proxygen
OpenSSLCertUtils.h
Go to the documentation of this file.
1 /*
2  * Copyright 2017-present Facebook, Inc.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 #pragma once
17 
18 #include <string>
19 #include <vector>
20 
21 #include <folly/Optional.h>
22 #include <folly/io/IOBuf.h>
23 #include <folly/portability/OpenSSL.h>
24 #include <folly/ssl/OpenSSLPtrTypes.h>
25 
26 namespace folly {
27 namespace ssl {
28 
29 class OpenSSLCertUtils {
30  public:
31  // Note: non-const until OpenSSL 1.1.0
32  static Optional<std::string> getCommonName(X509& x509);
33 
34  static std::vector<std::string> getSubjectAltNames(X509& x509);
35 
36  /*
37  * Return the subject name, if any, from the cert
38  * @param x509 Reference to an X509
39  * @return a folly::Optional<std::string>, or folly::none
40  */
41  static Optional<std::string> getSubject(X509& x509);
42 
43  /*
44  * Return the issuer name, if any, from the cert
45  * @param x509 Reference to an X509
46  * @return a folly::Optional<std::string>, or folly::none
47  */
48  static Optional<std::string> getIssuer(X509& x509);
49 
50  /*
51  * Get a string representation of the not-before time on the certificate
52  */
53  static std::string getNotBeforeTime(X509& x509);
54 
55  /*
56  * Get a string representation of the not-after (expiration) time
57  */
58  static std::string getNotAfterTime(X509& x509);
59 
60  /*
61  * Summarize the CN, Subject, Issuer, Validity, and extensions as a string
62  */
63  static folly::Optional<std::string> toString(X509& x509);
64 
70  static X509UniquePtr derDecode(ByteRange);
71 
77  static std::unique_ptr<IOBuf> derEncode(X509&);
78 
86  static std::vector<X509UniquePtr> readCertsFromBuffer(ByteRange range);
87 
93  static std::array<uint8_t, SHA_DIGEST_LENGTH> getDigestSha1(X509& x509);
94  static std::array<uint8_t, SHA256_DIGEST_LENGTH> getDigestSha256(X509& x509);
95 
102  static X509StoreUniquePtr readStoreFromFile(std::string caFile);
103 
110  static X509StoreUniquePtr readStoreFromBuffer(ByteRange range);
111 
112  private:
113  static std::string getDateTimeStr(const ASN1_TIME* time);
114 };
115 } // namespace ssl
116 } // namespace folly
folly::ssl::OpenSSLCertUtils::toString
static folly::Optional< std::string > toString(X509 &x509)
Definition: OpenSSLCertUtils.cpp:131
folly::ssl::X509UniquePtr
std::unique_ptr< X509, X509Deleter > X509UniquePtr
Definition: OpenSSLPtrTypes.h:44
folly::ssl::OpenSSLCertUtils::getDigestSha1
static std::array< uint8_t, SHA_DIGEST_LENGTH > getDigestSha1(X509 &x509)
Definition: OpenSSLCertUtils.cpp:240
folly::ssl::OpenSSLCertUtils::getDigestSha256
static std::array< uint8_t, SHA256_DIGEST_LENGTH > getDigestSha256(X509 &x509)
Definition: OpenSSLCertUtils.cpp:252
folly::ssl::OpenSSLCertUtils::getSubject
static Optional< std::string > getSubject(X509 &x509)
Definition: OpenSSLCertUtils.cpp:92
folly::ssl::OpenSSLCertUtils::readStoreFromBuffer
static X509StoreUniquePtr readStoreFromBuffer(ByteRange range)
Definition: OpenSSLCertUtils.cpp:273
folly::ssl::OpenSSLCertUtils::derDecode
static X509UniquePtr derDecode(ByteRange)
Definition: OpenSSLCertUtils.cpp:185
folly
—— Concurrent Priority Queue Implementation ——
Definition: AtomicBitSet.h:29
folly::ssl::OpenSSLCertUtils::getSubjectAltNames
static std::vector< std::string > getSubjectAltNames(X509 &x509)
Definition: OpenSSLCertUtils.cpp:64
folly::ssl::OpenSSLCertUtils::readStoreFromFile
static X509StoreUniquePtr readStoreFromFile(std::string caFile)
Definition: OpenSSLCertUtils.cpp:264
folly::ssl::OpenSSLCertUtils::getIssuer
static Optional< std::string > getIssuer(X509 &x509)
Definition: OpenSSLCertUtils.cpp:111
folly::ssl::OpenSSLCertUtils::getNotAfterTime
static std::string getNotAfterTime(X509 &x509)
Definition: OpenSSLCertUtils.cpp:158
folly::ssl::X509StoreUniquePtr
std::unique_ptr< X509_STORE, X509StoreDeleter > X509StoreUniquePtr
Definition: OpenSSLPtrTypes.h:46
folly::range
constexpr Range< Iter > range(Iter first, Iter last)
Definition: Range.h:1114
folly::ssl::OpenSSLCertUtils::getCommonName
static Optional< std::string > getCommonName(X509 &x509)
Definition: OpenSSLCertUtils.cpp:34
folly::ssl::OpenSSLCertUtils::getDateTimeStr
static std::string getDateTimeStr(const ASN1_TIME *time)
Definition: OpenSSLCertUtils.cpp:166
string
const char * string
Definition: Conv.cpp:212
folly::ssl::OpenSSLCertUtils::readCertsFromBuffer
static std::vector< X509UniquePtr > readCertsFromBuffer(ByteRange range)
Definition: OpenSSLCertUtils.cpp:209
folly::ssl::OpenSSLCertUtils::derEncode
static std::unique_ptr< IOBuf > derEncode(X509 &)
Definition: OpenSSLCertUtils.cpp:194
folly::detail::distributed_mutex::time
std::chrono::nanoseconds time()
Definition: DistributedMutex-inl.h:190
folly::ssl::OpenSSLCertUtils::getNotBeforeTime
static std::string getNotBeforeTime(X509 &x509)
Definition: OpenSSLCertUtils.cpp:162