blob: d0df9b9ac6a63300c90723c3778bb9f33d1e7165 [file] [log] [blame]
William Lallemandc69973f2020-05-12 17:42:42 +02001/*
2 * include/proto/ssl_ckch.h
3 * ckch function prototypes
4 *
5 * Copyright (C) 2020 HAProxy Technologies, William Lallemand <wlallemand@haproxy.com>
6 *
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation, version 2.1
10 * exclusively.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22#ifndef _PROTO_SSL_CKCH_H
23#define _PROTO_SSL_CKCH_H
24#ifdef USE_OPENSSL
25
William Lallemand03c331c2020-05-13 10:10:01 +020026/* cert_key_and_chain functions */
27
28int ssl_sock_load_files_into_ckch(const char *path, struct cert_key_and_chain *ckch, char **err);
29int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err);
30void ssl_sock_free_cert_key_and_chain_contents(struct cert_key_and_chain *ckch);
31
32int ssl_sock_load_key_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err);
33int ssl_sock_load_ocsp_response_from_file(const char *ocsp_path, char *buf, struct cert_key_and_chain *ckch, char **err);
34int ssl_sock_load_sctl_from_file(const char *sctl_path, char *buf, struct cert_key_and_chain *ckch, char **err);
35int ssl_sock_load_issuer_file_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch, char **err);
36
37/* checks if a key and cert exists in the ckch */
38#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
39static inline int ssl_sock_is_ckch_valid(struct cert_key_and_chain *ckch)
40{
41 return (ckch->cert != NULL && ckch->key != NULL);
42}
43#endif
William Lallemandc69973f2020-05-12 17:42:42 +020044
45/* ckch_store functions */
46struct ckch_store *ckchs_load_cert_file(char *path, int multi, char **err);
47struct ckch_store *ckchs_lookup(char *path);
William Lallemand03c331c2020-05-13 10:10:01 +020048struct ckch_store *ckchs_dup(const struct ckch_store *src);
49struct ckch_store *ckch_store_new(const char *filename, int nmemb);
50void ckch_store_free(struct ckch_store *store);
51
William Lallemandc69973f2020-05-12 17:42:42 +020052
53/* ckch_inst functions */
54void ckch_inst_free(struct ckch_inst *inst);
55struct ckch_inst *ckch_inst_new();
William Lallemandda8584c2020-05-14 10:14:37 +020056int ckch_inst_new_load_multi_store(const char *path, struct ckch_store *ckchs,
57 struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
58 char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err);
William Lallemandc756bbd2020-05-13 17:23:59 +020059int ckch_inst_new_load_store(const char *path, struct ckch_store *ckchs, struct bind_conf *bind_conf,
60 struct ssl_bind_conf *ssl_conf, char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err);
William Lallemandc69973f2020-05-12 17:42:42 +020061
62#endif /* USE_OPENSSL */
63#endif /* _PROTO_SSL_CRTLIST_H */