Concepts
The following concepts are important to understanding the features described in this guide.
*Certificate
A certificate is a data structure that identifies an entity (person or computer) by establishing a binding between that entity and a public key. A certificate is digitally signed by a certificate authority who ensures that the public key contained in the certificate actually belongs to the owner of the certificate.
The international standard ITU X.509 (see http://www.itu.int/rec/T-REC-X.509 ) International Telecommunications Union (ITU) defines certificate standards. A certificate contains:
*The name of the entity that receives the certificate (the subject of the certificate)
*The name of the entity that issues the certificate (the issuer of the certificate)
*The public key of the subject
*Validity information
*A digital signature ensuring the integrity of the information in the certificate
*Client and Server Authentication
Client and Server authentication means verifying the identity of both the server and the client. The server and the client each have their own lists of trusted certificates, as well as their own key pairs and certificates.
*Communication Adapter Layer
The Communication Adapter Layer, a component of the Secure Sockets package, gives you full control over the features of a specific protocol. This layer includes C++ adapters that encapsulate familiar network communication C APIs inside a C++ interface, the classes RWSocket and RWSecureSocket, and the address adapters, such as RWInetAddr.
*Communication Services Layer
The Communication Services Layer is part of the Rogue Wave Networking package. It uses the Portal Layer classes. Any class derived from RWPortal can use the classes provided by this layer. The Communication Services Layer includes RWPortalIStream and RWPortalOstream, which have an interface to network streams that is like iostreams.
*Multithread Levels
*Multithread Level 0 (Unsafe)
An unsafe routine, class or library is not safe to use in a multithreaded application unless the application arranges for only one thread at a time to access or execute within a routine, class or library. Unsafe routines, classes, or libraries often contain global and static data that is not protected. Unsafe libraries or classes may contain some routines that are safe, but the library or class as a whole has been deemed to be unsafe.
*Multithread Level 1 (Safe)
A safe routine, class, or library may be accessed or executed from within a multithreaded application. Safe objects are reentrant and protect their internal global or static data from multithreaded corruption. A safe object does not necessarily support any concurrency. A safe routine, class, or library may require users to provide their own global or local locking and unlocking of objects in order to achieve some level of concurrency. This level of thread safety is sometimes referred to as MT-safe: level 1.
*Multithread Level 2 (Thread-Safe)
An MT-safe routine, class, or library is fully prepared for multithreaded access and execution. MT-safe objects are reentrant, protect their internal global or static data, and provide a reasonable level of concurrency. An MT-safe class or library implies that individual operations may be performed safely without user locking or unlocking in situations where several individual operations must be combined and treated as a single atomic operation (testing for, and reading the contents of a queue, for example). This level of thread safety is sometimes referred to as MT-Safe: level 2.
*Portal Layer
The Portal Layer is an interface to the underlying communication services. It includes automatic closing of the service when it is no longer referenced.
*Portal
Portals open and close connections. They are based on the handle-body paradigm, which means that resource management is handled automatically. The channel remains open as long as at least one handle remains.
*Private and Public Keys
In asymmetric key cryptography, the public key is used for encryption, and the private key is used for decryption. The private key must be protected to ensure the security of the system.
*Random Number Generator (RNG) and Pseudo-random Number Generator (PRNG)
The portion of the underlying cryptographic library responsible for producing a sequence of pseudo-random numbers from a given seed value.
*Server Authentication
Verifying the identity of a server. Each client has a list of trusted certificates, and the server has its own key pair and certificate.