1// Copyright 2012 Google Inc. All Rights Reserved.
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//     http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15#ifndef POLO_UTIL_CERTIFICATEUTIL_H_
16#define POLO_UTIL_CERTIFICATEUTIL_H_
17
18#include <stdint.h>
19#include <openssl/ssl.h>
20#include <string>
21
22// Fixes a problem with X509_NAME on Windows.
23#undef X509_NAME
24
25namespace polo {
26namespace util {
27
28class CertificateUtil {
29 public:
30  // Reads an X509 certificate from a PEM encoded string.
31  // @param pem the PEM encoded string
32  // @return a pointer to a new X509 certificate or NULL if there was an error
33  //         loading the certificate
34  static X509* X509FromPEM(std::string pem);
35
36  // Converts an X509 certificate to a PEM encoded string.
37  // @param x509 the X509 certificate
38  // @return a PEM encoded string of the given certificate
39  static std::string X509ToPEM(X509* x509);
40
41  // Loads a private key from a PEM encoded string.
42  // @param pem the PEM encoded string
43  // @param passphrase the private key passphrase
44  // @return a pointer to a new EVP_PKEY or NULL if there was an error loading
45  //         the private key
46  static EVP_PKEY* PKEYFromPEM(std::string pem,
47                               std::string passphrase);
48
49  // Converts a private key to a PEM encoded string.
50  // @param pkey the private key
51  // @param passphrase the private key passphrase to use
52  // @return a PEM encoded string of the given private key
53  static std::string PKEYToPEM(EVP_PKEY* pkey,
54                               std::string passphrase);
55
56  // Generates a new private key.
57  // @return a new RSA private key that can be used to create a self-signed cert
58  static EVP_PKEY* GeneratePrivateKey();
59
60  // Generates a self-signed X509 certificate.
61  // @param pkey the private key
62  // @param subject_name the subject name
63  // @param days the number of days before the certificate expires
64  // @return a new self-signed X509 certificate
65  static X509* GenerateSelfSignedCert(EVP_PKEY* pkey,
66                                      std::string subject_name,
67                                      uint32_t days);
68};
69
70}  // namespace util
71}  // namespace polo
72
73#endif  // POLO_UTIL_CERTIFICATEUTIL_H_
74