src/corosio/src/tls/context.cpp
23.9% Lines (27/113)
33.3% Functions (9/27)
10.0% Branches (5/50)
| Line | Branch | TLA | Hits | Source Code |
|---|---|---|---|---|
| 1 | // | |||
| 2 | // Copyright (c) 2025 Vinnie Falco ([email protected]) | |||
| 3 | // Copyright (c) 2026 Steve Gerbino | |||
| 4 | // | |||
| 5 | // Distributed under the Boost Software License, Version 1.0. (See accompanying | |||
| 6 | // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) | |||
| 7 | // | |||
| 8 | // Official repository: https://github.com/cppalliance/corosio | |||
| 9 | // | |||
| 10 | ||||
| 11 | #include <boost/corosio/tls_context.hpp> | |||
| 12 | #include "detail/context_impl.hpp" | |||
| 13 | ||||
| 14 | #include <cerrno> | |||
| 15 | #include <fstream> | |||
| 16 | #include <sstream> | |||
| 17 | ||||
| 18 | namespace boost::corosio { | |||
| 19 | ||||
| 20 | 2166 | tls_context::tls_context() : impl_(std::make_shared<impl>()) {} | ||
| 21 | ||||
| 22 | // | |||
| 23 | // Credential Loading | |||
| 24 | // | |||
| 25 | ||||
| 26 | std::error_code | |||
| 27 | 1084 | tls_context::use_certificate( | ||
| 28 | std::string_view certificate, tls_file_format format) | |||
| 29 | { | |||
| 30 |
1/1✓ Branch 4 → 5 taken 1084 times.
|
1084 | impl_->entity_certificate = std::string(certificate); | |
| 31 | 1084 | impl_->entity_cert_format = format; | ||
| 32 | 1084 | return {}; | ||
| 33 | } | |||
| 34 | ||||
| 35 | std::error_code | |||
| 36 | ✗ | tls_context::use_certificate_file( | ||
| 37 | std::string_view filename, tls_file_format format) | |||
| 38 | { | |||
| 39 | ✗ | std::ifstream file(std::string(filename), std::ios::binary); | ||
| 40 | ✗ | if (!file) | ||
| 41 | ✗ | return std::error_code(ENOENT, std::generic_category()); | ||
| 42 | ||||
| 43 | ✗ | std::ostringstream ss; | ||
| 44 | ✗ | ss << file.rdbuf(); | ||
| 45 | ✗ | impl_->entity_certificate = ss.str(); | ||
| 46 | ✗ | impl_->entity_cert_format = format; | ||
| 47 | ✗ | return {}; | ||
| 48 | ✗ | } | ||
| 49 | ||||
| 50 | std::error_code | |||
| 51 | 1 | tls_context::use_certificate_chain(std::string_view chain) | ||
| 52 | { | |||
| 53 |
1/1✓ Branch 4 → 5 taken 1 time.
|
1 | impl_->certificate_chain = std::string(chain); | |
| 54 | 1 | return {}; | ||
| 55 | } | |||
| 56 | ||||
| 57 | std::error_code | |||
| 58 | ✗ | tls_context::use_certificate_chain_file(std::string_view filename) | ||
| 59 | { | |||
| 60 | ✗ | std::ifstream file(std::string(filename), std::ios::binary); | ||
| 61 | ✗ | if (!file) | ||
| 62 | ✗ | return std::error_code(ENOENT, std::generic_category()); | ||
| 63 | ||||
| 64 | ✗ | std::ostringstream ss; | ||
| 65 | ✗ | ss << file.rdbuf(); | ||
| 66 | ✗ | impl_->certificate_chain = ss.str(); | ||
| 67 | ✗ | return {}; | ||
| 68 | ✗ | } | ||
| 69 | ||||
| 70 | std::error_code | |||
| 71 | 1085 | tls_context::use_private_key( | ||
| 72 | std::string_view private_key, tls_file_format format) | |||
| 73 | { | |||
| 74 |
1/1✓ Branch 4 → 5 taken 1085 times.
|
1085 | impl_->private_key = std::string(private_key); | |
| 75 | 1085 | impl_->private_key_format = format; | ||
| 76 | 1085 | return {}; | ||
| 77 | } | |||
| 78 | ||||
| 79 | std::error_code | |||
| 80 | ✗ | tls_context::use_private_key_file( | ||
| 81 | std::string_view filename, tls_file_format format) | |||
| 82 | { | |||
| 83 | ✗ | std::ifstream file(std::string(filename), std::ios::binary); | ||
| 84 | ✗ | if (!file) | ||
| 85 | ✗ | return std::error_code(ENOENT, std::generic_category()); | ||
| 86 | ||||
| 87 | ✗ | std::ostringstream ss; | ||
| 88 | ✗ | ss << file.rdbuf(); | ||
| 89 | ✗ | impl_->private_key = ss.str(); | ||
| 90 | ✗ | impl_->private_key_format = format; | ||
| 91 | ✗ | return {}; | ||
| 92 | ✗ | } | ||
| 93 | ||||
| 94 | std::error_code | |||
| 95 | ✗ | tls_context::use_pkcs12( | ||
| 96 | std::string_view /*data*/, std::string_view /*passphrase*/) | |||
| 97 | { | |||
| 98 | // TODO: Implement PKCS#12 parsing | |||
| 99 | ✗ | return std::make_error_code(std::errc::function_not_supported); | ||
| 100 | } | |||
| 101 | ||||
| 102 | std::error_code | |||
| 103 | ✗ | tls_context::use_pkcs12_file( | ||
| 104 | std::string_view /*filename*/, std::string_view /*passphrase*/) | |||
| 105 | { | |||
| 106 | // TODO: Implement PKCS#12 file loading | |||
| 107 | ✗ | return std::make_error_code(std::errc::function_not_supported); | ||
| 108 | } | |||
| 109 | ||||
| 110 | // | |||
| 111 | // Trust Anchors | |||
| 112 | // | |||
| 113 | ||||
| 114 | std::error_code | |||
| 115 | 1093 | tls_context::add_certificate_authority(std::string_view ca) | ||
| 116 | { | |||
| 117 | 1093 | impl_->ca_certificates.emplace_back(ca); | ||
| 118 | 1093 | return {}; | ||
| 119 | } | |||
| 120 | ||||
| 121 | std::error_code | |||
| 122 | ✗ | tls_context::load_verify_file(std::string_view filename) | ||
| 123 | { | |||
| 124 | ✗ | std::ifstream file(std::string(filename), std::ios::binary); | ||
| 125 | ✗ | if (!file) | ||
| 126 | ✗ | return std::error_code(ENOENT, std::generic_category()); | ||
| 127 | ||||
| 128 | ✗ | std::ostringstream ss; | ||
| 129 | ✗ | ss << file.rdbuf(); | ||
| 130 | ✗ | impl_->ca_certificates.push_back(ss.str()); | ||
| 131 | ✗ | return {}; | ||
| 132 | ✗ | } | ||
| 133 | ||||
| 134 | std::error_code | |||
| 135 | ✗ | tls_context::add_verify_path(std::string_view path) | ||
| 136 | { | |||
| 137 | ✗ | impl_->verify_paths.emplace_back(path); | ||
| 138 | ✗ | return {}; | ||
| 139 | } | |||
| 140 | ||||
| 141 | std::error_code | |||
| 142 | ✗ | tls_context::set_default_verify_paths() | ||
| 143 | { | |||
| 144 | ✗ | impl_->use_default_verify_paths = true; | ||
| 145 | ✗ | return {}; | ||
| 146 | } | |||
| 147 | ||||
| 148 | // | |||
| 149 | // Protocol Configuration | |||
| 150 | // | |||
| 151 | ||||
| 152 | std::error_code | |||
| 153 | ✗ | tls_context::set_min_protocol_version(tls_version v) | ||
| 154 | { | |||
| 155 | ✗ | impl_->min_version = v; | ||
| 156 | ✗ | return {}; | ||
| 157 | } | |||
| 158 | ||||
| 159 | std::error_code | |||
| 160 | ✗ | tls_context::set_max_protocol_version(tls_version v) | ||
| 161 | { | |||
| 162 | ✗ | impl_->max_version = v; | ||
| 163 | ✗ | return {}; | ||
| 164 | } | |||
| 165 | ||||
| 166 | std::error_code | |||
| 167 | 5 | tls_context::set_ciphersuites(std::string_view ciphers) | ||
| 168 | { | |||
| 169 |
1/1✓ Branch 4 → 5 taken 5 times.
|
5 | impl_->ciphersuites = std::string(ciphers); | |
| 170 | 5 | return {}; | ||
| 171 | } | |||
| 172 | ||||
| 173 | std::error_code | |||
| 174 | ✗ | tls_context::set_alpn(std::initializer_list<std::string_view> protocols) | ||
| 175 | { | |||
| 176 | ✗ | impl_->alpn_protocols.clear(); | ||
| 177 | ✗ | for (auto const& p : protocols) | ||
| 178 | ✗ | impl_->alpn_protocols.emplace_back(p); | ||
| 179 | ✗ | return {}; | ||
| 180 | } | |||
| 181 | ||||
| 182 | // | |||
| 183 | // Certificate Verification | |||
| 184 | // | |||
| 185 | ||||
| 186 | std::error_code | |||
| 187 | 2165 | tls_context::set_verify_mode(tls_verify_mode mode) | ||
| 188 | { | |||
| 189 | 2165 | impl_->verification_mode = mode; | ||
| 190 | 2165 | return {}; | ||
| 191 | } | |||
| 192 | ||||
| 193 | std::error_code | |||
| 194 | ✗ | tls_context::set_verify_depth(int depth) | ||
| 195 | { | |||
| 196 | ✗ | impl_->verify_depth = depth; | ||
| 197 | ✗ | return {}; | ||
| 198 | } | |||
| 199 | ||||
| 200 | void | |||
| 201 | 4 | tls_context::set_hostname(std::string_view hostname) | ||
| 202 | { | |||
| 203 |
1/1✓ Branch 4 → 5 taken 4 times.
|
4 | impl_->hostname = std::string(hostname); | |
| 204 | 4 | } | ||
| 205 | ||||
| 206 | void | |||
| 207 | 2 | tls_context::set_servername_callback_impl( | ||
| 208 | std::function<bool(std::string_view)> callback) | |||
| 209 | { | |||
| 210 | 2 | impl_->servername_callback = std::move(callback); | ||
| 211 | 2 | } | ||
| 212 | ||||
| 213 | void | |||
| 214 | ✗ | tls_context::set_password_callback_impl( | ||
| 215 | std::function<std::string(std::size_t, tls_password_purpose)> callback) | |||
| 216 | { | |||
| 217 | ✗ | impl_->password_callback = std::move(callback); | ||
| 218 | ✗ | } | ||
| 219 | ||||
| 220 | // | |||
| 221 | // Revocation Checking | |||
| 222 | // | |||
| 223 | ||||
| 224 | std::error_code | |||
| 225 | ✗ | tls_context::add_crl(std::string_view crl) | ||
| 226 | { | |||
| 227 | ✗ | impl_->crls.emplace_back(crl); | ||
| 228 | ✗ | return {}; | ||
| 229 | } | |||
| 230 | ||||
| 231 | std::error_code | |||
| 232 | ✗ | tls_context::add_crl_file(std::string_view filename) | ||
| 233 | { | |||
| 234 | ✗ | std::ifstream file(std::string(filename), std::ios::binary); | ||
| 235 | ✗ | if (!file) | ||
| 236 | ✗ | return std::error_code(ENOENT, std::generic_category()); | ||
| 237 | ||||
| 238 | ✗ | std::ostringstream ss; | ||
| 239 | ✗ | ss << file.rdbuf(); | ||
| 240 | ✗ | impl_->crls.push_back(ss.str()); | ||
| 241 | ✗ | return {}; | ||
| 242 | ✗ | } | ||
| 243 | ||||
| 244 | std::error_code | |||
| 245 | ✗ | tls_context::set_ocsp_staple(std::string_view response) | ||
| 246 | { | |||
| 247 | ✗ | impl_->ocsp_staple = std::string(response); | ||
| 248 | ✗ | return {}; | ||
| 249 | } | |||
| 250 | ||||
| 251 | void | |||
| 252 | ✗ | tls_context::set_require_ocsp_staple(bool require) | ||
| 253 | { | |||
| 254 | ✗ | impl_->require_ocsp_staple = require; | ||
| 255 | ✗ | } | ||
| 256 | ||||
| 257 | void | |||
| 258 | ✗ | tls_context::set_revocation_policy(tls_revocation_policy policy) | ||
| 259 | { | |||
| 260 | ✗ | impl_->revocation = policy; | ||
| 261 | ✗ | } | ||
| 262 | ||||
| 263 | } // namespace boost::corosio | |||
| 264 |