Blame - include/ssl_key_handler.hpp - openbmc/bmcweb

blob: 7670bcb22383a9d4b9e60b52b2e99148b10cc096 [file] [log] [blame]

Ed Tanous	724985f	2024-06-05 09:19:06 -0700	[diff] [blame]	1
				2
Ed Tanous	0fdddb1	2017-02-28 11:06:34 -0800	[diff] [blame]	3	#pragma once
				4
Ed Tanous	3112a14	2018-11-29 15:45:10 -0800	[diff] [blame]	5	#include <boost/asio/ssl/context.hpp>
Gunnar Mills	1214b7e	2020-06-04 10:11:30 -0500	[diff] [blame]	6
Ed Tanous	3ccb3ad	2023-01-13 17:40:03 -0800	[diff] [blame]	7	#include <optional>
Ed Tanous	3ccb3ad	2023-01-13 17:40:03 -0800	[diff] [blame]	8	#include <string>
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	9
				10	namespace ensuressl
				11	{
AppaRao Puli	e38778a	2022-06-27 23:09:03 +0000	[diff] [blame]	12
Ed Tanous	19bb362	2024-07-05 10:07:40 -0500	[diff] [blame]	13	enum class VerifyCertificate
				14	{
				15	Verify,
				16	NoVerify
				17	};
				18
Ed Tanous	724985f	2024-06-05 09:19:06 -0700	[diff] [blame]	19	constexpr const char* trustStorePath = "/etc/ssl/certs/authority";
				20	constexpr const char* x509Comment = "Generated from OpenBMC service";
Abhilash Raju	d5fb584	2024-06-03 11:40:17 -0500	[diff] [blame]	21
Ed Tanous	724985f	2024-06-05 09:19:06 -0700	[diff] [blame]	22	bool isTrustChainError(int errnum);
AppaRao Puli	e38778a	2022-06-27 23:09:03 +0000	[diff] [blame]	23
Ed Tanous	724985f	2024-06-05 09:19:06 -0700	[diff] [blame]	24	bool validateCertificate(X509* cert);
AppaRao Puli	e38778a	2022-06-27 23:09:03 +0000	[diff] [blame]	25
Ed Tanous	724985f	2024-06-05 09:19:06 -0700	[diff] [blame]	26	std::string verifyOpensslKeyCert(const std::string& filepath);
AppaRao Puli	e38778a	2022-06-27 23:09:03 +0000	[diff] [blame]	27
Ed Tanous	724985f	2024-06-05 09:19:06 -0700	[diff] [blame]	28	X509* loadCert(const std::string& filePath);
AppaRao Puli	e38778a	2022-06-27 23:09:03 +0000	[diff] [blame]	29
Ed Tanous	724985f	2024-06-05 09:19:06 -0700	[diff] [blame]	30	int addExt(X509* cert, int nid, const char* value);
Ed Tanous	19bb362	2024-07-05 10:07:40 -0500	[diff] [blame]	31
Ed Tanous	724985f	2024-06-05 09:19:06 -0700	[diff] [blame]	32	std::string generateSslCertificate(const std::string& cn);
AppaRao Puli	e38778a	2022-06-27 23:09:03 +0000	[diff] [blame]	33
Ed Tanous	724985f	2024-06-05 09:19:06 -0700	[diff] [blame]	34	void writeCertificateToFile(const std::string& filepath,
				35	const std::string& certificate);
AppaRao Puli	e38778a	2022-06-27 23:09:03 +0000	[diff] [blame]	36
Ed Tanous	724985f	2024-06-05 09:19:06 -0700	[diff] [blame]	37	std::string ensureOpensslKeyPresentAndValid(const std::string& filepath);
				38
				39	std::shared_ptr<boost::asio::ssl::context> getSslServerContext();
				40
				41	std::optional<boost::asio::ssl::context>
				42	getSSLClientContext(VerifyCertificate verifyCertificate);
AppaRao Puli	e38778a	2022-06-27 23:09:03 +0000	[diff] [blame]	43
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	44	} // namespace ensuressl