32 if( m_this ==
nullptr )
38 m_imp = newLibraryImp( config , log_fn , verbose ) ;
40 if( !config.empty() && !ignore_extra )
41 G_WARNING(
"GSsl::Library::Library: tls-config: tls configuration items ignored: [" <<
G::Str::join(
",",config) <<
"]" ) ;
63 return m_imp != nullptr ;
73 return m_imp && m_imp->generateKeyAvailable() ;
78 return m_imp ? m_imp->generateKey( name ) : std::string() ;
82 const std::string & key_file ,
const std::string & cert_file ,
const std::string & ca_file ,
83 const std::string & default_peer_certificate_name ,
const std::string & default_peer_host_name ,
84 const std::string & profile_config )
86 if( m_imp !=
nullptr )
87 m_imp->addProfile( profile_name , is_server_profile , key_file , cert_file , ca_file ,
88 default_peer_certificate_name , default_peer_host_name , profile_config ) ;
93 return m_imp->hasProfile( profile_name ) ;
98 if( !imp().hasProfile(profile_name) )
99 throw G::Exception(
"invalid tls profile name [" + profile_name +
"]" ) ;
100 return imp().profile( profile_name ) ;
105 return instance() !=
nullptr && instance()->enabled() && instance()->hasProfile( profile_name ) ;
110 if( instance() ==
nullptr )
112 return instance()->imp() ;
117 if( m_imp ==
nullptr )
124 if( m_imp ==
nullptr )
132 G_DEBUG(
"GSsl::Library::log: tls: " << log_line ) ;
133 else if( level == 2 )
134 G_LOG(
"GSsl::Library::log: tls: " << log_line ) ;
136 G_WARNING(
"GSsl::Library::log: tls: " << log_line ) ;
141 return instance() ==
nullptr || instance()->m_imp ==
nullptr ?
G::StringArray() : impstance().digesters(require_state) ;
146 return impstance().digester( hash_function , state , need_state ) ;
152 m_imp( profile.newProtocol(peer_certificate_name,peer_host_name) )
161 return m_imp->peerCertificate() ;
166 return m_imp->peerCertificateChain() ;
171 return m_imp->protocol() ;
176 return m_imp->cipher() ;
181 return m_imp->verified() ;
186 if( result == Result::ok )
return "Result_ok" ;
187 if( result == Result::read )
return "Result_read" ;
188 if( result == Result::write )
return "Result_write" ;
189 if( result == Result::error )
return "Result_error" ;
190 return "Result_undefined" ;
195 return m_imp->connect( io ) ;
200 return m_imp->accept( io ) ;
203GSsl::Protocol::Result
GSsl::Protocol::read(
char * buffer , std::size_t buffer_size_in , ssize_t & data_size_out )
205 return m_imp->read( buffer , buffer_size_in , data_size_out ) ;
208GSsl::Protocol::Result
GSsl::Protocol::write(
const char * buffer , std::size_t data_size_in , ssize_t & data_size_out)
210 return m_imp->write( buffer , data_size_in , data_size_out ) ;
215 return m_imp->shutdown() ;
232 return m_imp->value() ;
237 return m_imp->state() ;
242 return m_imp->blocksize() ;
247 return m_imp->valuesize() ;
252 return m_imp->statesize() ;
259 auto p = std::find( list.begin() , list.end() , key ) ;
260 if( p != list.end() )
A class for objects that can perform a cryptographic hash.
std::size_t valuesize() const
Returns the hash function's value size in bytes.
std::size_t statesize() const
Returns the size of the state() string in bytes, or zero if state() is not implemented.
std::string value()
Returns the hash value.
void add(const std::string &)
Adds data of arbitrary size.
std::size_t blocksize() const
Returns the hash function's block size in bytes.
std::string state()
Returns the intermediate state.
Digester(std::unique_ptr< DigesterImpBase >)
Constructor, used by the Library class.
A base interface for GSsl::Library pimple classes.
static bool consume(G::StringArray &list, const std::string &item)
A convenience function that removes the item from the list and returns true iff is was removed.
A singleton class for initialising the underlying TLS library.
static bool enabledAs(const std::string &profile_name)
A static convenience function that returns true if there is an enabled() Library instance() that has ...
Digester digester(const std::string &name, const std::string &state=std::string(), bool need_state=false) const
Returns a digester object.
bool hasProfile(const std::string &profile_name) const
Returns true if the named profile has been add()ed.
Library(bool active=true, const std::string &library_config=std::string(), LogFn=Library::log, bool verbose=true)
Constructor.
bool generateKeyAvailable() const
Returns true if generateKey() is implemented.
static Library * instance()
Returns a pointer to a library object, if any.
std::string id() const
Returns the TLS library name and version.
static LibraryImpBase & impstance()
Returns a reference to the pimple object when enabled().
static bool real()
Returns true if this is a real TLS library.
void addProfile(const std::string &profile_name, bool is_server_profile, const std::string &key_file=std::string(), const std::string &cert_file=std::string(), const std::string &ca_path=std::string(), const std::string &default_peer_certificate_name=std::string(), const std::string &default_peer_host_name=std::string(), const std::string &profile_config=std::string())
Creates a named Profile object that can be retrieved by profile().
const Profile & profile(const std::string &profile_name) const
Returns an opaque reference to the named profile.
bool enabled() const
Returns true if this is a real TLS library and the constructor's active parameter was set.
static G::StringArray digesters(bool need_state=false)
Returns a list of hash function names (such as "MD5") that the TLS library can do,...
~Library()
Destructor. Cleans up the underlying TLS library.
static void log(int level, const std::string &line)
The default logging callback function, where the level is 1 for debug, 2 for info,...
std::string generateKey(const std::string &name) const
Generates a test certificate as a PEM string with embedded newlines, also containing the private-key.
A base interface for profile classes that work with concrete classes derived from GSsl::LibraryImpBas...
Protocol(const Profile &, const std::string &peer_certificate_name=std::string(), const std::string &peer_host_name=std::string())
Constructor.
Result shutdown()
Initiates the protocol shutdown by sending a "close notify shutdown alert" and does a socket shutdown...
Result read(char *buffer, std::size_t buffer_size_in, ssize_t &data_size_out)
Reads user data into the supplied buffer.
std::string cipher() const
Returns the cipher name, or the empty string if not yet available.
bool verified() const
Returns true if the peer certificate has been verified.
static std::string str(Result result)
Converts a result enumeration into a printable string.
std::string peerCertificateChain() const
Returns the peer certificate chain in PEM format, starting with the peer certificate and progressing ...
std::string protocol() const
Returns the protocol version like "TLSv1.2" or the empty string.
Result write(const char *buffer, std::size_t data_size_in, ssize_t &data_size_out)
Writes user data.
Result connect(G::ReadWrite &io)
Starts the protocol actively (as a client).
Result accept(G::ReadWrite &io)
Starts the protocol passively (as a server).
std::string peerCertificate() const
Returns the peer certificate in PEM format.
A general-purpose exception class derived from std::exception and containing an error message.
An abstract interface for reading and writing from a non-blocking i/o channel.
static std::string join(const std::string &sep, const StringArray &strings)
Concatenates an array of strings with separators.
static void splitIntoTokens(const std::string &in, StringArray &out, string_view ws, char esc='\0')
Splits the string into 'ws'-delimited tokens.
An interface to an underlying TLS library.
std::vector< std::string > StringArray
A std::vector of std::strings.