OpenVPN 3 Core Library
Loading...
Searching...
No Matches
Classes | Public Types | Public Member Functions | Static Public Member Functions | Protected Member Functions | Static Protected Member Functions | Protected Attributes | Private Member Functions | Static Private Member Functions | List of all members
openvpn::MbedTLSContext Class Reference

#include <sslctx.hpp>

Inheritance diagram for openvpn::MbedTLSContext:
[legend]
Collaboration diagram for openvpn::MbedTLSContext:
[legend]

Classes

class  Config
 
class  SSL
 

Public Types

enum  { MAX_CIPHERTEXT_IN = 64 }
 
typedef RCPtr< MbedTLSContextPtr
 
- Public Types inherited from openvpn::SSLFactoryAPI
typedef RCPtr< SSLFactoryAPIPtr
 
- Public Types inherited from openvpn::RC< thread_unsafe_refcount >
typedef RCPtr< RCPtr
 

Public Member Functions

SSLAPI::Ptr ssl () override
 
SSLLib::Ctx libctx () override
 
SSLAPI::Ptr ssl (const std::string *hostname, const std::string *cache_key) override
 
const Modemode () const override
 
virtual ~MbedTLSContext ()
 
- Public Member Functions inherited from openvpn::SSLFactoryAPI
 OPENVPN_EXCEPTION (ssl_options_error)
 
 OPENVPN_EXCEPTION (ssl_context_error)
 
 OPENVPN_EXCEPTION (ssl_external_pki)
 
 OPENVPN_SIMPLE_EXCEPTION (ssl_ciphertext_in_overflow)
 
- Public Member Functions inherited from openvpn::RC< thread_unsafe_refcount >
 RC () noexcept=default
 
 RC (const RC &)=delete
 
virtual ~RC ()=default
 
RCoperator= (const RC &)=delete
 
olong use_count () const noexcept
 Delegates call to RCImpl and returns the result.
 

Static Public Member Functions

static constexpr bool support_key_material_export ()
 
- Static Public Member Functions inherited from openvpn::RC< thread_unsafe_refcount >
static constexpr bool is_thread_safe ()
 Delegates call to RCImpl and returns the result.
 
- Static Public Member Functions inherited from openvpn::logging::LoggingMixin< logging::LOG_LEVEL_VERB, logging::LOG_LEVEL_TRACE, SSLFactoryAPI >
static int log_level ()
 return the current logging level for all logging
 
static void set_log_level (int level)
 set the log level for all loggigng
 

Protected Member Functions

 MbedTLSContext (Config *config_arg)
 

Static Protected Member Functions

static int verify_callback_client (void *arg, mbedtls_x509_crt *cert, int depth, uint32_t *flags)
 
static int verify_callback_server (void *arg, mbedtls_x509_crt *cert, int depth, uint32_t *flags)
 

Protected Attributes

Config::Ptr config
 

Private Member Functions

size_t key_len () const
 
bool ns_cert_type_defined () const
 
bool verify_ns_cert_type (const mbedtls_x509_crt *cert) const
 
bool x509_cert_ku_defined () const
 
bool verify_x509_cert_ku (const mbedtls_x509_crt *cert)
 
bool x509_cert_eku_defined () const
 
bool verify_x509_cert_eku (mbedtls_x509_crt *cert)
 
void erase ()
 

Static Private Member Functions

static std::string status_string (const mbedtls_x509_crt *cert, const int depth, const uint32_t *flags)
 
static std::string cert_info (const mbedtls_x509_crt *cert, const char *prefix=nullptr)
 
static int epki_decrypt (void *arg, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
 
static int epki_sign (void *arg, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
 
static size_t epki_key_len (void *arg)
 
static void load_serial_number_into_authcert (AuthCert &authcert, const mbedtls_x509_crt *cert)
 
static bool load_issuer_fingerprint_into_authcert (AuthCert &authcert, const mbedtls_x509_crt *cert)
 

Additional Inherited Members

- Static Public Attributes inherited from openvpn::logging::LoggingMixin< logging::LOG_LEVEL_VERB, logging::LOG_LEVEL_TRACE, SSLFactoryAPI >
static constexpr int max_log_level
 
static constexpr int default_log_level
 
- Static Protected Attributes inherited from openvpn::logging::LoggingMixin< logging::LOG_LEVEL_VERB, logging::LOG_LEVEL_TRACE, SSLFactoryAPI >
static logging::Logger< DEFAULT_LOG_LEVEL, MAX_LEVEL > log_
 

Detailed Description

Definition at line 183 of file sslctx.hpp.

Member Typedef Documentation

◆ Ptr

typedef RCPtr<MbedTLSContext> openvpn::MbedTLSContext::Ptr

Definition at line 186 of file sslctx.hpp.

Member Enumeration Documentation

◆ anonymous enum

anonymous enum
Enumerator
MAX_CIPHERTEXT_IN 

Definition at line 188 of file sslctx.hpp.

Constructor & Destructor Documentation

◆ ~MbedTLSContext()

virtual openvpn::MbedTLSContext::~MbedTLSContext ( )
inlinevirtual

Definition at line 1214 of file sslctx.hpp.

◆ MbedTLSContext()

openvpn::MbedTLSContext::MbedTLSContext ( Config config_arg)
inlineprotected

Definition at line 1244 of file sslctx.hpp.

Member Function Documentation

◆ cert_info()

static std::string openvpn::MbedTLSContext::cert_info ( const mbedtls_x509_crt *  cert,
const char *  prefix = nullptr 
)
inlinestaticprivate

Definition at line 1508 of file sslctx.hpp.

