Swift
summaryrefslogtreecommitdiffstats
path: root/Swiften/TLS/SecureTransport/SecureTransportContext.h
diff options
context:
space:
mode:
Diffstat (limited to 'Swiften/TLS/SecureTransport/SecureTransportContext.h')
-rw-r--r--Swiften/TLS/SecureTransport/SecureTransportContext.h58
1 files changed, 58 insertions, 0 deletions
diff --git a/Swiften/TLS/SecureTransport/SecureTransportContext.h b/Swiften/TLS/SecureTransport/SecureTransportContext.h
new file mode 100644
index 0000000..3942904
--- /dev/null
+++ b/Swiften/TLS/SecureTransport/SecureTransportContext.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2015-2016 Isode Limited.
+ * All rights reserved.
+ * See the COPYING file for more information.
+ */
+
+#pragma once
+
+#include <Security/SecureTransport.h>
+
+#include <Swiften/TLS/TLSContext.h>
+
+namespace Swift {
+
+class SecureTransportContext : public TLSContext {
+ public:
+ SecureTransportContext(bool checkCertificateRevocation);
+ virtual ~SecureTransportContext();
+
+ virtual void connect();
+
+ virtual bool setClientCertificate(CertificateWithKey::ref cert);
+
+ virtual void handleDataFromNetwork(const SafeByteArray&);
+ virtual void handleDataFromApplication(const SafeByteArray&);
+
+ virtual std::vector<Certificate::ref> getPeerCertificateChain() const;
+ virtual CertificateVerificationError::ref getPeerCertificateVerificationError() const;
+
+ virtual ByteArray getFinishMessage() const;
+
+ private:
+ static OSStatus SSLSocketReadCallback(SSLConnectionRef connection, void *data, size_t *dataLength);
+ static OSStatus SSLSocketWriteCallback(SSLConnectionRef connection, const void *data, size_t *dataLength);
+
+ private:
+ enum State { None, Handshake, HandshakeDone, Error};
+ static std::string stateToString(State state);
+ void setState(State newState);
+
+ static std::shared_ptr<TLSError> nativeToTLSError(OSStatus error);
+ std::shared_ptr<CertificateVerificationError> CSSMErrorToVerificationError(OSStatus resultCode);
+
+ void processHandshake();
+ void verifyServerCertificate();
+
+ void fatalError(std::shared_ptr<TLSError> error, std::shared_ptr<CertificateVerificationError> certificateError);
+
+ private:
+ std::shared_ptr<SSLContext> sslContext_;
+ SafeByteArray readingBuffer_;
+ State state_;
+ CertificateVerificationError::ref verificationError_;
+ CertificateWithKey::ref clientCertificate_;
+ bool checkCertificateRevocation_;
+};
+
+}