class tcpsocket::SSLContext

Establishes a context for establishing and serving Secure Sockets Layer communications.

Child Classes

Establishes a context for establishing and serving Secure Sockets Layer communications. This class may be used to dermine client supplied X509 certificates, Trusted Certificate Authorities, and the SSL version allowed.

This class has no child classes.

Public Methods

[more] SSLContext(ssl_ver ver, PrivateKey* pk, X509Certificate* cert, CertificateAuthority* ca)
Constructs the context specifying the SSL version, Private Key, X509 Certificate and Certificate Authority
[more] SSLContext()
Default constructor.
[more]int VerifyPeerCertificate(void* x509_store_ctx)
Called to verify the certificate of the peer
[more]void* allocateSSL()
Allocates an SSL object cast to void, based on this context
[more]SSLServerSocket allocateServerSocket(short bindPort, in_addr_t bindAddress, int listenerBacklog) throw(SocketException)
Allocates a socket and binds it to the port and address specified
[more]SSLSocket allocateSocket(const char* host, short port) throw(SSLSocketException, SocketException)
Allocates a client SSLSocket connected to the destination host and port
[more]SSLSocket allocateSocket(int socket_handle)
Allocates a SSLSocket socket using the current context from the supplied socket handle
[more]void disableVerification()
Disables certificate verification
[more]void enableVerification(bool requireCert)
Call to enable verification routienes
[more]CertificateAuthority* getCertificateAuthority()
Retrieves the certificate authority details used in certificate validataion
[more]PrivateKey* getPrivateKey()
Provides the private key used in this context
[more]SSLContext::ssl_ver getSSLVersion()
Provides the SSL version used to establish connections
[more]int getVerifyDepth()
Provides the current certificate chain verification depth
[more]X509Certificate* getX509Certificate()
Provides the X509 certificate used to identify this endpoint
[more]void setCertificateAuthority(CertificateAuthority* ca)
Sets the details about the certificate authority used to validate certificates
[more]void setPrivateKey(PrivateKey* pk)
Sets the private key used in this context
[more]void setSSLVersion(ssl_ver ver)
Sets the SSL version used in new connections
[more]void setSessionID(const unsigned char* sid, unsigned int sid_len)
Sets the session ID for the context
[more]void setVerifyDepth(int verifyDepth)
Sets the depth of X509 certificate chain verification
[more]void setX509Certificate(X509Certificate* cert)
Sets the X509 certificate used to identify this endpoint
[more] ~SSLContext()
Destroys the context

Public Members

[more]enum ssl_ver
An enumeration of SLL versions to use with the SSLSocket

Member Documentation

enum ssl_ver
An enumeration of SLL versions to use with the SSLSocket

none
No SSL Version

sslv2
Use SSLv2 when communicating

sslv3
Use SSLv3 when communicating, note the server/client must also use only SSLv3

sslv23
Use SSLv2, SSLv3, or TLS when communicating, communications will start in SSLv2 and then be negotiated to SSLv3 or TLS when using OpenSSL

tlsv1
USE TLSv1 when communicating

SSLContext ()
Default constructor. Establishes an empty context that will utilize default CA and SSL settings

SSLContext (ssl_ver ver, PrivateKey* pk, X509Certificate* cert, CertificateAuthority* ca)
Constructs the context specifying the SSL version, Private Key, X509 Certificate and Certificate Authority
Parameters:
ver - The SSL Version to use.
pk - The private key to use when connecting
cert - The X509 certificate to supply when connecting
ca - The Certificate Authority list indicating the list of trusted certificates.

~SSLContext ()
Destroys the context

SSLSocket allocateSocket (int socket_handle)
Allocates a SSLSocket socket using the current context from the supplied socket handle
Parameters:
socket_handle - [in] A connected socket handle to be used in SSL data exchagne
Returns:
An SSL controlled socket object

SSLSocket allocateSocket (const char* host, short port) throw(SSLSocketException, SocketException)
Allocates a client SSLSocket connected to the destination host and port
Throws:
SSLSocketException
SocketException
Parameters:
host - [in] The DNS or IP address of the destination host
- port [in] The tcp/ip port number of the destination host.
Returns:
A connected SSLSocket.

SSLServerSocket allocateServerSocket (short bindPort, in_addr_t bindAddress, int listenerBacklog) throw(SocketException)
Allocates a socket and binds it to the port and address specified
Throws:
SocketException
Parameters:
bindPort - [in] The local port to bind to
bindAddress - [in, optional] A 4-byte long represented TCP/IP address to bind to
listenerBacklog - [in, optional] The number of backlogged listeners to maintain
Returns:
A bound SSL server socket

void* allocateSSL ()
Allocates an SSL object cast to void, based on this context
Returns:
A void* cast SSL* object

void setPrivateKey (PrivateKey* pk)
Sets the private key used in this context
Parameters:
pk - The private key to be used in this context

PrivateKey* getPrivateKey ()
Provides the private key used in this context
Returns:
The private key used in this context.

void setX509Certificate (X509Certificate* cert)
Sets the X509 certificate used to identify this endpoint
Parameters:
cert - [in] The certificate used to identify this endpoint.

X509Certificate* getX509Certificate ()
Provides the X509 certificate used to identify this endpoint
Returns:
The X509 certificate used to identify this endpoint.

void setCertificateAuthority (CertificateAuthority* ca)
Sets the details about the certificate authority used to validate certificates
Parameters:
ca - [in] The certificate authroity details to use

CertificateAuthority* getCertificateAuthority ()
Retrieves the certificate authority details used in certificate validataion
Returns:
The certificate authority details used to validate certificates

void setSSLVersion (ssl_ver ver)
Sets the SSL version used in new connections
Parameters:
ver - [in] The SSL version to use

SSLContext::ssl_ver getSSLVersion ()
Provides the SSL version used to establish connections
Returns:
The current SSL version.

void setSessionID (const unsigned char* sid, unsigned int sid_len)
Sets the session ID for the context
Parameters:
sid - A binary buffer containing the application identifier
sid_len - The size of the buffer

void setVerifyDepth (int verifyDepth)
Sets the depth of X509 certificate chain verification
Parameters:
verifyDepth - the depth of X509 certificate chain verification.

int getVerifyDepth ()
Provides the current certificate chain verification depth
Returns:
the current certificate chain verification depth

void enableVerification (bool requireCert)
Call to enable verification routienes
Parameters:
requireCert - [in, optional] Indicates wheter a client certificate is required for new connections

void disableVerification ()
Disables certificate verification

int VerifyPeerCertificate (void* x509_store_ctx)
Called to verify the certificate of the peer

Table of Contents HTML hierarchy of classes or Java

Safmq Documentation, copyright (c) 2004-2010 Matthew J. Battey, Licensed Under Apache License Ver 2.0
Powered By: Get SAFMQ: Store and Forward Message Queue at SourceForge.net. Fast, secure and Free Open Source software downloads