ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2025-12-06 17:27:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d24525527d834b56e26743d677a41dbb472073b3
rippled/namespaceripple_1_1openssl_1_1detail.html
intelliot 18232bf4ac deploy: 8bfdbcbab5
2023-03-30 17:17:32 +00:00

295 lines
17 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<meta name="generator" content="Doxygen 1.8.17"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<title>rippled: ripple::openssl::detail Namespace Reference</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="search/searchdata.js"></script>
<script type="text/javascript" src="search/search.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr style="height: 56px;">
<td id="projectalign" style="padding-left: 0.5em;">
<div id="projectname">rippled
</div>
</td>
</tr>
</tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.8.17 -->
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
var searchBox = new SearchBox("searchBox", "search",false,'Search');
/* @license-end */
</script>
<script type="text/javascript" src="menudata.js"></script>
<script type="text/javascript" src="menu.js"></script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
$(function() {
initMenu('',true,false,'search.php','Search');
$(document).ready(function() { init_search(); });
});
/* @license-end */</script>
<div id="main-nav"></div>
<!-- window showing the filter options -->
<div id="MSearchSelectWindow"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
onkeydown="return searchBox.OnSearchSelectKey(event)">
</div>
<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<iframe src="javascript:void(0)" frameborder="0"
name="MSearchResults" id="MSearchResults">
</iframe>
</div>
<div id="nav-path" class="navpath">
<ul>
<li class="navelem"><a class="el" href="namespaceripple.html">ripple</a></li><li class="navelem"><a class="el" href="namespaceripple_1_1openssl.html">openssl</a></li><li class="navelem"><a class="el" href="namespaceripple_1_1openssl_1_1detail.html">detail</a></li> </ul>
</div>
</div><!-- top -->
<div class="header">
<div class="summary">
<a href="#func-members">Functions</a> &#124;
<a href="#var-members">Variables</a> </div>
<div class="headertitle">
<div class="title">ripple::openssl::detail Namespace Reference</div> </div>
</div><!--header-->
<div class="contents">
<table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a>
Functions</h2></td></tr>
<tr class="memitem:a5424207e5a700ac59ea8b9ab1e2b9397"><td class="memItemLeft" align="right" valign="top">static void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespaceripple_1_1openssl_1_1detail.html#a5424207e5a700ac59ea8b9ab1e2b9397">initAnonymous</a> (boost::asio::ssl::context &amp;context)</td></tr>
<tr class="separator:a5424207e5a700ac59ea8b9ab1e2b9397"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a70f3d81f87a75113774c421267a670b7"><td class="memItemLeft" align="right" valign="top">static void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespaceripple_1_1openssl_1_1detail.html#a70f3d81f87a75113774c421267a670b7">initAuthenticated</a> (boost::asio::ssl::context &amp;context, <a class="elRef" href="http://en.cppreference.com/w/cpp/string/basic_string.html">std::string</a> const &amp;key_file, <a class="elRef" href="http://en.cppreference.com/w/cpp/string/basic_string.html">std::string</a> const &amp;cert_file, <a class="elRef" href="http://en.cppreference.com/w/cpp/string/basic_string.html">std::string</a> const &amp;chain_file)</td></tr>
<tr class="separator:a70f3d81f87a75113774c421267a670b7"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:aef24a56d2f2bb53af7bd545390d04fdc"><td class="memItemLeft" align="right" valign="top"><a class="elRef" href="http://en.cppreference.com/w/cpp/memory/shared_ptr.html">std::shared_ptr</a>&lt; boost::asio::ssl::context &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespaceripple_1_1openssl_1_1detail.html#aef24a56d2f2bb53af7bd545390d04fdc">get_context</a> (<a class="elRef" href="http://en.cppreference.com/w/cpp/string/basic_string.html">std::string</a> cipherList)</td></tr>
<tr class="separator:aef24a56d2f2bb53af7bd545390d04fdc"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="var-members"></a>
Variables</h2></td></tr>
<tr class="memitem:ae431166efcafc1b6d7fc5109bfc7e678"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespaceripple_1_1openssl_1_1detail.html#ae431166efcafc1b6d7fc5109bfc7e678">defaultRSAKeyBits</a> = 2048</td></tr>
<tr class="memdesc:ae431166efcafc1b6d7fc5109bfc7e678"><td class="mdescLeft">&#160;</td><td class="mdescRight">The default strength of self-signed RSA certifices. <a href="namespaceripple_1_1openssl_1_1detail.html#ae431166efcafc1b6d7fc5109bfc7e678">More...</a><br /></td></tr>
