kore

An easy to use, scalable and secure web application framework for writing web APIs in C.
Commits | Files | Refs | README | LICENSE | git clone https://git.kore.io/kore.git

commit 7f74790da7842bddc9d571b2de1939d53d1ab063
parent 80383024a39a1c338a213ca1181a092694f80fba
Author: Joris Vink <joris@coders.se>
Date:   Fri, 18 Feb 2022 10:50:17 +0100

Define KORE_PRIVATE_KEY per TLS backend.

Diffstat:
include/kore/kore.h | 6++++--
src/keymgr_openssl.c | 2+-
src/tls_none.c | 10+++++-----
src/tls_openssl.c | 10+++++-----
4 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/include/kore/kore.h b/include/kore/kore.h @@ -68,11 +68,13 @@ typedef X509 KORE_X509; typedef SSL KORE_TLS; typedef SSL_CTX KORE_TLS_CTX; typedef X509_NAME KORE_X509_NAMES; +typedef EVP_PKEY KORE_PRIVATE_KEY; #else typedef void KORE_X509; typedef void KORE_TLS; typedef void KORE_TLS_CTX; typedef void KORE_X509_NAMES; +typedef void KORE_PRIVATE_KEY; #endif #define KORE_RSAKEY_BITS 4096 @@ -835,8 +837,8 @@ void kore_tls_domain_crl(struct kore_domain *, const void *, size_t); void kore_tls_domain_setup(struct kore_domain *, int, const void *, size_t); -void *kore_tls_rsakey_load(const char *); -void *kore_tls_rsakey_generate(const char *); +KORE_PRIVATE_KEY *kore_tls_rsakey_load(const char *); +KORE_PRIVATE_KEY *kore_tls_rsakey_generate(const char *); int kore_tls_x509_data(struct connection *, u_int8_t **, size_t *); KORE_X509_NAMES *kore_tls_x509_issuer_name(struct connection *); diff --git a/src/keymgr_openssl.c b/src/keymgr_openssl.c @@ -163,7 +163,7 @@ static struct sock_filter filter_keymgr[] = { #endif struct key { - EVP_PKEY *pkey; + KORE_PRIVATE_KEY *pkey; struct kore_domain *dom; TAILQ_ENTRY(key) list; }; diff --git a/src/tls_none.c b/src/tls_none.c @@ -129,32 +129,32 @@ kore_tls_write(struct connection *c, size_t len, size_t *written) fatal("%s: not supported", __func__); } -void * +KORE_PRIVATE_KEY * kore_tls_rsakey_load(const char *path) { fatal("%s: not supported", __func__); } -void * +KORE_PRIVATE_KEY * kore_tls_rsakey_generate(const char *path) { fatal("%s: not supported", __func__); } -void * +KORE_X509_NAMES * kore_tls_x509_subject_name(struct connection *c) { fatal("%s: not supported", __func__); } -void * +KORE_X509_NAMES * kore_tls_x509_issuer_name(struct connection *c) { fatal("%s: not supported", __func__); } int -kore_tls_x509name_foreach(void *name, int flags, void *udata, +kore_tls_x509name_foreach(KORE_X509_NAMES *name, int flags, void *udata, int (*cb)(void *, int, int, const char *, const void *, size_t, int)) { fatal("%s: not supported", __func__); diff --git a/src/tls_openssl.c b/src/tls_openssl.c @@ -598,11 +598,11 @@ kore_tls_connection_cleanup(struct connection *c) } -void * +KORE_PRIVATE_KEY * kore_tls_rsakey_load(const char *path) { - FILE *fp; - EVP_PKEY *pkey; + FILE *fp; + KORE_PRIVATE_KEY *pkey; if (access(path, R_OK) == -1) return (NULL); @@ -618,12 +618,12 @@ kore_tls_rsakey_load(const char *path) return (pkey); } -void * +KORE_PRIVATE_KEY * kore_tls_rsakey_generate(const char *path) { FILE *fp; EVP_PKEY_CTX *ctx; - EVP_PKEY *pkey; + KORE_PRIVATE_KEY *pkey; if ((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL) fatalx("EVP_PKEY_CTX_new_id: %s", ssl_errno_s);