SSL certificate generator API

Classes

class  Ssl::CertificateProperties
 

Enumerations

enum  Ssl::CertSignAlgorithm {
  Ssl::algSignTrusted = 0,
  Ssl::algSignUntrusted,
  Ssl::algSignSelf,
  Ssl::algSignEnd
}
 
enum  Ssl::CertAdaptAlgorithm {
  Ssl::algSetValidAfter = 0,
  Ssl::algSetValidBefore,
  Ssl::algSetCommonName,
  Ssl::algSetEnd
}
 

Functions

EVP_PKEY * Ssl::createSslPrivateKey ()
 
bool Ssl::writeCertAndPrivateKeyToMemory (Security::CertPointer const &cert, Security::PrivateKeyPointer const &pkey, std::string &bufferToWrite)
 
bool Ssl::appendCertToMemory (Security::CertPointer const &cert, std::string &bufferToWrite)
 
bool Ssl::readCertAndPrivateKeyFromMemory (Security::CertPointer &cert, Security::PrivateKeyPointer &pkey, char const *bufferToRead)
 
bool Ssl::readCertFromMemory (Security::CertPointer &cert, char const *bufferToRead)
 
void Ssl::ReadPrivateKeyFromFile (char const *keyFilename, Security::PrivateKeyPointer &pkey, pem_password_cb *passwd_callback)
 
bool Ssl::OpenCertsFileForReading (BIO_Pointer &bio, const char *filename)
 
bool Ssl::ReadX509Certificate (BIO_Pointer &bio, Security::CertPointer &cert)
 
bool Ssl::ReadPrivateKey (BIO_Pointer &bio, Security::PrivateKeyPointer &pkey, pem_password_cb *passwd_callback)
 
bool Ssl::OpenCertsFileForWriting (BIO_Pointer &bio, const char *filename)
 
bool Ssl::WriteX509Certificate (BIO_Pointer &bio, const Security::CertPointer &cert)
 
bool Ssl::WritePrivateKey (BIO_Pointer &bio, const Security::PrivateKeyPointer &pkey)
 
const char * Ssl::certSignAlgorithm (int sg)
 
CertSignAlgorithm Ssl::certSignAlgorithmId (const char *sg)
 
const char * Ssl::sslCertAdaptAlgoritm (int alg)
 
std::string & Ssl::OnDiskCertificateDbKey (const CertificateProperties &)
 
bool Ssl::generateSslCertificate (Security::CertPointer &cert, Security::PrivateKeyPointer &pkey, CertificateProperties const &properties)
 
bool Ssl::sslDateIsInTheFuture (char const *date)
 
bool Ssl::certificateMatchesProperties (X509 *peer_cert, CertificateProperties const &properties)
 

Variables

const char * Ssl::CertSignAlgorithmStr []
 
const char * Ssl::CertAdaptAlgorithmStr []
 

Detailed Description

These functions must not depend on Squid runtime code such as debug() because they are used by security_file_certgen helper.

Enumeration Type Documentation

◆ CertAdaptAlgorithm

Supported certificate adaptation algorithms

Enumerator
algSetValidAfter 
algSetValidBefore 
algSetCommonName 
algSetEnd 

Definition at line 189 of file gadgets.h.

◆ CertSignAlgorithm

Supported certificate signing algorithms

Enumerator
algSignTrusted 
algSignUntrusted 
algSignSelf 
algSignEnd 

Definition at line 151 of file gadgets.h.

Function Documentation

◆ appendCertToMemory()

bool Ssl::appendCertToMemory ( Security::CertPointer const &  cert,
std::string &  bufferToWrite 
)

Append SSL certificate to bufferToWrite.

Definition at line 92 of file gadgets.cc.

References Security::LockingPointer< T, UnLocker, Locker >::get(), and NULL.

Referenced by Ssl::CrtdMessage::composeRequest().

◆ certificateMatchesProperties()

bool Ssl::certificateMatchesProperties ( X509 *  peer_cert,
CertificateProperties const &  properties 
)

◆ certSignAlgorithm()

const char* Ssl::certSignAlgorithm ( int  sg)
inline

Return the short name of the signing algorithm "sg"

Definition at line 164 of file gadgets.h.

References Ssl::algSignEnd, Ssl::CertSignAlgorithmStr, and NULL.

Referenced by Ssl::CrtdMessage::composeRequest(), dump_sslproxy_cert_sign(), Ssl::InRamCertificateDbKey(), and Ssl::OnDiskCertificateDbKey().

◆ certSignAlgorithmId()

CertSignAlgorithm Ssl::certSignAlgorithmId ( const char *  sg)
inline

Return the id of the signing algorithm "sg"

Definition at line 176 of file gadgets.h.

References Ssl::algSignEnd, Ssl::CertSignAlgorithmStr, and NULL.

Referenced by Ssl::CrtdMessage::parseRequest().

◆ createSslPrivateKey()

EVP_PKEY * Ssl::createSslPrivateKey ( )

Create 1024 bits rsa key.

Definition at line 12 of file gadgets.cc.

References NULL.

Referenced by generateFakeSslCertificate().

◆ generateSslCertificate()

bool Ssl::generateSslCertificate ( Security::CertPointer cert,
Security::PrivateKeyPointer &  pkey,
Ssl::CertificateProperties const &  properties 
)

Decide on the kind of certificate and generate a CA- or self-signed one. The generated certificate will inherite properties from certToMimic Return generated certificate and private key in resultX509 and resultPkey variables.

Definition at line 677 of file gadgets.cc.

References createSerial(), and generateFakeSslCertificate().

Referenced by Ssl::configureSSL(), Ssl::GenerateSslContext(), Ssl::generateUntrustedCert(), and processNewRequest().