<tr class="separator:ae431166efcafc1b6d7fc5109bfc7e678"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a6a06bb98812817012093d40c92120083"><td class="memItemLeft" align="right" valign="top">static constexpr const char&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespaceripple_1_1openssl_1_1detail.html#a6a06bb98812817012093d40c92120083">defaultDH</a> []</td></tr>
<tr class="memdesc:a6a06bb98812817012093d40c92120083"><td class="mdescLeft">&#160;</td><td class="mdescRight">The default DH parameters. <a href="namespaceripple_1_1openssl_1_1detail.html#a6a06bb98812817012093d40c92120083">More...</a><br /></td></tr>
<tr class="separator:a6a06bb98812817012093d40c92120083"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:aad232b4e5ba55646b1c05dc19250b8ad"><td class="memItemLeft" align="right" valign="top">const <a class="elRef" href="http://en.cppreference.com/w/cpp/string/basic_string.html">std::string</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespaceripple_1_1openssl_1_1detail.html#aad232b4e5ba55646b1c05dc19250b8ad">defaultCipherList</a> = &quot;TLSv1.2:!CBC:!DSS:!PSK:!eNULL:!aNULL&quot;</td></tr>
<tr class="memdesc:aad232b4e5ba55646b1c05dc19250b8ad"><td class="mdescLeft">&#160;</td><td class="mdescRight">The default list of ciphers we accept over TLS. <a href="namespaceripple_1_1openssl_1_1detail.html#aad232b4e5ba55646b1c05dc19250b8ad">More...</a><br /></td></tr>
<tr class="separator:aad232b4e5ba55646b1c05dc19250b8ad"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table>
<h2 class="groupheader">Function Documentation</h2>
<a id="a5424207e5a700ac59ea8b9ab1e2b9397"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a5424207e5a700ac59ea8b9ab1e2b9397">&#9670;&nbsp;</a></span>initAnonymous()</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">static void ripple::openssl::detail::initAnonymous </td>
<td>(</td>
<td class="paramtype">boost::asio::ssl::context &amp;&#160;</td>
<td class="paramname"><em>context</em></td><td>)</td>
<td></td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p class="definition">Definition at line <a class="el" href="make__SSLContext_8cpp_source.html#l00086">86</a> of file <a class="el" href="make__SSLContext_8cpp_source.html">make_SSLContext.cpp</a>.</p>
</div>
</div>
<a id="a70f3d81f87a75113774c421267a670b7"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a70f3d81f87a75113774c421267a670b7">&#9670;&nbsp;</a></span>initAuthenticated()</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">static void ripple::openssl::detail::initAuthenticated </td>
<td>(</td>
<td class="paramtype">boost::asio::ssl::context &amp;&#160;</td>
<td class="paramname"><em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="elRef" href="http://en.cppreference.com/w/cpp/string/basic_string.html">std::string</a> const &amp;&#160;</td>
<td class="paramname"><em>key_file</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="elRef" href="http://en.cppreference.com/w/cpp/string/basic_string.html">std::string</a> const &amp;&#160;</td>
<td class="paramname"><em>cert_file</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="elRef" href="http://en.cppreference.com/w/cpp/string/basic_string.html">std::string</a> const &amp;&#160;</td>
<td class="paramname"><em>chain_file</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p class="definition">Definition at line <a class="el" href="make__SSLContext_8cpp_source.html#l00228">228</a> of file <a class="el" href="make__SSLContext_8cpp_source.html">make_SSLContext.cpp</a>.</p>
</div>
</div>
<a id="aef24a56d2f2bb53af7bd545390d04fdc"></a>
<h2 class="memtitle"><span class="permalink"><a href="#aef24a56d2f2bb53af7bd545390d04fdc">&#9670;&nbsp;</a></span>get_context()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="elRef" href="http://en.cppreference.com/w/cpp/memory/shared_ptr.html">std::shared_ptr</a>&lt;boost::asio::ssl::context&gt; ripple::openssl::detail::get_context </td>
<td>(</td>
<td class="paramtype"><a class="elRef" href="http://en.cppreference.com/w/cpp/string/basic_string.html">std::string</a>&#160;</td>
<td class="paramname"><em>cipherList</em></td><td>)</td>
<td></td>
</tr>
</table>
</div><div class="memdoc">
<p class="definition">Definition at line <a class="el" href="make__SSLContext_8cpp_source.html#l00326">326</a> of file <a class="el" href="make__SSLContext_8cpp_source.html">make_SSLContext.cpp</a>.</p>
</div>
</div>
<h2 class="groupheader">Variable Documentation</h2>
<a id="ae431166efcafc1b6d7fc5109bfc7e678"></a>
<h2 class="memtitle"><span class="permalink"><a href="#ae431166efcafc1b6d7fc5109bfc7e678">&#9670;&nbsp;</a></span>defaultRSAKeyBits</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int ripple::openssl::detail::defaultRSAKeyBits = 2048</td>
</tr>
</table>
</div><div class="memdoc">
<p>The default strength of self-signed RSA certifices. </p>
<p>Per NIST Special Publication 800-57 Part 3, 2048-bit RSA is still considered acceptably secure. Generally, we would want to go above and beyond such recommendations (e.g. by using 3072 or 4096 bits) but there is a computational cost associated with that may not be worth paying, considering that:</p>
<ul>
<li>We regenerate a new ephemeral certificate and a securely generated random private key every time the server is started; and</li>
<li><p class="startli">There should not be any truly secure information (e.g. seeds or private keys) that gets relayed to the server anyways over these RPCs.</p>
<dl class="section note"><dt>Note</dt><dd>If you increase the number of bits you need to generate new default DH parameters and update defaultDH accordingly. </dd></dl>
</li>
</ul>
<p class="definition">Definition at line <a class="el" href="make__SSLContext_8cpp_source.html#l00045">45</a> of file <a class="el" href="make__SSLContext_8cpp_source.html">make_SSLContext.cpp</a>.</p>
</div>
</div>
<a id="a6a06bb98812817012093d40c92120083"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a6a06bb98812817012093d40c92120083">&#9670;&nbsp;</a></span>defaultDH</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">constexpr const char ripple::openssl::detail::defaultDH[]</td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span><span class="mlabel">constexpr</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<b>Initial value:</b><div class="fragment"><div class="line">=</div>
<div class="line"> <span class="stringliteral">&quot;-----BEGIN DH PARAMETERS-----\n&quot;</span></div>
<div class="line"> <span class="stringliteral">&quot;MIIBCAKCAQEApKSWfR7LKy0VoZ/SDCObCvJ5HKX2J93RJ+QN8kJwHh+uuA8G+t8Q\n&quot;</span></div>
<div class="line"> <span class="stringliteral">&quot;MDRjL5HanlV/sKN9HXqBc7eqHmmbqYwIXKUt9MUZTLNheguddxVlc2IjdP5i9Ps8\n&quot;</span></div>
<div class="line"> <span class="stringliteral">&quot;l7su8tnP0l1JvC6Rfv3epRsEAw/ZW/lC2IwkQPpOmvnENQhQ6TgrUzcGkv4Bn0X6\n&quot;</span></div>
<div class="line"> <span class="stringliteral">&quot;pxrDSBpZ+45oehGCUAtcbY8b02vu8zPFoxqo6V/+MIszGzldlik5bVqrJpVF6E8C\n&quot;</span></div>
<div class="line"> <span class="stringliteral">&quot;tRqHjj6KuDbPbjc+pRGvwx/BSO3SULxmYu9J1NOk090MU1CMt6IJY7TpEc9Xrac9\n&quot;</span></div>
<div class="line"> <span class="stringliteral">&quot;9yqY3xXZID240RRcaJ25+U4lszFPqP+CEwIBAg==\n&quot;</span></div>
<div class="line"> <span class="stringliteral">&quot;-----END DH PARAMETERS-----&quot;</span></div>
</div><!-- fragment -->
<p>The default DH parameters. </p>
<p>These were generated using the OpenSSL command: <code>openssl dhparam 2048</code> by Nik Bougalis <a href="#" onclick="location.href='mai'+'lto:'+'nik'+'b@'+'bou'+'ga'+'lis'+'.n'+'et'; return false;">nikb@<span style="display: none;">.nosp@m.</span>boug<span style="display: none;">.nosp@m.</span>alis.<span style="display: none;">.nosp@m.</span>net</a> on May, 29, 2022.</p>
<p>It is safe to use this, but if you want you can generate different parameters and put them here. There's no easy way to change this via the config file at this time.</p>
<dl class="section note"><dt>Note</dt><dd>If you increase the number of bits you need to update defaultRSAKeyBits accordingly. </dd></dl>
<p class="definition">Definition at line <a class="el" href="make__SSLContext_8cpp_source.html#l00059">59</a> of file <a class="el" href="make__SSLContext_8cpp_source.html">make_SSLContext.cpp</a>.</p>
</div>
</div>
<a id="aad232b4e5ba55646b1c05dc19250b8ad"></a>
<h2 class="memtitle"><span class="permalink"><a href="#aad232b4e5ba55646b1c05dc19250b8ad">&#9670;&nbsp;</a></span>defaultCipherList</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">const <a class="elRef" href="http://en.cppreference.com/w/cpp/string/basic_string.html">std::string</a> ripple::openssl::detail::defaultCipherList = &quot;TLSv1.2:!CBC:!DSS:!PSK:!eNULL:!aNULL&quot;</td>
</tr>
</table>
</div><div class="memdoc">
<p>The default list of ciphers we accept over TLS. </p>
<p>Generally we include cipher suites that are part of TLS v1.2, but we specifically exclude:</p>
<ul>
<li>the DSS cipher suites (!DSS);</li>
<li>cipher suites using pre-shared keys (!PSK);</li>
<li>cipher suites that don't offer encryption (!eNULL); and</li>
<li>cipher suites that don't offer authentication (!aNULL).</li>
</ul>
<dl class="section note"><dt>Note</dt><dd><a class="el" href="classripple_1_1Server.html" title="A multi-protocol server.">Server</a> administrators can override this default list, on either a global or per-port basis, using the <code>ssl_ciphers</code> directive in the config file. </dd></dl>
<p class="definition">Definition at line <a class="el" href="make__SSLContext_8cpp_source.html#l00083">83</a> of file <a class="el" href="make__SSLContext_8cpp_source.html">make_SSLContext.cpp</a>.</p>
</div>
</div>
</div><!-- contents -->
<!-- start footer part -->
<hr class="footer"/><address class="footer"><small>
Generated by &#160;<a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/>
</a> 1.8.17
</small></address>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink