implementation of the GSsl::DigesterImpBase interface for OpenSSL.
An exception class for GSsl::OpenSSL classes.
An implementation of the GSsl::LibraryImpBase interface for OpenSSL.
An implementation of the GSsl::Profile interface for OpenSSL.
An implementation of the GSsl::ProtocolImpBase interface for OpenSSL.
A base interface for profile classes that work with concrete classes derived from GSsl::LibraryImpBas...
A base interface for GSsl::Protocol pimple classes.
An abstract interface for reading and writing from a non-blocking i/o channel.
An interface to an underlying TLS library.
TLS/SSL transport layer security classes.
std::vector< std::string > StringArray
A std::vector of std::strings.