sipxportlib  Version 3.3
OsTLS.h
Go to the documentation of this file.
1 //
2 // Copyright (C) 2004-2006 SIPfoundry Inc.
3 // Licensed by SIPfoundry under the LGPL license.
4 //
5 // Copyright (C) 2004-2006 Pingtel Corp. All rights reserved.
6 // Licensed to SIPfoundry under a Contributor Agreement.
7 //
8 // $$
10 
11 #ifndef _OsTLS_h_
12 #define _OsTLS_h_
13 
14 
15 
16 // SYSTEM INCLUDES
17 
18 // APPLICATION INCLUDES
19 #include "os/OsBSem.h"
20 #include "os/OsSysLog.h"
21 #include "utl/UtlString.h"
22 #include "utl/UtlHashMap.h"
23 
24 #include <nspr.h>
25 #include <seccomon.h>
26 #include <secmod.h>
27 
28 // DEFINES
29 // MACROS
30 // EXTERNAL FUNCTIONS
31 // EXTERNAL VARIABLES
32 // CONSTANTS
33 #define MAX_CERT_DIR_LENGTH 256
34 // STRUCTS
35 // ENUMERATIONS
36 typedef enum SECURITY_CAUSE
37 {
38  E_SECURITY_CAUSE_UNKNOWN = 0,
42  E_SECURITY_CAUSE_NORMAL,
43  E_SECURITY_CAUSE_ENCRYPT_SUCCESS,
44  E_SECURITY_CAUSE_ENCRYPT_FAILURE_LIB_INIT,
46  E_SECURITY_CAUSE_ENCRYPT_FAILURE_BAD_PUBLIC_KEY,
47  E_SECURITY_CAUSE_ENCRYPT_FAILURE_INVALID_PARAMETER,
48  E_SECURITY_CAUSE_DECRYPT_SUCCESS,
49  E_SECURITY_CAUSE_DECRYPT_FAILURE_DB_INIT,
50  E_SECURITY_CAUSE_DECRYPT_FAILURE_BAD_DB_PASSWORD,
51  E_SECURITY_CAUSE_DECRYPT_FAILURE_INVALID_PARAMETER,
52  E_SECURITY_CAUSE_DECRYPT_BAD_SIGNATURE,
53  E_SECURITY_CAUSE_DECRYPT_MISSING_SIGNATURE,
54  E_SECURITY_CAUSE_DECRYPT_SIGNATURE_REJECTED,
55  E_SECURITY_CAUSE_TLS_SERVER_CERTIFICATE,
56  E_SECURITY_CAUSE_TLS_BAD_PASSWORD,
57  E_SECURITY_CAUSE_TLS_LIBRARY_FAILURE,
58  E_SECURITY_CAUSE_REMOTE_HOST_UNREACHABLE,
59  E_SECURITY_CAUSE_TLS_CONNECTION_FAILURE,
60  E_SECURITY_CAUSE_TLS_HANDSHAKE_FAILURE,
61  E_SECURITY_CAUSE_SIGNATURE_NOTIFY,
68  E_SECURITY_CAUSE_TLS_CERTIFICATE_REJECTED
69 } SECURITY_CAUSE;
70 
71 // TYPEDEFS
72 // FORWARD DECLARATIONS
73 
74 
75 class ITlsSink
76 {
77 public:
78  virtual bool onServerCertificate(void* pCert, char* serverHostName) = 0;
79  virtual bool onTlsEvent(int cause) = 0;
80 };
81 
82 #ifdef SIP_TLS_NSS
83 // Singleton class for invoking NSS functions.
