22 #ifndef __KOPENSSLPROXY_H
23 #define __KOPENSSLPROXY_H
25 #define KOSSL KOpenSSLProxy
26 class KOpenSSLProxyPrivate;
28 #include <klibloader.h>
31 #include "ksslconfig_win.h"
33 #include "ksslconfig.h"
37 #define crypt _openssl_crypt
38 #include <openssl/ssl.h>
39 #include <openssl/x509.h>
40 #include <openssl/x509v3.h>
41 #include <openssl/pem.h>
42 #include <openssl/bio.h>
43 #include <openssl/rand.h>
44 #include <openssl/asn1.h>
45 #include <openssl/pkcs7.h>
46 #include <openssl/pkcs12.h>
47 #include <openssl/evp.h>
48 #include <openssl/stack.h>
49 #include <openssl/bn.h>
52 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
53 #define STACK OPENSSL_STACK
55 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
61 #include <kstaticdeleter.h>
63 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
64 typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
65 typedef int X509_LOOKUP_TYPE;
89 bool hasLibCrypto()
const;
94 bool hasLibSSL()
const;
108 int SSL_connect(SSL *ssl);
113 int SSL_accept(SSL *ssl);
118 int SSL_get_error(SSL *ssl,
int rc);
123 int SSL_read(SSL *ssl,
void *buf,
int num);
128 int SSL_write(SSL *ssl,
const void *buf,
int num);
133 SSL *SSL_new(SSL_CTX *ctx);
138 void SSL_free(SSL *ssl);
143 int SSL_shutdown(SSL *ssl);
148 SSL_CTX *SSL_CTX_new(SSL_METHOD *method);
153 void SSL_CTX_free(SSL_CTX *ctx);
158 int SSL_set_fd(SSL *ssl,
int fd);
163 int SSL_pending(SSL *ssl);
168 int SSL_peek(SSL *ssl,
void *buf,
int num);
173 int SSL_CTX_set_cipher_list(SSL_CTX *ctx,
const char *str);
178 void SSL_CTX_set_verify(SSL_CTX *ctx,
int mode,
179 int (*verify_callback)(
int, X509_STORE_CTX *));
184 int SSL_use_certificate(SSL *ssl, X509 *x);
189 SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);
192 long _SSL_set_options(SSL *ssl,
long options);
195 int _SSL_session_reused(SSL *ssl);
198 long SSL_ctrl(SSL *ssl,
int cmd,
long larg,
void *parg);
203 int RAND_egd(
const char *path);
209 const char *RAND_file_name(
char *buf,
size_t num);
215 int RAND_load_file(
const char *filename,
long max_bytes);
221 int RAND_write_file(
const char *filename);
227 SSL_METHOD *TLSv1_client_method();
233 SSL_METHOD *SSLv2_client_method();
239 SSL_METHOD *SSLv3_client_method();
245 SSL_METHOD *TLS_client_method();
251 X509 *SSL_get_peer_certificate(SSL *s);
257 STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s);
262 int SSL_CIPHER_get_bits(SSL_CIPHER *c,
int *alg_bits);
268 char *SSL_CIPHER_get_version(SSL_CIPHER *c);
274 const char *SSL_CIPHER_get_name(SSL_CIPHER *c);
280 char *SSL_CIPHER_description(SSL_CIPHER *,
char *buf,
int size);
287 int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
293 int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
299 X509 * d2i_X509(X509 **a,
unsigned char **pp,
long length);
304 X509_CRL * d2i_X509_CRL(X509_CRL **a,
unsigned char **pp,
long length);
310 int i2d_X509(X509 *a,
unsigned char **pp);
316 int X509_cmp(X509 *a, X509 *b);
322 int X509_subject_name_cmp(
const X509 *a,
const X509 *b);
328 X509 *X509_dup(X509 *x509);
334 void X509_get0_signature(
const ASN1_BIT_STRING **psig,
335 const X509_ALGOR **palg,
const X509 *x);
342 ASN1_TIME *X509_getm_notAfter(
const X509 *x);
348 ASN1_TIME *X509_getm_notBefore(
const X509 *x);
354 X509_STORE_CTX *X509_STORE_CTX_new(
void);
360 void X509_STORE_CTX_free(X509_STORE_CTX *v);
366 void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *v, STACK_OF(X509)* x);
372 void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v,
int purpose);
378 X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
384 int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
390 int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
396 void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,
int s);
402 void X509_STORE_set_verify_cb(X509_STORE *ctx,
403 X509_STORE_CTX_verify_cb verify_cb);
409 STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v);
415 X509_LOOKUP_TYPE X509_OBJECT_get_type(
const X509_OBJECT *a);
421 X509 *X509_OBJECT_get0_X509(
const X509_OBJECT *a);
427 int X509_verify_cert(X509_STORE_CTX *v);
433 X509_STORE *X509_STORE_new(
void);
439 void X509_STORE_free(X509_STORE *v);
445 void X509_free(X509 *v);
450 void X509_CRL_free(X509_CRL *v);
456 const ASN1_TIME *X509_CRL_get0_lastUpdate(
const X509_CRL *crl);
462 const ASN1_TIME *X509_CRL_get0_nextUpdate(
const X509_CRL *crl);
468 char *X509_NAME_oneline(X509_NAME *a,
char *buf,
int size);
474 X509_NAME *X509_get_subject_name(X509 *a);
480 X509_NAME *X509_get_issuer_name(X509 *a);
486 X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
492 X509_LOOKUP_METHOD *X509_LOOKUP_file(
void);
498 void X509_LOOKUP_free(X509_LOOKUP *x);
504 int X509_LOOKUP_ctrl(X509_LOOKUP *ctx,
int cmd,
const char *argc,
long argl,
char **ret);
510 void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain);
516 void CRYPTO_free(
void *x);
521 BIO *BIO_new(BIO_METHOD *type);
526 BIO_METHOD *BIO_s_mem(
void);
531 BIO *BIO_new_fp(FILE *stream,
int close_flag);
536 BIO *BIO_new_mem_buf(
void *buf,
int len);
541 int BIO_free(BIO *a);
546 long BIO_ctrl(BIO *bp,
int cmd,
long larg,
void *parg);
551 int BIO_write(BIO *b,
const void *data,
int len);
556 void *BIO_get_data(BIO *a);
561 int PEM_write_bio_X509(BIO *bp, X509 *x);
563 #if OPENSSL_VERSION_NUMBER < 0x10000000L
567 ASN1_METHOD *X509_asn1_meth();
573 int ASN1_i2d_fp(FILE *out,
unsigned char *x);
579 X509 *X509_d2i_fp(FILE *out, X509** buf);
585 int X509_print(FILE *fp, X509 *x);
591 PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
597 int PKCS12_newpass(PKCS12 *p12,
char *oldpass,
char *newpass);
603 int i2d_PKCS12(PKCS12 *p12,
unsigned char **p);
609 int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
615 PKCS12 *PKCS12_new(
void);
621 void PKCS12_free(PKCS12 *a);
627 int PKCS12_parse(PKCS12 *p12,
const char *pass, EVP_PKEY **pkey,
628 X509 **cert, STACK_OF(X509) **ca);
634 void EVP_PKEY_free(EVP_PKEY *x);
640 char *OPENSSL_sk_pop(STACK *s);
642 char *OPENSSL_sk_pop(
void *s) {
return OPENSSL_sk_pop(
reinterpret_cast<STACK*
>(s)); }
648 void OPENSSL_sk_free(STACK *s);
650 void OPENSSL_sk_free(
void *s) { OPENSSL_sk_free(
reinterpret_cast<STACK*
>(s)); }
655 int OPENSSL_sk_num(STACK *s);
657 int OPENSSL_sk_num(
void *s) {
return OPENSSL_sk_num(
reinterpret_cast<STACK*
>(s)); }
662 char *OPENSSL_sk_value(STACK *s,
int n);
664 char *OPENSSL_sk_value(
void *s,
int n) {
return OPENSSL_sk_value(
reinterpret_cast<STACK*
>(s), n); }
669 STACK *OPENSSL_sk_new(
int (*cmp)());
675 int OPENSSL_sk_push(STACK *s,
char *d);
677 int OPENSSL_sk_push(
void *s,
void *d) {
return OPENSSL_sk_push(
reinterpret_cast<STACK*
>(s),
reinterpret_cast<char*
>(d)); }
682 STACK *OPENSSL_sk_dup(
const STACK *s);
684 STACK *OPENSSL_sk_dup(
const void *s) {
return OPENSSL_sk_dup(
reinterpret_cast<const STACK*
>(s)); }
689 char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
695 ASN1_INTEGER *X509_get_serialNumber(X509 *x);
701 EVP_PKEY *X509_get_pubkey(X509 *x);
707 int i2d_PublicKey(EVP_PKEY *a,
unsigned char **pp);
713 int X509_check_private_key(X509 *x, EVP_PKEY *p);
719 char *BN_bn2hex(
const BIGNUM *a);
725 int X509_digest(
const X509 *x,
const EVP_MD *t,
unsigned char *md,
unsigned int *len);
737 void ASN1_INTEGER_free(ASN1_INTEGER *x);
743 unsigned char *ASN1_STRING_data(ASN1_STRING *x);
748 int ASN1_STRING_length(ASN1_STRING *x);
753 int OBJ_obj2nid(ASN1_OBJECT *o);
758 const char * OBJ_nid2ln(
int n);
763 int X509_get_ext_count(X509 *x);
768 int X509_get_ext_by_NID(X509 *x,
int nid,
int lastpos);
773 int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,
int lastpos);
778 X509_EXTENSION *X509_get_ext(X509 *x,
int loc);
783 X509_EXTENSION *X509_delete_ext(X509 *x,
int loc);
788 int X509_add_ext(X509 *x, X509_EXTENSION *ex,
int loc);
793 void *X509_get_ext_d2i(X509 *x,
int nid,
int *crit,
int *idx);
798 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
803 int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a,
int n);
808 PKCS7 *PKCS7_new(
void);
813 void PKCS7_free(PKCS7 *a);
818 void PKCS7_content_free(PKCS7 *a);
823 int i2d_PKCS7(PKCS7 *a,
unsigned char **pp);
828 PKCS7 *d2i_PKCS7(PKCS7 **a,
unsigned char **pp,
long length);
833 int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
838 PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 **p7);
843 int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
848 PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7);
853 PKCS7 *PKCS7_dup(PKCS7 *p7);
858 PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
859 BIO *data,
int flags);
864 int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
865 BIO *indata, BIO *out,
int flags);
870 STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
int flags);
875 PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher,
881 int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
int flags);
887 STACK_OF(X509_NAME) *SSL_load_client_CA_file(
const char *file);
892 STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
893 pem_password_cb *cb,
void *u);
898 int X509_PURPOSE_get_count();
904 int X509_PURPOSE_get_id(X509_PURPOSE *);
910 int X509_check_purpose(X509 *x,
int id,
int ca);
916 X509_PURPOSE * X509_PURPOSE_get0(
int idx);
922 EVP_PKEY* EVP_PKEY_new();
928 int EVP_PKEY_base_id(
const EVP_PKEY *pkey);
934 int EVP_PKEY_assign(EVP_PKEY *pkey,
int type,
char *key);
940 RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
946 DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
952 void RSA_get0_key(
const RSA *r,
953 const BIGNUM **n,
const BIGNUM **e,
const BIGNUM **d);
959 RSA *RSA_generate_key(
int bits,
unsigned long e,
void
960 (*callback)(
int,
int,
void *),
void *cb_arg);
966 void DSA_get0_pqg(
const DSA *d,
967 const BIGNUM **p,
const BIGNUM **q,
const BIGNUM **g);
973 void DSA_get0_key(
const DSA *d,
974 const BIGNUM **pub_key,
const BIGNUM **priv_key);
980 X509_REQ *X509_REQ_new();
981 void X509_REQ_free(X509_REQ *a);
987 int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
990 int i2d_X509_REQ_fp(FILE *fp, X509_REQ *x);
993 STACK *X509_get1_email(X509 *x);
994 void X509_email_free(STACK *sk);
997 EVP_CIPHER *EVP_des_ede3_cbc();
998 EVP_CIPHER *EVP_des_cbc();
999 EVP_CIPHER *EVP_rc2_cbc();
1000 EVP_CIPHER *EVP_rc2_64_cbc();
1001 EVP_CIPHER *EVP_rc2_40_cbc();
1004 void ERR_clear_error();
1007 unsigned long ERR_get_error();
1010 void ERR_print_errors_fp(FILE *fp);
1013 SSL_SESSION *SSL_get1_session(SSL *ssl);
1016 void SSL_SESSION_free(SSL_SESSION *session);
1019 int SSL_set_session(SSL *ssl, SSL_SESSION *session);
1022 SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,
unsigned char **pp,
long length);
1024 int i2d_SSL_SESSION(SSL_SESSION *in,
unsigned char **pp);
1027 int i2d_PrivateKey_fp(FILE*, EVP_PKEY*);
1030 int i2d_PKCS8PrivateKey_fp(FILE*, EVP_PKEY*,
const EVP_CIPHER*,
char*,
int, pem_password_cb*,
void*);
1033 void RSA_free(RSA*);
1036 EVP_CIPHER *EVP_bf_cbc();
1039 int X509_REQ_sign(X509_REQ*, EVP_PKEY*,
const EVP_MD*);
1042 int X509_NAME_add_entry_by_txt(X509_NAME*,
char*,
int,
unsigned char*,
int,
int,
int);
1045 X509_NAME *X509_NAME_new();
1048 int X509_REQ_set_subject_name(X509_REQ*,X509_NAME*);
1051 STACK_OF(SSL_CIPHER) *SSL_get_ciphers(
const SSL* ssl);
1055 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && OPENSSL_API_COMPAT < 0x10100000L
1063 # undef X509_STORE_CTX_set_chain
1064 # undef SSLv23_client_method
1066 STACK *sk_dup(
const STACK *s) TDE_DEPRECATED;
1067 void sk_free(STACK *s) TDE_DEPRECATED;
1068 STACK *sk_new(
int (*cmp)()) TDE_DEPRECATED;
1069 int sk_num(STACK *s) TDE_DEPRECATED;
1070 char *sk_pop(STACK *s) TDE_DEPRECATED;
1071 int sk_push(STACK *s,
char *d) TDE_DEPRECATED;
1072 char *sk_value(STACK *s,
int n) TDE_DEPRECATED;
1073 void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x) TDE_DEPRECATED;
1074 SSL_METHOD *SSLv23_client_method() TDE_DEPRECATED;
1081 KOpenSSLProxyPrivate *d;
1084 KLibrary *_cryptoLib;
Dynamically load and wrap OpenSSL.