Tor 0.4.9.0-alpha-dev
x509.h
Go to the documentation of this file.
1/* Copyright (c) 2003, Roger Dingledine
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2021, The Tor Project, Inc. */
4/* See LICENSE for licensing information */
5
6#ifndef TOR_X509_H
7#define TOR_X509_H
8
9/**
10 * \file x509.h
11 * \brief Headers for tortls.c
12 **/
13
16
17/* Opaque structure to hold an X509 certificate. */
18typedef struct tor_x509_cert_t tor_x509_cert_t;
19
20#ifdef ENABLE_NSS
21typedef struct CERTCertificateStr tor_x509_cert_impl_t;
22#elif defined(ENABLE_OPENSSL)
23typedef struct x509_st tor_x509_cert_impl_t;
24#endif
25
26#ifdef TOR_X509_PRIVATE
27/** Structure that we use for a single certificate. */
28struct tor_x509_cert_t {
29 tor_x509_cert_impl_t *cert;
30#ifdef ENABLE_OPENSSL
31 uint8_t *encoded;
32 size_t encoded_len;
33#endif
34 unsigned pkey_digests_set : 1;
35 common_digests_t cert_digests;
36 common_digests_t pkey_digests;
37};
38#endif /* defined(TOR_X509_PRIVATE) */
39
40void tor_tls_pick_certificate_lifetime(time_t now,
41 unsigned cert_lifetime,
42 time_t *start_time_out,
43 time_t *end_time_out);
44
45#ifdef TOR_UNIT_TESTS
46tor_x509_cert_t *tor_x509_cert_replace_expiration(
47 const tor_x509_cert_t *inp,
48 time_t new_expiration_time,
49 crypto_pk_t *signing_key);
50#endif /* defined(TOR_UNIT_TESTS) */
51
52tor_x509_cert_t *tor_x509_cert_dup(const tor_x509_cert_t *cert);
53
54void tor_x509_cert_free_(tor_x509_cert_t *cert);
55#define tor_x509_cert_free(c) \
56 FREE_AND_NULL(tor_x509_cert_t, tor_x509_cert_free_, (c))
57tor_x509_cert_t *tor_x509_cert_decode(const uint8_t *certificate,
58 size_t certificate_len);
59void tor_x509_cert_get_der(const tor_x509_cert_t *cert,
60 const uint8_t **encoded_out, size_t *size_out);
61
63 const tor_x509_cert_t *cert);
65 const tor_x509_cert_t *cert);
66
67crypto_pk_t *tor_tls_cert_get_key(tor_x509_cert_t *cert);
68
69int tor_tls_cert_is_valid(int severity,
70 const tor_x509_cert_t *cert,
71 const tor_x509_cert_t *signing_cert,
72 time_t now,
73 int check_rsa_1024);
74
75#endif /* !defined(TOR_X509_H) */
Headers for crypto_rsa.c.
Macros to implement mocking and selective exposure for the test code.
tor_x509_cert_t * tor_x509_cert_dup(const tor_x509_cert_t *cert)
Definition: x509.c:139
crypto_pk_t * tor_tls_cert_get_key(tor_x509_cert_t *cert)
Definition: x509_nss.c:287
const common_digests_t * tor_x509_cert_get_cert_digests(const tor_x509_cert_t *cert)
Definition: x509.c:69
tor_x509_cert_t * tor_x509_cert_decode(const uint8_t *certificate, size_t certificate_len)
Definition: x509_nss.c:271
int tor_tls_cert_is_valid(int severity, const tor_x509_cert_t *cert, const tor_x509_cert_t *signing_cert, time_t now, int check_rsa_1024)
Definition: x509_nss.c:304
const common_digests_t * tor_x509_cert_get_id_digests(const tor_x509_cert_t *cert)
Definition: x509.c:59
void tor_x509_cert_get_der(const tor_x509_cert_t *cert, const uint8_t **encoded_out, size_t *size_out)
Definition: x509_nss.c:218
void tor_x509_cert_free_(tor_x509_cert_t *cert)
Definition: x509.c:76