00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022 #ifndef __KOPENSSLPROXY_H
00023 #define __KOPENSSLPROXY_H
00024
00025 #define KOSSL KOpenSSLProxy
00026 class KOpenSSLProxyPrivate;
00027
00028 #include <klibloader.h>
00029
00030 #ifdef Q_WS_WIN
00031 #include "ksslconfig_win.h"
00032 #else
00033 #include "ksslconfig.h"
00034 #endif
00035
00036 #ifdef KSSL_HAVE_SSL
00037 #define crypt _openssl_crypt
00038 #include <openssl/ssl.h>
00039 #include <openssl/x509.h>
00040 #include <openssl/x509v3.h>
00041 #include <openssl/pem.h>
00042 #include <openssl/bio.h>
00043 #include <openssl/rand.h>
00044 #include <openssl/asn1.h>
00045 #include <openssl/pkcs7.h>
00046 #include <openssl/pkcs12.h>
00047 #include <openssl/evp.h>
00048 #include <openssl/stack.h>
00049 #include <openssl/bn.h>
00050 #undef crypt
00051 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
00052 #define STACK OPENSSL_STACK
00053 #else
00054 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
00055 #define STACK _STACK
00056 #endif
00057 #endif
00058 #endif
00059
00060 #include <kstaticdeleter.h>
00061
00062 #if OPENSSL_VERSION_NUMBER < 0x10100000L
00063 typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
00064 typedef int X509_LOOKUP_TYPE;
00065 #endif
00066
00075 class TDEIO_EXPORT KOpenSSLProxy {
00076 friend class KStaticDeleter<KOpenSSLProxy>;
00077 public:
00078
00083 static KOpenSSLProxy *self();
00084
00088 bool hasLibCrypto() const;
00089
00093 bool hasLibSSL() const;
00094
00099 void destroy();
00100
00101
00102 #ifdef KSSL_HAVE_SSL
00103
00104
00105
00106
00107 int SSL_connect(SSL *ssl);
00108
00109
00110
00111
00112 int SSL_accept(SSL *ssl);
00113
00114
00115
00116
00117 int SSL_get_error(SSL *ssl, int rc);
00118
00119
00120
00121
00122 int SSL_read(SSL *ssl, void *buf, int num);
00123
00124
00125
00126
00127 int SSL_write(SSL *ssl, const void *buf, int num);
00128
00129
00130
00131
00132 SSL *SSL_new(SSL_CTX *ctx);
00133
00134
00135
00136
00137 void SSL_free(SSL *ssl);
00138
00139
00140
00141
00142 int SSL_shutdown(SSL *ssl);
00143
00144
00145
00146
00147 SSL_CTX *SSL_CTX_new(SSL_METHOD *method);
00148
00149
00150
00151
00152 void SSL_CTX_free(SSL_CTX *ctx);
00153
00154
00155
00156
00157 int SSL_set_fd(SSL *ssl, int fd);
00158
00159
00160
00161
00162 int SSL_pending(SSL *ssl);
00163
00164
00165
00166
00167 int SSL_peek(SSL *ssl, void *buf, int num);
00168
00169
00170
00171
00172 int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str);
00173
00174
00175
00176
00177 void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
00178 int (*verify_callback)(int, X509_STORE_CTX *));
00179
00180
00181
00182
00183 int SSL_use_certificate(SSL *ssl, X509 *x);
00184
00185
00186
00187
00188 SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);
00189
00190
00191 long _SSL_set_options(SSL *ssl, long options);
00192
00193
00194 int _SSL_session_reused(SSL *ssl);
00195
00196
00197 long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
00198
00199
00200
00201
00202 int RAND_egd(const char *path);
00203
00204
00205
00206
00207
00208 const char *RAND_file_name(char *buf, size_t num);
00209
00210
00211
00212
00213
00214 int RAND_load_file(const char *filename, long max_bytes);
00215
00216
00217
00218
00219
00220 int RAND_write_file(const char *filename);
00221
00222
00223
00224
00225
00226 SSL_METHOD *TLSv1_client_method();
00227
00228
00229
00230
00231
00232 SSL_METHOD *SSLv2_client_method();
00233
00234
00235
00236
00237
00238 SSL_METHOD *SSLv3_client_method();
00239
00240
00241
