GraySSL::cSSLServer Class Reference

#include <cSSLServer.h>

Inheritance diagram for GraySSL::cSSLServer:

Public Member Functions
	cSSLServer (const cSSLConfig &rOpts) noexcept
	~cSSLServer ()
virtual HRESULT	ProcessStreamPacket () override
void	put_SNICallback (ISSLServerExt *pSNICallback)
void	put_PSKCallback (ISSLServerExt *pPSKCallback)
HRESULT	SetPSKIdentity (const BYTE *psk, size_t psk_len, const BYTE *psk_identity, size_t psk_identity_len)
HRESULT	state_SSL_ClientHello ()
HRESULT	parse_SSL_ClientHello_v2 ()
HRESULT	state_SSL_CERTIFICATE_REQUEST ()
HRESULT	state_SSL_SERVER_KEY_EXCHANGE ()
HRESULT	state_SSL_ServerHello_DONE ()
HRESULT	state_SSL_CLIENT_KEY_EXCHANGE ()
HRESULT	state_SSL_CERTIFICATE_VERIFY ()
HRESULT	state_SSL_SERVER_CHANGE_CIPHER_SPEC ()
void	state_SSL_HANDSHAKE_WRAPUP ()
HRESULT	parse_TLS_EXT_server_name (const BYTE *buf, size_t len)
size_t	build_TLS_EXT_SessionTicket (cSSLMsgHandExt *pExt)
size_t	build_TLS_EXT_ExtendedMasterSecret (cSSLMsgHandExt *pExt)
void	put_SessionCache (cSSLSessionCache *pCache)
HRESULT	put_UseSessionTickets (bool bUseTickets)
HRESULT	AddKeyCrt (cX509KeyCrtPair *pKeyCrt)
Public Member Functions inherited from GraySSL::cSSLCommon
HRESULT	InitSSL ()
void	state_SSL_HANDSHAKE_WRAPUP ()
void	AttachStreams (cStreamInput *pReader, cStreamOutput *pWriter) noexcept
virtual void	SetSessionClear ()
HRESULT	write_SSL_MSG_ALERT (SSL_ALERT_LEVEL_TYPE level, SSL_ALERT_TYPE message)
const char *	get_AlpnChosen () const noexcept
bool	isStateHandshake () const noexcept
HRESULT	Handshake (bool bWait=false)
HRESULT	WriteMsgApp (const BYTE *buf, size_t len)
void	put_CBCRecordSplitOp (BITOP_TYPE split)
X509_Verify_t	get_VerifyResults () const
const char *	get_CipherSuiteStr () const
const char *	get_VersionStr () const
cRefPtr< cX509Crt >	get_PeerCert () const
bool	isRenegotiation () const noexcept
virtual STREAM_POS_t	GetLength () const override
virtual HRESULT	ReadX (OUT void *pData, size_t nDataSize) override
virtual size_t	SetSeekSizeMin (size_t nSizeMin=k_FILE_BLOCK_SIZE) override
virtual STREAM_SEEKRET_t	Seek (STREAM_OFFSET_t iOffset, SEEK_ORIGIN_TYPE eSeekOrigin=SEEK_Set) override
	Disambiguate Seek for cStreamBase to cStreamInput for stupid compiler. More...
virtual HRESULT	WriteX (const void *pData, size_t nDataSize) override
HRESULT	write_SSL_ALERT_SSL3_CLOSE_NOTIFY ()
	Notify the peer that the connection is being closed. More...
HRESULT	write_SSL_ALERT_SSL3_HANDSHAKE_FAILURE ()
size_t	build_TLS_EXT_MaxFragmentLength (cSSLMsgHandExt *pExt, SSL_MAX_FRAG_TYPE eMaxFrag)
HRESULT	state_SSL_XXX_CERTIFICATE_r ()
HRESULT	state_SSL_XXX_CERTIFICATE_w ()
HRESULT	state_SSL_XXX_CHANGE_CIPHER_SPEC_r ()
HRESULT	state_SSL_XXX_CHANGE_CIPHER_SPEC_w ()
HRESULT	state_SSL_XXX_FINISHED_r ()
HRESULT	state_SSL_XXX_FINISHED_w ()
HRESULT	InitHandshakeParams ()
HRESULT	BuildKeyExPremasterPSK (SSL_KeyExchange_TYPE key_ex)
cKeyWrap *	get_OwnKeyPriv () const noexcept
cX509Crt *	get_OwnCert () const noexcept
Public Member Functions inherited from Gray::cStream
virtual STREAM_POS_t	GetPosition () const override
void	SeekToBegin ()
STREAM_POS_t	SeekToEnd ()
Public Member Functions inherited from Gray::cStreamInput
	cStreamInput () noexcept
virtual	~cStreamInput ()
HRESULT	ReadAll (OUT cHeapBlock &block, size_t nSizeExtra=0)
virtual HRESULT	ReadStringLine (OUT char *pszBuffer, StrLen_t iSizeMax)
virtual HRESULT	ReadStringLine (OUT wchar_t *pszBuffer, StrLen_t iSizeMax)
HRESULT	ReadT (OUT void *pVal, size_t nSize)
template<typename TYPE >
HRESULT	ReadT (OUT TYPE &val)
template<typename TYPE >
HRESULT	ReadTN (OUT TYPE &val)
HRESULT	ReadSize (OUT size_t &nSize)
template<typename TYPE >
HRESULT	ReadSizeT (OUT TYPE &n)
HRESULT	ReadHashCode (OUT UINT32 &nHashCode)
HRESULT	ReadHashCode (OUT UINT64 &nHashCode)
HRESULT	ReadN (OUT BYTE *pBuffer, size_t nSizeMax)
template<typename _CH >
HRESULT	ReadStringN (OUT _CH *pszStr, StrLen_t iSizeMax)
virtual HRESULT	ReadPeek (void *pData, size_t nDataSize)
Public Member Functions inherited from Gray::cStreamBase
virtual	~cStreamBase ()
void	SeekToBegin ()
STREAM_POS_t	SeekToEnd ()
Public Member Functions inherited from Gray::cStreamOutput
	cStreamOutput () noexcept
virtual	~cStreamOutput ()
HRESULT	WriteT (const void *pVal, size_t nDataSize)
template<typename TYPE >
HRESULT	WriteT (TYPE val)
HRESULT	WriteSize (size_t nSize)
HRESULT	WriteHashCode (HASHCODE_t nHashCode)
HRESULT	WriteN (const void *pBuffer, size_t nSize)
template<typename _CH >
HRESULT	WriteStringN (const _CH *pszStr)
template<typename _CH >
HRESULT	WriteCharRepeat (_CH nChar, int nCount=1)
virtual HRESULT	WriteString (const char *pszStr)
virtual HRESULT	WriteString (const wchar_t *pszStr)
StrLen_t	VPrintf (const char *pszFormat, va_list args)
StrLen_t	VPrintf (const wchar_t *pszFormat, va_list args)
StrLen_t _cdecl	Printf (const char *pszFormat,...)
StrLen_t _cdecl	Printf (const wchar_t *pszFormat,...)
HRESULT	WriteStream (cStreamInput &sInp, STREAM_POS_t nSizeMax=k_FILE_BLOCK_SIZE, IStreamProgressCallback *pProgress=nullptr, TIMESYSD_t nTimeout=0)
	Copy cStreamInput to this stream. More...
virtual HRESULT	FlushX ()

Public Attributes
cSSLSessionCache *	m_pCache
	Server Session cache. More...
cNewPtr< cSSLTicketKeys >	m_pTicketKeys
	allocated keys for ticket encryption More...
ISSLServerExt *	m_pSNICallback
ISSLServerExt *	m_pPSKCallback
Public Attributes inherited from GraySSL::cSSLCommon
const cObjectSignature	m_SigCommon
	All DLL consumers must agree this is the same. sizeof(*this) More...
const bool	m_bThisIsServer
	true = cSSLServer else cSSLClient More...
const cSSLConfig &	m_Cfg
	Behavior controls. More...
SSL_VERSION_TYPE	m_nVer
	Version selected. either 0 (SSL3) or 1 (TLS1.0) More...
cStreamInput *	m_pReader
	reading operations raw stream More...
cStreamOutput *	m_pWriter
	writing operations raw stream More...
bool	m_bRenegotiationSupported
	does peer support legacy or secure renegotiation TLS_EXT_renegotiation_info More...
cSSLHandshake *	m_pHandshake
	params required only during the handshake SSL_STATE_TYPE(s) More...
cSSLSession *	m_pSessionNegotiate
	session data in negotiation. Move to m_pHandshake ? More...
cSSLSession *	m_pSessionCur
	negotiated session data. swapped from m_pSessionNegotiate More...
cSSLSession *	m_pSessionIn
	current session data (in) from m_pSessionNegotiate More...
cSSLSession *	m_pSessionOut
	current session data (out) More...
cSSLTransform *	m_pTransformNegotiate
	transform params in negotiation. Move to m_pHandshake ? More...
cSSLTransform *	m_pTransformCur
	negotiated transform params. swapped from m_pTransformNegotiate More...
cSSLTransform *	m_pTransformIn
	current transform params (in) from m_pTransformNegotiate More...
cSSLTransform *	m_pTransformOut
	current transform params (in) More...
cSSLMsgBuilder	m_in
size_t	m_nInReadPos
	caller ReadX() offset in application data m_in.m_pMsg More...
cSSLMsgBuilder	m_out
	message contents (out_iv+ivlen) More...
int	m_nEmptyMessages
	count # of 0-length encrypted messages. Watch for DoS. More...
bool	m_bClientAuth
	flag for client auth. client optionally supplies a cert if servers asks. More...
X509_Verify_t	m_eVerifyResults
	verification result for cert. More...
const char *	m_pszAlpnChosen
	extension RFC 7301 Application Layer Protocol Negotiation. More...
cHeapBlock	m_PSK
cHeapBlock	m_PSKIdentity
size_t	m_nVerifyDataSize
	length of verify data stored. <= k_VERIFY_DATA_MAX_LEN More...
BYTE	m_VerifyDataPeer [k_VERIFY_DATA_MAX_LEN]
	previous handshake verify data More...
BITOP_TYPE	m_nCBCRecordSplitOp
	flag for record splitting: BITOP_TOGGLE=disabled, BITOP_CLR=todo, BITOP_SET= done More...
cX509KeyCrtPair *	m_pKeyCrtPair
	my own certificate(s)/key(s) pair. Not freed. (server only) More...
const char *	m_pszPeerCN
	expected peer CN in case we check this against cert. More...

