File indexing completed on 2024-05-05 16:10:20
0001 /* This file is part of the KDE libraries 0002 Copyright (C) 2001-2003 George Staikos <staikos@kde.org> 0003 0004 This library is free software; you can redistribute it and/or 0005 modify it under the terms of the GNU Library General Public 0006 License version 2 as published by the Free Software Foundation. 0007 0008 This library is distributed in the hope that it will be useful, 0009 but WITHOUT ANY WARRANTY; without even the implied warranty of 0010 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 0011 Library General Public License for more details. 0012 0013 You should have received a copy of the GNU Library General Public License 0014 along with this library; see the file COPYING.LIB. If not, write to 0015 the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, 0016 Boston, MA 02110-1301, USA. 0017 */ 0018 0019 // IF YOU ARE USING THIS CLASS, YOU ARE MAKING A MISTAKE. 0020 0021 #ifndef __KOPENSSLPROXY_H 0022 #define __KOPENSSLPROXY_H 0023 0024 #define KOSSL KOpenSSLProxy 0025 class KOpenSSLProxyPrivate; 0026 0027 #include <ksslconfig.h> 0028 0029 #if KSSL_HAVE_SSL 0030 #define crypt _openssl_crypt 0031 #include <openssl/ssl.h> 0032 #include <openssl/x509.h> 0033 #include <openssl/x509v3.h> 0034 #include <openssl/pem.h> 0035 #include <openssl/bio.h> 0036 #include <openssl/rand.h> 0037 #include <openssl/asn1.h> 0038 #include <openssl/pkcs7.h> 0039 #include <openssl/pkcs12.h> 0040 #include <openssl/evp.h> 0041 #include <openssl/stack.h> 0042 #include <openssl/bn.h> 0043 #undef crypt 0044 #if OPENSSL_VERSION_NUMBER >= 0x10000000L 0045 #define STACK _STACK 0046 #define OSSL_SKVALUE_RTYPE void 0047 #define OSSL_MORECONST const 0048 #else 0049 #define OSSL_SKVALUE_RTYPE char 0050 #define OSSL_MORECONST 0051 #endif 0052 #endif 0053 0054 /** 0055 * Dynamically load and wrap OpenSSL. 0056 * 0057 * @author George Staikos <staikos@kde.org> 0058 * @see KSSL 0059 * @short KDE OpenSSL Wrapper 0060 * @internal 0061 */ 0062 class KOpenSSLProxy 0063 { 0064 public: 0065 0066 /** 0067 * Return an instance of class KOpenSSLProxy * 0068 * You cannot delete this object. It is a singleton class. 0069 */ 0070 static KOpenSSLProxy *self(); 0071 0072 /** 0073 * Return true of libcrypto was found and loaded 0074 */ 0075 bool hasLibCrypto() const; 0076 0077 /** 0078 * Return true of libssl was found and loaded 0079 */ 0080 bool hasLibSSL() const; 0081 0082 /** 0083 * Destroy the class and start over - don't use this unless you know 0084 * what you are doing. 0085 */ 0086 void destroy(); 0087 0088 // Here are the symbols that we need. 0089 #if KSSL_HAVE_SSL 0090 0091 /* 0092 * SSL_connect - initiate the TLS/SSL handshake with an TLS/SSL server 0093 */ 0094 int SSL_connect(SSL *ssl); 0095 0096 /* 0097 * SSL_accept - initiate the TLS/SSL handshake with an TLS/SSL server 0098 */ 0099 int SSL_accept(SSL *ssl); 0100 0101 /* 0102 * SSL_get_error - get the error code 0103 */ 0104 int SSL_get_error(SSL *ssl, int rc); 0105 0106 /* 0107 * SSL_read - read bytes from a TLS/SSL connection. 0108 */ 0109 int SSL_read(SSL *ssl, void *buf, int num); 0110 0111 /* 0112 * SSL_write - write bytes to a TLS/SSL connection. 0113 */ 0114 int SSL_write(SSL *ssl, const void *buf, int num); 0115 0116 /* 0117 * SSL_new - create a new SSL structure for a connection 0118 */ 0119 SSL *SSL_new(SSL_CTX *ctx); 0120 0121 /* 0122 * SSL_free - free an allocated SSL structure 0123 */ 0124 void SSL_free(SSL *ssl); 0125 0126 /* 0127 * SSL_shutdown - shutdown an allocated SSL connection 0128 */ 0129 int SSL_shutdown(SSL *ssl); 0130 0131 /* 0132 * SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions 0133 */ 0134 SSL_CTX *SSL_CTX_new(SSL_METHOD *method); 0135 0136 /* 0137 * SSL_CTX_free - free an allocated SSL_CTX object 0138 */ 0139 void SSL_CTX_free(SSL_CTX *ctx); 0140 0141 /* 0142 * SSL_set_fd - connect the SSL object with a file descriptor 0143 */ 0144 int SSL_set_fd(SSL *ssl, int fd); 0145 0146 /* 0147 * SSL_pending - obtain number of readable bytes buffered in an SSL object 0148 */ 0149 int SSL_pending(SSL *ssl); 0150 0151 /* 0152 * SSL_peek - obtain bytes buffered in an SSL object 0153 */ 0154 int SSL_peek(SSL *ssl, void *buf, int num); 0155 0156 /* 0157 * SSL_CTX_set_cipher_list - choose list of available SSL_CIPHERs 0158 */ 0159 int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str); 0160 0161 /* 0162 * SSL_CTX_set_verify - set peer certificate verification parameters 0163 */ 0164 void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, 0165 int (*verify_callback)(int, X509_STORE_CTX *)); 0166 0167 /* 0168 * SSL_use_certificate - load certificate 0169 */ 0170 int SSL_use_certificate(SSL *ssl, X509 *x); 0171 0172 /* 0173 * SSL_get_current_cipher - get SSL_CIPHER of a connection 0174 */ 0175 SSL_CIPHER *SSL_get_current_cipher(SSL *ssl); 0176 0177 /* 0178 * SSL_set_options - manipulate SSL engine options 0179 * Note: These are all mapped to SSL_ctrl so call them as the comment 0180 * specifies but know that they use SSL_ctrl. They are #define 0181 * so they will map to the one in this class if called as a 0182 * member function of this class. 0183 */ 0184 /* long SSL_set_options(SSL *ssl, long options); */ 0185 /* Returns 0 if not reused, 1 if session id is reused */ 0186 /* int SSL_session_reused(SSL *ssl); */ 0187 long SSL_ctrl(SSL *ssl, int cmd, long larg, char *parg); 0188 0189 /* 0190 * RAND_egd - set the path to the EGD 0191 */ 0192 int RAND_egd(const char *path); 0193 0194 /* 0195 * RAND_file_name 0196 */ 0197 const char *RAND_file_name(char *buf, size_t num); 0198 0199 /* 0200 * RAND_load_file 0201 */ 0202 int RAND_load_file(const char *filename, long max_bytes); 0203 0204 /* 0205 * RAND_write_file 0206 */ 0207 int RAND_write_file(const char *filename); 0208 0209 /* 0210 * TLSv1_client_method - return a TLSv1 client method object 0211 */ 0212 SSL_METHOD *TLSv1_client_method(); 0213 0214 /* 0215 * SSLv23_client_method - return a SSLv23 client method object 0216 */ 0217 SSL_METHOD *SSLv23_client_method(); 0218 0219 /* 0220 * SSL_get_peer_certificate - return the peer's certificate 0221 */ 0222 X509 *SSL_get_peer_certificate(SSL *s); 0223 0224 /* 0225 * SSL_get_peer_cert_chain - get the peer's certificate chain 0226 */ 0227 STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s); 0228 0229 /* 0230 * SSL_CIPHER_get_bits - get the number of bits in this cipher 0231 */ 0232 int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits); 0233 0234 /* 0235 * SSL_CIPHER_get_version - get the version of this cipher 0236 */ 0237 char *SSL_CIPHER_get_version(SSL_CIPHER *c); 0238 0239 /* 0240 * SSL_CIPHER_get_name - get the name of this cipher 0241 */ 0242 const char *SSL_CIPHER_get_name(SSL_CIPHER *c); 0243 0244 /* 0245 * SSL_CIPHER_description - get the description of this cipher 0246 */ 0247 char *SSL_CIPHER_description(SSL_CIPHER *, char *buf, int size); 0248 0249 /* 0250 * SSL_CTX_use_PrivateKey - set the private key for the session. 0251 * - for use with client certificates 0252 */ 0253 int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); 0254 0255 /* 0256 * SSL_CTX_use_certificate - set the client certificate for the session. 0257 */ 0258 int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); 0259 0260 /* 0261 * d2i_X509 - Convert a text representation of X509 to an X509 object 0262 */ 0263 X509 *d2i_X509(X509 **a, unsigned char **pp, long length); 0264 0265 /* 0266 * i2d_X509 - Convert an X509 object into a text representation 0267 */ 0268 int i2d_X509(X509 *a, unsigned char **pp); 0269 0270 /* 0271 * X509_cmp - compare two X509 objects 0272 */ 0273 int X509_cmp(X509 *a, X509 *b); 0274 0275 /* 0276 * X509_dup - duplicate an X509 object 0277 */ 0278 X509 *X509_dup(X509 *x509); 0279 0280 /* 0281 * X509_STORE_CTX_new - create an X509 store context 0282 */ 0283 X509_STORE_CTX *X509_STORE_CTX_new(void); 0284 0285 /* 0286 * X509_STORE_CTX_free - free up an X509 store context 0287 */ 0288 void X509_STORE_CTX_free(X509_STORE_CTX *v); 0289 0290 /* 0291 * X509_STORE_CTX_set_chain - set the certificate chain 0292 */ 0293 void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x); 0294 0295 /* 0296 * X509_STORE_CTX_set_purpose - set the purpose of the certificate 0297 */ 0298 void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose); 0299 0300 /* 0301 * X509_verify_cert - verify the certificate 0302 */ 0303 int X509_verify_cert(X509_STORE_CTX *v); 0304 0305 /* 0306 * X509_STORE_new - create an X509 store 0307 */ 0308 X509_STORE *X509_STORE_new(void); 0309 0310 /* 0311 * X509_STORE_free - free up an X509 store 0312 */ 0313 void X509_STORE_free(X509_STORE *v); 0314 0315 /* 0316 * X509_free - free up an X509 0317 */ 0318 void X509_free(X509 *v); 0319 0320 /* 0321 * X509_NAME_oneline - return the X509 data in a string 0322 */ 0323 char *X509_NAME_oneline(X509_NAME *a, char *buf, int size); 0324 0325 /* 0326 * X509_get_subject_name - return the X509_NAME for the subject field 0327 */ 0328 X509_NAME *X509_get_subject_name(X509 *a); 0329 0330 /* 0331 * X509_get_issuer_name - return the X509_NAME for the issuer field 0332 */ 0333 X509_NAME *X509_get_issuer_name(X509 *a); 0334 0335 /* 0336 * X509_STORE_add_lookup - add a lookup file/method to an X509 store 0337 */ 0338 X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); 0339 0340 /* 0341 * X509_LOOKUP_file - Definition of the LOOKUP_file method 0342 */ 0343 X509_LOOKUP_METHOD *X509_LOOKUP_file(void); 0344 0345 /* 0346 * X509_LOOKUP_free - Free an X509_LOOKUP 0347 */ 0348 void X509_LOOKUP_free(X509_LOOKUP *x); 0349 0350 /* 0351 * X509_LOOKUP_ctrl - This is not normally called directly (use macros) 0352 */ 0353 int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); 0354 0355 /* 0356 * X509_STORE_CTX_init - initialize an X509 STORE context 0357 */ 0358 void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain); 0359 0360 /* 0361 * CRYPTO_free - free up an internally allocated object 0362 */ 0363 void CRYPTO_free(void *x); 0364 0365 /* 0366 * BIO_new - create new BIO 0367 */ 0368 BIO *BIO_new(BIO_METHOD *type); 0369 0370 /* 0371 * BIO methods - only one defined here yet 0372 */ 0373 BIO_METHOD *BIO_s_mem(void); 0374 0375 /* 0376 * BIO_new_fp - nastiness called BIO - used to create BIO* from FILE* 0377 */ 0378 BIO *BIO_new_fp(FILE *stream, int close_flag); 