Tor 0.4.9.0-alpha-dev
|
Go to the source code of this file.
Macros | |
#define | tor_x509_cert_free(c) FREE_AND_NULL(tor_x509_cert_t, tor_x509_cert_free_, (c)) |
Typedefs | |
typedef struct tor_x509_cert_t | tor_x509_cert_t |
Functions | |
void | tor_tls_pick_certificate_lifetime (time_t now, unsigned cert_lifetime, time_t *start_time_out, time_t *end_time_out) |
tor_x509_cert_t * | tor_x509_cert_dup (const tor_x509_cert_t *cert) |
void | tor_x509_cert_free_ (tor_x509_cert_t *cert) |
tor_x509_cert_t * | tor_x509_cert_decode (const uint8_t *certificate, size_t certificate_len) |
void | tor_x509_cert_get_der (const tor_x509_cert_t *cert, const uint8_t **encoded_out, size_t *size_out) |
const common_digests_t * | tor_x509_cert_get_id_digests (const tor_x509_cert_t *cert) |
const common_digests_t * | tor_x509_cert_get_cert_digests (const tor_x509_cert_t *cert) |
crypto_pk_t * | tor_tls_cert_get_key (tor_x509_cert_t *cert) |
int | tor_tls_cert_is_valid (int severity, const tor_x509_cert_t *cert, const tor_x509_cert_t *signing_cert, time_t now, int check_rsa_1024) |
#define tor_x509_cert_free | ( | c | ) | FREE_AND_NULL(tor_x509_cert_t, tor_x509_cert_free_, (c)) |
crypto_pk_t * tor_tls_cert_get_key | ( | tor_x509_cert_t * | cert | ) |
Return a newly allocated copy of the public key that a certificate certifies. Watch out! This returns NULL if the cert's key is not RSA.
Definition at line 287 of file x509_nss.c.
int tor_tls_cert_is_valid | ( | int | severity, |
const tor_x509_cert_t * | cert, | ||
const tor_x509_cert_t * | signing_cert, | ||
time_t | now, | ||
int | check_rsa_1024 | ||
) |
Check whether cert is well-formed, currently live, and correctly signed by the public key in signing_cert. If check_rsa_1024, make sure that it has an RSA key with 1024 bits; otherwise, just check that the key is long enough. Return 1 if the cert is good, and 0 if it's bad or we couldn't check it.
Definition at line 304 of file x509_nss.c.
tor_x509_cert_t * tor_x509_cert_decode | ( | const uint8_t * | certificate, |
size_t | certificate_len | ||
) |
Read a DER-encoded X509 cert, of length exactly certificate_len, from a certificate. Return a newly allocated tor_x509_cert_t on success and NULL on failure.
Definition at line 271 of file x509_nss.c.
tor_x509_cert_t * tor_x509_cert_dup | ( | const tor_x509_cert_t * | cert | ) |
void tor_x509_cert_free_ | ( | tor_x509_cert_t * | cert | ) |
const common_digests_t * tor_x509_cert_get_cert_digests | ( | const tor_x509_cert_t * | cert | ) |
void tor_x509_cert_get_der | ( | const tor_x509_cert_t * | cert, |
const uint8_t ** | encoded_out, | ||
size_t * | size_out | ||
) |
Set *encoded_out and *size_out to cert's encoded DER representation and length, respectively.
Definition at line 218 of file x509_nss.c.
Referenced by add_x509_cert().
const common_digests_t * tor_x509_cert_get_id_digests | ( | const tor_x509_cert_t * | cert | ) |
Return a set of digests for the public key in cert, or NULL if this cert's public key is not one we know how to take the digest of.
Definition at line 59 of file x509.c.
Referenced by connection_or_compute_authenticate_cell_body(), and or_handshake_certs_check_both().