14fccb84c9
You can now accept SSL connections using SSLListeners, and then send/receive data through the associated SSLSocket. HttpSocket's now support both HTTP and HTTPS, using templates: fr::HttpSocket<fr::SSLSocket> https_socket; fr::HttpSocket<fr::TcpSocket> http_socket;
128 lines
5.6 KiB
C++
128 lines
5.6 KiB
C++
//
|
|
// Created by fred on 12/12/16.
|
|
//
|
|
|
|
#ifndef FRNETLIB_SSL_SOCKET_H
|
|
#define FRNETLIB_SSL_SOCKET_H
|
|
|
|
#define SSL_ENABLED
|
|
|
|
#ifdef SSL_ENABLED
|
|
|
|
#include "TcpSocket.h"
|
|
#include <mbedtls/net_sockets.h>
|
|
#include <mbedtls/debug.h>
|
|
#include <mbedtls/ssl.h>
|
|
#include <mbedtls/entropy.h>
|
|
#include <mbedtls/ctr_drbg.h>
|
|
#include <mbedtls/error.h>
|
|
#include <mbedtls/certs.h>
|
|
|
|
const std::string certs =
|
|
"-----BEGIN CERTIFICATE-----\n"
|
|
"MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW\n"
|
|
"MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg\n"
|
|
"Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh\n"
|
|
"dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9\n"
|
|
"MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi\n"
|
|
"U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh\n"
|
|
"cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA\n"
|
|
"A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk\n"
|
|
"pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf\n"
|
|
"OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C\n"
|
|
"Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT\n"
|
|
"Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi\n"
|
|
"HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM\n"
|
|
"Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w\n"
|
|
"+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+\n"
|
|
"Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3\n"
|
|
"Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B\n"
|
|
"26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID\n"
|
|
"AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE\n"
|
|
"FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j\n"
|
|
"ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js\n"
|
|
"LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM\n"
|
|
"BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0\n"
|
|
"Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy\n"
|
|
"dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh\n"
|
|
"cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh\n"
|
|
"YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg\n"
|
|
"dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp\n"
|
|
"bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ\n"
|
|
"YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT\n"
|
|
"TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ\n"
|
|
"9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8\n"
|
|
"jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW\n"
|
|
"FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz\n"
|
|
"ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1\n"
|
|
"ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L\n"
|
|
"EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu\n"
|
|
"L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq\n"
|
|
"yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC\n"
|
|
"O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V\n"
|
|
"um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh\n"
|
|
"NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=\n"
|
|
"-----END CERTIFICATE-----";
|
|
|
|
namespace fr
|
|
{
|
|
class SSLSocket : public TcpSocket
|
|
{
|
|
public:
|
|
SSLSocket();
|
|
~SSLSocket();
|
|
|
|
/*!
|
|
* Effectively just fr::TcpSocket::send_raw() with encryption
|
|
* added in.
|
|
*
|
|
* @param data The data to send.
|
|
* @param size The number of bytes, from data to send. Be careful not to overflow.
|
|
* @return The status of the operation.
|
|
*/
|
|
Status send_raw(const char *data, size_t size) override;
|
|
|
|
|
|
/*!
|
|
* Effectively just fr::TcpSocket::receive_raw() with encryption
|
|
* added in.
|
|
*
|
|
* @param data Where to store the received data.
|
|
* @param data_size The number of bytes to try and receive. Be sure that it's not larger than data.
|
|
* @param received Will be filled with the number of bytes actually received, might be less than you requested.
|
|
* @return The status of the operation, if the socket has disconnected etc.
|
|
*/
|
|
Status receive_raw(void *data, size_t data_size, size_t &received) override;
|
|
|
|
/*!
|
|
* Close the connection.
|
|
*/
|
|
void close() override;
|
|
|
|
/*!
|
|
* Connects the socket to an address.
|
|
*
|
|
* @param address The address of the socket to connect to
|
|
* @param port The port of the socket to connect to
|
|
* @return A Socket::Status indicating the status of the operation.
|
|
*/
|
|
Socket::Status connect(const std::string &address, const std::string &port) override;
|
|
|
|
void set_ssl_context(std::unique_ptr<mbedtls_ssl_context> context);
|
|
void set_net_context(std::unique_ptr<mbedtls_net_context> context);
|
|
|
|
private:
|
|
std::unique_ptr<mbedtls_net_context> ssl_socket_descriptor;
|
|
mbedtls_entropy_context entropy;
|
|
mbedtls_ctr_drbg_context ctr_drbg;
|
|
std::unique_ptr<mbedtls_ssl_context> ssl;
|
|
mbedtls_ssl_config conf;
|
|
mbedtls_x509_crt cacert;
|
|
uint32_t flags;
|
|
};
|
|
}
|
|
|
|
#endif
|
|
|
|
#endif //FRNETLIB_SSLSOCKET_H
|