]> git.saurik.com Git - apple/security.git/blob - SecureTransport/securetransport++.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-29.tar.gz
[apple/security.git] / SecureTransport / securetransport++.h
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 //
20 // securetransport++ - C++ interface to Apple's Secure Transport layer
21 //
22 #ifndef _H_SECURETRANSPORTPLUSPLUS
23 #define _H_SECURETRANSPORTPLUSPLUS
24
25 #include <Security/ip++.h>
26 #include <Security/SecureTransport.h>
27
28
29 namespace Security {
30 namespace IPPlusPlus {
31
32
33 //
34 // The common-code core of a SecureTransport context and session.
35 // Abstract - do not use directly.
36 //
37 class SecureTransportCore {
38 public:
39 SecureTransportCore();
40 virtual ~SecureTransportCore();
41
42 void open(); // open SSL (but not underlying I/O)
43 void close(); // close SSL (but not underlying I/O)
44
45 SSLSessionState state() const;
46
47 SSLProtocol version() const;
48 void version(SSLProtocol v);
49
50 UInt32 numSupportedCiphers() const;
51 void supportedCiphers(SSLCipherSuite *ciphers, UInt32 &numCiphers) const;
52
53 UInt32 numEnabledCiphers() const;
54 void enabledCiphers(SSLCipherSuite *ciphers, UInt32 &numCiphers) const; // get
55 void enabledCiphers(SSLCipherSuite *ciphers, UInt32 numCiphers); // set
56
57 bool allowExpiredCerts() const;
58 void allowExpiredCerts(bool allow);
59
60 bool allowUnknownRoots() const;
61 void allowUnknownRoots(bool allow);
62
63 size_t read(void *data, size_t length);
64 size_t write(const void *data, size_t length);
65 bool atEnd() const { return mAtEnd; }
66
67 protected:
68 virtual size_t ioRead(void *data, size_t length) const = 0;
69 virtual size_t ioWrite(const void *data, size_t length) const = 0;
70 virtual bool ioAtEnd() const = 0;
71
72 private:
73 static OSStatus sslReadFunc(SSLConnectionRef, void *, UInt32 *);
74 static OSStatus sslWriteFunc(SSLConnectionRef, const void *, UInt32 *);
75
76 bool continueHandshake();
77
78 private:
79 SSLContextRef mContext; // SecureTransport session/context object
80 bool mAtEnd; // end-of-data flag derived from last SSLRead
81 };
82
83
84 //
85 // This is what you use. The constructor argument is a FileDescoid object
86 // of some kind, such as a FileDesc, Socket, etc.
87 // Note that SecureTransport is in turn a FileDescoid object, so you can read/write
88 // it in the usual fashion, and it will in turn read/write cipher data from its I/O source.
89 //
90 template <class IO>
91 class SecureTransport : public SecureTransportCore {
92 public:
93 SecureTransport(IO &ioRef) : io(ioRef) { }
94 ~SecureTransport() { close(); }
95
96 IO &io;
97
98 private:
99 size_t ioRead(void *data, size_t length) const { return io.read(data, length); }
100 size_t ioWrite(const void *data, size_t length) const { return io.write(data, length); }
101 bool ioAtEnd() const { return io.atEnd(); }
102 };
103
104
105 } // end namespace IPPlusPlus
106 } // end namespace Security
107
108
109 #endif //_H_SECURETRANSPORTPLUSPLUS
mirror of Security