/
ssl.h
162 lines (146 loc) · 4.46 KB
/
ssl.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
/**
* @section License
*
* The MIT License (MIT)
*
* Copyright (c) 2014-2016, Erik Moqvist
*
* Permission is hereby granted, free of charge, to any person
* obtaining a copy of this software and associated documentation
* files (the "Software"), to deal in the Software without
* restriction, including without limitation the rights to use, copy,
* modify, merge, publish, distribute, sublicense, and/or sell copies
* of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*
* This file is part of the Simba project.
*/
#ifndef __INET_SSL_H__
#define __INET_SSL_H__
#include "simba.h"
enum ssl_protocol_t {
ssl_protocol_tls_v1_0
};
enum ssl_socket_mode_t {
ssl_socket_mode_client_t = 0,
ssl_socket_mode_server_t
};
struct ssl_context_t {
enum ssl_protocol_t protocol;
void *conf_p;
};
struct ssl_socket_t {
struct chan_t base;
void *ssl_p;
void *socket_p; /* Often a TCP socket. */
};
/**
* Initialize the SSL module. This function must be called before
* calling any other function in this module.
*
* The module will only be initialized once even if this function is
* called multiple times.
*
* @return zero(0) or negative error code.
*/
int ssl_module_init(void);
/**
* Initialize given SSL context. A SSL context contains settings that
* lives longer than a socket.
*
* @param[out] self_p SSL context to initialize.
*
* @return zero(0) or negative error code.
*/
int ssl_context_init(struct ssl_context_t *self_p,
enum ssl_protocol_t protocol);
/**
* Destroy given SSL context. The context may not be used after it has
* been destroyed.
*
* @param[in] self_p SSL context to destroy.
*
* @return zero(0) or negative error code.
*/
int ssl_context_destroy(struct ssl_context_t *self_p);
/**
* Load given certificate chain into given contextx.
*
* @param[in] self_p SSL context.
* @param[in] self_p Certificate to load.
* @param[in] self_p Optional key to load. May be NULL.
*
* @return zero(0) or negative error code.
*/
int ssl_context_load_cert_chain(struct ssl_context_t *self_p,
const char *cert_p,
const char *key_p);
/**
* Initialize given SSL socket with given socket and SSL
* context. Performs the SSL handshake.
*
* @param[out] self_p SSL socket to initialize.
* @param[in] context_p SSL context to execute in.
* @param[in] socket_p Socket to wrap in the SSL socket.
* @param[in] mode Server or client side socket mode.
*
* @return zero(0) or negative error code.
*/
int ssl_socket_open(struct ssl_socket_t *self_p,
struct ssl_context_t *context_p,
void *socket_p,
enum ssl_socket_mode_t mode);
/**
* Close given SSL socket.
*
* @param[in] self_p Opened SSL socket.
*
* @return zero(0) or negative error code.
*/
int ssl_socket_close(struct ssl_socket_t *self_p);
/**
* Write data to given SSL socket.
*
* @param[in] self_p SSL socket.
* @param[in] buf_p Buffer to send.
* @param[in] size Numer of bytes to send.
*
* @return Number of written bytes or negative error code.
*/
ssize_t ssl_socket_write(struct ssl_socket_t *self_p,
const void *buf_p,
size_t size);
/**
* Read data from given SSL socket.
*
* @param[in] self_p SSL socket.
* @param[in] buf_p Buffer to read into.
* @param[in] size Number of bytes to read.
*
* @return Number of read bytes or negative error code.
*/
ssize_t ssl_socket_read(struct ssl_socket_t *self_p,
void *buf_p,
size_t size);
/**
* Get the number of input bytes currently stored in the SSL
* socket.
*
* @param[in] self_p SSL socket.
*
* @return Number of input bytes in the SSL socket.
*/
ssize_t ssl_socket_size(struct ssl_socket_t *self_p);
#endif