netsslcredentials.h #1 

/**
 * @file netsslcredentials.h
 *
 * @brief Wrapper for getting or generating server cert and private key.
 *
 * Threading: underlying SSL library contains threading
 *
 * @invariants:
 *
 * Copyright (c) 2011 Perforce Software
 * Confidential.  All Rights Reserved.
 * @author Wendy Heffner
 *
 * Creation Date: October 31, 2011
 */

/*
 * These headers are required to be included before
 * including netsslcredentials.h
 *
 * extern "C" {	// OpenSSL
 *
 * # include <openssl/pem.h>
 * # include <openssl/conf.h>
 * # include <openssl/x509v3.h>
 * # ifndef OPENSSL_NO_ENGINE
 * # include <openssl/engine.h>
 * # endif
 *
 * }
 *
 */
# ifdef USE_SSL

static void Callback( int code, int arg, void *cb_arg );

class NetSslCredentials
{
public:
		NetSslCredentials( bool isTest = false );
		NetSslCredentials( NetSslCredentials &rhs);
		~NetSslCredentials();
		void ReadCredentials( Error *e );
		void GenerateCredentials( Error *e );
		void ValidateSslDir( Error * e);
		void ValidateCredentialFiles( Error *e );
		void ValidateCertDateRange( Error *e );
		void GetExpiration( StrBuf &buf );
		void HaveCredentials( Error *e );
		NetSslCredentials &operator =( NetSslCredentials &rhs );

		// Getters and Setters
		X509 *GetCertificate() const;
		const StrPtr *GetFingerprint() const;
		EVP_PKEY *GetPrivateKey() const;
		void SetCertificate(X509 *certificate, Error *e);
		void SetOwnCert(bool ownCert);
		void SetOwnKey(bool ownKey);
		void SetCertC(StrBuf &certC);
		void SetCertCN(StrBuf &certCN);
		void SetCertL(StrBuf &certL);
		void SetCertO(StrBuf &certO);
		void SetCertST(StrBuf &certSt);
		void SetSslDir(StrPtr *sslDir);
		void GetFingerprintFromCert( Error *e );

private:
		// Utilities
		void ParseConfig( Error *e );
		void WriteCredentials(  PathSys *keyFile, PathSys *certFile, Error * e );
		void GetCredentialFilepaths( PathSys *keyFile, PathSys *certFile, Error * e );
		void GetFingerprintFile( PathSys *fpFile, Error * e);
		void MakeSslCredentials( Error *e );
		void CompareFileUids( Error *e );
		void CompareDirUid( Error *e );

		EVP_PKEY *privateKey;
		X509 *certificate;
		StrBuf fingerprint;
		StrBuf certC;
		StrBuf certCN;
		StrBuf certST;
		StrBuf certL;
		StrBuf certO;
		int certEX;
		int certSV;
		int certUNITS;
		bool ownKey;
		bool ownCert;
		StrBuf sslDir;
};

# endif // USE_SSL
# Change User Description Committed
#1 22288 mark_mears import 2017.1 code drop