forked from embeddedmz/socket-cpp
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSecureSocket.h
More file actions
158 lines (133 loc) · 4.87 KB
/
SecureSocket.h
File metadata and controls
158 lines (133 loc) · 4.87 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
/*
* @file SecureSocket.h
* @brief Abstract class to perform OpenSSL API global operations
*
* @author Mohamed Amine Mzoughi <[email protected]>
* @date 2017-02-16
*/
#ifdef OPENSSL
#ifndef INCLUDE_ASECURESOCKET_H_
#define INCLUDE_ASECURESOCKET_H_
#ifdef OPENSSL
#include <openssl/bio.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#endif
#include "Socket.h"
class ASecureSocket : public ASocket
{
public:
enum class OpenSSLProtocol
{
#ifndef LINUX
//SSL_V2, // deprecated
#endif
//SSL_V3, // deprecated
TLS_V1,
SSL_V23, /* There is no SSL protocol version named SSLv23. The SSLv23_method() API
and its variants choose SSLv2, SSLv3, or TLSv1 for compatibility with the peer. */
TLS // Standard Protocol as of 11/2018, OpenSSL will choose highest possible TLS standard between peers
};
struct SSLSocket
{
SSLSocket() :
m_SockFd(INVALID_SOCKET),
m_pSSL(nullptr),
m_pCTXSSL(nullptr),
m_pMTHDSSL(nullptr)
{
}
// copy constructor and assignment operator are disabled
SSLSocket(const SSLSocket&) = delete;
SSLSocket& operator=(const SSLSocket&) = delete;
// move constructor
SSLSocket(SSLSocket&& Sockother) :
m_SockFd(Sockother.m_SockFd),
m_pSSL(Sockother.m_pSSL),
m_pCTXSSL(Sockother.m_pCTXSSL),
m_pMTHDSSL(Sockother.m_pMTHDSSL)
{
Sockother.m_SockFd = INVALID_SOCKET;
Sockother.m_pSSL = nullptr;
Sockother.m_pCTXSSL = nullptr;
Sockother.m_pMTHDSSL = nullptr;
}
// move assignment operator
SSLSocket& operator=(SSLSocket&& Sockother)
{
if (this != &Sockother)
{
m_SockFd = Sockother.m_SockFd;
m_pSSL = Sockother.m_pSSL;
m_pCTXSSL = Sockother.m_pCTXSSL;
m_pMTHDSSL = Sockother.m_pMTHDSSL;
// reset Sockother
Sockother.m_SockFd = INVALID_SOCKET;
Sockother.m_pSSL = nullptr;
Sockother.m_pCTXSSL = nullptr;
Sockother.m_pMTHDSSL = nullptr;
}
return *this;
}
Socket m_SockFd;
SSL* m_pSSL;
SSL_CTX* m_pCTXSSL; // SSL Context Structure
SSL_METHOD* m_pMTHDSSL; // used to create an SSL_CTX
};
/* Please provide your logger thread-safe routine, otherwise, you can turn off
* error log messages printing by not using the flag ALL_FLAGS or ENABLE_LOG */
explicit ASecureSocket(const LogFnCallback& oLogger,
const OpenSSLProtocol eSSLVersion = OpenSSLProtocol::TLS,
const SettingsFlag eSettings = ALL_FLAGS);
virtual ~ASecureSocket() = 0;
/*
* For the SSL server:
* Server's own certificate (mandatory)
* CA certificate (optional)
*
* For the SSL client:
* CA certificate (mandatory)
* Client's own certificate (optional)
*/
inline const std::string& GetSSLCertAuth() { return m_strCAFile; }
inline void SetSSLCerthAuth(const std::string& strPath) { m_strCAFile = strPath; }
inline void SetSSLCertFile(const std::string& strPath) { m_strSSLCertFile = strPath; }
inline const std::string& GetSSLCertFile() const { return m_strSSLCertFile; }
inline void SetSSLKeyFile(const std::string& strPath) { m_strSSLKeyFile = strPath; }
inline const std::string& GetSSLKeyFile() const { return m_strSSLKeyFile; }
//void SetSSLKeyPassword(const std::string& strPwd) { m_strSSLKeyPwd = strPwd; }
//const std::string& GetSSLKeyPwd() const { return m_strSSLKeyPwd; }
protected:
// object methods
void SetUpCtxClient(SSLSocket& Socket);
void SetUpCtxServer(SSLSocket& Socket);
//void SetUpCtxCombined(SSLSocket& Socket);
// class methods
static void ShutdownSSL(SSLSocket& SSLSocket);
static const char* GetSSLErrorString(int iErrorCode);
static int AlwaysTrueCallback(X509_STORE_CTX* pCTX, void* pArg);
// non-static/object members
OpenSSLProtocol m_eOpenSSLProtocol;
std::string m_strCAFile;
std::string m_strSSLCertFile;
std::string m_strSSLKeyFile;
//std::string m_strSSLKeyPwd;
private:
friend class SecureSocketGlobalInitializer;
class SecureSocketGlobalInitializer {
public:
static SecureSocketGlobalInitializer& instance();
SecureSocketGlobalInitializer(SecureSocketGlobalInitializer const&) = delete;
SecureSocketGlobalInitializer(SecureSocketGlobalInitializer&&) = delete;
SecureSocketGlobalInitializer& operator=(SecureSocketGlobalInitializer const&) = delete;
SecureSocketGlobalInitializer& operator=(SecureSocketGlobalInitializer&&) = delete;
~SecureSocketGlobalInitializer();
private:
SecureSocketGlobalInitializer();
};
SecureSocketGlobalInitializer& m_globalInitializer;
static void InitializeSSL();
static void DestroySSL();
};
#endif
#endif