1 2 3 #pragma once 4 5 #include <boost/asio/ssl/context.hpp> 6 7 #include <optional> 8 #include <string> 9 10 namespace ensuressl 11 { 12 13 enum class VerifyCertificate 14 { 15 Verify, 16 NoVerify 17 }; 18 19 constexpr const char* trustStorePath = "/etc/ssl/certs/authority"; 20 constexpr const char* x509Comment = "Generated from OpenBMC service"; 21 22 bool isTrustChainError(int errnum); 23 24 bool validateCertificate(X509* cert); 25 26 std::string verifyOpensslKeyCert(const std::string& filepath); 27 28 X509* loadCert(const std::string& filePath); 29 30 int addExt(X509* cert, int nid, const char* value); 31 32 std::string generateSslCertificate(const std::string& cn); 33 34 void writeCertificateToFile(const std::string& filepath, 35 const std::string& certificate); 36 37 std::string ensureOpensslKeyPresentAndValid(const std::string& filepath); 38 39 std::shared_ptr<boost::asio::ssl::context> getSslServerContext(); 40 41 std::optional<boost::asio::ssl::context> 42 getSSLClientContext(VerifyCertificate verifyCertificate); 43 44 } // namespace ensuressl 45