Gray C++ Libraries  0.0.2
A set of C++ libraries for MSVC, GNU on Windows, WinCE, Linux
Public Member Functions | Public Attributes | Static Public Attributes | Protected Member Functions | List of all members
GraySSL::cSSLCommon Class Referenceabstract

#include <cSSLCommon.h>

Inheritance diagram for GraySSL::cSSLCommon:
Gray::cStream GrayLib::cSSL Gray::cStreamInput Gray::cStreamOutput Gray::cStreamBase Gray::cStreamBase GraySSL::cSSLClient GraySSL::cSSLServer

Public Member Functions

HRESULT InitSSL ()
 
void state_SSL_HANDSHAKE_WRAPUP ()
 
void AttachStreams (cStreamInput *pReader, cStreamOutput *pWriter) noexcept
 
virtual void SetSessionClear ()
 
HRESULT write_SSL_MSG_ALERT (SSL_ALERT_LEVEL_TYPE level, SSL_ALERT_TYPE message)
 
const char * get_AlpnChosen () const noexcept
 
bool isStateHandshake () const noexcept
 
HRESULT Handshake (bool bWait=false)
 
virtual HRESULT ProcessStreamPacket ()=0
 
HRESULT WriteMsgApp (const BYTE *buf, size_t len)
 
void put_CBCRecordSplitOp (BITOP_TYPE split)
 
X509_Verify_t get_VerifyResults () const
 
const char * get_CipherSuiteStr () const
 
const char * get_VersionStr () const
 
cRefPtr< cX509Crtget_PeerCert () const
 
bool isRenegotiation () const noexcept
 
virtual STREAM_POS_t GetLength () const override
 
virtual HRESULT ReadX (OUT void *pData, size_t nDataSize) override
 
virtual size_t SetSeekSizeMin (size_t nSizeMin=k_FILE_BLOCK_SIZE) override
 
virtual STREAM_SEEKRET_t Seek (STREAM_OFFSET_t iOffset, SEEK_ORIGIN_TYPE eSeekOrigin=SEEK_Set) override
 Disambiguate Seek for cStreamBase to cStreamInput for stupid compiler. More...
 
virtual HRESULT WriteX (const void *pData, size_t nDataSize) override
 
HRESULT write_SSL_ALERT_SSL3_CLOSE_NOTIFY ()
 Notify the peer that the connection is being closed. More...
 
HRESULT write_SSL_ALERT_SSL3_HANDSHAKE_FAILURE ()
 
size_t build_TLS_EXT_MaxFragmentLength (cSSLMsgHandExt *pExt, SSL_MAX_FRAG_TYPE eMaxFrag)
 
HRESULT state_SSL_XXX_CERTIFICATE_r ()
 
HRESULT state_SSL_XXX_CERTIFICATE_w ()
 
HRESULT state_SSL_XXX_CHANGE_CIPHER_SPEC_r ()
 
HRESULT state_SSL_XXX_CHANGE_CIPHER_SPEC_w ()
 
HRESULT state_SSL_XXX_FINISHED_r ()
 
HRESULT state_SSL_XXX_FINISHED_w ()
 
HRESULT InitHandshakeParams ()
 
HRESULT BuildKeyExPremasterPSK (SSL_KeyExchange_TYPE key_ex)
 
cKeyWrapget_OwnKeyPriv () const noexcept
 
cX509Crtget_OwnCert () const noexcept
 
- Public Member Functions inherited from Gray::cStream
virtual STREAM_POS_t GetPosition () const override
 
void SeekToBegin ()
 
STREAM_POS_t SeekToEnd ()
 
- Public Member Functions inherited from Gray::cStreamInput
 cStreamInput () noexcept
 
virtual ~cStreamInput ()
 
HRESULT ReadAll (OUT cHeapBlock &block, size_t nSizeExtra=0)
 
virtual HRESULT ReadStringLine (OUT char *pszBuffer, StrLen_t iSizeMax)
 
virtual HRESULT ReadStringLine (OUT wchar_t *pszBuffer, StrLen_t iSizeMax)
 
HRESULT ReadT (OUT void *pVal, size_t nSize)
 
template<typename TYPE >
HRESULT ReadT (OUT TYPE &val)
 
template<typename TYPE >
HRESULT ReadTN (OUT TYPE &val)
 
HRESULT ReadSize (OUT size_t &nSize)
 
template<typename TYPE >
HRESULT ReadSizeT (OUT TYPE &n)
 
HRESULT ReadHashCode (OUT UINT32 &nHashCode)
 
HRESULT ReadHashCode (OUT UINT64 &nHashCode)
 
HRESULT ReadN (OUT BYTE *pBuffer, size_t nSizeMax)
 
template<typename _CH >
HRESULT ReadStringN (OUT _CH *pszStr, StrLen_t iSizeMax)
 
virtual HRESULT ReadPeek (void *pData, size_t nDataSize)
 
- Public Member Functions inherited from Gray::cStreamBase
virtual ~cStreamBase ()
 
void SeekToBegin ()
 
STREAM_POS_t SeekToEnd ()
 
- Public Member Functions inherited from Gray::cStreamOutput
 cStreamOutput () noexcept
 
virtual ~cStreamOutput ()
 
HRESULT WriteT (const void *pVal, size_t nDataSize)
 
template<typename TYPE >
HRESULT WriteT (TYPE val)
 
HRESULT WriteSize (size_t nSize)
 
HRESULT WriteHashCode (HASHCODE_t nHashCode)
 
HRESULT WriteN (const void *pBuffer, size_t nSize)
 
template<typename _CH >
HRESULT WriteStringN (const _CH *pszStr)
 
template<typename _CH >
HRESULT WriteCharRepeat (_CH nChar, int nCount=1)
 
virtual HRESULT WriteString (const char *pszStr)
 
virtual HRESULT WriteString (const wchar_t *pszStr)
 
StrLen_t VPrintf (const char *pszFormat, va_list args)
 
StrLen_t VPrintf (const wchar_t *pszFormat, va_list args)
 
StrLen_t _cdecl Printf (const char *pszFormat,...)
 
StrLen_t _cdecl Printf (const wchar_t *pszFormat,...)
 
HRESULT WriteStream (cStreamInput &sInp, STREAM_POS_t nSizeMax=k_FILE_BLOCK_SIZE, IStreamProgressCallback *pProgress=nullptr, TIMESYSD_t nTimeout=0)
 Copy cStreamInput to this stream. More...
 
virtual HRESULT FlushX ()
 

Public Attributes

const cObjectSignature m_SigCommon
 All DLL consumers must agree this is the same. sizeof(*this) More...
 
const bool m_bThisIsServer
 true = cSSLServer else cSSLClient More...
 
const cSSLConfigm_Cfg
 Behavior controls. More...
 
SSL_VERSION_TYPE m_nVer
 Version selected. either 0 (SSL3) or 1 (TLS1.0) More...
 
cStreamInputm_pReader
 reading operations raw stream More...
 
cStreamOutputm_pWriter
 writing operations raw stream More...
 
bool m_bRenegotiationSupported
 does peer support legacy or secure renegotiation TLS_EXT_renegotiation_info More...
 
cSSLHandshakem_pHandshake
 params required only during the handshake SSL_STATE_TYPE(s) More...
 
cSSLSessionm_pSessionNegotiate
 session data in negotiation. Move to m_pHandshake ? More...
 
cSSLSessionm_pSessionCur
 negotiated session data. swapped from m_pSessionNegotiate More...
 
cSSLSessionm_pSessionIn
 current session data (in) from m_pSessionNegotiate More...
 
cSSLSessionm_pSessionOut
 current session data (out) More...
 
cSSLTransformm_pTransformNegotiate
 transform params in negotiation. Move to m_pHandshake ? More...
 
cSSLTransformm_pTransformCur
 negotiated transform params. swapped from m_pTransformNegotiate More...
 
cSSLTransformm_pTransformIn
 current transform params (in) from m_pTransformNegotiate More...
 
cSSLTransformm_pTransformOut
 current transform params (in) More...
 
cSSLMsgBuilder m_in
 
size_t m_nInReadPos
 caller ReadX() offset in application data m_in.m_pMsg More...
 
cSSLMsgBuilder m_out
 message contents (out_iv+ivlen) More...
 
int m_nEmptyMessages
 count # of 0-length encrypted messages. Watch for DoS. More...
 
bool m_bClientAuth
 flag for client auth. client optionally supplies a cert if servers asks. More...
 
X509_Verify_t m_eVerifyResults
 verification result for cert. More...
 
const char * m_pszAlpnChosen
 extension RFC 7301 Application Layer Protocol Negotiation. More...
 
cHeapBlock m_PSK
 
cHeapBlock m_PSKIdentity
 
size_t m_nVerifyDataSize
 length of verify data stored. <= k_VERIFY_DATA_MAX_LEN More...
 
BYTE m_VerifyDataPeer [k_VERIFY_DATA_MAX_LEN]
 previous handshake verify data More...
 
BITOP_TYPE m_nCBCRecordSplitOp
 flag for record splitting: BITOP_TOGGLE=disabled, BITOP_CLR=todo, BITOP_SET= done More...
 
cX509KeyCrtPairm_pKeyCrtPair
 my own certificate(s)/key(s) pair. Not freed. (server only) More...
 
const char * m_pszPeerCN
 expected peer CN in case we check this against cert. More...
 

Static Public Attributes

static const int k_VERIFY_DATA_MAX_LEN = 36
 Length of the verify data for secure renegotiation. SSLv3. More...
 
- Static Public Attributes inherited from Gray::cStreamBase
static const BYTE k_SIZE_MASK = 0x80
 Used for WriteSize() More...
 
static const size_t k_FILE_BLOCK_SIZE = (32 * 1024)
 default arbitrary transfer block size. more than this is NOT more efficient. More...
 
- Static Public Attributes inherited from GrayLib::cSSL
static const size_t k_PSK_Size_Max = 32
 256 bits More...
 
static const size_t k_MAC_Size_Max = 48
 16 to 48. SHA-384 used for HMAC. like k_HashSizeMax More...
 
static const size_t k_Number_Size_Max = 1024
 Max reasonable size of a big number used for crypt purposes. 8k bits. like cBigInteger::k_SIZE_MAX. More...
 
static const size_t k_Content_Size_Max = 16384
 Size of content. >= k_MaxFragLens[MAX]. More...
 
static const WORD k_MaxFragLens [SSL_MAX_FRAG_LEN_QTY]
 

Protected Member Functions

 cSSLCommon (bool bEndpointIsServer, const cSSLConfig &rOpts) noexcept
 
virtual ~cSSLCommon ()
 
HRESULT ReturnError (HRESULT hRes, const char *pszMsg) const
 
SSL_STATE_TYPE get_State () const noexcept
 
void put_State (SSL_STATE_TYPE e) noexcept
 
void IncState1 (SSL_STATE_TYPE e)
 
HRESULT WriteFlush (bool bWait=false)
 
HRESULT WriteMsg (SSL_MSG_TYPE eMsg, size_t nContLength)
 
HRESULT ReadFill (size_t nSizeExpect)
 
HRESULT ReadCheckHandshake ()
 
HRESULT ReadMessage ()
 
HRESULT ReadProcessCompleteMsg ()
 
HRESULT PrepareKeys ()
 

Detailed Description

Base for cSSLServer and/or cSSLClient

Constructor & Destructor Documentation

◆ cSSLCommon()

GraySSL::cSSLCommon::cSSLCommon ( bool  bEndpointIsServer,
const cSSLConfig rOpts 
)
protectednoexcept

< previous handshake verify data

◆ ~cSSLCommon()

GraySSL::cSSLCommon::~cSSLCommon ( )
protectedvirtual

Member Function Documentation

◆ AttachStreams()

void GraySSL::cSSLCommon::AttachStreams ( cStreamInput pReader,
cStreamOutput pWriter 
)
inlinenoexcept

Set the underlying BIO read and write callbacks

  • pReader read callback
  • pWriter write callback

◆ build_TLS_EXT_MaxFragmentLength()

size_t GraySSL::cSSLCommon::build_TLS_EXT_MaxFragmentLength ( cSSLMsgHandExt pExt,
SSL_MAX_FRAG_TYPE  eMaxFrag 
)

◆ BuildKeyExPremasterPSK()

HRESULT GraySSL::cSSLCommon::BuildKeyExPremasterPSK ( SSL_KeyExchange_TYPE  key_ex)

◆ get_AlpnChosen()

const char* GraySSL::cSSLCommon::get_AlpnChosen ( ) const
inlinenoexcept

Get the name of the negotiated Application Layer Protocol. This function should be called after the handshake is completed.

