// // Copyright (c) ZeroC, Inc. All rights reserved. // #ifndef ICESSL_SCHANNEL_ENGINE_H #define ICESSL_SCHANNEL_ENGINE_H #ifdef _WIN32 #include #include // // SECURITY_WIN32 or SECURITY_KERNEL, must be defined before including security.h // indicating who is compiling the code. // # ifdef SECURITY_WIN32 # undef SECURITY_WIN32 # endif # ifdef SECURITY_KERNEL # undef SECURITY_KERNEL # endif # define SECURITY_WIN32 1 # include # include # include # undef SECURITY_WIN32 #if defined(__MINGW32__) || (defined(_MSC_VER) && (_MSC_VER <= 1500)) // // Add some definitions missing from MinGW headers. // # ifndef CERT_TRUST_IS_EXPLICIT_DISTRUST # define CERT_TRUST_IS_EXPLICIT_DISTRUST 0x04000000 # endif # ifndef CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT # define CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT 0x08000000 # endif # ifndef SECBUFFER_ALERT # define SECBUFFER_ALERT 17 # endif # ifndef SCH_SEND_ROOT_CERT # define SCH_SEND_ROOT_CERT 0x00040000 # endif # ifndef SP_PROT_TLS1_1_SERVER # define SP_PROT_TLS1_1_SERVER 0x00000100 # endif # ifndef SP_PROT_TLS1_1_CLIENT # define SP_PROT_TLS1_1_CLIENT 0x00000200 # endif # ifndef SP_PROT_TLS1_2_SERVER # define SP_PROT_TLS1_2_SERVER 0x00000400 # endif # ifndef SP_PROT_TLS1_2_CLIENT # define SP_PROT_TLS1_2_CLIENT 0x00000800 # endif #endif namespace IceSSL { namespace SChannel { class SSLEngine : public IceSSL::SSLEngine { public: SSLEngine(const Ice::CommunicatorPtr&); // // Setup the engine. // virtual void initialize(); virtual IceInternal::TransceiverPtr createTransceiver(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool); // // Destroy the engine. // virtual void destroy(); std::string getCipherName(ALG_ID) const; CredHandle newCredentialsHandle(bool); HCERTCHAINENGINE chainEngine() const; private: void parseCiphers(const std::string&); std::vector _allCerts; std::vector _importedCerts; DWORD _protocols; std::vector _stores; HCERTSTORE _rootStore; HCERTCHAINENGINE _chainEngine; std::vector _ciphers; const bool _strongCrypto; }; } } #endif #endif