mirror of
https://github.com/XRPLF/rippled.git
synced 2025-12-06 17:27:55 +00:00
78 lines
3.0 KiB
C++
78 lines
3.0 KiB
C++
//------------------------------------------------------------------------------
|
|
/*
|
|
This file is part of rippled: https://github.com/ripple/rippled
|
|
Copyright (c) 2012, 2013 Ripple Labs Inc.
|
|
|
|
Permission to use, copy, modify, and/or distribute this software for any
|
|
purpose with or without fee is hereby granted, provided that the above
|
|
copyright notice and this permission notice appear in all copies.
|
|
|
|
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
ANY SPECIAL , DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
*/
|
|
//==============================================================================
|
|
|
|
#ifndef RIPPLE_COMMON_SSLCONTEXT_H_INCLUDED
|
|
#define RIPPLE_COMMON_SSLCONTEXT_H_INCLUDED
|
|
|
|
#include "../../beast/modules/beast_asio/basics/SSLContext.h"
|
|
|
|
#include <string>
|
|
|
|
namespace ripple {
|
|
|
|
/** The SSL contexts used by Ripple.
|
|
|
|
This is what Ripple uses for its secure connections. The ECDSA curve
|
|
parameters are predefined and verified to be secure. The context is set to
|
|
sslv23, Transport Layer Security / General. This is primarily used for peer to peer servers that don't care
|
|
about certificates or identity verification.
|
|
*/
|
|
class RippleSSLContext : public beast::asio::SSLContext
|
|
{
|
|
public:
|
|
/** Retrieve raw DH parameters.
|
|
This is in the format expected by the OpenSSL function d2i_DHparams.
|
|
The vector is binary. An empty vector means the key size is unsupported.
|
|
@note The string may contain nulls in the middle. Use size() to
|
|
determine the actual size.
|
|
*/
|
|
static std::string getRawDHParams (int keySize);
|
|
|
|
/** Creates a bare SSL context with just sslv23 set.
|
|
This is used for RPC connections.
|
|
*/
|
|
static RippleSSLContext* createBare ();
|
|
|
|
/** Creates a suitable for WebSocket without authentication.
|
|
This is for WebSocket connections that don't use certificates.
|
|
*/
|
|
static RippleSSLContext* createWebSocket ();
|
|
|
|
/** Create a context that allows anonymous connections.
|
|
No certificates are required. Peers use this context.
|
|
If the cipher list is invalid, a fatal error is raised.
|
|
*/
|
|
static RippleSSLContext* createAnonymous (std::string const& cipherList);
|
|
|
|
/** Create a context with authentication requirements.
|
|
This is used for WebSocket connections.
|
|
The authentication credentials are loaded from the files with
|
|
the specified names. If an error occurs, a fatal error is raised.
|
|
*/
|
|
static RippleSSLContext* createAuthenticated (
|
|
std::string key_file, std::string cert_file, std::string chain_file);
|
|
|
|
protected:
|
|
explicit RippleSSLContext (ContextType& context);
|
|
};
|
|
|
|
}
|
|
|
|
#endif
|