#include <tlsbase.h>
Public Member Functions | |
| TLSBase (TLSHandler *th, const std::string server) | |
| virtual | ~TLSBase () |
| virtual bool | encrypt (const std::string &data)=0 |
| virtual int | decrypt (const std::string &data)=0 |
| virtual void | cleanup ()=0 |
| virtual bool | handshake ()=0 |
| virtual bool | isSecure () const |
| virtual void | setCACerts (const StringList &cacerts)=0 |
| virtual const CertInfo & | fetchTLSInfo () const |
| virtual void | setClientCert (const std::string &clientKey, const std::string &clientCerts)=0 |
Detailed Description
Constructor & Destructor Documentation
|
inline |
Constructor.
- Parameters
-
th The TLSHandler to handle TLS-related events. server The server to use in certificate verification.
Member Function Documentation
|
pure virtual |
This function performs internal cleanup and will be called after a failed handshake attempt.
Implemented in TLSDefault, GnuTLSBase, GnuTLSClient, SChannel, OpenSSL, GnuTLSClientAnon, and GnuTLSServerAnon.
|
pure virtual |
Use this function to feed encrypted data or received handshake data to the encryption implementation. Handshake data will be eaten, unencrypted data will be pushed to the TLSHandler's handleDecryptedData() function.
- Parameters
-
data The data to decrypt.
- Returns
- The number of bytes used from the input.
Implemented in TLSDefault, GnuTLSBase, SChannel, and OpenSSL.
|
pure virtual |
Use this function to feed unencrypted data to the encryption implementation. The encrypted result will be pushed to the TLSHandler's handleEncryptedData() function.
- Parameters
-
data The data to encrypt.
- Returns
- Whether or not the data was used successfully.
Implemented in TLSDefault, GnuTLSBase, SChannel, and OpenSSL.
|
inlinevirtual |
This function is used to retrieve certificate and connection info of a encrypted connection.
- Returns
- Certificate information.
Reimplemented in TLSDefault.
|
pure virtual |
This functiopn performs the TLS handshake. Handshake data from the server side should be fed in using decrypt(). Handshake data that is to be sent to the other side is pushed through TLSBase's handleEncryptedData().
- Returns
- True if the handshake was successful or if more input is needed, false if the handshake failed.
Implemented in TLSDefault, GnuTLSBase, SChannel, and OpenSSL.
|
inlinevirtual |
Returns the state of the encryption.
- Returns
- The state of the encryption.
Reimplemented in TLSDefault.
|
pure virtual |
Use this function to set a number of trusted root CA certificates which shall be used to verify a servers certificate.
- Parameters
-
cacerts A list of absolute paths to CA root certificate files in PEM format.
Implemented in TLSDefault, GnuTLSBase, SChannel, OpenSSL, and GnuTLSClient.
|
pure virtual |
Use this function to set the user's certificate and private key. The certificate will be presented to the server upon request and can be used for SASL EXTERNAL authentication. The user's certificate file should be a bundle of more than one certificate in PEM format. The first one in the file should be the user's certificate, each cert following that one should have signed the previous one.
- Note
- These certificates are not necessarily the same as those used to verify the server's certificate.
- Parameters
-
clientKey The absolute path to the user's private key in PEM format. clientCerts A path to a certificate bundle in PEM format.
Implemented in TLSDefault, GnuTLSBase, SChannel, OpenSSL, and GnuTLSClient.
The documentation for this class was generated from the following file:
