Skip navigation links

MySQL Newsletter - Subscribe Today!

The world's most popular open source database

MySQL 5.1: yaSSL::CertificateVerify Class Reference
yaSSL::CertificateVerify

yaSSL::CertificateVerify Class Reference

#include <yassl_imp.hpp>

Inheritance diagram for yaSSL::CertificateVerify:

Inheritance graph
[legend]
Collaboration diagram for yaSSL::CertificateVerify:

Collaboration graph
[legend]
List of all members.

Public Member Functions

 CertificateVerify ()
 ~CertificateVerify ()
input_bufferset (input_buffer &in)
output_bufferget (output_buffer &out) const
void Process (input_buffer &, SSL &)
HandShakeType get_type () const
void Build (SSL &)

Private Member Functions

 CertificateVerify (const CertificateVerify &)
CertificateVerifyoperator= (const CertificateVerify &)

Private Attributes

Hashes hashes_
bytesignature_

Friends

input_bufferoperator>> (input_buffer &, CertificateVerify &)
output_bufferoperator<< (output_buffer &, const CertificateVerify &)

Detailed Description

Definition at line 561 of file yassl_imp.hpp.

Constructor & Destructor Documentation

yaSSL::CertificateVerify::CertificateVerify (  ) 

Definition at line 1671 of file yassl_imp.cpp.

01671                                      : signature_(0)
01672 {}

yaSSL::CertificateVerify::~CertificateVerify (  ) 

Definition at line 1675 of file yassl_imp.cpp.

References signature_, and yaSSL::ysArrayDelete().

01676 {
01677     ysArrayDelete(signature_);
01678 }

Here is the call graph for this function:

yaSSL::CertificateVerify::CertificateVerify ( const CertificateVerify  )  [private]

Member Function Documentation

void yaSSL::CertificateVerify::Build ( SSL  ) 

Definition at line 1681 of file yassl_imp.cpp.

References yaSSL::build_certHashes(), yaSSL::c16toa(), cert, yaSSL::DSS_ENCODED_EXTRA, yaSSL::DSS_SIG_SZ, TaoCrypt::EncodeDSA_Signature(), yaSSL::Crypto::get_certManager(), yaSSL::Crypto::get_random(), yaSSL::SSL::getCrypto(), hashes_, yaSSL::Hashes::md5_, memcpy, NEW_YS, yaSSL::rsa_sa_algo, yaSSL::HandShakeBase::set_length(), yaSSL::Hashes::sha_, yaSSL::SHA_LEN, sig(), signature_, yaSSL::VERIFY_HEADER, and yaSSL::ysArrayDelete().

Referenced by yaSSL::sendCertificateVerify().

01682 {
01683     build_certHashes(ssl, hashes_);
01684 
01685     uint16 sz = 0;
01686     byte   len[VERIFY_HEADER];
01687     mySTL::auto_ptr<byte> sig(ysArrayDelete);
01688 
01689     // sign
01690     const CertManager& cert = ssl.getCrypto().get_certManager();
01691     if (cert.get_keyType() == rsa_sa_algo) {
01692         RSA rsa(cert.get_privateKey(), cert.get_privateKeyLength(), false);
01693 
01694         sz = rsa.get_cipherLength() + VERIFY_HEADER;
01695         sig.reset(NEW_YS byte[sz]);
01696 
01697         c16toa(sz - VERIFY_HEADER, len);
01698         memcpy(sig.get(), len, VERIFY_HEADER);
01699         rsa.sign(sig.get() + VERIFY_HEADER, hashes_.md5_, sizeof(Hashes),
01700                  ssl.getCrypto().get_random());
01701     }
01702     else {  // DSA
01703         DSS dss(cert.get_privateKey(), cert.get_privateKeyLength(), false);
01704 
01705         sz = DSS_SIG_SZ + DSS_ENCODED_EXTRA + VERIFY_HEADER;
01706         sig.reset(NEW_YS byte[sz]);
01707 
01708         c16toa(sz - VERIFY_HEADER, len);
01709         memcpy(sig.get(), len, VERIFY_HEADER);
01710         dss.sign(sig.get() + VERIFY_HEADER, hashes_.sha_, SHA_LEN,
01711                  ssl.getCrypto().get_random());
01712 
01713         byte encoded[DSS_SIG_SZ + DSS_ENCODED_EXTRA];
01714         TaoCrypt::EncodeDSA_Signature(sig.get() + VERIFY_HEADER, encoded);
01715         memcpy(sig.get() + VERIFY_HEADER, encoded, sizeof(encoded));
01716     }
01717     set_length(sz);
01718     signature_ = sig.release();
01719 }

Here is the call graph for this function:

Here is the caller graph for this function:

output_buffer & yaSSL::CertificateVerify::get ( output_buffer out  )  const [virtual]

Implements yaSSL::HandShakeBase.

Definition at line 1728 of file yassl_imp.cpp.

01729 {
01730     return out << *this;
01731 }

HandShakeType yaSSL::CertificateVerify::get_type (  )  const [virtual]

Implements yaSSL::HandShakeBase.

Definition at line 1785 of file yassl_imp.cpp.

References yaSSL::certificate_verify.

01786 {
01787     return certificate_verify;
01788 }

CertificateVerify& yaSSL::CertificateVerify::operator= ( const CertificateVerify  )  [private]

void yaSSL::CertificateVerify::Process ( input_buffer ,
SSL  
) [virtual]

Implements yaSSL::HandShakeBase.

Definition at line 1762 of file yassl_imp.cpp.

References cert, TaoCrypt::DecodeDSA_Signature(), yaSSL::DSS_SIG_SZ, yaSSL::Crypto::get_certManager(), yaSSL::sslHashes::get_certVerify(), yaSSL::HandShakeBase::get_length(), yaSSL::SSL::getCrypto(), yaSSL::SSL::getHashes(), yaSSL::Hashes::md5_, yaSSL::rsa_sa_algo, yaSSL::SSL::SetError(), yaSSL::Hashes::sha_, yaSSL::SHA_LEN, signature_, and yaSSL::verify_error.

01763 {
01764     const Hashes&      hashVerify = ssl.getHashes().get_certVerify();
01765     const CertManager& cert       = ssl.getCrypto().get_certManager();
01766 
01767     if (cert.get_peerKeyType() == rsa_sa_algo) {
01768         RSA rsa(cert.get_peerKey(), cert.get_peerKeyLength());
01769 
01770         if (!rsa.verify(hashVerify.md5_, sizeof(hashVerify), signature_,
01771                         get_length()))
01772             ssl.SetError(verify_error);
01773     }
01774     else { // DSA
01775         byte decodedSig[DSS_SIG_SZ];
01776         TaoCrypt::DecodeDSA_Signature(decodedSig, signature_, get_length());
01777         
01778         DSS dss(cert.get_peerKey(), cert.get_peerKeyLength());
01779         if (!dss.verify(hashVerify.sha_, SHA_LEN, decodedSig, get_length()))
01780             ssl.SetError(verify_error);
01781     }
01782 }

Here is the call graph for this function:

input_buffer & yaSSL::CertificateVerify::set ( input_buffer in  )  [virtual]

Implements yaSSL::HandShakeBase.

Definition at line 1722 of file yassl_imp.cpp.

01723 {
01724     return in >> *this;
01725 }

Friends And Related Function Documentation

output_buffer& operator<< ( output_buffer output,
const CertificateVerify verify 
) [friend]

Definition at line 1752 of file yassl_imp.cpp.

01754 {
01755     output.write(verify.signature_, verify.get_length());
01756 
01757     return output;
01758 }

input_buffer& operator>> ( input_buffer input,
CertificateVerify request 
) [friend]

Definition at line 1735 of file yassl_imp.cpp.

01736 {
01737     byte tmp[VERIFY_HEADER];
01738     input.read(tmp, sizeof(tmp));
01739 
01740     uint16 sz = 0;
01741     ato16(tmp, sz);
01742     request.set_length(sz);
01743 
01744     request.signature_ = NEW_YS byte[sz];
01745     input.read(request.signature_, sz);
01746 
01747     return input;
01748 }

Member Data Documentation

Hashes yaSSL::CertificateVerify::hashes_ [private]

Definition at line 562 of file yassl_imp.hpp.

Referenced by Build().

byte* yaSSL::CertificateVerify::signature_ [private]

Definition at line 563 of file yassl_imp.hpp.

Referenced by Build(), yaSSL::operator<<(), yaSSL::operator>>(), Process(), and ~CertificateVerify().

The documentation for this class was generated from the following files:
Generated on Sun Sep 10 00:46:32 2006 for MySQL 5.1 by  doxygen 1.4.7