Apache2
tls_cert.h
Go to the documentation of this file.
1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2  * contributor license agreements. See the NOTICE file distributed with
3  * this work for additional information regarding copyright ownership.
4  * The ASF licenses this file to You under the Apache License, Version 2.0
5  * (the "License"); you may not use this file except in compliance with
6  * the License. You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 #ifndef tls_cert_h
17 #define tls_cert_h
18 
19 #include "tls_util.h"
20 
24 typedef struct {
25  tls_data_t cert_pem;
26  tls_data_t pkey_pem;
27 } tls_cert_pem_t;
28 
32 typedef struct {
33  const char *cert_file; /* file path, relative to ap_root */
34  const char *pkey_file; /* file path, relative to ap_root */
35  const char *cert_pem; /* NUL-terminated PEM string */
36  const char *pkey_pem; /* NUL-terminated PEM string */
37 } tls_cert_spec_t;
38 
42 apr_status_t tls_cert_load_pem(
43  apr_pool_t *p, const tls_cert_spec_t *cert, tls_cert_pem_t **ppem);
44 
45 apr_status_t tls_cert_to_pem(const char **ppem, apr_pool_t *p, const rustls_certificate *cert);
46 
55 apr_status_t tls_cert_load_cert_key(
56  apr_pool_t *p, const tls_cert_spec_t *spec,
57  const char **pcert_pem, const rustls_certified_key **pckey);
58 
62 typedef struct tls_cert_reg_t tls_cert_reg_t;
63 struct tls_cert_reg_t{
64  apr_pool_t *pool;
65  apr_hash_t *id2entry;
66  apr_hash_t *key2entry;
67 };
68 
74 tls_cert_reg_t *tls_cert_reg_make(apr_pool_t *p);
75 
79 apr_size_t tls_cert_reg_count(tls_cert_reg_t *reg);
80 
90 apr_status_t tls_cert_reg_get_certified_key(
91  tls_cert_reg_t *reg, server_rec *s, const tls_cert_spec_t *spec, const rustls_certified_key **pckey);
92 
102 typedef int tls_cert_reg_visitor(
103  void *userdata, server_rec *s,
104  const char *id, const char *cert_pem, const rustls_certified_key *certified_key);
105 
112 void tls_cert_reg_do(
113  tls_cert_reg_visitor *visitor, void *userdata, tls_cert_reg_t *reg);
114 
122 const char *tls_cert_reg_get_id(tls_cert_reg_t *reg, const rustls_certified_key *certified_key);
123 
130 apr_status_t tls_cert_load_root_store(
131  apr_pool_t *p, const char *store_file, rustls_root_cert_store **pstore);
132 
133 typedef struct tls_cert_root_stores_t tls_cert_root_stores_t;
134 struct tls_cert_root_stores_t {
135  apr_pool_t *pool;
136  apr_hash_t *file2store;
137 };
138 
144 tls_cert_root_stores_t *tls_cert_root_stores_make(apr_pool_t *p);
145 
149 void tls_cert_root_stores_clear(tls_cert_root_stores_t *stores);
150 
157 apr_status_t tls_cert_root_stores_get(
158  tls_cert_root_stores_t *stores,
159  const char *store_file,
160  rustls_root_cert_store **pstore);
161 
162 typedef struct tls_cert_verifiers_t tls_cert_verifiers_t;
163 struct tls_cert_verifiers_t {
164  apr_pool_t *pool;
165  tls_cert_root_stores_t *stores;
166  apr_hash_t *file2verifier;
167 };
168 
176 tls_cert_verifiers_t *tls_cert_verifiers_make(
177  apr_pool_t *p, tls_cert_root_stores_t *stores);
178 
182 void tls_cert_verifiers_clear(
183  tls_cert_verifiers_t *verifiers);
184 
193 apr_status_t tls_cert_client_verifiers_get(
194  tls_cert_verifiers_t *verifiers,
195  const char *store_file,
196  const rustls_client_cert_verifier **pverifier);
197 
206 apr_status_t tls_cert_client_verifiers_get_optional(
207  tls_cert_verifiers_t *verifiers,
208  const char *store_file,
209  const rustls_client_cert_verifier_optional **pverifier);
210 
211 #endif /* tls_cert_h */
s
const char * s
Definition: mod_dav.h:1327
apr_status_t
int apr_status_t
Definition: apr_errno.h:44
apr_hash_t
struct apr_hash_t apr_hash_t
Definition: apr_hash.h:52
apr_size_t
size_t apr_size_t
Definition: apr.h:394
apr_pool_t
struct apr_pool_t apr_pool_t
Definition: apr_pools.h:60
server_rec
A structure to store information for each virtual server.
Definition: httpd.h:1382
tls_cert_pem_t
Definition: tls_cert.h:24
tls_cert_pem_t::pkey_pem
tls_data_t pkey_pem
Definition: tls_cert.h:26
tls_cert_pem_t::cert_pem
tls_data_t cert_pem
Definition: tls_cert.h:25
tls_cert_reg_t
Definition: tls_cert.h:63
tls_cert_reg_t::pool
apr_pool_t * pool
Definition: tls_cert.h:64
tls_cert_reg_t::key2entry
apr_hash_t * key2entry
Definition: tls_cert.h:66
tls_cert_reg_t::id2entry
apr_hash_t * id2entry
Definition: tls_cert.h:65
tls_cert_root_stores_t
Definition: tls_cert.h:134
tls_cert_root_stores_t::file2store
apr_hash_t * file2store
Definition: tls_cert.h:136
tls_cert_root_stores_t::pool
apr_pool_t * pool
Definition: tls_cert.h:135
tls_cert_spec_t
Definition: tls_cert.h:32
tls_cert_spec_t::cert_file
const char * cert_file
Definition: tls_cert.h:33
tls_cert_spec_t::pkey_pem
const char * pkey_pem
Definition: tls_cert.h:36
tls_cert_spec_t::pkey_file
const char * pkey_file
Definition: tls_cert.h:34
tls_cert_spec_t::cert_pem
const char * cert_pem
Definition: tls_cert.h:35
tls_cert_verifiers_t
Definition: tls_cert.h:163
tls_cert_verifiers_t::pool
apr_pool_t * pool
Definition: tls_cert.h:164
tls_cert_verifiers_t::stores
tls_cert_root_stores_t * stores
Definition: tls_cert.h:165
tls_cert_verifiers_t::file2verifier
apr_hash_t * file2verifier
Definition: tls_cert.h:166
tls_data_t
Definition: tls_util.h:26
p
apr_pool_t * p
tls_cert_verifiers_make
tls_cert_verifiers_t * tls_cert_verifiers_make(apr_pool_t *p, tls_cert_root_stores_t *stores)
tls_cert_root_stores_make
tls_cert_root_stores_t * tls_cert_root_stores_make(apr_pool_t *p)
tls_cert_reg_count
apr_size_t tls_cert_reg_count(tls_cert_reg_t *reg)
tls_cert_reg_visitor
int tls_cert_reg_visitor(void *userdata, server_rec *s, const char *id, const char *cert_pem, const rustls_certified_key *certified_key)
Definition: tls_cert.h:102
tls_cert_root_stores_get
apr_status_t tls_cert_root_stores_get(tls_cert_root_stores_t *stores, const char *store_file, rustls_root_cert_store **pstore)
tls_cert_reg_do
void tls_cert_reg_do(tls_cert_reg_visitor *visitor, void *userdata, tls_cert_reg_t *reg)
tls_cert_verifiers_clear
void tls_cert_verifiers_clear(tls_cert_verifiers_t *verifiers)
tls_cert_reg_get_certified_key
apr_status_t tls_cert_reg_get_certified_key(tls_cert_reg_t *reg, server_rec *s, const tls_cert_spec_t *spec, const rustls_certified_key **pckey)
tls_cert_client_verifiers_get_optional
apr_status_t tls_cert_client_verifiers_get_optional(tls_cert_verifiers_t *verifiers, const char *store_file, const rustls_client_cert_verifier_optional **pverifier)
tls_cert_root_stores_clear
void tls_cert_root_stores_clear(tls_cert_root_stores_t *stores)
tls_cert_load_cert_key
apr_status_t tls_cert_load_cert_key(apr_pool_t *p, const tls_cert_spec_t *spec, const char **pcert_pem, const rustls_certified_key **pckey)
tls_cert_to_pem
apr_status_t tls_cert_to_pem(const char **ppem, apr_pool_t *p, const rustls_certificate *cert)
tls_cert_reg_get_id
const char * tls_cert_reg_get_id(tls_cert_reg_t *reg, const rustls_certified_key *certified_key)
tls_cert_reg_make
tls_cert_reg_t * tls_cert_reg_make(apr_pool_t *p)
tls_cert_load_root_store
apr_status_t tls_cert_load_root_store(apr_pool_t *p, const char *store_file, rustls_root_cert_store **pstore)
tls_cert_load_pem
apr_status_t tls_cert_load_pem(apr_pool_t *p, const tls_cert_spec_t *cert, tls_cert_pem_t **ppem)
tls_cert_client_verifiers_get
apr_status_t tls_cert_client_verifiers_get(tls_cert_verifiers_t *verifiers, const char *store_file, const rustls_client_cert_verifier **pverifier)
tls_util.h