Classe TCustomSSL

Descrição
Hierarquia
Campos
Métodos
Propriedades

Unit

blcksock

Declaração

type TCustomSSL = class(TObject)

Descrição

Parent class for all SSL plugins.

This is abstract class defining interface for other SSL plugins.

Instance of this class will be created for each TTCPBlockSocket.

Warning: not all methods and propertis can work in all existing SSL plugins! Please, read documentation of used SSL plugin.

Hierarquia

Visão Geral

Campos

Protected FOnVerifyCert: THookVerifyCert;
Protected FSocket: TTCPBlockSocket;
Protected FSSLEnabled: Boolean;
Protected FLastError: integer;
Protected FLastErrorDesc: string;
Protected FSSLType: TSSLType;
Protected FKeyPassword: string;
Protected FCiphers: string;
Protected FCertificateFile: string;
Protected FPrivateKeyFile: string;
Protected FCertificate: Ansistring;
Protected FPrivateKey: Ansistring;
Protected FPFX: Ansistring;
Protected FPFXfile: string;
Protected FCertCA: Ansistring;
Protected FCertCAFile: string;
Protected FTrustCertificate: Ansistring;
Protected FTrustCertificateFile: string;
Protected FVerifyCert: Boolean;
Protected FUsername: string;
Protected FPassword: string;
Protected FSSHChannelType: string;
Protected FSSHChannelArg1: string;
Protected FSSHChannelArg2: string;
Protected FCertComplianceLevel: integer;
Protected FSNIHost: string;

Métodos

Protected procedure ReturnError;
Protected procedure SetCertCAFile(const Value: string); virtual;
Protected function DoVerifyCert:boolean;
Protected function CreateSelfSignedCert(Host: string): Boolean; virtual;
Public constructor Create(const Value: TTCPBlockSocket); virtual;
Public procedure Assign(const Value: TCustomSSL); virtual;
Public function LibVersion: String; virtual;
Public function LibName: String; virtual;
Public function Connect: boolean; virtual;
Public function Accept: boolean; virtual;
Public function Shutdown: boolean; virtual;
Public function BiShutdown: boolean; virtual;
Public function SendBuffer(Buffer: TMemory; Len: Integer): Integer; virtual;
Public function RecvBuffer(Buffer: TMemory; Len: Integer): Integer; virtual;
Public function WaitingData: Integer; virtual;
Public function GetSSLVersion: string; virtual;
Public function GetPeerSubject: string; virtual;
Public function GetPeerSerialNo: integer; virtual;
Public function GetPeerIssuer: string; virtual;
Public function GetPeerName: string; virtual;
Public function GetPeerNameHash: cardinal; virtual;
Public function GetPeerFingerprint: AnsiString; virtual;
Public function GetCertInfo: string; virtual;
Public function GetCipherName: string; virtual;
Public function GetCipherBits: integer; virtual;
Public function GetCipherAlgBits: integer; virtual;
Public function GetVerifyCert: integer; virtual;

Propriedades

Public property SSLEnabled: Boolean read FSSLEnabled;
Public property LastError: integer read FLastError;
Public property LastErrorDesc: string read FLastErrorDesc;
Published property SSLType: TSSLType read FSSLType write FSSLType;
Published property KeyPassword: string read FKeyPassword write FKeyPassword;
Published property Username: string read FUsername write FUsername;
Published property Password: string read FPassword write FPassword;
Published property Ciphers: string read FCiphers write FCiphers;
Published property CertificateFile: string read FCertificateFile write FCertificateFile;
Published property PrivateKeyFile: string read FPrivateKeyFile write FPrivateKeyFile;
Published property Certificate: Ansistring read FCertificate write FCertificate;
Published property PrivateKey: Ansistring read FPrivateKey write FPrivateKey;
Published property PFX: Ansistring read FPFX write FPFX;
Published property PFXfile: string read FPFXfile write FPFXfile;
Published property TrustCertificateFile: string read FTrustCertificateFile write FTrustCertificateFile;
Published property TrustCertificate: Ansistring read FTrustCertificate write FTrustCertificate;
Published property CertCA: Ansistring read FCertCA write FCertCA;
Published property CertCAFile: string read FCertCAFile write SetCertCAFile;
Published property VerifyCert: Boolean read FVerifyCert write FVerifyCert;
Published property SSHChannelType: string read FSSHChannelType write FSSHChannelType;
Published property SSHChannelArg1: string read FSSHChannelArg1 write FSSHChannelArg1;
Published property SSHChannelArg2: string read FSSHChannelArg2 write FSSHChannelArg2;
Published property CertComplianceLevel: integer read FCertComplianceLevel write FCertComplianceLevel;
Published property OnVerifyCert: THookVerifyCert read FOnVerifyCert write FOnVerifyCert;
Published property SNIHost: string read FSNIHost write FSNIHost;

Descrição

Campos

Protected FOnVerifyCert: THookVerifyCert;
 
Protected FSocket: TTCPBlockSocket;
 
Protected FSSLEnabled: Boolean;
 
Protected FLastError: integer;
 
Protected FLastErrorDesc: string;
 
Protected FSSLType: TSSLType;
 
Protected FKeyPassword: string;
 
Protected FCiphers: string;
 
Protected FCertificateFile: string;
 
Protected FPrivateKeyFile: string;
 
Protected FCertificate: Ansistring;
 
Protected FPrivateKey: Ansistring;
 
Protected FPFX: Ansistring;
 
Protected FPFXfile: string;
 
Protected FCertCA: Ansistring;
 
Protected FCertCAFile: string;
 
Protected FTrustCertificate: Ansistring;
 
Protected FTrustCertificateFile: string;
 
Protected FVerifyCert: Boolean;
 
Protected FUsername: string;
 
Protected FPassword: string;
 
Protected FSSHChannelType: string;
 
Protected FSSHChannelArg1: string;
 
Protected FSSHChannelArg2: string;
 
Protected FCertComplianceLevel: integer;
 
Protected FSNIHost: string;
 

Métodos

Protected procedure ReturnError;
 
Protected procedure SetCertCAFile(const Value: string); virtual;
 
Protected function DoVerifyCert:boolean;
 
Protected function CreateSelfSignedCert(Host: string): Boolean; virtual;
 
Public constructor Create(const Value: TTCPBlockSocket); virtual;

Create plugin class. it is called internally from TTCPBlockSocket

Public procedure Assign(const Value: TCustomSSL); virtual;

Assign settings (certificates and configuration) from another SSL plugin class.

Public function LibVersion: String; virtual;

return description of used plugin. It usually return name and version of used SSL library.

Public function LibName: String; virtual;

return name of used plugin.

Public function Connect: boolean; virtual;

Do not call this directly. It is used internally by TTCPBlockSocket!

Here is needed code for start SSL connection.

Public function Accept: boolean; virtual;

Do not call this directly. It is used internally by TTCPBlockSocket!

Here is needed code for acept new SSL connection.

Public function Shutdown: boolean; virtual;

Do not call this directly. It is used internally by TTCPBlockSocket!

Here is needed code for hard shutdown of SSL connection. (for example, before socket is closed)

Public function BiShutdown: boolean; virtual;

Do not call this directly. It is used internally by TTCPBlockSocket!

Here is needed code for soft shutdown of SSL connection. (for example, when you need to continue with unprotected connection.)

Public function SendBuffer(Buffer: TMemory; Len: Integer): Integer; virtual;

Do not call this directly. It is used internally by TTCPBlockSocket!

Here is needed code for sending some datas by SSL connection.

Public function RecvBuffer(Buffer: TMemory; Len: Integer): Integer; virtual;

Do not call this directly. It is used internally by TTCPBlockSocket!

Here is needed code for receiving some datas by SSL connection.

Public function WaitingData: Integer; virtual;

Do not call this directly. It is used internally by TTCPBlockSocket!

Here is needed code for getting count of datas what waiting for read. If SSL plugin not allows this, then it should return 0.

Public function GetSSLVersion: string; virtual;

Return string with identificator of SSL/TLS version of existing connection.

Public function GetPeerSubject: string; virtual;

Return subject of remote SSL peer.

Public function GetPeerSerialNo: integer; virtual;

Return Serial number if remote X509 certificate.

Public function GetPeerIssuer: string; virtual;

Return issuer certificate of remote SSL peer.

Public function GetPeerName: string; virtual;

Return peer name from remote side certificate. This is good for verify, if certificate is generated for remote side IP name.

Public function GetPeerNameHash: cardinal; virtual;

Returns has of peer name from remote side certificate. This is good for fast remote side authentication.

Public function GetPeerFingerprint: AnsiString; virtual;

Return fingerprint of remote SSL peer. (As binary nonprintable string!)

Public function GetCertInfo: string; virtual;

Return all detailed information about certificate from remote side of SSL/TLS connection. Result string can be multilined! Each plugin can return this informations in different format!

Public function GetCipherName: string; virtual;

Return currently used Cipher.

Public function GetCipherBits: integer; virtual;

Return currently used number of bits in current Cipher algorythm.

Public function GetCipherAlgBits: integer; virtual;

Return number of bits in current Cipher algorythm.

Public function GetVerifyCert: integer; virtual;

Return result value of verify remote side certificate. Look to OpenSSL documentation for possible values. For example 0 is successfuly verified certificate, or 18 is self-signed certificate.

Propriedades

Public property SSLEnabled: Boolean read FSSLEnabled;

Resurn True if SSL mode is enabled on existing cvonnection.

Public property LastError: integer read FLastError;

Return error code of last SSL operation. 0 is OK.

Public property LastErrorDesc: string read FLastErrorDesc;

Return error description of last SSL operation.

Published property SSLType: TSSLType read FSSLType write FSSLType;

Here you can specify requested SSL/TLS mode. Default is autodetection, but on some servers autodetection not working properly. In this case you must specify requested SSL/TLS mode by your hand!

Published property KeyPassword: string read FKeyPassword write FKeyPassword;

Password for decrypting of encoded certificate or key.

Published property Username: string read FUsername write FUsername;

Username for possible credentials.

Published property Password: string read FPassword write FPassword;

password for possible credentials.

Published property Ciphers: string read FCiphers write FCiphers;

By this property you can modify default set of SSL/TLS ciphers.

Published property CertificateFile: string read FCertificateFile write FCertificateFile;

Used for loading certificate from disk file. See to plugin documentation if this method is supported and how!

Published property PrivateKeyFile: string read FPrivateKeyFile write FPrivateKeyFile;

Used for loading private key from disk file. See to plugin documentation if this method is supported and how!

Published property Certificate: Ansistring read FCertificate write FCertificate;

Used for loading certificate from binary string. See to plugin documentation if this method is supported and how!

Published property PrivateKey: Ansistring read FPrivateKey write FPrivateKey;

Used for loading private key from binary string. See to plugin documentation if this method is supported and how!

Published property PFX: Ansistring read FPFX write FPFX;

Used for loading PFX from binary string. See to plugin documentation if this method is supported and how!

Published property PFXfile: string read FPFXfile write FPFXfile;

Used for loading PFX from disk file. See to plugin documentation if this method is supported and how!

Published property TrustCertificateFile: string read FTrustCertificateFile write FTrustCertificateFile;

Used for loading trusted certificates from disk file. See to plugin documentation if this method is supported and how!

Published property TrustCertificate: Ansistring read FTrustCertificate write FTrustCertificate;

Used for loading trusted certificates from binary string. See to plugin documentation if this method is supported and how!

Published property CertCA: Ansistring read FCertCA write FCertCA;

Used for loading CA certificates from binary string. See to plugin documentation if this method is supported and how!

Published property CertCAFile: string read FCertCAFile write SetCertCAFile;

Used for loading CA certificates from disk file. See to plugin documentation if this method is supported and how!

Published property VerifyCert: Boolean read FVerifyCert write FVerifyCert;

If True, then is verified client certificate. (it is good for writing SSL/TLS servers.) When you are not server, but you are client, then if this property is True, verify servers certificate.

Published property SSHChannelType: string read FSSHChannelType write FSSHChannelType;

channel type for possible SSH connections

Published property SSHChannelArg1: string read FSSHChannelArg1 write FSSHChannelArg1;

First argument of channel type for possible SSH connections

Published property SSHChannelArg2: string read FSSHChannelArg2 write FSSHChannelArg2;

Second argument of channel type for possible SSH connections

Published property CertComplianceLevel: integer read FCertComplianceLevel write FCertComplianceLevel;

Level of standards compliance level (CryptLib: values in cryptlib.pas, -1: use default value )

Published property OnVerifyCert: THookVerifyCert read FOnVerifyCert write FOnVerifyCert;

This event is called when verifying the server certificate immediatally after a successfull verification in the ssl library.

Published property SNIHost: string read FSNIHost write FSNIHost;

Server Name Identification. Host name to send to server. If empty the host name found in URL will be used, which should be the normal use (http Header Host = SNI Host). The value is cleared after the connection is established. (SNI support requires OpenSSL 0.9.8k or later. Cryptlib not supported, yet )

Gerado por PasDoc 0.16.0.