NCBI C++ ToolKit
ncbi_connssl.h
Go to the documentation of this file.

Go to the SVN repository for this file.

1 #ifndef CONNECT___NCBI_CONNSSL__H
2 #define CONNECT___NCBI_CONNSSL__H
3 
4 /* $Id: ncbi_connssl.h 93599 2021-05-03 22:24:04Z lavr $
5  * ===========================================================================
6  *
7  * PUBLIC DOMAIN NOTICE
8  * National Center for Biotechnology Information
9  *
10  * This software/database is a "United States Government Work" under the
11  * terms of the United States Copyright Act. It was written as part of
12  * the author's official duties as a United States Government employee and
13  * thus cannot be copyrighted. This software/database is freely available
14  * to the public for use. The National Library of Medicine and the U.S.
15  * Government have not placed any restriction on its use or reproduction.
16  *
17  * Although all reasonable efforts have been taken to ensure the accuracy
18  * and reliability of the software and data, the NLM and the U.S.
19  * Government do not and cannot warrant the performance or results that
20  * may be obtained by using this software or data. The NLM and the U.S.
21  * Government disclaim all warranties, express or implied, including
22  * warranties of performance, merchantability or fitness for any particular
23  * purpose.
24  *
25  * Please cite the author in any work or product based on this material.
26  *
27  * ===========================================================================
28  *
29  * Author: Anton Lavrentiev
30  *
31  * @file
32  * File Description:
33  * Formal definition of a simple SSL API.
34  *
35  */
36 
37 #include "ncbi_socketp.h"
38 
39 
40 #ifdef __cplusplus
41 extern "C" {
42 #endif
43 
44 
45 typedef enum {
46  /* NB: Must be a positive 32-bit int divisible by 100 decimal */
47  eNcbiCred_GnuTls = 0x484FFB94,
48  eNcbiCred_MbedTls = 0x412CC144
50 
51 
52 struct SNcbiCred {
54  void* data;
55 };
56 
57 
58 /* Read up to "size" bytes into buffer "buf", and return the number of bytes
59  * actually read via the "done" pointer (must be non-null, on call "*done"==0).
60  * The call is allowed to log the transaction data if "logdata" is non-zero.
61  * The call is always allowed to log errors (regardless of the last parameter).
62  * Return:
63  * eIO_Success if "*done" != 0 or if EOF encountered ("*done" == 0 then);
64  * eIO_Timeout if no data obtained within a preset time allowance;
65  * eIO_Unknown if an error (usually, recoverable) occurred;
66  * eIO_Closed if a non-recoverable error occurred;
67  * other errors per their applicability.
68  */
69 typedef EIO_Status (*FSSLPull) (SOCK sock, void* buf, size_t size,
70  size_t* done, int/*bool*/ logdata);
71 
72 /* Write up to "size" bytes of "data", and return the number of bytes actually
73  * written via the "done" pointer (must be non-null, on call "*done"==0).
74  * The call is allowed to log the transaction data if "logdata" is non-zero.
75  * The call is always allowed to log errors (regardless of the last parameter).
76  * Return:
77  * eIO_Success iff "*done" != 0;
78  * eIO_Closed if non-recoverable error;
79  * other error code if no data can be written.
80  */
81 typedef EIO_Status (*FSSLPush) (SOCK sock, const void* data, size_t size,
82  size_t* done, int/*bool*/ logdata);
83 
84 /* Init SSL layer; called only once and under a lock */
86 
87 /* Create session data with "ctx" */
88 typedef void* (*FSSLCreate)(ESOCK_Side side, SNcbiSSLctx* ctx,
89  int* error);
90 
91 /* Begin secure session; "desc" can be NULL for no description to return */
92 typedef EIO_Status (*FSSLOpen) (void* session, int* error, char** desc);
93 
94 /* See FSSLPull for behavior. When non-eIO_Success code gets returned,
95  * the call must set "*error" to indicate specific problem. The "*error" may
96  * be left unset (and thus, will be ignored) when eIO_Success gets returned. */
97 typedef EIO_Status (*FSSLRead) (void* session, void* buf, size_t size,
98  size_t* done, int* error);
99 
100 /* See FSSLPush for behavior. When non-eIO_Success code gets returned,
101  * the call must set "*error" to indicate specific problem. The "*error" may
102  * be left unset (and thus, will be ignored) when eIO_Success gets returned. */
103 typedef EIO_Status (*FSSLWrite) (void* session, const void* data, size_t size,
104  size_t* done, int* error);
105 
106 /* End secure session; "how" is of shutdown(2) and may be ignored */
107 typedef EIO_Status (*FSSLClose) (void* session, int how, int* error);
108 
109 /* Delete session data */
110 typedef void (*FSSLDelete)(void* session);
111 
112 /* Deinit SSL layer; called once and under a lock */
113 typedef void (*FSSLExit) (void);
114 
115 /* Return an error description (possibly stored in "buf" of size "size") */
116 typedef const char* (*FSSLError) (void* session, int error,
117  char* buf, size_t size);
118 
119 
120 /* Table of operations
121  */
123  const char* Name;
133 };
134 
135 
136 /* Internal certificate credentials management routines */
137 
138 #if defined(HAVE_LIBMBEDTLS) || defined(NCBI_CXX_TOOLKIT)
139 
141  size_t certsz,
142  const void* pkey,
143  size_t pkeysz);
144 
146 
147 #endif /*HAVE_LIBMBEDTLS || NCBI_CXX_TOOLKIT*/
148 
149 
150 #ifdef HAVE_LIBGNUTLS
151 
152 NCBI_CRED NcbiCreateGnuTlsCertCredentials(const void* cert,
153  size_t certsz,
154  const void* pkey,
155  size_t pkeysz);
156 
157 
158 void NcbiDeleteGnuTlsCertCredentials(NCBI_CRED cred);
159 
160 #endif /*HAVE_LIBGNUTLS*/
161 
162 
163 #ifdef __cplusplus
164 } /* extern "C" */
165 #endif
166 
167 
168 /* @} */
169 
170 #endif /* CONNECT___NCBI_CONNSSL__H */
CS_CONTEXT * ctx
Definition: t0006.c:12
char data[12]
Definition: iconv.c:80
ESOCK_Side
Sides of socket.
Definition: ncbi_socket.h:210
EIO_Status
I/O status.
Definition: ncbi_core.h:132
char * buf
list< Ts... > push
const struct ncbi::grid::netcache::search::fields::SIZE size
EIO_Status(* FSSLOpen)(void *session, int *error, char **desc)
Definition: ncbi_connssl.h:92
void NcbiDeleteMbedTlsCertCredentials(NCBI_CRED cred)
Definition: ncbi_mbedtls.c:947
NCBI_CRED NcbiCreateMbedTlsCertCredentials(const void *cert, size_t certsz, const void *pkey, size_t pkeysz)
Definition: ncbi_mbedtls.c:978
void(* FSSLDelete)(void *session)
Definition: ncbi_connssl.h:110
void(* FSSLExit)(void)
Definition: ncbi_connssl.h:113
EIO_Status(* FSSLPush)(SOCK sock, const void *data, size_t size, size_t *done, int logdata)
Definition: ncbi_connssl.h:81
EIO_Status(* FSSLPull)(SOCK sock, void *buf, size_t size, size_t *done, int logdata)
Definition: ncbi_connssl.h:69
EIO_Status(* FSSLInit)(FSSLPull pull, FSSLPush push)
Definition: ncbi_connssl.h:85
EIO_Status(* FSSLClose)(void *session, int how, int *error)
Definition: ncbi_connssl.h:107
void *(* FSSLCreate)(ESOCK_Side side, SNcbiSSLctx *ctx, int *error)
Definition: ncbi_connssl.h:88
EIO_Status(* FSSLRead)(void *session, void *buf, size_t size, size_t *done, int *error)
Definition: ncbi_connssl.h:97
EIO_Status(* FSSLWrite)(void *session, const void *data, size_t size, size_t *done, int *error)
Definition: ncbi_connssl.h:103
ENcbiCred
Definition: ncbi_connssl.h:45
@ eNcbiCred_MbedTls
Definition: ncbi_connssl.h:48
@ eNcbiCred_GnuTls
Definition: ncbi_connssl.h:47
const char *(* FSSLError)(void *session, int error, char *buf, size_t size)
Definition: ncbi_connssl.h:116
ENcbiCred type
Definition: ncbi_connssl.h:53
void * data
Definition: ncbi_connssl.h:54
FSSLError Error
Definition: ncbi_connssl.h:132
FSSLCreate Create
Definition: ncbi_connssl.h:125
FSSLClose Close
Definition: ncbi_connssl.h:129
const char * Name
Definition: ncbi_connssl.h:123
FSSLDelete Delete
Definition: ncbi_connssl.h:130
FSSLWrite Write
Definition: ncbi_connssl.h:128
done
Definition: token1.c:1
Modified on Fri Sep 20 14:57:13 2024 by modify_doxy.py rev. 669887