Additional Inherited Members
Static Public Attributes inherited from GraySSL::cSSLCommon
static const int	k_VERIFY_DATA_MAX_LEN = 36
	Length of the verify data for secure renegotiation. SSLv3. More...
Static Public Attributes inherited from Gray::cStreamBase
static const BYTE	k_SIZE_MASK = 0x80
	Used for WriteSize() More...
static const size_t	k_FILE_BLOCK_SIZE = (32 * 1024)
	default arbitrary transfer block size. more than this is NOT more efficient. More...
Static Public Attributes inherited from GrayLib::cSSL
static const size_t	k_PSK_Size_Max = 32
	256 bits More...
static const size_t	k_MAC_Size_Max = 48
	16 to 48. SHA-384 used for HMAC. like k_HashSizeMax More...
static const size_t	k_Number_Size_Max = 1024
	Max reasonable size of a big number used for crypt purposes. 8k bits. like cBigInteger::k_SIZE_MAX. More...
static const size_t	k_Content_Size_Max = 16384
	Size of content. >= k_MaxFragLens[MAX]. More...
static const WORD	k_MaxFragLens [SSL_MAX_FRAG_LEN_QTY]
Protected Member Functions inherited from GraySSL::cSSLCommon
	cSSLCommon (bool bEndpointIsServer, const cSSLConfig &rOpts) noexcept
virtual	~cSSLCommon ()
HRESULT	ReturnError (HRESULT hRes, const char *pszMsg) const
SSL_STATE_TYPE	get_State () const noexcept
void	put_State (SSL_STATE_TYPE e) noexcept
void	IncState1 (SSL_STATE_TYPE e)
HRESULT	WriteFlush (bool bWait=false)
HRESULT	WriteMsg (SSL_MSG_TYPE eMsg, size_t nContLength)
HRESULT	ReadFill (size_t nSizeExpect)
HRESULT	ReadCheckHandshake ()
HRESULT	ReadMessage ()
HRESULT	ReadProcessCompleteMsg ()
HRESULT	PrepareKeys ()

Detailed Description

A SSL Server framework.

