24#if defined(NB_SSL_SUPPORTED) || defined(NB_SSH_SUPPORTED)
27#include <crypto/wolfssl/wolfcrypt/ecc.h>
30#define MAX_CERT_SNAME_LEN 64
32#if defined(HAVE_ECC) && defined(ENABLE_ECCKEY_CREATE)
35#if defined(HAVE_ECC384)
36#define DEFAULT_KEY_TYPE SSL_KEY_ECC_SECP384R1
37#elif !defined(NO_ECC256)
38#define DEFAULT_KEY_TYPE SSL_KEY_ECC_SECP256R1
39#elif defined(HAVE_ECC224)
40#define DEFAULT_KEY_TYPE SSL_KEY_ECC_SECP224R1
41#elif defined(HAVE_ECC192)
42#define DEFAULT_KEY_TYPE SSL_KEY_ECC_SECP192R1
43#elif defined(HAVE_ECC521)
44#define DEFAULT_KEY_TYPE SSL_KEY_ECC_SECP521R1
46#elif defined(ENABLE_RSAKEY_CREATE)
48#define DEFAULT_KEY_TYPE SSL_KEY_RSA_2048
51#define DEFAULT_KEY_TYPE SSL_KEY_RSA_2048
114 const char * m_country;
115 const char * m_state;
116 const char * m_locality;
119 const char * m_email;
161extern const char * DEFAULT_CERT_COUNTRY;
162extern const char * DEFAULT_CERT_STATE;
163extern const char * DEFAULT_CERT_LOCALITY;
164extern const char * DEFAULT_CERT_ORG;
165extern const char * DEFAULT_CERT_UNIT;
166extern const char * DEFAULT_CERT_EMAIL;
167extern const char * DEFAULT_CERT_COM_NAME;
168extern const char * DEFAULT_CERT_ALT_NAMES;
186 CertData(
const char * Country=DEFAULT_CERT_COUNTRY,
187 const char * State=DEFAULT_CERT_STATE,
188 const char * Locality=DEFAULT_CERT_LOCALITY,
189 const char * Org=DEFAULT_CERT_ORG,
190 const char * Unit=DEFAULT_CERT_UNIT,
191 const char * Email=DEFAULT_CERT_EMAIL,
192 const char * Name=DEFAULT_CERT_COM_NAME,
193 const char * AltNames=DEFAULT_CERT_ALT_NAMES
194 ) :
config_obj(sys,
"CertData" ,
"Object to hold the data for certificate generation"),
195 m_country(Country,
"Country"),
196 m_state (State,
"State"),
197 m_locality(Locality,
"Locality"),
200 m_email(Email,
"Email"),
201 m_comname(Name,
"Comname"),
202 m_altNames(AltNames,
"AltNames")
Lightweight alternative to C++ CString class.
Definition nbstring.h:118
Base class used to create configuration objects.
Definition config_obj.h:277
String Configuration Variable.
Definition config_obj.h:1055
Configuration object header file.
CertGenReturnCode
Certificate Generation Function Return Codes.
Definition certgen.h:87
void FillInAltNamesASN1(Cert &TheCert, NBString &altNameString)
Helper function used to build ASN1 representation of alt names.
CertGenReturnCode SSL_CreateNewSelfSignedCert(CertGenData &pGenData)
Generates a new self-signed certificate that will be stored on the device.
CertGenReturnCode CheckAndCreateHalCertAndKey()
Check for a valid SSL certificate and generate one if not found.
SslKeyType_t
Certificate Generation Key Types.
Definition certgen.h:59
CertGenData * GetDataForCertGen()
A function to be overridden to pass certificate details to the certificate generator.
Definition SSL/SslOnboardCertGeneration/CompiledCa/src/main.cpp:26
void EnableOnboardCertificateCreation(CertGenReturnCode(*createCertFunc)(CertGenData &cGenData)=SSL_CreateNewSelfSignedCert)
Enables the ability for the module to automatically generate self-signed certificates for use in SSL/...
AltNameType_t
Certificate Generation Alternate Name Types.
Definition certgen.h:76
@ CERT_GEN_RETURN_NOT_REQUIRED
Returned when the a new certificate was not required to be generated.
Definition certgen.h:89
@ CERT_GEN_RETURN_CERT_SAVING_ERROR
Returned when the device was unable to properly save the certificate.
Definition certgen.h:99
@ CERT_GEN_RETURN_CERT_INIT_ERROR
Returned when the device was unable to initialize the required certificate object.
Definition certgen.h:96
@ CERT_GEN_RETURN_INVALID_RANDOM
Returned when the device was unable to generate a valid random number.
Definition certgen.h:90
@ CERT_GEN_RETURN_RSA_INIT_ERROR
Returned when the device was unable to initialize the required RSA object.
Definition certgen.h:94
@ CERT_GEN_RETURN_CERT_SIGNING_ERROR
Returned when the device was unable to sign the created certificate.
Definition certgen.h:98
@ CERT_GEN_RETURN_SUCCESS
Returned when the certificate was successfully generated.
Definition certgen.h:88
@ CERT_GEN_RETURN_MALLOC_ERROR
Returned when the device is unable to malloc enough space to generate the certificate.
Definition certgen.h:91
@ CERT_GEN_RETURN_CERT_CREATE_ERROR
Returned when the device was unable to create the certificate.
Definition certgen.h:97
@ CERT_GEN_RETURN_KEY_SAVING_ERROR
Returned when the device was unable to save the key.
Definition certgen.h:101
@ CERT_GEN_RETURN_ECC_CREATE_ERROR
Returned when the device was unable to create the ECC key.
Definition certgen.h:93
@ CERT_GEN_RETURN_SET_ISSUER_ERROR
Returned when the device was unable to set the issuer if a CA was used.
Definition certgen.h:102
@ CERT_GEN_RETURN_ECC_INIT_ERROR
Returned when the device was unable to initialize the required ECC object.
Definition certgen.h:92
@ CERT_GEN_RETURN_KEY_CONVERT_ERROR
Returned when the device was unable to convert the certificate from PEM to DER format.
Definition certgen.h:100
@ CERT_GEN_RETURN_RSA_CREATE_ERROR
Returned when the device was unable to create the RSA key.
Definition certgen.h:95
@ SSL_KEY_RSA_1024
RSA 1024.
Definition certgen.h:61
@ SSL_KEY_ECC_SECP224R1
Defined in wolfssl/wolfcrypt/ecc.h.
Definition certgen.h:65
@ SSL_KEY_ECC_SECP384R1
Defined in wolfssl/wolfcrypt/ecc.h.
Definition certgen.h:67
@ SSL_KEY_ECC_SECP192R1
Defined in wolfssl/wolfcrypt/ecc.h.
Definition certgen.h:64
@ SSL_KEY_ECC_SECP521R1
Defined in wolfssl/wolfcrypt/ecc.h.
Definition certgen.h:68
@ SSL_KEY_NONE
None.
Definition certgen.h:60
@ SSL_KEY_RSA_4096
RSA 4096.
Definition certgen.h:63
@ SSL_KEY_RSA_2048
RSA 2048.
Definition certgen.h:62
@ SSL_KEY_ECC_SECP256R1
Defined in wolfssl/wolfcrypt/ecc.h.
Definition certgen.h:66
@ ALT_NAME_TYPE_IP
IP Address.
Definition certgen.h:79
@ ALT_NAME_TYPE_NONE
None.
Definition certgen.h:77
@ ALT_NAME_TYPE_DNS
DNS Name.
Definition certgen.h:78
NetBurner IPADDR4 Class. See the IPADDR4 Class page for complete documentation.
Used to store the information that is passed in when enabling onboard generated certificates,...
Definition certgen.h:111
const char * m_commonName
Common Name.
Definition certgen.h:120
NBString m_altNamesString
Alternate names string.
Definition certgen.h:122
time_t m_certExpTime
Certificate expiration time.
Definition certgen.h:144
int m_yrsValid
Number of years.
Definition certgen.h:121