84 class OsTLS
85 {
86 /* //////////////////////////// PUBLIC //////////////////////////////////// */
87 private:
88  OsTLS();
89 public:
90  virtual ~OsTLS();
91 
92 
93  static OsStatus Initialize(const char* szCertDir);
94  static SECStatus GetClientAuthData(void *arg,
95  PRFileDesc *socket,
96  struct CERTDistNamesStr *caNames,
97  struct CERTCertificateStr **pRetCert,
98  struct SECKEYPrivateKeyStr **pRetKey);
99 
100  static SECStatus AuthCertificate(void *arg,
101  PRFileDesc *socket,
102  PRBool checksig,
103  PRBool isServer) ;
104 
105  static SECStatus BadCertHandler(void *arg, PRFileDesc *socket);
106  static SECStatus HandshakeCallback(PRFileDesc *socket, void *arg);
107  static char* PasswordCallback(PK11SlotInfo *slot, PRBool retry, void *arg);
108 
109  static void setTlsSink(PRFileDesc* key, ITlsSink* pSink);
110  static ITlsSink* getTlsSink(PRFileDesc* key);
111  static void removeTlsSink(PRFileDesc* key);
112 private:
113 
114  static UtlHashMap* mpSinkMap;
115 };
116 
117 
118 
119 
120 /* ============================ INLINE METHODS ============================ */
121 
122 #endif
123 
124 #endif // _OsTLS_h_
E_SECURITY_CAUSE_DECRYPT_SIGNATURE_REJECTED
Definition: OsTLS.h:54
E_SECURITY_CAUSE_TLS_HANDSHAKE_FAILURE
Definition: OsTLS.h:60
E_SECURITY_CAUSE_NORMAL
Definition: OsTLS.h:42
E_SECURITY_CAUSE_DECRYPT_SUCCESS
Definition: OsTLS.h:48
E_SECURITY_CAUSE_SIGNATURE_NOTIFY
Definition: OsTLS.h:61
UtlString.h
SECURITY_CAUSE
SECURITY_CAUSE
Definition: OsTLS.h:36
E_SECURITY_CAUSE_DECRYPT_FAILURE_INVALID_PARAMETER
Definition: OsTLS.h:51
E_SECURITY_CAUSE_DECRYPT_FAILURE_BAD_DB_PASSWORD
Definition: OsTLS.h:50
E_SECURITY_CAUSE_TLS_BAD_PASSWORD
Definition: OsTLS.h:56
OsStatus
OsStatus
Definition: OsStatus.h:27
OsSysLog.h
OsBSem.h
ITlsSink
Definition: OsTLS.h:75
E_SECURITY_CAUSE_DECRYPT_MISSING_SIGNATURE
Definition: OsTLS.h:53
E_SECURITY_CAUSE_TLS_LIBRARY_FAILURE
Definition: OsTLS.h:57
E_SECURITY_CAUSE_TLS_SERVER_CERTIFICATE
Definition: OsTLS.h:55
E_SECURITY_CAUSE_DECRYPT_BAD_SIGNATURE
Definition: OsTLS.h:52
E_SECURITY_CAUSE_REMOTE_HOST_UNREACHABLE
Definition: OsTLS.h:58
UtlHashMap.h
E_SECURITY_CAUSE_ENCRYPT_SUCCESS
Definition: OsTLS.h:43
UtlHashMap
Definition: UtlHashMap.h:46
ITlsSink::onTlsEvent
virtual bool onTlsEvent(int cause)=0
E_SECURITY_CAUSE_UNKNOWN
Definition: OsTLS.h:38
E_SECURITY_CAUSE_ENCRYPT_FAILURE_BAD_PUBLIC_KEY
Definition: OsTLS.h:46
E_SECURITY_CAUSE_ENCRYPT_FAILURE_INVALID_PARAMETER
Definition: OsTLS.h:47
ITlsSink::onServerCertificate
virtual bool onServerCertificate(void *pCert, char *serverHostName)=0
E_SECURITY_CAUSE_ENCRYPT_FAILURE_LIB_INIT
Definition: OsTLS.h:44
E_SECURITY_CAUSE_TLS_CERTIFICATE_REJECTED
Definition: OsTLS.h:68
E_SECURITY_CAUSE_TLS_CONNECTION_FAILURE
Definition: OsTLS.h:59
E_SECURITY_CAUSE_DECRYPT_FAILURE_DB_INIT
Definition: OsTLS.h:49
Generated by   doxygen 1.8.11