Classes | |
| class | Ssl::CertificateProperties |
Enumerations | |
| enum | Ssl::CertSignAlgorithm { Ssl::algSignTrusted = 0, Ssl::algSignUntrusted, Ssl::algSignSelf, Ssl::algSignEnd } |
| enum | Ssl::CertAdaptAlgorithm { Ssl::algSetValidAfter = 0, Ssl::algSetValidBefore, Ssl::algSetCommonName, Ssl::algSetEnd } |
Functions | |
| EVP_PKEY * | Ssl::createSslPrivateKey () |
| bool | Ssl::writeCertAndPrivateKeyToMemory (Security::CertPointer const &cert, Security::PrivateKeyPointer const &pkey, std::string &bufferToWrite) |
| bool | Ssl::appendCertToMemory (Security::CertPointer const &cert, std::string &bufferToWrite) |
| bool | Ssl::readCertAndPrivateKeyFromMemory (Security::CertPointer &cert, Security::PrivateKeyPointer &pkey, char const *bufferToRead) |
| bool | Ssl::readCertFromMemory (Security::CertPointer &cert, char const *bufferToRead) |
| void | Ssl::ReadPrivateKeyFromFile (char const *keyFilename, Security::PrivateKeyPointer &pkey, pem_password_cb *passwd_callback) |
| bool | Ssl::OpenCertsFileForReading (BIO_Pointer &bio, const char *filename) |
| bool | Ssl::ReadX509Certificate (BIO_Pointer &bio, Security::CertPointer &cert) |
| bool | Ssl::ReadPrivateKey (BIO_Pointer &bio, Security::PrivateKeyPointer &pkey, pem_password_cb *passwd_callback) |
| bool | Ssl::OpenCertsFileForWriting (BIO_Pointer &bio, const char *filename) |
| bool | Ssl::WriteX509Certificate (BIO_Pointer &bio, const Security::CertPointer &cert) |
| bool | Ssl::WritePrivateKey (BIO_Pointer &bio, const Security::PrivateKeyPointer &pkey) |
| const char * | Ssl::certSignAlgorithm (int sg) |
| CertSignAlgorithm | Ssl::certSignAlgorithmId (const char *sg) |
| const char * | Ssl::sslCertAdaptAlgoritm (int alg) |
| std::string & | Ssl::OnDiskCertificateDbKey (const CertificateProperties &) |
| bool | Ssl::generateSslCertificate (Security::CertPointer &cert, Security::PrivateKeyPointer &pkey, CertificateProperties const &properties) |
| bool | Ssl::sslDateIsInTheFuture (char const *date) |
| bool | Ssl::certificateMatchesProperties (X509 *peer_cert, CertificateProperties const &properties) |
Variables | |
| const char * | Ssl::CertSignAlgorithmStr [] |
| const char * | Ssl::CertAdaptAlgorithmStr [] |
Detailed Description
These functions must not depend on Squid runtime code such as debug() because they are used by security_file_certgen helper.
Enumeration Type Documentation
◆ CertAdaptAlgorithm
◆ CertSignAlgorithm
Function Documentation
◆ appendCertToMemory()
| bool Ssl::appendCertToMemory | ( | Security::CertPointer const & | cert, |
| std::string & | bufferToWrite | ||
| ) |
Append SSL certificate to bufferToWrite.
Definition at line 92 of file gadgets.cc.
References Security::LockingPointer< T, UnLocker, Locker >::get(), len, and NULL.
Referenced by Ssl::CrtdMessage::composeRequest().
◆ certificateMatchesProperties()
| bool Ssl::certificateMatchesProperties | ( | X509 * | peer_cert, |
| CertificateProperties const & | properties | ||
| ) |
Check if the major fields of a certificates matches the properties given by a CertficateProperties object
- Returns
- true if the certificates matches false otherwise.
Definition at line 812 of file gadgets.cc.
References Ssl::algSignSelf, asn1time_cmp(), assert, Ssl::CommonHostName(), Ssl::CertificateProperties::commonName, Security::LockingPointer< T, UnLocker, Locker >::get(), match(), Ssl::CertificateProperties::mimicCert, NULL, Ssl::CertificateProperties::setCommonName, Ssl::CertificateProperties::setValidAfter, Ssl::CertificateProperties::setValidBefore, Ssl::CertificateProperties::signAlgorithm, Ssl::CertificateProperties::signWithX509, STACK_OF(), X509_getm_notAfter, and X509_getm_notBefore.
◆ certSignAlgorithm()
|
inline |
Return the short name of the signing algorithm "sg"
Definition at line 164 of file gadgets.h.
References Ssl::algSignEnd, Ssl::CertSignAlgorithmStr, and NULL.
Referenced by Ssl::CrtdMessage::composeRequest(), dump_sslproxy_cert_sign(), Ssl::InRamCertificateDbKey(), and Ssl::OnDiskCertificateDbKey().
◆ certSignAlgorithmId()
|
inline |
Return the id of the signing algorithm "sg"
Definition at line 176 of file gadgets.h.
References Ssl::algSignEnd, Ssl::CertSignAlgorithmStr, and NULL.
Referenced by Ssl::CrtdMessage::parseRequest().
◆ createSslPrivateKey()
| EVP_PKEY * Ssl::createSslPrivateKey | ( | ) |
Create 1024 bits rsa key.
Definition at line 12 of file gadgets.cc.
References NULL.
Referenced by generateFakeSslCertificate().
◆ generateSslCertificate()
| bool Ssl::generateSslCertificate | ( | Security::CertPointer & | cert, |
| Security::PrivateKeyPointer & | pkey, | ||
| Ssl::CertificateProperties const & | properties | ||
| ) |
Decide on the kind of certificate and generate a CA- or self-signed one. The generated certificate will inherite properties from certToMimic Return generated certificate and private key in resultX509 and resultPkey variables.
Definition at line 675 of file gadgets.cc.
References createSerial(), and generateFakeSslCertificate().
Referenced by Ssl::configureSSL(), Ssl::GenerateSslContext(), Ssl::generateUntrustedCert(), and processNewRequest().
◆ OnDiskCertificateDbKey()
| std::string & Ssl::OnDiskCertificateDbKey | ( | const CertificateProperties & | properties | ) |
- Returns
- certificate database key
Definition at line 232 of file gadgets.cc.
References Ssl::algSignEnd, Ssl::certSignAlgorithm(), Ssl::CertificateProperties::commonName, Security::LockingPointer< T, UnLocker, Locker >::get(), Ssl::CertificateProperties::mimicCert, NULL, printX509Signature(), Ssl::CertificateProperties::setCommonName, Ssl::CertificateProperties::setValidAfter, Ssl::CertificateProperties::setValidBefore, Ssl::CertificateProperties::signAlgorithm, and Ssl::CertificateProperties::signHash.
Referenced by processNewRequest().
◆ OpenCertsFileForReading()
| bool Ssl::OpenCertsFileForReading | ( | Ssl::BIO_Pointer & | bio, |
| const char * | filename | ||
| ) |
Initialize the bio with the file 'filename' opened for reading
Definition at line 686 of file gadgets.cc.
Referenced by Ssl::CertificateDb::ReadEntry(), and Ssl::ReadPrivateKeyFromFile().
◆ OpenCertsFileForWriting()
| bool Ssl::OpenCertsFileForWriting | ( | Ssl::BIO_Pointer & | bio, |
| const char * | filename | ||
| ) |
Initialize the bio with the file 'filename' opened for writing
Definition at line 730 of file gadgets.cc.
Referenced by Ssl::CertificateDb::WriteEntry().
◆ readCertAndPrivateKeyFromMemory()
| bool Ssl::readCertAndPrivateKeyFromMemory | ( | Security::CertPointer & | cert, |
| Security::PrivateKeyPointer & | pkey, | ||
| char const * | bufferToRead | ||
| ) |
Write private key and SSL certificate to memory.
Definition at line 116 of file gadgets.cc.
References NULL, and Security::LockingPointer< T, UnLocker, Locker >::resetWithoutLocking().
Referenced by Ssl::configureSSLUsingPkeyAndCertFromMemory(), Ssl::GenerateSslContextUsingPkeyAndCertFromMemory(), and Ssl::CrtdMessage::parseRequest().
◆ readCertFromMemory()
| bool Ssl::readCertFromMemory | ( | Security::CertPointer & | cert, |
| char const * | bufferToRead | ||
| ) |
Read SSL certificate from memory.
Definition at line 134 of file gadgets.cc.
References NULL, and Security::LockingPointer< T, UnLocker, Locker >::resetWithoutLocking().
Referenced by Ssl::CrtdMessage::parseRequest(), and Ssl::CertValidationMsg::parseResponse().
◆ ReadPrivateKey()
| bool Ssl::ReadPrivateKey | ( | Ssl::BIO_Pointer & | bio, |
| Security::PrivateKeyPointer & | pkey, | ||
| pem_password_cb * | passwd_callback | ||
| ) |
Read a private key from bio
Definition at line 708 of file gadgets.cc.
Referenced by Ssl::CertificateDb::ReadEntry(), and Ssl::ReadPrivateKeyFromFile().
◆ ReadPrivateKeyFromFile()
| void Ssl::ReadPrivateKeyFromFile | ( | char const * | keyFilename, |
| Security::PrivateKeyPointer & | pkey, | ||
| pem_password_cb * | passwd_callback | ||
| ) |
Read private key from file.
Definition at line 719 of file gadgets.cc.
References Ssl::OpenCertsFileForReading(), and Ssl::ReadPrivateKey().
Referenced by Security::KeyData::loadX509PrivateKeyFromFile().
◆ ReadX509Certificate()
| bool Ssl::ReadX509Certificate | ( | Ssl::BIO_Pointer & | bio, |
| Security::CertPointer & | cert | ||
| ) |
Read a certificate from bio
Definition at line 697 of file gadgets.cc.
References assert, NULL, and Security::LockingPointer< T, UnLocker, Locker >::resetWithoutLocking().
Referenced by Ssl::CertificateDb::ReadEntry().
◆ sslCertAdaptAlgoritm()
|
inline |
Return the short name of the adaptation algorithm "alg"
Definition at line 201 of file gadgets.h.
References Ssl::algSetEnd, Ssl::CertAdaptAlgorithmStr, and NULL.
Referenced by dump_sslproxy_cert_adapt().
◆ sslDateIsInTheFuture()
| bool Ssl::sslDateIsInTheFuture | ( | char const * | date | ) |
Verify date. Date format it ASN1_UTCTIME. if there is out of date error, return false.
Definition at line 760 of file gadgets.cc.
Referenced by Ssl::CertificateDb::deleteInvalidCertificate(), and Ssl::CertificateDb::pure_find().
◆ writeCertAndPrivateKeyToMemory()
| bool Ssl::writeCertAndPrivateKeyToMemory | ( | Security::CertPointer const & | cert, |
| Security::PrivateKeyPointer const & | pkey, | ||
| std::string & | bufferToWrite | ||
| ) |
Write private key and SSL certificate to memory.
Definition at line 68 of file gadgets.cc.
References Security::LockingPointer< T, UnLocker, Locker >::get(), len, and NULL.
Referenced by Ssl::CrtdMessage::composeRequest(), and processNewRequest().
◆ WritePrivateKey()
| bool Ssl::WritePrivateKey | ( | Ssl::BIO_Pointer & | bio, |
| const Security::PrivateKeyPointer & | pkey | ||
| ) |
Write private key to BIO.
Definition at line 751 of file gadgets.cc.
References NULL.
Referenced by Ssl::CertificateDb::WriteEntry().
◆ WriteX509Certificate()
| bool Ssl::WriteX509Certificate | ( | Ssl::BIO_Pointer & | bio, |
| const Security::CertPointer & | cert | ||
| ) |
Write certificate to BIO.
Definition at line 741 of file gadgets.cc.
References Security::LockingPointer< T, UnLocker, Locker >::get().
Referenced by Ssl::CertificateDb::WriteEntry().
Variable Documentation
◆ CertAdaptAlgorithmStr
|
extern |
Short names for certificate adaptation algorithms
Definition at line 202 of file gadgets.cc.
Referenced by ConnStateData::buildSslCertGenerationParams(), parse_sslproxy_cert_adapt(), and Ssl::sslCertAdaptAlgoritm().
◆ CertSignAlgorithmStr
|
extern |
Short names for certificate signing algorithms
Definition at line 195 of file gadgets.cc.
Referenced by Ssl::certSignAlgorithm(), Ssl::certSignAlgorithmId(), and parse_sslproxy_cert_sign().