Constructor & Destructor Documentation

cSSLServer()

GraySSL::cSSLServer::cSSLServer ( const cSSLConfig &  rOpts )

noexcept

~cSSLServer()

GraySSL::cSSLServer::~cSSLServer

(

)

Member Function Documentation

AddKeyCrt()

HRESULT GraySSL::cSSLServer::AddKeyCrt

(

cX509KeyCrtPair *

pKeyCrt

)

build_TLS_EXT_ExtendedMasterSecret()

size_t GraySSL::cSSLServer::build_TLS_EXT_ExtendedMasterSecret

(

cSSLMsgHandExt *

pExt

)

build_TLS_EXT_SessionTicket()

size_t GraySSL::cSSLServer::build_TLS_EXT_SessionTicket

(

cSSLMsgHandExt *

pExt

)

parse_SSL_ClientHello_v2()

HRESULT GraySSL::cSSLServer::parse_SSL_ClientHello_v2

(

)

parse_TLS_EXT_server_name()

HRESULT GraySSL::cSSLServer::parse_TLS_EXT_server_name	(	const BYTE *	buf,
		size_t	len
	)

ProcessStreamPacket()

virtual HRESULT GraySSL::cSSLServer::ProcessStreamPacket ( )

overridevirtual

Perform a single step of the SSL handshake

Returns

0 if successful, else HRESULT_WIN32_C(WSAEWOULDBLOCK)

Implements GraySSL::cSSLCommon.

put_PSKCallback()

void GraySSL::cSSLServer::put_PSKCallback

(

ISSLServerExt *

pPSKCallback

)

put_SessionCache()

void GraySSL::cSSLServer::put_SessionCache ( cSSLSessionCache *  pCache )

inline

Set the session cache callbacks (server-side only)

put_SNICallback()

void GraySSL::cSSLServer::put_SNICallback

(

ISSLServerExt *

pSNICallback

)

put_UseSessionTickets()

HRESULT GraySSL::cSSLServer::put_UseSessionTickets

(

bool

bUseTickets

)

SetPSKIdentity()

HRESULT GraySSL::cSSLServer::SetPSKIdentity	(	const BYTE *	psk,
		size_t	psk_len,
		const BYTE *	psk_identity,
		size_t	psk_identity_len
	)

state_SSL_CERTIFICATE_REQUEST()

HRESULT GraySSL::cSSLServer::state_SSL_CERTIFICATE_REQUEST

(

)

state_SSL_CERTIFICATE_VERIFY()

HRESULT GraySSL::cSSLServer::state_SSL_CERTIFICATE_VERIFY

(

)

state_SSL_CLIENT_KEY_EXCHANGE()

HRESULT GraySSL::cSSLServer::state_SSL_CLIENT_KEY_EXCHANGE

(

)

state_SSL_ClientHello()

HRESULT GraySSL::cSSLServer::state_SSL_ClientHello

(

)

state_SSL_HANDSHAKE_WRAPUP()

void GraySSL::cSSLServer::state_SSL_HANDSHAKE_WRAPUP

(

)

state_SSL_SERVER_CHANGE_CIPHER_SPEC()

HRESULT GraySSL::cSSLServer::state_SSL_SERVER_CHANGE_CIPHER_SPEC

(

)

state_SSL_SERVER_KEY_EXCHANGE()

HRESULT GraySSL::cSSLServer::state_SSL_SERVER_KEY_EXCHANGE

(

)

state_SSL_ServerHello_DONE()

HRESULT GraySSL::cSSLServer::state_SSL_ServerHello_DONE

(

)

Member Data Documentation

m_pCache

cSSLSessionCache* GraySSL::cSSLServer::m_pCache

Server Session cache.

m_pPSKCallback

ISSLServerExt* GraySSL::cSSLServer::m_pPSKCallback

m_pSNICallback

ISSLServerExt* GraySSL::cSSLServer::m_pSNICallback

m_pTicketKeys

cNewPtr<cSSLTicketKeys> GraySSL::cSSLServer::m_pTicketKeys

allocated keys for ticket encryption

---

The documentation for this class was generated from the following file:

• c:/Dennis/Source/Gray/GraySSL/include/cSSLServer.h