Returns
Protocol name, or nullptr if no protocol was negotiated.

◆ get_CipherSuiteStr()

const char * GraySSL::cSSLCommon::get_CipherSuiteStr ( ) const

Return the name of the current ciphersuite

Returns
a string containing the ciphersuite name

◆ get_OwnCert()

cX509Crt* GraySSL::cSSLCommon::get_OwnCert ( ) const
inlinenoexcept

◆ get_OwnKeyPriv()

cKeyWrap* GraySSL::cSSLCommon::get_OwnKeyPriv ( ) const
inlinenoexcept

◆ get_PeerCert()

cRefPtr<cX509Crt> GraySSL::cSSLCommon::get_PeerCert ( ) const

◆ get_State()

SSL_STATE_TYPE GraySSL::cSSLCommon::get_State ( ) const
inlineprotectednoexcept

◆ get_VerifyResults()

X509_Verify_t GraySSL::cSSLCommon::get_VerifyResults ( ) const

Get the result of the certificate verification

Returns
0 if successful, X509_VERIFY_UNK (-1) if result is not available (eg because the handshake was aborted too early), or a combination of BADCERT_xxx and BADCRL_xxx flags, see cX509.h

◆ get_VersionStr()

const char * GraySSL::cSSLCommon::get_VersionStr ( ) const

Return the current SSL version (SSLv3/TLSv1/etc)

Returns
a string containing the SSL version

◆ GetLength()

STREAM_POS_t GraySSL::cSSLCommon::GetLength ( ) const
overridevirtual

Return the number of data bytes available to read

Returns
how many bytes are available in the read buffer

SSL get accessors. m_nInReadPos

Reimplemented from Gray::cStream.

◆ Handshake()

HRESULT GraySSL::cSSLCommon::Handshake ( bool  bWait = false)

Perform the SSL handshake as a single blocking operation. First thing on new connection.

Returns
0 if successful, HRESULT_WIN32_C(WSAEWOULDBLOCK) or a specific SSL error code.

◆ IncState1()

void GraySSL::cSSLCommon::IncState1 ( SSL_STATE_TYPE  e)
inlineprotected

◆ InitHandshakeParams()

HRESULT GraySSL::cSSLCommon::InitHandshakeParams ( )

◆ InitSSL()

HRESULT GraySSL::cSSLCommon::InitSSL ( )

Initialize an SSL context (An individual SSL context is not thread - safe)

◆ isRenegotiation()

bool GraySSL::cSSLCommon::isRenegotiation ( ) const
inlinenoexcept

◆ isStateHandshake()

bool GraySSL::cSSLCommon::isStateHandshake ( ) const
inlinenoexcept

Are we still in the handshake phase?

◆ PrepareKeys()

HRESULT GraySSL::cSSLCommon::PrepareKeys ( )
protected

◆ ProcessStreamPacket()

virtual HRESULT GraySSL::cSSLCommon::ProcessStreamPacket ( )
pure virtual

Perform a single step of the SSL handshake

Returns
0 if successful, else HRESULT_WIN32_C(WSAEWOULDBLOCK)

Implemented in GraySSL::cSSLServer, and GraySSL::cSSLClient.

◆ put_CBCRecordSplitOp()

void GraySSL::cSSLCommon::put_CBCRecordSplitOp ( BITOP_TYPE  split)

Enable / Disable 1/n-1 record splitting (Default: enable)

Note
Only affects SSLv3 and TLS 1.0, not higher versions. Does not affect non-CBC ciphersuites in any version.

◆ put_State()

void GraySSL::cSSLCommon::put_State ( SSL_STATE_TYPE  e)
inlineprotectednoexcept

◆ ReadCheckHandshake()

HRESULT GraySSL::cSSLCommon::ReadCheckHandshake ( )
protected

◆ ReadFill()

HRESULT GraySSL::cSSLCommon::ReadFill ( size_t  nSizeExpect)
protected

◆ ReadMessage()

HRESULT GraySSL::cSSLCommon::ReadMessage ( )
protected

Fill m_in For handshake or application data mode message. Does not work for v2 Hello message.

Returns
HRESULT_WIN32_C(ERROR_IO_INCOMPLETE)

◆ ReadProcessCompleteMsg()

HRESULT GraySSL::cSSLCommon::ReadProcessCompleteMsg ( )
protected

I finished processing the m_in message and can get a new one. (unless it has another handshake message appended) processed just 1 handshake sub packet at a time.

◆ ReadX()

HRESULT GraySSL::cSSLCommon::ReadX ( OUT void *  pData,
size_t  nDataSize 
)
overridevirtual

Read at most 'len' application data bytes

  • buf = buffer that will hold the data
  • len = maximum number of bytes to read
    Returns
    This function returns the number of bytes read, 0 for EOF, or a negative error code.

Receive application data decrypted from the SSL layer

Returns
HRESULT_WIN32_C(WSAECONNABORTED) = connection is broken.
HRESULT_WIN32_C(ERROR_IO_INCOMPLETE) = incomplete record. wait for more.

Reimplemented from Gray::cStreamInput.

◆ ReturnError()

HRESULT GraySSL::cSSLCommon::ReturnError ( HRESULT  hRes,
const char *  pszMsg 
) const
protected

◆ Seek()

STREAM_SEEKRET_t GraySSL::cSSLCommon::Seek ( STREAM_OFFSET_t  iOffset,
SEEK_ORIGIN_TYPE  eSeekOrigin = SEEK_Set 
)
overridevirtual

Disambiguate Seek for cStreamBase to cStreamInput for stupid compiler.

Effect the m_in buffer.

Reimplemented from Gray::cStream.

◆ SetSeekSizeMin()

size_t GraySSL::cSSLCommon::SetSeekSizeMin ( size_t  nSizeMin = k_FILE_BLOCK_SIZE)
overridevirtual

Lock a transaction for the stream. I want to Seek() back.

Reimplemented from Gray::cStreamInput.

◆ SetSessionClear()

void GraySSL::cSSLCommon::SetSessionClear ( )
virtual

Reset an already initialized SSL context for re-use while retaining application-set variables, function pointers and data.

Returns
0 if successful, or E_OUTOFMEMORY, GRAYSSL_ERR_HW_ACCEL_FAILED or GRAYSSL_ERR_COMPRESSION_FAILED

Reimplemented in GraySSL::cSSLClient.

◆ state_SSL_HANDSHAKE_WRAPUP()

void GraySSL::cSSLCommon::state_SSL_HANDSHAKE_WRAPUP ( )

◆ state_SSL_XXX_CERTIFICATE_r()

HRESULT GraySSL::cSSLCommon::state_SSL_XXX_CERTIFICATE_r ( )

SSL_SERVER_CERTIFICATE (For client) | SSL_CLIENT_CERTIFICATE (for server)

<== ( Certificate/Alert ) ClientKeyExchange ( CertificateVerify ) ChangeCipherSpec Finished

◆ state_SSL_XXX_CERTIFICATE_w()

HRESULT GraySSL::cSSLCommon::state_SSL_XXX_CERTIFICATE_w ( )

SSL_SERVER_CERTIFICATE (for server) | SSL_CLIENT_CERTIFICATE (For client) Send my public cert.

◆ state_SSL_XXX_CHANGE_CIPHER_SPEC_r()

HRESULT GraySSL::cSSLCommon::state_SSL_XXX_CHANGE_CIPHER_SPEC_r ( )

SSL_CLIENT_CHANGE_CIPHER_SPEC (for server) or SSL_SERVER_CHANGE_CIPHER_SPEC (for client) read

◆ state_SSL_XXX_CHANGE_CIPHER_SPEC_w()

HRESULT GraySSL::cSSLCommon::state_SSL_XXX_CHANGE_CIPHER_SPEC_w ( )

SSL_CLIENT_CHANGE_CIPHER_SPEC (for client) or SSL_SERVER_CHANGE_CIPHER_SPEC (for server) write

◆ state_SSL_XXX_FINISHED_r()

HRESULT GraySSL::cSSLCommon::state_SSL_XXX_FINISHED_r ( )

SSL_SERVER_FINISHED (for client) or SSL_CLIENT_FINISHED (for server)

◆ state_SSL_XXX_FINISHED_w()

HRESULT GraySSL::cSSLCommon::state_SSL_XXX_FINISHED_w ( )

SSL_CLIENT_FINISHED (For client) or SSL_SERVER_FINISHED (for server)

◆ write_SSL_ALERT_SSL3_CLOSE_NOTIFY()

HRESULT GraySSL::cSSLCommon::write_SSL_ALERT_SSL3_CLOSE_NOTIFY ( )

Notify the peer that the connection is being closed.

◆ write_SSL_ALERT_SSL3_HANDSHAKE_FAILURE()

HRESULT GraySSL::cSSLCommon::write_SSL_ALERT_SSL3_HANDSHAKE_FAILURE ( )

◆ write_SSL_MSG_ALERT()

HRESULT GraySSL::cSSLCommon::write_SSL_MSG_ALERT ( SSL_ALERT_LEVEL_TYPE  level,
SSL_ALERT_TYPE  message 
)

Send an alert message

  • level = The alert level of the message (SSL_ALERT_LEVEL_WARNING or SSL_ALERT_LEVEL_FATAL)
  • message = The alert message (SSL_ALERT_MSG_*)
    Returns
    0 if successful, or a specific SSL error code.

◆ WriteFlush()

HRESULT GraySSL::cSSLCommon::WriteFlush ( bool  bWait = false)
protected
Returns
S_OK = write complete. we can do read or write again. S_FALSE = write not complete.

◆ WriteMsg()

HRESULT GraySSL::cSSLCommon::WriteMsg ( SSL_MSG_TYPE  eMsg,
size_t  nContLength 
)
protected

Flush m_out Record

Returns
S_FALSE = can't complete write now.

◆ WriteMsgApp()

HRESULT GraySSL::cSSLCommon::WriteMsgApp ( const BYTE *  buf,
size_t  len 
)

Send application data to be encrypted by the SSL layer, taking care of max fragment length and buffer size. Maybe Send Partial.

Returns
<0 = error, else length of write. 0 = i wrote nothing.

◆ WriteX()

HRESULT GraySSL::cSSLCommon::WriteX ( const void *  pData,
size_t  nDataSize 
)
overridevirtual

Write exactly 'len' application data bytes

  • buf = buffer holding the data
  • len = how many bytes must be written
    Returns
    This function returns the number of bytes written, or a negative error code.
    Note
    When this function returns HRESULT_WIN32_C(WSAEWOULDBLOCK), it must be called later with the same arguments, until it returns a positive value.
    This function may write less than the number of bytes requested if len is greater than the maximum record length. For arbitrary-sized messages, it should be called in a loop.

Reimplemented from Gray::cStreamOutput.

Member Data Documentation

◆ k_VERIFY_DATA_MAX_LEN

const int GraySSL::cSSLCommon::k_VERIFY_DATA_MAX_LEN = 36
static

Length of the verify data for secure renegotiation. SSLv3.

◆ m_bClientAuth

bool GraySSL::cSSLCommon::m_bClientAuth

flag for client auth. client optionally supplies a cert if servers asks.

◆ m_bRenegotiationSupported

bool GraySSL::cSSLCommon::m_bRenegotiationSupported

does peer support legacy or secure renegotiation TLS_EXT_renegotiation_info

◆ m_bThisIsServer

const bool GraySSL::cSSLCommon::m_bThisIsServer

true = cSSLServer else cSSLClient

◆ m_Cfg

const cSSLConfig& GraySSL::cSSLCommon::m_Cfg

Behavior controls.

◆ m_eVerifyResults

X509_Verify_t GraySSL::cSSLCommon::m_eVerifyResults

verification result for cert.

◆ m_in

cSSLMsgBuilder GraySSL::cSSLCommon::m_in

◆ m_nCBCRecordSplitOp

BITOP_TYPE GraySSL::cSSLCommon::m_nCBCRecordSplitOp

flag for record splitting: BITOP_TOGGLE=disabled, BITOP_CLR=todo, BITOP_SET= done

◆ m_nEmptyMessages

int GraySSL::cSSLCommon::m_nEmptyMessages

count # of 0-length encrypted messages. Watch for DoS.

◆ m_nInReadPos

size_t GraySSL::cSSLCommon::m_nInReadPos

caller ReadX() offset in application data m_in.m_pMsg

◆ m_nVer

SSL_VERSION_TYPE GraySSL::cSSLCommon::m_nVer

Version selected. either 0 (SSL3) or 1 (TLS1.0)

◆ m_nVerifyDataSize

size_t GraySSL::cSSLCommon::m_nVerifyDataSize

length of verify data stored. <= k_VERIFY_DATA_MAX_LEN

◆ m_out

cSSLMsgBuilder GraySSL::cSSLCommon::m_out

message contents (out_iv+ivlen)

◆ m_pHandshake

cSSLHandshake* GraySSL::cSSLCommon::m_pHandshake

params required only during the handshake SSL_STATE_TYPE(s)

◆ m_pKeyCrtPair

cX509KeyCrtPair* GraySSL::cSSLCommon::m_pKeyCrtPair

my own certificate(s)/key(s) pair. Not freed. (server only)

◆ m_pReader

cStreamInput* GraySSL::cSSLCommon::m_pReader

reading operations raw stream

◆ m_pSessionCur

cSSLSession* GraySSL::cSSLCommon::m_pSessionCur

negotiated session data. swapped from m_pSessionNegotiate

◆ m_pSessionIn

cSSLSession* GraySSL::cSSLCommon::m_pSessionIn

current session data (in) from m_pSessionNegotiate

◆ m_pSessionNegotiate

cSSLSession* GraySSL::cSSLCommon::m_pSessionNegotiate

session data in negotiation. Move to m_pHandshake ?

◆ m_pSessionOut

cSSLSession* GraySSL::cSSLCommon::m_pSessionOut

current session data (out)

◆ m_PSK

cHeapBlock GraySSL::cSSLCommon::m_PSK

◆ m_PSKIdentity

cHeapBlock GraySSL::cSSLCommon::m_PSKIdentity

◆ m_pszAlpnChosen

const char* GraySSL::cSSLCommon::m_pszAlpnChosen

extension RFC 7301 Application Layer Protocol Negotiation.

negotiated protocol from m_ppAlpnList. or nullptr.

◆ m_pszPeerCN

const char* GraySSL::cSSLCommon::m_pszPeerCN

expected peer CN in case we check this against cert.

◆ m_pTransformCur

cSSLTransform* GraySSL::cSSLCommon::m_pTransformCur

negotiated transform params. swapped from m_pTransformNegotiate

◆ m_pTransformIn

cSSLTransform* GraySSL::cSSLCommon::m_pTransformIn

current transform params (in) from m_pTransformNegotiate

◆ m_pTransformNegotiate

cSSLTransform* GraySSL::cSSLCommon::m_pTransformNegotiate

transform params in negotiation. Move to m_pHandshake ?

◆ m_pTransformOut

cSSLTransform* GraySSL::cSSLCommon::m_pTransformOut

current transform params (in)

◆ m_pWriter

cStreamOutput* GraySSL::cSSLCommon::m_pWriter

writing operations raw stream

◆ m_SigCommon

const cObjectSignature GraySSL::cSSLCommon::m_SigCommon

All DLL consumers must agree this is the same. sizeof(*this)

◆ m_VerifyDataPeer

BYTE GraySSL::cSSLCommon::m_VerifyDataPeer[k_VERIFY_DATA_MAX_LEN]

previous handshake verify data

The documentation for this class was generated from the following files: