|
Tor 0.4.9.0-alpha-dev
|
Wrapper functions to present a consistent interface to X.509 functions from NSS. More...
#include "lib/tls/x509.h"#include "lib/tls/x509_internal.h"#include "lib/tls/tortls.h"#include "lib/crypt_ops/crypto_rand.h"#include "lib/crypt_ops/crypto_util.h"#include "lib/crypt_ops/crypto_nss_mgt.h"#include "lib/log/util_bug.h"#include "lib/encoding/time_fmt.h"#include "lib/string/printf.h"#include <pk11pub.h>#include <cryptohi.h>#include <cert.h>#include <keyhi.h>#include <time.h>Go to the source code of this file.
Macros | |
| #define | TOR_X509_PRIVATE |
| #define | PRTIME_PER_SEC (1000*1000) |
Functions | |
| static tor_x509_cert_impl_t * | tor_x509_cert_decode_internal (const uint8_t *certificate, int certificate_len) |
| static tor_x509_cert_impl_t * | tor_tls_create_certificate_internal (crypto_pk_t *rsa, crypto_pk_t *rsa_sign, CERTName *subject_dn, CERTName *issuer_dn, time_t start_time, time_t end_time) |
| tor_x509_cert_impl_t * | tor_tls_create_certificate (crypto_pk_t *rsa, crypto_pk_t *rsa_sign, const char *cname, const char *cname_sign, unsigned int cert_lifetime) |
| void | tor_x509_cert_get_der (const tor_x509_cert_t *cert, const uint8_t **encoded_out, size_t *size_out) |
| void | tor_x509_cert_impl_free_ (tor_x509_cert_impl_t *cert) |
| tor_x509_cert_impl_t * | tor_x509_cert_impl_dup_ (tor_x509_cert_impl_t *cert) |
| tor_x509_cert_t * | tor_x509_cert_decode (const uint8_t *certificate, size_t certificate_len) |
| crypto_pk_t * | tor_tls_cert_get_key (tor_x509_cert_t *cert) |
| int | tor_tls_cert_is_valid (int severity, const tor_x509_cert_t *cert, const tor_x509_cert_t *signing_cert, time_t now, int check_rsa_1024) |
| static void | log_cert_lifetime (int severity, const char *status, time_t now, PRTime notBefore, PRTime notAfter) |
| int | tor_x509_check_cert_lifetime_internal (int severity, const tor_x509_cert_impl_t *cert, time_t now, int past_tolerance, int future_tolerance) |
Wrapper functions to present a consistent interface to X.509 functions from NSS.
Definition in file x509_nss.c.
| #define PRTIME_PER_SEC (1000*1000) |
Definition at line 35 of file x509_nss.c.
| #define TOR_X509_PRIVATE |
Definition at line 12 of file x509_nss.c.
|
static |
Definition at line 363 of file x509_nss.c.
| crypto_pk_t * tor_tls_cert_get_key | ( | tor_x509_cert_t * | cert | ) |
Definition at line 287 of file x509_nss.c.
| int tor_tls_cert_is_valid | ( | int | severity, |
| const tor_x509_cert_t * | cert, | ||
| const tor_x509_cert_t * | signing_cert, | ||
| time_t | now, | ||
| int | check_rsa_1024 | ||
| ) |
Definition at line 304 of file x509_nss.c.
| tor_x509_cert_impl_t * tor_tls_create_certificate | ( | crypto_pk_t * | rsa, |
| crypto_pk_t * | rsa_sign, | ||
| const char * | cname, | ||
| const char * | cname_sign, | ||
| unsigned int | cert_lifetime | ||
| ) |
Definition at line 174 of file x509_nss.c.
|
static |
Definition at line 41 of file x509_nss.c.
| tor_x509_cert_t * tor_x509_cert_decode | ( | const uint8_t * | certificate, |
| size_t | certificate_len | ||
| ) |
Definition at line 271 of file x509_nss.c.
|
static |
As tor_x509_cert_decode, but return the NSS certificate type
Definition at line 251 of file x509_nss.c.
| void tor_x509_cert_get_der | ( | const tor_x509_cert_t * | cert, |
| const uint8_t ** | encoded_out, | ||
| size_t * | size_out | ||
| ) |
Set *encoded_out and *size_out to cert's encoded DER representation and length, respectively.
Definition at line 218 of file x509_nss.c.
| tor_x509_cert_impl_t * tor_x509_cert_impl_dup_ | ( | tor_x509_cert_impl_t * | cert | ) |
Definition at line 239 of file x509_nss.c.
| void tor_x509_cert_impl_free_ | ( | tor_x509_cert_impl_t * | cert | ) |
Definition at line 232 of file x509_nss.c.
| int tor_x509_check_cert_lifetime_internal | ( | int | severity, |
| const tor_x509_cert_impl_t * | cert, | ||
| time_t | now, | ||
| int | past_tolerance, | ||
| int | future_tolerance | ||
| ) |
Definition at line 387 of file x509_nss.c.
1.9.4