0379 0380 /* 0381 * BIO_new_mem_buf - read only BIO from memory region 0382 */ 0383 BIO *BIO_new_mem_buf(void *buf, int len); 0384 0385 /* 0386 * BIO_free - nastiness called BIO - used to destroy BIO* 0387 */ 0388 int BIO_free(BIO *a); 0389 0390 /* 0391 * BIO_ctrl - BIO control method 0392 */ 0393 long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg); 0394 0395 /* 0396 * BIO_write - equivalent to ::write for BIO 0397 */ 0398 int BIO_write(BIO *b, const void *data, int len); 0399 0400 /* 0401 * PEM_write_bio_X509 - write a PEM encoded cert to a BIO* 0402 */ 0403 int PEM_write_bio_X509(BIO *bp, X509 *x); 0404 0405 /* 0406 * ASN1_item_i2d_fp - used for netscape output 0407 */ 0408 int ASN1_item_i2d_fp(FILE *out, unsigned char *x); 0409 0410 /* 0411 * ASN1_d2i_fp - read an X509 from a DER encoded file (buf can be NULL) 0412 */ 0413 X509 *X509_d2i_fp(FILE *out, X509 **buf); 0414 0415 /* 0416 * X509_print - print the text form of an X509 0417 */ 0418 int X509_print(FILE *fp, X509 *x); 0419 0420 /* 0421 * Read a PKCS#12 cert from fp 0422 */ 0423 PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); 0424 0425 /* 0426 * Change the password on a PKCS#12 cert 0427 */ 0428 int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass); 0429 0430 /* 0431 * Write a PKCS#12 to mem 0432 */ 0433 int i2d_PKCS12(PKCS12 *p12, unsigned char **p); 0434 0435 /* 0436 * Write a PKCS#12 to FILE* 0437 */ 0438 int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); 0439 0440 /* 0441 * Create a new PKCS#12 object 0442 */ 0443 PKCS12 *PKCS12_new(void); 0444 0445 /* 0446 * Destroy that PKCS#12 that you created! 0447 */ 0448 void PKCS12_free(PKCS12 *a); 0449 0450 /* 0451 * Parse the PKCS#12 0452 */ 0453 int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, 0454 X509 **cert, STACK_OF(X509) **ca); 0455 0456 /* 0457 * Free the Private Key 0458 */ 0459 void EVP_PKEY_free(EVP_PKEY *x); 0460 0461 /* 0462 * Pop off the stack 0463 */ 0464 char *sk_pop(STACK *s); 0465 0466 /* 0467 * Free the stack 0468 */ 0469 void sk_free(STACK *s); 0470 0471 #if OPENSSL_VERSION_NUMBER >= 0x10000000L 0472 void sk_free(void *s) 0473 { 0474 return sk_free(reinterpret_cast<STACK *>(s)); 0475 } 0476 #endif 0477 0478 /* 0479 * Number of elements in the stack 0480 */ 0481 int sk_num(STACK *s); 0482 0483 /* 0484 * Value of element n in the stack 0485 */ 0486 char *sk_value(STACK *s, int n); 0487 0488 #if OPENSSL_VERSION_NUMBER >= 0x10000000L 0489 char *sk_value(void *s, int n) 0490 { 0491 return sk_value(reinterpret_cast<STACK *>(s), n); 0492 } 0493 #endif 0494 0495 /* 0496 * Create a new stack 0497 */ 0498 STACK *sk_new(int (*cmp)()); 0499 0500 /* 0501 * Add an element to the stack 0502 */ 0503 int sk_push(STACK *s, char *d); 0504 0505 #if OPENSSL_VERSION_NUMBER >= 0x10000000L 0506 int sk_push(void *s, void *d) 0507 { 0508 return sk_push(reinterpret_cast<STACK *>(s), reinterpret_cast<char *>(d)); 0509 } 0510 #endif 0511 0512 /* 0513 * Duplicate the stack 0514 */ 0515 STACK *sk_dup(STACK *s); 0516 0517 /* 0518 * Convert an ASN1_INTEGER to its text form 0519 */ 0520 char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint); 0521 0522 /* 0523 * Get the certificate's serial number 0524 */ 0525 ASN1_INTEGER *X509_get_serialNumber(X509 *x); 0526 0527 /* 0528 * Get the certificate's public key 0529 */ 0530 EVP_PKEY *X509_get_pubkey(X509 *x); 0531 0532 /* 0533 * Convert the public key to a decimal form 0534 */ 0535 int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); 0536 0537 /* 0538 * Check the private key of a PKCS bundle against the X509 0539 */ 0540 int X509_check_private_key(X509 *x, EVP_PKEY *p); 0541 0542 /* 0543 * Convert a BIGNUM to a hex string 0544 */ 0545 char *BN_bn2hex(const BIGNUM *a); 0546 0547 /* 0548 * Compute the digest of an X.509 0549 */ 0550 int X509_digest(const X509 *x, const EVP_MD *t, unsigned char *md, unsigned int *len); 0551 0552 /* 0553 * EVP_md5 0554 */ 0555 EVP_MD *EVP_md5(); 0556 0557 /* 0558 * ASN1_INTEGER free 0559 */ 0560 void ASN1_INTEGER_free(ASN1_INTEGER *x); 0561 0562 /* 0563 * ASN1_STRING_data 0564 */ 0565 unsigned char *ASN1_STRING_data(ASN1_STRING *x); 0566 0567 /* 0568 * ASN1_STRING_length 0569 */ 0570 int ASN1_STRING_length(ASN1_STRING *x); 0571 0572 /* 0573 * 0574 */ 0575 int OBJ_obj2nid(ASN1_OBJECT *o); 0576 0577 /* 0578 * 0579 */ 0580 const char *OBJ_nid2ln(int n); 0581 0582 /* 0583 * get the number of extensions 0584 */ 0585 int X509_get_ext_count(X509 *x); 0586 0587 /* 0588 * 0589 */ 0590 int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); 0591 0592 /* 0593 * 0594 */ 0595 int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos); 0596 0597 /* 0598 * 0599 */ 0600 X509_EXTENSION *X509_get_ext(X509 *x, int loc); 0601 0602 /* 0603 * 0604 */ 0605 X509_EXTENSION *X509_delete_ext(X509 *x, int loc); 0606 0607 /* 0608 * 0609 */ 0610 int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); 0611 0612 /* 0613 * 0614 */ 0615 void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); 0616 0617 /* 0618 * 0619 */ 0620 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); 0621 0622 /* 0623 * 0624 */ 0625 int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); 0626 0627 /* 0628 * 0629 */ 0630 PKCS7 *PKCS7_new(void); 0631 0632 /* 0633 * 0634 */ 0635 void PKCS7_free(PKCS7 *a); 0636 0637 /* 0638 * 0639 */ 0640 void PKCS7_content_free(PKCS7 *a); 0641 0642 /* 0643 * 0644 */ 0645 int i2d_PKCS7(PKCS7 *a, unsigned char **pp); 0646 0647 /* 0648 * 0649 */ 0650 PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp, long length); 0651 0652 /* 0653 * 0654 */ 0655 int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7); 0656 0657 /* 0658 * 0659 */ 0660 PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7); 0661 0662 /* 0663 * 0664 */ 0665 int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7); 0666 0667 /* 0668 * 0669 */ 0670 PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7); 0671 0672 /* 0673 * 0674 */ 0675 PKCS7 *PKCS7_dup(PKCS7 *p7); 0676 0677 /* 0678 * Create a PKCS7 signature / signed message 0679 */ 0680 PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, 0681 BIO *data, int flags); 0682 0683 /* 0684 * Verify a PKCS7 signature. 0685 */ 0686 int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, 0687 BIO *indata, BIO *out, int flags); 0688 0689 /* 0690 * Get signers of a verified PKCS7 signature 0691 */ 0692 STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); 0693 0694 /* 0695 * PKCS7 encrypt message 0696 */ 0697 PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher, 0698 int flags); 0699 0700 /* 0701 * decrypt PKCS7 message 0702 */ 0703 int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); 0704 0705 /* 0706 * Load a CA list file. 0707 */ 0708 STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); 0709 0710 /* 0711 * Load a file of PEM encoded objects. 0712 */ 0713 STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, 0714 pem_password_cb *cb, void *u); 0715 0716 /* 0717 * Get the number of purposes available 0718 */ 0719 int X509_PURPOSE_get_count(); 0720 0721 /* 0722 * Get the ID of a purpose 0723 */ 0724 int X509_PURPOSE_get_id(X509_PURPOSE *); 0725 0726 /* 0727 * Check the existence of purpose id "id" in x. for CA, set ca = 1, else 0 0728 */ 0729 int X509_check_purpose(X509 *x, int id, int ca); 0730 0731 /* 0732 * Get the purpose with index #idx 0733 */ 0734 X509_PURPOSE *X509_PURPOSE_get0(int idx); 0735 0736 /* 0737 * Create a new Private KEY 0738 */ 0739 EVP_PKEY *EVP_PKEY_new(); 0740 0741 /* 0742 * Assign a private key 0743 */ 0744 int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key); 0745 0746 /* 0747 * Generate a RSA key 0748 */ 0749 RSA *RSA_generate_key(int bits, unsigned long e, void 0750 (*callback)(int, int, void *), void *cb_arg); 0751 0752 /* 0753 * Create/destroy a certificate request 0754 */ 0755 X509_REQ *X509_REQ_new(); 0756 void X509_REQ_free(X509_REQ *a); 0757 0758 /* 0759 * Set the public key in the REQ object 0760 */ 0761 int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); 0762 0763 /* for testing */ 0764 int i2d_X509_REQ_fp(FILE *fp, X509_REQ *x); 0765 0766 /* SMime support */ 0767 STACK *X509_get1_email(X509 *x); 0768 void X509_email_free(STACK *sk); 0769 0770 /* Ciphers needed for SMime */ 0771 EVP_CIPHER *EVP_des_ede3_cbc(); 0772 EVP_CIPHER *EVP_des_cbc(); 0773 EVP_CIPHER *EVP_rc2_cbc(); 0774 EVP_CIPHER *EVP_rc2_64_cbc(); 0775 EVP_CIPHER *EVP_rc2_40_cbc(); 0776 0777 /* clear the current error - use this often*/ 0778 void ERR_clear_error(); 0779 0780 /* retrieve the latest error */ 0781 unsigned long ERR_get_error(); 0782 0783 /* Print the errors to this stream */ 0784 void ERR_print_errors_fp(FILE *fp); 0785 0786 /* Get a pointer to the SSL session id (reference counted) */ 0787 SSL_SESSION *SSL_get1_session(SSL *ssl); 0788 0789 /* Frees a pointer to the SSL session id (reference decremented if needed) */ 0790 void SSL_SESSION_free(SSL_SESSION *session); 0791 0792 /* Set the SSL session to reuse. */ 0793 int SSL_set_session(SSL *ssl, SSL_SESSION *session); 0794 0795 /* Decode ASN.1 to SSL_SESSION */ 0796 SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, long length); 0797 /* Encode SSL_SESSION to ASN.1 */ 0798 int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); 0799 0800 /* Write privatekey to FILE stream */ 0801 int i2d_PrivateKey_fp(FILE *, EVP_PKEY *); 0802 0803 /* Write PKCS#8privatekey to FILE stream */ 0804 int i2d_PKCS8PrivateKey_fp(FILE *, EVP_PKEY *, const EVP_CIPHER *, char *, int, pem_password_cb *, void *); 0805 0806 /* Free RSA structure */ 0807 void RSA_free(RSA *); 0808 0809 /* Get a blowfish CBC pointer */ 0810 EVP_CIPHER *EVP_bf_cbc(); 0811 0812 /* Sign a CSR */ 0813 int X509_REQ_sign(X509_REQ *, EVP_PKEY *, const EVP_MD *); 0814 0815 /* add a name entry */ 0816 int X509_NAME_add_entry_by_txt(X509_NAME *, char *, int, unsigned char *, int, int, int); 0817 0818 /* Create a name */ 0819 X509_NAME *X509_NAME_new(); 0820 0821 /* Set the subject */ 0822 int X509_REQ_set_subject_name(X509_REQ *, X509_NAME *); 0823 0824 /* get list of available SSL_CIPHER's sorted by preference */ 0825 STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl); 0826 0827 #endif 0828 0829 private: 0830 friend class KOpenSSLProxyPrivate; 0831 KOpenSSLProxy(); 0832 ~KOpenSSLProxy(); 0833 KOpenSSLProxyPrivate *const d; 0834 }; 0835 0836 #endif