ucommon  7.0.0
About: GNU uCommon C++ is a portable and optimized class framework for writing C++ applications that need to use threads and support concurrent synchronization, and that use sockets, XML parsing, object serialization, thread-optimized string and data structure classes, etc..
  Fossies Dox: ucommon-7.0.0.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  
Loading...
Searching...
No Matches
Public Types | Public Member Functions | Static Public Member Functions | Protected Member Functions | Protected Attributes | Private Member Functions | List of all members
ucommon::secure Class Reference

Common secure socket support. More...

#include <secure.h>

Inheritance diagram for ucommon::secure:
[legend]

Public Types

enum  error_t {
  OK =0 , INVALID , MISSING_CERTIFICATE , MISSING_PRIVATEKEY ,
  INVALID_CERTIFICATE , INVALID_AUTHORITY , INVALID_PEERNAME , INVALID_CIPHER
}
 Different error states of the security context. More...
 
enum  verify_t { NONE , SIGNED , VERIFIED }
 
typedef stringref< secure_releasestring
 
typedef byteref< secure_releasekeybytes
 
typedef secureclient_t
 Convenience type to represent a security context. More...
 
typedef secureserver_t
 
typedef void * session_t
 Convenience type to represent a secure socket session. More...
 
typedef void * cert_t
 Convenience type to represent a ssl certificate object. More...
 
typedef void * bufio_t
 Convenience type to represent a secure socket buf i/o stream. More...
 

Public Member Functions

virtual ~secure ()
 This is derived in different back-end libraries, and will be used to clear certificate credentials. More...
 
bool is_valid (void) const
 Determine if the current security context is valid. More...
 
error_t err (void) const
 Get last error code associated with the security context. More...
 
 operator bool () const
 
bool operator! () const
 

Static Public Member Functions

static bool init (void)
 Initialize secure stack for first use, and report if SSL support is compiled in. More...
 
static bool fips (void)
 Initialize secure stack with fips support. More...
 
static int oscerts (const char *path)
 Copy system certificates to a local path. More...
 
static const char * oscerts (void)
 Get path to system certificates. More...
 
static server_t server (const char *keyfile=NULL, const char *authority=NULL)
 Create a sever context. More...
 
static client_t client (const char *authority=NULL, const char *paths=NULL)
 Create an anonymous client context with an optional authority to validate. More...
 
static client_t user (const char *authority)
 Create a peer user client context. More...
 
static void cipher (secure *context, const char *ciphers)
 Assign a non-default cipher to the context. More...
 
static void uuid (char *string)
 Create 36 character traditional version 1 uuid. More...
 
static secure::string pass (const char *prompt, size_t size)
 
static secure::string uuid (void)
 

Protected Member Functions

 secure ()
 

Protected Attributes

error_t error
 Last error flagged for this context. More...
 

Private Member Functions

 __DELETE_COPY (secure)
 

Detailed Description

Common secure socket support.

This offers common routines needed for secure/ssl socket support code.

Author
David Sugar dyfet.nosp@m.@gnu.nosp@m.telep.nosp@m.hony.nosp@m..org

Definition at line 128 of file secure.h.

Member Typedef Documentation

◆ bufio_t

typedef void* ucommon::secure::bufio_t

Convenience type to represent a secure socket buf i/o stream.

Definition at line 180 of file secure.h.

◆ cert_t

typedef void* ucommon::secure::cert_t

Convenience type to represent a ssl certificate object.

Definition at line 175 of file secure.h.

◆ client_t

typedef secure* ucommon::secure::client_t

Convenience type to represent a security context.

Definition at line 163 of file secure.h.

◆ keybytes

typedef byteref<secure_release> ucommon::secure::keybytes

Definition at line 140 of file secure.h.

◆ server_t

typedef secure* ucommon::secure::server_t

Definition at line 165 of file secure.h.

◆ session_t

typedef void* ucommon::secure::session_t

Convenience type to represent a secure socket session.

Definition at line 170 of file secure.h.

◆ string

typedef stringref<secure_release> ucommon::secure::string

Definition at line 138 of file secure.h.

Member Enumeration Documentation

◆ error_t

enum ucommon::secure::error_t

Different error states of the security context.

Enumerator
OK 
INVALID 
MISSING_CERTIFICATE 
MISSING_PRIVATEKEY 
INVALID_CERTIFICATE 
INVALID_AUTHORITY 
INVALID_PEERNAME 
INVALID_CIPHER 

Definition at line 134 of file secure.h.

◆ verify_t

enum ucommon::secure::verify_t
Enumerator
NONE 
SIGNED 
VERIFIED 

Definition at line 136 of file secure.h.

Constructor & Destructor Documentation

◆ secure()

ucommon::secure::secure ( )
inlineprotected

Definition at line 151 of file secure.h.

References error.

◆ ~secure()

ucommon::secure::~secure ( )
virtual

This is derived in different back-end libraries, and will be used to clear certificate credentials.

Definition at line 124 of file secure.cpp.

