summaryrefslogtreecommitdiffstats
path: root/src/PolarSSL++/SslContext.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/PolarSSL++/SslContext.h')
-rw-r--r--src/PolarSSL++/SslContext.h23
1 files changed, 21 insertions, 2 deletions
diff --git a/src/PolarSSL++/SslContext.h b/src/PolarSSL++/SslContext.h
index 85add5f8b..6b4f2c1e7 100644
--- a/src/PolarSSL++/SslContext.h
+++ b/src/PolarSSL++/SslContext.h
@@ -11,6 +11,8 @@
#include "polarssl/ssl.h"
#include "../ByteBuffer.h"
+#include "CryptoKey.h"
+#include "RsaPrivateKey.h"
#include "X509Cert.h"
@@ -38,7 +40,7 @@ public:
/** Creates a new uninitialized context */
cSslContext(void);
- ~cSslContext();
+ virtual ~cSslContext();
/** Initializes the context for use as a server or client.
Returns 0 on success, PolarSSL error on failure. */
@@ -47,7 +49,15 @@ public:
/** Returns true if the object has been initialized properly. */
bool IsValid(void) const { return m_IsValid; }
- /** Sets a cert chain as the trusted cert store for this context.
+ /** Sets the certificate to use as our own. Must be used when representing a server, optional when client.
+ Must be called after Initialize(). */
+ void SetOwnCert(const cX509CertPtr & a_OwnCert, const cRsaPrivateKeyPtr & a_OwnCertPrivKey);
+
+ /** Sets the certificate to use as our own. Must be used when representing a server, optional when client.
+ Must be called after Initialize(). */
+ void SetOwnCert(const cX509CertPtr & a_OwnCert, const cCryptoKeyPtr & a_OwnCertPrivKey);
+
+ /** Sets a cert chain as the trusted cert store for this context. Must be called after Initialize().
Calling this will switch the context into strict cert verification mode.
a_ExpectedPeerName is the CommonName that we expect the SSL peer to have in its cert,
if it is different, the verification will fail. An empty string will disable the CN check. */
@@ -93,6 +103,15 @@ protected:
/** The SSL context that PolarSSL uses. */
ssl_context m_Ssl;
+ /** The certificate that we present to the peer. */
+ cX509CertPtr m_OwnCert;
+
+ /** Private key for m_OwnCert, if initialized from a cRsaPrivateKey. */
+ cRsaPrivateKeyPtr m_OwnCertPrivKey;
+
+ /** Private key for m_OwnCert, if initialized from a cCryptoKey. */
+ cCryptoKeyPtr m_OwnCertPrivKey2;
+
/** True if the SSL handshake has been completed. */
bool m_HasHandshaken;