Skip navigation links

Recommended Servers for MySQL

The world's most popular open source database

Contact a MySQL Representative

Login | Register

• MySQL.com
• Downloads
• Developer Zone
• Partners & Solutions
• Customer Login

• DevZone
• Documentation
• Librarian
• Articles
• Forums
• Bugs
• Forge
• Planet MySQL
• Labs

 

 

 

• Get Started with MySQL
• Development with MySQL
• PHP
• Perl
• Python
• Ruby
• Java/JDBC
• C#/.NET

The world's most popular open source database

yaSSL::CertManager Class Reference

#include <cert_wrapper.hpp>

Collaboration diagram for yaSSL::CertManager:

[legend]List of all members.

Public Member Functions
	CertManager ()
	~CertManager ()
void	AddPeerCert (x509 *x)
void	CopySelfCert (const x509 *x)
int	CopyCaCert (const x509 *x)
int	Validate ()
int	SetPrivateKey (const x509 &)
const x509 *	get_cert () const
const opaque *	get_peerKey () const
const opaque *	get_privateKey () const
X509 *	get_peerX509 () const
SignatureAlgorithm	get_keyType () const
SignatureAlgorithm	get_peerKeyType () const
uint	get_peerKeyLength () const
uint	get_privateKeyLength () const
bool	verifyPeer () const
bool	verifyNone () const
bool	failNoCert () const
bool	sendVerify () const
void	setVerifyPeer ()
void	setVerifyNone ()
void	setFailNoCert ()
void	setSendVerify ()
Private Types
typedef mySTL::list< x509 * >	CertList
Private Member Functions
	CertManager (const CertManager &)
CertManager &	operator= (const CertManager &)
Private Attributes
CertList	list_
input_buffer	privateKey_
CertList	peerList_
input_buffer	peerPublicKey_
X509 *	peerX509_
SignatureAlgorithm	keyType_
SignatureAlgorithm	peerKeyType_
SignerList	signers_
bool	verifyPeer_
bool	verifyNone_
bool	failNoCert_
bool	sendVerify_

---

Detailed Description

Definition at line 74 of file cert_wrapper.hpp.

---

Member Typedef Documentation

typedef mySTL::list<x509*> yaSSL::CertManager::CertList [private]

Definition at line 75 of file cert_wrapper.hpp.

---

Constructor & Destructor Documentation

yaSSL::CertManager::CertManager

(

)

Definition at line 98 of file cert_wrapper.cpp.

    : peerX509_(0), verifyPeer_(false), verifyNone_(false), failNoCert_(false),
      sendVerify_(false)
{}

yaSSL::CertManager::~CertManager

(

)

Definition at line 104 of file cert_wrapper.cpp.

References mySTL::list< T >::begin(), mySTL::list< T >::end(), mySTL::for_each(), list_, peerList_, peerX509_, signers_, and yaSSL::ysDelete().

{
    ysDelete(peerX509_);

    mySTL::for_each(signers_.begin(), signers_.end(), del_ptr_zero()) ;

    mySTL::for_each(peerList_.begin(), peerList_.end(), del_ptr_zero()) ;

    mySTL::for_each(list_.begin(), list_.end(), del_ptr_zero()) ;
}

Here is the call graph for this function:

yaSSL::CertManager::CertManager

(

const CertManager &

)

[private]

---

Member Function Documentation

void yaSSL::CertManager::AddPeerCert

(

x509 *

x

)

Definition at line 164 of file cert_wrapper.cpp.

References peerList_, mySTL::list< T >::push_back(), and x.

Referenced by yaSSL::Certificate::Process().

{ 
    peerList_.push_back(x);  // take ownership
}

Here is the call graph for this function:

Here is the caller graph for this function:

int yaSSL::CertManager::CopyCaCert

(

const x509 *

x

)

Definition at line 178 of file cert_wrapper.cpp.

References TaoCrypt::CertDecoder::CA, cert, key, NEW_YS, signers_, verifyNone_, and x.

Referenced by yaSSL::SSL::SSL().

{
    TaoCrypt::Source source(x->get_buffer(), x->get_length());
    TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_,
                               TaoCrypt::CertDecoder::CA);

    if (!cert.GetError().What()) {
        const TaoCrypt::PublicKey& key = cert.GetPublicKey();
        signers_.push_back(NEW_YS TaoCrypt::Signer(key.GetKey(), key.size(),
                                        cert.GetCommonName(), cert.GetHash()));
    }
    // just don't add, not an error return cert.GetError().What();
    return 0;
}

Here is the caller graph for this function:

void yaSSL::CertManager::CopySelfCert

(

const x509 *

x

)

Definition at line 170 of file cert_wrapper.cpp.

References list_, NEW_YS, mySTL::list< T >::push_back(), and x.

Referenced by yaSSL::SSL::SSL().

{
    if (x)
        list_.push_back(NEW_YS x509(*x));
}

Here is the call graph for this function:

Here is the caller graph for this function:

bool yaSSL::CertManager::failNoCert

(

)

const

Definition at line 128 of file cert_wrapper.cpp.

References failNoCert_.

{
    return failNoCert_;
}

const x509 * yaSSL::CertManager::get_cert

(

)

const

Definition at line 194 of file cert_wrapper.cpp.

References mySTL::list< T >::front(), and list_.

Referenced by yaSSL::CertificateRequest::Process(), and yaSSL::sendCertificate().

{ 
    return list_.front();
}

Here is the call graph for this function:

Here is the caller graph for this function:

SignatureAlgorithm yaSSL::CertManager::get_keyType

(

)

const

Definition at line 218 of file cert_wrapper.cpp.

References keyType_.

{
    return keyType_;
}

const opaque * yaSSL::CertManager::get_peerKey

(

)

const

Definition at line 200 of file cert_wrapper.cpp.

References yaSSL::input_buffer::get_buffer(), and peerPublicKey_.

{ 
    return peerPublicKey_.get_buffer();
}

Here is the call graph for this function:

uint yaSSL::CertManager::get_peerKeyLength

(

)

const

Definition at line 224 of file cert_wrapper.cpp.

References yaSSL::input_buffer::get_size(), and peerPublicKey_.

{ 
    return peerPublicKey_.get_size();
}

Here is the call graph for this function:

SignatureAlgorithm yaSSL::CertManager::get_peerKeyType

(

)

const

Definition at line 212 of file cert_wrapper.cpp.

References peerKeyType_.

{
    return peerKeyType_;
}

X509 * yaSSL::CertManager::get_peerX509

(

)

const

Definition at line 206 of file cert_wrapper.cpp.

References peerX509_.

Referenced by yaSSL::SSL_get_peer_certificate().

{
    return peerX509_;
}

Here is the caller graph for this function:

const opaque * yaSSL::CertManager::get_privateKey

(

)

const

Definition at line 230 of file cert_wrapper.cpp.

References yaSSL::input_buffer::get_buffer(), and privateKey_.

Referenced by yaSSL::CertificateRequest::Process().

{ 
    return privateKey_.get_buffer();
}

Here is the call graph for this function:

Here is the caller graph for this function:

uint yaSSL::CertManager::get_privateKeyLength

(

)

const

Definition at line 236 of file cert_wrapper.cpp.

References yaSSL::input_buffer::get_size(), and privateKey_.

{ 
    return privateKey_.get_size();
}

Here is the call graph for this function:

CertManager& yaSSL::CertManager::operator=

(

const CertManager &

)

[private]

bool yaSSL::CertManager::sendVerify

(

)

const

Definition at line 134 of file cert_wrapper.cpp.

References sendVerify_.

Referenced by yaSSL::SSL_connect().

{
    return sendVerify_;
}

Here is the caller graph for this function:

void yaSSL::CertManager::setFailNoCert

(

)

Definition at line 152 of file cert_wrapper.cpp.

References failNoCert_.

Referenced by yaSSL::SSL::SSL().

{
    failNoCert_ = true;
}

Here is the caller graph for this function:

int yaSSL::CertManager::SetPrivateKey

(

const x509 &

)

Definition at line 292 of file cert_wrapper.cpp.

References yaSSL::input_buffer::allocate(), yaSSL::input_buffer::assign(), cert, TaoCrypt::CertDecoder::DecodeToKey(), yaSSL::dsa_sa_algo, err, mySTL::list< T >::front(), TaoCrypt::BER_Decoder::GetError(), TaoCrypt::CertDecoder::GetKeyType(), key, keyType_, list_, privateKey_, yaSSL::rsa_sa_algo, and TaoCrypt::RSAk.

Referenced by yaSSL::SSL::SSL().

{
    privateKey_.allocate(key.get_length());
    privateKey_.assign(key.get_buffer(), key.get_length());

    // set key type
    if (x509* cert = list_.front()) {
        TaoCrypt::Source source(cert->get_buffer(), cert->get_length());
        TaoCrypt::CertDecoder cd(source, false);
        cd.DecodeToKey();
        if (int err = cd.GetError().What())
            return err;
        if (cd.GetKeyType() == TaoCrypt::RSAk)
            keyType_ = rsa_sa_algo;
        else
            keyType_ = dsa_sa_algo;
    }
    return 0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

void yaSSL::CertManager::setSendVerify

(

)

Definition at line 158 of file cert_wrapper.cpp.

References sendVerify_.

Referenced by yaSSL::CertificateRequest::Process().

{
    sendVerify_ = true;
}

Here is the caller graph for this function:

void yaSSL::CertManager::setVerifyNone

(

)

Definition at line 146 of file cert_wrapper.cpp.

References verifyNone_.

Referenced by yaSSL::SSL::SSL().

{
    verifyNone_ = true;
}

Here is the caller graph for this function:

void yaSSL::CertManager::setVerifyPeer

(

)

Definition at line 140 of file cert_wrapper.cpp.

References verifyPeer_.

Referenced by yaSSL::SSL::SSL().

{
    verifyPeer_ = true;
}

Here is the caller graph for this function:

int yaSSL::CertManager::Validate

(

)

Definition at line 243 of file cert_wrapper.cpp.

References yaSSL::input_buffer::allocate(), yaSSL::input_buffer::assign(), cert, count, yaSSL::dsa_sa_algo, err, key, NEW_YS, peerKeyType_, peerList_, peerPublicKey_, peerX509_, mySTL::list< T >::rbegin(), yaSSL::rsa_sa_algo, TaoCrypt::RSAk, signers_, mySTL::list< T >::size(), strlen(), and verifyNone_.

Referenced by yaSSL::Certificate::Process().

{
    CertList::iterator last  = peerList_.rbegin();  // fix this
    int count = peerList_.size();

    while ( count > 1 ) {
        TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length());
        TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_);

        if (int err = cert.GetError().What())
            return err;

        const TaoCrypt::PublicKey& key = cert.GetPublicKey();
        signers_.push_back(NEW_YS TaoCrypt::Signer(key.GetKey(), key.size(),
                                        cert.GetCommonName(), cert.GetHash()));
        --last;
        --count;
    }

    if (count) {
        // peer's is at the front
        TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length());
        TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_);

        if (int err = cert.GetError().What())
            return err;

        uint sz = cert.GetPublicKey().size();
        peerPublicKey_.allocate(sz);
        peerPublicKey_.assign(cert.GetPublicKey().GetKey(), sz);

        if (cert.GetKeyType() == TaoCrypt::RSAk)
            peerKeyType_ = rsa_sa_algo;
        else
            peerKeyType_ = dsa_sa_algo;

        int iSz = strlen(cert.GetIssuer()) + 1;
        int sSz = strlen(cert.GetCommonName()) + 1;
        int bSz = strlen(cert.GetBeforeDate()) + 1;
        int aSz = strlen(cert.GetAfterDate()) + 1;
        peerX509_ = NEW_YS X509(cert.GetIssuer(), iSz, cert.GetCommonName(),
                                sSz, cert.GetBeforeDate(), bSz,
                                cert.GetAfterDate(), aSz);
    }
    return 0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

bool yaSSL::CertManager::verifyNone

(

)

const

Definition at line 122 of file cert_wrapper.cpp.

References verifyNone_.

{
    return verifyNone_;
}

bool yaSSL::CertManager::verifyPeer

(

)

const

Definition at line 116 of file cert_wrapper.cpp.

References verifyPeer_.

Referenced by yaSSL::SSL_accept().

{
    return verifyPeer_;
}

Here is the caller graph for this function:

---

Member Data Documentation

bool yaSSL::CertManager::failNoCert_ [private]

Definition at line 91 of file cert_wrapper.hpp.

Referenced by failNoCert(), and setFailNoCert().

SignatureAlgorithm yaSSL::CertManager::keyType_ [private]

Definition at line 84 of file cert_wrapper.hpp.

Referenced by get_keyType(), and SetPrivateKey().

CertList yaSSL::CertManager::list_ [private]

Definition at line 77 of file cert_wrapper.hpp.

Referenced by CopySelfCert(), get_cert(), SetPrivateKey(), and ~CertManager().

SignatureAlgorithm yaSSL::CertManager::peerKeyType_ [private]

Definition at line 85 of file cert_wrapper.hpp.

Referenced by get_peerKeyType(), and Validate().

CertList yaSSL::CertManager::peerList_ [private]

Definition at line 80 of file cert_wrapper.hpp.

Referenced by AddPeerCert(), Validate(), and ~CertManager().

input_buffer yaSSL::CertManager::peerPublicKey_ [private]

Definition at line 81 of file cert_wrapper.hpp.

Referenced by get_peerKey(), get_peerKeyLength(), and Validate().

X509* yaSSL::CertManager::peerX509_ [private]

Definition at line 82 of file cert_wrapper.hpp.

Referenced by get_peerX509(), Validate(), and ~CertManager().

input_buffer yaSSL::CertManager::privateKey_ [private]

Definition at line 78 of file cert_wrapper.hpp.

Referenced by get_privateKey(), get_privateKeyLength(), and SetPrivateKey().

bool yaSSL::CertManager::sendVerify_ [private]

Definition at line 92 of file cert_wrapper.hpp.

Referenced by sendVerify(), and setSendVerify().

SignerList yaSSL::CertManager::signers_ [private]

Definition at line 87 of file cert_wrapper.hpp.

Referenced by CopyCaCert(), Validate(), and ~CertManager().

bool yaSSL::CertManager::verifyNone_ [private]

Definition at line 90 of file cert_wrapper.hpp.

Referenced by CopyCaCert(), setVerifyNone(), Validate(), and verifyNone().

bool yaSSL::CertManager::verifyPeer_ [private]

Definition at line 89 of file cert_wrapper.hpp.

Referenced by setVerifyPeer(), and verifyPeer().

---

The documentation for this class was generated from the following files:

• mysql/src/5.1-dbg/extra/yassl/include/cert_wrapper.hpp
• mysql/src/5.1-dbg/extra/yassl/src/cert_wrapper.cpp

---

• Products
• MySQL Enterprise
• MySQL Cluster
• MySQL Embedded (OEM/ISV)
• MySQL Data Warehouse
• MySQL Backup & Recovery
• MySQL Workbench
• MySQL Connectors
• Online Shop

• Downloads
• MySQL Community Server
• MySQL Enterprise
• MySQL Proxy
• MySQL Cluster
• MySQL Workbench
• GUI Tools
• Connectors
• Archives
• Snapshots
• Mirrors

• Developer Zone
• Documentation
• Librarian
• Developer Articles
• Forums
• Bugs
• Forge
• Planet MySQL
• Labs
• MySQL Meetups
• Guilds
• Lists

• About MySQL
• Contact Us
• Legal
• Privacy Policy
• Job Opportunities
• Site Map

© 1995-2008 MySQL AB, 2008- Sun Microsystems, Inc.