Class TCustomSSL
Unit
blcksock
Declaration
type TCustomSSL = class(TObject)
Description
Parent class for all SSL plugins.
This is abstract class defining interface for other SSL plugins.
Instance of this class will be created for each TTCPBlockSocket.
Warning: not all methods and propertis can work in all existing SSL plugins! Please, read documentation of used SSL plugin.
Hierarchy
Overview
Methods
Properties
 |
property SSLEnabled: Boolean read FSSLEnabled; |
|
property LastError: integer read FLastError; |
|
property LastErrorDesc: string read FLastErrorDesc; |
 |
property SSLType: TSSLType read FSSLType write FSSLType; |
|
property KeyPassword: string read FKeyPassword write FKeyPassword; |
|
property Username: string read FUsername write FUsername; |
|
property Password: string read FPassword write FPassword; |
|
property Ciphers: string read FCiphers write FCiphers; |
|
property CertificateFile: string read FCertificateFile write FCertificateFile; |
|
property PrivateKeyFile: string read FPrivateKeyFile write FPrivateKeyFile; |
|
property Certificate: Ansistring read FCertificate write FCertificate; |
|
property PrivateKey: Ansistring read FPrivateKey write FPrivateKey; |
|
property PFX: Ansistring read FPFX write FPFX; |
|
property PFXfile: string read FPFXfile write FPFXfile; |
|
property TrustCertificateFile: string read FTrustCertificateFile write FTrustCertificateFile; |
|
property TrustCertificate: Ansistring read FTrustCertificate write FTrustCertificate; |
|
property CertCA: Ansistring read FCertCA write FCertCA; |
|
property CertCAFile: string read FCertCAFile write SetCertCAFile; |
|
property VerifyCert: Boolean read FVerifyCert write FVerifyCert; |
|
property SSHChannelType: string read FSSHChannelType write FSSHChannelType; |
|
property SSHChannelArg1: string read FSSHChannelArg1 write FSSHChannelArg1; |
|
property SSHChannelArg2: string read FSSHChannelArg2 write FSSHChannelArg2; |
|
property CertComplianceLevel: integer read FCertComplianceLevel write FCertComplianceLevel; |
|
property OnVerifyCert: THookVerifyCert read FOnVerifyCert write FOnVerifyCert; |
|
property SNIHost: string read FSNIHost write FSNIHost; |
Description
Methods
Create plugin class. it is called internally from TTCPBlockSocket
|
procedure Assign(const Value: TCustomSSL); virtual; |
Assign settings (certificates and configuration) from another SSL plugin class.
|
function LibVersion: String; virtual; |
return description of used plugin. It usually return name and version of used SSL library.
|
function LibName: String; virtual; |
return name of used plugin.
|
function Connect: boolean; virtual; |
Do not call this directly. It is used internally by TTCPBlockSocket!
Here is needed code for start SSL connection.
|
function Accept: boolean; virtual; |
Do not call this directly. It is used internally by TTCPBlockSocket!
Here is needed code for acept new SSL connection.
|
function Shutdown: boolean; virtual; |
Do not call this directly. It is used internally by TTCPBlockSocket!
Here is needed code for hard shutdown of SSL connection. (for example, before socket is closed)
|
function BiShutdown: boolean; virtual; |
Do not call this directly. It is used internally by TTCPBlockSocket!
Here is needed code for soft shutdown of SSL connection. (for example, when you need to continue with unprotected connection.)
|
function SendBuffer(Buffer: TMemory; Len: Integer): Integer; virtual; |
Do not call this directly. It is used internally by TTCPBlockSocket!
Here is needed code for sending some datas by SSL connection.
|
function RecvBuffer(Buffer: TMemory; Len: Integer): Integer; virtual; |
Do not call this directly. It is used internally by TTCPBlockSocket!
Here is needed code for receiving some datas by SSL connection.
|
function WaitingData: Integer; virtual; |
Do not call this directly. It is used internally by TTCPBlockSocket!
Here is needed code for getting count of datas what waiting for read. If SSL plugin not allows this, then it should return 0.
|
function GetSSLVersion: string; virtual; |
Return string with identificator of SSL/TLS version of existing connection.
|
function GetPeerSubject: string; virtual; |
Return subject of remote SSL peer.
|
function GetPeerSerialNo: integer; virtual; |
Return Serial number if remote X509 certificate.
|
function GetPeerIssuer: string; virtual; |
Return issuer certificate of remote SSL peer.
|
function GetPeerName: string; virtual; |
Return peer name from remote side certificate. This is good for verify, if certificate is generated for remote side IP name.
|
function GetPeerNameHash: cardinal; virtual; |
Returns has of peer name from remote side certificate. This is good for fast remote side authentication.
|
function GetPeerFingerprint: string; virtual; |
Return fingerprint of remote SSL peer.
|
function GetCertInfo: string; virtual; |
Return all detailed information about certificate from remote side of SSL/TLS connection. Result string can be multilined! Each plugin can return this informations in different format!
|
function GetCipherName: string; virtual; |
Return currently used Cipher.
|
function GetCipherBits: integer; virtual; |
Return currently used number of bits in current Cipher algorythm.
|
function GetCipherAlgBits: integer; virtual; |
Return number of bits in current Cipher algorythm.
|
function GetVerifyCert: integer; virtual; |
Return result value of verify remote side certificate. Look to OpenSSL documentation for possible values. For example 0 is successfuly verified certificate, or 18 is self-signed certificate.
Properties
|
property SSLEnabled: Boolean read FSSLEnabled; |
Resurn True if SSL mode is enabled on existing cvonnection.
|
property LastError: integer read FLastError; |
Return error code of last SSL operation. 0 is OK.
|
property LastErrorDesc: string read FLastErrorDesc; |
Return error description of last SSL operation.
|
property SSLType: TSSLType read FSSLType write FSSLType; |
Here you can specify requested SSL/TLS mode. Default is autodetection, but on some servers autodetection not working properly. In this case you must specify requested SSL/TLS mode by your hand!
|
property KeyPassword: string read FKeyPassword write FKeyPassword; |
Password for decrypting of encoded certificate or key.
|
property Username: string read FUsername write FUsername; |
Username for possible credentials.
|
property Password: string read FPassword write FPassword; |
password for possible credentials.
|
property Ciphers: string read FCiphers write FCiphers; |
By this property you can modify default set of SSL/TLS ciphers.
|
property CertificateFile: string read FCertificateFile write FCertificateFile; |
Used for loading certificate from disk file. See to plugin documentation if this method is supported and how!
|
property PrivateKeyFile: string read FPrivateKeyFile write FPrivateKeyFile; |
Used for loading private key from disk file. See to plugin documentation if this method is supported and how!
|
property Certificate: Ansistring read FCertificate write FCertificate; |
Used for loading certificate from binary string. See to plugin documentation if this method is supported and how!
|
property PrivateKey: Ansistring read FPrivateKey write FPrivateKey; |
Used for loading private key from binary string. See to plugin documentation if this method is supported and how!
|
property PFX: Ansistring read FPFX write FPFX; |
Used for loading PFX from binary string. See to plugin documentation if this method is supported and how!
|
property PFXfile: string read FPFXfile write FPFXfile; |
Used for loading PFX from disk file. See to plugin documentation if this method is supported and how!
|
property TrustCertificateFile: string read FTrustCertificateFile write FTrustCertificateFile; |
Used for loading trusted certificates from disk file. See to plugin documentation if this method is supported and how!
|
property TrustCertificate: Ansistring read FTrustCertificate write FTrustCertificate; |
Used for loading trusted certificates from binary string. See to plugin documentation if this method is supported and how!
|
property CertCA: Ansistring read FCertCA write FCertCA; |
Used for loading CA certificates from binary string. See to plugin documentation if this method is supported and how!
|
property CertCAFile: string read FCertCAFile write SetCertCAFile; |
Used for loading CA certificates from disk file. See to plugin documentation if this method is supported and how!
|
property VerifyCert: Boolean read FVerifyCert write FVerifyCert; |
If True, then is verified client certificate. (it is good for writing SSL/TLS servers.) When you are not server, but you are client, then if this property is True, verify servers certificate.
|
property SSHChannelType: string read FSSHChannelType write FSSHChannelType; |
channel type for possible SSH connections
|
property SSHChannelArg1: string read FSSHChannelArg1 write FSSHChannelArg1; |
First argument of channel type for possible SSH connections
|
property SSHChannelArg2: string read FSSHChannelArg2 write FSSHChannelArg2; |
Second argument of channel type for possible SSH connections
|
property CertComplianceLevel: integer read FCertComplianceLevel write FCertComplianceLevel; |
Level of standards compliance level (CryptLib: values in cryptlib.pas, -1: use default value )
|
property OnVerifyCert: THookVerifyCert read FOnVerifyCert write FOnVerifyCert; |
This event is called when verifying the server certificate immediatally after a successfull verification in the ssl library.
|
property SNIHost: string read FSNIHost write FSNIHost; |
Server Name Identification. Host name to send to server. If empty the host name found in URL will be used, which should be the normal use (http Header Host = SNI Host). The value is cleared after the connection is established. (SNI support requires OpenSSL 0.9.8k or later. Cryptlib not supported, yet )
Generated by PasDoc 0.9.0 on 2012-04-23 21:38:50