PWLib
1.10.10
|
00001 /* 00002 * pssl.h 00003 * 00004 * Secure Sockets Layer channel interface class. 00005 * 00006 * Portable Windows Library 00007 * 00008 * Copyright (c) 1993-2002 Equivalence Pty. Ltd. 00009 * 00010 * The contents of this file are subject to the Mozilla Public License 00011 * Version 1.0 (the "License"); you may not use this file except in 00012 * compliance with the License. You may obtain a copy of the License at 00013 * http://www.mozilla.org/MPL/ 00014 * 00015 * Software distributed under the License is distributed on an "AS IS" 00016 * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See 00017 * the License for the specific language governing rights and limitations 00018 * under the License. 00019 * 00020 * The Original Code is Portable Windows Library. 00021 * 00022 * The Initial Developer of the Original Code is Equivalence Pty. Ltd. 00023 * 00024 * Contributor(s): ______________________________________. 00025 * 00026 * $Log: pssl.h,v $ 00027 * Revision 1.20 2005/11/30 12:47:37 csoutheren 00028 * Removed tabs, reformatted some code, and changed tags for Doxygen 00029 * 00030 * Revision 1.19 2002/11/06 22:47:24 robertj 00031 * Fixed header comment (copyright etc) 00032 * 00033 * Revision 1.18 2002/09/16 01:08:59 robertj 00034 * Added #define so can select if #pragma interface/implementation is used on 00035 * platform basis (eg MacOS) rather than compiler, thanks Robert Monaghan. 00036 * 00037 * Revision 1.17 2002/03/28 07:26:36 robertj 00038 * Added Diffie-Hellman parameters wrapper class. 00039 * 00040 * Revision 1.16 2001/12/13 09:15:20 robertj 00041 * Added function to get private key as ray DER binary data or as base64 string. 00042 * 00043 * Revision 1.15 2001/12/06 04:06:03 robertj 00044 * Removed "Win32 SSL xxx" build configurations in favour of system 00045 * environment variables to select optional libraries. 00046 * 00047 * Revision 1.14 2001/10/31 01:30:40 robertj 00048 * Added enhancements for saving/loading/creating certificates and keys. 00049 * 00050 * Revision 1.13 2001/09/10 02:51:22 robertj 00051 * Major change to fix problem with error codes being corrupted in a 00052 * PChannel when have simultaneous reads and writes in threads. 00053 * 00054 * Revision 1.12 2001/06/01 00:53:59 robertj 00055 * Added certificate constructor that takes a PBYTEArray 00056 * 00057 * Revision 1.11 2001/05/16 06:02:05 craigs 00058 * Changed to allow detection of non-SSL connection to SecureHTTPServiceProcess 00059 * 00060 * Revision 1.10 2000/11/14 08:33:16 robertj 00061 * Added certificate and private key classes. 00062 * 00063 * Revision 1.9 2000/08/25 08:11:02 robertj 00064 * Fixed OpenSSL support so can operate as a server channel. 00065 * 00066 * Revision 1.8 2000/08/04 12:52:18 robertj 00067 * SSL changes, added error functions, removed need to have openssl include directory in app. 00068 * 00069 * Revision 1.7 2000/01/10 02:23:18 craigs 00070 * Update for new OpenSSL 00071 * 00072 * Revision 1.6 1999/02/16 08:07:10 robertj 00073 * MSVC 6.0 compatibility changes. 00074 * 00075 * Revision 1.5 1998/12/04 13:01:51 craigs 00076 * Changed for SSLeay 0.9 00077 * 00078 * Revision 1.4 1998/09/23 06:19:50 robertj 00079 * Added open source copyright license. 00080 * 00081 * Revision 1.3 1997/05/04 02:49:52 craigs 00082 * Added support for client and server certificates 00083 * 00084 * Revision 1.1 1996/11/15 07:37:48 craigs 00085 * Initial revision 00086 * 00087 */ 00088 00089 #ifndef _PSSL_H 00090 #define _PSSL_H 00091 00092 #ifdef P_USE_PRAGMA 00093 #pragma interface 00094 #endif 00095 00096 #include <ptlib/sockets.h> 00097 00098 00099 struct ssl_st; 00100 struct ssl_ctx_st; 00101 struct x509_st; 00102 struct evp_pkey_st; 00103 struct dh_st; 00104 00105 enum PSSLFileTypes { 00106 PSSLFileTypePEM, 00107 PSSLFileTypeASN1, 00108 PSSLFileTypeDEFAULT 00109 }; 00110 00111 00116 class PSSLPrivateKey : public PObject 00117 { 00118 PCLASSINFO(PSSLPrivateKey, PObject); 00119 public: 00122 PSSLPrivateKey(); 00123 00126 PSSLPrivateKey( 00127 unsigned modulus, 00128 void (*callback)(int,int,void *) = NULL, 00129 void *cb_arg = NULL 00130 ); 00131 00137 PSSLPrivateKey( 00138 const PFilePath & keyFile, 00139 PSSLFileTypes fileType = PSSLFileTypeDEFAULT 00140 ); 00141 00144 PSSLPrivateKey( 00145 const BYTE * keyData, 00146 PINDEX keySize 00147 ); 00148 00151 PSSLPrivateKey( 00152 const PBYTEArray & keyData 00153 ); 00154 00157 PSSLPrivateKey( 00158 const PSSLPrivateKey & privKey 00159 ); 00160 00163 PSSLPrivateKey & operator=( 00164 const PSSLPrivateKey & privKay 00165 ); 00166 00169 ~PSSLPrivateKey(); 00170 00173 operator evp_pkey_st *() const { return key; } 00174 00177 BOOL Create( 00178 unsigned modulus, 00179 void (*callback)(int,int,void *) = NULL, 00180 void *cb_arg = NULL 00181 ); 00182 00185 PBYTEArray GetData() const; 00186 00189 PString AsString() const; 00190 00196 BOOL Load( 00197 const PFilePath & keyFile, 00198 PSSLFileTypes fileType = PSSLFileTypeDEFAULT 00199 ); 00200 00206 BOOL Save( 00207 const PFilePath & keyFile, 00208 BOOL append = FALSE, 00209 PSSLFileTypes fileType = PSSLFileTypeDEFAULT 00210 ); 00211 00212 00213 protected: 00214 evp_pkey_st * key; 00215 }; 00216 00217 00222 class PSSLCertificate : public PObject 00223 { 00224 PCLASSINFO(PSSLCertificate, PObject); 00225 public: 00228 PSSLCertificate(); 00229 00235 PSSLCertificate( 00236 const PFilePath & certFile, 00237 PSSLFileTypes fileType = PSSLFileTypeDEFAULT 00238 ); 00239 00242 PSSLCertificate( 00243 const BYTE * certData, 00244 PINDEX certSize 00245 ); 00246 00249 PSSLCertificate( 00250 const PBYTEArray & certData 00251 ); 00252 00255 PSSLCertificate( 00256 const PString & certString 00257 ); 00258 00261 PSSLCertificate( 00262 const PSSLCertificate & cert 00263 ); 00264 00267 PSSLCertificate & operator=( 00268 const PSSLCertificate & cert 00269 ); 00270 00273 ~PSSLCertificate(); 00274 00277 operator x509_st *() const { return certificate; } 00278 00287 BOOL CreateRoot( 00288 const PString & subject, 00289 const PSSLPrivateKey & key 00290 ); 00291 00294 PBYTEArray GetData() const; 00295 00298 PString AsString() const; 00299 00305 BOOL Load( 00306 const PFilePath & certFile, 00307 PSSLFileTypes fileType = PSSLFileTypeDEFAULT 00308 ); 00309 00315 BOOL Save( 00316 const PFilePath & keyFile, 00317 BOOL append = FALSE, 00318 PSSLFileTypes fileType = PSSLFileTypeDEFAULT 00319 ); 00320 00321 00322 protected: 00323 x509_st * certificate; 00324 }; 00325 00326 00331 class PSSLDiffieHellman : public PObject 00332 { 00333 PCLASSINFO(PSSLDiffieHellman, PObject); 00334 public: 00337 PSSLDiffieHellman(); 00338 00344 PSSLDiffieHellman( 00345 const PFilePath & dhFile, 00346 PSSLFileTypes fileType = PSSLFileTypeDEFAULT 00347 ); 00348 00351 PSSLDiffieHellman( 00352 const BYTE * pData, 00353 PINDEX pSize, 00354 const BYTE * gData, 00355 PINDEX gSize 00356 ); 00357 00360 PSSLDiffieHellman( 00361 const PSSLDiffieHellman & dh 00362 ); 00363 00366 PSSLDiffieHellman & operator=( 00367 const PSSLDiffieHellman & dh 00368 ); 00369 00372 ~PSSLDiffieHellman(); 00373 00376 operator dh_st *() const { return dh; } 00377 00383 BOOL Load( 00384 const PFilePath & dhFile, 00385 PSSLFileTypes fileType = PSSLFileTypeDEFAULT 00386 ); 00387 00388 protected: 00389 dh_st * dh; 00390 }; 00391 00392 00398 class PSSLContext { 00399 public: 00407 PSSLContext( 00408 const void * sessionId = NULL, 00409 PINDEX idSize = 0 00410 ); 00411 00414 ~PSSLContext(); 00415 00418 operator ssl_ctx_st *() const { return context; } 00419 00422 BOOL SetCAPath( 00423 const PDirectory & caPath 00424 ); 00425 00428 BOOL SetCAFile( 00429 const PFilePath & caFile 00430 ); 00431 00434 BOOL UseCertificate( 00435 const PSSLCertificate & certificate 00436 ); 00437 00440 BOOL UsePrivateKey( 00441 const PSSLPrivateKey & key 00442 ); 00443 00446 BOOL UseDiffieHellman( 00447 const PSSLDiffieHellman & dh 00448 ); 00449 00452 BOOL SetCipherList( 00453 const PString & ciphers 00454 ); 00455 00456 protected: 00457 ssl_ctx_st * context; 00458 }; 00459 00460 00463 class PSSLChannel : public PIndirectChannel 00464 { 00465 PCLASSINFO(PSSLChannel, PIndirectChannel) 00466 public: 00470 PSSLChannel( 00471 PSSLContext * context = NULL, 00472 BOOL autoDeleteContext = FALSE 00473 ); 00474 PSSLChannel( 00475 PSSLContext & context 00476 ); 00477 00480 ~PSSLChannel(); 00481 00482 // Overrides from PChannel 00483 virtual BOOL Read(void * buf, PINDEX len); 00484 virtual BOOL Write(const void * buf, PINDEX len); 00485 virtual BOOL Close(); 00486 virtual BOOL Shutdown(ShutdownValue) { return TRUE; } 00487 virtual PString GetErrorText(ErrorGroup group = NumErrorGroups) const; 00488 virtual BOOL ConvertOSError(int error, ErrorGroup group = LastGeneralError); 00489 00490 // New functions 00495 BOOL Accept(); 00496 00499 BOOL Accept( 00500 PChannel & channel 00501 ); 00502 00505 BOOL Accept( 00506 PChannel * channel, 00507 BOOL autoDelete = TRUE 00508 ); 00509 00510 00515 BOOL Connect(); 00516 00519 BOOL Connect( 00520 PChannel & channel 00521 ); 00522 00525 BOOL Connect( 00526 PChannel * channel, 00527 BOOL autoDelete = TRUE 00528 ); 00529 00532 BOOL UseCertificate( 00533 const PSSLCertificate & certificate 00534 ); 00535 00538 BOOL UsePrivateKey( 00539 const PSSLPrivateKey & key 00540 ); 00541 00542 enum VerifyMode { 00543 VerifyNone, 00544 VerifyPeer, 00545 VerifyPeerMandatory, 00546 }; 00547 00548 void SetVerifyMode( 00549 VerifyMode mode 00550 ); 00551 00552 PSSLContext * GetContext() const { return context; } 00553 00554 virtual BOOL RawSSLRead(void * buf, PINDEX & len); 00555 00556 protected: 00566 virtual BOOL OnOpen(); 00567 00568 protected: 00569 PSSLContext * context; 00570 BOOL autoDeleteContext; 00571 ssl_st * ssl; 00572 }; 00573 00574 #endif // _PSSL_H