◆ OnDiskCertificateDbKey()

◆ OpenCertsFileForReading()

bool Ssl::OpenCertsFileForReading ( Ssl::BIO_Pointer bio,
const char *  filename 
)

Initialize the bio with the file 'filename' opened for reading

Definition at line 688 of file gadgets.cc.

Referenced by Ssl::CertificateDb::ReadEntry(), and Ssl::ReadPrivateKeyFromFile().

◆ OpenCertsFileForWriting()

bool Ssl::OpenCertsFileForWriting ( Ssl::BIO_Pointer bio,
const char *  filename 
)

Initialize the bio with the file 'filename' opened for writing

Definition at line 732 of file gadgets.cc.

Referenced by Ssl::CertificateDb::WriteEntry().

◆ readCertAndPrivateKeyFromMemory()

bool Ssl::readCertAndPrivateKeyFromMemory ( Security::CertPointer cert,
Security::PrivateKeyPointer &  pkey,
char const *  bufferToRead 
)

◆ readCertFromMemory()

bool Ssl::readCertFromMemory ( Security::CertPointer cert,
char const *  bufferToRead 
)

Read SSL certificate from memory.

Definition at line 134 of file gadgets.cc.

References NULL, and Security::LockingPointer< T, UnLocker, Locker >::resetWithoutLocking().

Referenced by Ssl::CrtdMessage::parseRequest(), and Ssl::CertValidationMsg::parseResponse().

◆ ReadPrivateKey()

bool Ssl::ReadPrivateKey ( Ssl::BIO_Pointer bio,
Security::PrivateKeyPointer &  pkey,
pem_password_cb *  passwd_callback 
)

Read a private key from bio

Definition at line 710 of file gadgets.cc.

References assert, and NULL.

Referenced by Ssl::CertificateDb::ReadEntry(), and Ssl::ReadPrivateKeyFromFile().

◆ ReadPrivateKeyFromFile()

void Ssl::ReadPrivateKeyFromFile ( char const *  keyFilename,
Security::PrivateKeyPointer &  pkey,
pem_password_cb *  passwd_callback 
)

Read private key from file.

Definition at line 721 of file gadgets.cc.

References Ssl::OpenCertsFileForReading(), and Ssl::ReadPrivateKey().

Referenced by Security::KeyData::loadX509PrivateKeyFromFile().

◆ ReadX509Certificate()

bool Ssl::ReadX509Certificate ( Ssl::BIO_Pointer bio,
Security::CertPointer cert 
)

Read a certificate from bio

Definition at line 699 of file gadgets.cc.

References assert, NULL, and Security::LockingPointer< T, UnLocker, Locker >::resetWithoutLocking().

Referenced by Ssl::CertificateDb::ReadEntry().

◆ sslCertAdaptAlgoritm()

const char* Ssl::sslCertAdaptAlgoritm ( int  alg)
inline

Return the short name of the adaptation algorithm "alg"

Definition at line 201 of file gadgets.h.

References Ssl::algSetEnd, Ssl::CertAdaptAlgorithmStr, and NULL.

Referenced by dump_sslproxy_cert_adapt().

◆ sslDateIsInTheFuture()

bool Ssl::sslDateIsInTheFuture ( char const *  date)

Verify date. Date format it ASN1_UTCTIME. if there is out of date error, return false.

Definition at line 762 of file gadgets.cc.

Referenced by Ssl::CertificateDb::deleteInvalidCertificate(), and Ssl::CertificateDb::pure_find().

◆ writeCertAndPrivateKeyToMemory()

bool Ssl::writeCertAndPrivateKeyToMemory ( Security::CertPointer const &  cert,
Security::PrivateKeyPointer const &  pkey,
std::string &  bufferToWrite 
)

Write private key and SSL certificate to memory.

Definition at line 68 of file gadgets.cc.

References Security::LockingPointer< T, UnLocker, Locker >::get(), and NULL.

Referenced by Ssl::CrtdMessage::composeRequest(), and processNewRequest().

◆ WritePrivateKey()

bool Ssl::WritePrivateKey ( Ssl::BIO_Pointer bio,
const Security::PrivateKeyPointer &  pkey 
)

Write private key to BIO.

Definition at line 753 of file gadgets.cc.

References NULL.

Referenced by Ssl::CertificateDb::WriteEntry().

◆ WriteX509Certificate()

bool Ssl::WriteX509Certificate ( Ssl::BIO_Pointer bio,
const Security::CertPointer cert 
)

Write certificate to BIO.

Definition at line 743 of file gadgets.cc.

References Security::LockingPointer< T, UnLocker, Locker >::get().

Referenced by Ssl::CertificateDb::WriteEntry().

Variable Documentation

◆ CertAdaptAlgorithmStr

const char * Ssl::CertAdaptAlgorithmStr
extern
Initial value:
= {
"setValidAfter",
"setValidBefore",
"setCommonName",
}

Short names for certificate adaptation algorithms

Definition at line 202 of file gadgets.cc.

Referenced by ConnStateData::buildSslCertGenerationParams(), parse_sslproxy_cert_adapt(), and Ssl::sslCertAdaptAlgoritm().

◆ CertSignAlgorithmStr

const char * Ssl::CertSignAlgorithmStr
extern
Initial value:
= {
"signTrusted",
"signUntrusted",
"signSelf",
}

Short names for certificate signing algorithms

Definition at line 195 of file gadgets.cc.

Referenced by Ssl::certSignAlgorithm(), Ssl::certSignAlgorithmId(), and parse_sslproxy_cert_sign().

#define NULL
Definition: types.h:166

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors