search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
mySQL 5.0.11 sources for tomato
[tomato.git] / release / src / router / mysql / extra / yassl / include / cert_wrapper.hpp
blob8be0f3b3e6ac4a9ce4b16859574e90d6eb2def61
1 /*
2 Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; version 2 of the License.
7
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
12
13 You should have received a copy of the GNU General Public License
14 along with this program; see the file COPYING. If not, write to the
15 Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
16 MA 02110-1301 USA.
17 */
18
19
20 /* The certificate wrapper header defines certificate management functions
21 *
22 */
23
24
25 #ifndef yaSSL_CERT_WRAPPER_HPP
26 #define yaSSL_CERT_WRAPPER_HPP
27
28 #ifdef _MSC_VER
29 // disable truncated debug symbols
30 #pragma warning(disable:4786)
31 #endif
32
33
34 #include "yassl_types.hpp" // SignatureAlgorithm
35 #include "buffer.hpp" // input_buffer
36 #include "asn.hpp" // SignerList
37 #include "openssl/ssl.h" // internal and external use
38 #include STL_LIST_FILE
39 #include STL_ALGORITHM_FILE
40
41
42 namespace STL = STL_NAMESPACE;
43
44
45 namespace yaSSL {
46
47 typedef unsigned char opaque;
48 class X509; // forward openSSL type
49
50 using TaoCrypt::SignerList;
51
52 // an x509 version 3 certificate
53 class x509 {
54 uint length_;
55 opaque* buffer_;
56 public:
57 explicit x509(uint sz);
58 ~x509();
59
60 uint get_length() const;
61 const opaque* get_buffer() const;
62 opaque* use_buffer();
63
64 x509(const x509&);
65 x509& operator=(const x509&);
66 private:
67 void Swap(x509&);
68 };
69
70
71 // Certificate Manager keeps a list of the cert chain and public key
72 class CertManager {
73 typedef STL::list<x509*> CertList;
74
75 CertList list_; // self
76 input_buffer privateKey_;
77
78 CertList peerList_; // peer
79 input_buffer peerPublicKey_;
80 X509* peerX509_; // peer's openSSL X509
81
82 SignatureAlgorithm keyType_; // self key type
83 SignatureAlgorithm peerKeyType_; // peer's key type
84
85 SignerList signers_; // decoded CA keys and names
86 // plus verified chained certs
87 bool verifyPeer_;
88 bool verifyNone_; // no error if verify fails
89 bool failNoCert_;
90 bool sendVerify_;
91 VerifyCallback verifyCallback_; // user verify callback
92 public:
93 CertManager();
94 ~CertManager();
95
96 void AddPeerCert(x509* x); // take ownership
97 void CopySelfCert(const x509* x);
98 int CopyCaCert(const x509* x);
99 int Validate();
100
101 int SetPrivateKey(const x509&);
102
103 const x509* get_cert() const;
104 const opaque* get_peerKey() const;
105 const opaque* get_privateKey() const;
106 X509* get_peerX509() const;
107 SignatureAlgorithm get_keyType() const;
108 SignatureAlgorithm get_peerKeyType() const;
109
110 uint get_peerKeyLength() const;
111 uint get_privateKeyLength() const;
112
113 bool verifyPeer() const;
114 bool verifyNone() const;
115 bool failNoCert() const;
116 bool sendVerify() const;
117
118 void setVerifyPeer();
119 void setVerifyNone();
120 void setFailNoCert();
121 void setSendVerify();
122 void setPeerX509(X509*);
123 void setVerifyCallback(VerifyCallback);
124 private:
125 CertManager(const CertManager&); // hide copy
126 CertManager& operator=(const CertManager&); // and assign
127 };
128
129
130 } // naemspace
131
132 #endif // yaSSL_CERT_WRAPPER_HPP
Tomato firmware and modifications.