Return-Path: Delivered-To: apmail-activemq-commits-archive@www.apache.org Received: (qmail 40477 invoked from network); 16 Nov 2007 06:30:00 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 16 Nov 2007 06:30:00 -0000 Received: (qmail 34409 invoked by uid 500); 16 Nov 2007 06:29:47 -0000 Delivered-To: apmail-activemq-commits-archive@activemq.apache.org Received: (qmail 34377 invoked by uid 500); 16 Nov 2007 06:29:47 -0000 Mailing-List: contact commits-help@activemq.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@activemq.apache.org Delivered-To: mailing list commits@activemq.apache.org Received: (qmail 34368 invoked by uid 99); 16 Nov 2007 06:29:47 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 15 Nov 2007 22:29:47 -0800 X-ASF-Spam-Status: No, hits=-100.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 16 Nov 2007 06:29:45 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 4B9E51A9842; Thu, 15 Nov 2007 22:29:39 -0800 (PST) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r595573 [2/2] - in /activemq/activemq-cpp/decaf/trunk/src/main/decaf: security/ security/auth/ security/auth/x500/ security/cert/ security_provider/ security_provider/unix/ security_provider/unix/openssl/ security_provider/windows/ Date: Fri, 16 Nov 2007 06:29:30 -0000 To: commits@activemq.apache.org From: nmittler@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20071116062939.4B9E51A9842@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Added: activemq/activemq-cpp/decaf/trunk/src/main/decaf/security_provider/unix/openssl/OpenSSLX500Principal.h URL: http://svn.apache.org/viewvc/activemq/activemq-cpp/decaf/trunk/src/main/decaf/security_provider/unix/openssl/OpenSSLX500Principal.h?rev=595573&view=auto ============================================================================== --- activemq/activemq-cpp/decaf/trunk/src/main/decaf/security_provider/unix/openssl/OpenSSLX500Principal.h (added) +++ activemq/activemq-cpp/decaf/trunk/src/main/decaf/security_provider/unix/openssl/OpenSSLX500Principal.h Thu Nov 15 22:29:28 2007 @@ -0,0 +1,156 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef _DECAF_SECURITY_PROVIDER_UNIX_OPENSSL_OPENSSLX500PRINCIPAL_H_ +#define _DECAF_SECURITY_PROVIDER_UNIX_OPENSSL_OPENSSLX500PRINCIPAL_H_ + +#include + +#include + +namespace decaf { +namespace security_provider { +namespace unix { +namespace openssl { + + /** + * The OpenSSLX500Principal wraps around an OpenSSL + * X509_NAME structure. It does not, however, control the + * lifetime of the structure. + */ + class OpenSSLX500Principal : public X500Principal { + + private: + + /** + * The underlying X509 name structure. + */ + X509_NAME* x509Name; + + /** + * Indicates whether or not the name string has been + * cached. + */ + mutable bool cachedNameString; + + /** + * Cached string representation of the X509 name. + */ + mutable std::string nameString; + + /** + * Indicates whether or not the encoded buffer has been + * cached. + */ + mutable bool cachedEncoded; + + /** + * Cached encoded representation of teh X509 name. + */ + mutable std::vector encoded; + + public: + + /** + * Constructor. Saves the internal X509 name and caches the + * string representation of the name. + * + * @param name + * The underlying X509 name structure. + */ + OpenSSLX500Principal( X509_NAME* name ); + + /** + * Destructor. Does nothing. + */ + virtual ~OpenSSLX500Principal() {} + + /** + * Accessor to the underlying X509 name structure. + */ + virtual X509_NAME* getX509Name() { + return x509Name; + } + + /** + * Compares two principals to see if they are the same. + * + * @param another + * A principal to be tested for equality to this one. + * @return true if the given principal is equivalent to this one. + */ + virtual bool equals( const Principal& another ) const; + + /** + * Returns the distinguished name string using the RFC2253 formatting. + * + * @return the RFC2253 formatted distinguished name string. + */ + virtual std::string getName() const { + + // If we haven't cached the name yet - do it now. + if( !cachedNameString ) { + nameString = toString(x509Name); + cachedNameString = true; + } + + return nameString; + } + + /** + * Serializes the distinguished name to its ASN.1 DER encoded form. + * + * @param output + * Receives the distinguished name in ASN.1 DER encoded form. + */ + virtual void getEncoded( std::vector& output ) const { + + // If we haven't cached the encoded buffer yet, do it now. + if( !cachedEncoded ) { + getEncoded(x509Name, encoded); + cachedEncoded = true; + } + + // Copy the encoded buffer to the output buffer. + output = encoded; + } + + /** + * Serializes the given distinguished name to its ASN.1 DER encoded + * form. + * + * @param name + * the X509 name structure to be encoded. + * @param output + * Receives the distinguished name in ASN.1 DER encoded form. + */ + static void getEncoded( X509_NAME* name, + std::vector& output ); + + /** + * Converts the given name to a string using the RFC2253 formatting. + * @param name + * the X509 name structure to be formatted. + * @return the RFC2253 formatted name string. + */ + static std::string toString( X509_NAME* name ) const; + + }; + +}}}} + +#endif /*_DECAF_SECURITY_PROVIDER_UNIX_OPENSSL_OPENSSLX500PRINCIPAL_H_*/ Added: activemq/activemq-cpp/decaf/trunk/src/main/decaf/security_provider/unix/openssl/OpenSSLX509Certificate.h URL: http://svn.apache.org/viewvc/activemq/activemq-cpp/decaf/trunk/src/main/decaf/security_provider/unix/openssl/OpenSSLX509Certificate.h?rev=595573&view=auto ============================================================================== --- activemq/activemq-cpp/decaf/trunk/src/main/decaf/security_provider/unix/openssl/OpenSSLX509Certificate.h (added) +++ activemq/activemq-cpp/decaf/trunk/src/main/decaf/security_provider/unix/openssl/OpenSSLX509Certificate.h Thu Nov 15 22:29:28 2007 @@ -0,0 +1,162 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef _DECAF_SECURITY_PROVIDER_UNIX_OPENSSL_OPENSSLX509CERTIFICATE_H_ +#define _DECAF_SECURITY_PROVIDER_UNIX_OPENSSL_OPENSSLX509CERTIFICATE_H_ + +#include + +namespace decaf { +namespace security_provider { +namespace unix { +namespace openssl { + + class OpenSSLX509Certificate : public decaf::security::cert::X509Certificate { + public: + + virtual ~OpenSSLX509Certificate(); + + /** + * Compares the encoded form of the two certificates. + * + * @param cert + * The certificate to be tested for equality with this certificate. + * @return true if the given certificate is equal to this certificate. + */ + virtual bool equals( const Certificate& cert ) const = 0; + + /** + * Provides the encoded form of this certificate. + * + * @param output + * Receives the encoded form of this certificate. + * @throws CertificateEncodingException if an encoding error occurs + */ + virtual void getEncoded( std::vector& output ) const + throw ( CertificateEncodingException ) = 0; + + /** + * Returns the type of this certificate + * + * @return the type of this certificate + */ + virtual std::string getType() const = 0; + + /** + * Gets the public key of this certificate. + * + * @return the public key + */ + virtual PublicKey* getPublicKey() = 0; + + /** + * Gets the public key of this certificate. + * + * @return the public key + */ + virtual const PublicKey* getPublicKey() const = 0; + + /** + * Verifies that this certificate was signed with the private key + * that corresponds to the specified public key. + * + * @param publicKey + * The public key used to carry out the validation. + * @throws NoSuchAlgorithmException - on unsupported signature algorithms. + * @throws InvalidKeyException - on incorrect key. + * @throws NoSuchProviderException - if there's no default provider. + * @throws SignatureException - on signature errors. + * @throws CertificateException - on encoding errors. + */ + virtual void verify( const PublicKey& publicKey ) const + throw( NoSuchAlgorithmException, + InvalidKeyException, + NoSuchProviderException, + SignatureException, + CertificateException) = 0; + + /** + * Verifies that this certificate was signed with the private key + * that corresponds to the specified public key. Uses the verification + * engine of the specified provider. + * + * @param publicKey + * The public key used to carry out the validation. + * @param sigProvider + * The name of the signature provider + * @throws NoSuchAlgorithmException - on unsupported signature algorithms. + * @throws InvalidKeyException - on incorrect key. + * @throws NoSuchProviderException - if there's no default provider. + * @throws SignatureException - on signature errors. + * @throws CertificateException - on encoding errors. + */ + virtual void verify( const PublicKey& publicKey, + const std::string& sigProvider ) const + throw( NoSuchAlgorithmException, + InvalidKeyException, + NoSuchProviderException, + SignatureException, + CertificateException) = 0; + + /** + * Returns a string representation of this certificate. + * + * @return a string representation of this certificate + */ + virtual std::string toString() const = 0; + + virtual void checkValidity() const + throw(CertificateExpiredException, CertificateNotYetValidException) = 0; + + virtual void checkValidity(const decaf::util::Date& date) const + throw(CertificateExpiredException, CertificateNotYetValidException) = 0; + + virtual int getBasicConstraints() const = 0; + + virtual void getIssuerUniqueID( std::vector& output ) const = 0; + + virtual const X500Principal* getIssuerX500Principal() const = 0; + + virtual void getKeyUsage( std::vector& output ) const = 0; + + virtual Date getNotAfter() const = 0; + + virtual Date getNotBefore() const = 0; + + //virtual BigInteger getSerialNumber() const = 0; + + virtual std::string getSigAlgName() const = 0; + + virtual std::string getSigAlgOID() const = 0; + + virtual void getSigAlgParams( std::vector& output ) const = 0; + + virtual void getSignature( std::vector& output ) const = 0; + + virtual void getSubjectUniqueID( std::vector& output ) const = 0; + + virtual const X500Principal* getSubjectX500Principal() const = 0; + + virtual void getTBSCertificate( std::vector& output ) const + throw( CertificateEncodingException ) = 0; + + virtual int getVersion() const = 0; + }; + +}}}} + +#endif /*_DECAF_SECURITY_PROVIDER_UNIX_OPENSSL_OPENSSLX509CERTIFICATE_H_*/