gloox 1.0
Public Member Functions
GnuTLSBase Class Reference

This is the common base class for (stream) encryption using GnuTLS. More...

#include <tlsgnutlsbase.h>

Inheritance diagram for GnuTLSBase:
Inheritance graph
[legend]

List of all members.

Public Member Functions

 GnuTLSBase (TLSHandler *th, const std::string &server=EmptyString)
virtual ~GnuTLSBase ()
virtual bool encrypt (const std::string &data)
virtual int decrypt (const std::string &data)
virtual void cleanup ()
virtual bool handshake ()
virtual void setCACerts (const StringList &)
virtual void setClientCert (const std::string &, const std::string &)

Detailed Description

This is the common base class for (stream) encryption using GnuTLS.

You should not need to use this class directly.

Author:
Jakob Schroeter <js@camaya.net>
Since:
0.9

Definition at line 38 of file tlsgnutlsbase.h.


Constructor & Destructor Documentation

GnuTLSBase ( TLSHandler th,
const std::string &  server = EmptyString 
)

Constructor.

Parameters:
thThe TLSHandler to handle TLS-related events.
serverThe server to use in certificate verification.

Definition at line 29 of file tlsgnutlsbase.cpp.

~GnuTLSBase ( ) [virtual]

Virtual destructor.

Definition at line 35 of file tlsgnutlsbase.cpp.


Member Function Documentation

void cleanup ( ) [virtual]

This function performs internal cleanup and will be called after a failed handshake attempt.

Implements TLSBase.

Reimplemented in GnuTLSClient, GnuTLSClientAnon, and GnuTLSServerAnon.

Definition at line 93 of file tlsgnutlsbase.cpp.

int decrypt ( const std::string &  data) [virtual]

Use this function to feed encrypted data or received handshake data to the encryption implementation. Handshake data will be eaten, unencrypted data will be pushed to the TLSHandler's handleDecryptedData() function.

Parameters:
dataThe data to decrypt.
Returns:
The number of bytes used from the input.

Implements TLSBase.

Definition at line 66 of file tlsgnutlsbase.cpp.

bool encrypt ( const std::string &  data) [virtual]

Use this function to feed unencrypted data to the encryption implementation. The encrypted result will be pushed to the TLSHandler's handleEncryptedData() function.

Parameters:
dataThe data to encrypt.
Returns:
Whether or not the data was used successfully.

Implements TLSBase.

Definition at line 47 of file tlsgnutlsbase.cpp.

bool handshake ( ) [virtual]

This functiopn performs the TLS handshake. Handshake data from the server side should be fed in using decrypt(). Handshake data that is to be sent to the other side is pushed through TLSBase's handleEncryptedData().

Returns:
True if the handshake was successful or if more input is needed, false if the handshake failed.

Implements TLSBase.

Definition at line 116 of file tlsgnutlsbase.cpp.

virtual void setCACerts ( const StringList cacerts) [inline, virtual]

Use this function to set a number of trusted root CA certificates which shall be used to verify a servers certificate.

Parameters:
cacertsA list of absolute paths to CA root certificate files in PEM format.

Implements TLSBase.

Reimplemented in GnuTLSClient.

Definition at line 66 of file tlsgnutlsbase.h.

virtual void setClientCert ( const std::string &  clientKey,
const std::string &  clientCerts 
) [inline, virtual]

Use this function to set the user's certificate and private key. The certificate will be presented to the server upon request and can be used for SASL EXTERNAL authentication. The user's certificate file should be a bundle of more than one certificate in PEM format. The first one in the file should be the user's certificate, each cert following that one should have signed the previous one.

Note:
These certificates are not necessarily the same as those used to verify the server's certificate.
Parameters:
clientKeyThe absolute path to the user's private key in PEM format.
clientCertsA path to a certificate bundle in PEM format.

Implements TLSBase.

Reimplemented in GnuTLSClient.

Definition at line 69 of file tlsgnutlsbase.h.


The documentation for this class was generated from the following files: