Data Structures | |
| struct | hash_t |
| Hash data structure. More... | |
Enumerations | |
| enum | GGZTLSType { GGZ_TLS_CLIENT, GGZ_TLS_SERVER } |
| TLS operation mode. More... | |
| enum | GGZTLSVerificationType { GGZ_TLS_VERIFY_NONE, GGZ_TLS_VERIFY_PEER } |
| TLS verification type. More... | |
Functions | |
| hash_t | ggz_hash_create (const char *algo, const char *text) |
| Create a hash over a text. | |
| hash_t | ggz_hmac_create (const char *algo, const char *text, const char *secret) |
| Create a HMAC hash over a text. | |
| char * | ggz_base16_encode (const char *text, int length) |
| Encodes text to base16. | |
| char * | ggz_base64_encode (const char *text, int length) |
| Encodes text to base64. | |
| char * | ggz_base64_decode (const char *text, int length) |
| Decodes text from base64. | |
| void | ggz_tls_init (const char *certfile, const char *keyfile, const char *password) |
| Initialize TLS support on the server side. | |
| int | ggz_tls_support_query (void) |
| Check TLS support. | |
| const char * | ggz_tls_support_name (void) |
| Name of the TLS implementation. | |
| int | ggz_tls_enable_fd (int fdes, GGZTLSType whoami, GGZTLSVerificationType verify) |
| Enable TLS for a file descriptor. | |
| int | ggz_tls_disable_fd (int fdes) |
| Disable TLS for a file descriptor. | |
| size_t | ggz_tls_write (int fd, void *ptr, size_t n) |
| Write some bytes to a secured file descriptor. | |
| size_t | ggz_tls_read (int fd, void *ptr, size_t n) |
| Read from a secured file descriptor. | |
Encryption functions use gcrypt, and will always fail if support for gcrypt has not been compiled in. Encoding functions will always be available.
| enum GGZTLSType |
TLS operation mode.
Hints whether the TLS handshake will happen in either client or server mode.
TLS verification type.
The authentication (verification) model to be used for the handshake. None means that no certificate is validated.
| hash_t ggz_hash_create | ( | const char * | algo, | |
| const char * | text | |||
| ) |
Create a hash over a text.
A hash sum over a given text is created, using the given algorithm. Space is allocated as needed.
| algo | The algorithm, like md5 or sha1 | |
| text | Plain text used to calculate the hash sum |
| hash_t ggz_hmac_create | ( | const char * | algo, | |
| const char * | text, | |||
| const char * | secret | |||
| ) |
Create a HMAC hash over a text.
Creates a hash sum using a secret key. Space is allocated as needed and must be freed afterwards.
| algo | The algorithm to use, like md5 or sha1 | |
| text | Plain text used to calculate the hash sum | |
| secret | Secret key to be used for the HMAC creation |
| char* ggz_base16_encode | ( | const char * | text, | |
| int | length | |||
| ) |
Encodes text to base16.
Plain text with possibly unsafe characters is converted to the base16 (hex) format through this function. The returned string is allocated internally and must be freed.
| text | Plain text to encode | |
| length | Length of the text (which may contain binary characters), in bytes |
| char* ggz_base64_encode | ( | const char * | text, | |
| int | length | |||
| ) |
Encodes text to base64.
Plain text with possibly unsafe characters is converted to the base64 format through this function. The returned string is allocated internally and must be freed.
| text | Plain text to encode | |
| length | Length of the text (which may contain binary characters), in bytes |
| char* ggz_base64_decode | ( | const char * | text, | |
| int | length | |||
| ) |
Decodes text from base64.
This is the reverse function to ggz_base64_encode(). It will also allocate space as needed.
| text | Text in base64 format | |
| length | Length of the text, in bytes |
| void ggz_tls_init | ( | const char * | certfile, | |
| const char * | keyfile, | |||
| const char * | password | |||
| ) |
Initialize TLS support on the server side.
This function sets up the necessary initialization values. It must be called by both the client and the server before any other TLS operations can take place. The client can pass NULL values for all parameters.
| certfile | File containing the certificate, or NULL | |
| keyfile | File containing the private key, or NULL | |
| password | Password to the private key, or NULL |
| int ggz_tls_support_query | ( | void | ) |
Check TLS support.
Checks if real TLS support is available or communication will fall back to unencrypted connections. Even in the case of support, individual connections might still be unencrypted if the handshake fails.
| const char* ggz_tls_support_name | ( | void | ) |
Name of the TLS implementation.
Returns the name of the TLS layer implementation used to encrypt connections.
| int ggz_tls_enable_fd | ( | int | fdes, | |
| GGZTLSType | whoami, | |||
| GGZTLSVerificationType | verify | |||
| ) |
Enable TLS for a file descriptor.
A TLS handshake is performed for an existing connection on the given file descriptor. On success, all consecutive data will be encrypted.
| fdes | File descriptor in question | |
| whoami | Operation mode (client or server) | |
| verify | Verification mode |
| int ggz_tls_disable_fd | ( | int | fdes | ) |
Disable TLS for a file descriptor.
An existing TLS connection is reset to a normal connection on which all communication happens without encryption.
| fdes | File descriptor in question |
| size_t ggz_tls_write | ( | int | fd, | |
| void * | ptr, | |||
| size_t | n | |||
| ) |
Write some bytes to a secured file descriptor.
This function acts as a TLS-aware wrapper for write(2).
| fd | File descriptor to use | |
| ptr | Pointer to the data to write | |
| n | Length of the data to write, in bytes |
| size_t ggz_tls_read | ( | int | fd, | |
| void * | ptr, | |||
| size_t | n | |||
| ) |
Read from a secured file descriptor.
This function acts as a TLS-aware wrapper for read(2).
| fd | File descriptor to use | |
| ptr | Pointer to a buffer to store the data into | |
| n | Number of bytes to read, and minimum size of the buffer |
1.5.1