#include "squid.h"#include "anyp/Host.h"#include "base/IoManip.h"#include "error/SysErrorDetail.h"#include "ip/Address.h"#include "sbuf/Stream.h"#include "security/Io.h"#include "ssl/gadgets.h"
Go to the source code of this file.
Functions | |
| static void | ThrowErrors (const char *const problem, const int savedErrno, const SourceLocation &where) |
| static Security::PrivateKeyPointer | CreateRsaPrivateKey () |
| static bool | setSerialNumber (ASN1_INTEGER *ai, BIGNUM const *serial) |
| static bool | replaceCommonName (Security::CertPointer &cert, std::string const &rawCn) |
| static void | printX509Signature (const Security::CertPointer &cert, std::string &out) |
| static bool | mimicAuthorityKeyId (Security::CertPointer &cert, Security::CertPointer const &mimicCert, Security::CertPointer const &issuerCert) |
| static int | mimicExtensions (Security::CertPointer &cert, Security::CertPointer const &mimicCert, Security::CertPointer const &issuerCert) |
| static std::optional< SBuf > | ParseAsUtf8 (const ASN1_STRING &asnBuffer) |
| OpenSSL ASN1_STRING_to_UTF8() wrapper. More... | |
| static bool | addAltNameWithSubjectCn (Security::CertPointer &cert) |
| static bool | buildCertificate (Security::CertPointer &cert, Ssl::CertificateProperties const &properties) |
| static bool | generateFakeSslCertificate (Security::CertPointer &certToStore, Security::PrivateKeyPointer &pkeyToStore, Ssl::CertificateProperties const &properties, Ssl::BIGNUM_Pointer const &serial) |
| static BIGNUM * | createCertSerial (unsigned char *md, unsigned int n) |
| static BIGNUM * | x509Digest (Security::CertPointer const &cert) |
| static BIGNUM * | x509Pubkeydigest (Security::CertPointer const &cert) |
| static bool | createSerial (Ssl::BIGNUM_Pointer &serial, Ssl::CertificateProperties const &properties) |
| static bool | asn1timeToGeneralizedTimeStr (ASN1_TIME *aTime, char *buf, int bufLen) |
| Print the time represented by a ASN1_TIME struct to a string using GeneralizedTime format. More... | |
| static int | asn1time_cmp (ASN1_TIME *asnTime1, ASN1_TIME *asnTime2) |
| static const char * | getSubjectEntry (X509 *x509, int nid) |
Variables | |
| static const size_t | MaxCnLen = 64 |
Function Documentation
◆ addAltNameWithSubjectCn()
|
static |
Adds a new subjectAltName extension contining Subject CN or returns false expects the caller to check for the existing subjectAltName extension
Definition at line 531 of file gadgets.cc.
References Security::LockingPointer< T, UnLocker, Locker >::get(), Ssl::ParseCommonNameAt(), and ToSBuf().
Referenced by buildCertificate().
◆ asn1time_cmp()
|
static |
Definition at line 925 of file gadgets.cc.
References asn1timeToGeneralizedTimeStr().
Referenced by Ssl::certificateMatchesProperties().
◆ asn1timeToGeneralizedTimeStr()
|
static |
Definition at line 896 of file gadgets.cc.
Referenced by asn1time_cmp().
◆ buildCertificate()
|
static |
Definition at line 561 of file gadgets.cc.
References addAltNameWithSubjectCn(), Ssl::CertificateProperties::commonName, Security::LockingPointer< T, UnLocker, Locker >::get(), Ssl::CertificateProperties::mimicCert, mimicExtensions(), replaceCommonName(), Ssl::CertificateProperties::setCommonName, Ssl::CertificateProperties::setValidAfter, Ssl::CertificateProperties::setValidBefore, Ssl::CertificateProperties::signWithX509, X509_getm_notAfter, X509_getm_notBefore, X509_set1_notAfter, and X509_set1_notBefore.
Referenced by generateFakeSslCertificate().
◆ createCertSerial()
|
static |
Definition at line 692 of file gadgets.cc.
References assert.
Referenced by x509Digest(), and x509Pubkeydigest().
◆ CreateRsaPrivateKey()
|
static |
Definition at line 54 of file gadgets.cc.
Referenced by generateFakeSslCertificate().
◆ createSerial()
|
static |
Generate a unique serial number based on a Ssl::CertificateProperties object for a new generated certificate
Definition at line 745 of file gadgets.cc.
References generateFakeSslCertificate(), Security::LockingPointer< T, UnLocker, Locker >::reset(), Ssl::CertificateProperties::signWithX509, x509Digest(), and x509Pubkeydigest().
Referenced by Ssl::generateSslCertificate().
◆ generateFakeSslCertificate()
|
static |
Definition at line 646 of file gadgets.cc.
References Ssl::algSignSelf, assert, buildCertificate(), CreateRsaPrivateKey(), Security::LockingPointer< T, UnLocker, Locker >::get(), hash, setSerialNumber(), Ssl::CertificateProperties::signAlgorithm, Ssl::CertificateProperties::signHash, Ssl::CertificateProperties::signWithPkey, Ssl::CertificateProperties::signWithX509, and SQUID_SSL_SIGN_HASH_IF_NONE.
Referenced by createSerial(), and Ssl::generateSslCertificate().
◆ getSubjectEntry()
|
static |
Definition at line 1009 of file gadgets.cc.
Referenced by Ssl::CommonHostName(), and Ssl::getOrganization().
◆ mimicAuthorityKeyId()
|
static |
Check if mimicCert certificate has the Authority Key Identifier extension and if yes add the extension to cert certificate with the same fields if possible. If the issuerCert certificate does not have the Subject Key Identifier extension (required to build the keyIdentifier field of AuthorityKeyIdentifier) then the authorityCertIssuer and authorityCertSerialNumber fields added.
issuer name and issuer serial
Definition at line 313 of file gadgets.cc.
References Security::LockingPointer< T, UnLocker, Locker >::get().
Referenced by mimicExtensions().
◆ mimicExtensions()
|
static |
Copy certificate extensions from cert to mimicCert. Returns the number of extensions copied.
Definition at line 393 of file gadgets.cc.
References assert, EVP_PKEY_get0_RSA(), Security::LockingPointer< T, UnLocker, Locker >::get(), and mimicAuthorityKeyId().
Referenced by buildCertificate().
◆ ParseAsUtf8()
|
static |
Definition at line 480 of file gadgets.cc.
References Assure, debugs, and Ssl::ReportAndForgetErrors().
Referenced by Ssl::ParseCommonNameAt().
◆ printX509Signature()
|
static |
Definition at line 255 of file gadgets.cc.
References Ssl::X509_get_signature().
Referenced by Ssl::OnDiskCertificateDbKey().
◆ replaceCommonName()
|
static |
Definition at line 189 of file gadgets.cc.
References Security::LockingPointer< T, UnLocker, Locker >::get(), and MaxCnLen.
Referenced by buildCertificate().
◆ ThrowErrors()
|
static |
Definition at line 45 of file gadgets.cc.
References Ssl::ReportAndForgetErrors(), and ToSBuf().
Referenced by Ssl::ReadOnlyBioTiedTo(), and Ssl::ReadOptionalCertificate().
◆ x509Digest()
|
static |
Return the SHA1 digest of the DER encoded version of the certificate stored in a BIGNUM
Definition at line 721 of file gadgets.cc.
References createCertSerial(), and Security::LockingPointer< T, UnLocker, Locker >::get().
Referenced by createSerial().
◆ x509Pubkeydigest()
|
static |
Definition at line 732 of file gadgets.cc.
References createCertSerial(), and Security::LockingPointer< T, UnLocker, Locker >::get().
Referenced by createSerial().
Variable Documentation
◆ MaxCnLen
|
static |
Definition at line 186 of file gadgets.cc.
Referenced by replaceCommonName().
Introduction
- About Squid
- Why Squid?
- Squid Developers
- How to Donate
- How to Help Out
- Getting Squid
- Squid Source Packages
- Squid Deployment Case-Studies
- Squid Software Foundation
Documentation
- Quick Setup
- Configuration:
- FAQ and Wiki
- Guide Books:
- Non-English
- More...
Support
- Security Advisories
- Bugzilla Database
- Mailing lists
- Contacting us
- Commercial services
- Project Sponsors
- Squid-based products