5 #include <gnutls/gnutlsxx.h>
10 inline static int RETWRAP (int ret
)
13 throw (exception (ret
));
17 session::session (unsigned int flags
)
19 RETWRAP (gnutls_init (&s
, flags
));
27 int session::bye (gnutls_close_request_t how
)
29 return RETWRAP (gnutls_bye (s
, how
));
32 int session::handshake ()
34 return RETWRAP (gnutls_handshake (s
));
37 server_session::server_session ():session (GNUTLS_SERVER
)
41 server_session::~server_session ()
45 int server_session::rehandshake ()
47 return RETWRAP (gnutls_rehandshake (s
));
50 gnutls_alert_description_t
session::get_alert () const
52 return gnutls_alert_get (s
);
55 int session::send_alert (gnutls_alert_level_t level
,
56 gnutls_alert_description_t desc
)
58 return RETWRAP (gnutls_alert_send (s
, level
, desc
));
61 int session::send_appropriate_alert (int err
)
63 return RETWRAP (gnutls_alert_send_appropriate (s
, err
));
66 gnutls_cipher_algorithm_t
session::get_cipher () const
68 return gnutls_cipher_get (s
);
71 gnutls_kx_algorithm_t
session::get_kx () const
73 return gnutls_kx_get (s
);
76 gnutls_mac_algorithm_t
session::get_mac () const
78 return gnutls_mac_get (s
);
81 gnutls_compression_method_t
session::get_compression () const
83 return gnutls_compression_get (s
);
86 gnutls_certificate_type_t
session::get_certificate_type () const
88 return gnutls_certificate_type_get (s
);
91 void session::set_private_extensions (bool allow
)
93 gnutls_handshake_set_private_extensions (s
, (int) allow
);
96 gnutls_handshake_description_t
session::get_handshake_last_out () const
98 return gnutls_handshake_get_last_out (s
);
101 gnutls_handshake_description_t
session::get_handshake_last_in () const
103 return gnutls_handshake_get_last_in (s
);
106 ssize_t
session::send (const void *data
, size_t sizeofdata
)
108 return RETWRAP (gnutls_record_send (s
, data
, sizeofdata
));
111 ssize_t
session::recv (void *data
, size_t sizeofdata
)
113 return RETWRAP (gnutls_record_recv (s
, data
, sizeofdata
));
116 bool session::get_record_direction () const
118 return gnutls_record_get_direction (s
);
121 // maximum packet size
122 size_t session::get_max_size () const
124 return gnutls_record_get_max_size (s
);
127 void session::set_max_size (size_t size
)
129 RETWRAP (gnutls_record_set_max_size (s
, size
));
132 size_t session::check_pending () const
134 return gnutls_record_check_pending (s
);
138 void session::prf (size_t label_size
, const char *label
,
139 int server_random_first
,
140 size_t extra_size
, const char *extra
,
141 size_t outsize
, char *out
)
143 RETWRAP (gnutls_prf (s
, label_size
, label
, server_random_first
,
144 extra_size
, extra
, outsize
, out
));
147 void session::prf_raw (size_t label_size
, const char *label
,
148 size_t seed_size
, const char *seed
,
149 size_t outsize
, char *out
)
151 RETWRAP (gnutls_prf_raw
152 (s
, label_size
, label
, seed_size
, seed
, outsize
, out
));
156 /* if you just want some defaults, use the following.
158 void session::set_priority (const char *prio
, const char **err_pos
)
160 RETWRAP (gnutls_priority_set_direct (s
, prio
, err_pos
));
163 void session::set_priority (gnutls_priority_t p
)
165 RETWRAP (gnutls_priority_set (s
, p
));
168 gnutls_protocol_t
session::get_protocol_version () const
170 return gnutls_protocol_get_version (s
);
173 void session::set_data (const void *session_data
, size_t session_data_size
)
175 RETWRAP (gnutls_session_set_data (s
, session_data
, session_data_size
));
178 void session::get_data (void *session_data
, size_t * session_data_size
) const
180 RETWRAP (gnutls_session_get_data (s
, session_data
, session_data_size
));
183 void session::get_data (gnutls_session_t session
, gnutls_datum_t
& data
) const
185 RETWRAP (gnutls_session_get_data2 (s
, &data
));
189 void session::get_id (void *session_id
, size_t * session_id_size
) const
191 RETWRAP (gnutls_session_get_id (s
, session_id
, session_id_size
));
194 bool session::is_resumed () const
196 int ret
= gnutls_session_is_resumed (s
);
201 bool session::get_peers_certificate (std::vector
< gnutls_datum_t
>
204 const gnutls_datum_t
*certs
;
205 unsigned int certs_size
;
207 certs
= gnutls_certificate_get_peers (s
, &certs_size
);
212 for (unsigned int i
= 0; i
< certs_size
; i
++)
213 out_certs
.push_back (certs
[i
]);
218 bool session::get_peers_certificate (const gnutls_datum_t
** certs
,
219 unsigned int *certs_size
) const
221 *certs
= gnutls_certificate_get_peers (s
, certs_size
);
228 void session::get_our_certificate (gnutls_datum_t
& cert
) const
230 const gnutls_datum_t
*d
;
232 d
= gnutls_certificate_get_ours (s
);
234 throw (exception (GNUTLS_E_INVALID_REQUEST
));
238 time_t session::get_peers_certificate_activation_time () const
240 return gnutls_certificate_activation_time_peers (s
);
243 time_t session::get_peers_certificate_expiration_time () const
245 return gnutls_certificate_expiration_time_peers (s
);
247 void session::verify_peers_certificate (unsigned int &status
) const
249 RETWRAP (gnutls_certificate_verify_peers2 (s
, &status
));
253 client_session::client_session ():session (GNUTLS_CLIENT
)
257 client_session::~client_session ()
262 void client_session::set_server_name (gnutls_server_name_type_t type
,
263 const void *name
, size_t name_length
)
265 RETWRAP (gnutls_server_name_set (s
, type
, name
, name_length
));
268 bool client_session::get_request_status ()
270 return RETWRAP (gnutls_certificate_client_get_request_status (s
));
274 void server_session::get_server_name (void *data
, size_t * data_length
,
276 unsigned int indx
) const
278 RETWRAP (gnutls_server_name_get (s
, data
, data_length
, type
, indx
));
282 static int store_function (void *_db
, gnutls_datum_t key
,
287 DB
*db
= static_cast < DB
* >(_db
);
289 if (db
->store (key
, data
) == false)
300 const static gnutls_datum_t null_datum
= { NULL
, 0 };
302 static gnutls_datum_t
retrieve_function (void *_db
, gnutls_datum_t key
)
308 DB
*db
= static_cast < DB
* >(_db
);
310 if (db
->retrieve (key
, data
) == false)
322 static int remove_function (void *_db
, gnutls_datum_t key
)
326 DB
*db
= static_cast < DB
* >(_db
);
328 if (db
->remove (key
) == false)
339 void server_session::set_db (const DB
& db
)
341 gnutls_db_set_ptr (s
, const_cast < DB
* >(&db
));
342 gnutls_db_set_store_function (s
, store_function
);
343 gnutls_db_set_retrieve_function (s
, retrieve_function
);
344 gnutls_db_set_remove_function (s
, remove_function
);
347 void server_session::set_db_cache_expiration (unsigned int seconds
)
349 gnutls_db_set_cache_expiration (s
, seconds
);
352 void server_session::db_remove () const
354 gnutls_db_remove_session (s
);
357 bool server_session::db_check_entry (gnutls_datum_t
& session_data
) const
359 int ret
= gnutls_db_check_entry (s
, session_data
);
366 void session::set_max_handshake_packet_length (size_t max
)
368 gnutls_handshake_set_max_packet_length (s
, max
);
371 void session::clear_credentials ()
373 gnutls_credentials_clear (s
);
376 void session::set_credentials (credentials
& cred
)
378 RETWRAP (gnutls_credentials_set (s
, cred
.get_type (), cred
.ptr ()));
381 const char *server_session::get_srp_username () const
384 return gnutls_srp_server_get_username (s
);
390 const char *server_session::get_psk_username () const
392 return gnutls_psk_server_get_username (s
);
396 void session::set_transport_ptr (gnutls_transport_ptr_t ptr
)
398 gnutls_transport_set_ptr (s
, ptr
);
401 void session::set_transport_ptr (gnutls_transport_ptr_t recv_ptr
,
402 gnutls_transport_ptr_t send_ptr
)
404 gnutls_transport_set_ptr2 (s
, recv_ptr
, send_ptr
);
408 gnutls_transport_ptr_t
session::get_transport_ptr () const
410 return gnutls_transport_get_ptr (s
);
413 void session::get_transport_ptr (gnutls_transport_ptr_t
& recv_ptr
,
414 gnutls_transport_ptr_t
& send_ptr
) const
416 gnutls_transport_get_ptr2 (s
, &recv_ptr
, &send_ptr
);
419 void session::set_transport_lowat (size_t num
)
421 throw (exception (GNUTLS_E_UNIMPLEMENTED_FEATURE
));
424 void session::set_transport_push_function (gnutls_push_func push_func
)
426 gnutls_transport_set_push_function (s
, push_func
);
429 void session::set_transport_pull_function (gnutls_pull_func pull_func
)
431 gnutls_transport_set_pull_function (s
, pull_func
);
434 void session::set_user_ptr (void *ptr
)
436 gnutls_session_set_ptr (s
, ptr
);
439 void *session::get_user_ptr () const
441 return gnutls_session_get_ptr (s
);
444 void session::send_openpgp_cert (gnutls_openpgp_crt_status_t status
)
446 #ifdef ENABLE_OPENPGP
447 gnutls_openpgp_send_cert (s
, status
);
451 void session::set_dh_prime_bits (unsigned int bits
)
453 gnutls_dh_set_prime_bits (s
, bits
);
456 unsigned int session::get_dh_secret_bits () const
458 return RETWRAP (gnutls_dh_get_secret_bits (s
));
461 unsigned int session::get_dh_peers_public_bits () const
463 return RETWRAP (gnutls_dh_get_peers_public_bits (s
));
466 unsigned int session::get_dh_prime_bits () const
468 return RETWRAP (gnutls_dh_get_prime_bits (s
));
471 void session::get_dh_group (gnutls_datum_t
& gen
,
472 gnutls_datum_t
& prime
) const
474 RETWRAP (gnutls_dh_get_group (s
, &gen
, &prime
));
477 void session::get_dh_pubkey (gnutls_datum_t
& raw_key
) const
479 RETWRAP (gnutls_dh_get_pubkey (s
, &raw_key
));
482 void session::get_rsa_export_pubkey (gnutls_datum_t
& exponent
,
483 gnutls_datum_t
& modulus
) const
485 RETWRAP (gnutls_rsa_export_get_pubkey (s
, &exponent
, &modulus
));
488 unsigned int session::get_rsa_export_modulus_bits () const
490 return RETWRAP (gnutls_rsa_export_get_modulus_bits (s
));
493 void server_session::
494 set_certificate_request (gnutls_certificate_request_t req
)
496 gnutls_certificate_server_set_request (s
, req
);
499 gnutls_credentials_type_t
session::get_auth_type () const
501 return gnutls_auth_get_type (s
);
504 gnutls_credentials_type_t
session::get_server_auth_type () const
506 return gnutls_auth_server_get_type (s
);
509 gnutls_credentials_type_t
session::get_client_auth_type () const
511 return gnutls_auth_client_get_type (s
);
515 certificate_credentials::~certificate_credentials ()
517 gnutls_certificate_free_credentials (cred
);
520 certificate_credentials::certificate_credentials ():credentials
521 (GNUTLS_CRD_CERTIFICATE
)
523 RETWRAP (gnutls_certificate_allocate_credentials (&cred
));
527 void certificate_server_credentials::
528 set_params_function (gnutls_params_function
* func
)
530 gnutls_certificate_set_params_function (cred
, func
);
533 anon_server_credentials::anon_server_credentials ():credentials
536 RETWRAP (gnutls_anon_allocate_server_credentials (&cred
));
540 anon_server_credentials::~anon_server_credentials ()
542 gnutls_anon_free_server_credentials (cred
);
545 void anon_server_credentials::set_dh_params (const dh_params
& params
)
547 gnutls_anon_set_server_dh_params (cred
, params
.get_params_t ());
550 void anon_server_credentials::set_params_function (gnutls_params_function
*
553 gnutls_anon_set_server_params_function (cred
, func
);
556 anon_client_credentials::anon_client_credentials ():credentials
559 RETWRAP (gnutls_anon_allocate_client_credentials (&cred
));
563 anon_client_credentials::~anon_client_credentials ()
565 gnutls_anon_free_client_credentials (cred
);
568 void certificate_credentials::free_keys ()
570 gnutls_certificate_free_keys (cred
);
573 void certificate_credentials::free_cas ()
575 gnutls_certificate_free_cas (cred
);
578 void certificate_credentials::free_ca_names ()
580 gnutls_certificate_free_ca_names (cred
);
583 void certificate_credentials::free_crls ()
585 gnutls_certificate_free_crls (cred
);
589 void certificate_credentials::set_dh_params (const dh_params
& params
)
591 gnutls_certificate_set_dh_params (cred
, params
.get_params_t ());
594 void certificate_credentials::
595 set_rsa_export_params (const rsa_params
& params
)
597 gnutls_certificate_set_rsa_export_params (cred
, params
.get_params_t ());
600 void certificate_credentials::set_verify_flags (unsigned int flags
)
602 gnutls_certificate_set_verify_flags (cred
, flags
);
605 void certificate_credentials::set_verify_limits (unsigned int max_bits
,
606 unsigned int max_depth
)
608 gnutls_certificate_set_verify_limits (cred
, max_bits
, max_depth
);
611 void certificate_credentials::set_x509_trust_file (const char *cafile
,
612 gnutls_x509_crt_fmt_t
615 RETWRAP (gnutls_certificate_set_x509_trust_file (cred
, cafile
, type
));
618 void certificate_credentials::set_x509_trust (const gnutls_datum_t
& CA
,
619 gnutls_x509_crt_fmt_t type
)
621 RETWRAP (gnutls_certificate_set_x509_trust_mem (cred
, &CA
, type
));
625 void certificate_credentials::set_x509_crl_file (const char *crlfile
,
626 gnutls_x509_crt_fmt_t type
)
628 RETWRAP (gnutls_certificate_set_x509_crl_file (cred
, crlfile
, type
));
631 void certificate_credentials::set_x509_crl (const gnutls_datum_t
& CRL
,
632 gnutls_x509_crt_fmt_t type
)
634 RETWRAP (gnutls_certificate_set_x509_crl_mem (cred
, &CRL
, type
));
637 void certificate_credentials::set_x509_key_file (const char *certfile
,
639 gnutls_x509_crt_fmt_t type
)
641 RETWRAP (gnutls_certificate_set_x509_key_file
642 (cred
, certfile
, keyfile
, type
));
645 void certificate_credentials::set_x509_key (const gnutls_datum_t
& CERT
,
646 const gnutls_datum_t
& KEY
,
647 gnutls_x509_crt_fmt_t type
)
649 RETWRAP (gnutls_certificate_set_x509_key_mem (cred
, &CERT
, &KEY
, type
));
652 void certificate_credentials::
653 set_simple_pkcs12_file (const char *pkcs12file
,
654 gnutls_x509_crt_fmt_t type
, const char *password
)
656 RETWRAP (gnutls_certificate_set_x509_simple_pkcs12_file
657 (cred
, pkcs12file
, type
, password
));
660 void certificate_credentials::set_x509_key (gnutls_x509_crt_t
* cert_list
,
662 gnutls_x509_privkey_t key
)
664 RETWRAP (gnutls_certificate_set_x509_key
665 (cred
, cert_list
, cert_list_size
, key
));
668 void certificate_credentials::set_x509_trust (gnutls_x509_crt_t
* ca_list
,
671 RETWRAP (gnutls_certificate_set_x509_trust (cred
, ca_list
, ca_list_size
));
674 void certificate_credentials::set_x509_crl (gnutls_x509_crl_t
* crl_list
,
677 RETWRAP (gnutls_certificate_set_x509_crl (cred
, crl_list
, crl_list_size
));
680 void certificate_credentials::
681 set_retrieve_function (gnutls_certificate_retrieve_function
* func
)
683 gnutls_certificate_set_retrieve_function (cred
, func
);
690 srp_server_credentials::srp_server_credentials ():credentials
693 RETWRAP (gnutls_srp_allocate_server_credentials (&cred
));
697 srp_server_credentials::~srp_server_credentials ()
699 gnutls_srp_free_server_credentials (cred
);
702 srp_client_credentials::srp_client_credentials ():credentials
705 RETWRAP (gnutls_srp_allocate_client_credentials (&cred
));
709 srp_client_credentials::~srp_client_credentials ()
711 gnutls_srp_free_client_credentials (cred
);
714 void srp_client_credentials::set_credentials (const char *username
,
715 const char *password
)
717 RETWRAP (gnutls_srp_set_client_credentials (cred
, username
, password
));
720 void srp_server_credentials::
721 set_credentials_file (const char *password_file
,
722 const char *password_conf_file
)
724 RETWRAP (gnutls_srp_set_server_credentials_file
725 (cred
, password_file
, password_conf_file
));
728 void srp_server_credentials::
729 set_credentials_function (gnutls_srp_server_credentials_function
* func
)
731 gnutls_srp_set_server_credentials_function (cred
, func
);
734 void srp_client_credentials::
735 set_credentials_function (gnutls_srp_client_credentials_function
* func
)
737 gnutls_srp_set_client_credentials_function (cred
, func
);
740 #endif /* ENABLE_SRP */
744 psk_server_credentials::psk_server_credentials ():credentials
747 RETWRAP (gnutls_psk_allocate_server_credentials (&cred
));
751 psk_server_credentials::~psk_server_credentials ()
753 gnutls_psk_free_server_credentials (cred
);
756 void psk_server_credentials::
757 set_credentials_file (const char *password_file
)
759 RETWRAP (gnutls_psk_set_server_credentials_file (cred
, password_file
));
762 void psk_server_credentials::
763 set_credentials_function (gnutls_psk_server_credentials_function
* func
)
765 gnutls_psk_set_server_credentials_function (cred
, func
);
768 void psk_server_credentials::set_dh_params (const dh_params
& params
)
770 gnutls_psk_set_server_dh_params (cred
, params
.get_params_t ());
773 void psk_server_credentials::set_params_function (gnutls_params_function
*
776 gnutls_psk_set_server_params_function (cred
, func
);
779 psk_client_credentials::psk_client_credentials ():credentials
782 RETWRAP (gnutls_psk_allocate_client_credentials (&cred
));
786 psk_client_credentials::~psk_client_credentials ()
788 gnutls_psk_free_client_credentials (cred
);
791 void psk_client_credentials::set_credentials (const char *username
,
792 const gnutls_datum_t
& key
,
793 gnutls_psk_key_flags flags
)
795 RETWRAP (gnutls_psk_set_client_credentials (cred
, username
, &key
, flags
));
798 void psk_client_credentials::
799 set_credentials_function (gnutls_psk_client_credentials_function
* func
)
801 gnutls_psk_set_client_credentials_function (cred
, func
);
804 credentials::credentials (gnutls_credentials_type_t t
):type (t
),
809 gnutls_credentials_type_t
credentials::get_type () const
814 void *credentials::ptr () const
819 void credentials::set_ptr (void *ptr
)
824 exception::exception (int x
)
829 int exception::get_code ()
834 const char *exception::what () const throw ()
836 return gnutls_strerror (retcode
);
839 dh_params::dh_params ()
841 RETWRAP (gnutls_dh_params_init (¶ms
));
844 dh_params::~dh_params ()
846 gnutls_dh_params_deinit (params
);
849 void dh_params::import_raw (const gnutls_datum_t
& prime
,
850 const gnutls_datum_t
& generator
)
852 RETWRAP (gnutls_dh_params_import_raw (params
, &prime
, &generator
));
855 void dh_params::import_pkcs3 (const gnutls_datum_t
& pkcs3_params
,
856 gnutls_x509_crt_fmt_t format
)
858 RETWRAP (gnutls_dh_params_import_pkcs3 (params
, &pkcs3_params
, format
));
861 void dh_params::generate (unsigned int bits
)
863 RETWRAP (gnutls_dh_params_generate2 (params
, bits
));
866 void dh_params::export_pkcs3 (gnutls_x509_crt_fmt_t format
,
867 unsigned char *params_data
,
868 size_t * params_data_size
)
870 RETWRAP (gnutls_dh_params_export_pkcs3
871 (params
, format
, params_data
, params_data_size
));
874 void dh_params::export_raw (gnutls_datum_t
& prime
,
875 gnutls_datum_t
& generator
)
877 RETWRAP (gnutls_dh_params_export_raw (params
, &prime
, &generator
, NULL
));
880 gnutls_dh_params_t
dh_params::get_params_t () const
885 dh_params
& dh_params::operator= (const dh_params
& src
)
887 dh_params
*dst
= new dh_params
;
890 ret
= gnutls_dh_params_cpy (dst
->params
, src
.params
);
895 throw (exception (ret
));
903 rsa_params::rsa_params ()
905 RETWRAP (gnutls_rsa_params_init (¶ms
));
908 rsa_params::~rsa_params ()
910 gnutls_rsa_params_deinit (params
);
913 void rsa_params::import_pkcs1 (const gnutls_datum_t
& pkcs1_params
,
914 gnutls_x509_crt_fmt_t format
)
916 RETWRAP (gnutls_rsa_params_import_pkcs1 (params
, &pkcs1_params
, format
));
919 void rsa_params::generate (unsigned int bits
)
921 RETWRAP (gnutls_rsa_params_generate2 (params
, bits
));
924 void rsa_params::export_pkcs1 (gnutls_x509_crt_fmt_t format
,
925 unsigned char *params_data
,
926 size_t * params_data_size
)
928 RETWRAP (gnutls_rsa_params_export_pkcs1
929 (params
, format
, params_data
, params_data_size
));
932 gnutls_rsa_params_t
rsa_params::get_params_t () const
937 rsa_params
& rsa_params::operator= (const rsa_params
& src
)
939 rsa_params
*dst
= new rsa_params
;
942 ret
= gnutls_rsa_params_cpy (dst
->params
, src
.params
);
947 throw (exception (ret
));
953 void rsa_params::import_raw (const gnutls_datum_t
& m
,
954 const gnutls_datum_t
& e
,
955 const gnutls_datum_t
& d
,
956 const gnutls_datum_t
& p
,
957 const gnutls_datum_t
& q
,
958 const gnutls_datum_t
& u
)
961 RETWRAP (gnutls_rsa_params_import_raw (params
, &m
, &e
, &d
, &p
, &q
, &u
));
965 void rsa_params::export_raw (gnutls_datum_t
& m
, gnutls_datum_t
& e
,
966 gnutls_datum_t
& d
, gnutls_datum_t
& p
,
967 gnutls_datum_t
& q
, gnutls_datum_t
& u
)
969 RETWRAP (gnutls_rsa_params_export_raw
970 (params
, &m
, &e
, &d
, &p
, &q
, &u
, NULL
));
973 } // namespace gnutls