1 // 2 // Copyright (c) ZeroC, Inc. All rights reserved. 3 // 4 5 #ifndef ICESSL_SCHANNEL_ENGINE_H 6 #define ICESSL_SCHANNEL_ENGINE_H 7 8 #ifdef _WIN32 9 10 #include <IceSSL/SSLEngine.h> 11 #include <IceSSL/SChannelEngineF.h> 12 13 // 14 // SECURITY_WIN32 or SECURITY_KERNEL, must be defined before including security.h 15 // indicating who is compiling the code. 16 // 17 # ifdef SECURITY_WIN32 18 # undef SECURITY_WIN32 19 # endif 20 # ifdef SECURITY_KERNEL 21 # undef SECURITY_KERNEL 22 # endif 23 # define SECURITY_WIN32 1 24 # include <security.h> 25 # include <sspi.h> 26 # include <schannel.h> 27 # undef SECURITY_WIN32 28 29 #if defined(__MINGW32__) || (defined(_MSC_VER) && (_MSC_VER <= 1500)) 30 31 // 32 // Add some definitions missing from MinGW headers. 33 // 34 35 # ifndef CERT_TRUST_IS_EXPLICIT_DISTRUST 36 # define CERT_TRUST_IS_EXPLICIT_DISTRUST 0x04000000 37 # endif 38 39 # ifndef CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT 40 # define CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT 0x08000000 41 # endif 42 43 # ifndef SECBUFFER_ALERT 44 # define SECBUFFER_ALERT 17 45 # endif 46 47 # ifndef SCH_SEND_ROOT_CERT 48 # define SCH_SEND_ROOT_CERT 0x00040000 49 # endif 50 51 # ifndef SP_PROT_TLS1_1_SERVER 52 # define SP_PROT_TLS1_1_SERVER 0x00000100 53 # endif 54 55 # ifndef SP_PROT_TLS1_1_CLIENT 56 # define SP_PROT_TLS1_1_CLIENT 0x00000200 57 # endif 58 59 # ifndef SP_PROT_TLS1_2_SERVER 60 # define SP_PROT_TLS1_2_SERVER 0x00000400 61 # endif 62 63 # ifndef SP_PROT_TLS1_2_CLIENT 64 # define SP_PROT_TLS1_2_CLIENT 0x00000800 65 # endif 66 67 #endif 68 69 namespace IceSSL 70 { 71 72 namespace SChannel 73 { 74 75 class SSLEngine : public IceSSL::SSLEngine 76 { 77 public: 78 79 SSLEngine(const Ice::CommunicatorPtr&); 80 81 // 82 // Setup the engine. 83 // 84 virtual void initialize(); 85 86 virtual IceInternal::TransceiverPtr 87 createTransceiver(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool); 88 89 // 90 // Destroy the engine. 91 // 92 virtual void destroy(); 93 94 virtual void verifyPeer(const std::string&, const ConnectionInfoPtr&, const std::string&); 95 96 std::string getCipherName(ALG_ID) const; 97 98 CredHandle newCredentialsHandle(bool); 99 100 HCERTCHAINENGINE chainEngine() const; 101 102 private: 103 104 void parseCiphers(const std::string&); 105 106 std::vector<PCCERT_CONTEXT> _allCerts; 107 std::vector<PCCERT_CONTEXT> _importedCerts; 108 DWORD _protocols; 109 110 std::vector<HCERTSTORE> _stores; 111 HCERTSTORE _rootStore; 112 113 HCERTCHAINENGINE _chainEngine; 114 std::vector<ALG_ID> _ciphers; 115 116 const bool _strongCrypto; 117 }; 118 119 } 120 121 } 122 123 #endif 124 125 #endif 126