2018-06-19 11:32:16 +08:00
|
|
|
/*************************************************************************
|
2018-09-06 19:51:23 +08:00
|
|
|
> File Name: cert_conf.h
|
2018-06-19 11:32:16 +08:00
|
|
|
> Author:
|
|
|
|
|
> Mail:
|
|
|
|
|
> Created Time: Fri 01 Jun 2018 12:06:26 AM PDT
|
|
|
|
|
************************************************************************/
|
|
|
|
|
|
|
|
|
|
#ifndef _CERT_INIT_H
|
|
|
|
|
#define _CERT_INIT_H
|
|
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
#include <event.h>
|
2019-11-05 11:38:40 +08:00
|
|
|
#include <openssl/x509.h>
|
|
|
|
|
#include <openssl/evp.h>
|
2018-06-19 11:32:16 +08:00
|
|
|
|
2019-11-05 11:38:40 +08:00
|
|
|
#include <MESA/Maat_rule.h>
|
|
|
|
|
#include <MESA/MESA_htable.h>
|
2018-07-09 14:32:41 +08:00
|
|
|
|
2020-11-12 15:56:34 +08:00
|
|
|
#include "rlib_load.h"
|
|
|
|
|
|
2019-05-24 15:09:34 +08:00
|
|
|
#define CT_PATH_MAX 256
|
|
|
|
|
#define CT_ARRARY_LEN (CT_PATH_MAX/2)
|
|
|
|
|
#define CT_STRING_MAX 1024
|
|
|
|
|
|
2019-11-11 17:45:03 +08:00
|
|
|
struct tfe_http_request{
|
2018-09-10 10:01:27 +08:00
|
|
|
#define DATALEN 128
|
|
|
|
|
int thread_id;
|
2018-09-20 10:11:15 +08:00
|
|
|
int is_valid;
|
2018-09-06 19:51:23 +08:00
|
|
|
char *odata;
|
2018-09-10 10:01:27 +08:00
|
|
|
X509 *origin;
|
|
|
|
|
int keyring_id;
|
2019-08-08 16:06:23 +08:00
|
|
|
char *sni;
|
2018-09-10 10:01:27 +08:00
|
|
|
char rkey[DATALEN];
|
2020-04-14 17:01:08 +08:00
|
|
|
struct timespec create_time;
|
2018-09-06 19:51:23 +08:00
|
|
|
struct evhttp_request *evh_req;
|
|
|
|
|
};
|
2018-06-19 11:32:16 +08:00
|
|
|
|
2018-09-06 19:51:23 +08:00
|
|
|
struct pxy_obj_keyring{
|
2019-05-24 15:09:34 +08:00
|
|
|
int keyring_id;
|
2020-10-30 19:37:24 +08:00
|
|
|
int use_hsm;
|
2020-11-12 15:56:34 +08:00
|
|
|
|
|
|
|
|
atomic64_t ref_cnt;
|
2019-08-08 17:12:18 +08:00
|
|
|
uint64_t expire_time;
|
2020-11-12 15:56:34 +08:00
|
|
|
time_t op_time;
|
|
|
|
|
|
2019-08-08 17:12:18 +08:00
|
|
|
EVP_PKEY *key;
|
2019-11-11 17:45:03 +08:00
|
|
|
X509 *issuer;
|
2020-11-12 15:56:34 +08:00
|
|
|
|
|
|
|
|
char v3_ctl[CT_STRING_MAX];
|
2019-05-24 15:09:34 +08:00
|
|
|
char keyring_type[CT_ARRARY_LEN];
|
|
|
|
|
char public_algo[CT_STRING_MAX];
|
2020-11-12 15:56:34 +08:00
|
|
|
|
|
|
|
|
CK_SESSION_HANDLE session;
|
2018-10-22 11:15:57 +08:00
|
|
|
STACK_OF(X509) *stack_ca;
|
2018-09-06 19:51:23 +08:00
|
|
|
};
|
2018-07-09 14:32:41 +08:00
|
|
|
|
2020-11-12 15:56:34 +08:00
|
|
|
struct pxy_profile_hsm
|
|
|
|
|
{
|
|
|
|
|
int profile_id;
|
|
|
|
|
int ref_cnt;
|
|
|
|
|
char *server_ip;
|
|
|
|
|
char *passwd;
|
|
|
|
|
pthread_mutex_t lock;
|
2018-06-19 11:32:16 +08:00
|
|
|
};
|
|
|
|
|
|
2020-11-12 15:56:34 +08:00
|
|
|
enum kerying_profile_table
|
|
|
|
|
{
|
|
|
|
|
POLICY_PROFLIE_TABLE_KERING,
|
|
|
|
|
POLICY_PROFILE_TABLE_HSM,
|
|
|
|
|
POLICY_PROFILE_TABLE_MAX
|
2018-09-18 14:48:55 +08:00
|
|
|
};
|
|
|
|
|
|
2020-11-12 15:56:34 +08:00
|
|
|
struct cert_store_policy{
|
2019-08-21 14:03:53 +08:00
|
|
|
int mode;
|
2020-11-12 15:56:34 +08:00
|
|
|
unsigned int enable;
|
2019-05-24 15:09:34 +08:00
|
|
|
unsigned int local_debug;
|
2018-06-19 11:32:16 +08:00
|
|
|
unsigned int thread_nu;
|
2018-09-10 10:01:27 +08:00
|
|
|
unsigned int expire_after;
|
2020-11-12 15:56:34 +08:00
|
|
|
|
|
|
|
|
Maat_feather_t feather;
|
|
|
|
|
int plolicy_table_id[POLICY_PROFILE_TABLE_MAX];
|
|
|
|
|
|
|
|
|
|
uint16_t e_port;
|
|
|
|
|
uint16_t store_port;
|
|
|
|
|
char store_ip[46];
|
|
|
|
|
|
2020-11-25 14:10:26 +08:00
|
|
|
char password[128];
|
|
|
|
|
char label[128];
|
|
|
|
|
|
2018-12-13 10:12:24 +08:00
|
|
|
char ca_path[128];
|
|
|
|
|
char uninsec_path[128];
|
2018-06-19 11:32:16 +08:00
|
|
|
};
|
|
|
|
|
|
2020-11-12 15:56:34 +08:00
|
|
|
extern struct cert_store_policy * g_certstore_policy;
|
2018-06-19 11:32:16 +08:00
|
|
|
|
2020-11-12 15:56:34 +08:00
|
|
|
void cert_store_init_config(struct cert_store_policy *certstore_policy, const char *main_profile);
|
2018-06-19 11:32:16 +08:00
|
|
|
|
|
|
|
|
#endif
|
