Common secure socket support.
More...
#include <secure.h>
|
|
typedef void * | bufio_t |
| | Convenience type to represent a secure socket buf i/o stream.
|
| |
|
typedef void * | cert_t |
| | Convenience type to represent a ssl certificate object.
|
| |
|
typedef secure * | client_t |
| | Convenience type to represent a security context.
|
| |
| enum | error_t {
OK =0,
INVALID,
MISSING_CERTIFICATE,
MISSING_PRIVATEKEY,
INVALID_CERTIFICATE,
INVALID_AUTHORITY,
INVALID_PEERNAME,
INVALID_CIPHER
} |
| | Different error states of the security context.
|
| |
|
typedef byteref< secure_release > | keybytes |
| |
|
typedef secure * | server_t |
| |
|
typedef void * | session_t |
| | Convenience type to represent a secure socket session.
|
| |
|
typedef stringref< secure_release > | string |
| |
| enum | verify_t { NONE,
SIGNED,
VERIFIED
} |
| |
|
| error_t | err (void) const |
| | Get last error code associated with the security context. More...
|
| |
| bool | is_valid (void) const |
| | Determine if the current security context is valid. More...
|
| |
|
| operator bool () const |
| |
|
bool | operator! () const |
| |
|
virtual | ~secure () |
| | This is derived in different back-end libraries, and will be used to clear certificate credentials.
|
| |
|
| static void | cipher (secure *context, const char *ciphers) |
| | Assign a non-default cipher to the context. More...
|
| |
| static client_t | client (const char *authority=NULL, const char *paths=NULL) |
| | Create an anonymous client context with an optional authority to validate. More...
|
| |
| static bool | fips (void) |
| | Initialize secure stack with fips support. More...
|
| |
| static bool | init (void) |
| | Initialize secure stack for first use, and report if SSL support is compiled in. More...
|
| |
| static int | oscerts (const char *path) |
| | Copy system certificates to a local path. More...
|
| |
| static const char * | oscerts (void) |
| | Get path to system certificates. More...
|
| |
|
static secure::string | pass (const char *prompt, size_t size) |
| |
| static server_t | server (const char *keyfile=NULL, const char *authority=NULL) |
| | Create a sever context. More...
|
| |
| static client_t | user (const char *authority) |
| | Create a peer user client context. More...
|
| |
| static void | uuid (char *string) |
| | Create 36 character traditional version 1 uuid. More...
|
| |
|
static secure::string | uuid (void) |
| |
Common secure socket support.
This offers common routines needed for secure/ssl socket support code.
- Author
- David Sugar dyfet.nosp@m.@gnu.nosp@m.telep.nosp@m.hony.nosp@m..org
Definition at line 128 of file secure.h.
◆ cipher()
| static void ucommon::secure::cipher |
( |
secure * |
context, |
|
|
const char * |
ciphers |
|
) |
| |
|
static |
Assign a non-default cipher to the context.
- Parameters
-
| context | to set cipher for. |
| ciphers | to set. |
◆ client()
| static client_t ucommon::secure::client |
( |
const char * |
authority = NULL, |
|
|
const char * |
paths = NULL |
|
) |
| |
|
static |
Create an anonymous client context with an optional authority to validate.
- Parameters
-
| authority | path to use or NULL if none. |
| paths | of certificates to use. |
- Returns
- a basic client security context.
◆ err()
| error_t ucommon::secure::err |
( |
void |
| ) |
const |
|
inline |
Get last error code associated with the security context.
- Returns
- last error code or 0/OK if none.
Definition at line 257 of file secure.h.
◆ fips()
| static bool ucommon::secure::fips |
( |
void |
| ) |
|
|
static |
Initialize secure stack with fips support.
If fips support is not successfully enabled, the secure stack is also not initialized. Hence init() can be used for non-fips certified operation if fips fails.
- Returns
- true if fips support enabled and stack initialized.
◆ init()
| static bool ucommon::secure::init |
( |
void |
| ) |
|
|
static |
Initialize secure stack for first use, and report if SSL support is compiled in.
- Returns
- true if ssl support is available, false if not.
- Examples:
- cipher.cpp.
◆ is_valid()
| bool ucommon::secure::is_valid |
( |
void |
| ) |
const |
|
inline |
Determine if the current security context is valid.
- Returns
- true if valid, -1 if not.
Definition at line 249 of file secure.h.
◆ oscerts() [1/2]
| static int ucommon::secure::oscerts |
( |
const char * |
path | ) |
|
|
static |
Copy system certificates to a local path.
- Parameters
-
- Returns
- 0 or error number on failure.
◆ oscerts() [2/2]
| static const char* ucommon::secure::oscerts |
( |
void |
| ) |
|
|
static |
Get path to system certificates.
- Returns
- path to system certificates.
◆ server()
| static server_t ucommon::secure::server |
( |
const char * |
keyfile = NULL, |
|
|
const char * |
authority = NULL |
|
) |
| |
|
static |
Create a sever context.
The certificate file used will be based on the init() method name. This may often be /etc/ssl/certs/initname.pem. Similarly, a matching private key certificate will also be loaded. An optional certificate authority document can be used when we are establishing a service which ssl clients have their own certificates.
- Parameters
-
| authority | path to use or NULL if none. |
- Returns
- a security context that is cast from derived library.
◆ user()
| static client_t ucommon::secure::user |
( |
const char * |
authority | ) |
|
|
static |
Create a peer user client context.
This assumes a user certificate in ~/.ssl/certs and the user private key in ~/.ssl/private. The path to an authority is also sent.
- Parameters
-
◆ uuid()
| static void ucommon::secure::uuid |
( |
char * |
string | ) |
|
|
static |
Create 36 character traditional version 1 uuid.
- Parameters
-
| string | to write uuid into, must be 37 bytes or more. |
The documentation for this class was generated from the following file:
