00001
00002 #ifndef __JBXL_SSL_TOOL_H_
00003 #define __JBXL_SSL_TOOL_H_
00004
00005
00006 #include "xtools.h"
00007 #include "asn1_tool.h"
00008
00009
00010
00011
00012 #ifndef HAVE_OPENSSL_SSL_H
00013 #ifndef DISABLE_SSL
00014 #define DISABLE_SSL
00015 #endif
00016 #endif
00017
00018 #ifdef DISABLE_SSL
00019 #undef ENABLE_SSL
00020 #endif
00021
00022
00023 #ifdef ENABLE_SSL
00024
00025
00040 #define OPENSSL_NO_KRB5
00041
00042 #include <openssl/crypto.h>
00043 #include <openssl/x509.h>
00044 #include <openssl/pem.h>
00045 #include <openssl/err.h>
00046
00047 #include <openssl/ssl.h>
00048 #include <openssl/evp.h>
00049 #include <openssl/rand.h>
00050
00051
00052 #ifdef WIN32
00053 #pragma comment(lib, "openssl.lib")
00054 #endif
00055
00056
00057
00058 #define SSL_DH 1
00059 #define SSL_RSA 2
00060
00061
00062
00063 #define SSL_ENC_BLCKSZ 128 // ブロック暗号化のブロックサイズ
00064
00065
00066 #define SSL_AES128CBC 1
00067 #define SSL_3DES3CBC 10
00068
00069
00070 #define SSL_IV_SIZE 16
00071
00072
00073
00074 int gen_CRYPT_SharedKey(int keyex, Buffer spki, Buffer* shdkey, void* ptr);
00075
00076
00077
00078 int udp_send_crypt_Buffer_sockaddr_in(int sock, Buffer* data, struct sockaddr_in* sv, Buffer* key, EVP_CIPHER* cipher);
00079 int udp_recv_crypt_Buffer_sockaddr_in(int sock, Buffer* data, struct sockaddr_in* sv, Buffer* key, EVP_CIPHER* cipher);
00080
00081 int udp_send_crypt_Buffer(int sock, Buffer* data, struct addrinfo* sv, Buffer* key, EVP_CIPHER* cipher);
00082 int udp_recv_crypt_Buffer(int sock, Buffer* data, struct addrinfo* sv, Buffer* key, EVP_CIPHER* cipher);
00083 int tcp_send_crypt_Buffer(int sock, Buffer* data, Buffer* key, EVP_CIPHER* cipher);
00084 int tcp_recv_crypt_Buffer(int sock, Buffer* data, Buffer* key, EVP_CIPHER* cipher);
00085
00086 Buffer get_plain_Buffer(Buffer data, Buffer* key, EVP_CIPHER* cipher);
00087 Buffer get_crypt_Buffer(Buffer data, Buffer* key, EVP_CIPHER* cipher);
00088
00089
00090
00091
00092 int tcp_send_crypt_mesg (int sock, char* mesg, Buffer* key, EVP_CIPHER* cipher);
00093 int tcp_send_crypt_sBuffer(int sock, Buffer* mesg, Buffer* key, EVP_CIPHER* cipher);
00094
00095
00096
00097 Buffer get_plain_message(char* mesg, Buffer* key, EVP_CIPHER* cipher);
00098 Buffer get_plain_sBuffer(Buffer mesg, Buffer* key, EVP_CIPHER* cipher);
00099 Buffer get_crypt_message(char* mesg, Buffer* key, EVP_CIPHER* cipher);
00100 Buffer get_crypt_sBuffer(Buffer mesg, Buffer* key, EVP_CIPHER* cipher);
00101 #define get_plain_sBuffer_str(m, k, c) get_plain_message((m), (k), (c));
00102 #define get_crypt_sBuffer_str(m, k, c) get_crypt_message((m), (k), (c));
00103
00104
00105
00106 int check_server_spki(Buffer ip, Buffer spki, char* fn);
00107 int save_spki_with_ipaddr(Buffer ipa, Buffer pki, FILE* fp);
00108 Buffer read_spki_with_ipaddr(Buffer ipa, FILE* fp);
00109
00110
00111
00112 EVP_CIPHER* init_EVPAPI_Buffer(int type);
00113 Buffer decode_EVPAPI_Buffer(Buffer buf, Buffer shkey, EVP_CIPHER* cipher);
00114 Buffer encode_EVPAPI_Buffer(Buffer buf, Buffer shkey, EVP_CIPHER* cipher);
00115 void free_EVP_CIPHER(EVP_CIPHER** p_cipher);
00116
00117
00118
00119 SSL_CTX* ssl_client_setup(char* ca);
00120 SSL* ssl_client_socket(int sock, SSL_CTX* ssl_ctx, int mode);
00121 #define ssl_client_connect(s, c, m) ssl_client_socket((s), (c), (m))
00122
00123 SSL_CTX* ssl_server_setup(char* crt_fn, char* key_fn, char* chn_fn);
00124 SSL* ssl_server_socket(int sock, SSL_CTX* ssl_ctx);
00125
00126 int ssl_read_fullchain_cert_file(SSL_CTX* ssl_ctx, char* file);
00127 int ssl_add_chain_file(SSL_CTX* ssl_ctx, char* file);
00128
00129 void ssl_init(void);
00130 void ssl_close(SSL* ssl);
00131 tList* ssl_get_cert_info(SSL* ssl);
00132
00133 int ssl_recv(SSL* ssl, char* rmsg, int size);
00134 int ssl_send(SSL* ssl, char* smsg, int size);
00135 int ssl_recv_wait(int sock, SSL* ssl, char* mesg, int sz, int tm);
00136 int ssl_send_mesgln(SSL* ssl, char* mesg);
00137 int ssl_recv_mstream(int sock, SSL* ssl, char* mesg, int sz, mstream* sb, int tm);
00138
00139 int ssl_tcp_recv(int sock, SSL* ssl, char* rmsg, int size);
00140 int ssl_tcp_send(int sock, SSL* ssl, char* smsg, int size);
00141 int ssl_tcp_recv_wait(int sock, SSL* ssl, char* mesg, int sz, int tm);
00142 int ssl_tcp_send_mesgln(int sock, SSL* ssl, char* mesg);
00143 int ssl_tcp_recv_mstream(int sock, SSL* ssl, char* mesg, int sz, mstream* sb, int tm);
00144
00145
00156 #define ssl_tcp_send_mesg(sock, ssl, mesg) ssl_tcp_send((sock), (ssl), (mesg), 0)
00157
00158
00168 #define ssl_send_mesg(ssl, mesg) ssl_send((ssl), (mesg), 0)
00169
00170
00171
00172
00173 int ssl_recv_Buffer(SSL* ssl, Buffer* str);
00174 int ssl_send_Buffer(SSL* ssl, Buffer* str);
00175 int ssl_recv_Buffer_wait(int sock, SSL* ssl, Buffer* str, int tm);
00176 int ssl_send_sBuffer(SSL* ssl, Buffer* str);
00177 int ssl_send_sBufferln(SSL* ssl, Buffer* str);
00178 int ssl_recv_mstream_Buffer(int sock, SSL* ssl, Buffer* mesg, mstream* sb, int tm);
00179 int ssl_recv_lines_Buffer(int sock, SSL* ssl, Buffer* mesg, int tm);
00180
00181 int ssl_tcp_recv_Buffer(int sock, SSL* ssl, Buffer* str);
00182 int ssl_tcp_send_Buffer(int sock, SSL* ssl, Buffer* str);
00183 int ssl_tcp_recv_Buffer_wait(int sock, SSL* ssl, Buffer* str, int tm);
00184 int ssl_tcp_send_sBuffer(int sock, SSL* ssl, Buffer* str);
00185 int ssl_tcp_send_sBufferln(int sock, SSL* ssl, Buffer* str);
00186 int ssl_tcp_recv_mstream_Buffer(int sock, SSL* ssl, Buffer* mesg, mstream* sb, int tm);
00187 int ssl_tcp_recv_lines_Buffer(int sock, SSL* ssl, Buffer* mesg, int tm);
00188
00189 int ssl_tcp_recv_Buffer_tosize(int sock, SSL* ssl, Buffer* str, Buffer* mod, int size);
00190 int ssl_tcp_recv_Buffer_tosize_wait(int sock, SSL* ssl, Buffer* str, Buffer* mod, int size, int tm);
00191
00192
00193 #endif // DISABLE_SSL
00194
00195 #endif // __JBXL_SSL_TOOL_H_
00196
