Kea 2.2.0
botan_boost_tls.h
Go to the documentation of this file.
1// Copyright (C) 2021 Internet Systems Consortium, Inc. ("ISC")
2//
3// This Source Code Form is subject to the terms of the Mozilla Public
4// License, v. 2.0. If a copy of the MPL was not distributed with this
5// file, You can obtain one at http://mozilla.org/MPL/2.0/.
6
7// Do not include this header directly: use crypto_tls.h instead.
8
9#ifndef BOTAN_BOOST_TLS_H
10#define BOTAN_BOOST_TLS_H
11
13
14#if defined(WITH_BOTAN) && defined(WITH_BOTAN_BOOST)
15
18#include <asiolink/io_service.h>
19#include <asiolink/common_tls.h>
21
23#include <botan/asio_stream.h>
24
25namespace isc {
26namespace asiolink {
27
29inline Botan::TLS::Connection_Side roleToImpl(TlsRole role) {
30 if (role == TlsRole::SERVER) {
32 } else {
34 }
35}
36
38class TlsContextImpl;
39
41class TlsContext : public TlsContextBase {
42public:
43
48 virtual ~TlsContext();
49
53 explicit TlsContext(TlsRole role);
54
56 Botan::TLS::Context& getContext();
57
62 virtual bool getCertRequired() const;
63
64protected:
69 virtual void setCertRequired(bool cert_required);
70
74 virtual void loadCaFile(const std::string& ca_file);
75
79 virtual void loadCaPath(const std::string& ca_path);
80
84 virtual void loadCertFile(const std::string& cert_file);
85
89 virtual void loadKeyFile(const std::string& key_file);
90
92 std::unique_ptr<TlsContextImpl> impl_;
93
95 friend class TlsContextBase;
96};
97
99typedef Botan::TLS::Stream<boost::asio::ip::tcp::socket> TlsStreamImpl;
100
108template <typename Callback, typename TlsStreamImpl>
110TlsStreamBase(IOService& service, TlsContextPtr context)
111 : TlsStreamImpl(service.get_io_service(), context->getContext()),
112 role_(context->getRole()) {
113}
114
118template <typename Callback>
119class TlsStream : public TlsStreamBase<Callback, TlsStreamImpl>
120{
121public:
122
124 typedef TlsStreamBase<Callback, TlsStreamImpl> Base;
125
131 TlsStream(IOService& service, TlsContextPtr context)
132 : Base(service, context) {
133 }
134
136 virtual ~TlsStream() { }
137
141 virtual void handshake(Callback& callback) {
142 Base::async_handshake(roleToImpl(Base::getRole()), callback);
143 }
144
148 virtual void shutdown(Callback& callback) {
149 Base::async_shutdown(callback);
150 }
151
157 virtual void clear() {
158 }
159
169 virtual std::string getSubject() {
170 const std::vector<Botan::X509_Certificate>& cert_chain =
171 Base::native_handle()->peer_cert_chain();
172 if (cert_chain.empty()) {
173 return ("");
174 }
175 const Botan::X509_DN& subject = cert_chain[0].subject_dn();
176 return (subject.get_first_attribute("CommonName"));
177 }
178
188 virtual std::string getIssuer() {
189 const std::vector<Botan::X509_Certificate>& cert_chain =
190 Base::native_handle()->peer_cert_chain();
191 if (cert_chain.empty()) {
192 return ("");
193 }
194 const Botan::X509_DN& issuer = cert_chain[0].issuer_dn();
195 return (issuer.get_first_attribute("CommonName"));
196 }
197};
198
199// Stream truncated error code.
200const int STREAM_TRUNCATED = Botan::TLS::StreamError::StreamTruncated;
201
202} // namespace asiolink
203} // namespace isc
204
205#endif // WITH_BOTAN && WITH_BOTAN_BOOST
206
207#endif // BOTAN_BOOST_TLS_H
Botan boost ASIO wrapper.
Common TLS API.
Defines the logger used by the top-level component of kea-lfc.