17c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// Copyright 2012 Google Inc. All Rights Reserved. 27c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// 37c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// Licensed under the Apache License, Version 2.0 (the "License"); 47c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// you may not use this file except in compliance with the License. 57c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// You may obtain a copy of the License at 67c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// 77c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// http://www.apache.org/licenses/LICENSE-2.0 87c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// 97c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// Unless required by applicable law or agreed to in writing, software 107c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// distributed under the License is distributed on an "AS IS" BASIS, 117c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 127c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// See the License for the specific language governing permissions and 137c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// limitations under the License. 147c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet 157c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet#ifndef POLO_UTIL_CERTIFICATEUTIL_H_ 167c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet#define POLO_UTIL_CERTIFICATEUTIL_H_ 177c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet 187c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet#include <stdint.h> 197c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet#include <openssl/ssl.h> 207c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet#include <string> 217c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet 227c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet// Fixes a problem with X509_NAME on Windows. 237c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet#undef X509_NAME 247c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet 257c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichetnamespace polo { 267c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichetnamespace util { 277c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet 287c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichetclass CertificateUtil { 297c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet public: 307c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // Reads an X509 certificate from a PEM encoded string. 317c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @param pem the PEM encoded string 327c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @return a pointer to a new X509 certificate or NULL if there was an error 337c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // loading the certificate 347c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet static X509* X509FromPEM(std::string pem); 357c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet 367c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // Converts an X509 certificate to a PEM encoded string. 377c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @param x509 the X509 certificate 387c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @return a PEM encoded string of the given certificate 397c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet static std::string X509ToPEM(X509* x509); 407c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet 417c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // Loads a private key from a PEM encoded string. 427c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @param pem the PEM encoded string 437c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @param passphrase the private key passphrase 447c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @return a pointer to a new EVP_PKEY or NULL if there was an error loading 457c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // the private key 467c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet static EVP_PKEY* PKEYFromPEM(std::string pem, 477c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet std::string passphrase); 487c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet 497c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // Converts a private key to a PEM encoded string. 507c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @param pkey the private key 517c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @param passphrase the private key passphrase to use 527c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @return a PEM encoded string of the given private key 537c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet static std::string PKEYToPEM(EVP_PKEY* pkey, 547c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet std::string passphrase); 557c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet 567c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // Generates a new private key. 577c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @return a new RSA private key that can be used to create a self-signed cert 587c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet static EVP_PKEY* GeneratePrivateKey(); 597c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet 607c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // Generates a self-signed X509 certificate. 617c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @param pkey the private key 627c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @param subject_name the subject name 637c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @param days the number of days before the certificate expires 647c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet // @return a new self-signed X509 certificate 657c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet static X509* GenerateSelfSignedCert(EVP_PKEY* pkey, 667c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet std::string subject_name, 677c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet uint32_t days); 687c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet}; 697c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet 707c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet} // namespace util 717c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet} // namespace polo 727c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet 737c9978567a202d6aa98beac5da5e1b3b34792862Jerome Poichet#endif // POLO_UTIL_CERTIFICATEUTIL_H_ 74