TAO_SSLIOP: SSLIOP_Current_Impl.cpp Source File

00001 #include "orbsvcs/SSLIOP/SSLIOP_Current_Impl.h"
00002 
00003 #include "ace/OS_String.h"
00004 
00005 
00006 ACE_RCSID (SSLIOP,
00007            SSLIOP_Current_Impl,
00008            "$Id: SSLIOP_Current_Impl.cpp 80431 2008-01-15 19:06:41Z johnnyw $")
00009 
00010 
00011 #if !defined (__ACE_INLINE__)
00012 # include "orbsvcs/SSLIOP/SSLIOP_Current_Impl.inl"
00013 #endif /* __ACE_INLINE__ */
00014 
00015 #include "orbsvcs/SSLIOP/SSLIOP_X509.h"
00016 #include "orbsvcs/SSLIOP/SSLIOP_ClientCredentials.h"
00017 
00018 #include "tao/ORB_Constants.h"
00019 
00020 #include <openssl/x509.h>
00021 
00022 TAO_BEGIN_VERSIONED_NAMESPACE_DECL
00023 
00024 TAO::SSLIOP::Current_Impl::~Current_Impl (void)
00025 {
00026 }
00027 
00028 SecurityLevel3::ClientCredentials_ptr
00029 TAO::SSLIOP::Current_Impl::client_credentials ()
00030 {
00031   TAO::SSLIOP::X509_var cert = ::SSL_get_peer_certificate (this->ssl_);
00032   if (cert.ptr () == 0)
00033     throw CORBA::BAD_OPERATION ();
00034 
00035   SecurityLevel3::ClientCredentials_ptr creds;
00036   ACE_NEW_THROW_EX (creds,
00037                     TAO::SSLIOP::ClientCredentials (cert.in (),
00038                                                     0,
00039                                                     this->ssl_),
00040                     CORBA::NO_MEMORY (
00041                       CORBA::SystemException::_tao_minor_code (
00042                         TAO::VMCID,
00043                         ENOMEM),
00044                       CORBA::COMPLETED_NO));
00045 
00046   return creds;
00047 }
00048 
00049 CORBA::Boolean
00050 TAO::SSLIOP::Current_Impl::request_is_local (void)
00051 {
00052   throw CORBA::NO_IMPLEMENT ();
00053 }
00054 
00055 void
00056 TAO::SSLIOP::Current_Impl::get_peer_certificate (
00057   ::SSLIOP::ASN_1_Cert *certificate)
00058 {
00059   if (this->ssl_ == 0)
00060     return;
00061 
00062   TAO::SSLIOP::X509_var cert = ::SSL_get_peer_certificate (this->ssl_);
00063   if (cert.ptr () == 0)
00064     return;
00065 
00066   // Get the size of the ASN.1 encoding.
00067   int const cert_length = ::i2d_X509 (cert.in (), 0);
00068   if (cert_length <= 0)
00069     return;
00070 
00071   certificate->length (cert_length);
00072 
00073   CORBA::Octet *buffer = certificate->get_buffer ();
00074 
00075   // Convert from the internal X509 representation to the DER encoding
00076   // representation.
00077   (void) ::i2d_X509 (cert.in (), &buffer);
00078 }
00079 
00080 void
00081 TAO::SSLIOP::Current_Impl::get_peer_certificate_chain (
00082   ::SSLIOP::SSL_Cert *cert_chain)
00083 {
00084   if (this->ssl_ == 0)
00085     return;
00086 
00087   STACK_OF (X509) *certs = ::SSL_get_peer_cert_chain (this->ssl_);
00088   if (certs == 0)
00089     return;
00090 
00091   int const chain_length = sk_X509_num (certs);
00092   cert_chain->length (chain_length);
00093 
00094   // Copy the peer certificate chain to the SSLIOP::SSL_Cert
00095   // sequence.
00096   for (int i = 0; i < chain_length; ++i)
00097     {
00098       // Extract the certificate from the OpenSSL X509 stack.
00099       ::X509 *x = sk_X509_value (certs, i);
00100 
00101       // Get the size of the ASN.1 encoding.
00102       int const cert_length = ::i2d_X509 (x, 0);
00103       if (cert_length <= 0)
00104         continue;  // @@ What do we do if there is an error?
00105 
00106       ::SSLIOP::ASN_1_Cert &certificate = (*cert_chain)[i];
00107       certificate.length (cert_length);
00108 
00109       CORBA::Octet *buffer = certificate.get_buffer ();
00110 
00111       // Convert from the internal X509 representation to the DER
00112       // encoding representation.
00113       (void) ::i2d_X509 (x, &buffer);
00114     }
00115 }
00116 
00117 CORBA::ULong
00118 TAO::SSLIOP::Current_Impl::tag (void) const
00119 {
00120   return ::SSLIOP::TAG_SSL_SEC_TRANS;
00121 }
00122 
00123 TAO_END_VERSIONED_NAMESPACE_DECL