00242
00243
00244 SSL_METHOD *TLS_client_method();
00245
00246
00247
00248
00249
00250 X509 *SSL_get_peer_certificate(SSL *s);
00251
00252
00253
00254
00255
00256 STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s);
00257
00258
00259
00260
00261 int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits);
00262
00263
00264
00265
00266
00267 char *SSL_CIPHER_get_version(SSL_CIPHER *c);
00268
00269
00270
00271
00272
00273 const char *SSL_CIPHER_get_name(SSL_CIPHER *c);
00274
00275
00276
00277
00278
00279 char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);
00280
00281
00282
00283
00284
00285
00286 int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
00287
00288
00289
00290
00291
00292 int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
00293
00294
00295
00296
00297
00298 X509 * d2i_X509(X509 **a,unsigned char **pp,long length);
00299
00300
00301
00302
00303 X509_CRL * d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length);
00304
00305
00306
00307
00308
00309 int i2d_X509(X509 *a,unsigned char **pp);
00310
00311
00312
00313
00314
00315 int X509_cmp(X509 *a, X509 *b);
00316
00317
00318
00319
00320
00321 int X509_subject_name_cmp(const X509 *a, const X509 *b);
00322
00323
00324
00325
00326
00327 X509 *X509_dup(X509 *x509);
00328
00329
00330
00331
00332
00333 void X509_get0_signature(const ASN1_BIT_STRING **psig,
00334 const X509_ALGOR **palg, const X509 *x);
00335
00336
00337
00338
00339
00340
00341 ASN1_TIME *X509_getm_notAfter(const X509 *x);
00342
00343
00344
00345
00346
00347 ASN1_TIME *X509_getm_notBefore(const X509 *x);
00348
00349
00350
00351
00352
00353 X509_STORE_CTX *X509_STORE_CTX_new(void);
00354
00355
00356
00357
00358
00359 void X509_STORE_CTX_free(X509_STORE_CTX *v);
00360
00361
00362
00363
00364
00365 void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *v, STACK_OF(X509)* x);
00366
00367
00368
00369
00370
00371 void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose);
00372
00373
00374
00375
00376
00377 X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
00378
00379
00380
00381
00382
00383 int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
00384
00385
00386
00387
00388
00389 int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
00390
00391
00392
00393
00394
00395 void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
00396
00397
00398
00399
00400
00401 void X509_STORE_set_verify_cb(X509_STORE *ctx,
00402 X509_STORE_CTX_verify_cb verify_cb);
00403
00404
00405
00406
00407
00408 STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v);
00409
00410
00411
00412
00413
00414 X509_LOOKUP_TYPE X509_OBJECT_get_type(const X509_OBJECT *a);
00415
00416
00417
00418
00419
00420 X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a);
00421
00422
00423
00424
00425
00426 int X509_verify_cert(X509_STORE_CTX *v);
00427
00428
00429
00430
00431
00432 X509_STORE *X509_STORE_new(void);
00433
00434
00435
00436
00437
00438 void X509_STORE_free(X509_STORE *v);
00439
00440
00441
00442
00443
00444 void X509_free(X509 *v);
00445
00446
00447
00448
00449 void X509_CRL_free(X509_CRL *v);
00450
00451
00452
00453
00454
00455 const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
00456
00457
00458
00459
00460
00461 const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
00462
00463
00464
00465
00466
00467 char *X509_NAME_oneline(X509_NAME *a, char *buf, int size);
00468
00469
00470
00471
00472
00473 X509_NAME *X509_get_subject_name(X509 *a);
00474
00475
00476
00477
00478
00479 X509_NAME *X509_get_issuer_name(X509 *a);
00480
00481
00482
00483
00484
00485 X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
00486
00487
00488
00489
00490
00491 X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
00492
00493
00494
00495
00496
00497 void X509_LOOKUP_free(X509_LOOKUP *x);
00498
00499
00500
00501
00502
00503 int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret);
00504
00505
00506
00507
00508
00509 void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain);
00510
00511
00512
00513
00514
00515 void CRYPTO_free(void *x);
00516
00517
00518
00519
00520 BIO *BIO_new(BIO_METHOD *type);
00521
00522
00523
00524
00525 BIO_METHOD *BIO_s_mem(void);
00526
00527
00528
00529
00530 BIO *BIO_new_fp(FILE *stream, int close_flag);
00531
00532
00533
00534
00535 BIO *BIO_new_mem_buf(void *buf, int len);
00536
00537
00538
00539
00540 int BIO_free(BIO *a);
00541
00542
00543
00544
00545 long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
00546
00547
00548
00549
00550 int BIO_write(BIO *b, const void *data, int len);
00551
00552
00553
00554
00555 void *BIO_get_data(BIO *a);
00556
00557
00558
00559
00560 int PEM_write_bio_X509(BIO *bp, X509 *x);
00561
00562 #if OPENSSL_VERSION_NUMBER < 0x10000000L
00563
00564
00565
00566 ASN1_METHOD *X509_asn1_meth();
00567 #endif
00568
00569
00570
00571
00572 int ASN1_i2d_fp(FILE *out, unsigned char *x);
00573
00574
00575
00576
00577
00578 X509 *X509_d2i_fp(FILE *out, X509** buf);
00579
00580
00581
00582
00583
00584 int X509_print(FILE *fp, X509 *x);
00585
00586
00587
00588
00589
00590 PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
00591
00592
00593
00594
00595
00596 int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
00597
00598
00599
00600
00601
00602 int i2d_PKCS12(PKCS12 *p12, unsigned char **p);
00603
00604
00605
00606
00607
00608 int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
00609
00610
00611
00612
00613
00614 PKCS12 *PKCS12_new(void);
00615
00616
00617
00618
00619
00620 void PKCS12_free(PKCS12 *a);
00621
00622
00623
00624
00625
00626 int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey,
00627 X509 **cert, STACK_OF(X509) **ca);
00628
00629
00630
00631
00632
00633 void EVP_PKEY_free(EVP_PKEY *x);
00634
00635
00636
00637
00638
00639 char *OPENSSL_sk_pop(STACK *s);
00640
00641 char *OPENSSL_sk_pop(void *s) { return OPENSSL_sk_pop(reinterpret_cast<STACK*>(s)); }
00642
00643
00644
00645
00646
00647 void OPENSSL_sk_free(STACK *s);
00648
00649 void OPENSSL_sk_free(void *s) { OPENSSL_sk_free(reinterpret_cast<STACK*>(s)); }
00650
00651
00652
00653
00654 int OPENSSL_sk_num(STACK *s);
00655
00656 int OPENSSL_sk_num(void *s) { return OPENSSL_sk_num(reinterpret_cast<STACK*>(s)); }
00657
00658
00659
00660
00661 char *OPENSSL_sk_value(STACK *s, int n);
00662
00663 char *OPENSSL_sk_value(void *s, int n) { return OPENSSL_sk_value(reinterpret_cast<STACK*>(s), n); }
00664
00665
00666
00667
00668 STACK *OPENSSL_sk_new(int (*cmp)());
00669
00670
00671
00672
00673
00674 int OPENSSL_sk_push(STACK *s, char *d);
00675
00676 int OPENSSL_sk_push(void *s, void *d) { return OPENSSL_sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); }
00677
00678
00679
00680
00681 STACK *OPENSSL_sk_dup(const STACK *s);
00682
00683 STACK *OPENSSL_sk_dup(const void *s) { return OPENSSL_sk_dup(reinterpret_cast<const STACK*>(s)); }
00684
00685
00686
00687
00688 char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
00689
00690
00691
00692
00693
00694 ASN1_INTEGER *X509_get_serialNumber(X509 *x);
00695
00696
00697
00698
00699
00700 EVP_PKEY *X509_get_pubkey(X509 *x);
00701
00702
00703
00704
00705
00706 int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
00707
00708
00709
00710
00711
00712 int X509_check_private_key(X509 *x, EVP_PKEY *p);
00713
00714
00715
00716
00717
00718 char *BN_bn2hex(const BIGNUM *a);
00719
00720
00721
00722
00723
00724 int X509_digest(const X509 *x,const EVP_MD *t, unsigned char *md, unsigned int *len);
00725
00726
00727
00728
00729
00730 EVP_MD *EVP_md5();
00731
00732
00733
00734
00735
00736 void ASN1_INTEGER_free(ASN1_INTEGER *x);
00737
00738
00739
00740
00741
00742 unsigned char *ASN1_STRING_data(ASN1_STRING *x);
00743
00744
00745
00746
00747 int ASN1_STRING_length(ASN1_STRING *x);
00748
00749
00750
00751
00752 int OBJ_obj2nid(ASN1_OBJECT *o);
00753
00754
00755
00756
00757 const char * OBJ_nid2ln(int n);
00758
00759
00760
00761
00762 int X509_get_ext_count(X509 *x);
00763
00764
00765
00766
00767 int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
00768
00769
00770
00771
00772 int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos);
00773
00774
00775
00776
00777 X509_EXTENSION *X509_get_ext(X509 *x, int loc);
00778
00779
00780
00781
00782 X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
00783
00784
00785
00786
00787 int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
00788
00789
00790
00791
00792 void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
00793
00794
00795
00796
00797 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
00798
00799
00800
00801
00802 int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
00803
00804
00805
00806
00807 PKCS7 *PKCS7_new(void);
00808
00809
00810
00811
00812 void PKCS7_free(PKCS7 *a);
00813
00814
00815
00816
00817 void PKCS7_content_free(PKCS7 *a);
00818
00819
00820
00821
00822 int i2d_PKCS7(PKCS7 *a, unsigned char **pp);
00823
00824
00825
00826
00827 PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp,long length);
00828
00829
00830
00831
00832 int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
00833
00834
00835
00836
00837 PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 **p7);
00838
00839
00840
00841
00842 int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
00843
00844
00845
00846
00847 PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7);
00848
00849
00850
00851
00852 PKCS7 *PKCS7_dup(PKCS7 *p7);
00853
00854
00855
00856
00857 PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
00858 BIO *data, int flags);
00859
00860
00861
00862
00863 int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
00864 BIO *indata, BIO *out, int flags);
00865
00866
00867
00868
00869 STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
00870
00871
00872
00873
00874 PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher,
00875 int flags);
00876
00877
00878
00879
00880 int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
00881
00882
00883
00884
00885
00886 STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
00887
00888
00889
00890
00891 STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
00892 pem_password_cb *cb, void *u);
00893
00894
00895
00896
00897 int X509_PURPOSE_get_count();
00898
00899
00900
00901
00902
00903 int X509_PURPOSE_get_id(X509_PURPOSE *);
00904
00905
00906
00907
00908
00909 int X509_check_purpose(X509 *x, int id, int ca);
00910
00911
00912
00913
00914
00915 X509_PURPOSE * X509_PURPOSE_get0(int idx);
00916
00917
00918
00919
00920
00921 EVP_PKEY* EVP_PKEY_new();
00922
00923
00924
00925
00926
00927 int EVP_PKEY_base_id(const EVP_PKEY *pkey);
00928
00929
00930
00931
00932
00933 int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key);
00934
00935
00936
00937
00938
00939 RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
00940
00941
00942
00943
00944
00945 DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
00946
00947
00948
00949
00950
00951 void RSA_get0_key(const RSA *r,
00952 const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
00953
00954
00955
00956
00957
00958 RSA *RSA_generate_key(int bits, unsigned long e, void
00959 (*callback)(int,int,void *), void *cb_arg);
00960
00961
00962
00963
00964
00965 void DSA_get0_pqg(const DSA *d,
00966 const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
00967
00968
00969
00970
00971
00972 void DSA_get0_key(const DSA *d,
00973 const BIGNUM **pub_key, const BIGNUM **priv_key);
00974
00975
00976
00977
00978
00979 X509_REQ *X509_REQ_new();
00980 void X509_REQ_free(X509_REQ *a);
00981
00982
00983
00984
00985
00986 int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
00987
00988
00989 int i2d_X509_REQ_fp(FILE *fp, X509_REQ *x);
00990
00991
00992 STACK *X509_get1_email(X509 *x);
00993 void X509_email_free(STACK *sk);
00994
00995
00996 EVP_CIPHER *EVP_des_ede3_cbc();
00997 EVP_CIPHER *EVP_des_cbc();
00998 EVP_CIPHER *EVP_rc2_cbc();
00999 EVP_CIPHER *EVP_rc2_64_cbc();
01000 EVP_CIPHER *EVP_rc2_40_cbc();
01001
01002
01003 void ERR_clear_error();
01004
01005
01006 unsigned long ERR_get_error();
01007
01008
01009 void ERR_print_errors_fp(FILE *fp);
01010
01011
01012 SSL_SESSION *SSL_get1_session(SSL *ssl);
01013
01014
01015 void SSL_SESSION_free(SSL_SESSION *session);
01016
01017
01018 int SSL_set_session(SSL *ssl, SSL_SESSION *session);
01019
01020
01021 SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, long length);
01022
01023 int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
01024
01025
01026 int i2d_PrivateKey_fp(FILE*, EVP_PKEY*);
01027
01028
01029 int i2d_PKCS8PrivateKey_fp(FILE*, EVP_PKEY*, const EVP_CIPHER*, char*, int, pem_password_cb*, void*);
01030
01031
01032 void RSA_free(RSA*);
01033
01034
01035 EVP_CIPHER *EVP_bf_cbc();
01036
01037
01038 int X509_REQ_sign(X509_REQ*, EVP_PKEY*, const EVP_MD*);
01039
01040
01041 int X509_NAME_add_entry_by_txt(X509_NAME*, char*, int, unsigned char*, int, int, int);
01042
01043
01044 X509_NAME *X509_NAME_new();
01045
01046
01047 int X509_REQ_set_subject_name(X509_REQ*,X509_NAME*);
01048
01049
01050 STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL* ssl);
01051
01052
01053
01054 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && OPENSSL_API_COMPAT < 0x10100000L
01055 # undef sk_dup
01056 # undef sk_free
01057 # undef sk_new
01058 # undef sk_num
01059 # undef sk_pop
01060 # undef sk_push
01061 # undef sk_value
01062 # undef X509_STORE_CTX_set_chain
01063 # undef SSLv23_client_method
01064 #endif
01065 STACK *sk_dup(const STACK *s) KDE_DEPRECATED;
01066 void sk_free(STACK *s) KDE_DEPRECATED;
01067 STACK *sk_new(int (*cmp)()) KDE_DEPRECATED;
01068 int sk_num(STACK *s) KDE_DEPRECATED;
01069 char *sk_pop(STACK *s) KDE_DEPRECATED;
01070 int sk_push(STACK *s, char *d) KDE_DEPRECATED;
01071 char *sk_value(STACK *s, int n) KDE_DEPRECATED;
01072 void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x) KDE_DEPRECATED;
01073 SSL_METHOD *SSLv23_client_method() KDE_DEPRECATED;
01074
01075 #endif
01076
01077 private:
01078 KOpenSSLProxy();
01079 ~KOpenSSLProxy();
01080 KOpenSSLProxyPrivate *d;
01081
01082 KLibrary *_sslLib;
01083 KLibrary *_cryptoLib;
01084 static KOpenSSLProxy *_me;
01085
01086 bool _ok;
01087 };
01088
01089 #endif
01090