/* cert_wrapper.hpp * * Copyright (C) 2003 Sawtooth Consulting Ltd. * * This file is part of yaSSL. * * yaSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * There are special exceptions to the terms and conditions of the GPL as it * is applied to yaSSL. View the full text of the exception in the file * FLOSS-EXCEPTIONS in the directory of this software distribution. * * yaSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ /* The certificate wrapper header defines certificate management functions * */ #ifndef yaSSL_CERT_WRAPPER_HPP #define yaSSL_CERT_WRAPPER_HPP #ifdef _MSC_VER // disable truncated debug symbols #pragma warning(disable:4786) #endif #include "yassl_types.hpp" // SignatureAlgorithm #include "buffer.hpp" // input_buffer #include "asn.hpp" // SignerList #include STL_LIST_FILE #include STL_ALGORITHM_FILE namespace STL = STL_NAMESPACE; namespace yaSSL { typedef unsigned char opaque; class X509; // forward openSSL type using TaoCrypt::SignerList; // an x509 version 3 certificate class x509 { uint length_; opaque* buffer_; public: explicit x509(uint sz); ~x509(); uint get_length() const; const opaque* get_buffer() const; opaque* use_buffer(); x509(const x509&); x509& operator=(const x509&); private: void Swap(x509&); }; // Certificate Manager keeps a list of the cert chain and public key class CertManager { typedef STL::list<x509*> CertList; CertList list_; // self input_buffer privateKey_; CertList peerList_; // peer input_buffer peerPublicKey_; X509* peerX509_; // peer's openSSL X509 SignatureAlgorithm keyType_; // self key type SignatureAlgorithm peerKeyType_; // peer's key type SignerList signers_; // decoded CA keys and names // plus verified chained certs bool verifyPeer_; bool verifyNone_; // no error if verify fails bool failNoCert_; bool sendVerify_; public: CertManager(); ~CertManager(); void AddPeerCert(x509* x); // take ownership void CopySelfCert(const x509* x); int CopyCaCert(const x509* x); int Validate(); int SetPrivateKey(const x509&); const x509* get_cert() const; const opaque* get_peerKey() const; const opaque* get_privateKey() const; X509* get_peerX509() const; SignatureAlgorithm get_keyType() const; SignatureAlgorithm get_peerKeyType() const; uint get_peerKeyLength() const; uint get_privateKeyLength() const; bool verifyPeer() const; bool verifyNone() const; bool failNoCert() const; bool sendVerify() const; void setVerifyPeer(); void setVerifyNone(); void setFailNoCert(); void setSendVerify(); void setPeerX509(X509*); private: CertManager(const CertManager&); // hide copy CertManager& operator=(const CertManager&); // and assign }; } // naemspace #endif // yaSSL_CERT_WRAPPER_HPP