Member Function Documentation

◆ __DELETE_COPY()

ucommon::secure::__DELETE_COPY ( secure  )
private

◆ cipher()

void ucommon::secure::cipher ( secure context,
const char *  ciphers 
)
static

Assign a non-default cipher to the context.

Parameters
contextto set cipher for.
ciphersto set.

Definition at line 67 of file secure.cpp.

◆ client()

secure::client_t ucommon::secure::client ( const char *  authority = NULL,
const char *  paths = NULL 
)
static

Create an anonymous client context with an optional authority to validate.

Parameters
authoritypath to use or NULL if none.
pathsof certificates to use.
Returns
a basic client security context.

Definition at line 77 of file secure.cpp.

References ucommon::__context::connect, ucommon::__context::dh, error, OK, oscerts(), ucommon::__context::xcred, and ucommon::__context::xtype.

Referenced by main().

Here is the call graph for this function:

◆ err()

error_t ucommon::secure::err ( void  ) const
inline

Get last error code associated with the security context.

Returns
last error code or 0/OK if none.

Definition at line 257 of file secure.h.

References error.

Referenced by main(), and ucommon::__context::session().

◆ fips()

bool ucommon::secure::fips ( void  )
static

Initialize secure stack with fips support.

If fips support is not successfully enabled, the secure stack is also not initialized. Hence init() can be used for non-fips certified operation if fips fails.

Returns
true if fips support enabled and stack initialized.

Definition at line 32 of file secure.cpp.

◆ init()

bool ucommon::secure::init ( void  )
static

Initialize secure stack for first use, and report if SSL support is compiled in.

Returns
true if ssl support is available, false if not.

Definition at line 37 of file secure.cpp.

References ucommon::Socket::init(), ucommon::Thread::init(), ucommon::__context::priority_cache, and secure_shutdown().

Referenced by ucommon::Cipher::Key::Key(), main(), ucommon::Random::seed(), ucommon::HMAC::set(), and ucommon::Digest::set().

Here is the call graph for this function:

◆ is_valid()

bool ucommon::secure::is_valid ( void  ) const
inline

Determine if the current security context is valid.

Returns
true if valid, -1 if not.

Definition at line 249 of file secure.h.

References error.

◆ operator bool()

ucommon::secure::operator bool ( ) const
inline

Definition at line 271 of file secure.h.

◆ operator!()

bool ucommon::secure::operator! ( ) const
inline

Definition at line 275 of file secure.h.

◆ oscerts() [1/2]

int ucommon::secure::oscerts ( const char *  path)
static

Copy system certificates to a local path.

Parameters
pathto copy to.
Returns
0 or error number on failure.

Definition at line 315 of file common.cpp.

References ucommon::fsys::copy(), oscerts(), ucommon::shell::path(), and ucommon::shell::USER_CONFIG.

Here is the call graph for this function:

◆ oscerts() [2/2]

const char * ucommon::secure::oscerts ( void  )
static

Get path to system certificates.

Returns
path to system certificates.

Definition at line 301 of file common.cpp.

References ucommon::is_file().

Referenced by client(), oscerts(), and server().

Here is the call graph for this function:

◆ pass()

static secure::string ucommon::secure::pass ( const char *  prompt,
size_t  size 
)
static

◆ server()

secure::server_t ucommon::secure::server ( const char *  keyfile = NULL,
const char *  authority = NULL 
)
static

Create a sever context.

The certificate file used will be based on the init() method name. This may often be /etc/ssl/certs/initname.pem. Similarly, a matching private key certificate will also be loaded. An optional certificate authority document can be used when we are establishing a service which ssl clients have their own certificates.

Parameters
authoritypath to use or NULL if none.
Returns
a security context that is cast from derived library.

Definition at line 53 of file secure.cpp.

References ucommon::__context::connect, ucommon::__context::dh, error, OK, oscerts(), ucommon::__context::xcred, and ucommon::__context::xtype.

Here is the call graph for this function:

◆ user()

static client_t ucommon::secure::user ( const char *  authority)
static

Create a peer user client context.

This assumes a user certificate in ~/.ssl/certs and the user private key in ~/.ssl/private. The path to an authority is also sent.

Parameters
authoritypath to use.

◆ uuid() [1/2]

void ucommon::secure::uuid ( char *  string)
static

Create 36 character traditional version 1 uuid.

Parameters
stringto write uuid into, must be 37 bytes or more.

Definition at line 332 of file common.cpp.

References current, ucommon::Random::fill(), ucommon::String::hexdump(), ucommon::Mutex::protect(), ucommon::Mutex::release(), ucommon::str(), and ucommon::Timer::ticks().

Here is the call graph for this function:

◆ uuid() [2/2]

secure::string ucommon::secure::uuid ( void  )
static

Definition at line 368 of file common.cpp.

References uuid().

Referenced by uuid().

Here is the call graph for this function:

Member Data Documentation

◆ error

error_t ucommon::secure::error
protected

Last error flagged for this context.

Definition at line 149 of file secure.h.

Referenced by client(), and server().

The documentation for this class was generated from the following files: