diff options
| author | Ossama Othman <ossama-othman@users.noreply.github.com> | 2002-01-21 07:20:55 +0000 |
|---|---|---|
| committer | Ossama Othman <ossama-othman@users.noreply.github.com> | 2002-01-21 07:20:55 +0000 |
| commit | 2a1173013dbf91e345cae3b8a699fdb4dc4f504e (patch) | |
| tree | 8eed1b8471c40a5d7a751152d3ed44ace2a5eaac | |
| parent | 8b73da9b092faa8b4fb01c4f64989da12e8c7ab7 (diff) | |
| download | ATCD-2a1173013dbf91e345cae3b8a699fdb4dc4f504e.tar.gz | |
SSLIOP_Vault.cpp
| -rw-r--r-- | TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.cpp | 74 | ||||
| -rw-r--r-- | TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.h | 55 | ||||
| -rw-r--r-- | TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.inl | 16 | ||||
| -rw-r--r-- | TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_ReceivedCredentials.cpp | 51 | ||||
| -rw-r--r-- | TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_ReceivedCredentials.h | 10 | ||||
| -rw-r--r-- | TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_TargetCredentials.cpp | 51 | ||||
| -rw-r--r-- | TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_TargetCredentials.h | 10 | ||||
| -rw-r--r-- | TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Vault.h | 37 | ||||
| -rw-r--r-- | TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_X509.h | 2 |
9 files changed, 298 insertions, 8 deletions
diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.cpp b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.cpp index 60f92c56849..bb32237eae6 100644 --- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.cpp +++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.cpp @@ -6,15 +6,12 @@ ACE_RCSID (TAO_SSLIOP, SSLIOP_Credentials, "$Id$") -#include <openssl/asn1.h> -#include <openssl/x509.h> - -#include "SSLIOP_X509.h" #if !defined (__ACE_INLINE__) # include "SSLIOP_Credentials.inl" #endif /* __ACE_INLINE__ */ + // SSLIOP does not support delegation, nor does it support detection // of replayed or misordered GIOP messages. const Security::AssociationOptions TAO_SSLIOP_DISALLOWED_ASSOCIATIONS = @@ -38,6 +35,40 @@ TAO_SSLIOP_Credentials::TAO_SSLIOP_Credentials (X509 *cert) { } +#ifndef NO_RSA +TAO_SSLIOP_Credentials::TAO_SSLIOP_Credentials (X509 *cert, RSA *rsa) + : accepting_options_supported_ (Security::Integrity + | Security::Confidentiality + | Security::EstablishTrustInTarget + | Security::NoDelegation), + accepting_options_required_ (Security::Integrity + | Security::Confidentiality + | Security::NoDelegation), + invocation_options_supported_ (accepting_options_supported_), + invocation_options_required_ (Security::NoDelegation), + x509_ (TAO_SSLIOP_X509::_duplicate (cert)), + rsa_ (TAO_SSLIOP_RSA::_duplicate (rsa)) +{ +} +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// TAO_SSLIOP_Credentials::TAO_SSLIOP_Credentials (X509 *cert, DSA *dsa) +// : accepting_options_supported_ (Security::Integrity +// | Security::Confidentiality +// | Security::EstablishTrustInTarget +// | Security::NoDelegation), +// accepting_options_required_ (Security::Integrity +// | Security::Confidentiality +// | Security::NoDelegation), +// invocation_options_supported_ (accepting_options_supported_), +// invocation_options_required_ (Security::NoDelegation), +// x509_ (TAO_SSLIOP_X509::_duplicate (cert)), +// dsa_ (TAO_SSLIOP_DSA::_duplicate (dsa)) +// { +// } +// #endif /* !NO_DSA */ + TAO_SSLIOP_Credentials::~TAO_SSLIOP_Credentials (void) { } @@ -47,6 +78,41 @@ TAO_SSLIOP_Credentials::copy (TAO_ENV_SINGLE_ARG_DECL) ACE_THROW_SPEC ((CORBA::SystemException)) { TAO_SSLIOP_Credentials *c = 0; + +#ifndef NO_RSA + if (this->rsa_.in () != 0) + { + ACE_NEW_THROW_EX (c, + TAO_SSLIOP_Credentials (this->x509_.in (), + this->rsa_.in ()), + CORBA::NO_MEMORY ( + CORBA::SystemException::_tao_minor_code ( + TAO_DEFAULT_MINOR_CODE, + ENOMEM), + CORBA::COMPLETED_NO)); + ACE_CHECK_RETURN (SecurityLevel2::Credentials::_nil ()); + + return c; + } +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// if (this->dsa_.in () != 0) +// { +// ACE_NEW_THROW_EX (c, +// TAO_SSLIOP_Credentials (this->x509_.in (), +// this->dsa_.in ()), +// CORBA::NO_MEMORY ( +// CORBA::SystemException::_tao_minor_code ( +// TAO_DEFAULT_MINOR_CODE, +// ENOMEM), +// CORBA::COMPLETED_NO)); +// ACE_CHECK_RETURN (SecurityLevel2::Credentials::_nil ()); + +// return c; +// } +// #endif /* !NO_DSA */ + ACE_NEW_THROW_EX (c, TAO_SSLIOP_Credentials (this->x509_.in ()), CORBA::NO_MEMORY ( diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.h b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.h index 410b433a8de..700ae0121b9 100644 --- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.h +++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.h @@ -23,11 +23,16 @@ #include "SSLIOP_X509.h" +#ifndef NO_RSA +# include "SSLIOP_RSA.h" +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// # include "SSLIOP_DSA.h" +// #endif /* !NO_DSA */ + #include "orbsvcs/SecurityLevel2C.h" -/// Forward declarations. -struct x509_st; -typedef x509_st X509; class TAO_SSLIOP_Credentials; typedef TAO_SSLIOP_Credentials* TAO_SSLIOP_Credentials_ptr; @@ -108,6 +113,16 @@ public: /// Constructor TAO_SSLIOP_Credentials (X509 *cert); +#ifndef NO_RSA + /// Constructor + TAO_SSLIOP_Credentials (X509 *cert, RSA *rsa); +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// /// Constructor +// TAO_SSLIOP_Credentials (X509 *cert, DSA *dsa); +// #endif /* !NO_DSA */ + /// Return a duplicate (specifically a deep copy) of this credential /// object. virtual SecurityLevel2::Credentials_ptr copy ( @@ -219,6 +234,32 @@ public: X509 *x509 (void); //@} +#ifndef NO_RSA + //@{ + /// Return a pointer to the underlying RSA key. + /** + * @return Non-zero value if RSA key is used. + * + * @note Caller owns the returned object. Use a + * TAO_SSLIOP_RSA_var. + */ + RSA *rsa (void); + //@} +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// //@{ +// /// Return a pointer to the underlying DSA key. +// /** +// * @return Non-zero value if DSA key is used. +// * +// * @note Caller owns the returned object. Use a +// * TAO_SSLIOP_DSA_var. +// */ +// DSA *dsa (void); +// //@} +// #endif /* !NO_DSA */ + //@{ #if !defined(__GNUC__) || !defined (ACE_HAS_GNUG_PRE_2_8) typedef TAO_SSLIOP_Credentials_ptr _ptr_type; @@ -292,6 +333,14 @@ protected: /// Credentials object. TAO_SSLIOP_X509_var x509_; +#ifndef NO_RSA + TAO_SSLIOP_RSA_var rsa_; +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// TAO_SSLIOP_DSA_var dsa_; +// #endif /* !NO_DSA */ + }; #if defined (__ACE_INLINE__) diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.inl b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.inl index d7fb50a3d69..f7038558e1d 100644 --- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.inl +++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Credentials.inl @@ -7,3 +7,19 @@ TAO_SSLIOP_Credentials::x509 (void) { return TAO_SSLIOP_X509::_duplicate (this->x509_.in ()); } + +#ifndef NO_RSA +ACE_INLINE RSA * +TAO_SSLIOP_Credentials::rsa (void) +{ + return TAO_SSLIOP_RSA::_duplicate (this->rsa_.in ()); +} +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// ACE_INLINE DSA * +// TAO_SSLIOP_Credentials::dsa (void) +// { +// return TAO_SSLIOP_DSA::_duplicate (this->dsa_.in ()); +// } +// #endif /* !NO_DSA */ diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_ReceivedCredentials.cpp b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_ReceivedCredentials.cpp index 2cae4235a6f..1599de43084 100644 --- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_ReceivedCredentials.cpp +++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_ReceivedCredentials.cpp @@ -11,11 +11,62 @@ TAO_SSLIOP_ReceivedCredentials::TAO_SSLIOP_ReceivedCredentials (X509 *cert) { } +#ifndef NO_RSA +TAO_SSLIOP_ReceivedCredentials::TAO_SSLIOP_ReceivedCredentials (X509 *cert, + RSA *rsa) + : TAO_SSLIOP_Credentials (cert, rsa) +{ +} +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// TAO_SSLIOP_ReceivedCredentials::TAO_SSLIOP_ReceivedCredentials (X509 *cert, +// DSA *dsa) +// : TAO_SSLIOP_Credentials (cert, dsa) +// { +// } +// #endif /* !NO_DSA */ + SecurityLevel2::Credentials_ptr TAO_SSLIOP_ReceivedCredentials::copy (TAO_ENV_SINGLE_ARG_DECL) ACE_THROW_SPEC ((CORBA::SystemException)) { TAO_SSLIOP_ReceivedCredentials *c = 0; + +#ifndef NO_RSA + if (this->rsa_.in () != 0) + { + ACE_NEW_THROW_EX (c, + TAO_SSLIOP_ReceivedCredentials (this->x509_.in (), + this->rsa_.in ()), + CORBA::NO_MEMORY ( + CORBA::SystemException::_tao_minor_code ( + TAO_DEFAULT_MINOR_CODE, + ENOMEM), + CORBA::COMPLETED_NO)); + ACE_CHECK_RETURN (SecurityLevel2::Credentials::_nil ()); + + return c; + } +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// if (this->dsa_.in () != 0) +// { +// ACE_NEW_THROW_EX (c, +// TAO_SSLIOP_ReceivedCredentials (this->x509_.in (), +// this->dsa_.in ()), +// CORBA::NO_MEMORY ( +// CORBA::SystemException::_tao_minor_code ( +// TAO_DEFAULT_MINOR_CODE, +// ENOMEM), +// CORBA::COMPLETED_NO)); +// ACE_CHECK_RETURN (SecurityLevel2::Credentials::_nil ()); + +// return c; +// } +// #endif /* !NO_DSA */ + ACE_NEW_THROW_EX (c, TAO_SSLIOP_ReceivedCredentials (this->x509_.in ()), CORBA::NO_MEMORY ( diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_ReceivedCredentials.h b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_ReceivedCredentials.h index 477af9696b4..af390a69f86 100644 --- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_ReceivedCredentials.h +++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_ReceivedCredentials.h @@ -44,6 +44,16 @@ public: /// Constructor. TAO_SSLIOP_ReceivedCredentials (X509 *cert); +#ifndef NO_RSA + /// Constructor + TAO_SSLIOP_ReceivedCredentials (X509 *cert, RSA *rsa); +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// /// Constructor +// TAO_SSLIOP_ReceivedCredentials (X509 *cert, DSA *dsa); +// #endif /* !NO_DSA */ + /** * @name SecurityLevel2::Credentials Methods * diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_TargetCredentials.cpp b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_TargetCredentials.cpp index 678fb14f351..a156a9fe6a3 100644 --- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_TargetCredentials.cpp +++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_TargetCredentials.cpp @@ -13,11 +13,62 @@ TAO_SSLIOP_TargetCredentials::TAO_SSLIOP_TargetCredentials (X509 *cert) { } +#ifndef NO_RSA +TAO_SSLIOP_TargetCredentials::TAO_SSLIOP_TargetCredentials (X509 *cert, + RSA *rsa) + : TAO_SSLIOP_Credentials (cert, rsa) +{ +} +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// TAO_SSLIOP_TargetCredentials::TAO_SSLIOP_TargetCredentials (X509 *cert, +// DSA *dsa) +// : TAO_SSLIOP_Credentials (cert, dsa) +// { +// } +// #endif /* !NO_DSA */ + SecurityLevel2::Credentials_ptr TAO_SSLIOP_TargetCredentials::copy (TAO_ENV_SINGLE_ARG_DECL) ACE_THROW_SPEC ((CORBA::SystemException)) { TAO_SSLIOP_TargetCredentials *c = 0; + +#ifndef NO_RSA + if (this->rsa_.in () != 0) + { + ACE_NEW_THROW_EX (c, + TAO_SSLIOP_TargetCredentials (this->x509_.in (), + this->rsa_.in ()), + CORBA::NO_MEMORY ( + CORBA::SystemException::_tao_minor_code ( + TAO_DEFAULT_MINOR_CODE, + ENOMEM), + CORBA::COMPLETED_NO)); + ACE_CHECK_RETURN (SecurityLevel2::Credentials::_nil ()); + + return c; + } +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// if (this->dsa_.in () != 0) +// { +// ACE_NEW_THROW_EX (c, +// TAO_SSLIOP_TargetCredentials (this->x509_.in (), +// this->dsa_.in ()), +// CORBA::NO_MEMORY ( +// CORBA::SystemException::_tao_minor_code ( +// TAO_DEFAULT_MINOR_CODE, +// ENOMEM), +// CORBA::COMPLETED_NO)); +// ACE_CHECK_RETURN (SecurityLevel2::Credentials::_nil ()); + +// return c; +// } +// #endif /* !NO_DSA */ + ACE_NEW_THROW_EX (c, TAO_SSLIOP_TargetCredentials (this->x509_.in ()), CORBA::NO_MEMORY ( diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_TargetCredentials.h b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_TargetCredentials.h index d63ed9eea02..227a8744553 100644 --- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_TargetCredentials.h +++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_TargetCredentials.h @@ -43,6 +43,16 @@ public: /// Constructor TAO_SSLIOP_TargetCredentials (X509 *cert); +#ifndef NO_RSA + /// Constructor + TAO_SSLIOP_TargetCredentials (X509 *cert, RSA *rsa); +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// /// Constructor +// TAO_SSLIOP_TargetCredentials (X509 *cert, DSA *dsa); +// #endif /* !NO_DSA */ + /** * @name SecurityLevel2::Credentials Methods * diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Vault.h b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Vault.h index bfeddaac73c..7cdb540f9b4 100644 --- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Vault.h +++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Vault.h @@ -22,6 +22,25 @@ # pragma once #endif /* ACE_LACKS_PRAGMA_ONCE */ +#include "orbsvcs/SSLIOPC.h" + +#include <openssl/opensslconf.h> + + +/// Forward declarations for OpenSSL data structures. +extern "C" +{ + typedef struct x509_st X509; + +#ifndef NO_RSA + typedef struct rsa_st RSA; +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// typedef struct dsa_st DSA; +// #endif /* !NO_DSA */ +} + /** * @class TAO_SSLIOP_Vault @@ -123,6 +142,24 @@ public: TAO_ENV_SINGLE_ARG_DECL_WITH_DEFAULTS) ACE_THROW_SPEC ((CORBA::SystemException)); +protected: + + /// Create an OpenSSL X509 structure using the provided + /// authentication data. + X509 * make_X509 (const SSLIOP::File &certificate); + +#ifndef NO_RSA + /// Create an OpenSSL RSA structure using the provided + /// authentication data. + RSA * make_RSA (const SSLIOP::File &key); +#endif /* !NO_RSA */ + +// #ifndef NO_DSA +// /// Create an OpenSSL DSA structure using the provided +// /// authentication data. +// DSA * make_DSA (const SSLIOP::File &key); +// #endif /* !NO_DSA */ + }; #include "ace/post.h" diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_X509.h b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_X509.h index 202a414d8c7..a4cc23ef3cf 100644 --- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_X509.h +++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_X509.h @@ -15,7 +15,7 @@ #include "ace/pre.h" -#include "tao/corbafwd.h" +#include "ace/config-all.h" #if !defined (ACE_LACKS_PRAGMA_ONCE) #pragma once |