gloox  1.0.1
Public Member Functions | List of all members
TLSBase Class Reference

#include <tlsbase.h>

Inheritance diagram for TLSBase:
Inheritance graph
[legend]

Public Member Functions

 TLSBase (TLSHandler *th, const std::string server)
virtual ~TLSBase ()
virtual bool init (const std::string &clientKey=EmptyString, const std::string &clientCerts=EmptyString, const StringList &cacerts=StringList())=0
void setInitLib (bool init)
virtual bool encrypt (const std::string &data)=0
virtual int decrypt (const std::string &data)=0
virtual void cleanup ()=0
virtual bool handshake ()=0
virtual bool isSecure () const
virtual void setCACerts (const StringList &cacerts)=0
virtual const CertInfofetchTLSInfo () const
virtual void setClientCert (const std::string &clientKey, const std::string &clientCerts)=0

Detailed Description

An abstract base class for TLS implementations.

Author
Jakob Schroeter js@ca.nosp@m.maya.nosp@m..net
Since
0.9

Definition at line 31 of file tlsbase.h.

Constructor & Destructor Documentation

TLSBase ( TLSHandler th,
const std::string  server 
)
inline

Constructor.

Parameters
thThe TLSHandler to handle TLS-related events.
serverThe server to use in certificate verification.

Definition at line 39 of file tlsbase.h.

virtual ~TLSBase ( )
inlinevirtual

Virtual destructor.

Definition at line 46 of file tlsbase.h.

Member Function Documentation

virtual void cleanup ( )
pure virtual

This function performs internal cleanup and will be called after a failed handshake attempt.

Implemented in TLSDefault, GnuTLSClient, SChannel, OpenSSLBase, GnuTLSBase, GnuTLSClientAnon, and GnuTLSServerAnon.

virtual int decrypt ( const std::string &  data)
pure virtual

Use this function to feed encrypted data or received handshake data to the encryption implementation. Handshake data will be eaten, unencrypted data will be pushed to the TLSHandler's handleDecryptedData() function.

Parameters
dataThe data to decrypt.
Returns
The number of bytes used from the input.

Implemented in TLSDefault, SChannel, OpenSSLBase, and GnuTLSBase.

virtual bool encrypt ( const std::string &  data)
pure virtual

Use this function to feed unencrypted data to the encryption implementation. The encrypted result will be pushed to the TLSHandler's handleEncryptedData() function.

Parameters
dataThe data to encrypt.
Returns
Whether or not the data was used successfully.

Implemented in TLSDefault, SChannel, OpenSSLBase, and GnuTLSBase.

virtual const CertInfo& fetchTLSInfo ( ) const
inlinevirtual

This function is used to retrieve certificate and connection info of a encrypted connection.

Returns
Certificate information.

Reimplemented in TLSDefault.

Definition at line 118 of file tlsbase.h.

virtual bool handshake ( )
pure virtual

This functiopn performs the TLS handshake. Handshake data from the server side should be fed in using decrypt(). Handshake data that is to be sent to the other side is pushed through TLSBase's handleEncryptedData().

Returns
True if the handshake was successful or if more input is needed, false if the handshake failed.

Implemented in TLSDefault, SChannel, OpenSSLBase, and GnuTLSBase.

virtual bool init ( const std::string &  clientKey = EmptyString,
const std::string &  clientCerts = EmptyString,
const StringList cacerts = StringList() 
)
pure virtual

Initializes the TLS module. This function must be called (and execute successfully) before the module can be used.

Parameters
clientKeyThe absolute path to the user's private key in PEM format.
clientCertsA path to a certificate bundle in PEM format.
cacertsA list of absolute paths to CA root certificate files in PEM format.
Returns
False if initialization failed, true otherwise.
Since
1.0

Implemented in TLSDefault, GnuTLSClient, SChannel, GnuTLSClientAnon, GnuTLSServerAnon, and OpenSSLBase.

virtual bool isSecure ( ) const
inlinevirtual

Returns the state of the encryption.

Returns
The state of the encryption.

Reimplemented in TLSDefault.

Definition at line 105 of file tlsbase.h.

virtual void setCACerts ( const StringList cacerts)
pure virtual

Use this function to set a number of trusted root CA certificates which shall be used to verify a servers certificate.

Parameters
cacertsA list of absolute paths to CA root certificate files in PEM format.

Implemented in TLSDefault, SChannel, OpenSSLBase, GnuTLSBase, and GnuTLSClient.

virtual void setClientCert ( const std::string &  clientKey,
const std::string &  clientCerts 
)
pure virtual

Use this function to set the user's certificate and private key. The certificate will be presented to the server upon request and can be used for SASL EXTERNAL authentication. The user's certificate file should be a bundle of more than one certificate in PEM format. The first one in the file should be the user's certificate, each cert following that one should have signed the previous one.

Note
These certificates are not necessarily the same as those used to verify the server's certificate.
Parameters
clientKeyThe absolute path to the user's private key in PEM format.
clientCertsA path to a certificate bundle in PEM format.

Implemented in TLSDefault, SChannel, OpenSSLBase, GnuTLSBase, and GnuTLSClient.

void setInitLib ( bool  init)
inline

Enables/disables initialization of the underlying TLS library. By default, initialization is performed. You may want to switch it off if the TLS library is used elsewhere in your application as well and you have no control over the initialization.

Parameters
initWhether or not to intialize the underlying TLS library.

Definition at line 68 of file tlsbase.h.


The documentation for this class was generated from the following file: