r3340 - in trunk/libmcrypto: include/libmcrypto include/libmcrypto/gnutls include/libmcrypto/openssl source source/gnutls source/openssl
erik at minisip.org
erik at minisip.org
Thu Jun 28 14:50:27 CEST 2007
Author: erik
Date: 2007-06-28 14:50:27 +0200 (Thu, 28 Jun 2007)
New Revision: 3340
Modified:
trunk/libmcrypto/include/libmcrypto/SipSim.h
trunk/libmcrypto/include/libmcrypto/SipSimSoft.h
trunk/libmcrypto/include/libmcrypto/TlsServerSocket.h
trunk/libmcrypto/include/libmcrypto/TlsSocket.h
trunk/libmcrypto/include/libmcrypto/cert.h
trunk/libmcrypto/include/libmcrypto/gnutls/TlsServerSocket.h
trunk/libmcrypto/include/libmcrypto/gnutls/TlsSocket.h
trunk/libmcrypto/include/libmcrypto/gnutls/cert.h
trunk/libmcrypto/include/libmcrypto/openssl/TlsServerSocket.h
trunk/libmcrypto/include/libmcrypto/openssl/TlsSocket.h
trunk/libmcrypto/include/libmcrypto/openssl/cert.h
trunk/libmcrypto/source/SipSimSoft.cxx
trunk/libmcrypto/source/cert.cxx
trunk/libmcrypto/source/gnutls/OakleyDH.cxx
trunk/libmcrypto/source/gnutls/TlsServerSocket.cxx
trunk/libmcrypto/source/gnutls/TlsSocket.cxx
trunk/libmcrypto/source/gnutls/cert.cxx
trunk/libmcrypto/source/openssl/TlsServerSocket.cxx
trunk/libmcrypto/source/openssl/TlsSocket.cxx
trunk/libmcrypto/source/openssl/cert.cxx
Log:
Me and Mikael Svensson are updating the how Minisip can authenticate users.
We'll need to improve the certificate handling. This commit renames the
certificate classes and methods to match the naming convention.
* ca_db -> CertificateSet
* certificate_chain -> CertificateChain
* certificate -> Certificate
* an_example_method -> anExampleMethod
(this commit will not compile since the users of
libmcrypto are not updated)
Modified: trunk/libmcrypto/include/libmcrypto/SipSim.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/SipSim.h 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/include/libmcrypto/SipSim.h 2007-06-28 12:50:27 UTC (rev 3340)
@@ -54,16 +54,16 @@
//virtual bool getDHPublicValue(unsigned long & dhPublicValueLength, unsigned char * dhPublickValuePtra)=0;
- virtual void setCertificateChain(MRef<certificate_chain *> c){certChain = c;}
- virtual MRef<certificate_chain *> getCertificateChain(){return certChain;}
+ virtual void setCertificateChain(MRef<CertificateChain *> c){certChain = c;}
+ virtual MRef<CertificateChain *> getCertificateChain(){return certChain;}
- virtual void setCAs(MRef<ca_db*> c){ca_set=c;}
- virtual MRef<ca_db *> getCAs(){return ca_set;}
+ virtual void setCAs(MRef<CertificateSet*> c){ca_set=c;}
+ virtual MRef<CertificateSet *> getCAs(){return ca_set;}
protected:
- MRef<certificate_chain *> certChain;
- MRef<ca_db *> ca_set;
+ MRef<CertificateChain *> certChain;
+ MRef<CertificateSet *> ca_set;
};
Modified: trunk/libmcrypto/include/libmcrypto/SipSimSoft.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/SipSimSoft.h 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/include/libmcrypto/SipSimSoft.h 2007-06-28 12:50:27 UTC (rev 3340)
@@ -13,7 +13,7 @@
*/
class LIBMCRYPTO_API SipSimSoft : public SipSim{
public:
- SipSimSoft(MRef<certificate_chain*> chain, MRef<ca_db*> cas);
+ SipSimSoft(MRef<CertificateChain*> chain, MRef<CertificateSet*> cas);
virtual bool getSignature(unsigned char * data,
int dataLength,
Modified: trunk/libmcrypto/include/libmcrypto/TlsServerSocket.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/TlsServerSocket.h 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/include/libmcrypto/TlsServerSocket.h 2007-06-28 12:50:27 UTC (rev 3340)
@@ -37,8 +37,8 @@
public:
virtual ~TLSServerSocket();
- static ServerSocket *create( bool use_ipv6, int32_t listen_port, MRef<certificate *> cert, MRef<ca_db *> cert_db=NULL );
- static ServerSocket *create(int32_t listen_port, MRef<certificate *> cert, MRef<ca_db *> cert_db=NULL );
+ static ServerSocket *create( bool use_ipv6, int32_t listen_port, MRef<Certificate *> cert, MRef<CertificateSet *> cert_db=NULL );
+ static ServerSocket *create(int32_t listen_port, MRef<Certificate *> cert, MRef<CertificateSet *> cert_db=NULL );
protected:
TLSServerSocket( int32_t domain, int32_t listen_port );
Modified: trunk/libmcrypto/include/libmcrypto/TlsSocket.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/TlsSocket.h 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/include/libmcrypto/TlsSocket.h 2007-06-28 12:50:27 UTC (rev 3340)
@@ -40,8 +40,8 @@
static TLSSocket* connect( IPAddress &addr,
int32_t port,
- MRef<certificate *> cert=NULL,
- MRef<ca_db *> cert_db=NULL,
+ MRef<Certificate *> cert=NULL,
+ MRef<CertificateSet *> cert_db=NULL,
std::string serverName="" );
protected:
Modified: trunk/libmcrypto/include/libmcrypto/cert.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/cert.h 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/include/libmcrypto/cert.h 2007-06-28 12:50:27 UTC (rev 3340)
@@ -35,73 +35,73 @@
#include<libmutil/MemObject.h>
#include<libmutil/Exception.h>
-class certificate;
+class Certificate;
#define CERT_DB_ITEM_TYPE_OTHER 0
#define CERT_DB_ITEM_TYPE_FILE 1
#define CERT_DB_ITEM_TYPE_DIR 2
-class LIBMCRYPTO_API ca_db_item: public MObject{
+class LIBMCRYPTO_API CertificateSetItem: public MObject{
public:
std::string item;
int type;
- virtual ~ca_db_item();
+ virtual ~CertificateSetItem();
- bool operator ==(const ca_db_item item2){ return (
+ bool operator ==(const CertificateSetItem item2){ return (
item2.item == item &&
item2.type == type);};
};
-class LIBMCRYPTO_API ca_db: public MObject{
+class LIBMCRYPTO_API CertificateSet: public MObject{
public:
- virtual ~ca_db();
- static ca_db *create();
+ virtual ~CertificateSet();
+ static CertificateSet *create();
- virtual ca_db* clone();
- virtual void add_directory( std::string dir );
- virtual void add_file( std::string file );
- virtual void add_certificate( MRef<certificate *> cert );
- virtual std::list<MRef<ca_db_item*> > &get_items();
- virtual MRef<ca_db_item*> get_next();
- virtual void init_index();
+ virtual CertificateSet* clone();
+ virtual void addDirectory( std::string dir );
+ virtual void addFile( std::string file );
+ virtual void addCertificate( MRef<Certificate *> cert );
+ virtual std::list<MRef<CertificateSetItem*> > &getItems();
+ virtual MRef<CertificateSetItem*> getNext();
+ virtual void initIndex();
virtual void lock();
virtual void unlock();
- virtual void remove( MRef<ca_db_item*> removedItem );
+ virtual void remove( MRef<CertificateSetItem*> removedItem );
protected:
- ca_db();
- virtual void add_item( MRef<ca_db_item*> item );
- virtual MRef<ca_db_item*> create_dir_item( std::string dir );
- virtual MRef<ca_db_item*> create_file_item( std::string file );
- virtual MRef<ca_db_item*> create_cert_item( MRef<certificate*> cert );
+ CertificateSet();
+ virtual void addItem( MRef<CertificateSetItem*> item );
+ virtual MRef<CertificateSetItem*> createDirItem( std::string dir );
+ virtual MRef<CertificateSetItem*> createFileItem( std::string file );
+ virtual MRef<CertificateSetItem*> createCertItem( MRef<Certificate*> cert );
private:
- std::list<MRef<ca_db_item*> >::iterator items_index;
- std::list<MRef<ca_db_item*> > items;
+ std::list<MRef<CertificateSetItem*> >::iterator items_index;
+ std::list<MRef<CertificateSetItem*> > items;
Mutex mLock;
};
-class LIBMCRYPTO_API priv_key: public MObject{
+class LIBMCRYPTO_API PrivateKey: public MObject{
public:
- static priv_key* load( const std::string private_key_filename );
- static priv_key* load( char *derEncPk, int length,
+ static PrivateKey* load( const std::string private_key_filename );
+ static PrivateKey* load( char *derEncPk, int length,
std::string password,
std::string path );
- virtual ~priv_key();
+ virtual ~PrivateKey();
- virtual const std::string &get_file() const = 0;
+ virtual const std::string &getFile() const = 0;
- virtual bool check_cert( MRef<certificate *> cert)=0;
+ virtual bool checkCert( MRef<Certificate *> cert)=0;
- virtual int sign_data( unsigned char * data, int data_length,
+ virtual int signData( unsigned char * data, int data_length,
unsigned char * sign,
int * sign_length )=0;
- virtual int denvelope_data( unsigned char * data,
+ virtual int denvelopeData( unsigned char * data,
int size,
unsigned char *retdata,
int *retsize,
@@ -109,13 +109,13 @@
int enckeylgth,
unsigned char *iv)=0;
- virtual bool private_decrypt(const unsigned char *data, int size,
+ virtual bool privateDecrypt(const unsigned char *data, int size,
unsigned char *retdata, int *retsize)=0;
protected:
- priv_key();
+ PrivateKey();
};
-class LIBMCRYPTO_API certificate: public MObject{
+class LIBMCRYPTO_API Certificate: public MObject{
public:
enum SubjectAltName{
SAN_DNSNAME = 1,
@@ -124,26 +124,26 @@
SAN_IPADDRESS
};
- static certificate* load( const std::string cert_filename );
- static certificate* load( const std::string cert_filename,
+ static Certificate* load( const std::string cert_filename );
+ static Certificate* load( const std::string cert_filename,
const std::string private_key_filename );
- static certificate* load( unsigned char * der_cert,
+ static Certificate* load( unsigned char * der_cert,
int length );
- static certificate* load( unsigned char * certData,
+ static Certificate* load( unsigned char * certData,
int length,
std::string path );
-// static certificate *create();
+// static Certificate *create();
- virtual ~certificate();
+ virtual ~Certificate();
- virtual int control( ca_db * cert_db )=0;
+ virtual int control( CertificateSet * cert_db )=0;
- virtual int get_der_length()=0;
- virtual void get_der( unsigned char * output,
+ virtual int getDerLength()=0;
+ virtual void getDer( unsigned char * output,
unsigned int * length )=0;
- virtual int envelope_data( unsigned char * data,
+ virtual int envelopeData( unsigned char * data,
int size,
unsigned char *retdata,
int *retsize,
@@ -151,7 +151,7 @@
int *enckeylgth,
unsigned char** iv)=0;
- int denvelope_data( unsigned char * data,
+ int denvelopeData( unsigned char * data,
int size,
unsigned char *retdata,
int *retsize,
@@ -159,57 +159,57 @@
int enckeylgth,
unsigned char *iv);
- int sign_data( unsigned char * data, int data_length,
+ int signData( unsigned char * data, int data_length,
unsigned char * sign,
int * sign_length );
- virtual int verif_sign( unsigned char * data, int data_length,
+ virtual int verifSign( unsigned char * data, int data_length,
unsigned char * sign, int sign_length )=0;
- virtual bool public_encrypt(const unsigned char *data, int size,
+ virtual bool publicEncrypt(const unsigned char *data, int size,
unsigned char *retdata, int *retsize)=0;
- int private_decrypt(const unsigned char *data, int size,
+ int privateDecrypt(const unsigned char *data, int size,
unsigned char *retdata, int *retsize);
- virtual std::string get_name()=0;
- virtual std::string get_cn()=0;
- virtual std::vector<std::string> get_alt_name( SubjectAltName type )=0;
- virtual std::string get_issuer()=0;
- virtual std::string get_issuer_cn()=0;
+ virtual std::string getName()=0;
+ virtual std::string getCn()=0;
+ virtual std::vector<std::string> getAltName( SubjectAltName type )=0;
+ virtual std::string getIssuer()=0;
+ virtual std::string getIssuerCn()=0;
- std::string get_file();
- std::string get_pk_file();
+ std::string getFile();
+ std::string getPkFile();
- MRef<priv_key*> get_pk();
- void set_pk( MRef<priv_key *> pk);
- void set_pk( const std::string &file );
- void set_encpk(char *derEncPk, int length,
+ MRef<PrivateKey*> getPk();
+ void setPk( MRef<PrivateKey *> pk);
+ void setPk( const std::string &file );
+ void setEncpk(char *derEncPk, int length,
const std::string &password,
const std::string &path);
- bool has_pk();
+ bool hasPk();
protected:
- certificate();
+ Certificate();
std::string file;
- MRef<priv_key *> m_pk;
+ MRef<PrivateKey *> m_pk;
};
-class LIBMCRYPTO_API certificate_chain: public MObject{
+class LIBMCRYPTO_API CertificateChain: public MObject{
public:
- static certificate_chain* create();
- virtual ~certificate_chain();
+ static CertificateChain* create();
+ virtual ~CertificateChain();
- virtual certificate_chain* clone();
- virtual void add_certificate( MRef<certificate *> cert );
-// virtual void remove_certificate( MRef<certificate *> cert );
- virtual void remove_last();
+ virtual CertificateChain* clone();
+ virtual void addCertificate( MRef<Certificate *> cert );
+// virtual void remove_Certificate( MRef<Certificate *> cert );
+ virtual void removeLast();
- virtual int control( MRef<ca_db *> cert_db )=0;
- virtual MRef<certificate *> get_next();
- virtual MRef<certificate *> get_first();
+ virtual int control( MRef<CertificateSet *> cert_db )=0;
+ virtual MRef<Certificate *> getNext();
+ virtual MRef<Certificate *> getFirst();
virtual void clear();
@@ -217,42 +217,42 @@
virtual void lock();
virtual void unlock();
- virtual bool is_empty();
+ virtual bool isEmpty();
- virtual void init_index();
+ virtual void initIndex();
protected:
- certificate_chain();
- certificate_chain( MRef<certificate *> cert );
+ CertificateChain();
+ CertificateChain( MRef<Certificate *> cert );
- std::list< MRef<certificate *> > cert_list;
- std::list< MRef<certificate *> >::iterator item;
+ std::list< MRef<Certificate *> > cert_list;
+ std::list< MRef<Certificate *> >::iterator item;
Mutex mLock;
};
-class LIBMCRYPTO_API certificate_exception : public Exception{
+class LIBMCRYPTO_API CertificateException : public Exception{
public:
- certificate_exception( const char *desc):Exception(desc){};
+ CertificateException( const char *desc):Exception(desc){};
};
-class LIBMCRYPTO_API certificate_exception_file : public certificate_exception{
+class LIBMCRYPTO_API CertificateExceptionFile : public CertificateException{
public:
- certificate_exception_file( const char *message ):certificate_exception(message){};
+ CertificateExceptionFile( const char *message ):CertificateException(message){};
};
-class LIBMCRYPTO_API certificate_exception_init : public certificate_exception{
+class LIBMCRYPTO_API CertificateExceptionInit : public CertificateException{
public:
- certificate_exception_init( const char *message ):certificate_exception(message){};
+ CertificateExceptionInit( const char *message ):CertificateException(message){};
};
-class LIBMCRYPTO_API certificate_exception_pkey : public certificate_exception{
+class LIBMCRYPTO_API CertificateExceptionPkey : public CertificateException{
public:
- certificate_exception_pkey( const char *message ):certificate_exception(message){};
+ CertificateExceptionPkey( const char *message ):CertificateException(message){};
};
-class LIBMCRYPTO_API certificate_exception_chain : public certificate_exception{
+class LIBMCRYPTO_API CertificateExceptionChain : public CertificateException{
public:
- certificate_exception_chain( const char *message ):certificate_exception(message){};
+ CertificateExceptionChain( const char *message ):CertificateException(message){};
};
#endif // MLIBMCRYPTO_CERT_H
Modified: trunk/libmcrypto/include/libmcrypto/gnutls/TlsServerSocket.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/gnutls/TlsServerSocket.h 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/include/libmcrypto/gnutls/TlsServerSocket.h 2007-06-28 12:50:27 UTC (rev 3340)
@@ -35,8 +35,8 @@
public:
GnutlsServerSocket( bool use_ipv6, int32_t listen_port,
- MRef<gtls_certificate *> cert,
- MRef<gtls_ca_db *> cert_db=NULL);
+ MRef<GtlsCertificate *> cert,
+ MRef<GtlsCertificateSet *> cert_db=NULL);
~GnutlsServerSocket();
virtual std::string getMemObjectType() const {return "GnutlsServerSocket";}
@@ -44,13 +44,13 @@
protected:
virtual void init( bool use_ipv6, int32_t listen_port,
- MRef<gtls_certificate *> cert,
- MRef<gtls_ca_db *> cert_db);
+ MRef<GtlsCertificate *> cert,
+ MRef<GtlsCertificateSet *> cert_db);
gnutls_session_t initialize_tls_session();
private:
- MRef<gtls_ca_db *> m_cert_db;
- MRef<gtls_certificate*> m_cert;
+ MRef<GtlsCertificateSet *> m_cert_db;
+ MRef<GtlsCertificate*> m_cert;
gnutls_certificate_credentials_t m_xcred;
gnutls_x509_crt_t* m_ca_list;
Modified: trunk/libmcrypto/include/libmcrypto/gnutls/TlsSocket.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/gnutls/TlsSocket.h 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/include/libmcrypto/gnutls/TlsSocket.h 2007-06-28 12:50:27 UTC (rev 3340)
@@ -43,8 +43,8 @@
class LIBMNETUTIL_API GnutlsSocket : public TLSSocket {
public:
GnutlsSocket( IPAddress &addr, int32_t port,
- MRef<gtls_ca_db *> cert_db=NULL,
- MRef<gtls_certificate *> cert=NULL);
+ MRef<GtlsCertificateSet *> cert_db=NULL,
+ MRef<GtlsCertificate *> cert=NULL);
GnutlsSocket( MRef<StreamSocket *> sock,
gnutls_session_t session );
@@ -61,18 +61,18 @@
private:
void GnutlsSocket_init( MRef<StreamSocket*> ssock,
- MRef<gtls_ca_db *> cert_db,
- MRef<gtls_certificate *> cert);
+ MRef<GtlsCertificateSet *> cert_db,
+ MRef<GtlsCertificate *> cert);
gnutls_certificate_credentials_t m_xcred;
gnutls_session_t m_session;
MRef<StreamSocket *> sock;
- MRef<certificate *> peer_cert;
+ MRef<Certificate *> peer_cert;
/** CA db */
- MRef<ca_db *> cert_db;
+ MRef<CertificateSet *> cert_db;
gnutls_x509_crt_t* m_ca_list;
size_t m_ca_list_len;
Modified: trunk/libmcrypto/include/libmcrypto/gnutls/cert.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/gnutls/cert.h 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/include/libmcrypto/gnutls/cert.h 2007-06-28 12:50:27 UTC (rev 3340)
@@ -39,12 +39,12 @@
#include<gnutls/x509.h>
#include<gcrypt.h>
-class gtls_certificate;
+class GtlsCertificate;
-class gtls_rsa_priv{
+class GtlsRsaPriv{
public:
- gtls_rsa_priv( gnutls_x509_privkey_t aKey );
- ~gtls_rsa_priv();
+ GtlsRsaPriv( gnutls_x509_privkey_t aKey );
+ ~GtlsRsaPriv();
bool decrypt( const unsigned char *data, int size,
unsigned char *retdata, int *retsize) const;
@@ -53,10 +53,10 @@
gcry_sexp_t m_key;
};
-class gtls_rsa_pub{
+class Gtlsrsa_pub{
public:
- gtls_rsa_pub( gnutls_x509_crt_t aCert );
- ~gtls_rsa_pub();
+ Gtlsrsa_pub( gnutls_x509_crt_t aCert );
+ ~Gtlsrsa_pub();
bool encrypt( const unsigned char *data, int size,
unsigned char *retdata, int *retsize) const;
@@ -65,51 +65,51 @@
gcry_sexp_t m_key;
};
-class LIBMCRYPTO_API gtls_ca_db_item: public ca_db_item{
+class LIBMCRYPTO_API GtlsCertificateSetItem: public CertificateSetItem{
public:
- gtls_ca_db_item();
- virtual ~gtls_ca_db_item();
+ GtlsCertificateSetItem();
+ virtual ~GtlsCertificateSetItem();
gnutls_x509_crt_t* certs;
unsigned int num_certs;
};
-class LIBMCRYPTO_API gtls_ca_db: public ca_db{
+class LIBMCRYPTO_API GtlsCertificateSet: public CertificateSet{
public:
- gtls_ca_db();
- virtual ~gtls_ca_db();
+ GtlsCertificateSet();
+ virtual ~GtlsCertificateSet();
bool getDb(gnutls_x509_crt_t ** db, size_t * db_length );
- virtual std::string getMemObjectType() const {return "gtls_ca_db";}
+ virtual std::string getMemObjectType() const {return "GtlsCertificateSet";}
protected:
- MRef<ca_db_item*> create_dir_item( std::string dir );
- MRef<ca_db_item*> create_file_item( std::string file );
- MRef<ca_db_item*> create_cert_item( MRef<certificate*> cert );
+ MRef<CertificateSetItem*> createDirItem( std::string dir );
+ MRef<CertificateSetItem*> createFileItem( std::string file );
+ MRef<CertificateSetItem*> createCertItem( MRef<Certificate*> cert );
private:
gnutls_x509_crt_t * caList;
size_t caListLength;
};
-class LIBMCRYPTO_API gtls_priv_key: public priv_key{
+class LIBMCRYPTO_API GtlsPrivateKey: public PrivateKey{
public:
- gtls_priv_key( const std::string &private_key_filename );
- gtls_priv_key( char *derEncPk, int length,
+ GtlsPrivateKey( const std::string &private_key_filename );
+ GtlsPrivateKey( char *derEncPk, int length,
const std::string &password,
const std::string &path );
- ~gtls_priv_key();
+ ~GtlsPrivateKey();
- const std::string &get_file() const;
+ const std::string &getFile() const;
- bool check_cert( MRef<certificate*> cert );
+ bool checkCert( MRef<Certificate*> cert );
- int sign_data( unsigned char * data, int data_length,
+ int signData( unsigned char * data, int data_length,
unsigned char * sign,
int * sign_length );
- int denvelope_data( unsigned char * data,
+ int denvelopeData( unsigned char * data,
int size,
unsigned char *retdata,
int *retsize,
@@ -117,48 +117,48 @@
int enckeylgth,
unsigned char *iv);
- bool private_decrypt( const unsigned char *data, int size,
+ bool privateDecrypt( const unsigned char *data, int size,
unsigned char *retdata, int *retsize);
- gnutls_x509_privkey_t get_private_key(){return privateKey;};
+ gnutls_x509_privkey_t getPrivateKey(){return privateKey;};
private:
gnutls_x509_privkey_t privateKey;
- gtls_rsa_priv *rsaPriv;
+ GtlsRsaPriv *rsaPriv;
std::string pk_file;
};
-class LIBMCRYPTO_API gtls_certificate: public certificate{
+class LIBMCRYPTO_API GtlsCertificate: public Certificate{
public:
- gtls_certificate();
- gtls_certificate( const std::string cert_filename );
- gtls_certificate( unsigned char * der_cert, int length );
- ~gtls_certificate();
- virtual std::string getMemObjectType() const {return "gtls_certificate";}
+ GtlsCertificate();
+ GtlsCertificate( const std::string cert_filename );
+ GtlsCertificate( unsigned char * der_cert, int length );
+ ~GtlsCertificate();
+ virtual std::string getMemObjectType() const {return "GtlsCertificate";}
- int control( ca_db * cert_db );
+ int control( CertificateSet * cert_db );
- int get_der_length();
- void get_der( unsigned char * output );
- void get_der( unsigned char * output, unsigned int * length );
- int envelope_data( unsigned char * data, int size, unsigned char *retdata, int *retsize,
+ int getDerLength();
+ void getDer( unsigned char * output );
+ void getDer( unsigned char * output, unsigned int * length );
+ int envelopeData( unsigned char * data, int size, unsigned char *retdata, int *retsize,
unsigned char *enckey, int *enckeylgth, unsigned char** iv);
- int sign_data( unsigned char * data, int data_length,
+ int signData( unsigned char * data, int data_length,
unsigned char * sign, int * sign_length );
- int verif_sign( unsigned char * data, int data_length,
+ int verifSign( unsigned char * data, int data_length,
unsigned char * sign, int sign_length );
- bool public_encrypt( const unsigned char *data, int size,
+ bool publicEncrypt( const unsigned char *data, int size,
unsigned char *retdata, int *retsize);
- std::string get_name();
- std::string get_cn();
- std::vector<std::string> get_alt_name( SubjectAltName type );
- std::string get_issuer();
- std::string get_issuer_cn();
+ std::string getName();
+ std::string getCn();
+ std::vector<std::string> getAltName( SubjectAltName type );
+ std::string getIssuer();
+ std::string getIssuerCn();
- gnutls_x509_crt_t get_certificate(){return cert;};
+ gnutls_x509_crt_t getCertificate(){return cert;};
protected:
void openFromFile( std::string fileName );
@@ -166,18 +166,18 @@
private:
gnutls_x509_crt_t cert;
- gtls_rsa_pub *rsaKey;
+ Gtlsrsa_pub *rsaKey;
};
-class gtls_certificate_chain: public certificate_chain{
+class GtlsCertificateChain: public CertificateChain{
public:
- gtls_certificate_chain();
- gtls_certificate_chain( MRef<certificate *> cert );
- virtual ~gtls_certificate_chain();
+ GtlsCertificateChain();
+ GtlsCertificateChain( MRef<Certificate *> cert );
+ virtual ~GtlsCertificateChain();
- virtual std::string getMemObjectType() const {return "gtls_certificate_chain";}
+ virtual std::string getMemObjectType() const {return "GtlsCertificateChain";}
- int control( MRef<ca_db *> cert_db );
+ int control( MRef<CertificateSet *> cert_db );
};
#endif
Modified: trunk/libmcrypto/include/libmcrypto/openssl/TlsServerSocket.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/openssl/TlsServerSocket.h 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/include/libmcrypto/openssl/TlsServerSocket.h 2007-06-28 12:50:27 UTC (rev 3340)
@@ -34,16 +34,16 @@
class LIBMNETUTIL_API OsslServerSocket : public TLSServerSocket {
public:
- OsslServerSocket( bool use_ipv6, int32_t listen_port, MRef<ossl_certificate *> cert, MRef<ossl_ca_db *> cert_db=NULL);
- OsslServerSocket( int32_t listen_port, MRef<ossl_certificate *> cert, MRef<ossl_ca_db *> cert_db=NULL);
+ OsslServerSocket( bool use_ipv6, int32_t listen_port, MRef<OsslCertificate *> cert, MRef<OsslCertificateSet *> cert_db=NULL);
+ OsslServerSocket( int32_t listen_port, MRef<OsslCertificate *> cert, MRef<OsslCertificateSet *> cert_db=NULL);
virtual std::string getMemObjectType() const {return "OsslServerSocket";}
virtual MRef<StreamSocket *> accept();
protected:
virtual void init( bool use_ipv6, int32_t listen_port,
- MRef<ossl_certificate *> cert,
- MRef<ossl_ca_db *> cert_db);
+ MRef<OsslCertificate *> cert,
+ MRef<OsslCertificateSet *> cert_db);
private:
int32_t listen_port;
@@ -54,6 +54,6 @@
/**
CA db
*/
- MRef<ossl_ca_db *> cert_db;
+ MRef<OsslCertificateSet *> cert_db;
};
#endif
Modified: trunk/libmcrypto/include/libmcrypto/openssl/TlsSocket.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/openssl/TlsSocket.h 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/include/libmcrypto/openssl/TlsSocket.h 2007-06-28 12:50:27 UTC (rev 3340)
@@ -74,20 +74,20 @@
//� In Microsoft Embedded VC 4.0 this causes a warning ... remove
#ifdef _MSC_VER
#ifndef _WIN32_WCE
-template class __declspec(dllexport) MRef<certificate*>;
-template class __declspec(dllexport) MRef<ca_db*>;
+template class __declspec(dllexport) MRef<Certificate*>;
+template class __declspec(dllexport) MRef<CertificateSet*>;
#endif
#endif
class LIBMNETUTIL_API OsslSocket : public TLSSocket {
public:
OsslSocket(std::string addr, int32_t port, void * &ssl_ctx,
- MRef<ossl_certificate *> cert = NULL,
- MRef<ossl_ca_db *> cert_db=NULL );
+ MRef<OsslCertificate *> cert = NULL,
+ MRef<OsslCertificateSet *> cert_db=NULL );
OsslSocket( IPAddress &addr, int32_t port, void * &ssl_ctx,
- MRef<ossl_certificate *> cert=NULL,
- MRef<ossl_ca_db *> cert_db=NULL );
+ MRef<OsslCertificate *> cert=NULL,
+ MRef<OsslCertificateSet *> cert_db=NULL );
OsslSocket( MRef<StreamSocket *> sock, SSL_CTX * ssl_ctx );
@@ -109,8 +109,8 @@
private:
void OsslSocket_init( MRef<StreamSocket*> ssock, void * &ssl_ctx,
- MRef<ossl_certificate *> cert,
- MRef<ossl_ca_db *> cert_db );
+ MRef<OsslCertificate *> cert,
+ MRef<OsslCertificateSet *> cert_db );
MRef<StreamSocket *> sock;
@@ -118,10 +118,10 @@
void* priv;
- MRef<ossl_certificate *> peer_cert;
+ MRef<OsslCertificate *> peer_cert;
/** CA db */
- MRef<ossl_ca_db *> cert_db;
+ MRef<OsslCertificateSet *> cert_db;
};
TLSSocket& operator<<(TLSSocket& sock, std::string str);
Modified: trunk/libmcrypto/include/libmcrypto/openssl/cert.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/openssl/cert.h 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/include/libmcrypto/openssl/cert.h 2007-06-28 12:50:27 UTC (rev 3340)
@@ -48,41 +48,41 @@
#include<libmutil/MemObject.h>
#include<libmutil/Exception.h>
-class certificate;
+class Certificate;
-class LIBMCRYPTO_API ossl_ca_db: public ca_db{
+class LIBMCRYPTO_API OsslCertificateSet: public CertificateSet{
public:
- ossl_ca_db();
- ~ossl_ca_db();
+ OsslCertificateSet();
+ ~OsslCertificateSet();
- X509_STORE * get_db();
- virtual std::string getMemObjectType() const {return "ossl_ca_db";}
- void add_directory( std::string dir );
- void add_file( std::string file );
- void add_certificate( MRef<certificate *> cert );
+ X509_STORE * getDb();
+ virtual std::string getMemObjectType() const {return "OsslCertificateSet";}
+ void addDirectory( std::string dir );
+ void addFile( std::string file );
+ void addCertificate( MRef<Certificate *> cert );
private:
X509_STORE * cert_db;
};
-class LIBMCRYPTO_API ossl_priv_key: public priv_key{
+class LIBMCRYPTO_API OsslPrivateKey: public PrivateKey{
public:
- ossl_priv_key( const std::string &private_key_filename );
- ossl_priv_key( char *derEncPk, int length,
+ OsslPrivateKey( const std::string &private_key_filename );
+ OsslPrivateKey( char *derEncPk, int length,
const std::string &password,
const std::string &path );
- ~ossl_priv_key();
+ ~OsslPrivateKey();
- const std::string &get_file() const;
+ const std::string &getFile() const;
- bool check_cert( MRef<certificate *> cert);
+ bool checkCert( MRef<Certificate *> cert);
- int sign_data( unsigned char * data, int data_length,
+ int signData( unsigned char * data, int data_length,
unsigned char * sign,
int * sign_length );
- int denvelope_data( unsigned char * data,
+ int denvelopeData( unsigned char * data,
int size,
unsigned char *retdata,
int *retsize,
@@ -90,64 +90,64 @@
int enckeylgth,
unsigned char *iv);
- bool private_decrypt(const unsigned char *data, int size,
+ bool privateDecrypt(const unsigned char *data, int size,
unsigned char *retdata, int *retsize);
- EVP_PKEY * get_openssl_private_key(){return private_key;};
+ EVP_PKEY * getOpensslPrivateKey(){return private_key;};
private:
EVP_PKEY * private_key;
std::string pk_file;
};
-class LIBMCRYPTO_API ossl_certificate: public certificate{
+class LIBMCRYPTO_API OsslCertificate: public Certificate{
public:
- ossl_certificate();
- ossl_certificate( X509 * ossl_cert );
- ossl_certificate( const std::string &cert_filename );
- ossl_certificate( unsigned char * der_cert, int length );
- ossl_certificate( unsigned char * certData, int length, std::string path );
- ~ossl_certificate();
- virtual std::string getMemObjectType() const {return "certificate";}
+ OsslCertificate();
+ OsslCertificate( X509 * Osslcert );
+ OsslCertificate( const std::string &cert_filename );
+ OsslCertificate( unsigned char * der_cert, int length );
+ OsslCertificate( unsigned char * certData, int length, std::string path );
+ ~OsslCertificate();
+ virtual std::string getMemObjectType() const {return "Certificate";}
- int control( ca_db * cert_db );
+ int control( CertificateSet * cert_db );
- int get_der_length();
- void get_der( unsigned char * output,
+ int getDerLength();
+ void getDer( unsigned char * output,
unsigned int * length );
- int envelope_data( unsigned char * data, int size, unsigned char *retdata, int *retsize,
+ int envelopeData( unsigned char * data, int size, unsigned char *retdata, int *retsize,
unsigned char *enckey, int *enckeylgth, unsigned char** iv);
- int denvelope_data(unsigned char * data, int size, unsigned char *retdata, int *retsize,
+ int denvelopeData(unsigned char * data, int size, unsigned char *retdata, int *retsize,
unsigned char *enckey, int enckeylgth, unsigned char *iv);
- int sign_data( unsigned char * data, int data_length,
+ int signData( unsigned char * data, int data_length,
unsigned char * sign, int * sign_length );
- int verif_sign( unsigned char * data, int data_length,
+ int verifSign( unsigned char * data, int data_length,
unsigned char * sign, int sign_length );
- bool public_encrypt(const unsigned char *data, int size,
+ bool publicEncrypt(const unsigned char *data, int size,
unsigned char *retdata, int *retsize);
- std::string get_name();
- std::string get_cn();
- std::vector<std::string> get_alt_name( SubjectAltName type );
- std::string get_issuer();
- std::string get_issuer_cn();
+ std::string getName();
+ std::string getCn();
+ std::vector<std::string> getAltName( SubjectAltName type );
+ std::string getIssuer();
+ std::string getIssuerCn();
- X509 * get_openssl_certificate(){return cert;};
+ X509 * getOpensslCertificate(){return cert;};
private:
X509 * cert;
};
-class LIBMCRYPTO_API ossl_certificate_chain: public certificate_chain{
+class LIBMCRYPTO_API OsslCertificateChain: public CertificateChain{
public:
- ossl_certificate_chain();
- ossl_certificate_chain( MRef<certificate *> cert );
- virtual ~ossl_certificate_chain();
+ OsslCertificateChain();
+ OsslCertificateChain( MRef<Certificate *> cert );
+ virtual ~OsslCertificateChain();
- virtual std::string getMemObjectType() const {return "ossl_certificate_chain";}
+ virtual std::string getMemObjectType() const {return "OsslCertificateChain";}
- int control( MRef<ca_db *> cert_db );
+ int control( MRef<CertificateSet *> cert_db );
};
#endif
Modified: trunk/libmcrypto/source/SipSimSoft.cxx
===================================================================
--- trunk/libmcrypto/source/SipSimSoft.cxx 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/source/SipSimSoft.cxx 2007-06-28 12:50:27 UTC (rev 3340)
@@ -5,7 +5,7 @@
using namespace std;
-SipSimSoft::SipSimSoft(MRef<certificate_chain*> chain, MRef<ca_db*> cas)
+SipSimSoft::SipSimSoft(MRef<CertificateChain*> chain, MRef<CertificateSet*> cas)
{
certChain = chain;
ca_set = cas;
@@ -18,9 +18,9 @@
bool doHash,
int hash_alg)
{
- MRef<certificate*> myCert = certChain->get_first();
+ MRef<Certificate*> myCert = certChain->getFirst();
assert(doHash /*we don't support not hashing in SipSimSoft yet...*/);
- myCert->sign_data(data, dataLength, signaturePtr, &signatureLength);
+ myCert->signData(data, dataLength, signaturePtr, &signatureLength);
return true;
}
Modified: trunk/libmcrypto/source/cert.cxx
===================================================================
--- trunk/libmcrypto/source/cert.cxx 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/source/cert.cxx 2007-06-28 12:50:27 UTC (rev 3340)
@@ -35,29 +35,29 @@
using namespace std;
-priv_key::priv_key(){
+PrivateKey::PrivateKey(){
}
-priv_key::~priv_key(){
+PrivateKey::~PrivateKey(){
}
-certificate::certificate(){
+Certificate::Certificate(){
}
-certificate::~certificate(){
+Certificate::~Certificate(){
}
-string certificate::get_file(){
+string Certificate::getFile(){
return file;
}
-string certificate::get_pk_file(){
+string Certificate::getPkFile(){
massert(m_pk);
- return m_pk->get_file();
+ return m_pk->getFile();
}
-int certificate::denvelope_data( unsigned char * data,
+int Certificate::denvelopeData( unsigned char * data,
int size,
unsigned char *retdata,
int *retsize,
@@ -69,158 +69,158 @@
massert(retdata);
massert(enckey);
massert(iv);
- return m_pk->denvelope_data( data, size, retdata, retsize,
+ return m_pk->denvelopeData( data, size, retdata, retsize,
enckey, enckeylgth, iv );
}
-int certificate::sign_data( unsigned char * data, int data_length,
+int Certificate::signData( unsigned char * data, int data_length,
unsigned char * sign,
int * sign_length ){
massert(m_pk);
- return m_pk->sign_data( data, data_length, sign, sign_length );
+ return m_pk->signData( data, data_length, sign, sign_length );
}
-int certificate::private_decrypt(const unsigned char *data, int size,
+int Certificate::privateDecrypt(const unsigned char *data, int size,
unsigned char *retdata, int *retsize){
massert(m_pk);
- return m_pk->private_decrypt( data, size, retdata, retsize );
+ return m_pk->privateDecrypt( data, size, retdata, retsize );
}
-bool certificate::has_pk(){
+bool Certificate::hasPk(){
return !m_pk.isNull();
}
-MRef<priv_key*> certificate::get_pk(){
+MRef<PrivateKey*> Certificate::getPk(){
return m_pk;
}
-void certificate::set_pk( MRef<priv_key *> priv_key )
+void Certificate::setPk( MRef<PrivateKey *> PrivateKey )
{
- if( !priv_key->check_cert( this ) ){
- cerr << "Private key does not match the certificate" << endl;
- throw certificate_exception_pkey(
- "The private key does not match the certificate" );
+ if( !PrivateKey->checkCert( this ) ){
+ cerr << "Private key does not match the Certificate" << endl;
+ throw CertificateExceptionPkey(
+ "The private key does not match the Certificate" );
}
- m_pk = priv_key;
+ m_pk = PrivateKey;
}
-void certificate::set_pk( const std::string &file_ ){
- set_pk( priv_key::load( file_ ) );
+void Certificate::setPk( const std::string &file_ ){
+ setPk( PrivateKey::load( file_ ) );
}
-void certificate::set_encpk(char *derEncPk, int length,
+void Certificate::setEncpk(char *derEncPk, int length,
const std::string &password,
const std::string &path){
- set_pk( priv_key::load( derEncPk, length, password, path ) );
+ setPk( PrivateKey::load( derEncPk, length, password, path ) );
}
-ca_db_item::~ca_db_item(){
+CertificateSetItem::~CertificateSetItem(){
}
-ca_db::ca_db(){
+CertificateSet::CertificateSet(){
items_index = items.begin();
}
-ca_db::~ca_db(){
- std::list<MRef<ca_db_item*> >::iterator i;
- std::list<MRef<ca_db_item*> >::iterator last = items.end();
+CertificateSet::~CertificateSet(){
+ std::list<MRef<CertificateSetItem*> >::iterator i;
+ std::list<MRef<CertificateSetItem*> >::iterator last = items.end();
items.clear();
}
-ca_db* ca_db::clone(){
- ca_db * db = create();
+CertificateSet* CertificateSet::clone(){
+ CertificateSet * db = create();
lock();
- std::list<MRef<ca_db_item*> >::iterator i;
- std::list<MRef<ca_db_item*> >::iterator last = items.end();
+ std::list<MRef<CertificateSetItem*> >::iterator i;
+ std::list<MRef<CertificateSetItem*> >::iterator last = items.end();
for( i = items.begin(); i != last; i++ ){
- db->add_item( *i );
+ db->addItem( *i );
}
unlock();
return db;
}
-void ca_db::lock(){
+void CertificateSet::lock(){
mLock.lock();
}
-void ca_db::unlock(){
+void CertificateSet::unlock(){
mLock.unlock();
}
-void ca_db::add_item( MRef<ca_db_item*> item ){
+void CertificateSet::addItem( MRef<CertificateSetItem*> item ){
items.push_back( item );
items_index = items.begin();
}
-MRef<ca_db_item*> ca_db::create_dir_item( std::string dir ){
- MRef<ca_db_item*> item = new ca_db_item();
+MRef<CertificateSetItem*> CertificateSet::createDirItem( std::string dir ){
+ MRef<CertificateSetItem*> item = new CertificateSetItem();
item->item = dir;
item->type = CERT_DB_ITEM_TYPE_DIR;
return item;
}
-MRef<ca_db_item*> ca_db::create_file_item( std::string file ){
- MRef<ca_db_item*> item = new ca_db_item;
+MRef<CertificateSetItem*> CertificateSet::createFileItem( std::string file ){
+ MRef<CertificateSetItem*> item = new CertificateSetItem;
item->item = file;
item->type = CERT_DB_ITEM_TYPE_FILE;
return item;
}
-MRef<ca_db_item*> ca_db::create_cert_item( MRef<certificate*> cert ){
- MRef<ca_db_item*> item = new ca_db_item();
+MRef<CertificateSetItem*> CertificateSet::createCertItem( MRef<Certificate*> cert ){
+ MRef<CertificateSetItem*> item = new CertificateSetItem();
item->item = "";
item->type = CERT_DB_ITEM_TYPE_OTHER;
return item;
}
-void ca_db::add_directory( string dir ){
- MRef<ca_db_item*> item = create_dir_item( dir );
- add_item( item );
+void CertificateSet::addDirectory( string dir ){
+ MRef<CertificateSetItem*> item = createDirItem( dir );
+ addItem( item );
}
-void ca_db::add_file( string file ){
- MRef<ca_db_item*> item = create_file_item( file );
- add_item( item );
+void CertificateSet::addFile( string file ){
+ MRef<CertificateSetItem*> item = createFileItem( file );
+ addItem( item );
}
-void ca_db::add_certificate( MRef<certificate *> cert ){
- MRef<ca_db_item*> item = create_cert_item( cert );
- add_item( item );
+void CertificateSet::addCertificate( MRef<Certificate *> cert ){
+ MRef<CertificateSetItem*> item = createCertItem( cert );
+ addItem( item );
}
-void ca_db::remove( MRef<ca_db_item*> removedItem ){
- init_index();
+void CertificateSet::remove( MRef<CertificateSetItem*> removedItem ){
+ initIndex();
while( items_index != items.end() ){
if( **(*items_index) == **removedItem ){
items.erase( items_index );
- init_index();
+ initIndex();
return;
}
items_index ++;
}
- init_index();
+ initIndex();
}
-list<MRef<ca_db_item*> > &ca_db::get_items(){
+list<MRef<CertificateSetItem*> > &CertificateSet::getItems(){
return items;
}
-void ca_db::init_index(){
+void CertificateSet::initIndex(){
items_index = items.begin();
}
-MRef<ca_db_item*> ca_db::get_next(){
- MRef<ca_db_item*> tmp;
+MRef<CertificateSetItem*> CertificateSet::getNext(){
+ MRef<CertificateSetItem*> tmp;
if( items_index == items.end() ){
items_index = items.begin();
@@ -232,56 +232,56 @@
return tmp;
}
-certificate_chain::certificate_chain(){
+CertificateChain::CertificateChain(){
item = cert_list.begin();
}
-certificate_chain::certificate_chain( MRef<certificate *> cert ){
+CertificateChain::CertificateChain( MRef<Certificate *> cert ){
cert_list.push_back( cert );
item = cert_list.begin();
}
-certificate_chain::~certificate_chain(){
+CertificateChain::~CertificateChain(){
}
-certificate_chain* certificate_chain::clone(){
- certificate_chain * chain = create();
+CertificateChain* CertificateChain::clone(){
+ CertificateChain * chain = create();
lock();
- std::list<MRef<certificate*> >::iterator i;
- std::list<MRef<certificate*> >::iterator last = cert_list.end();
+ std::list<MRef<Certificate*> >::iterator i;
+ std::list<MRef<Certificate*> >::iterator last = cert_list.end();
for( i = cert_list.begin(); i != last; i++ ){
- chain->add_certificate( *i );
+ chain->addCertificate( *i );
}
unlock();
return chain;
}
-void certificate_chain::lock(){
+void CertificateChain::lock(){
mLock.lock();
}
-void certificate_chain::unlock(){
+void CertificateChain::unlock(){
mLock.unlock();
}
-bool certificate_chain::is_empty(){
+bool CertificateChain::isEmpty(){
return cert_list.empty();
}
-void certificate_chain::add_certificate( MRef<certificate *> cert ){
+void CertificateChain::addCertificate( MRef<Certificate *> cert ){
if( !cert_list.empty() ){
- MRef<certificate *> lastCert = *(--cert_list.end());
+ MRef<Certificate *> lastCert = *(--cert_list.end());
- if( lastCert->get_issuer() != cert->get_name() ){
- throw certificate_exception_chain(
- "The previous certificate in the chain is not"
+ if( lastCert->getIssuer() != cert->getName() ){
+ throw CertificateExceptionChain(
+ "The previous Certificate in the chain is not"
" issued by the given one" );
}
}
@@ -290,19 +290,19 @@
item = cert_list.begin();
}
-void certificate_chain::remove_last(){
+void CertificateChain::removeLast(){
cert_list.erase( -- cert_list.end() );
item = cert_list.begin();
}
-void certificate_chain::init_index(){
+void CertificateChain::initIndex(){
item = cert_list.begin();
}
-MRef<certificate *> certificate_chain::get_next(){
- MRef<certificate *> ret;
+MRef<Certificate *> CertificateChain::getNext(){
+ MRef<Certificate *> ret;
if( item == cert_list.end() ){
item = cert_list.begin();
@@ -314,7 +314,7 @@
return ret;
}
-MRef<certificate *> certificate_chain::get_first(){
+MRef<Certificate *> CertificateChain::getFirst(){
if( cert_list.size() == 0 ){
return NULL;
}
@@ -322,11 +322,11 @@
return *(cert_list.begin());
}
-void certificate_chain::clear(){
+void CertificateChain::clear(){
cert_list.clear();
}
-int certificate_chain::length(){
+int CertificateChain::length(){
return (int)cert_list.size();
}
Modified: trunk/libmcrypto/source/gnutls/OakleyDH.cxx
===================================================================
--- trunk/libmcrypto/source/gnutls/OakleyDH.cxx 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/source/gnutls/OakleyDH.cxx 2007-06-28 12:50:27 UTC (rev 3340)
@@ -89,7 +89,7 @@
if( g_init++ > 0 )
return;
- gcry_error_t res;
+// gcry_error_t res;
g_dhParameters[DH_GROUP_OAKLEY1].init( OAKLEY1_P, OAKLEY1_G, OAKLEY1_L );
g_dhParameters[DH_GROUP_OAKLEY2].init( OAKLEY2_P, OAKLEY2_G, OAKLEY2_L );
Modified: trunk/libmcrypto/source/gnutls/TlsServerSocket.cxx
===================================================================
--- trunk/libmcrypto/source/gnutls/TlsServerSocket.cxx 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/source/gnutls/TlsServerSocket.cxx 2007-06-28 12:50:27 UTC (rev 3340)
@@ -40,28 +40,28 @@
{
}
-ServerSocket *TLSServerSocket::create( bool use_ipv6, int32_t listen_port, MRef<certificate *> cert, MRef<ca_db *> cert_db ){
- MRef<gtls_certificate*> gtls_cert;
- MRef<gtls_ca_db*> gtls_db;
+ServerSocket *TLSServerSocket::create( bool use_ipv6, int32_t listen_port, MRef<Certificate *> cert, MRef<CertificateSet *> cert_db ){
+ MRef<GtlsCertificate*> Gtlscert;
+ MRef<GtlsCertificateSet*> Gtlsdb;
if( cert )
- gtls_cert = (gtls_certificate*)*cert;
+ Gtlscert = (GtlsCertificate*)*cert;
if( cert_db )
- gtls_db = (gtls_ca_db*)*cert_db;
+ Gtlsdb = (GtlsCertificateSet*)*cert_db;
return new GnutlsServerSocket( use_ipv6, listen_port,
- gtls_cert, gtls_db );
+ Gtlscert, Gtlsdb );
}
-ServerSocket *TLSServerSocket::create(int32_t listen_port, MRef<certificate *> cert, MRef<ca_db *> cert_db ){
+ServerSocket *TLSServerSocket::create(int32_t listen_port, MRef<Certificate *> cert, MRef<CertificateSet *> cert_db ){
return create( false, listen_port, cert, cert_db );
}
GnutlsServerSocket::GnutlsServerSocket( bool use_ipv6, int32_t listen_port,
- MRef<gtls_certificate *> cert,
- MRef<gtls_ca_db *> cert_db):TLSServerSocket(use_ipv6?AF_INET6:AF_INET, listen_port)
+ MRef<GtlsCertificate *> cert,
+ MRef<GtlsCertificateSet *> cert_db):TLSServerSocket(use_ipv6?AF_INET6:AF_INET, listen_port)
{
init(use_ipv6, listen_port, cert, cert_db);
}
@@ -90,7 +90,7 @@
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, m_xcred);
- /* request client certificate if any.
+ /* request client Certificate if any.
*/
gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
@@ -100,8 +100,8 @@
}
void GnutlsServerSocket::init( bool use_ipv6, int32_t listen_port,
- MRef<gtls_certificate *> cert,
- MRef<gtls_ca_db *> cert_db)
+ MRef<GtlsCertificate *> cert,
+ MRef<GtlsCertificateSet *> cert_db)
{
cerr << "GnutlsServerSocket::init" << endl;
m_cert = cert;
@@ -119,14 +119,14 @@
gnutls_certificate_set_x509_trust(m_xcred, m_ca_list, m_ca_list_len);
// FIXME support chained certs.
- gnutls_x509_crt_t gcert = cert->get_certificate();
+ gnutls_x509_crt_t gcert = cert->getCertificate();
gnutls_x509_privkey_t gkey = NULL;
- MRef<gtls_priv_key*> gtls_pk =
- dynamic_cast<gtls_priv_key*>( *cert->get_pk() );
+ MRef<GtlsPrivateKey*> Gtlspk =
+ dynamic_cast<GtlsPrivateKey*>( *cert->getPk() );
- if( gtls_pk ){
- gkey = gtls_pk->get_private_key();
+ if( Gtlspk ){
+ gkey = Gtlspk->getPrivateKey();
}
gnutls_certificate_set_x509_key(m_xcred, &gcert, 1, gkey);
Modified: trunk/libmcrypto/source/gnutls/TlsSocket.cxx
===================================================================
--- trunk/libmcrypto/source/gnutls/TlsSocket.cxx 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/source/gnutls/TlsSocket.cxx 2007-06-28 12:50:27 UTC (rev 3340)
@@ -54,20 +54,20 @@
}
TLSSocket* TLSSocket::connect( IPAddress &addr, int32_t port,
- MRef<certificate *> cert,
- MRef<ca_db *> cert_db,
+ MRef<Certificate *> cert,
+ MRef<CertificateSet *> cert_db,
string serverName )
{
- MRef<gtls_ca_db*> gtls_db;
- MRef<gtls_certificate*> gtls_cert;
+ MRef<GtlsCertificateSet*> Gtlsdb;
+ MRef<GtlsCertificate*> Gtlscert;
if( cert_db )
- gtls_db = (gtls_ca_db*)*cert_db;
+ Gtlsdb = (GtlsCertificateSet*)*cert_db;
if( cert )
- gtls_cert = (gtls_certificate*)*cert;
+ Gtlscert = (GtlsCertificate*)*cert;
- return new GnutlsSocket( addr, port, gtls_db, gtls_cert );
+ return new GnutlsSocket( addr, port, Gtlsdb, Gtlscert );
}
@@ -99,8 +99,8 @@
#if 0
GnutlsSocket::GnutlsSocket(string addr, int32_t port,
- MRef<gtls_ca_db *> cert_db,
- MRef<gtls_certificate *> cert)
+ MRef<GtlsCertificateSet *> cert_db,
+ MRef<GtlsCertificate *> cert)
{
GnutlsSocket::GnutlsSocket_init(new TCPSocket(addr, port),
cert_db, cert);
@@ -108,8 +108,8 @@
#endif
GnutlsSocket::GnutlsSocket(IPAddress &addr, int32_t port,
- MRef<gtls_ca_db *> cert_db,
- MRef<gtls_certificate *> cert)
+ MRef<GtlsCertificateSet *> cert_db,
+ MRef<GtlsCertificate *> cert)
{
GnutlsSocket::GnutlsSocket_init(new TCPSocket(addr, port),
cert_db, cert);
@@ -137,8 +137,8 @@
/*********************************************************************************/
void GnutlsSocket::GnutlsSocket_init( MRef<StreamSocket*> ssock,
- MRef<gtls_ca_db *> cert_db,
- MRef<gtls_certificate *> cert )
+ MRef<GtlsCertificateSet *> cert_db,
+ MRef<GtlsCertificate *> cert )
{
int err=0;
@@ -161,14 +161,14 @@
if( cert ){
// FIXME support chained certs.
- gnutls_x509_crt_t gcert = cert->get_certificate();
+ gnutls_x509_crt_t gcert = cert->getCertificate();
gnutls_x509_privkey_t gkey = NULL;
- MRef<gtls_priv_key*> gtls_pk =
- dynamic_cast<gtls_priv_key*>( *cert->get_pk() );
+ MRef<GtlsPrivateKey*> Gtlspk =
+ dynamic_cast<GtlsPrivateKey*>( *cert->getPk() );
- if( gtls_pk ){
- gkey = gtls_pk->get_private_key();
+ if( Gtlspk ){
+ gkey = Gtlspk->getPrivateKey();
}
err = gnutls_certificate_set_x509_key(m_xcred, &gcert, 1, gkey);
Modified: trunk/libmcrypto/source/gnutls/cert.cxx
===================================================================
--- trunk/libmcrypto/source/gnutls/cert.cxx 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/source/gnutls/cert.cxx 2007-06-28 12:50:27 UTC (rev 3340)
@@ -41,7 +41,7 @@
throw Exception(msg.c_str());
-gtls_certificate::gtls_certificate():cert(NULL),rsaKey(NULL){
+GtlsCertificate::GtlsCertificate():cert(NULL),rsaKey(NULL){
gnutls_global_init();
}
@@ -49,64 +49,64 @@
// Factory methods
//
-ca_db *ca_db::create(){
- return new gtls_ca_db();
+CertificateSet *CertificateSet::create(){
+ return new GtlsCertificateSet();
}
-priv_key* priv_key::load( const std::string private_key_filename ){
- return new gtls_priv_key( private_key_filename );
+PrivateKey* PrivateKey::load( const std::string private_key_filename ){
+ return new GtlsPrivateKey( private_key_filename );
}
-priv_key* priv_key::load( char *derEncPk, int length,
+PrivateKey* PrivateKey::load( char *derEncPk, int length,
std::string password,
std::string path ){
- return new gtls_priv_key( derEncPk, length, password, path );
+ return new GtlsPrivateKey( derEncPk, length, password, path );
}
-// Read PEM-encoded certificate from a file
-certificate* certificate::load( const std::string cert_filename )
+// Read PEM-encoded Certificate from a file
+Certificate* Certificate::load( const std::string cert_filename )
{
- return new gtls_certificate( cert_filename );
+ return new GtlsCertificate( cert_filename );
}
-// Read PEM-encoded certificate private key from a file
-certificate* certificate::load( const std::string cert_filename,
+// Read PEM-encoded Certificate private key from a file
+Certificate* Certificate::load( const std::string cert_filename,
const std::string private_key_filename ){
- MRef<priv_key*> priv_key = new gtls_priv_key( private_key_filename );
- MRef<certificate*> cert = new gtls_certificate( cert_filename );
+ MRef<PrivateKey*> PrivateKey = new GtlsPrivateKey( private_key_filename );
+ MRef<Certificate*> cert = new GtlsCertificate( cert_filename );
- cert->set_pk( priv_key );
+ cert->setPk( PrivateKey );
// The caller is responsible for deleting cert
cert->incRefCount();
return *cert;
}
-// Import DER-encoded certificate from memory
-certificate* certificate::load( unsigned char * der_cert,
+// Import DER-encoded Certificate from memory
+Certificate* Certificate::load( unsigned char * der_cert,
int length ){
- return new gtls_certificate( der_cert, length );
+ return new GtlsCertificate( der_cert, length );
}
#if 0
// TODO
-certificate* certificate::load( unsigned char * certData,
+Certificate* Certificate::load( unsigned char * certData,
int length,
std::string path ){
- return new gtls_certificate( certData, length, path );
+ return new GtlsCertificate( certData, length, path );
}
#endif
-certificate_chain* certificate_chain::create(){
- return new gtls_certificate_chain();
+CertificateChain* CertificateChain::create(){
+ return new GtlsCertificateChain();
}
//
-// gtls_rsa_priv
+// GtlsRsaPriv
//
-gtls_rsa_priv::gtls_rsa_priv( gnutls_x509_privkey_t aKey ):m_key(NULL){
+GtlsRsaPriv::GtlsRsaPriv( gnutls_x509_privkey_t aKey ):m_key(NULL){
gcry_error_t err;
gnutls_datum_t n[6];
int i;
@@ -115,8 +115,8 @@
if( gnutls_x509_privkey_export_rsa_raw( aKey, &n[0], &n[1], &n[2],
&n[3], &n[4], &n[5] )){
- // TODO change to gtls_exception
- throw certificate_exception_pkey("Private key invalid" );
+ // TODO change to Gtlsexception
+ throw CertificateExceptionPkey("Private key invalid" );
}
gcry_mpi_t mpi[6];
@@ -137,7 +137,7 @@
}
}
- throw certificate_exception_pkey("Private key parameter invalid" );
+ throw CertificateExceptionPkey("Private key parameter invalid" );
}
}
@@ -161,18 +161,18 @@
}
if( err ){
- throw certificate_exception_pkey("Private key parameters invalid" );
+ throw CertificateExceptionPkey("Private key parameters invalid" );
}
}
-gtls_rsa_priv::~gtls_rsa_priv(){
+GtlsRsaPriv::~GtlsRsaPriv(){
if( m_key ){
gcry_sexp_release( m_key );
m_key = NULL;
}
}
-bool gtls_rsa_priv::decrypt( const unsigned char *data, int size,
+bool GtlsRsaPriv::decrypt( const unsigned char *data, int size,
unsigned char *retdata, int *retsize) const{
gcry_error_t err;
bool ret = false;
@@ -271,9 +271,9 @@
}
//
-// gtls_rsa_pub
+// Gtlsrsa_pub
//
-gtls_rsa_pub::gtls_rsa_pub( gnutls_x509_crt_t aCert ):m_key(NULL){
+Gtlsrsa_pub::Gtlsrsa_pub( gnutls_x509_crt_t aCert ):m_key(NULL){
gcry_error_t err;
gnutls_datum_t n;
gnutls_datum_t e;
@@ -282,7 +282,7 @@
memset(&e, 0, sizeof(e));
if( gnutls_x509_crt_get_pk_rsa_raw( aCert, &n, &e ) ){
- throw certificate_exception_init( "Can't get RSA key from cert" );
+ throw CertificateExceptionInit( "Can't get RSA key from cert" );
}
gcry_mpi_t n_mpi = NULL;
@@ -295,7 +295,7 @@
if( err ){
gcry_free( e.data );
- throw certificate_exception_init( "Invalid public key m parameter" );
+ throw CertificateExceptionInit( "Invalid public key m parameter" );
}
gcry_mpi_t e_mpi = NULL;
@@ -306,7 +306,7 @@
if( err ){
gcry_mpi_release( e_mpi );
- throw certificate_exception_init( "Invalid public key e parameter" );
+ throw CertificateExceptionInit( "Invalid public key e parameter" );
}
size_t erroff = 0;
@@ -321,18 +321,18 @@
e_mpi = NULL;
if( err ){
- throw certificate_exception_init( "Invalid public key parameters" );
+ throw CertificateExceptionInit( "Invalid public key parameters" );
}
}
-gtls_rsa_pub::~gtls_rsa_pub(){
+Gtlsrsa_pub::~Gtlsrsa_pub(){
if( m_key ){
gcry_sexp_release( m_key );
m_key = NULL;
}
}
-bool gtls_rsa_pub::encrypt( const unsigned char *data, int size,
+bool Gtlsrsa_pub::encrypt( const unsigned char *data, int size,
unsigned char *retdata, int *retsize) const{
bool ret = false;
gcry_error_t err;
@@ -404,7 +404,7 @@
}
-gtls_priv_key::~gtls_priv_key(){
+GtlsPrivateKey::~GtlsPrivateKey(){
if( privateKey != NULL ){
gnutls_x509_privkey_deinit( privateKey );
}
@@ -417,19 +417,19 @@
}
}
-const string >ls_priv_key::get_file() const{
+const string &GtlsPrivateKey::getFile() const{
return pk_file;
}
-// Read PEM-encoded certificate from a file
-gtls_certificate::gtls_certificate( const string certFilename ):rsaKey(NULL){
+// Read PEM-encoded Certificate from a file
+GtlsCertificate::GtlsCertificate( const string certFilename ):rsaKey(NULL){
gnutls_global_init();
openFromFile( certFilename );
}
-// Import DER-encoded certificate from memory
-gtls_certificate::gtls_certificate( unsigned char * derCert, int length ):rsaKey(NULL){
+// Import DER-encoded Certificate from memory
+GtlsCertificate::GtlsCertificate( unsigned char * derCert, int length ):rsaKey(NULL){
int ret;
gnutls_datum certData;
@@ -438,8 +438,8 @@
ret = gnutls_x509_crt_init( (gnutls_x509_crt_t*)&cert );
if( ret != 0 ){
- throw certificate_exception_init(
- "Could not initialize the certificate structure" );
+ throw CertificateExceptionInit(
+ "Could not initialize the Certificate structure" );
}
certData.data = derCert;
@@ -448,8 +448,8 @@
ret = gnutls_x509_crt_import( cert, &certData, GNUTLS_X509_FMT_DER );
if( ret != 0 ){
- throw certificate_exception(
- "Could not import the given certificate" );
+ throw CertificateException(
+ "Could not import the given Certificate" );
}
if( rsaKey ){
@@ -457,10 +457,10 @@
rsaKey = NULL;
}
- rsaKey = new gtls_rsa_pub( cert );
+ rsaKey = new Gtlsrsa_pub( cert );
}
-gtls_certificate::~gtls_certificate(){
+GtlsCertificate::~GtlsCertificate(){
if( cert != NULL ){
gnutls_x509_crt_deinit( cert );
}
@@ -473,8 +473,8 @@
}
}
-// Read PEM-encoded certificate from a file
-void gtls_certificate::openFromFile( string fileName ){
+// Read PEM-encoded Certificate from a file
+void GtlsCertificate::openFromFile( string fileName ){
int fd;
void * certBuf = NULL;
size_t length;
@@ -484,16 +484,16 @@
fd = open( fileName.c_str(), O_RDONLY );
if( fd == -1 ){
- throw certificate_exception_file(
- "Could not open the given certificate file" );
+ throw CertificateExceptionFile(
+ "Could not open the given Certificate file" );
}
int ret = fstat( fd, &fileStat );
if( ret == -1 ){
- throw certificate_exception_file(
- "Could not stat the given certificate file" );
+ throw CertificateExceptionFile(
+ "Could not stat the given Certificate file" );
}
length = fileStat.st_size;
@@ -501,8 +501,8 @@
certBuf = mmap( 0, length, PROT_READ, MAP_SHARED, fd, 0 );
if( certBuf == NULL ){
- throw certificate_exception_init(
- "Could not mmap the certificate file" );
+ throw CertificateExceptionInit(
+ "Could not mmap the Certificate file" );
}
certData.data = (unsigned char*)certBuf;
@@ -512,15 +512,15 @@
ret = gnutls_x509_crt_init( (gnutls_x509_crt_t*)&cert );
if( ret != 0 ){
- throw certificate_exception_init(
- "Could not initialize the certificate structure" );
+ throw CertificateExceptionInit(
+ "Could not initialize the Certificate structure" );
}
ret = gnutls_x509_crt_import( cert, &certData, GNUTLS_X509_FMT_PEM );
if( ret != 0 ){
- throw certificate_exception_file(
- "Could not import the given certificate" );
+ throw CertificateExceptionFile(
+ "Could not import the given Certificate" );
}
munmap( certBuf, length );
@@ -533,10 +533,10 @@
rsaKey = NULL;
}
- rsaKey = new gtls_rsa_pub( cert );
+ rsaKey = new Gtlsrsa_pub( cert );
}
-int gtls_priv_key::sign_data( unsigned char * data, int dataLength,
+int GtlsPrivateKey::signData( unsigned char * data, int dataLength,
unsigned char * sign, int * sign_length ){
int err;
size_t length = *sign_length;
@@ -544,7 +544,7 @@
if( privateKey == NULL ){
sign = NULL;
*sign_length = 0;
- throw certificate_exception(
+ throw CertificateException(
"A private key is needed to sign data" );
}
@@ -567,7 +567,7 @@
}
else if( err < 0 ){
cerr << "GNUTLS error " << gnutls_strerror( err ) << endl;
- throw certificate_exception(
+ throw CertificateException(
"Signature of data failed" );
}
@@ -576,7 +576,7 @@
return 0;
}
-int gtls_certificate::verif_sign( unsigned char * data, int data_length,
+int GtlsCertificate::verifSign( unsigned char * data, int data_length,
unsigned char * sign, int sign_length )
{
int err;
@@ -590,8 +590,8 @@
signStruct.size = sign_length;
if( cert == NULL ){
- throw certificate_exception(
- "No certificate open while verifying a signature" );
+ throw CertificateException(
+ "No Certificate open while verifying a signature" );
}
err = gnutls_x509_crt_verify_data( cert, 0, &dataStruct, &signStruct );
@@ -599,7 +599,7 @@
return err;
}
-bool gtls_certificate::public_encrypt( const unsigned char *data, int size,
+bool GtlsCertificate::publicEncrypt( const unsigned char *data, int size,
unsigned char *retdata, int *retsize){
if( !rsaKey )
return false;
@@ -607,7 +607,7 @@
return rsaKey->encrypt( data, size, retdata, retsize );
}
-int gtls_certificate::get_der_length(){
+int GtlsCertificate::getDerLength(){
size_t size = 0;
int ret = gnutls_x509_crt_export( cert, GNUTLS_X509_FMT_DER,
@@ -619,31 +619,31 @@
return -1;
}
-void gtls_certificate::get_der( unsigned char * output, unsigned int * length ){
+void GtlsCertificate::getDer( unsigned char * output, unsigned int * length ){
int ret;
ret = gnutls_x509_crt_export( cert, GNUTLS_X509_FMT_DER,
output, length );
if( ret == GNUTLS_E_SHORT_MEMORY_BUFFER ){
- throw certificate_exception(
+ throw CertificateException(
"Given buffer is to short" );
}
if( ret < 0 ){
- throw certificate_exception(
- "An error occured while exporting the certificate" );
+ throw CertificateException(
+ "An error occured while exporting the Certificate" );
}
}
-string gtls_certificate::get_name(){
+string GtlsCertificate::getName(){
int ret;
char * buf;
size_t size = 1024;
buf = (char *)malloc( size );
if( buf == NULL ){
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Not enough memory" );
}
@@ -656,14 +656,14 @@
gnutls_x509_crt_get_dn( cert, NULL, &size );
buf = (char *) malloc( size );
if( buf == NULL ){
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Not enough memory" );
}
ret = gnutls_x509_crt_get_dn( cert, buf, &size );
}
if( ret < 0 ){
- throw certificate_exception(
+ throw CertificateException(
"An error occured in getName()" );
}
@@ -673,14 +673,14 @@
return output;
}
-string gtls_certificate::get_cn(){
+string GtlsCertificate::getCn(){
int ret;
char * buf;
size_t size = 1024;
buf = (char *)malloc( size );
if( buf == NULL ){
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Not enough memory" );
}
@@ -697,7 +697,7 @@
0, 0, NULL, &size );
buf = (char *) malloc( size );
if( buf == NULL ){
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Not enough memory" );
}
ret = gnutls_x509_crt_get_dn_by_oid( cert,
@@ -706,7 +706,7 @@
}
if( ret < 0 ){
- throw certificate_exception(
+ throw CertificateException(
"An error occured in getName()" );
}
@@ -717,7 +717,7 @@
}
-std::vector<std::string> gtls_certificate::get_alt_name( SubjectAltName type ){
+std::vector<std::string> GtlsCertificate::getAltName( SubjectAltName type ){
int ret;
char * buf;
size_t bufSize = 1024;
@@ -730,12 +730,12 @@
case SAN_URI: gType = GNUTLS_SAN_URI; break;
case SAN_IPADDRESS: gType = GNUTLS_SAN_IPADDRESS; break;
default:
- throw certificate_exception( "Unsupported SubjectAltName type" );
+ throw CertificateException( "Unsupported SubjectAltName type" );
}
buf = (char *)malloc( bufSize );
if( buf == NULL ){
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Not enough memory" );
}
@@ -749,7 +749,7 @@
bufSize = size;
buf = (char *) realloc( buf, bufSize );
if( buf == NULL ){
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Not enough memory" );
}
@@ -771,7 +771,7 @@
}
else if( ret < 0 ){
cerr << "GNUTLS error " << gnutls_strerror( ret ) << endl;
- throw certificate_exception(
+ throw CertificateException(
"An error occured in get_alt_name()" );
}
}
@@ -780,14 +780,14 @@
return output;
}
-string gtls_certificate::get_issuer(){
+string GtlsCertificate::getIssuer(){
int ret;
char * buf;
size_t size = 1024;
buf = (char *)malloc( size );
if( buf == NULL ){
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Not enough memory" );
}
@@ -800,14 +800,14 @@
gnutls_x509_crt_get_issuer_dn( cert, NULL, &size );
buf = (char *) malloc( size );
if( buf == NULL ){
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Not enough memory" );
}
ret = gnutls_x509_crt_get_issuer_dn( cert, buf, &size );
}
if( ret < 0 ){
- throw certificate_exception(
+ throw CertificateException(
"An error occured in getName()" );
}
@@ -817,14 +817,14 @@
return output;
}
-string gtls_certificate::get_issuer_cn(){
+string GtlsCertificate::getIssuerCn(){
int ret;
char * buf;
size_t size = 1024;
buf = (char *)malloc( size );
if( buf == NULL ){
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Not enough memory" );
}
@@ -841,7 +841,7 @@
0, 0, NULL, &size );
buf = (char *) malloc( size );
if( buf == NULL ){
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Not enough memory" );
}
ret = gnutls_x509_crt_get_issuer_dn_by_oid( cert,
@@ -850,7 +850,7 @@
}
if( ret < 0 ){
- throw certificate_exception(
+ throw CertificateException(
"An error occured in getName()" );
}
@@ -861,7 +861,7 @@
}
// Read PEM-encoded private key from a file
-gtls_priv_key::gtls_priv_key( const string &file ){
+GtlsPrivateKey::GtlsPrivateKey( const string &file ){
int fd;
void * pkBuf = NULL;
size_t length;
@@ -871,7 +871,7 @@
fd = open( file.c_str(), O_RDONLY );
if( fd == -1 ){
- throw certificate_exception_file(
+ throw CertificateExceptionFile(
"Could not open the given private key file" );
}
@@ -879,7 +879,7 @@
int ret = fstat( fd, &fileStat );
if( ret == -1 ){
- throw certificate_exception_file(
+ throw CertificateExceptionFile(
"Could not stat the given private key file" );
}
@@ -888,8 +888,8 @@
pkBuf = mmap( 0, length, PROT_READ, MAP_SHARED, fd, 0 );
if( pkBuf == NULL ){
- throw certificate_exception_init(
- "Could not mmap the certificate file" );
+ throw CertificateExceptionInit(
+ "Could not mmap the Certificate file" );
}
pkData.data = (unsigned char*)pkBuf;
@@ -899,7 +899,7 @@
ret = gnutls_x509_privkey_init( (gnutls_x509_privkey_t*)&privateKey );
if( ret != 0 ){
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Could not initialize the private key structure" );
}
@@ -907,7 +907,7 @@
GNUTLS_X509_FMT_PEM );
if( ret != 0 ){
- throw certificate_exception_file(
+ throw CertificateExceptionFile(
"Could not import the given private key" );
}
@@ -915,11 +915,11 @@
close( fd );
pk_file = file;
- rsaPriv = new gtls_rsa_priv( privateKey );
+ rsaPriv = new GtlsRsaPriv( privateKey );
}
// Import DER-encoded private key from memory
-gtls_priv_key::gtls_priv_key(char * pkInput, int length,
+GtlsPrivateKey::GtlsPrivateKey(char * pkInput, int length,
const string &password,
const string &path )
{
@@ -931,7 +931,7 @@
if( ret != 0 )
{
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Could not initialize the private key structure" );
}
@@ -943,18 +943,18 @@
if( ret != 0 )
{
- throw certificate_exception_file("Could not import the given private key" );
+ throw CertificateExceptionFile("Could not import the given private key" );
}
pk_file = path;
}
-bool gtls_priv_key::check_cert( MRef<certificate*> cert ){
- MRef<gtls_certificate*> gtls_cert =
- dynamic_cast<gtls_certificate*>( *cert );
+bool GtlsPrivateKey::checkCert( MRef<Certificate*> cert ){
+ MRef<GtlsCertificate*> Gtlscert =
+ dynamic_cast<GtlsCertificate*>( *cert );
- if( !gtls_cert ){
+ if( !Gtlscert ){
return false;
}
@@ -962,19 +962,19 @@
byte_t privateKeyId[20];
size_t idLength;
- /* Check that the private key matches the certificate */
+ /* Check that the private key matches the Certificate */
idLength = 20;
- int ret = gnutls_x509_crt_get_key_id( gtls_cert->get_certificate(),
+ int ret = gnutls_x509_crt_get_key_id( Gtlscert->getCertificate(),
0, publicKeyId, &idLength );
if( ret < 0 ){
- throw certificate_exception("An error occured when computing the key id" );
+ throw CertificateException("An error occured when computing the key id" );
}
ret = gnutls_x509_privkey_get_key_id( privateKey, 0, privateKeyId, &idLength );
if( ret < 0 ){
- throw certificate_exception("An error occured when computing the key id" );
+ throw CertificateException("An error occured when computing the key id" );
}
for( unsigned int i = 0; i < idLength; i++ ){
if( privateKeyId[i] != publicKeyId[i] ){
@@ -986,20 +986,20 @@
}
-int gtls_certificate::control( ca_db * certDb ){
+int GtlsCertificate::control( CertificateSet * certDb ){
int result;
unsigned int verify = 0;
- MRef<gtls_ca_db*> gtls_db =
- dynamic_cast<gtls_ca_db*>( certDb );
+ MRef<GtlsCertificateSet*> Gtlsdb =
+ dynamic_cast<GtlsCertificateSet*>( certDb );
gnutls_x509_crt_t* ca_list = NULL;
size_t ca_list_length = 0;
- if( !gtls_db ){
+ if( !Gtlsdb ){
cerr << "Not gtls CA db" << endl;
return 0;
}
- if( !gtls_db->getDb( &ca_list, &ca_list_length ) ){
+ if( !Gtlsdb->getDb( &ca_list, &ca_list_length ) ){
cerr << "No CA db" << endl;
return 0;
}
@@ -1020,17 +1020,17 @@
return verify ? 0 : 1;
}
-int gtls_certificate::envelope_data( unsigned char * data, int size, unsigned char *retdata, int *retsize,
+int GtlsCertificate::envelopeData( unsigned char * data, int size, unsigned char *retdata, int *retsize,
unsigned char *enckey, int *enckeylgth, unsigned char **iv){
UNIMPLEMENTED;
}
-int gtls_priv_key::denvelope_data(unsigned char * data, int size, unsigned char *retdata, int *retsize,
+int GtlsPrivateKey::denvelopeData(unsigned char * data, int size, unsigned char *retdata, int *retsize,
unsigned char *enckey, int enckeylgth, unsigned char *iv){
UNIMPLEMENTED;
}
-bool gtls_priv_key::private_decrypt( const unsigned char *data, int size,
+bool GtlsPrivateKey::privateDecrypt( const unsigned char *data, int size,
unsigned char *retdata, int *retsize){
if( !rsaPriv )
return false;
@@ -1039,13 +1039,13 @@
}
//
-// End of gtls_certificate
+// End of GtlsCertificate
//
-gtls_ca_db_item::gtls_ca_db_item(): certs(NULL), num_certs(0){
+GtlsCertificateSetItem::GtlsCertificateSetItem(): certs(NULL), num_certs(0){
}
-gtls_ca_db_item::~gtls_ca_db_item(){
+GtlsCertificateSetItem::~GtlsCertificateSetItem(){
if( certs ){
for( unsigned int i=0; i < num_certs; i++ ){
gnutls_x509_crt_deinit( certs[i] );
@@ -1058,10 +1058,10 @@
}
}
-gtls_ca_db::gtls_ca_db(): caList(NULL), caListLength(0){
+GtlsCertificateSet::GtlsCertificateSet(): caList(NULL), caListLength(0){
}
-gtls_ca_db::~gtls_ca_db(){
+GtlsCertificateSet::~GtlsCertificateSet(){
if( caList != NULL ){
delete[] caList;
caList = NULL;
@@ -1069,20 +1069,20 @@
}
}
-bool gtls_ca_db::getDb(gnutls_x509_crt_t ** db, size_t * db_length){
+bool GtlsCertificateSet::getDb(gnutls_x509_crt_t ** db, size_t * db_length){
if( !caList ){
-// TODO: Results in deadlock in gtls_certificate_chain::control
+// TODO: Results in deadlock in GtlsCertificateChain::control
// lock();
- std::list<MRef<ca_db_item*> > &items = get_items();
- std::list<MRef<ca_db_item*> >::iterator i;
- std::list<MRef<ca_db_item*> >::iterator last = items.end();
+ std::list<MRef<CertificateSetItem*> > &items = getItems();
+ std::list<MRef<CertificateSetItem*> >::iterator i;
+ std::list<MRef<CertificateSetItem*> >::iterator last = items.end();
caListLength = 0;
for( i = items.begin(); i != last; i++ ){
- gtls_ca_db_item *item =
- dynamic_cast<gtls_ca_db_item*>(**i);
+ GtlsCertificateSetItem *item =
+ dynamic_cast<GtlsCertificateSetItem*>(**i);
caListLength += item->num_certs;
}
@@ -1090,8 +1090,8 @@
size_t pos = 0;
for( i = items.begin(); i != last; i++ ){
- gtls_ca_db_item *item =
- dynamic_cast<gtls_ca_db_item*>(**i);
+ GtlsCertificateSetItem *item =
+ dynamic_cast<GtlsCertificateSetItem*>(**i);
for( size_t k = 0; k < item->num_certs; k++ ){
caList[ pos++ ] = item->certs[ k ];
@@ -1107,18 +1107,18 @@
}
#if 0
-void gtls_ca_db::addDirectory( string dir ){
+void GtlsCertificateSet::addDirectory( string dir ){
X509_LOOKUP * lookup = NULL;
- ca_dbItem * item = new ca_dbItem();
+ CertificateSetItem * item = new CertificateSetItem();
lookup = X509_STORE_add_lookup(
certDb, X509_LOOKUP_hash_dir() );
if( lookup == NULL )
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
string("Could not create a directory lookup") );
if( !X509_LOOKUP_add_dir( lookup, dir.c_str(), X509_FILETYPE_PEM ) )
- throw certificate_exception_file(
+ throw CertificateExceptionFile(
"Could not open the directory "+dir );
item->item = dir;
@@ -1131,7 +1131,7 @@
-bool read_file( string file, gnutls_datum* data ){
+bool readFile( string file, gnutls_datum* data ){
int fd;
unsigned char* buf = NULL;
size_t length;
@@ -1167,7 +1167,7 @@
if( res < 0 ){
perror("read");
- throw certificate_exception("Read file error");
+ throw CertificateException("Read file error");
}
else if( res == 0 ){
break;
@@ -1192,15 +1192,15 @@
ret = gnutls_x509_crt_init( (gnutls_x509_crt_t*)&cert );
if( ret != 0 ){
- throw certificate_exception_init(
- "Could not initialize the certificate structure" );
+ throw CertificateExceptionInit(
+ "Could not initialize the Certificate structure" );
}
ret = gnutls_x509_crt_import( cert, &certData, GNUTLS_X509_FMT_PEM );
if( ret != 0 ){
- throw certificate_exception_file(
- "Could not import the given certificate" );
+ throw CertificateExceptionFile(
+ "Could not import the given Certificate" );
}
munmap( buf, length );
@@ -1210,29 +1210,29 @@
}
*/
-MRef<ca_db_item*> gtls_ca_db::create_dir_item( std::string dir ){
- ca_db_item * item = new gtls_ca_db_item();
+MRef<CertificateSetItem*> GtlsCertificateSet::createDirItem( std::string dir ){
+ CertificateSetItem * item = new GtlsCertificateSetItem();
item->item = dir;
item->type = CERT_DB_ITEM_TYPE_DIR;
return item;
}
-MRef<ca_db_item*> gtls_ca_db::create_file_item( std::string file ){
+MRef<CertificateSetItem*> GtlsCertificateSet::createFileItem( std::string file ){
gnutls_datum_t data;
memset(&data, 0, sizeof(data));
- if( !read_file( file, &data ) ){
- string msg = string("Can't find certificate file ") + file;
- throw certificate_exception( msg.c_str() );
+ if( !readFile( file, &data ) ){
+ string msg = string("Can't find Certificate file ") + file;
+ throw CertificateException( msg.c_str() );
}
size_t num_certs = 0;
if( !gnutls_x509_crt_list_import(NULL, &num_certs, &data, GNUTLS_X509_FMT_PEM, GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED ) ){
delete[] data.data;
- throw certificate_exception( "Can't load certificate file" );
+ throw CertificateException( "Can't load Certificate file" );
// return NULL;
}
@@ -1247,15 +1247,15 @@
if( res < 0 ){
cerr << "GNUTLS error " << gnutls_strerror( res ) << endl;
- throw certificate_exception( "Can't load certificate file (2)" );
+ throw CertificateException( "Can't load Certificate file (2)" );
// return NULL;
}
#ifdef DEBUG_OUTPUT
- cerr << "Loaded " << res << " certificates" << endl;
+ cerr << "Loaded " << res << " Certificates" << endl;
#endif
- gtls_ca_db_item * item = new gtls_ca_db_item();
+ GtlsCertificateSetItem * item = new GtlsCertificateSetItem();
item->item = file;
item->type = CERT_DB_ITEM_TYPE_FILE;
item->certs = certs;
@@ -1265,8 +1265,8 @@
return item;
}
-MRef<ca_db_item*> gtls_ca_db::create_cert_item( MRef<certificate*> cert ){
- gtls_ca_db_item * item = new gtls_ca_db_item();
+MRef<CertificateSetItem*> GtlsCertificateSet::createCertItem( MRef<Certificate*> cert ){
+ GtlsCertificateSetItem * item = new GtlsCertificateSetItem();
item->item = "";
item->type = CERT_DB_ITEM_TYPE_OTHER;
@@ -1277,15 +1277,15 @@
int ret = gnutls_x509_crt_init( &item->certs[0] );
if( ret != 0 ){
- throw certificate_exception_init(
- "Could not initialize the certificate structure" );
+ throw CertificateExceptionInit(
+ "Could not initialize the Certificate structure" );
}
gnutls_datum der;
- der.size = cert->get_der_length();
+ der.size = cert->getDerLength();
der.data = new byte_t[ der.size ];
- cert->get_der( der.data, &der.size );
+ cert->getDer( der.data, &der.size );
ret = gnutls_x509_crt_import( item->certs[0], &der, GNUTLS_X509_FMT_DER );
@@ -1293,86 +1293,86 @@
der.data = NULL;
if( ret != 0 ){
- throw certificate_exception(
- "Could not import the given certificate" );
+ throw CertificateException(
+ "Could not import the given Certificate" );
}
return item;
}
-gtls_certificate_chain::gtls_certificate_chain(){
+GtlsCertificateChain::GtlsCertificateChain(){
}
-gtls_certificate_chain::gtls_certificate_chain( MRef<certificate *> cert ){
+GtlsCertificateChain::GtlsCertificateChain( MRef<Certificate *> cert ){
}
-gtls_certificate_chain::~gtls_certificate_chain(){
+GtlsCertificateChain::~GtlsCertificateChain(){
}
-int gtls_certificate_chain::control( MRef<ca_db *> certDb){
+int GtlsCertificateChain::control( MRef<CertificateSet *> certDb){
int result;
unsigned int verify = 0;
- MRef<gtls_ca_db*> gtls_db =
- dynamic_cast<gtls_ca_db*>(*certDb);
+ MRef<GtlsCertificateSet*> Gtlsdb =
+ dynamic_cast<GtlsCertificateSet*>(*certDb);
gnutls_x509_crt_t* ca_list = NULL;
size_t ca_list_length = 0;
- gnutls_x509_crt_t* gtls_list = NULL;
- size_t gtls_list_length = 0;
+ gnutls_x509_crt_t* Gtlslist = NULL;
+ size_t Gtlslist_length = 0;
- if( !gtls_db ){
+ if( !Gtlsdb ){
cerr << "Not gtls CA db" << endl;
return 0;
}
// lock();
- gtls_list_length = cert_list.size();
+ Gtlslist_length = cert_list.size();
- if( gtls_list_length == 0 ){
+ if( Gtlslist_length == 0 ){
#ifdef DEBUG_OUTPUT
- cerr << "certificate: Empty list of certificates"
+ cerr << "Certificate: Empty list of Certificates"
"to verify" << endl;
#endif
// Return success
return 1;
}
- /* Chain of certificates */
- list< MRef<certificate *> >::iterator i = cert_list.begin();
+ /* Chain of Certificates */
+ list< MRef<Certificate *> >::iterator i = cert_list.begin();
- gtls_list = new gnutls_x509_crt_t[ gtls_list_length ];
- memset( gtls_list, 0, gtls_list_length * sizeof( gnutls_x509_crt_t ));
+ Gtlslist = new gnutls_x509_crt_t[ Gtlslist_length ];
+ memset( Gtlslist, 0, Gtlslist_length * sizeof( gnutls_x509_crt_t ));
- for( size_t j = 0; j < gtls_list_length; j++,i++ ){
- MRef<gtls_certificate *> cert =
- dynamic_cast<gtls_certificate*>(**i);
+ for( size_t j = 0; j < Gtlslist_length; j++,i++ ){
+ MRef<GtlsCertificate *> cert =
+ dynamic_cast<GtlsCertificate*>(**i);
if( !cert ){
// unlock();
- delete[] gtls_list;
+ delete[] Gtlslist;
// Not gtls cert
cerr << "Not a gtls cert" << endl;
return 0;
}
- gtls_list[j] = cert->get_certificate();
+ Gtlslist[j] = cert->getCertificate();
}
// unlock();
- if( !gtls_db->getDb( &ca_list, &ca_list_length ) ){
- delete[] gtls_list;
+ if( !Gtlsdb->getDb( &ca_list, &ca_list_length ) ){
+ delete[] Gtlslist;
cerr << "No CA db" << endl;
return 0;
}
- result = gnutls_x509_crt_list_verify( gtls_list, gtls_list_length,
+ result = gnutls_x509_crt_list_verify( Gtlslist, Gtlslist_length,
ca_list, ca_list_length,
// crl_list, crl_list_length,
NULL, 0,
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT,
&verify);
- delete[] gtls_list;
- gtls_list = NULL;
+ delete[] Gtlslist;
+ Gtlslist = NULL;
if( result < 0 ){
cerr << "gnutls_x509_crt_list_verify failed" << endl;
Modified: trunk/libmcrypto/source/openssl/TlsServerSocket.cxx
===================================================================
--- trunk/libmcrypto/source/openssl/TlsServerSocket.cxx 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/source/openssl/TlsServerSocket.cxx 2007-06-28 12:50:27 UTC (rev 3340)
@@ -62,41 +62,41 @@
{
}
-ServerSocket *TLSServerSocket::create( bool use_ipv6, int32_t listen_port, MRef<certificate *> cert, MRef<ca_db *> cert_db ){
- MRef<ossl_certificate*> ssl_cert;
- MRef<ossl_ca_db*> ssl_db;
+ServerSocket *TLSServerSocket::create( bool use_ipv6, int32_t listen_port, MRef<Certificate *> cert, MRef<CertificateSet *> cert_db ){
+ MRef<OsslCertificate*> ssl_cert;
+ MRef<OsslCertificateSet*> ssl_db;
if( cert )
- ssl_cert = (ossl_certificate*)*cert;
+ ssl_cert = (OsslCertificate*)*cert;
if( cert_db )
- ssl_db = (ossl_ca_db*)*cert_db;
+ ssl_db = (OsslCertificateSet*)*cert_db;
return new OsslServerSocket( listen_port, ssl_cert, ssl_db );
}
-ServerSocket *TLSServerSocket::create(int32_t listen_port, MRef<certificate *> cert, MRef<ca_db *> cert_db ){
+ServerSocket *TLSServerSocket::create(int32_t listen_port, MRef<Certificate *> cert, MRef<CertificateSet *> cert_db ){
return create( false, listen_port, cert, cert_db );
}
-OsslServerSocket::OsslServerSocket( int32_t listen_port_, MRef<ossl_certificate *> cert_, MRef<ossl_ca_db *> cert_db_):TLSServerSocket(AF_INET, listen_port)
+OsslServerSocket::OsslServerSocket( int32_t listen_port_, MRef<OsslCertificate *> cert_, MRef<OsslCertificateSet *> cert_db_):TLSServerSocket(AF_INET, listen_port)
{
init(false, listen_port_, cert_, cert_db_);
}
OsslServerSocket::OsslServerSocket( bool use_ipv6_, int32_t listen_port_,
- MRef<ossl_certificate *> cert_,
- MRef<ossl_ca_db *> cert_db_):TLSServerSocket(use_ipv6_?AF_INET6:AF_INET, listen_port_)
+ MRef<OsslCertificate *> cert_,
+ MRef<OsslCertificateSet *> cert_db_):TLSServerSocket(use_ipv6_?AF_INET6:AF_INET, listen_port_)
{
init(use_ipv6_, listen_port_, cert_, cert_db_);
}
void OsslServerSocket::init( bool use_ipv6_, int32_t listen_port_,
- MRef<ossl_certificate *> cert,
- MRef<ossl_ca_db *> cert_db_)
+ MRef<OsslCertificate *> cert,
+ MRef<OsslCertificateSet *> cert_db_)
{
this->cert_db = cert_db_;
int32_t backlog = 25;
@@ -135,14 +135,14 @@
SSL_CTX_set_session_id_context( ssl_ctx, sid_ctx, (unsigned int)strlen( (const char *)sid_ctx ) );
if( !cert_db.isNull() ){
- /* Use this database for the certificates check */
- SSL_CTX_set_cert_store( this->ssl_ctx, this->cert_db->get_db());
+ /* Use this database for the Certificates check */
+ SSL_CTX_set_cert_store( this->ssl_ctx, this->cert_db->getDb());
}
- MRef<priv_key *> priv_key = cert->get_pk();
- MRef<ossl_priv_key *> ossl_pk =
- dynamic_cast<ossl_priv_key*>(*priv_key);
- if( SSL_CTX_use_PrivateKey( ssl_ctx, ossl_pk->get_openssl_private_key() ) <= 0 ){
+ MRef<PrivateKey *> PrivateKey = cert->getPk();
+ MRef<OsslPrivateKey *> Osslpk =
+ dynamic_cast<OsslPrivateKey*>(*PrivateKey);
+ if( SSL_CTX_use_PrivateKey( ssl_ctx, Osslpk->getOpensslPrivateKey() ) <= 0 ){
#ifdef DEBUG_OUTPUT
cerr << "Could not use the given private key" << endl;
#endif
@@ -152,9 +152,9 @@
}
- if( SSL_CTX_use_certificate( ssl_ctx, cert->get_openssl_certificate() ) <= 0 ){
+ if( SSL_CTX_use_certificate( ssl_ctx, cert->getOpensslCertificate() ) <= 0 ){
#ifdef DEBUG_OUTPUT
- cerr << "Could not use the given certificate" << endl;
+ cerr << "Could not use the given Certificate" << endl;
#endif
ERR_print_errors_fp(stderr);
@@ -163,7 +163,7 @@
if( !SSL_CTX_check_private_key( ssl_ctx ) ){
#ifdef DEBUG_OUTPUT
- cerr << "Given private key does not match the certificate"<<endl;
+ cerr << "Given private key does not match the Certificate"<<endl;
#endif
exit( 1 );
Modified: trunk/libmcrypto/source/openssl/TlsSocket.cxx
===================================================================
--- trunk/libmcrypto/source/openssl/TlsSocket.cxx 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/source/openssl/TlsSocket.cxx 2007-06-28 12:50:27 UTC (rev 3340)
@@ -59,19 +59,19 @@
}
TLSSocket* TLSSocket::connect( IPAddress &addr, int32_t port,
- MRef<certificate *> cert,
- MRef<ca_db *> cert_db,
+ MRef<Certificate *> cert,
+ MRef<CertificateSet *> cert_db,
string serverName )
{
void *ssl_ctx = NULL;
- MRef<ossl_certificate*> ssl_cert;
- MRef<ossl_ca_db*> ssl_db;
+ MRef<OsslCertificate*> ssl_cert;
+ MRef<OsslCertificateSet*> ssl_db;
if( cert )
- ssl_cert = (ossl_certificate*)*cert;
+ ssl_cert = (OsslCertificate*)*cert;
if( cert_db )
- ssl_db = (ossl_ca_db*)*cert_db;
+ ssl_db = (OsslCertificateSet*)*cert_db;
return new OsslSocket( addr, port, ssl_ctx, ssl_cert, ssl_db );
}
@@ -110,23 +110,23 @@
OsslSocket::OsslSocket( IPAddress &addr, int32_t port, void * &ssl_ctx_,
- MRef<ossl_certificate *> cert,
- MRef<ossl_ca_db *> cert_db_ ){
+ MRef<OsslCertificate *> cert,
+ MRef<OsslCertificateSet *> cert_db_ ){
MRef<TCPSocket*> tcp_sock = new TCPSocket( addr, port );
OsslSocket::OsslSocket_init( *tcp_sock, ssl_ctx_, cert, cert_db_);
}
OsslSocket::OsslSocket( string addr, int32_t port, void * &ssl_ctx_,
- MRef<ossl_certificate *> cert,
- MRef<ossl_ca_db *> cert_db_ ){
+ MRef<OsslCertificate *> cert,
+ MRef<OsslCertificateSet *> cert_db_ ){
MRef<TCPSocket*> tcp_sock = new TCPSocket( addr, port );
OsslSocket::OsslSocket_init( *tcp_sock, ssl_ctx_, cert, cert_db_);
}
/* Helper function ... simplify the maintenance of constructors ... */
void OsslSocket::OsslSocket_init( MRef<StreamSocket*> ssock, void * &ssl_ctx_,
- MRef<ossl_certificate *> cert,
- MRef<ossl_ca_db *> cert_db_ ){
+ MRef<OsslCertificate *> cert,
+ MRef<OsslCertificateSet *> cert_db_ ){
type = SOCKET_TYPE_TLS;
const unsigned char * sid_ctx = (const unsigned char *)"Minisip TLS";
SSLeay_add_ssl_algorithms();
@@ -134,14 +134,14 @@
this->ssl_ctx = (SSL_CTX *)ssl_ctx_;
this->cert_db = cert_db_;
peerPort = ssock->getPeerPort();
- MRef<ossl_certificate*> ssl_cert;
- MRef<ossl_ca_db*> ssl_db;
+ MRef<OsslCertificate*> ssl_cert;
+ MRef<OsslCertificateSet*> ssl_db;
if( cert )
- ssl_cert = (ossl_certificate*)*cert;
+ ssl_cert = (OsslCertificate*)*cert;
if( cert_db )
- ssl_db = (ossl_ca_db*)*cert_db;
+ ssl_db = (OsslCertificateSet*)*cert_db;
if( this->ssl_ctx == NULL ){
#ifdef DEBUG_OUTPUT
@@ -170,29 +170,29 @@
SSL_CTX_set_verify_depth( this->ssl_ctx, 5);
if( !cert.isNull() ){
- /* Add a client certificate */
- MRef<priv_key*> pk = ssl_cert->get_pk();
- MRef<ossl_priv_key*> ssl_pk =
- dynamic_cast<ossl_priv_key*>(*pk);
+ /* Add a client Certificate */
+ MRef<PrivateKey*> pk = ssl_cert->getPk();
+ MRef<OsslPrivateKey*> ssl_pk =
+ dynamic_cast<OsslPrivateKey*>(*pk);
if( !ssl_pk || SSL_CTX_use_PrivateKey( this->ssl_ctx,
- ssl_pk->get_openssl_private_key() ) <= 0 ){
+ ssl_pk->getOpensslPrivateKey() ) <= 0 ){
cerr << "SSL: Could not use private key" << endl;
ERR_print_errors_fp(stderr);
throw TLSContextInitFailed();
}
if( SSL_CTX_use_certificate( this->ssl_ctx,
- ssl_cert->get_openssl_certificate() ) <= 0 ){
- cerr << "SSL: Could not use certificate" << endl;
+ ssl_cert->getOpensslCertificate() ) <= 0 ){
+ cerr << "SSL: Could not use Certificate" << endl;
ERR_print_errors_fp(stderr);
throw TLSContextInitFailed();
}
}
if( !cert_db.isNull() ){
- /* Use this database for the certificates check */
+ /* Use this database for the Certificates check */
SSL_CTX_set_cert_store( this->ssl_ctx,
- ssl_db->get_db());
+ ssl_db->getDb());
}
//SSL_CTX_set_session_cache_mode( this->ssl_ctx, SSL_SESS_CACHE_BOTH );
@@ -227,11 +227,11 @@
}
try{
- peer_cert = new ossl_certificate( SSL_get_peer_certificate (ssl) );
+ peer_cert = new OsslCertificate( SSL_get_peer_certificate (ssl) );
}
- catch( certificate_exception &){
+ catch( CertificateException &){
//FIXME
- cerr << "Could not get server certificate" << endl;
+ cerr << "Could not get server Certificate" << endl;
peer_cert = NULL;
}
Modified: trunk/libmcrypto/source/openssl/cert.cxx
===================================================================
--- trunk/libmcrypto/source/openssl/cert.cxx 2007-06-27 11:54:44 UTC (rev 3339)
+++ trunk/libmcrypto/source/openssl/cert.cxx 2007-06-28 12:50:27 UTC (rev 3340)
@@ -63,86 +63,86 @@
// Factory methods
//
-ca_db *ca_db::create(){
- return new ossl_ca_db();
+CertificateSet *CertificateSet::create(){
+ return new OsslCertificateSet();
}
-priv_key* priv_key::load( const std::string private_key_filename ){
- return new ossl_priv_key( private_key_filename );
+PrivateKey* PrivateKey::load( const std::string private_key_filename ){
+ return new OsslPrivateKey( private_key_filename );
}
-priv_key* priv_key::load( char *derEncPk, int length,
+PrivateKey* PrivateKey::load( char *derEncPk, int length,
std::string password, std::string path ){
- return new ossl_priv_key( derEncPk, length, password, path );
+ return new OsslPrivateKey( derEncPk, length, password, path );
}
-certificate* certificate::load( const std::string cert_filename )
+Certificate* Certificate::load( const std::string cert_filename )
{
- return new ossl_certificate( cert_filename );
+ return new OsslCertificate( cert_filename );
}
-certificate* certificate::load( const std::string cert_filename,
+Certificate* Certificate::load( const std::string cert_filename,
const std::string private_key_filename ){
- MRef<priv_key*> priv_key = new ossl_priv_key( private_key_filename );
- certificate* cert = new ossl_certificate( cert_filename );
+ MRef<PrivateKey*> PrivateKey = new OsslPrivateKey( private_key_filename );
+ Certificate* cert = new OsslCertificate( cert_filename );
- cert->set_pk( priv_key );
+ cert->setPk( PrivateKey );
return cert;
}
-certificate* certificate::load( unsigned char * der_cert,
+Certificate* Certificate::load( unsigned char * der_cert,
int length ){
- return new ossl_certificate( der_cert, length );
+ return new OsslCertificate( der_cert, length );
}
-certificate* certificate::load( unsigned char * certData,
+Certificate* Certificate::load( unsigned char * certData,
int length,
std::string path ){
- return new ossl_certificate( certData, length, path );
+ return new OsslCertificate( certData, length, path );
}
-certificate_chain* certificate_chain::create(){
- return new ossl_certificate_chain();
+CertificateChain* CertificateChain::create(){
+ return new OsslCertificateChain();
}
//
-// ossl_priv_key
+// OsslPrivateKey
//
-ossl_priv_key::~ossl_priv_key(){
+OsslPrivateKey::~OsslPrivateKey(){
if( private_key )
EVP_PKEY_free( private_key );
private_key = NULL;
}
-const string &ossl_priv_key::get_file() const{
+const string &OsslPrivateKey::getFile() const{
return pk_file;
}
//
-// ossl_certificate
+// OsslCertificate
//
-ossl_certificate::ossl_certificate():cert(NULL){
+OsslCertificate::OsslCertificate():cert(NULL){
}
-ossl_certificate::ossl_certificate( X509 * ossl_cert ){
- if( ossl_cert == NULL ){
- throw certificate_exception("X509 certificate is NULL");
+OsslCertificate::OsslCertificate( X509 * Osslcert ){
+ if( Osslcert == NULL ){
+ throw CertificateException("X509 Certificate is NULL");
}
- cert = ossl_cert;
+ cert = Osslcert;
}
-ossl_certificate::ossl_certificate( const string &cert_filename ){
+OsslCertificate::OsslCertificate( const string &cert_filename ){
FILE * fp;
fp = fopen( cert_filename.c_str(), "r" );
if( fp == NULL ){
- cerr << "Could not open the certificate file" << endl;
- throw certificate_exception_file(
- "Could not open the certificate file" );
+ cerr << "Could not open the Certificate file" << endl;
+ throw CertificateExceptionFile(
+ "Could not open the Certificate file" );
}
cert = PEM_read_X509( fp, NULL, NULL, NULL );
@@ -150,44 +150,44 @@
fclose( fp );
if( cert == NULL ){
- cerr << "Invalid certificate file" << endl;
- throw certificate_exception_file(
- "Invalid certificate file" );
+ cerr << "Invalid Certificate file" << endl;
+ throw CertificateExceptionFile(
+ "Invalid Certificate file" );
}
file = cert_filename;
}
-ossl_certificate::ossl_certificate( unsigned char * certData, int length, string path )
+OsslCertificate::OsslCertificate( unsigned char * certData, int length, string path )
{
- /* tries to read a PEM certificate from memory, if that fails it tries to read it as a DER encoded cert*/
+ /* tries to read a PEM Certificate from memory, if that fails it tries to read it as a DER encoded cert*/
BIO *mem;
mem = BIO_new_mem_buf((void *)certData, length);
if( cert == NULL )
- throw certificate_exception_init(
- "Could not create the certificate" );
+ throw CertificateExceptionInit(
+ "Could not create the Certificate" );
cert = PEM_read_bio_X509(mem, NULL, 0 , NULL);
- if (cert == NULL)/*check if its a der encoded certificate*/
+ if (cert == NULL)/*check if its a der encoded Certificate*/
{
cert = d2i_X509_bio(mem, NULL);/*FIX, for some reason
this does never succeed */
if(NULL == cert)
{
- cerr << "Invalid certificate file" << endl;
- throw certificate_exception_file("Invalid certificate" );
+ cerr << "Invalid Certificate file" << endl;
+ throw CertificateExceptionFile("Invalid Certificate" );
}
}
file = path;
}
-ossl_certificate::ossl_certificate( unsigned char * der_cert, int length ){
+OsslCertificate::OsslCertificate( unsigned char * der_cert, int length ){
cert = X509_new();
if( cert == NULL )
- throw certificate_exception_init(
- "Could not create the certificate" );
+ throw CertificateExceptionInit(
+ "Could not create the Certificate" );
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
d2i_X509( &cert, (const unsigned char**)&der_cert, length );
@@ -196,14 +196,14 @@
#endif
}
-ossl_certificate::~ossl_certificate(){
+OsslCertificate::~OsslCertificate(){
if( cert )
X509_free( cert );
cert = NULL;
}
-int ossl_certificate::envelope_data(unsigned char * data, int size, unsigned char *retdata, int *retsize,
+int OsslCertificate::envelopeData(unsigned char * data, int size, unsigned char *retdata, int *retsize,
unsigned char *enckey, int* enckeylgth, unsigned char** iv){
EVP_CIPHER_CTX ctx;
@@ -214,7 +214,7 @@
int temp =0, tmp= 0;
if( cert == NULL ){
#ifdef DEBUG_OUTPUT
- cerr << "You need a certificate to envelope the data" << endl;
+ cerr << "You need a Certificate to envelope the data" << endl;
#endif
return -1;
@@ -224,7 +224,7 @@
if( public_key == NULL ){
#ifdef DEBUG_OUTPUT
- cerr << "Cound not read public key from certificate" << endl;
+ cerr << "Cound not read public key from Certificate" << endl;
#endif
return -1;
}
@@ -244,7 +244,7 @@
return 0;
}
-int ossl_priv_key::denvelope_data(unsigned char * data, int size, unsigned char *retdata, int *retsize,
+int OsslPrivateKey::denvelopeData(unsigned char * data, int size, unsigned char *retdata, int *retsize,
unsigned char *enckey, int enckeylgth, unsigned char *iv){
/*begin decrypt*/
@@ -266,7 +266,7 @@
return 0;
}
-int ossl_priv_key::sign_data( unsigned char * data, int data_length,
+int OsslPrivateKey::signData( unsigned char * data, int data_length,
unsigned char * sign, int * sign_length ){
EVP_MD_CTX ctx;
int err;
@@ -306,7 +306,7 @@
return 0;
}
-int ossl_certificate::verif_sign( unsigned char * data, int data_length,
+int OsslCertificate::verifSign( unsigned char * data, int data_length,
unsigned char * sign, int sign_length ){
EVP_PKEY * public_key;
EVP_MD_CTX ctx;
@@ -317,7 +317,7 @@
if( cert == NULL )
{
#ifdef DEBUG_OUTPUT
- cerr << "You need a certificate to verify a signature" << endl;
+ cerr << "You need a Certificate to verify a signature" << endl;
#endif
return -1;
@@ -327,7 +327,7 @@
if( public_key == NULL )
{
#ifdef DEBUG_OUTPUT
- cerr << "Cound not read public key from certificate" << endl;
+ cerr << "Cound not read public key from Certificate" << endl;
#endif
return -1;
@@ -349,7 +349,7 @@
return err;
}
-bool ossl_priv_key::private_decrypt( const unsigned char *data, int size,
+bool OsslPrivateKey::privateDecrypt( const unsigned char *data, int size,
unsigned char *retdata, int *retsize ){
//adding PKE payload
RSA* rsa = EVP_PKEY_get1_RSA( private_key );
@@ -380,7 +380,7 @@
return true;
}
-bool ossl_certificate::public_encrypt( const unsigned char *data, int size,
+bool OsslCertificate::publicEncrypt( const unsigned char *data, int size,
unsigned char *retdata, int *retsize ){
//adding PKE payload
EVP_PKEY *public_key = X509_get_pubkey( cert );
@@ -415,13 +415,13 @@
return true;
}
-int ossl_certificate::get_der_length(){
+int OsslCertificate::getDerLength(){
return i2d_X509( cert, NULL );
}
-void ossl_certificate::get_der( unsigned char * output, unsigned int * length ){
- if( *length < (unsigned int)get_der_length() ){
- throw certificate_exception(
+void OsslCertificate::getDer( unsigned char * output, unsigned int * length ){
+ if( *length < (unsigned int)getDerLength() ){
+ throw CertificateException(
"Given buffer is to short" );
}
@@ -431,12 +431,12 @@
output -= temp;
}
-string ossl_certificate::get_name(){
+string OsslCertificate::getName(){
return NAME_to_string( X509_get_subject_name( cert ) );
}
-string ossl_certificate::get_cn(){
- string name = get_name();
+string OsslCertificate::getCn(){
+ string name = getName();
size_t pos, pos2;
pos = name.find( "/CN=" );
@@ -450,7 +450,7 @@
return name.substr( pos + 4, pos2 - pos - 4 );
}
-vector<string> ossl_certificate::get_alt_name( SubjectAltName type ){
+vector<string> OsslCertificate::getAltName( SubjectAltName type ){
vector<string> output;
int genType = -1;
@@ -516,12 +516,12 @@
return output;
}
-string ossl_certificate::get_issuer(){
+string OsslCertificate::getIssuer(){
return NAME_to_string( X509_get_issuer_name( cert ) );
}
-string ossl_certificate::get_issuer_cn(){
- string name = get_issuer();
+string OsslCertificate::getIssuerCn(){
+ string name = getIssuer();
size_t pos, pos2;
pos = name.find( "/CN=" );
@@ -536,13 +536,13 @@
}
-ossl_priv_key::ossl_priv_key( const string &file ){
+OsslPrivateKey::OsslPrivateKey( const string &file ){
FILE * fp = NULL;
fp = fopen( file.c_str(), "r" );
if( fp == NULL ){
cerr << "Could not open the private key file" << endl;
- throw certificate_exception_file(
+ throw CertificateExceptionFile(
"Could not open the private key file" );
}
@@ -551,7 +551,7 @@
if( private_key == NULL ){
cerr << "Invalid private key file" << endl;
- throw certificate_exception_file(
+ throw CertificateExceptionFile(
"Invalid private key file" );
}
@@ -559,18 +559,18 @@
}
-bool ossl_priv_key::check_cert( MRef<certificate*> cert ){
- MRef<ossl_certificate*> ssl_cert =
- dynamic_cast<ossl_certificate*>( *cert );
+bool OsslPrivateKey::checkCert( MRef<Certificate*> cert ){
+ MRef<OsslCertificate*> ssl_cert =
+ dynamic_cast<OsslCertificate*>( *cert );
if( !ssl_cert ){
- // Not an OpenSSL certificate!
+ // Not an OpenSSL Certificate!
return false;
}
- /* Check that the private key matches the certificate */
+ /* Check that the private key matches the Certificate */
- if( X509_check_private_key( ssl_cert->get_openssl_certificate(),
+ if( X509_check_private_key( ssl_cert->getOpensslCertificate(),
private_key ) != 1 ){
return false;
}
@@ -579,7 +579,7 @@
}
-ossl_priv_key::ossl_priv_key( char *derEncPk, int length,
+OsslPrivateKey::OsslPrivateKey( char *derEncPk, int length,
const std::string &password,
const std::string &path )
{
@@ -589,7 +589,7 @@
if(mem == NULL )
{
cerr << "Couldn't initiate bio buffer" << endl;
- throw certificate_exception_pkey("Couldn't initiate bio buffer" );
+ throw CertificateExceptionPkey("Couldn't initiate bio buffer" );
}
private_key = PEM_read_bio_PrivateKey(mem, NULL, 0, (void*)password.c_str());
@@ -597,19 +597,19 @@
if(private_key == NULL )
{
cerr << "Invalid private key data or password" << endl;
- throw certificate_exception_pkey("The private key is invalid or wrong password was used" );
+ throw CertificateExceptionPkey("The private key is invalid or wrong password was used" );
}
pk_file=path;
}
-int ossl_certificate::control( ca_db * cert_db ){
+int OsslCertificate::control( CertificateSet * cert_db ){
int result;
X509_STORE_CTX cert_store_ctx;
- ossl_ca_db *ssl_db = (ossl_ca_db*)cert_db;
+ OsslCertificateSet *ssl_db = (OsslCertificateSet*)cert_db;
- X509_STORE_CTX_init( &cert_store_ctx, ssl_db->get_db(), cert ,NULL );
+ X509_STORE_CTX_init( &cert_store_ctx, ssl_db->getDb(), cert ,NULL );
if( X509_STORE_CTX_get_error( &cert_store_ctx) != 0 ){
//fprintf(stderr, "Could not initialize X509_STORE_CTX");
cerr << "Could not initialize X509_STORE_CTX" << endl;
@@ -633,108 +633,108 @@
//
-// ossl_ca_db
+// OsslCertificateSet
//
-ossl_ca_db::ossl_ca_db(){
+OsslCertificateSet::OsslCertificateSet(){
cert_db = X509_STORE_new();
if( cert_db == NULL ){
- throw certificate_exception_init(
- "Could not create the certificate db" );
+ throw CertificateExceptionInit(
+ "Could not create the Certificate db" );
}
}
-ossl_ca_db::~ossl_ca_db(){
+OsslCertificateSet::~OsslCertificateSet(){
X509_STORE_free( cert_db );
}
-X509_STORE * ossl_ca_db::get_db(){
+X509_STORE * OsslCertificateSet::getDb(){
return cert_db;
}
-void ossl_ca_db::add_directory( string dir ){
+void OsslCertificateSet::addDirectory( string dir ){
X509_LOOKUP * lookup = NULL;
lookup = X509_STORE_add_lookup(
cert_db, X509_LOOKUP_hash_dir() );
if( lookup == NULL )
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Could not create a directory lookup");
if( !X509_LOOKUP_add_dir( lookup, dir.c_str(), X509_FILETYPE_PEM ) )
- throw certificate_exception_file(
+ throw CertificateExceptionFile(
(string("Could not open the directory ")+dir).c_str() );
- ca_db::add_directory( dir );
+ CertificateSet::addDirectory( dir );
}
-void ossl_ca_db::add_file( string file ){
+void OsslCertificateSet::addFile( string file ){
X509_LOOKUP * lookup = NULL;
lookup = X509_STORE_add_lookup(
cert_db, X509_LOOKUP_file() );
if( lookup == NULL )
- throw certificate_exception_init(
+ throw CertificateExceptionInit(
"Could not create a file lookup" );
if( !X509_LOOKUP_load_file( lookup, file.c_str(), X509_FILETYPE_PEM ) )
- throw certificate_exception_file(
+ throw CertificateExceptionFile(
("Could not open the file "+file).c_str() );
- ca_db::add_file( file );
+ CertificateSet::addFile( file );
}
-void ossl_ca_db::add_certificate( MRef<certificate *> cert ){
- ossl_certificate *ssl_cert = (ossl_certificate *)*cert;
- X509_STORE_add_cert( cert_db, ssl_cert->get_openssl_certificate() );
+void OsslCertificateSet::addCertificate( MRef<Certificate *> cert ){
+ OsslCertificate *ssl_cert = (OsslCertificate *)*cert;
+ X509_STORE_add_cert( cert_db, ssl_cert->getOpensslCertificate() );
- ca_db::add_certificate( cert );
+ CertificateSet::addCertificate( cert );
}
//
-// ossl_certificate_chain
+// OsslCertificateChain
//
-ossl_certificate_chain::ossl_certificate_chain(){
+OsslCertificateChain::OsslCertificateChain(){
}
-ossl_certificate_chain::ossl_certificate_chain( MRef<certificate *> cert ): certificate_chain( cert ){
+OsslCertificateChain::OsslCertificateChain( MRef<Certificate *> cert ): CertificateChain( cert ){
}
-ossl_certificate_chain::~ossl_certificate_chain(){
+OsslCertificateChain::~OsslCertificateChain(){
}
-int ossl_certificate_chain::control( MRef<ca_db *> cert_db){
- MRef<ossl_ca_db*>ssl_db = (ossl_ca_db*)*cert_db;
+int OsslCertificateChain::control( MRef<CertificateSet *> cert_db){
+ MRef<OsslCertificateSet*>ssl_db = (OsslCertificateSet*)*cert_db;
int result;
X509_STORE_CTX cert_store_ctx;
/* The first one, the one to verify */
X509 * cert;
- /* Chain of certificates */
+ /* Chain of Certificates */
STACK_OF(X509) * cert_stack;
- list< MRef<certificate *> >::iterator i = cert_list.begin();
+ list< MRef<Certificate *> >::iterator i = cert_list.begin();
if( i == cert_list.end() ){
- cerr << "Certificate: Empty list of certificates"
+ cerr << "Certificate: Empty list of Certificates"
"to verify" << endl;
return 0;
}
- MRef<ossl_certificate*>ssl_cert = (ossl_certificate *)**i;
+ MRef<OsslCertificate*>ssl_cert = (OsslCertificate *)**i;
- cert = ssl_cert->get_openssl_certificate();
+ cert = ssl_cert->getOpensslCertificate();
cert_stack = sk_X509_new_null();
i++;
for( ; i != cert_list.end(); i++ ){
- sk_X509_push( cert_stack, ssl_cert->get_openssl_certificate() );
+ sk_X509_push( cert_stack, ssl_cert->getOpensslCertificate() );
}
- X509_STORE_CTX_init( &cert_store_ctx, ssl_db->get_db(), cert, cert_stack);
+ X509_STORE_CTX_init( &cert_store_ctx, ssl_db->getDb(), cert, cert_stack);
if( X509_STORE_CTX_get_error( &cert_store_ctx) != 0 ){
//fprintf(stderr, "Could not initialize X509_STORE_CTX");
cerr << "Could not initialize X509_STORE_CTX" << endl;
@@ -756,3 +756,4 @@
return result;
}
+
More information about the Minisip-devel
mailing list