00001 #ifndef DVSSL_SSLCONTEXT_H 00002 #define DVSSL_SSLCONTEXT_H 00003 // $Id: sslcontext.h,v 1.12 2008/03/15 10:15:25 dvermeir Exp $ 00004 00005 /** @file 00006 * This file defines Dv::Ssl::Context and its derived classes 00007 * Dv::Ssl::ContextV2, Dv::Ssl::ContextV3 and Dv::Ssl::ContextV23. 00008 */ 00009 00010 #include <string> 00011 #include <stdexcept> 00012 00013 namespace Dv { 00014 namespace Ssl { 00015 /** Common base class represensting an SSL context. 00016 * The constructors for a a Dv::Ssl::Socket and a Dv::Ssl::ServerSocket 00017 * both have a required Dv::Ssl::Socket& argument. 00018 * 00019 * Example usage: 00020 * <ul> 00021 * <li> For a server, the key and certificate file names are obligatory. 00022 * @code 00023 * try { 00024 * Dv::Ssl::ContextV23 context("key.pem", "cert.pem"); 00025 * Dv::Ssl::ServerSocket server(context, 9999); 00026 * .. 00027 * } 00028 * catch (std::exception& e) { 00029 * .. 00030 * } 00031 * @endcode 00032 * <li> For a client, the key and certificate file are optional (and 00033 * not used if present). 00034 * @code 00035 * try { 00036 * Dv::Ssl::ContextV23 context; 00037 * Dv::Ssl::Socket client(context, "host.domain", 9999); 00038 * .. 00039 * } 00040 * catch (std::exception& e) { 00041 * .. 00042 * } 00043 * @endcode 00044 * </ul> 00045 */ 00046 class Context { 00047 public: 00048 /** Destructor. */ 00049 virtual ~Context(); 00050 /** Return pointer to en openssl SSL_CTX structure. 00051 * The pointer is declared void to avoid inclusion of openssl 00052 * header files. 00053 */ 00054 void* context() { return context_; } 00055 /** Return name of private key filename or 0 if none. 00056 * @return name of private key filename 00057 * @return 0 if there is no private key filename 00058 */ 00059 const std::string* rsa_private_key_file() const { return rsa_private_key_file_; } 00060 /** Return name of certificate filename or 0 if none. 00061 * @return name of certificate filename 00062 * @return 0 if there is no certificate filename 00063 */ 00064 const std::string* certificate_file() const { return certificate_file_; } 00065 protected: 00066 /** Constructor is protected because only derived objects make sense. */ 00067 Context() throw (std::runtime_error); 00068 /** Set private key file name associated with this context. 00069 * @param filename to use as private key file 00070 * @return true if the operation succeeds 00071 * @return false if @a filename==0 or @a SSL_CTX_useBLBLA fails. 00072 */ 00073 bool rsa_private_key_file(const char* filename); 00074 /** Set certificate file name associated with this context. 00075 * @param filename to use as certificate file 00076 * @return true if the operation succeeds 00077 * @return false if @a filename==0 or @a SSL_CTX_useBLBLA fails. 00078 */ 00079 bool certificate_file(const char* filename); 00080 /** Pointer to SSL_CTX structure. The pointer is 00081 * declared void to avoid inclusion of openssl header files. */ 00082 void* context_; 00083 private: 00084 /** Forbidden. */ 00085 Context(const Context&); 00086 /** Forbidden. */ 00087 Context& operator=(const Context&); 00088 std::string* rsa_private_key_file_; 00089 std::string* certificate_file_; 00090 00091 /** This class serves to initialize the openssl library. Only one 00092 * static instance of this class is defined within the Dv::Ssl::Context 00093 * constructor. This ensures that the initialization within the constructor 00094 * Dv::Ssl::Init::Init() will be called exactly once. Similarly, the finalization will 00095 * be called at the end of the program by the Dv::Ssl::Init::~Init destructor. 00096 */ 00097 class Init { 00098 public: 00099 /** Global initialization of openssl */ 00100 Init() throw (std::runtime_error); 00101 /** Finalization of openssl */ 00102 ~Init(); 00103 }; 00104 }; 00105 00106 /** SSl V2 context. @sa Dv::Ssl::Context. */ 00107 class ContextV2: public Context { 00108 public: 00109 /** Constructor. If the context is to be used with a Dv::Ssl::ServerSocket object, 00110 * both filename arguments are obligatory. If the context is to be used 00111 * with a Dv::Ssl::Socket object, the filename arguments 00112 * are optional (but will not be used). 00113 */ 00114 ContextV2(const char* keyfilename=0, const char* certfilename=0) 00115 throw (std::runtime_error); 00116 /** Destructor. */ 00117 ~ContextV2(); 00118 }; 00119 00120 /** SSl V23 context. @sa Dv::Ssl::Context. */ 00121 class ContextV23: public Context { 00122 public: 00123 /** Constructor. If the context is to be used with a Dv::Ssl::ServerSocket object, 00124 * both filename arguments are obligatory. If the context is to be used with 00125 * a Dv::Ssl::Socket object, the filename arguments are optional 00126 * (but will not be used). */ 00127 ContextV23(const char* keyfilename = 0, const char* certfilename = 0) 00128 throw (std::runtime_error); 00129 /** Destructor. */ 00130 ~ContextV23(); 00131 }; 00132 00133 /** SSl V3 context. @sa Dv::Ssl::Context. */ 00134 class ContextV3: public Context { 00135 public: 00136 /** Constructor. If the context is to be used with a Dv::Ssl::ServerSocket 00137 * object, both filename arguments are obligatory. If the context is to be used 00138 * with a Dv::Ssl::Socket object, the filename arguments are optional 00139 * (but will not be used). */ 00140 ContextV3(const char* keyfilename = 0, const char* certfilename = 0) 00141 throw (std::runtime_error); 00142 /** Destructor. */ 00143 ~ContextV3(); 00144 }; 00145 } 00146 } 00147 #endif 00148