Here is the caller graph for this function:

◆ epki_decrypt()

static int openvpn::MbedTLSContext::epki_decrypt ( void *  arg,
int  mode,
size_t *  olen,
const unsigned char *  input,
unsigned char *  output,
size_t  output_max_len 
)
inlinestaticprivate

Definition at line 1523 of file sslctx.hpp.

Here is the caller graph for this function:

◆ epki_key_len()

static size_t openvpn::MbedTLSContext::epki_key_len ( void *  arg)
inlinestaticprivate

Definition at line 1639 of file sslctx.hpp.

Here is the caller graph for this function:

◆ epki_sign()

static int openvpn::MbedTLSContext::epki_sign ( void *  arg,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng,
int  mode,
mbedtls_md_type_t  md_alg,
unsigned int  hashlen,
const unsigned char *  hash,
unsigned char *  sig 
)
inlinestaticprivate

Definition at line 1538 of file sslctx.hpp.

Here is the caller graph for this function:

◆ erase()

void openvpn::MbedTLSContext::erase ( )
inlineprivate

Definition at line 1519 of file sslctx.hpp.

Here is the caller graph for this function:

◆ key_len()

size_t openvpn::MbedTLSContext::key_len ( ) const
inlineprivate

Definition at line 1256 of file sslctx.hpp.

Here is the caller graph for this function:

◆ libctx()

SSLLib::Ctx openvpn::MbedTLSContext::libctx ( )
inlineoverridevirtual

Implements openvpn::SSLFactoryAPI.

Definition at line 1198 of file sslctx.hpp.

◆ load_issuer_fingerprint_into_authcert()

static bool openvpn::MbedTLSContext::load_issuer_fingerprint_into_authcert ( AuthCert authcert,
const mbedtls_x509_crt *  cert 
)
inlinestaticprivate

Definition at line 1656 of file sslctx.hpp.

Here is the caller graph for this function:

◆ load_serial_number_into_authcert()

static void openvpn::MbedTLSContext::load_serial_number_into_authcert ( AuthCert authcert,
const mbedtls_x509_crt *  cert 
)
inlinestaticprivate

Definition at line 1645 of file sslctx.hpp.

Here is the caller graph for this function:

◆ mode()

const Mode & openvpn::MbedTLSContext::mode ( ) const
inlineoverridevirtual

Implements openvpn::SSLFactoryAPI.

Definition at line 1209 of file sslctx.hpp.

Here is the caller graph for this function:

◆ ns_cert_type_defined()

bool openvpn::MbedTLSContext::ns_cert_type_defined ( ) const
inlineprivate

Definition at line 1263 of file sslctx.hpp.

Here is the caller graph for this function:

◆ ssl() [1/2]

SSLAPI::Ptr openvpn::MbedTLSContext::ssl ( )
inlineoverridevirtual

Implements openvpn::SSLFactoryAPI.

Definition at line 1192 of file sslctx.hpp.

Here is the caller graph for this function:

◆ ssl() [2/2]

SSLAPI::Ptr openvpn::MbedTLSContext::ssl ( const std::string *  hostname,
const std::string *  cache_key 
)
inlineoverridevirtual

Implements openvpn::SSLFactoryAPI.

Definition at line 1204 of file sslctx.hpp.

◆ status_string()

static std::string openvpn::MbedTLSContext::status_string ( const mbedtls_x509_crt *  cert,
const int  depth,
const uint32_t *  flags 
)
inlinestaticprivate

Definition at line 1337 of file sslctx.hpp.

Here is the caller graph for this function:

◆ support_key_material_export()

static constexpr bool openvpn::MbedTLSContext::support_key_material_export ( )
inlinestaticconstexpr

Definition at line 1219 of file sslctx.hpp.

◆ verify_callback_client()

static int openvpn::MbedTLSContext::verify_callback_client ( void *  arg,
mbedtls_x509_crt *  cert,
int  depth,
uint32_t *  flags 
)
inlinestaticprotected

Definition at line 1352 of file sslctx.hpp.

Here is the caller graph for this function:

◆ verify_callback_server()

static int openvpn::MbedTLSContext::verify_callback_server ( void *  arg,
mbedtls_x509_crt *  cert,
int  depth,
uint32_t *  flags 
)
inlinestaticprotected

Definition at line 1447 of file sslctx.hpp.

Here is the caller graph for this function:

◆ verify_ns_cert_type()

bool openvpn::MbedTLSContext::verify_ns_cert_type ( const mbedtls_x509_crt *  cert) const
inlineprivate

Definition at line 1268 of file sslctx.hpp.

Here is the caller graph for this function:

◆ verify_x509_cert_eku()

bool openvpn::MbedTLSContext::verify_x509_cert_eku ( mbedtls_x509_crt *  cert)
inlineprivate

Definition at line 1307 of file sslctx.hpp.

Here is the caller graph for this function:

◆ verify_x509_cert_ku()

bool openvpn::MbedTLSContext::verify_x509_cert_ku ( const mbedtls_x509_crt *  cert)
inlineprivate

Definition at line 1287 of file sslctx.hpp.

Here is the caller graph for this function:

◆ x509_cert_eku_defined()

bool openvpn::MbedTLSContext::x509_cert_eku_defined ( ) const
inlineprivate

Definition at line 1302 of file sslctx.hpp.

Here is the caller graph for this function:

◆ x509_cert_ku_defined()

bool openvpn::MbedTLSContext::x509_cert_ku_defined ( ) const
inlineprivate

Definition at line 1282 of file sslctx.hpp.

Here is the caller graph for this function:

Member Data Documentation

◆ config

Config::Ptr openvpn::MbedTLSContext::config
protected

Definition at line 1505 of file sslctx.hpp.

The documentation for this class was generated from the following file: