Chris@16: // Chris@16: // ssl/context.hpp Chris@16: // ~~~~~~~~~~~~~~~ Chris@16: // Chris@101: // Copyright (c) 2003-2015 Christopher M. Kohlhoff (chris at kohlhoff dot com) Chris@16: // Chris@16: // Distributed under the Boost Software License, Version 1.0. (See accompanying Chris@16: // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) Chris@16: // Chris@16: Chris@16: #ifndef BOOST_ASIO_SSL_CONTEXT_HPP Chris@16: #define BOOST_ASIO_SSL_CONTEXT_HPP Chris@16: Chris@16: #if defined(_MSC_VER) && (_MSC_VER >= 1200) Chris@16: # pragma once Chris@16: #endif // defined(_MSC_VER) && (_MSC_VER >= 1200) Chris@16: Chris@16: #include Chris@16: Chris@16: #if defined(BOOST_ASIO_ENABLE_OLD_SSL) Chris@16: # include Chris@16: # include Chris@16: #else // defined(BOOST_ASIO_ENABLE_OLD_SSL) Chris@16: # include Chris@16: # include Chris@16: # include Chris@16: # include Chris@16: # include Chris@16: # include Chris@16: # include Chris@16: # include Chris@16: # include Chris@16: #endif // defined(BOOST_ASIO_ENABLE_OLD_SSL) Chris@16: Chris@16: #include Chris@16: Chris@16: namespace boost { Chris@16: namespace asio { Chris@16: namespace ssl { Chris@16: Chris@16: #if defined(BOOST_ASIO_ENABLE_OLD_SSL) Chris@16: Chris@16: /// Typedef for the typical usage of context. Chris@16: typedef basic_context context; Chris@16: Chris@16: #else // defined(BOOST_ASIO_ENABLE_OLD_SSL) Chris@16: Chris@16: class context Chris@16: : public context_base, Chris@16: private noncopyable Chris@16: { Chris@16: public: Chris@16: /// The native handle type of the SSL context. Chris@16: typedef SSL_CTX* native_handle_type; Chris@16: Chris@16: /// (Deprecated: Use native_handle_type.) The native type of the SSL context. Chris@16: typedef SSL_CTX* impl_type; Chris@16: Chris@16: /// Constructor. Chris@16: BOOST_ASIO_DECL explicit context(method m); Chris@16: Chris@16: /// Deprecated constructor taking a reference to an io_service object. Chris@16: BOOST_ASIO_DECL context(boost::asio::io_service&, method m); Chris@16: Chris@16: #if defined(BOOST_ASIO_HAS_MOVE) || defined(GENERATING_DOCUMENTATION) Chris@16: /// Move-construct a context from another. Chris@16: /** Chris@16: * This constructor moves an SSL context from one object to another. Chris@16: * Chris@16: * @param other The other context object from which the move will occur. Chris@16: * Chris@16: * @note Following the move, the following operations only are valid for the Chris@16: * moved-from object: Chris@16: * @li Destruction. Chris@16: * @li As a target for move-assignment. Chris@16: */ Chris@16: BOOST_ASIO_DECL context(context&& other); Chris@16: Chris@16: /// Move-assign a context from another. Chris@16: /** Chris@16: * This assignment operator moves an SSL context from one object to another. Chris@16: * Chris@16: * @param other The other context object from which the move will occur. Chris@16: * Chris@16: * @note Following the move, the following operations only are valid for the Chris@16: * moved-from object: Chris@16: * @li Destruction. Chris@16: * @li As a target for move-assignment. Chris@16: */ Chris@16: BOOST_ASIO_DECL context& operator=(context&& other); Chris@16: #endif // defined(BOOST_ASIO_HAS_MOVE) || defined(GENERATING_DOCUMENTATION) Chris@16: Chris@16: /// Destructor. Chris@16: BOOST_ASIO_DECL ~context(); Chris@16: Chris@16: /// Get the underlying implementation in the native type. Chris@16: /** Chris@16: * This function may be used to obtain the underlying implementation of the Chris@16: * context. This is intended to allow access to context functionality that is Chris@16: * not otherwise provided. Chris@16: */ Chris@16: BOOST_ASIO_DECL native_handle_type native_handle(); Chris@16: Chris@16: /// (Deprecated: Use native_handle().) Get the underlying implementation in Chris@16: /// the native type. Chris@16: /** Chris@16: * This function may be used to obtain the underlying implementation of the Chris@16: * context. This is intended to allow access to context functionality that is Chris@16: * not otherwise provided. Chris@16: */ Chris@16: BOOST_ASIO_DECL impl_type impl(); Chris@16: Chris@16: /// Clear options on the context. Chris@16: /** Chris@16: * This function may be used to configure the SSL options used by the context. Chris@16: * Chris@16: * @param o A bitmask of options. The available option values are defined in Chris@16: * the context_base class. The specified options, if currently enabled on the Chris@16: * context, are cleared. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_clear_options. Chris@16: */ Chris@16: BOOST_ASIO_DECL void clear_options(options o); Chris@16: Chris@16: /// Clear options on the context. Chris@16: /** Chris@16: * This function may be used to configure the SSL options used by the context. Chris@16: * Chris@16: * @param o A bitmask of options. The available option values are defined in Chris@16: * the context_base class. The specified options, if currently enabled on the Chris@16: * context, are cleared. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_clear_options. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code clear_options(options o, Chris@16: boost::system::error_code& ec); Chris@16: Chris@16: /// Set options on the context. Chris@16: /** Chris@16: * This function may be used to configure the SSL options used by the context. Chris@16: * Chris@16: * @param o A bitmask of options. The available option values are defined in Chris@16: * the context_base class. The options are bitwise-ored with any existing Chris@16: * value for the options. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_options. Chris@16: */ Chris@16: BOOST_ASIO_DECL void set_options(options o); Chris@16: Chris@16: /// Set options on the context. Chris@16: /** Chris@16: * This function may be used to configure the SSL options used by the context. Chris@16: * Chris@16: * @param o A bitmask of options. The available option values are defined in Chris@16: * the context_base class. The options are bitwise-ored with any existing Chris@16: * value for the options. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_options. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code set_options(options o, Chris@16: boost::system::error_code& ec); Chris@16: Chris@16: /// Set the peer verification mode. Chris@16: /** Chris@16: * This function may be used to configure the peer verification mode used by Chris@16: * the context. Chris@16: * Chris@16: * @param v A bitmask of peer verification modes. See @ref verify_mode for Chris@16: * available values. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_verify. Chris@16: */ Chris@16: BOOST_ASIO_DECL void set_verify_mode(verify_mode v); Chris@16: Chris@16: /// Set the peer verification mode. Chris@16: /** Chris@16: * This function may be used to configure the peer verification mode used by Chris@16: * the context. Chris@16: * Chris@16: * @param v A bitmask of peer verification modes. See @ref verify_mode for Chris@16: * available values. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_verify. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code set_verify_mode( Chris@16: verify_mode v, boost::system::error_code& ec); Chris@16: Chris@16: /// Set the peer verification depth. Chris@16: /** Chris@16: * This function may be used to configure the maximum verification depth Chris@16: * allowed by the context. Chris@16: * Chris@16: * @param depth Maximum depth for the certificate chain verification that Chris@16: * shall be allowed. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_verify_depth. Chris@16: */ Chris@16: BOOST_ASIO_DECL void set_verify_depth(int depth); Chris@16: Chris@16: /// Set the peer verification depth. Chris@16: /** Chris@16: * This function may be used to configure the maximum verification depth Chris@16: * allowed by the context. Chris@16: * Chris@16: * @param depth Maximum depth for the certificate chain verification that Chris@16: * shall be allowed. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_verify_depth. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code set_verify_depth( Chris@16: int depth, boost::system::error_code& ec); Chris@16: Chris@16: /// Set the callback used to verify peer certificates. Chris@16: /** Chris@16: * This function is used to specify a callback function that will be called Chris@16: * by the implementation when it needs to verify a peer certificate. Chris@16: * Chris@16: * @param callback The function object to be used for verifying a certificate. Chris@16: * The function signature of the handler must be: Chris@16: * @code bool verify_callback( Chris@16: * bool preverified, // True if the certificate passed pre-verification. Chris@16: * verify_context& ctx // The peer certificate and other context. Chris@16: * ); @endcode Chris@16: * The return value of the callback is true if the certificate has passed Chris@16: * verification, false otherwise. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_verify. Chris@16: */ Chris@16: template Chris@16: void set_verify_callback(VerifyCallback callback); Chris@16: Chris@16: /// Set the callback used to verify peer certificates. Chris@16: /** Chris@16: * This function is used to specify a callback function that will be called Chris@16: * by the implementation when it needs to verify a peer certificate. Chris@16: * Chris@16: * @param callback The function object to be used for verifying a certificate. Chris@16: * The function signature of the handler must be: Chris@16: * @code bool verify_callback( Chris@16: * bool preverified, // True if the certificate passed pre-verification. Chris@16: * verify_context& ctx // The peer certificate and other context. Chris@16: * ); @endcode Chris@16: * The return value of the callback is true if the certificate has passed Chris@16: * verification, false otherwise. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_verify. Chris@16: */ Chris@16: template Chris@16: boost::system::error_code set_verify_callback(VerifyCallback callback, Chris@16: boost::system::error_code& ec); Chris@16: Chris@16: /// Load a certification authority file for performing verification. Chris@16: /** Chris@16: * This function is used to load one or more trusted certification authorities Chris@16: * from a file. Chris@16: * Chris@16: * @param filename The name of a file containing certification authority Chris@16: * certificates in PEM format. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_load_verify_locations. Chris@16: */ Chris@16: BOOST_ASIO_DECL void load_verify_file(const std::string& filename); Chris@16: Chris@16: /// Load a certification authority file for performing verification. Chris@16: /** Chris@16: * This function is used to load the certificates for one or more trusted Chris@16: * certification authorities from a file. Chris@16: * Chris@16: * @param filename The name of a file containing certification authority Chris@16: * certificates in PEM format. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_load_verify_locations. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code load_verify_file( Chris@16: const std::string& filename, boost::system::error_code& ec); Chris@16: Chris@16: /// Add certification authority for performing verification. Chris@16: /** Chris@16: * This function is used to add one trusted certification authority Chris@16: * from a memory buffer. Chris@16: * Chris@16: * @param ca The buffer containing the certification authority certificate. Chris@16: * The certificate must use the PEM format. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_get_cert_store and @c X509_STORE_add_cert. Chris@16: */ Chris@16: BOOST_ASIO_DECL void add_certificate_authority(const const_buffer& ca); Chris@16: Chris@16: /// Add certification authority for performing verification. Chris@16: /** Chris@16: * This function is used to add one trusted certification authority Chris@16: * from a memory buffer. Chris@16: * Chris@16: * @param ca The buffer containing the certification authority certificate. Chris@16: * The certificate must use the PEM format. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_get_cert_store and @c X509_STORE_add_cert. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code add_certificate_authority( Chris@16: const const_buffer& ca, boost::system::error_code& ec); Chris@16: Chris@16: /// Configures the context to use the default directories for finding Chris@16: /// certification authority certificates. Chris@16: /** Chris@16: * This function specifies that the context should use the default, Chris@16: * system-dependent directories for locating certification authority Chris@16: * certificates. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_default_verify_paths. Chris@16: */ Chris@16: BOOST_ASIO_DECL void set_default_verify_paths(); Chris@16: Chris@16: /// Configures the context to use the default directories for finding Chris@16: /// certification authority certificates. Chris@16: /** Chris@16: * This function specifies that the context should use the default, Chris@16: * system-dependent directories for locating certification authority Chris@16: * certificates. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_default_verify_paths. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code set_default_verify_paths( Chris@16: boost::system::error_code& ec); Chris@16: Chris@16: /// Add a directory containing certificate authority files to be used for Chris@16: /// performing verification. Chris@16: /** Chris@16: * This function is used to specify the name of a directory containing Chris@16: * certification authority certificates. Each file in the directory must Chris@16: * contain a single certificate. The files must be named using the subject Chris@16: * name's hash and an extension of ".0". Chris@16: * Chris@16: * @param path The name of a directory containing the certificates. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_load_verify_locations. Chris@16: */ Chris@16: BOOST_ASIO_DECL void add_verify_path(const std::string& path); Chris@16: Chris@16: /// Add a directory containing certificate authority files to be used for Chris@16: /// performing verification. Chris@16: /** Chris@16: * This function is used to specify the name of a directory containing Chris@16: * certification authority certificates. Each file in the directory must Chris@16: * contain a single certificate. The files must be named using the subject Chris@16: * name's hash and an extension of ".0". Chris@16: * Chris@16: * @param path The name of a directory containing the certificates. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_load_verify_locations. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code add_verify_path( Chris@16: const std::string& path, boost::system::error_code& ec); Chris@16: Chris@16: /// Use a certificate from a memory buffer. Chris@16: /** Chris@16: * This function is used to load a certificate into the context from a buffer. Chris@16: * Chris@16: * @param certificate The buffer containing the certificate. Chris@16: * Chris@16: * @param format The certificate format (ASN.1 or PEM). Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_certificate or SSL_CTX_use_certificate_ASN1. Chris@16: */ Chris@16: BOOST_ASIO_DECL void use_certificate( Chris@16: const const_buffer& certificate, file_format format); Chris@16: Chris@16: /// Use a certificate from a memory buffer. Chris@16: /** Chris@16: * This function is used to load a certificate into the context from a buffer. Chris@16: * Chris@16: * @param certificate The buffer containing the certificate. Chris@16: * Chris@16: * @param format The certificate format (ASN.1 or PEM). Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_certificate or SSL_CTX_use_certificate_ASN1. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code use_certificate( Chris@16: const const_buffer& certificate, file_format format, Chris@16: boost::system::error_code& ec); Chris@16: Chris@16: /// Use a certificate from a file. Chris@16: /** Chris@16: * This function is used to load a certificate into the context from a file. Chris@16: * Chris@16: * @param filename The name of the file containing the certificate. Chris@16: * Chris@16: * @param format The file format (ASN.1 or PEM). Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_certificate_file. Chris@16: */ Chris@16: BOOST_ASIO_DECL void use_certificate_file( Chris@16: const std::string& filename, file_format format); Chris@16: Chris@16: /// Use a certificate from a file. Chris@16: /** Chris@16: * This function is used to load a certificate into the context from a file. Chris@16: * Chris@16: * @param filename The name of the file containing the certificate. Chris@16: * Chris@16: * @param format The file format (ASN.1 or PEM). Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_certificate_file. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code use_certificate_file( Chris@16: const std::string& filename, file_format format, Chris@16: boost::system::error_code& ec); Chris@16: Chris@16: /// Use a certificate chain from a memory buffer. Chris@16: /** Chris@16: * This function is used to load a certificate chain into the context from a Chris@16: * buffer. Chris@16: * Chris@16: * @param chain The buffer containing the certificate chain. The certificate Chris@16: * chain must use the PEM format. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_certificate and SSL_CTX_add_extra_chain_cert. Chris@16: */ Chris@16: BOOST_ASIO_DECL void use_certificate_chain(const const_buffer& chain); Chris@16: Chris@16: /// Use a certificate chain from a memory buffer. Chris@16: /** Chris@16: * This function is used to load a certificate chain into the context from a Chris@16: * buffer. Chris@16: * Chris@16: * @param chain The buffer containing the certificate chain. The certificate Chris@16: * chain must use the PEM format. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_certificate and SSL_CTX_add_extra_chain_cert. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code use_certificate_chain( Chris@16: const const_buffer& chain, boost::system::error_code& ec); Chris@16: Chris@16: /// Use a certificate chain from a file. Chris@16: /** Chris@16: * This function is used to load a certificate chain into the context from a Chris@16: * file. Chris@16: * Chris@16: * @param filename The name of the file containing the certificate. The file Chris@16: * must use the PEM format. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_certificate_chain_file. Chris@16: */ Chris@16: BOOST_ASIO_DECL void use_certificate_chain_file(const std::string& filename); Chris@16: Chris@16: /// Use a certificate chain from a file. Chris@16: /** Chris@16: * This function is used to load a certificate chain into the context from a Chris@16: * file. Chris@16: * Chris@16: * @param filename The name of the file containing the certificate. The file Chris@16: * must use the PEM format. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_certificate_chain_file. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code use_certificate_chain_file( Chris@16: const std::string& filename, boost::system::error_code& ec); Chris@16: Chris@16: /// Use a private key from a memory buffer. Chris@16: /** Chris@16: * This function is used to load a private key into the context from a buffer. Chris@16: * Chris@16: * @param private_key The buffer containing the private key. Chris@16: * Chris@16: * @param format The private key format (ASN.1 or PEM). Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_PrivateKey or SSL_CTX_use_PrivateKey_ASN1. Chris@16: */ Chris@16: BOOST_ASIO_DECL void use_private_key( Chris@16: const const_buffer& private_key, file_format format); Chris@16: Chris@16: /// Use a private key from a memory buffer. Chris@16: /** Chris@16: * This function is used to load a private key into the context from a buffer. Chris@16: * Chris@16: * @param private_key The buffer containing the private key. Chris@16: * Chris@16: * @param format The private key format (ASN.1 or PEM). Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_PrivateKey or SSL_CTX_use_PrivateKey_ASN1. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code use_private_key( Chris@16: const const_buffer& private_key, file_format format, Chris@16: boost::system::error_code& ec); Chris@16: Chris@16: /// Use a private key from a file. Chris@16: /** Chris@16: * This function is used to load a private key into the context from a file. Chris@16: * Chris@16: * @param filename The name of the file containing the private key. Chris@16: * Chris@16: * @param format The file format (ASN.1 or PEM). Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_PrivateKey_file. Chris@16: */ Chris@16: BOOST_ASIO_DECL void use_private_key_file( Chris@16: const std::string& filename, file_format format); Chris@16: Chris@16: /// Use a private key from a file. Chris@16: /** Chris@16: * This function is used to load a private key into the context from a file. Chris@16: * Chris@16: * @param filename The name of the file containing the private key. Chris@16: * Chris@16: * @param format The file format (ASN.1 or PEM). Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_PrivateKey_file. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code use_private_key_file( Chris@16: const std::string& filename, file_format format, Chris@16: boost::system::error_code& ec); Chris@16: Chris@16: /// Use an RSA private key from a memory buffer. Chris@16: /** Chris@16: * This function is used to load an RSA private key into the context from a Chris@16: * buffer. Chris@16: * Chris@16: * @param private_key The buffer containing the RSA private key. Chris@16: * Chris@16: * @param format The private key format (ASN.1 or PEM). Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_RSAPrivateKey or SSL_CTX_use_RSAPrivateKey_ASN1. Chris@16: */ Chris@16: BOOST_ASIO_DECL void use_rsa_private_key( Chris@16: const const_buffer& private_key, file_format format); Chris@16: Chris@16: /// Use an RSA private key from a memory buffer. Chris@16: /** Chris@16: * This function is used to load an RSA private key into the context from a Chris@16: * buffer. Chris@16: * Chris@16: * @param private_key The buffer containing the RSA private key. Chris@16: * Chris@16: * @param format The private key format (ASN.1 or PEM). Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_RSAPrivateKey or SSL_CTX_use_RSAPrivateKey_ASN1. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code use_rsa_private_key( Chris@16: const const_buffer& private_key, file_format format, Chris@16: boost::system::error_code& ec); Chris@16: Chris@16: /// Use an RSA private key from a file. Chris@16: /** Chris@16: * This function is used to load an RSA private key into the context from a Chris@16: * file. Chris@16: * Chris@16: * @param filename The name of the file containing the RSA private key. Chris@16: * Chris@16: * @param format The file format (ASN.1 or PEM). Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_RSAPrivateKey_file. Chris@16: */ Chris@16: BOOST_ASIO_DECL void use_rsa_private_key_file( Chris@16: const std::string& filename, file_format format); Chris@16: Chris@16: /// Use an RSA private key from a file. Chris@16: /** Chris@16: * This function is used to load an RSA private key into the context from a Chris@16: * file. Chris@16: * Chris@16: * @param filename The name of the file containing the RSA private key. Chris@16: * Chris@16: * @param format The file format (ASN.1 or PEM). Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_use_RSAPrivateKey_file. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code use_rsa_private_key_file( Chris@16: const std::string& filename, file_format format, Chris@16: boost::system::error_code& ec); Chris@16: Chris@16: /// Use the specified memory buffer to obtain the temporary Diffie-Hellman Chris@16: /// parameters. Chris@16: /** Chris@16: * This function is used to load Diffie-Hellman parameters into the context Chris@16: * from a buffer. Chris@16: * Chris@16: * @param dh The memory buffer containing the Diffie-Hellman parameters. The Chris@16: * buffer must use the PEM format. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_tmp_dh. Chris@16: */ Chris@16: BOOST_ASIO_DECL void use_tmp_dh(const const_buffer& dh); Chris@16: Chris@16: /// Use the specified memory buffer to obtain the temporary Diffie-Hellman Chris@16: /// parameters. Chris@16: /** Chris@16: * This function is used to load Diffie-Hellman parameters into the context Chris@16: * from a buffer. Chris@16: * Chris@16: * @param dh The memory buffer containing the Diffie-Hellman parameters. The Chris@16: * buffer must use the PEM format. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_tmp_dh. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code use_tmp_dh( Chris@16: const const_buffer& dh, boost::system::error_code& ec); Chris@16: Chris@16: /// Use the specified file to obtain the temporary Diffie-Hellman parameters. Chris@16: /** Chris@16: * This function is used to load Diffie-Hellman parameters into the context Chris@16: * from a file. Chris@16: * Chris@16: * @param filename The name of the file containing the Diffie-Hellman Chris@16: * parameters. The file must use the PEM format. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_tmp_dh. Chris@16: */ Chris@16: BOOST_ASIO_DECL void use_tmp_dh_file(const std::string& filename); Chris@16: Chris@16: /// Use the specified file to obtain the temporary Diffie-Hellman parameters. Chris@16: /** Chris@16: * This function is used to load Diffie-Hellman parameters into the context Chris@16: * from a file. Chris@16: * Chris@16: * @param filename The name of the file containing the Diffie-Hellman Chris@16: * parameters. The file must use the PEM format. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_tmp_dh. Chris@16: */ Chris@16: BOOST_ASIO_DECL boost::system::error_code use_tmp_dh_file( Chris@16: const std::string& filename, boost::system::error_code& ec); Chris@16: Chris@16: /// Set the password callback. Chris@16: /** Chris@16: * This function is used to specify a callback function to obtain password Chris@16: * information about an encrypted key in PEM format. Chris@16: * Chris@16: * @param callback The function object to be used for obtaining the password. Chris@16: * The function signature of the handler must be: Chris@16: * @code std::string password_callback( Chris@16: * std::size_t max_length, // The maximum size for a password. Chris@16: * password_purpose purpose // Whether password is for reading or writing. Chris@16: * ); @endcode Chris@16: * The return value of the callback is a string containing the password. Chris@16: * Chris@16: * @throws boost::system::system_error Thrown on failure. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_default_passwd_cb. Chris@16: */ Chris@16: template Chris@16: void set_password_callback(PasswordCallback callback); Chris@16: Chris@16: /// Set the password callback. Chris@16: /** Chris@16: * This function is used to specify a callback function to obtain password Chris@16: * information about an encrypted key in PEM format. Chris@16: * Chris@16: * @param callback The function object to be used for obtaining the password. Chris@16: * The function signature of the handler must be: Chris@16: * @code std::string password_callback( Chris@16: * std::size_t max_length, // The maximum size for a password. Chris@16: * password_purpose purpose // Whether password is for reading or writing. Chris@16: * ); @endcode Chris@16: * The return value of the callback is a string containing the password. Chris@16: * Chris@16: * @param ec Set to indicate what error occurred, if any. Chris@16: * Chris@16: * @note Calls @c SSL_CTX_set_default_passwd_cb. Chris@16: */ Chris@16: template Chris@16: boost::system::error_code set_password_callback(PasswordCallback callback, Chris@16: boost::system::error_code& ec); Chris@16: Chris@16: private: Chris@16: struct bio_cleanup; Chris@16: struct x509_cleanup; Chris@16: struct evp_pkey_cleanup; Chris@16: struct rsa_cleanup; Chris@16: struct dh_cleanup; Chris@16: Chris@16: // Helper function used to set a peer certificate verification callback. Chris@16: BOOST_ASIO_DECL boost::system::error_code do_set_verify_callback( Chris@16: detail::verify_callback_base* callback, boost::system::error_code& ec); Chris@16: Chris@16: // Callback used when the SSL implementation wants to verify a certificate. Chris@16: BOOST_ASIO_DECL static int verify_callback_function( Chris@16: int preverified, X509_STORE_CTX* ctx); Chris@16: Chris@16: // Helper function used to set a password callback. Chris@16: BOOST_ASIO_DECL boost::system::error_code do_set_password_callback( Chris@16: detail::password_callback_base* callback, boost::system::error_code& ec); Chris@16: Chris@16: // Callback used when the SSL implementation wants a password. Chris@16: BOOST_ASIO_DECL static int password_callback_function( Chris@16: char* buf, int size, int purpose, void* data); Chris@16: Chris@16: // Helper function to set the temporary Diffie-Hellman parameters from a BIO. Chris@16: BOOST_ASIO_DECL boost::system::error_code do_use_tmp_dh( Chris@16: BIO* bio, boost::system::error_code& ec); Chris@16: Chris@16: // Helper function to make a BIO from a memory buffer. Chris@16: BOOST_ASIO_DECL BIO* make_buffer_bio(const const_buffer& b); Chris@16: Chris@16: // The underlying native implementation. Chris@16: native_handle_type handle_; Chris@16: Chris@16: // Ensure openssl is initialised. Chris@16: boost::asio::ssl::detail::openssl_init<> init_; Chris@16: }; Chris@16: Chris@16: #endif // defined(BOOST_ASIO_ENABLE_OLD_SSL) Chris@16: Chris@16: } // namespace ssl Chris@16: } // namespace asio Chris@16: } // namespace boost Chris@16: Chris@16: #include Chris@16: Chris@16: #include Chris@16: #if defined(BOOST_ASIO_HEADER_ONLY) Chris@16: # include Chris@16: #endif // defined(BOOST_ASIO_HEADER_ONLY) Chris@16: Chris@16: #endif // BOOST_ASIO_SSL_CONTEXT_HPP