forked from e2guardian/e2guardian
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCertificateAuthority.hpp
49 lines (41 loc) · 1.35 KB
/
CertificateAuthority.hpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
#ifndef __HPP_CERTIFICATEAUTHORITY
#define __HPP_CERTIFICATEAUTHORITY
#ifdef __SSLMITM
struct ca_serial {
ASN1_INTEGER *asn;
char *charhex;
char *filepath;
char *filename;
};
void log_ssl_errors( const char *mess, const char *site);
class CertificateAuthority
{
protected:
EVP_PKEY *_caPrivKey;
EVP_PKEY *_certPrivKey;
X509 *_caCert;
std::string _certPath;
int _certPathLen;
std::string _certLinks;
time_t _ca_start;
time_t _ca_end;
static int do_mkdir(const char *path, mode_t mode);
int mkpath(const char *path, mode_t mode);
bool addExtension(X509 *cert, int nid, char *value);
public:
CertificateAuthority(const char *caCert,
const char *caPrivKey,
const char *certPrivKey,
const char *certPath,
time_t caStart,
time_t caEnd);
~CertificateAuthority();
X509 *generateCertificate(const char *commonname, struct ca_serial *cser, bool is_ip = false);
bool getSerial(const char *commonname, struct ca_serial *cser);
bool getServerCertificate(const char *commonname, X509 **cert, struct ca_serial *cser,bool is_ip = false);
bool writeCertificate(const char *hostname, X509 *newCert, struct ca_serial *cser);
EVP_PKEY *getServerPkey();
bool free_ca_serial(struct ca_serial *cs);
};
#endif //__SSLMITM
#endif //__HPP_CERTIFICATEAUTHORITY