Macros | Typedefs | Functions
x509.h File Reference
#include "lib/crypt_ops/crypto_rsa.h"
#include "lib/testsupport/testsupport.h"

Go to the source code of this file.


#define tor_x509_cert_free(c)   FREE_AND_NULL(tor_x509_cert_t, tor_x509_cert_free_, (c))


typedef struct tor_x509_cert_t tor_x509_cert_t


void tor_tls_pick_certificate_lifetime (time_t now, unsigned cert_lifetime, time_t *start_time_out, time_t *end_time_out)
tor_x509_cert_t * tor_x509_cert_dup (const tor_x509_cert_t *cert)
void tor_x509_cert_free_ (tor_x509_cert_t *cert)
tor_x509_cert_t * tor_x509_cert_decode (const uint8_t *certificate, size_t certificate_len)
void tor_x509_cert_get_der (const tor_x509_cert_t *cert, const uint8_t **encoded_out, size_t *size_out)
const common_digests_ttor_x509_cert_get_id_digests (const tor_x509_cert_t *cert)
const common_digests_ttor_x509_cert_get_cert_digests (const tor_x509_cert_t *cert)
crypto_pk_ttor_tls_cert_get_key (tor_x509_cert_t *cert)
int tor_tls_cert_is_valid (int severity, const tor_x509_cert_t *cert, const tor_x509_cert_t *signing_cert, time_t now, int check_rsa_1024)

Detailed Description

Headers for tortls.c.

Internal headers for tortls.c.

Definition in file x509.h.

Function Documentation

◆ tor_tls_cert_get_key()

crypto_pk_t* tor_tls_cert_get_key ( tor_x509_cert_t *  cert)

Return a newly allocated copy of the public key that a certificate certifies. Watch out! This returns NULL if the cert's key is not RSA.

Definition at line 285 of file x509_nss.c.

Referenced by tor_tls_verify().

◆ tor_tls_cert_is_valid()

int tor_tls_cert_is_valid ( int  severity,
const tor_x509_cert_t *  cert,
const tor_x509_cert_t *  signing_cert,
time_t  now,
int  check_rsa_1024 

Check whether cert is well-formed, currently live, and correctly signed by the public key in signing_cert. If check_rsa_1024, make sure that it has an RSA key with 1024 bits; otherwise, just check that the key is long enough. Return 1 if the cert is good, and 0 if it's bad or we couldn't check it.

Definition at line 302 of file x509_nss.c.

Referenced by tor_tls_verify().

◆ tor_x509_cert_decode()

tor_x509_cert_t* tor_x509_cert_decode ( const uint8_t *  certificate,
size_t  certificate_len 

Read a DER-encoded X509 cert, of length exactly certificate_len, from a certificate. Return a newly allocated tor_x509_cert_t on success and NULL on failure.

Definition at line 269 of file x509_nss.c.

References tor_assert().

◆ tor_x509_cert_dup()

tor_x509_cert_t* tor_x509_cert_dup ( const tor_x509_cert_t *  cert)

Return a new copy of cert.

Definition at line 138 of file x509.c.

References tor_assert().

◆ tor_x509_cert_free_()

void tor_x509_cert_free_ ( tor_x509_cert_t *  cert)

Free all storage held in cert

Definition at line 75 of file x509.c.

References memwipe(), and tor_free.

◆ tor_x509_cert_get_cert_digests()

const common_digests_t* tor_x509_cert_get_cert_digests ( const tor_x509_cert_t *  cert)

Return a set of digests for the public key in cert.

Definition at line 68 of file x509.c.

◆ tor_x509_cert_get_der()

void tor_x509_cert_get_der ( const tor_x509_cert_t *  cert,
const uint8_t **  encoded_out,
size_t *  size_out 

Set *encoded_out and *size_out to cert's encoded DER representation and length, respectively.

Definition at line 216 of file x509_nss.c.

References tor_assert().

Referenced by add_x509_cert().

◆ tor_x509_cert_get_id_digests()

const common_digests_t* tor_x509_cert_get_id_digests ( const tor_x509_cert_t *  cert)

Return a set of digests for the public key in cert, or NULL if this cert's public key is not one we know how to take the digest of.

Definition at line 58 of file x509.c.

Referenced by connection_or_compute_authenticate_cell_body(), and or_handshake_certs_check_both().