A Stream Class that adds Signatures and Encryption through TLS. More...
#include <TLSStream.h>
Public Types | |
| typedef std::char_traits< char > | traits |
Public Member Functions | |
| TLSStream (std::iostream *stream) | |
| The TLSStream Constructor. More... | |
| virtual | ~TLSStream () |
| The default Destructor. More... | |
| void | setServer (bool val) |
| void | close () |
| Closes the TLS Connection. More... | |
| X509 * | activate () |
Static Public Member Functions | |
| static void | init (X509 *certificate, EVP_PKEY *privateKey, ibrcommon::File trustedCAPath, bool enableEncryption=false) |
| Initializes the TLSStream class. More... | |
| static void | flushInitialization () |
| Removes the SSL_CTX to allow a new init() More... | |
| static bool | isInitialized () |
| checks if the Class is already initialized. More... | |
Static Public Attributes | |
| static const size_t | BUFF_SIZE = 5120 |
| The size of the input and output buffers. More... | |
Protected Member Functions | |
| virtual int | sync () |
| virtual traits::int_type | overflow (traits::int_type=traits::eof()) |
| virtual traits::int_type | underflow () |
Detailed Description
A Stream Class that adds Signatures and Encryption through TLS.
The Stream passes data from and to the underlying Stream unchanged(unencrypted) until activate() is called. init() has to be called before the first usage.
Definition at line 42 of file TLSStream.h.
Member Typedef Documentation
| typedef std::char_traits<char> ibrcommon::TLSStream::traits |
Definition at line 47 of file TLSStream.h.
Constructor & Destructor Documentation
| ibrcommon::TLSStream::TLSStream | ( | std::iostream * | stream | ) |
The TLSStream Constructor.
- Parameters
-
stream the underlying Stream to read from / write to server states, if TLS is used in client or server mode (true for server, false for client)
Definition at line 47 of file TLSStream.cpp.
References BUFF_SIZE.
|
virtual |
The default Destructor.
Definition at line 57 of file TLSStream.cpp.
Member Function Documentation
| X509 * ibrcommon::TLSStream::activate | ( | ) |
- Returns
- the X509 certificate of the peer
- Warning
- the caller has to check the identity in the certificate
Definition at line 68 of file TLSStream.cpp.
References ibrcommon::LogLevel::critical, ibrcommon::LogLevel::error, ibrcommon::iostreamBIO::getBIO(), IBRCOMMON_LOGGER_ENDL, IBRCOMMON_LOGGER_TAG, ibrcommon::LogLevel::warning, and ibrcommon::Exception::what().
Referenced by dtn::net::TCPConnection::initiateExtendedHandshake().
| void ibrcommon::TLSStream::close | ( | ) |
Closes the TLS Connection.
- Warning
- The underlying Stream is not closed by this function.
Definition at line 361 of file TLSStream.cpp.
References IBRCOMMON_LOGGER_DEBUG_TAG, and IBRCOMMON_LOGGER_ENDL.
Referenced by underflow().
|
static |
Removes the SSL_CTX to allow a new init()
Definition at line 342 of file TLSStream.cpp.
|
static |
Initializes the TLSStream class.
- Parameters
-
certificate The certificate for the private Key privateKey The private Key to use with openSSL trustedCAPath A directory containing certificates that are trusted. These are also used to build the own certificate chain. enableEncryption True if encryption shall be enabled. Otherwise only authentication is enabled.
In particular, this function initializes the used openSSL Context. The certificate directory has to hold certificates files with hashed names created by c_rehash (from the openssl library).
- Warning
- Beware that the certificate path does not have certificates valid and invalid certificates mixed with the same subject, openssl will only use the first that is found.
- on default, encryption is disabled and the stream does only provide authentication
Definition at line 251 of file TLSStream.cpp.
References ibrcommon::LogLevel::critical, ibrcommon::LogLevel::error, ibrcommon::File::getFiles(), ibrcommon::File::getPath(), IBRCOMMON_LOGGER_ENDL, IBRCOMMON_LOGGER_TAG, ibrcommon::LogLevel::info, and ibrcommon::File::isDirectory().
Referenced by dtn::security::SecurityCertificateManager::startup().
|
static |
checks if the Class is already initialized.
- Returns
- true if its initialized, false otherwise
Definition at line 357 of file TLSStream.cpp.
Referenced by dtn::net::TCPConvergenceLayer::componentRun(), dtn::net::TCPConvergenceLayer::open(), and dtn::net::TCPConvergenceLayer::queue().
|
protectedvirtual |
Definition at line 203 of file TLSStream.cpp.
References BUFF_SIZE, IBRCOMMON_LOGGER_DEBUG_TAG, and IBRCOMMON_LOGGER_ENDL.
Referenced by sync().
| void ibrcommon::TLSStream::setServer | ( | bool | val | ) |
If true, set the connection mode to server.
- Parameters
-
val
Definition at line 63 of file TLSStream.cpp.
|
protectedvirtual |
Definition at line 377 of file TLSStream.cpp.
References overflow().
|
protectedvirtual |
Definition at line 153 of file TLSStream.cpp.
References BUFF_SIZE, close(), IBRCOMMON_LOGGER_DEBUG_TAG, and IBRCOMMON_LOGGER_ENDL.
Member Data Documentation
|
static |
The size of the input and output buffers.
Definition at line 98 of file TLSStream.h.
Referenced by overflow(), TLSStream(), and underflow().
The documentation for this class was generated from the following files:
- ibrcommon/ibrcommon/ssl/TLSStream.h
- ibrcommon/ibrcommon/ssl/TLSStream.cpp
