SSL certificate generator API

Classes

class  Ssl::CertificateProperties
 

Enumerations

enum  Ssl::CertSignAlgorithm {
  Ssl::algSignTrusted = 0,
  Ssl::algSignUntrusted,
  Ssl::algSignSelf,
  Ssl::algSignEnd
}
 
enum  Ssl::CertAdaptAlgorithm {
  Ssl::algSetValidAfter = 0,
  Ssl::algSetValidBefore,
  Ssl::algSetCommonName,
  Ssl::algSetEnd
}
 

Functions

EVP_PKEY * Ssl::createSslPrivateKey ()
 
bool Ssl::writeCertAndPrivateKeyToMemory (Security::CertPointer const &cert, Security::PrivateKeyPointer const &pkey, std::string &bufferToWrite)
 
bool Ssl::appendCertToMemory (Security::CertPointer const &cert, std::string &bufferToWrite)
 
bool Ssl::readCertAndPrivateKeyFromMemory (Security::CertPointer &cert, Security::PrivateKeyPointer &pkey, char const *bufferToRead)
 
bool Ssl::readCertFromMemory (Security::CertPointer &cert, char const *bufferToRead)
 
void Ssl::ReadPrivateKeyFromFile (char const *keyFilename, Security::PrivateKeyPointer &pkey, pem_password_cb *passwd_callback)
 
bool Ssl::OpenCertsFileForReading (BIO_Pointer &bio, const char *filename)
 
bool Ssl::ReadX509Certificate (BIO_Pointer &bio, Security::CertPointer &cert)
 
bool Ssl::ReadPrivateKey (BIO_Pointer &bio, Security::PrivateKeyPointer &pkey, pem_password_cb *passwd_callback)
 
bool Ssl::OpenCertsFileForWriting (BIO_Pointer &bio, const char *filename)
 
bool Ssl::WriteX509Certificate (BIO_Pointer &bio, const Security::CertPointer &cert)
 
bool Ssl::WritePrivateKey (BIO_Pointer &bio, const Security::PrivateKeyPointer &pkey)
 
const char * Ssl::certSignAlgorithm (int sg)
 
CertSignAlgorithm Ssl::certSignAlgorithmId (const char *sg)
 
const char * Ssl::sslCertAdaptAlgoritm (int alg)
 
std::string & Ssl::OnDiskCertificateDbKey (const CertificateProperties &)
 
bool Ssl::generateSslCertificate (Security::CertPointer &cert, Security::PrivateKeyPointer &pkey, CertificateProperties const &properties)
 
bool Ssl::sslDateIsInTheFuture (char const *date)
 
bool Ssl::certificateMatchesProperties (X509 *peer_cert, CertificateProperties const &properties)
 

Variables

const char * Ssl::CertSignAlgorithmStr []
 
const char * Ssl::CertAdaptAlgorithmStr []
 

Detailed Description

These functions must not depend on Squid runtime code such as debug() because they are used by security_file_certgen helper.

Enumeration Type Documentation

Supported certificate adaptation algorithms

Enumerator
algSetValidAfter 
algSetValidBefore 
algSetCommonName 
algSetEnd 

Definition at line 188 of file gadgets.h.

Supported certificate signing algorithms

Enumerator
algSignTrusted 
algSignUntrusted 
algSignSelf 
algSignEnd 

Definition at line 150 of file gadgets.h.

Function Documentation

bool Ssl::appendCertToMemory ( Security::CertPointer const &  cert,
std::string &  bufferToWrite 
)

Append SSL certificate to bufferToWrite.

Definition at line 97 of file gadgets.cc.

References len, and NULL.

Referenced by Ssl::CrtdMessage::composeRequest().

bool Ssl::certificateMatchesProperties ( X509 *  peer_cert,
CertificateProperties const &  properties 
)
const char* Ssl::certSignAlgorithm ( int  sg)
inline

Return the short name of the signing algorithm "sg"

Definition at line 163 of file gadgets.h.

References Ssl::algSignEnd, Ssl::CertSignAlgorithmStr, and NULL.

Referenced by Ssl::CrtdMessage::composeRequest(), dump_sslproxy_cert_sign(), Ssl::InRamCertificateDbKey(), and Ssl::OnDiskCertificateDbKey().

CertSignAlgorithm Ssl::certSignAlgorithmId ( const char *  sg)
inline

Return the id of the signing algorithm "sg"

Definition at line 175 of file gadgets.h.

References Ssl::algSignEnd, Ssl::CertSignAlgorithmStr, i, and NULL.

Referenced by Ssl::CrtdMessage::parseRequest().

EVP_PKEY * Ssl::createSslPrivateKey ( )

Create 1024 bits rsa key.

Definition at line 17 of file gadgets.cc.

References NULL.

Referenced by generateFakeSslCertificate().

bool Ssl::generateSslCertificate ( Security::CertPointer &  cert,
Security::PrivateKeyPointer &  pkey,
Ssl::CertificateProperties const &  properties 
)

Decide on the kind of certificate and generate a CA- or self-signed one. The generated certificate will inherite properties from certToMimic Return generated certificate and private key in resultX509 and resultPkey variables.

Definition at line 685 of file gadgets.cc.

References createSerial(), and generateFakeSslCertificate().

Referenced by Ssl::configureSSL(), Ssl::GenerateSslContext(), Ssl::generateUntrustedCert(), and processNewRequest().

bool Ssl::OpenCertsFileForReading ( Ssl::BIO_Pointer bio,
const char *  filename 
)

Initialize the bio with the file 'filename' openned for reading

Definition at line 696 of file gadgets.cc.

Referenced by Ssl::CertificateDb::ReadEntry(), and Ssl::ReadPrivateKeyFromFile().

bool Ssl::OpenCertsFileForWriting ( Ssl::BIO_Pointer bio,
const char *  filename 
)

Initialize the bio with the file 'filename' openned for writting

Definition at line 740 of file gadgets.cc.

Referenced by Ssl::CertificateDb::WriteEntry().

bool Ssl::readCertAndPrivateKeyFromMemory ( Security::CertPointer &  cert,
Security::PrivateKeyPointer &  pkey,
char const *  bufferToRead 
)

Write private key and SSL certificate to memory.

Definition at line 121 of file gadgets.cc.

References NULL.

Referenced by Ssl::configureSSLUsingPkeyAndCertFromMemory(), Ssl::GenerateSslContextUsingPkeyAndCertFromMemory(), and Ssl::CrtdMessage::parseRequest().

bool Ssl::readCertFromMemory ( Security::CertPointer &  cert,
char const *  bufferToRead 
)

Read SSL certificate from memory.

Definition at line 139 of file gadgets.cc.

References NULL.

Referenced by Ssl::CrtdMessage::parseRequest(), and Ssl::CertValidationMsg::parseResponse().

bool Ssl::ReadPrivateKey ( Ssl::BIO_Pointer bio,
Security::PrivateKeyPointer &  pkey,
pem_password_cb *  passwd_callback 
)

Read a private key from bio

Definition at line 718 of file gadgets.cc.

References assert, and NULL.

Referenced by Ssl::CertificateDb::ReadEntry(), and Ssl::ReadPrivateKeyFromFile().

void Ssl::ReadPrivateKeyFromFile ( char const *  keyFilename,
Security::PrivateKeyPointer &  pkey,
pem_password_cb *  passwd_callback 
)

Read private key from file.

Definition at line 729 of file gadgets.cc.

References Ssl::OpenCertsFileForReading(), and Ssl::ReadPrivateKey().

Referenced by Ssl::readCertChainAndPrivateKeyFromFiles().

bool Ssl::ReadX509Certificate ( Ssl::BIO_Pointer bio,
Security::CertPointer &  cert 
)

Read a certificate from bio

Definition at line 707 of file gadgets.cc.

References assert, and NULL.

Referenced by Ssl::CertificateDb::ReadEntry().

const char* Ssl::sslCertAdaptAlgoritm ( int  alg)
inline

Return the short name of the adaptation algorithm "alg"

Definition at line 200 of file gadgets.h.

References Ssl::algSetEnd, Ssl::CertAdaptAlgorithmStr, and NULL.

Referenced by dump_sslproxy_cert_adapt().

bool Ssl::sslDateIsInTheFuture ( char const *  date)

Verify date. Date format it ASN1_UTCTIME. if there is out of date error, return false.

Definition at line 770 of file gadgets.cc.

Referenced by Ssl::CertificateDb::deleteInvalidCertificate(), and Ssl::CertificateDb::pure_find().

bool Ssl::writeCertAndPrivateKeyToMemory ( Security::CertPointer const &  cert,
Security::PrivateKeyPointer const &  pkey,
std::string &  bufferToWrite 
)

Write private key and SSL certificate to memory.

Definition at line 73 of file gadgets.cc.

References len, and NULL.

Referenced by Ssl::CrtdMessage::composeRequest(), and processNewRequest().

bool Ssl::WritePrivateKey ( Ssl::BIO_Pointer bio,
const Security::PrivateKeyPointer &  pkey 
)

Write private key to BIO.

Definition at line 761 of file gadgets.cc.

References NULL.

Referenced by Ssl::CertificateDb::WriteEntry().

bool Ssl::WriteX509Certificate ( Ssl::BIO_Pointer bio,
const Security::CertPointer &  cert 
)

Write certificate to BIO.

Definition at line 751 of file gadgets.cc.

Referenced by Ssl::CertificateDb::WriteEntry().

Variable Documentation

const char * Ssl::CertAdaptAlgorithmStr
Initial value:
= {
"setValidAfter",
"setValidBefore",
"setCommonName",
}
#define NULL
Definition: types.h:166

Short names for certificate adaptation algorithms

Definition at line 207 of file gadgets.cc.

Referenced by ConnStateData::buildSslCertGenerationParams(), parse_sslproxy_cert_adapt(), and Ssl::sslCertAdaptAlgoritm().

const char * Ssl::CertSignAlgorithmStr
Initial value:
= {
"signTrusted",
"signUntrusted",
"signSelf",
}
#define NULL
Definition: types.h:166

Short names for certificate signing algorithms

Definition at line 200 of file gadgets.cc.

Referenced by Ssl::certSignAlgorithm(), Ssl::certSignAlgorithmId(), and parse_sslproxy_cert_sign().

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors