File Reference
#include "squid.h"
#include "ssl/gadgets.h"
#include <openssl/asn1.h>
Include dependency graph for

Go to the source code of this file.


static bool setSerialNumber (ASN1_INTEGER *ai, BIGNUM const *serial)
static bool replaceCommonName (Security::CertPointer &cert, std::string const &rawCn)
static void printX509Signature (const Security::CertPointer &cert, std::string &out)
static bool mimicAuthorityKeyId (Security::CertPointer &cert, Security::CertPointer const &mimicCert, Security::CertPointer const &issuerCert)
static int mimicExtensions (Security::CertPointer &cert, Security::CertPointer const &mimicCert, Security::CertPointer const &issuerCert)
static bool addAltNameWithSubjectCn (Security::CertPointer &cert)
static bool buildCertificate (Security::CertPointer &cert, Ssl::CertificateProperties const &properties)
static bool generateFakeSslCertificate (Security::CertPointer &certToStore, Security::PrivateKeyPointer &pkeyToStore, Ssl::CertificateProperties const &properties, Ssl::BIGNUM_Pointer const &serial)
static BIGNUM * createCertSerial (unsigned char *md, unsigned int n)
static BIGNUM * x509Digest (Security::CertPointer const &cert)
static BIGNUM * x509Pubkeydigest (Security::CertPointer const &cert)
static bool createSerial (Ssl::BIGNUM_Pointer &serial, Ssl::CertificateProperties const &properties)
static bool asn1timeToGeneralizedTimeStr (ASN1_TIME *aTime, char *buf, int bufLen)
 Print the time represented by a ASN1_TIME struct to a string using GeneralizedTime format. More...
static int asn1time_cmp (ASN1_TIME *asnTime1, ASN1_TIME *asnTime2)
static const char * getSubjectEntry (X509 *x509, int nid)


static const size_t MaxCnLen = 64

Function Documentation

static bool addAltNameWithSubjectCn ( Security::CertPointer &  cert)

Adds a new subjectAltName extension contining Subject CN or returns false expects the caller to check for the existing subjectAltName extension

Definition at line 443 of file

References NULL.

Referenced by buildCertificate().

static int asn1time_cmp ( ASN1_TIME *  asnTime1,
ASN1_TIME *  asnTime2 

Definition at line 811 of file

References asn1timeToGeneralizedTimeStr().

Referenced by Ssl::certificateMatchesProperties().

static bool asn1timeToGeneralizedTimeStr ( ASN1_TIME *  aTime,
char *  buf,
int  bufLen 

Definition at line 782 of file

References buf.

Referenced by asn1time_cmp().

static BIGNUM* createCertSerial ( unsigned char *  md,
unsigned int  n 

Definition at line 608 of file

References assert, and NULL.

Referenced by x509Digest(), and x509Pubkeydigest().

static bool createSerial ( Ssl::BIGNUM_Pointer serial,
Ssl::CertificateProperties const &  properties 

Generate a unique serial number based on a Ssl::CertificateProperties object for a new generated certificate

Definition at line 661 of file

References generateFakeSslCertificate(), Ssl::CertificateProperties::signWithX509, x509Digest(), and x509Pubkeydigest().

Referenced by Ssl::generateSslCertificate().

static bool generateFakeSslCertificate ( Security::CertPointer &  certToStore,
Security::PrivateKeyPointer &  pkeyToStore,
Ssl::CertificateProperties const &  properties,
Ssl::BIGNUM_Pointer const &  serial 
static const char* getSubjectEntry ( X509 *  x509,
int  nid 

Definition at line 895 of file

References NULL.

Referenced by Ssl::CommonHostName(), and Ssl::getOrganization().

static bool mimicAuthorityKeyId ( Security::CertPointer &  cert,
Security::CertPointer const &  mimicCert,
Security::CertPointer const &  issuerCert 

Check if mimicCert certificate has the Authority Key Identifier extension and if yes add the extension to cert certificate with the same fields if possible. If the issuerCert certificate does not have the Subject Key Identifier extension (required to build the keyIdentifier field of AuthorityKeyIdentifier) then the authorityCertIssuer and authorityCertSerialNumber fields added.

issuer name and issuer serial

Definition at line 281 of file

References method, and NULL.

Referenced by mimicExtensions().

static int mimicExtensions ( Security::CertPointer &  cert,
Security::CertPointer const &  mimicCert,
Security::CertPointer const &  issuerCert 

Copy certificate extensions from cert to mimicCert. Returns the number of extensions copied.

Definition at line 362 of file

References assert, i, method, mimicAuthorityKeyId(), NULL, and p.

Referenced by buildCertificate().

static void printX509Signature ( const Security::CertPointer &  cert,
std::string &  out 

Definition at line 223 of file

References i, and Ssl::X509_get_signature().

Referenced by Ssl::OnDiskCertificateDbKey().

static bool replaceCommonName ( Security::CertPointer &  cert,
std::string const &  rawCn 

Definition at line 157 of file

References MaxCnLen.

Referenced by buildCertificate().

static BIGNUM* x509Digest ( Security::CertPointer const &  cert)

Return the SHA1 digest of the DER encoded version of the certificate stored in a BIGNUM

Definition at line 637 of file

References createCertSerial(), and NULL.

Referenced by createSerial().

static BIGNUM* x509Pubkeydigest ( Security::CertPointer const &  cert)

Definition at line 648 of file

References createCertSerial(), and NULL.

Referenced by createSerial().

Variable Documentation

const size_t MaxCnLen = 64

Definition at line 154 of file

Referenced by replaceCommonName().






Web Site Translations