search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'tor-gitlab/mr/583' into maint-0.4.7
[tor.git] / src / lib / tls / x509_internal.h
blob9e5b6f0d00deb48a2cd5fbd2612ffc438bc39b1d
1 /* Copyright (c) 2003, Roger Dingledine
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2021, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5
6 #ifndef TOR_X509_INTERNAL_H
7 #define TOR_X509_INTERNAL_H
8
9 /**
10 * \file x509.h
11 * \brief Internal headers for tortls.c
12 **/
13
14 #include "lib/crypt_ops/crypto_rsa.h"
15 #include "lib/testsupport/testsupport.h"
16
17 /**
18 * How skewed do we allow our clock to be with respect to certificates that
19 * seem to be expired? (seconds)
20 */
21 #define TOR_X509_PAST_SLOP (2*24*60*60)
22 /**
23 * How skewed do we allow our clock to be with respect to certificates that
24 * seem to come from the future? (seconds)
25 */
26 #define TOR_X509_FUTURE_SLOP (30*24*60*60)
27
28 MOCK_DECL(tor_x509_cert_impl_t *, tor_tls_create_certificate,
29 (crypto_pk_t *rsa,
30 crypto_pk_t *rsa_sign,
31 const char *cname,
32 const char *cname_sign,
33 unsigned int cert_lifetime));
34 MOCK_DECL(tor_x509_cert_t *, tor_x509_cert_new,
35 (tor_x509_cert_impl_t *x509_cert));
36
37 int tor_x509_check_cert_lifetime_internal(int severity,
38 const tor_x509_cert_impl_t *cert,
39 time_t now,
40 int past_tolerance,
41 int future_tolerance);
42
43 void tor_x509_cert_impl_free_(tor_x509_cert_impl_t *cert);
44 #define tor_x509_cert_impl_free(cert) \
45 FREE_AND_NULL(tor_x509_cert_impl_t, tor_x509_cert_impl_free_, (cert))
46 tor_x509_cert_impl_t *tor_x509_cert_impl_dup_(tor_x509_cert_impl_t *cert);
47 #ifdef ENABLE_OPENSSL
48 int tor_x509_cert_set_cached_der_encoding(tor_x509_cert_t *cert);
49 #else
50 #define tor_x509_cert_set_cached_der_encoding(cert) (0)
51 #endif
52
53 #endif /* !defined(TOR_X509_INTERNAL_H) */
The Onion Router