9 #include <unordered_set>
11 #include <openssl/ssl.h>
13 #include "db/database.h"
21 std::shared_ptr<X509> ca;
22 std::shared_ptr<EVP_PKEY> caKey;
23 std::shared_ptr<ASN1_TIME> notBefore;
25 CAConfig( const std::string& name );
27 bool crlNeedsResign();
36 std::vector<std::shared_ptr<CAConfig>> ca;
37 std::time_t maxValidity;
38 std::unordered_set<std::string> include;
39 std::shared_ptr<CAConfig> getCA() {
40 std::shared_ptr<CAConfig> min = nullptr;
42 for( auto it = ca.rbegin(); it != ca.rend(); it++ ) {
43 if( X509_cmp_current_time( ( *it )->notBefore.get() ) < 0 ) {
44 if( min != nullptr ) {
45 if( strcmp( min->name.c_str(), ( *it )->name.c_str() ) < 0 ) {
54 return min ? min : ca[0];
58 extern std::shared_ptr<int> ssl_lib_ref;
60 std::shared_ptr<X509> loadX509FromFile( const std::string& filename );
61 std::shared_ptr<EVP_PKEY> loadPkeyFromFile( const std::string& filename );
63 std::shared_ptr<SSL_CTX> generateSSLContext( bool server );
64 std::shared_ptr<BIO> openSerial( const std::string& name );
65 std::string timeToString( std::shared_ptr<ASN1_TIME> time );
67 void extractTimes( std::shared_ptr<X509> source, std::shared_ptr<SignedCertificate> cert );