Rhombus SSL:   Secure Communication
On this page:
Context
Context.Client
Context.Server
Context.Client
Context.Server
Context.load_  verify_  source
Context.Verify  Source
Context.Verify  Source.default
Context.Verify  Source.file
Context.Verify  Source.directory
Context.Verify  Source.win_  store
Context.Verify  Source.mac_  keychain
Context.Verify  Source.handle
Context.load_  private_  key
Context.Private  Key
Context.Private  Key.pem
Context.Private  Key.pem_  bytes
Context.Private  Key.der
Context.Private  Key.handle
Context.Key  Kind
Context.Key  Kind.rsa
Context.Key  Kind.any
Context.load_  certificate_  chain
Context.load_  suggested_  certificate_  authorities
Context.set_  verify
Context.set_  verify_  hostname
Context.Verify  Mode
Context.Verify  Mode.never
Context.Verify  Mode.try
Context.Verify  Mode.always
Context.set_  ciphers
Context.Server.set_  server_  alpn
Context.seal
  top  contents    up  next → 

4 Secure Contexts🔗ℹ

annotation

ssl.Context

 

annotation

ssl.Context.Client

 

annotation

ssl.Context.Server

 

function

fun ssl.Context.Client(~secure: secure = #true)

  :: ssl.Context.Client

 

function

fun ssl.Context.Server(

  ~private_key: private_key :: maybe(ssl.Context.PrivateKey) = #false,

  ~certificate_chain: certificate_chain :: maybe(Path) = #false

) :: ssl.Context.Server

A ssl.Context represents a security configuration for an SSL connection. A ssl.Context.Client context must be used for a client connection, while a ssl.Context.Client context is for a server listener.

If secure is true for ssl.Context.Client, the resulting context is sealed in the sense of ssl.Context.seal, and it is configured for peer certificate and hostname verification.

Non-#false arguments passed to ssl.Context.Server correspond to calling ssl.Context.load_private_key and ssl.Context.load_certificate_chain on the created context, respectively.

method

method (ctx :: ssl.Context).load_verify_source(

  src :: PathString || ssl.Context.VerifySource

)

 

annotation

ssl.Context.VerifySource

 

function

fun ssl.Context.VerifySource.default()

  :: ssl.Context.VerifySource

 

function

fun ssl.Context.VerifySource.file(path :: PathString)

  :: ssl.Context.VerifySource

 

function

fun ssl.Context.VerifySource.directory(path :: PathString)

  :: ssl.Context.VerifySource

 

function

fun ssl.Context.VerifySource.win_store(bstr :: Bytes)

  :: ssl.Context.VerifySource

 

function

fun ssl.Context.VerifySource.mac_keychain(path :: maybe(PathString))

  :: ssl.Context.VerifySource

 

property

property (vs :: ssl.Context.VerifySource).handle

The ssl.Context.load_verify_source method loads verification sources from src into context. Currently, only certificates are loaded; the certificates are used to verify the certificates of a connection peer. Call this procedure multiple times to load multiple sets of trusted certificates.

The following kinds of verification sources are supported as src:

  • A PathString is equivalent to ssl.Context.VerifySource.file(src).

  • A ssl.Context.VerifySource.default source loads sources, depending on the platform:

    • On Linux, the default sources are determined by the SSL_CERT_FILE and SSL_CERT_DIR environment variables, if the variables are set, or the system-wide default locations otherwise.

    • On Windows, the default sources consist of the system certificate store for root certificates, the same as ssl.Context.VerifySource.win_store("ROOT").

    • On Mac OS, the default sources consist of the OS trust anchor (root) certificates, the same as ssl.Context.VerifySource.mac_keychain(#false).

  • A ssl.Context.VerifySource.file source is treated as a PEM file containing root certificates. The file is loaded immediately.

  • A ssl.Context.VerifySource.directory source should contain PEM files with hashed symbolic links (see the openssl c_rehash utility). The directory contents are not loaded immediately; rather, they are searched only when a certificate needs verification.

  • A ssl.Context.VerifySource.win_store source loads certificates from the name store immediately. Only supported on Windows.

  • A ssl.Context.VerifySource.mac_keychain source loads certificates from the Mac OS keychain stored at the insicated path, or it load from trust anchor (root) certificates (as returned by SecTrustCopyAnchorCertificates) if #false is supplied instead of a path. Only supported on Mac OS.

You can use the file "test.pem" as report by collect.file_path(~collect: "openssl", ~file: "test.pem") for testing purposes. Since "test.pem" is public, such a test configuration obviously provides no security.

method

method (ctx :: ssl.Context).load_private_key(

  key :: PathString || ssl.Context.PrivateKey,

  ~kind: kind :: ssl.Context.KeyKind = #'rsa

)

 

annotation

ssl.Context.PrivateKey

 

function

fun ssl.Context.PrivateKey.pem(path :: PathString)

  :: ssl.Context.PrivateKey

 

function

fun ssl.Context.PrivateKey.pem_bytes(bstr :: Bytes)

  :: ssl.Context.PrivateKey

 

function

fun ssl.Context.PrivateKey.der(path :: PathString)

  :: ssl.Context.PrivateKey

 

property

property (vs :: ssl.Context.PrivateKey).handle

 

enumeration

enum ssl.Context.KeyKind:

  rsa

  any

Loads the first private key from key for the given context. The key goes with the certificate that identifies the client or server. Like ssl.Context.load_certificate_chain, this method is usually used with server contexts or listeners and seldom with client contexts.

If kind is #'rsa (the default), the first RSA key is read (i.e., non-RSA keys are skipped).

The following kinds of key values are supported:

You can use the file "test.pem" as report by collect.file_path(~collect: "openssl", ~file: "test.pem") for testing purposes. Since "test.pem" is public, such a test configuration obviously provides no security.

method

method (ctx :: ssl.Context).load_certificate_chain(

  path :: PathString

)

 

method

method (ctx :: ssl.Context)

  .load_suggested_certificate_authorities(path :: PathString)

The ssl.Context.load_certificate_chain method loads a PEM-format certification chain file for connections. This chain is used to identify the client or server when it connects or accepts connections. Loading a chain overwrites the old chain. Also use ssl.Context.load_private_key to load the certificate’s corresponding key.

The ssl.Context.load_suggested_certificate_authorities method loads a PEM-format file containing certificates that are used by a server. The certificate list is sent to a client when the server requests a certificate as an indication of which certificates the server trusts. Loading the suggested certificates does not imply trust, however; any certificate presented by the client will be checked using the trusted roots loaded via ssl.Context.load_verify_source.

You can use the file "test.pem" as report by collect.file_path(~collect: "openssl", ~file: "test.pem") for testing purposes with either of these methods. Since "test.pem" is public, such a test configuration obviously provides no security.

method

method (ctx :: ssl.Context).set_verify(

  mode :: ssl.Context.VerifyMode = #'always

)

 

method

method (ctx :: ssl.Context).set_verify_hostname(

  mode :: ssl.Context.VerifyMode = #'always

)

 

enumeration

enum ssl.Context.VerifyMode:

  never

  try

  always

The ssl.Context.set_verify method requires certificate verification on the peer SSL connection when mode is #'always. When mode is #'try, then verification is attempted, but a connection is made even when peer certificate verification fails; use ssl.Port.is_peer_verified to determine whether verification succeeded. Verifying the certificate is not sufficient to prevent attacks by active adversaries, such as man-in-the-middle attacks; use ssl.Context.set_verify_hostname in addition.

The ssl.Context.set_verify_hostname method requires hostname verification of SSL peers of connections. When hostname verification is enabled, the hostname associated with a connection is checked against the hostnames listed in the peer’s certificate. If the peer certificate does not contain an entry matching the hostname, the connection fails. Currently, mode as #'try is treated the same as mode as #'always. Hostname verification does not imply certificate verification; to verify the certificate itself, also use ssl.Context.set_verify.

Enabling verification also requires, at a minimum, designating trusted certificate authorities with ssl.Context.load_verify_source.

method

method (ctx :: ssl.Context).set_ciphers(cipher_spec :: String)

Specifies the cipher suites that can be used in connections created with context. The meaning of cipher_spec is the same as for the openssl ciphers command.

method

method (ctx :: ssl.Context.Server).set_server_alpn(

  alpn_protocols :: List.of(Bytes),

  ~allow_no_match: allow_no_match = #true

) :: Void

Sets the ALPN protocols supported by the server context ctx. The protocols are listed within alpn_protocols in order of preference, most-preferred first. That is, when a client connects, the server selects the first protocol in its alpn_protocols that is supported by the client.

If the client does not use ALPN, then the connection is accepted and no protocol is selected. If the client uses ALPN but has no protocols in common with the server, then if allow_no_match is true, the connection is accepted and no protocol is selected; if allow_no_match is #false, then the connection is refused.

method

method (ctx :: ssl.Context).seal() :: Void

Seals ctx, preventing further modifications. After a context is sealed, calling a method such as ssl.Context.set_verify or ssl.Context.load_verify_source throws an exception.

  top  contents    up  next →