kopenssl.h

00001 /* This file is part of the KDE libraries
00002    Copyright (C) 2001-2003 George Staikos <staikos@kde.org>
00003  
00004    This library is free software; you can redistribute it and/or
00005    modify it under the terms of the GNU Library General Public
00006    License version 2 as published by the Free Software Foundation.
00007  
00008    This library is distributed in the hope that it will be useful,
00009    but WITHOUT ANY WARRANTY; without even the implied warranty of
00010    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00011    Library General Public License for more details.
00012  
00013    You should have received a copy of the GNU Library General Public License
00014    along with this library; see the file COPYING.LIB.  If not, write to
00015    the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
00016    Boston, MA 02110-1301, USA.
00017 */
00018 
00019 
00020 // IF YOU ARE USING THIS CLASS, YOU ARE MAKING A MISTAKE.
00021 
00022 #ifndef __KOPENSSLPROXY_H 
00023 #define __KOPENSSLPROXY_H
00024 
00025 #define KOSSL KOpenSSLProxy
00026 class KOpenSSLProxyPrivate;
00027 
00028 #include <klibloader.h>
00029 
00030 #ifdef Q_WS_WIN
00031 #include "ksslconfig_win.h"
00032 #else
00033 #include "ksslconfig.h"
00034 #endif
00035 
00036 #ifdef KSSL_HAVE_SSL
00037 #define crypt _openssl_crypt
00038 #include <openssl/ssl.h>
00039 #include <openssl/x509.h>
00040 #include <openssl/x509v3.h>
00041 #include <openssl/pem.h>
00042 #include <openssl/bio.h>
00043 #include <openssl/rand.h>
00044 #include <openssl/asn1.h>
00045 #include <openssl/pkcs7.h>
00046 #include <openssl/pkcs12.h>
00047 #include <openssl/evp.h>
00048 #include <openssl/stack.h>
00049 #include <openssl/bn.h>
00050 #undef crypt
00051 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
00052 #define STACK _STACK
00053 #endif
00054 #endif
00055 
00056 #include <kstaticdeleter.h>
00057 
00066 class KIO_EXPORT KOpenSSLProxy {
00067 friend class KStaticDeleter<KOpenSSLProxy>;
00068 public:
00069 
00074    static KOpenSSLProxy *self();
00075 
00079    bool hasLibCrypto() const;
00080 
00084    bool hasLibSSL() const;
00085 
00090    void destroy();
00091 
00092    // Here are the symbols that we need.
00093 #ifdef KSSL_HAVE_SSL
00094 
00095    /*
00096     *   SSL_connect - initiate the TLS/SSL handshake with an TLS/SSL server
00097     */
00098    int SSL_connect(SSL *ssl);
00099 
00100    /*
00101     *   SSL_accept - initiate the TLS/SSL handshake with an TLS/SSL server
00102     */
00103    int SSL_accept(SSL *ssl);
00104 
00105    /*
00106     *   SSL_get_error - get the error code
00107     */
00108    int SSL_get_error(SSL *ssl, int rc);
00109 
00110    /*
00111     *   SSL_read - read bytes from a TLS/SSL connection.
00112     */
00113    int SSL_read(SSL *ssl, void *buf, int num);
00114 
00115    /*
00116     *   SSL_write - write bytes to a TLS/SSL connection.
00117     */
00118    int SSL_write(SSL *ssl, const void *buf, int num);
00119 
00120    /*
00121     *   SSL_new - create a new SSL structure for a connection
00122     */
00123    SSL *SSL_new(SSL_CTX *ctx);
00124 
00125    /*
00126     *   SSL_free - free an allocated SSL structure
00127     */
00128    void SSL_free(SSL *ssl);
00129 
00130    /*
00131     *   SSL_shutdown - shutdown an allocated SSL connection
00132     */
00133    int SSL_shutdown(SSL *ssl);
00134 
00135    /*
00136     *   SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions
00137     */
00138    SSL_CTX *SSL_CTX_new(SSL_METHOD *method);
00139 
00140    /*
00141     *   SSL_CTX_free - free an allocated SSL_CTX object
00142     */
00143    void SSL_CTX_free(SSL_CTX *ctx);
00144 
00145    /*
00146     *   SSL_set_fd - connect the SSL object with a file descriptor
00147     */
00148    int SSL_set_fd(SSL *ssl, int fd);
00149 
00150    /*
00151     *   SSL_pending - obtain number of readable bytes buffered in an SSL object
00152     */
00153    int SSL_pending(SSL *ssl);
00154 
00155    /*
00156     *   SSL_peek - obtain bytes buffered in an SSL object
00157     */
00158    int SSL_peek(SSL *ssl, void *buf, int num);
00159 
00160    /*
00161     *   SSL_CTX_set_cipher_list - choose list of available SSL_CIPHERs
00162     */
00163    int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str);
00164 
00165    /*
00166     *   SSL_CTX_set_verify - set peer certificate verification parameters
00167     */
00168    void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
00169                          int (*verify_callback)(int, X509_STORE_CTX *));
00170 
00171    /*
00172     *   SSL_use_certificate - load certificate
00173     */
00174    int SSL_use_certificate(SSL *ssl, X509 *x);
00175 
00176    /*
00177     *   SSL_get_current_cipher - get SSL_CIPHER of a connection
00178     */
00179    SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);
00180 
00181    /*
00182     *   SSL_set_options - manipulate SSL engine options
00183     *   Note: These are all mapped to SSL_ctrl so call them as the comment
00184     *         specifies but know that they use SSL_ctrl.  They are #define
00185     *         so they will map to the one in this class if called as a
00186     *         member function of this class.
00187     */
00188    /* long SSL_set_options(SSL *ssl, long options); */
00189    /*   Returns 0 if not reused, 1 if session id is reused */
00190    /*   int SSL_session_reused(SSL *ssl); */
00191    long    SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg);
00192 
00193    /*
00194     *   RAND_egd - set the path to the EGD
00195     */
00196    int RAND_egd(const char *path);
00197 
00198 
00199    /*
00200     *   RAND_file_name 
00201     */
00202    const char *RAND_file_name(char *buf, size_t num);
00203 
00204 
00205    /*
00206     *   RAND_load_file 
00207     */
00208    int RAND_load_file(const char *filename, long max_bytes);
00209 
00210 
00211    /*
00212     *   RAND_write_file 
00213     */
00214    int RAND_write_file(const char *filename);
00215 
00216 
00217    /*
00218     *   TLSv1_client_method - return a TLSv1 client method object
00219     */
00220    SSL_METHOD *TLSv1_client_method();
00221 
00222 
00223    /*
00224     *   SSLv2_client_method - return a SSLv2 client method object
00225     */
00226    SSL_METHOD *SSLv2_client_method();
00227 
00228 
00229    /*
00230     *   SSLv3_client_method - return a SSLv3 client method object
00231     */
00232    SSL_METHOD *SSLv3_client_method();
00233 
00234 
00235    /*
00236     *   SSLv23_client_method - return a SSLv23 client method object
00237     */
00238    SSL_METHOD *SSLv23_client_method();
00239 
00240 
00241    /*
00242     *   SSL_get_peer_certificate - return the peer's certificate
00243     */
00244    X509 *SSL_get_peer_certificate(SSL *s);
00245 
00246 
00247    /*
00248     *   SSL_get_peer_cert_chain - get the peer's certificate chain
00249     */
00250    STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s);
00251 
00252    /*
00253     *   SSL_CIPHER_get_bits - get the number of bits in this cipher
00254     */
00255    int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits);
00256 
00257 
00258    /*
00259     *   SSL_CIPHER_get_version - get the version of this cipher
00260     */
00261    char *SSL_CIPHER_get_version(SSL_CIPHER *c);
00262 
00263 
00264    /*
00265     *   SSL_CIPHER_get_name - get the name of this cipher
00266     */
00267    const char *SSL_CIPHER_get_name(SSL_CIPHER *c);
00268 
00269 
00270    /*
00271     *   SSL_CIPHER_description - get the description of this cipher
00272     */
00273    char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);
00274 
00275 
00276    /*
00277     *   SSL_CTX_use_PrivateKey - set the private key for the session.
00278     *                          - for use with client certificates
00279     */
00280    int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
00281 
00282 
00283    /*
00284     *   SSL_CTX_use_certificate - set the client certificate for the session.
00285     */
00286    int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
00287 
00288 
00289    /*
00290     *   d2i_X509 - Covert a text representation of X509 to an X509 object
00291     */
00292    X509 * d2i_X509(X509 **a,unsigned char **pp,long length);
00293 
00294 
00295    /*
00296     *   i2d_X509 - Covert an X509 object into a text representation
00297     */
00298    int i2d_X509(X509 *a,unsigned char **pp);
00299 
00300 
00301    /*
00302     *   X509_cmp - compare two X509 objects
00303     */
00304    int X509_cmp(X509 *a, X509 *b);
00305 
00306 
00307    /*
00308     *   X509_dup - duplicate an X509 object
00309     */
00310    X509 *X509_dup(X509 *x509);
00311 
00312 
00313    /*
00314     *   X509_STORE_CTX_new - create an X509 store context
00315     */
00316    X509_STORE_CTX *X509_STORE_CTX_new(void);
00317 
00318 
00319    /*
00320     *   X509_STORE_CTX_free - free up an X509 store context
00321     */
00322    void X509_STORE_CTX_free(X509_STORE_CTX *v);
00323 
00324 
00325    /*
00326     *   X509_STORE_CTX_set_chain - set the certificate chain
00327     */
00328    void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x);
00329 
00330    /*
00331     *   X509_STORE_CTX_set_purpose - set the purpose of the certificate 
00332     */
00333    void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose);
00334 
00335    /*
00336     *   X509_verify_cert - verify the certificate
00337     */
00338    int X509_verify_cert(X509_STORE_CTX *v);
00339 
00340 
00341    /*
00342     *   X509_STORE_new - create an X509 store
00343     */
00344    X509_STORE *X509_STORE_new(void);
00345 
00346 
00347    /*
00348     *   X509_STORE_free - free up an X509 store
00349     */
00350    void X509_STORE_free(X509_STORE *v);
00351 
00352 
00353    /*
00354     *   X509_free - free up an X509
00355     */
00356    void X509_free(X509 *v);
00357 
00358 
00359    /*
00360     *   X509_NAME_oneline - return the X509 data in a string
00361     */
00362    char *X509_NAME_oneline(X509_NAME *a, char *buf, int size);
00363 
00364 
00365    /*
00366     *   X509_get_subject_name - return the X509_NAME for the subject field
00367     */
00368    X509_NAME *X509_get_subject_name(X509 *a);
00369 
00370 
00371    /*
00372     *   X509_get_issuer_name - return the X509_NAME for the issuer field
00373     */
00374    X509_NAME *X509_get_issuer_name(X509 *a);
00375 
00376 
00377    /*
00378     *   X509_STORE_add_lookup - add a lookup file/method to an X509 store
00379     */
00380    X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
00381 
00382 
00383    /*
00384     *   X509_LOOKUP_file - Definition of the LOOKUP_file method
00385     */
00386    X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
00387 
00388 
00389    /*
00390     *   X509_LOOKUP_free - Free an X509_LOOKUP
00391     */
00392    void X509_LOOKUP_free(X509_LOOKUP *x);
00393 
00394 
00395    /*
00396     *   X509_LOOKUP_ctrl - This is not normally called directly (use macros)
00397     */
00398    int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret);
00399 
00400 
00401    /*
00402     *   X509_STORE_CTX_init - initialize an X509 STORE context
00403     */
00404    void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain);
00405 
00406 
00407    /*
00408     *   CRYPTO_free - free up an internally allocated object
00409     */
00410    void CRYPTO_free(void *x);
00411 
00412    /*
00413     *   BIO_new - create new BIO
00414     */
00415    BIO *BIO_new(BIO_METHOD *type);
00416 
00417    /*
00418     *   BIO methods - only one defined here yet
00419     */
00420    BIO_METHOD *BIO_s_mem(void);
00421 
00422    /*
00423     *   BIO_new_fp - nastiness called BIO - used to create BIO* from FILE*
00424     */
00425    BIO *BIO_new_fp(FILE *stream, int close_flag);
00426 
00427    /*
00428     *   BIO_new_mem_buf - read only BIO from memory region
00429     */
00430    BIO *BIO_new_mem_buf(void *buf, int len);
00431 
00432    /*
00433     *   BIO_free - nastiness called BIO - used to destroy BIO*
00434     */
00435    int BIO_free(BIO *a);
00436 
00437    /*
00438     *   BIO_ctrl - BIO control method
00439     */
00440    long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
00441 
00442    /*
00443     *   BIO_write - equivalent to ::write for BIO
00444     */
00445    int BIO_write(BIO *b, const void *data, int len);
00446 
00447    /*
00448     *   PEM_write_bio_X509 - write a PEM encoded cert to a BIO*
00449     */
00450    int PEM_write_bio_X509(BIO *bp, X509 *x);
00451 
00452 #if OPENSSL_VERSION_NUMBER < 0x10000000L
00453    /*
00454     *   X509_asn1_meth - used for netscape output
00455     */
00456    ASN1_METHOD *X509_asn1_meth();
00457 #endif
00458 
00459    /*
00460     *   ASN1_i2d_fp - used for netscape output
00461     */
00462    int ASN1_i2d_fp(FILE *out, unsigned char *x);
00463 
00464 
00465    /*
00466     *   ASN1_d2i_fp - read an X509 from a DER encoded file (buf can be NULL)
00467     */
00468    X509 *X509_d2i_fp(FILE *out, X509** buf);
00469 
00470 
00471    /*
00472     *   X509_print - print the text form of an X509
00473     */
00474    int X509_print(FILE *fp, X509 *x);
00475 
00476 
00477    /*
00478     *   Read a PKCS#12 cert from fp
00479     */
00480    PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
00481 
00482 
00483    /*
00484     *   Change the password on a PKCS#12 cert
00485     */
00486    int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
00487 
00488 
00489    /*
00490     *   Write a PKCS#12 to mem
00491     */
00492    int i2d_PKCS12(PKCS12 *p12, unsigned char **p);
00493 
00494 
00495    /*
00496     *   Write a PKCS#12 to FILE*
00497     */
00498    int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
00499 
00500 
00501    /*
00502     *   Create a new PKCS#12 object
00503     */
00504    PKCS12 *PKCS12_new(void);
00505 
00506 
00507    /*
00508     *   Destroy that PKCS#12 that you created!
00509     */
00510    void PKCS12_free(PKCS12 *a);
00511 
00512 
00513    /* 
00514     *   Parse the PKCS#12 
00515     */
00516    int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey,
00517                     X509 **cert, STACK_OF(X509) **ca);
00518 
00519 
00520    /* 
00521     *   Free the Private Key
00522     */
00523    void EVP_PKEY_free(EVP_PKEY *x);
00524 
00525 
00526    /* 
00527     *   Pop off the stack
00528     */
00529    char *sk_pop(STACK *s);
00530 
00531 
00532    /* 
00533     *   Free the stack
00534     */
00535    void sk_free(STACK *s);
00536 
00537 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
00538    void sk_free(void *s) { return sk_free(reinterpret_cast<STACK*>(s)); }
00539 #endif
00540 
00541    /* 
00542     *  Number of elements in the stack
00543     */
00544    int sk_num(STACK *s);
00545 
00546 
00547    /* 
00548     *  Value of element n in the stack
00549     */
00550    char *sk_value(STACK *s, int n);
00551 
00552 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
00553    char *sk_value(void *s, int n) { return sk_value(reinterpret_cast<STACK*>(s), n); }
00554 #endif
00555 
00556    /* 
00557     *  Create a new stack
00558     */
00559    STACK *sk_new(int (*cmp)());
00560 
00561 
00562    /* 
00563     *  Add an element to the stack
00564     */
00565    int sk_push(STACK *s, char *d);
00566 
00567 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
00568    int sk_push(void *s, void *d) { return sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); }
00569 #endif
00570 
00571    /* 
00572     *  Duplicate the stack
00573     */
00574    STACK *sk_dup(STACK *s);
00575 
00576 
00577    /*
00578     *  Convert an ASN1_INTEGER to it's text form
00579     */
00580    char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
00581 
00582 
00583    /*
00584     *  Get the certificate's serial number
00585     */
00586    ASN1_INTEGER *X509_get_serialNumber(X509 *x);
00587 
00588 
00589    /*
00590     *  Get the certificate's public key
00591     */
00592    EVP_PKEY *X509_get_pubkey(X509 *x);
00593 
00594 
00595    /*
00596     *  Convert the public key to a decimal form
00597     */
00598    int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); 
00599 
00600 
00601    /*
00602     *  Check the private key of a PKCS bundle against the X509
00603     */
00604    int X509_check_private_key(X509 *x, EVP_PKEY *p);
00605 
00606 
00607    /*
00608     *  Convert a BIGNUM to a hex string
00609     */
00610    char *BN_bn2hex(const BIGNUM *a);
00611 
00612 
00613    /*
00614     *  Compute the digest of an X.509
00615     */
00616    int X509_digest(const X509 *x,const EVP_MD *t, unsigned char *md, unsigned int *len);
00617 
00618 
00619    /*
00620     *  EVP_md5
00621     */
00622    EVP_MD *EVP_md5();
00623 
00624 
00625    /*
00626     *  ASN1_INTEGER free
00627     */
00628    void ASN1_INTEGER_free(ASN1_INTEGER *x);
00629 
00630 
00631    /*
00632     *  ASN1_STRING_data
00633     */
00634    unsigned char *ASN1_STRING_data(ASN1_STRING *x);
00635 
00636    /*
00637     *  ASN1_STRING_length
00638     */
00639    int ASN1_STRING_length(ASN1_STRING *x);
00640 
00641    /*
00642     *  
00643     */
00644    int OBJ_obj2nid(ASN1_OBJECT *o);
00645 
00646    /*
00647     *  
00648     */
00649    const char * OBJ_nid2ln(int n);
00650 
00651    /*
00652     * get the number of extensions
00653     */
00654    int X509_get_ext_count(X509 *x);
00655 
00656    /*
00657     * 
00658     */
00659    int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
00660 
00661    /*
00662     *
00663     */
00664    int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos);
00665 
00666    /*
00667     *
00668     */
00669    X509_EXTENSION *X509_get_ext(X509 *x, int loc);
00670 
00671    /*
00672     *
00673     */
00674    X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
00675 
00676    /*
00677     *
00678     */
00679    int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
00680 
00681    /*
00682     *
00683     */
00684    void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
00685 
00686    /*
00687     *
00688     */
00689    char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
00690 
00691    /*
00692     *
00693     */
00694    int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
00695 
00696    /*
00697     *
00698     */
00699    PKCS7 *PKCS7_new(void);
00700 
00701    /*
00702     *
00703     */
00704    void PKCS7_free(PKCS7 *a);
00705 
00706    /*
00707     *
00708     */
00709    void PKCS7_content_free(PKCS7 *a);
00710 
00711    /*
00712     *
00713     */
00714    int i2d_PKCS7(PKCS7 *a, unsigned char **pp);
00715 
00716    /*
00717     *
00718     */
00719    PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp,long length);
00720 
00721    /*
00722     *
00723     */
00724    int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
00725 
00726    /*
00727     * 
00728     */
00729    PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 **p7);
00730 
00731    /*
00732     *
00733     */
00734    int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
00735 
00736    /*
00737     *
00738     */
00739    PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7);
00740 
00741    /*
00742     *
00743     */
00744    PKCS7 *PKCS7_dup(PKCS7 *p7);
00745 
00746    /*
00747     *  Create a PKCS7 signature / signed message
00748     */
00749    PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
00750              BIO *data, int flags);
00751 
00752    /*
00753     *  Verify a PKCS7 signature.
00754     */
00755    int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
00756                                               BIO *indata, BIO *out, int flags);
00757 
00758    /*
00759     *  Get signers of a verified PKCS7 signature
00760     */
00761    STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
00762 
00763    /*
00764     *  PKCS7 encrypt message
00765     */
00766    PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher,
00767             int flags);
00768 
00769    /*
00770     *  decrypt PKCS7 message
00771     */
00772    int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
00773 
00774 
00775    /*
00776     * Load a CA list file.
00777     */
00778    STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
00779 
00780    /*
00781     * Load a file of PEM encoded objects.
00782     */
00783    STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
00784                    pem_password_cb *cb, void *u);
00785 
00786    /*
00787     * Get the number of purposes available
00788     */
00789    int X509_PURPOSE_get_count();
00790 
00791 
00792    /*
00793     * Get the ID of a purpose
00794     */
00795    int X509_PURPOSE_get_id(X509_PURPOSE *);
00796 
00797 
00798    /*
00799     * Check the existence of purpose id "id" in x.  for CA, set ca = 1, else 0
00800     */
00801    int X509_check_purpose(X509 *x, int id, int ca);
00802 
00803 
00804    /*
00805     * Get the purpose with index #idx
00806     */
00807    X509_PURPOSE * X509_PURPOSE_get0(int idx);
00808 
00809 
00810    /*
00811     * Create a new Private KEY
00812     */
00813    EVP_PKEY* EVP_PKEY_new();
00814 
00815 
00816    /*
00817     * Assign a private key
00818     */
00819    int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key);
00820 
00821 
00822    /*
00823     * Generate a RSA key
00824     */
00825    RSA *RSA_generate_key(int bits, unsigned long e, void
00826                         (*callback)(int,int,void *), void *cb_arg);
00827 
00828 
00829    /*
00830     * Create/destroy a certificate request
00831     */
00832    X509_REQ *X509_REQ_new();
00833    void X509_REQ_free(X509_REQ *a);
00834 
00835 
00836    /*
00837     * Set the public key in the REQ object
00838     */
00839    int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
00840 
00841    /* for testing */
00842    int i2d_X509_REQ_fp(FILE *fp, X509_REQ *x);
00843 
00844    /* SMime support */
00845    STACK *X509_get1_email(X509 *x);
00846    void X509_email_free(STACK *sk);
00847 
00848    /* Ciphers needed for SMime */
00849    EVP_CIPHER *EVP_des_ede3_cbc();
00850    EVP_CIPHER *EVP_des_cbc();
00851    EVP_CIPHER *EVP_rc2_cbc();
00852    EVP_CIPHER *EVP_rc2_64_cbc();
00853    EVP_CIPHER *EVP_rc2_40_cbc();
00854 
00855    /* clear the current error  - use this often*/
00856    void ERR_clear_error();
00857 
00858    /* retrieve the latest error */
00859    unsigned long ERR_get_error();
00860 
00861    /* Print the errors to this stream */
00862    void ERR_print_errors_fp(FILE *fp);
00863 
00864    /* Get a pointer to the SSL session id (reference counted) */
00865    SSL_SESSION *SSL_get1_session(SSL *ssl);
00866 
00867    /* Frees a pointer to the SSL session id (reference decremented if needed) */
00868    void SSL_SESSION_free(SSL_SESSION *session);
00869 
00870    /* Set the SSL session to reuse. */
00871    int SSL_set_session(SSL *ssl, SSL_SESSION *session);
00872 
00873    /* Decode ASN.1 to SSL_SESSION */
00874    SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, long length);
00875    /* Encode SSL_SESSION to ASN.1 */
00876    int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
00877 
00878    /* Write privatekey to FILE stream */
00879    int i2d_PrivateKey_fp(FILE*, EVP_PKEY*);
00880 
00881    /* Write PKCS#8privatekey to FILE stream */
00882    int i2d_PKCS8PrivateKey_fp(FILE*, EVP_PKEY*, const EVP_CIPHER*, char*, int, pem_password_cb*, void*);
00883 
00884    /* Free RSA structure */
00885    void RSA_free(RSA*);
00886 
00887    /* Get a blowfish CBC pointer */
00888    EVP_CIPHER *EVP_bf_cbc();
00889 
00890    /* Sign a CSR */
00891    int X509_REQ_sign(X509_REQ*, EVP_PKEY*, const EVP_MD*);
00892 
00893    /* add a name entry */
00894    int X509_NAME_add_entry_by_txt(X509_NAME*, char*, int, unsigned char*, int, int, int);
00895 
00896    /* Create a name */
00897    X509_NAME *X509_NAME_new();
00898 
00899    /* Set the subject */
00900    int X509_REQ_set_subject_name(X509_REQ*,X509_NAME*);
00901 
00902    /* get list of available SSL_CIPHER's sorted by preference */
00903    STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL* ssl);
00904 
00905 #endif
00906 
00907 private:
00908    KOpenSSLProxy();
00909    ~KOpenSSLProxy();
00910    KOpenSSLProxyPrivate *d;
00911 
00912    KLibrary *_sslLib;
00913    KLibrary *_cryptoLib;
00914    static KOpenSSLProxy *_me;
00915 
00916    bool _ok;
00917 };
00918 
00919 #endif
00920 
KDE Home | KDE Accessibility Home | Description of Access Keys