#include <Security.hxx>
Inheritance diagram for resip::BaseSecurity:
Collaboration diagram for resip::BaseSecurity:
Classes | |
| struct | CertificateInfo |
| class | CipherList |
| class | Exception |
| struct | PeerName |
Public Types | |
| enum | NameType { SubjectAltName, CommonName } |
| enum | PEMType { RootCert = 1, DomainCert, DomainPrivateKey, UserCert, UserPrivateKey } |
| typedef std::vector < CertificateInfo > | CertificateInfoContainer |
| typedef std::map< Data, X509 * > | X509Map |
| typedef std::list< X509 * > | X509List |
| typedef std::map< Data, EVP_PKEY * > | PrivateKeyMap |
| typedef std::map< Data, Data > | PassPhraseMap |
Public Member Functions | |
| BaseSecurity (const CipherList &cipherSuite=ExportableSuite) | |
| virtual | ~BaseSecurity () |
| virtual void | preload ()=0 |
| virtual void | onReadPEM (const Data &name, PEMType type, Data &buffer) const =0 |
| virtual void | onWritePEM (const Data &name, PEMType type, const Data &buffer) const =0 |
| virtual void | onRemovePEM (const Data &name, PEMType type) const =0 |
| CertificateInfoContainer | getRootCertDescriptions () const |
| void | addRootCertPEM (const Data &x509PEMEncodedRootCerts) |
| void | addDomainCertPEM (const Data &domainName, const Data &certPEM) |
| void | addDomainCertDER (const Data &domainName, const Data &certDER) |
| bool | hasDomainCert (const Data &domainName) const |
| void | removeDomainCert (const Data &domainName) |
| Data | getDomainCertDER (const Data &domainName) const |
| void | addDomainPrivateKeyPEM (const Data &domainName, const Data &privateKeyPEM) |
| bool | hasDomainPrivateKey (const Data &domainName) const |
| void | removeDomainPrivateKey (const Data &domainName) |
| Data | getDomainPrivateKeyPEM (const Data &domainName) const |
| void | addUserCertPEM (const Data &aor, const Data &certPEM) |
| void | addUserCertDER (const Data &aor, const Data &certDER) |
| bool | hasUserCert (const Data &aor) const |
| void | removeUserCert (const Data &aor) |
| Data | getUserCertDER (const Data &aor) const |
| void | setUserPassPhrase (const Data &aor, const Data &passPhrase) |
| bool | hasUserPassPhrase (const Data &aor) const |
| void | removeUserPassPhrase (const Data &aor) |
| Data | getUserPassPhrase (const Data &aor) const |
| void | addUserPrivateKeyPEM (const Data &aor, const Data &certPEM) |
| void | addUserPrivateKeyDER (const Data &aor, const Data &certDER) |
| bool | hasUserPrivateKey (const Data &aor) const |
| void | removeUserPrivateKey (const Data &aor) |
| Data | getUserPrivateKeyPEM (const Data &aor) const |
| Data | getUserPrivateKeyDER (const Data &aor) const |
| void | generateUserCert (const Data &aor, int expireDays=365, int keyLen=1024) |
| MultipartSignedContents * | sign (const Data &senderAor, Contents *) |
| Pkcs7Contents * | encrypt (Contents *, const Data &recipCertName) |
| MultipartSignedContents * | signAndEncrypt (const Data &senderAor, Contents *, const Data &recipCertName) |
| Data | computeIdentity (const Data &signerDomain, const Data &in) const |
| bool | checkIdentity (const Data &signerDomain, const Data &in, const Data &sig, X509 *cert=NULL) const |
| void | checkAndSetIdentity (SipMessage &msg, const Data &derCert=Data::Empty) const |
| Contents * | decrypt (const Data &decryptorAor, const Pkcs7Contents *) |
| Contents * | checkSignature (MultipartSignedContents *, Data *signedBy, SignatureStatus *sigStat) |
| SSL_CTX * | getTlsCtx () |
| SSL_CTX * | getSslCtx () |
| X509 * | getDomainCert (const Data &domain) |
| EVP_PKEY * | getDomainKey (const Data &domain) |
| X509 * | getUserCert (const Data &aor) |
| EVP_PKEY * | getUserPrivateKey (const Data &aor) |
Static Public Member Functions | |
| static void | initialize () |
| static Data | getCertName (X509 *cert) |
| static void | getCertNames (X509 *cert, std::list< PeerName > &peerNames, bool useEmailAsSIP=false) |
| static bool | isSelfSigned (const X509 *cert) |
| static int | matchHostName (const Data &certificateName, const Data &domainName) |
| static void | setAllowWildcardCertificates (bool bEnable) |
| static bool | allowWildcardCertificates () |
Static Public Attributes | |
| static CipherList | ExportableSuite |
| static CipherList | StrongestSuite |
Protected Member Functions | |
| void | addCertPEM (PEMType type, const Data &name, const Data &certPEM, bool write) |
| void | addCertDER (PEMType type, const Data &name, const Data &certDER, bool write) |
| bool | hasCert (PEMType type, const Data &name) const |
| void | removeCert (PEMType type, const Data &name) |
| Data | getCertDER (PEMType type, const Data &name) const |
| void | addCertX509 (PEMType type, const Data &name, X509 *cert, bool write) |
| void | addPrivateKeyPEM (PEMType type, const Data &name, const Data &privateKeyPEM, bool write) |
| void | addPrivateKeyDER (PEMType type, const Data &name, const Data &privateKeyDER, bool write) |
| bool | hasPrivateKey (PEMType type, const Data &name) const |
| void | removePrivateKey (PEMType type, const Data &name) |
| Data | getPrivateKeyPEM (PEMType type, const Data &name) const |
| Data | getPrivateKeyDER (PEMType type, const Data &name) const |
| void | addPrivateKeyPKEY (PEMType type, const Data &name, EVP_PKEY *pKey, bool write) |
Static Protected Member Functions | |
| static void | dumpAsn (char *, Data) |
| static int | matchHostNameWithWildcards (const Data &certificateName, const Data &domainName) |
Protected Attributes | |
| SSL_CTX * | mTlsCtx |
| SSL_CTX * | mSslCtx |
| CipherList | mCipherList |
| X509List | mRootCerts |
| X509_STORE * | mRootTlsCerts |
| X509_STORE * | mRootSslCerts |
| X509Map | mDomainCerts |
| PrivateKeyMap | mDomainPrivateKeys |
| X509Map | mUserCerts |
| PassPhraseMap | mUserPassPhrases |
| PrivateKeyMap | mUserPrivateKeys |
Static Protected Attributes | |
| static bool | mAllowWildcardCertificates |
Detailed Description
Definition at line 44 of file Security.hxx.
Member Typedef Documentation
| typedef std::vector<CertificateInfo> resip::BaseSecurity::CertificateInfoContainer |
Definition at line 113 of file Security.hxx.
| typedef std::map<Data,Data> resip::BaseSecurity::PassPhraseMap |
Definition at line 197 of file Security.hxx.
| typedef std::map<Data,EVP_PKEY*> resip::BaseSecurity::PrivateKeyMap |
Definition at line 196 of file Security.hxx.
| typedef std::list<X509*> resip::BaseSecurity::X509List |
Definition at line 195 of file Security.hxx.
| typedef std::map<Data,X509*> resip::BaseSecurity::X509Map |
Definition at line 194 of file Security.hxx.
Member Enumeration Documentation
Definition at line 66 of file Security.hxx.
Definition at line 88 of file Security.hxx.
{
RootCert=1,
DomainCert,
DomainPrivateKey,
UserCert,
UserPrivateKey
} PEMType;
Constructor & Destructor Documentation
| resip::BaseSecurity::BaseSecurity | ( | const CipherList & | cipherSuite = ExportableSuite | ) |
| virtual resip::BaseSecurity::~BaseSecurity | ( | ) | [virtual] |
Member Function Documentation
| void resip::BaseSecurity::addCertDER | ( | PEMType | type, |
| const Data & | name, | ||
| const Data & | certDER, | ||
| bool | write | ||
| ) | [protected] |
| void resip::BaseSecurity::addCertPEM | ( | PEMType | type, |
| const Data & | name, | ||
| const Data & | certPEM, | ||
| bool | write | ||
| ) | [protected] |
| void resip::BaseSecurity::addCertX509 | ( | PEMType | type, |
| const Data & | name, | ||
| X509 * | cert, | ||
| bool | write | ||
| ) | [protected] |
Referenced by resip::TlsConnection::computePeerName().
| void resip::BaseSecurity::addDomainPrivateKeyPEM | ( | const Data & | domainName, |
| const Data & | privateKeyPEM | ||
| ) |
| void resip::BaseSecurity::addPrivateKeyDER | ( | PEMType | type, |
| const Data & | name, | ||
| const Data & | privateKeyDER, | ||
| bool | write | ||
| ) | [protected] |
| void resip::BaseSecurity::addPrivateKeyPEM | ( | PEMType | type, |
| const Data & | name, | ||
| const Data & | privateKeyPEM, | ||
| bool | write | ||
| ) | [protected] |
| void resip::BaseSecurity::addPrivateKeyPKEY | ( | PEMType | type, |
| const Data & | name, | ||
| EVP_PKEY * | pKey, | ||
| bool | write | ||
| ) | [protected] |
| void resip::BaseSecurity::addRootCertPEM | ( | const Data & | x509PEMEncodedRootCerts | ) |
| static bool resip::BaseSecurity::allowWildcardCertificates | ( | ) | [inline, static] |
Definition at line 182 of file Security.hxx.
References mAllowWildcardCertificates.
{ return mAllowWildcardCertificates; }
| void resip::BaseSecurity::checkAndSetIdentity | ( | SipMessage & | msg, |
| const Data & | derCert = Data::Empty |
||
| ) | const |
| bool resip::BaseSecurity::checkIdentity | ( | const Data & | signerDomain, |
| const Data & | in, | ||
| const Data & | sig, | ||
| X509 * | cert = NULL |
||
| ) | const |
| Contents* resip::BaseSecurity::checkSignature | ( | MultipartSignedContents * | , |
| Data * | signedBy, | ||
| SignatureStatus * | sigStat | ||
| ) |
Referenced by extractFromPkcs7Recurse(), main(), resip::TuIM::processMessageRequest(), and resip::TuIM::processSipFrag().
Referenced by main(), and resip::TransportSelector::transmit().
| Contents* resip::BaseSecurity::decrypt | ( | const Data & | decryptorAor, |
| const Pkcs7Contents * | |||
| ) |
Referenced by extractFromPkcs7Recurse(), main(), and resip::TuIM::processMessageRequest().
| static void resip::BaseSecurity::dumpAsn | ( | char * | , |
| Data | |||
| ) | [static, protected] |
| Pkcs7Contents* resip::BaseSecurity::encrypt | ( | Contents * | , |
| const Data & | recipCertName | ||
| ) |
Referenced by main(), and resip::TuIM::sendPage().
| void resip::BaseSecurity::generateUserCert | ( | const Data & | aor, |
| int | expireDays = 365, |
||
| int | keyLen = 1024 |
||
| ) |
Referenced by myMain().
| static Data resip::BaseSecurity::getCertName | ( | X509 * | cert | ) | [static] |
| static void resip::BaseSecurity::getCertNames | ( | X509 * | cert, |
| std::list< PeerName > & | peerNames, | ||
| bool | useEmailAsSIP = false |
||
| ) | [static] |
Referenced by resip::TlsConnection::computePeerName().
| X509* resip::BaseSecurity::getDomainCert | ( | const Data & | domain | ) |
| EVP_PKEY* resip::BaseSecurity::getDomainKey | ( | const Data & | domain | ) |
| CertificateInfoContainer resip::BaseSecurity::getRootCertDescriptions | ( | ) | const |
| SSL_CTX* resip::BaseSecurity::getSslCtx | ( | ) |
| SSL_CTX* resip::BaseSecurity::getTlsCtx | ( | ) |
| X509* resip::BaseSecurity::getUserCert | ( | const Data & | aor | ) |
| EVP_PKEY* resip::BaseSecurity::getUserPrivateKey | ( | const Data & | aor | ) |
| bool resip::BaseSecurity::hasDomainCert | ( | const Data & | domainName | ) | const |
Referenced by resip::TlsConnection::computePeerName().
| bool resip::BaseSecurity::hasDomainPrivateKey | ( | const Data & | domainName | ) | const |
| bool resip::BaseSecurity::hasUserCert | ( | const Data & | aor | ) | const |
Referenced by resip::TuIM::haveCerts().
| bool resip::BaseSecurity::hasUserPassPhrase | ( | const Data & | aor | ) | const |
| bool resip::BaseSecurity::hasUserPrivateKey | ( | const Data & | aor | ) | const |
Referenced by resip::TuIM::haveCerts().
| static void resip::BaseSecurity::initialize | ( | ) | [static] |
| static bool resip::BaseSecurity::isSelfSigned | ( | const X509 * | cert | ) | [static] |
| static int resip::BaseSecurity::matchHostName | ( | const Data & | certificateName, |
| const Data & | domainName | ||
| ) | [static] |
Referenced by resip::TlsConnection::checkState().
| static int resip::BaseSecurity::matchHostNameWithWildcards | ( | const Data & | certificateName, |
| const Data & | domainName | ||
| ) | [static, protected] |
| virtual void resip::BaseSecurity::onReadPEM | ( | const Data & | name, |
| PEMType | type, | ||
| Data & | buffer | ||
| ) | const [pure virtual] |
Implemented in resip::Security, resip::WinSecurity, and resip::MacSecurity.
| virtual void resip::BaseSecurity::onRemovePEM | ( | const Data & | name, |
| PEMType | type | ||
| ) | const [pure virtual] |
Implemented in resip::Security, resip::WinSecurity, and resip::MacSecurity.
| virtual void resip::BaseSecurity::onWritePEM | ( | const Data & | name, |
| PEMType | type, | ||
| const Data & | buffer | ||
| ) | const [pure virtual] |
Implemented in resip::Security, resip::WinSecurity, and resip::MacSecurity.
| virtual void resip::BaseSecurity::preload | ( | ) | [pure virtual] |
Implemented in resip::Security, resip::WinSecurity, and resip::MacSecurity.
| void resip::BaseSecurity::removeDomainCert | ( | const Data & | domainName | ) |
| void resip::BaseSecurity::removeDomainPrivateKey | ( | const Data & | domainName | ) |
| void resip::BaseSecurity::removeUserCert | ( | const Data & | aor | ) |
| void resip::BaseSecurity::removeUserPassPhrase | ( | const Data & | aor | ) |
| void resip::BaseSecurity::removeUserPrivateKey | ( | const Data & | aor | ) |
| static void resip::BaseSecurity::setAllowWildcardCertificates | ( | bool | bEnable | ) | [inline, static] |
Definition at line 181 of file Security.hxx.
References mAllowWildcardCertificates.
{ mAllowWildcardCertificates = bEnable; }
| MultipartSignedContents* resip::BaseSecurity::sign | ( | const Data & | senderAor, |
| Contents * | |||
| ) |
Referenced by main(), and resip::TuIM::sendPage().
| MultipartSignedContents* resip::BaseSecurity::signAndEncrypt | ( | const Data & | senderAor, |
| Contents * | , | ||
| const Data & | recipCertName | ||
| ) |
Referenced by main().
Member Data Documentation
Definition at line 79 of file Security.hxx.
bool resip::BaseSecurity::mAllowWildcardCertificates [static, protected] |
Definition at line 235 of file Security.hxx.
Referenced by allowWildcardCertificates(), and setAllowWildcardCertificates().
CipherList resip::BaseSecurity::mCipherList [protected] |
Definition at line 204 of file Security.hxx.
X509Map resip::BaseSecurity::mDomainCerts [protected] |
Definition at line 211 of file Security.hxx.
PrivateKeyMap resip::BaseSecurity::mDomainPrivateKeys [protected] |
Definition at line 212 of file Security.hxx.
X509List resip::BaseSecurity::mRootCerts [protected] |
Definition at line 207 of file Security.hxx.
X509_STORE* resip::BaseSecurity::mRootSslCerts [protected] |
Definition at line 209 of file Security.hxx.
X509_STORE* resip::BaseSecurity::mRootTlsCerts [protected] |
Definition at line 208 of file Security.hxx.
SSL_CTX* resip::BaseSecurity::mSslCtx [protected] |
Definition at line 201 of file Security.hxx.
SSL_CTX* resip::BaseSecurity::mTlsCtx [protected] |
Definition at line 200 of file Security.hxx.
X509Map resip::BaseSecurity::mUserCerts [protected] |
Definition at line 214 of file Security.hxx.
PassPhraseMap resip::BaseSecurity::mUserPassPhrases [protected] |
Definition at line 215 of file Security.hxx.
PrivateKeyMap resip::BaseSecurity::mUserPrivateKeys [protected] |
Definition at line 216 of file Security.hxx.
Definition at line 80 of file Security.hxx.
The documentation for this class was generated from the following file:
