9#ifndef rtitls_openssl_h
10#define rtitls_openssl_h
13 #include "rtitls/rtitls_dll.h"
16 #ifndef dds_c_infrastructure_h
17 #include "dds_c/dds_c_infrastructure.h"
22 #define X509_STORE_CTX void
52 (
int preverify_ok, X509_STORE_CTX *x509_ctx);
273 const char **engine_pre_cmd_names, **engine_pre_cmd_parameters;
276 const char **engine_post_cmd_names, **engine_post_cmd_parameters;
282struct RTITLS_Renegotiate {
306 RTITLS_PROTOCOL_TLS = 0,
307 RTITLS_PROTOCOL_DTLS = 1
323 struct RTITLS_Renegotiate renegotiate;
331#define RTITLS_VERIFY_DEFAULT { \
342#define RTITLS_IDENTITY_DEFAULT { \
353#define RTITLS_CIPHER_LIST_DEFAULT "AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH"
357#define RTITLS_CIPHER_LIST_ENCRYPT_HIGH "AES:ALL:!aNULL:!eNULL:!LOW:!EXP:+RC4:@STRENGTH"
361#define RTITLS_CIPHER_LIST_UNENCRYPTED "aNULL"
368#define RTITLS_CIPHER_DEFAULT { \
381#define RTITLS_RENEGOTIATE_DEFAULT { \
382 DDS_DURATION_INFINITE_VALUE, \
384 DDS_DURATION_INFINITE_VALUE }
391#define RTITLS_OPENSSL_CONFIGURATION_DEFAULT { \
392 RTITLS_VERIFY_DEFAULT, \
393 RTITLS_IDENTITY_DEFAULT, \
394 RTITLS_CIPHER_DEFAULT, \
395 RTITLS_RENEGOTIATE_DEFAULT }
400extern RTITLSDllExport
422#if defined(RTI_OPENSSL_ARCHITECTURE) || defined(RTI_OPENSSL3_ARCHITECTURE)
426extern RTITLSDllExport
427int RTITLS_configuration_verify(
431extern RTITLSDllExport
432SSL_CTX *RTITLS_context_init(
433 RTITLS_Protocol_t protocol,
437extern RTITLSDllExport
438void RTITLS_context_done(SSL_CTX *context);
RTICdrUnsignedLong DDS_UnsignedLong
int RTITLS_verbose_verify_callback(int ok, X509_STORE_CTX *store)
Verbose verify callback: log information about successful verification as well as errors when verific...
int RTITLS_default_verify_callback(int ok, X509_STORE_CTX *store)
Default verify callback: log errors when verification fails.
void RTITLS_thread_exit(void)
clean up OpenSSL resources for current thread (call before exit)
int(* RTITLS_Verify_Callback)(int preverify_ok, X509_STORE_CTX *x509_ctx)
Callback used to verify peer certificates.
Definition: rtitls_openssl.h:52
Set of TLS properties for cipher configuration.
Definition: rtitls_openssl.h:221
char * cipher_list
List of available TLS ciphers for TLS 1.2 or below.
Definition: rtitls_openssl.h:232
DDS_Long dh_param_files_length
Number of DH key files supplied.
Definition: rtitls_openssl.h:249
char * engine_id
ID of OpenSSL cipher engine to request.
Definition: rtitls_openssl.h:269
char * ciphersuites
List of available TLS ciphersuites for TLS 1.3 or below.
Definition: rtitls_openssl.h:241
struct RTITLS_DHParamFile * dh_param_files
List of available DH key files.
Definition: rtitls_openssl.h:263
Name of a Diffie-Helman (DH) key file and the length of the contained key in bits.
Definition: rtitls_openssl.h:204
char * file
Name of DH key file.
Definition: rtitls_openssl.h:209
DDS_Long bits
Length of DH key in bits.
Definition: rtitls_openssl.h:215
Set of TLS properties for identity.
Definition: rtitls_openssl.h:127
char * private_key_password
Password for private key.
Definition: rtitls_openssl.h:159
char * certificate_chain_file
File containing identifying certificate (in PEM format) or certificate chain (appending intermediate ...
Definition: rtitls_openssl.h:153
char * rsa_private_key
String containing additional RSA private key (in PEM format)
Definition: rtitls_openssl.h:188
char * rsa_private_key_file
File containing additional RSA private key (in PEM format)
Definition: rtitls_openssl.h:197
char * certificate_chain
String containing identifying certificate (in PEM format) or certificate chain (appending intermediat...
Definition: rtitls_openssl.h:138
char * private_key
String containing private key (in PEM format)
Definition: rtitls_openssl.h:169
char * private_key_file
File containing private key (in PEM format)
Definition: rtitls_openssl.h:179
Full set of TLS properties.
Definition: rtitls_openssl.h:315
struct RTITLS_Identity identity
Identity properties.
Definition: rtitls_openssl.h:319
struct RTITLS_Ciphers cipher
Cipher properties.
Definition: rtitls_openssl.h:321
struct RTITLS_Verification verify
Verification properties.
Definition: rtitls_openssl.h:317
Set of TLS properties for certificate authorities (CAs) and verification.
Definition: rtitls_openssl.h:57
char * ca_file
Name of file containing Certificate Authority certificates.
Definition: rtitls_openssl.h:69
DDS_Long verify_depth
Maximum certificate chain length for verification.
Definition: rtitls_openssl.h:102
RTITLS_Verify_Callback callback
Callback used to verify peer certificates.
Definition: rtitls_openssl.h:113
char * crl_file
Name of file containing Certificate Revocation List.
Definition: rtitls_openssl.h:121
char * ca_path
Paths to directories containing Certificate Authority certificates.
Definition: rtitls_openssl.h:82
char * ca
List of Certificate Authority certificates.
Definition: rtitls_openssl.h:95