Tor 0.4.9.0-alpha-dev
|
Wrapper functions to present a consistent interface to X.509 functions from NSS. More...
#include "lib/tls/x509.h"
#include "lib/tls/x509_internal.h"
#include "lib/tls/tortls.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/crypt_ops/crypto_nss_mgt.h"
#include "lib/log/util_bug.h"
#include "lib/encoding/time_fmt.h"
#include "lib/string/printf.h"
#include <pk11pub.h>
#include <cryptohi.h>
#include <cert.h>
#include <keyhi.h>
#include <time.h>
Go to the source code of this file.
Macros | |
#define | TOR_X509_PRIVATE |
#define | PRTIME_PER_SEC (1000*1000) |
Functions | |
static tor_x509_cert_impl_t * | tor_x509_cert_decode_internal (const uint8_t *certificate, int certificate_len) |
static tor_x509_cert_impl_t * | tor_tls_create_certificate_internal (crypto_pk_t *rsa, crypto_pk_t *rsa_sign, CERTName *subject_dn, CERTName *issuer_dn, time_t start_time, time_t end_time) |
tor_x509_cert_impl_t * | tor_tls_create_certificate (crypto_pk_t *rsa, crypto_pk_t *rsa_sign, const char *cname, const char *cname_sign, unsigned int cert_lifetime) |
void | tor_x509_cert_get_der (const tor_x509_cert_t *cert, const uint8_t **encoded_out, size_t *size_out) |
void | tor_x509_cert_impl_free_ (tor_x509_cert_impl_t *cert) |
tor_x509_cert_impl_t * | tor_x509_cert_impl_dup_ (tor_x509_cert_impl_t *cert) |
tor_x509_cert_t * | tor_x509_cert_decode (const uint8_t *certificate, size_t certificate_len) |
crypto_pk_t * | tor_tls_cert_get_key (tor_x509_cert_t *cert) |
int | tor_tls_cert_is_valid (int severity, const tor_x509_cert_t *cert, const tor_x509_cert_t *signing_cert, time_t now, int check_rsa_1024) |
static void | log_cert_lifetime (int severity, const char *status, time_t now, PRTime notBefore, PRTime notAfter) |
int | tor_x509_check_cert_lifetime_internal (int severity, const tor_x509_cert_impl_t *cert, time_t now, int past_tolerance, int future_tolerance) |
Wrapper functions to present a consistent interface to X.509 functions from NSS.
Definition in file x509_nss.c.
#define PRTIME_PER_SEC (1000*1000) |
Definition at line 35 of file x509_nss.c.
#define TOR_X509_PRIVATE |
Definition at line 12 of file x509_nss.c.
|
static |
Definition at line 363 of file x509_nss.c.
crypto_pk_t * tor_tls_cert_get_key | ( | tor_x509_cert_t * | cert | ) |
Definition at line 287 of file x509_nss.c.
int tor_tls_cert_is_valid | ( | int | severity, |
const tor_x509_cert_t * | cert, | ||
const tor_x509_cert_t * | signing_cert, | ||
time_t | now, | ||
int | check_rsa_1024 | ||
) |
Definition at line 304 of file x509_nss.c.
tor_x509_cert_impl_t * tor_tls_create_certificate | ( | crypto_pk_t * | rsa, |
crypto_pk_t * | rsa_sign, | ||
const char * | cname, | ||
const char * | cname_sign, | ||
unsigned int | cert_lifetime | ||
) |
Definition at line 174 of file x509_nss.c.
|
static |
Definition at line 41 of file x509_nss.c.
tor_x509_cert_t * tor_x509_cert_decode | ( | const uint8_t * | certificate, |
size_t | certificate_len | ||
) |
Definition at line 271 of file x509_nss.c.
|
static |
As tor_x509_cert_decode, but return the NSS certificate type
Definition at line 251 of file x509_nss.c.
void tor_x509_cert_get_der | ( | const tor_x509_cert_t * | cert, |
const uint8_t ** | encoded_out, | ||
size_t * | size_out | ||
) |
Set *encoded_out and *size_out to cert's encoded DER representation and length, respectively.
Definition at line 218 of file x509_nss.c.
tor_x509_cert_impl_t * tor_x509_cert_impl_dup_ | ( | tor_x509_cert_impl_t * | cert | ) |
Definition at line 239 of file x509_nss.c.
void tor_x509_cert_impl_free_ | ( | tor_x509_cert_impl_t * | cert | ) |
Definition at line 232 of file x509_nss.c.
int tor_x509_check_cert_lifetime_internal | ( | int | severity, |
const tor_x509_cert_impl_t * | cert, | ||
time_t | now, | ||
int | past_tolerance, | ||
int | future_tolerance | ||
) |
Definition at line 387 of file x509_nss.c.