1 /*
2  * Copyright (c) 2007-2019 by Jakob Schröter <js@camaya.net>
3  * This file is part of the gloox library. http://camaya.net/gloox
4  *
5  * This software is distributed under a license. The full license
6  * agreement can be found in the file LICENSE in this distribution.
7  * This software may not be copied, modified, sold or distributed
8  * other than expressed in the named license agreement.
9  *
10  * This software is distributed without any warranty.
11  */
12 
13 #ifndef TLSSCHANNEL_H__
14 #define TLSSCHANNEL_H__
15 
16 #include "tlsbase.h"
17 
18 #include "config.h"
19 
20 #ifdef HAVE_WINTLS
21 
22 #include <ctime>
23 
24 #define SECURITY_WIN32
25 #include <windows.h>
26 #include <security.h>
27 #include <schnlsp.h>
28 
29 namespace gloox
30 {
31 
32   /**
33    * This class implements a TLS backend using SChannel.
34    *
35    * @author Jakob Schröter <js@camaya.net>
36    * @since 0.9
37    */
38   class SChannel : public TLSBase
39   {
40     public:
41       /**
42        * Constructor.
43        * @param th The TLSHandler to handle TLS-related events.
44        * @param server The server to use in certificate verification.
45        */
46       SChannel( TLSHandler* th, const std::string& server );
47 
48       /**
49        * Virtual destructor.
50        */
51       virtual ~SChannel();
52 
53       // reimplemented from TLSBase
54       virtual bool init( const std::string& /*clientKey*/ = EmptyString,
55                          const std::string& /*clientCerts*/ = EmptyString,
56                          const StringList& /*cacerts*/ = StringList() )
57         { return true; }
58 
59       // reimplemented from TLSBase
60       virtual bool encrypt( const std::string& data );
61 
62       // reimplemented from TLSBase
63       virtual int decrypt( const std::string& data );
64 
65       // reimplemented from TLSBase
66       virtual void cleanup();
67 
68       // reimplemented from TLSBase
69       virtual bool handshake();
70 
71       // reimplemented from TLSBase
72       virtual bool hasChannelBinding() const;
73 
74       // reimplemented from TLSBase
75       virtual const std::string channelBinding() const;
76 
77       // reimplemented from TLSBase
78       virtual void setCACerts( const StringList& cacerts );
79 
80       // reimplemented from TLSBase
81       virtual void setClientCert( const std::string& clientKey, const std::string& clientCerts );
82 
83     private:
84       void handshakeStage( const std::string& data );
85       void setSizes();
86 
87       int filetime2int( FILETIME t );
88 
89       void validateCert();
90       void connectionInfos();
91       void certData();
92       void setCertinfos();
93       CredHandle m_credHandle;
94       CtxtHandle m_context;
95 
96       SecPkgContext_StreamSizes m_sizes;
97 
98       size_t m_header_max;
99       size_t m_message_max;
100       size_t m_trailer_max;
101 
102       std::string m_buffer;
103 
104       bool m_cleanedup;
105 
106       // windows error outputs
107 //       void print_error( int errorcode, const char* place = 0 );
108 
109   };
110 }
111 
112 #endif // HAVE_WINTLS
113 
114 #endif // TLSSCHANNEL_H__
115