Cuberite
A lightweight, fast and extensible game server for Minecraft
SslConfig.h
Go to the documentation of this file.
1 
2 #pragma once
3 
4 #include "mbedtls/ssl.h"
5 
6 // fwd:
7 class cCryptoKey;
8 class cCtrDrbgContext;
9 class cX509Cert;
10 
11 using cCryptoKeyPtr = std::shared_ptr<cCryptoKey>;
12 using cCtrDrbgContextPtr = std::shared_ptr<cCtrDrbgContext>;
13 using cX509CertPtr = std::shared_ptr<cX509Cert>;
14 
15 enum class eSslAuthMode
16 {
17  None = 0, // MBEDTLS_SSL_VERIFY_NONE
18  Optional = 1, // MBEDTLS_SSL_VERIFY_OPTIONAL
19  Required = 2, // MBEDTLS_SSL_VERIFY_REQUIRED
20  Unset = 3, // MBEDTLS_SSL_VERIFY_UNSET
21 };
22 
23 
24 
25 class cSslConfig
26 {
27  friend class cSslContext;
28 public:
36  using cDebugCallback = void(*)(void *, int, const char *, int, const char *);
37 
44  using cVerifyCallback = int(*)(void *, mbedtls_x509_crt *, int, uint32_t *);
45 
46  cSslConfig();
47  ~cSslConfig();
48 
50  int InitDefaults(bool a_IsClient);
51 
53  void SetAuthMode(eSslAuthMode a_AuthMode);
54 
56  void SetRng(cCtrDrbgContextPtr a_CtrDrbg);
57 
59  void SetDebugCallback(cDebugCallback a_CallbackFun, void * a_CallbackData);
60 
62  void SetVerifyCallback(cVerifyCallback a_CallbackFun, void * a_CallbackData);
63 
65  void SetCipherSuites(std::vector<int> a_CipherSuites);
66 
68  void SetOwnCert(cX509CertPtr a_OwnCert, cCryptoKeyPtr a_OwnCertPrivKey);
69 
71  void SetCACerts(cX509CertPtr a_CACert);
72 
74  static std::shared_ptr<cSslConfig> MakeDefaultConfig(bool a_IsClient);
75 
77  static std::shared_ptr<const cSslConfig> GetDefaultClientConfig();
78 
80  static std::shared_ptr<const cSslConfig> GetDefaultServerConfig();
81 
82 private:
83 
85  const mbedtls_ssl_config * GetInternal() const { return &m_Config; }
86 
87  mbedtls_ssl_config m_Config;
88  cCtrDrbgContextPtr m_CtrDrbg;
89  cX509CertPtr m_OwnCert;
90  cCryptoKeyPtr m_OwnCertPrivKey;
91  cX509CertPtr m_CACerts;
92  std::vector<int> m_CipherSuites;
93 };
cCryptoKeyPtr
std::shared_ptr< cCryptoKey > cCryptoKeyPtr
Definition: CryptoKey.h:72
cCtrDrbgContextPtr
std::shared_ptr< cCtrDrbgContext > cCtrDrbgContextPtr
Definition: SslConfig.h:12
eSslAuthMode
eSslAuthMode
Definition: SslConfig.h:16
cX509CertPtr
std::shared_ptr< cX509Cert > cX509CertPtr
Definition: SslConfig.h:13
cSslConfig::cVerifyCallback
int(*)(void *, mbedtls_x509_crt *, int, uint32_t *) cVerifyCallback
Type of the SSL certificate verify callback.
Definition: SslConfig.h:44
cSslConfig::cSslContext
friend class cSslContext
Definition: SslConfig.h:27
cSslConfig::m_CipherSuites
std::vector< int > m_CipherSuites
Definition: SslConfig.h:92
cSslConfig::cDebugCallback
void(*)(void *, int, const char *, int, const char *) cDebugCallback
Type of the SSL debug callback.
Definition: SslConfig.h:36
cSslConfig::SetRng
void SetRng(cCtrDrbgContextPtr a_CtrDrbg)
Set the random number generator.
Definition: SslConfig.cpp:159
cSslConfig::MakeDefaultConfig
static std::shared_ptr< cSslConfig > MakeDefaultConfig(bool a_IsClient)
Creates a new config with some sensible defaults on top of mbedTLS basic settings.
Definition: SslConfig.cpp:226
cSslConfig::SetCipherSuites
void SetCipherSuites(std::vector< int > a_CipherSuites)
Set the enabled cipher suites.
Definition: SslConfig.cpp:205
cSslConfig::SetOwnCert
void SetOwnCert(cX509CertPtr a_OwnCert, cCryptoKeyPtr a_OwnCertPrivKey)
Set the certificate to use for connections.
Definition: SslConfig.cpp:179
cSslConfig::InitDefaults
int InitDefaults(bool a_IsClient)
Initialize with mbedTLS default settings.
Definition: SslConfig.cpp:124
cSslConfig::GetDefaultServerConfig
static std::shared_ptr< const cSslConfig > GetDefaultServerConfig()
Returns the default config for server connections.
Definition: SslConfig.cpp:277
cSslConfig::m_OwnCert
cX509CertPtr m_OwnCert
Definition: SslConfig.h:89
cSslConfig::m_Config
mbedtls_ssl_config m_Config
Definition: SslConfig.h:87
cSslConfig::SetVerifyCallback
void SetVerifyCallback(cVerifyCallback a_CallbackFun, void *a_CallbackData)
Set the certificate verify callback.
Definition: SslConfig.cpp:196
cSslConfig::m_OwnCertPrivKey
cCryptoKeyPtr m_OwnCertPrivKey
Definition: SslConfig.h:90
cSslConfig::SetAuthMode
void SetAuthMode(eSslAuthMode a_AuthMode)
Set the authorization mode.
Definition: SslConfig.cpp:138
cSslConfig::GetDefaultClientConfig
static std::shared_ptr< const cSslConfig > GetDefaultClientConfig()
Returns the default config for client connections.
Definition: SslConfig.cpp:267
cSslConfig::SetDebugCallback
void SetDebugCallback(cDebugCallback a_CallbackFun, void *a_CallbackData)
Set the debug callback.
Definition: SslConfig.cpp:170
cSslConfig::SetCACerts
void SetCACerts(cX509CertPtr a_CACert)
Set the trusted certificate authority chain.
Definition: SslConfig.cpp:216
cSslConfig::m_CACerts
cX509CertPtr m_CACerts
Definition: SslConfig.h:91
cSslConfig::GetInternal
const mbedtls_ssl_config * GetInternal() const
Returns a pointer to the wrapped mbedtls representation.
Definition: SslConfig.h:85
cSslConfig::m_CtrDrbg
cCtrDrbgContextPtr m_CtrDrbg
Definition: SslConfig.h:88
Generated on Fri Oct 25 2024 05:01:15 for Cuberite by doxygen 1.9.1