1 /*************************************************************************** 2 cssl.h - description 3 ------------------- 4 begin : Sat Dec 7 2002 5 copyright : (C) 2002-2003 by Mathias Küster 6 email : mathen@users.berlios.de 7 ***************************************************************************/ 8 9 /*************************************************************************** 10 * * 11 * This program is free software; you can redistribute it and/or modify * 12 * it under the terms of the GNU General Public License as published by * 13 * the Free Software Foundation; either version 2 of the License, or * 14 * (at your option) any later version. * 15 * * 16 ***************************************************************************/ 17 18 #ifndef CSSL_H 19 #define CSSL_H 20 21 /** 22 *@author Mathias Küster 23 * 24 * This has some SSL utility functions and does some 25 * cryptography for the "secure" private chat. 26 */ 27 28 #include <dclib/dcos.h> 29 #include <dclib/core/cstring.h> 30 31 #include <dclib/dclib-ssl-use.h> 32 33 #if DCLIB_USES_OPENSSL == 1 34 35 #include <openssl/opensslv.h> 36 #include <openssl/rsa.h> 37 #include <openssl/rand.h> 38 #include <openssl/evp.h> 39 #include <openssl/ssl.h> 40 #include <openssl/err.h> 41 42 #else 43 44 /* this may also work for SSL builds */ 45 typedef struct rsa_st RSA; 46 typedef struct ssl_ctx_st SSL_CTX; 47 48 #endif 49 50 class CMutex; 51 52 class CSSLObject { 53 public: 54 /** */ CSSLObject()55 CSSLObject() { 56 m_bHandshakeState = 0; 57 m_pRSA = 0; 58 }; 59 /** */ 60 ~CSSLObject(); 61 62 /** */ 63 int m_bHandshakeState; 64 /* */ 65 RSA * m_pRSA; 66 /** */ 67 unsigned char m_localkey[16]; 68 /** */ 69 unsigned char m_localiv[8]; 70 /** */ 71 unsigned char m_remotekey[16]; 72 /** */ 73 unsigned char m_remoteiv[8]; 74 }; 75 76 class CSSL { 77 public: 78 /** */ 79 CSSL(); 80 /** */ 81 virtual ~CSSL(); 82 83 /** */ 84 static SSL_CTX * InitClientCTX(); 85 /** */ 86 static SSL_CTX * InitServerCTX(); 87 /** 88 * As the name suggests it creates a new client SSL_CTX 89 * that only supports >= TLSv1, required for 90 * *DC++ compatibility. 91 */ 92 static SSL_CTX * NewTLSv1ClientCTX(); 93 /** 94 * As the name suggests it creates a new server SSL_CTX 95 * that only supports >= TLSv1, required for 96 * *DC++ compatibility. 97 */ 98 static SSL_CTX * NewTLSv1ServerCTX(); 99 /** */ 100 static bool LoadCertificates( SSL_CTX * ctx, char * CertFile, char * KeyFile ); 101 /** Get SSL library version string */ 102 static CString GetSSLVersionString(); 103 /** Perform library initialisation functions */ 104 static void InitSSLLibrary(); 105 /** Perform library deinitialisation functions */ 106 static void DeInitSSLLibrary(); 107 108 protected: 109 /** */ 110 void InitRand(); 111 /** */ 112 void InitRandArray( unsigned char * a, int len ); 113 /** */ 114 bool GenerateRsaKey(); 115 /** */ 116 CString GetPublicRsaKey(); 117 /** */ 118 bool SetPublicKey( CSSLObject * SSLObject, CString s ); 119 /** */ 120 void InitSessionKey( CSSLObject * SSLObject ); 121 /** */ 122 CString GetSessionKey( CSSLObject * SSLObject ); 123 /** */ 124 bool SetSessionKey( CSSLObject * SSLObject, CString s ); 125 /** */ 126 CString EncryptData( CSSLObject * SSLObject, CString s ); 127 /** */ 128 CString DecryptData( CSSLObject * SSLObject, CString s ); 129 130 /* */ 131 RSA * m_pRSA; 132 /** */ 133 int * m_pRandBuffer; 134 135 private: 136 /** some mutexes for OpenSSL to use */ 137 static CMutex * mutexes; 138 /** 139 * a function to give to OpenSSL for it to use the mutexes 140 * FIXME that const will have been added in some version... 141 * breaking things with older versions 142 */ 143 static void locking_callback( int mode, int type, const char * file, int line ); 144 #ifndef WIN32 145 /** a thread id function, not required on Windows */ 146 static unsigned long thread_id(); 147 #endif /* WIN32 */ 148 }; 149 150 #endif 151