2 Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; version 2 of the License.
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
13 You should have received a copy of the GNU General Public License
14 along with this program; see the file COPYING. If not, write to the
15 Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
20 /* The certificate wrapper header defines certificate management functions
25 #ifndef yaSSL_CERT_WRAPPER_HPP
26 #define yaSSL_CERT_WRAPPER_HPP
29 // disable truncated debug symbols
30 #pragma warning(disable:4786)
34 #include "yassl_types.hpp" // SignatureAlgorithm
35 #include "buffer.hpp" // input_buffer
36 #include "asn.hpp" // SignerList
37 #include "openssl/ssl.h" // internal and external use
38 #include STL_LIST_FILE
39 #include STL_ALGORITHM_FILE
42 namespace STL
= STL_NAMESPACE
;
47 typedef unsigned char opaque
;
48 class X509
; // forward openSSL type
50 using TaoCrypt::SignerList
;
52 // an x509 version 3 certificate
57 explicit x509(uint sz
);
60 uint
get_length() const;
61 const opaque
* get_buffer() const;
65 x509
& operator=(const x509
&);
71 // Certificate Manager keeps a list of the cert chain and public key
73 typedef STL::list
<x509
*> CertList
;
75 CertList list_
; // self
76 input_buffer privateKey_
;
78 CertList peerList_
; // peer
79 input_buffer peerPublicKey_
;
80 X509
* peerX509_
; // peer's openSSL X509
82 SignatureAlgorithm keyType_
; // self key type
83 SignatureAlgorithm peerKeyType_
; // peer's key type
85 SignerList signers_
; // decoded CA keys and names
86 // plus verified chained certs
88 bool verifyNone_
; // no error if verify fails
91 VerifyCallback verifyCallback_
; // user verify callback
96 void AddPeerCert(x509
* x
); // take ownership
97 void CopySelfCert(const x509
* x
);
98 int CopyCaCert(const x509
* x
);
101 int SetPrivateKey(const x509
&);
103 const x509
* get_cert() const;
104 const opaque
* get_peerKey() const;
105 const opaque
* get_privateKey() const;
106 X509
* get_peerX509() const;
107 SignatureAlgorithm
get_keyType() const;
108 SignatureAlgorithm
get_peerKeyType() const;
110 uint
get_peerKeyLength() const;
111 uint
get_privateKeyLength() const;
113 bool verifyPeer() const;
114 bool verifyNone() const;
115 bool failNoCert() const;
116 bool sendVerify() const;
118 void setVerifyPeer();
119 void setVerifyNone();
120 void setFailNoCert();
121 void setSendVerify();
122 void setPeerX509(X509
*);
123 void setVerifyCallback(VerifyCallback
);
125 CertManager(const CertManager
&); // hide copy
126 CertManager
& operator=(const CertManager
&); // and assign
132 #endif // yaSSL_CERT_WRAPPER_HPP