wget2  2.0.0
HTTP Public Key Pinning (RFC 7469) routines

Data Structures

struct  wget_hpkp_db_st
 

Macros

#define WGET_HPKP_OK   0
 Success.
 
#define WGET_HPKP_ERROR   -1
 General error.
 
#define WGET_HPKP_ENTRY_EXPIRED   -2
 The HPKP entry is expired.
 
#define WGET_HPKP_WAS_DELETED   -3
 The HPKP entry was deleted.
 
#define WGET_HPKP_NOT_ENOUGH_PINS   -4
 The entry doesn't have enough PINs.
 
#define WGET_HPKP_ENTRY_EXISTS   -5
 The entry already exists.
 
#define WGET_HPKP_ERROR_FILE_OPEN   -6
 Failed to open a file.
 

Typedefs

typedef struct wget_hpkp_db_st wget_hpkp_db
 
typedef struct wget_hpkp_st wget_hpkp
 
typedef wget_hpkp_dbwget_hpkp_db_init_fn(wget_hpkp_db *hpkp_db, const char *fname)
 

Functions

void wget_hpkp_pin_add (wget_hpkp *hpkp, const char *pin_type, const char *pin_b64)
 
void wget_hpkp_free (wget_hpkp *hpkp)
 
wget_hpkpwget_hpkp_new (void)
 
void wget_hpkp_set_host (wget_hpkp *hpkp, const char *host)
 
void wget_hpkp_set_maxage (wget_hpkp *hpkp, int64_t maxage)
 
void wget_hpkp_set_include_subdomains (wget_hpkp *hpkp, bool include_subdomains)
 
int wget_hpkp_get_n_pins (wget_hpkp *hpkp)
 
void wget_hpkp_get_pins_b64 (wget_hpkp *hpkp, const char **pin_types, const char **pins_b64)
 
void wget_hpkp_get_pins (wget_hpkp *hpkp, const char **pin_types, size_t *sizes, const void **pins)
 
const char * wget_hpkp_get_host (wget_hpkp *hpkp)
 
int64_t wget_hpkp_get_maxage (wget_hpkp *hpkp)
 
bool wget_hpkp_get_include_subdomains (wget_hpkp *hpkp)
 

Detailed Description

This is an implementation of RFC 7469.

Typedef Documentation

◆ wget_hpkp_db

typedef struct wget_hpkp_db_st wget_hpkp_db

HPKP database for storing HTTP Public Key Pinning (HPKP) entries

◆ wget_hpkp

typedef struct wget_hpkp_st wget_hpkp

HPKP database entry. Corresponds to one 'Public-Key-Pins' HTTP response header.

◆ wget_hpkp_db_init_fn

typedef wget_hpkp_db* wget_hpkp_db_init_fn(wget_hpkp_db *hpkp_db, const char *fname)

It is possible to implement a custom HPKP database as a plugin. See tests/test-plugin-dummy.c and tests/Makefile.am for details.

Function Documentation

◆ wget_hpkp_pin_add()

void wget_hpkp_pin_add ( wget_hpkp hpkp,
const char *  pin_type,
const char *  pin_b64 
)
Parameters
[in]hpkpAn HPKP database entry
[in]pin_typeThe type of hash supplied, e.g. "sha256"
[in]pin_b64The public key hash in base64 format

Adds a public key hash to HPKP database entry.

◆ wget_hpkp_free()

void wget_hpkp_free ( wget_hpkp hpkp)
Parameters
[in]hpkpAn HPKP database entry

Free hpkp_t instance created by wget_hpkp_new() It can be used as destructor function in vectors and hashmaps. If hpkp is NULL this function does nothing.

◆ wget_hpkp_new()

wget_hpkp* wget_hpkp_new ( void  )
Returns
A newly allocated and initialized HPKP structure

Creates a new HPKP structure initialized with the given values.

◆ wget_hpkp_set_host()

void wget_hpkp_set_host ( wget_hpkp hpkp,
const char *  host 
)
Parameters
[in]hpkpAn HPKP database entry
[in]hostHostname of the web server

Sets the hostname of the web server into given HPKP database entry.

◆ wget_hpkp_set_maxage()

void wget_hpkp_set_maxage ( wget_hpkp hpkp,
int64_t  maxage 
)
Parameters
[in]hpkpAn HPKP database entry
[in]maxageMaximum time the entry is valid (in seconds)

Sets the maximum time the HPKP entry is valid. Corresponds to max-age directive in Public-Key-Pins HTTP response header.

◆ wget_hpkp_set_include_subdomains()

void wget_hpkp_set_include_subdomains ( wget_hpkp hpkp,
bool  include_subdomains 
)
Parameters
[in]hpkpAn HPKP database entry
[in]include_subdomainsNonzero if this entry is also valid for all subdomains, zero otherwise.

Sets whether the entry is also valid for all subdomains. Corresponds to the optional includeSubDomains directive in Public-Key-Pins HTTP response header.

◆ wget_hpkp_get_n_pins()

int wget_hpkp_get_n_pins ( wget_hpkp hpkp)
Parameters
[in]hpkpAn HPKP database entry
Returns
The number of public key hashes added.

Gets the number of public key hashes added to the given HPKP database entry.

◆ wget_hpkp_get_pins_b64()

void wget_hpkp_get_pins_b64 ( wget_hpkp hpkp,
const char **  pin_types,
const char **  pins_b64 
)
Parameters
[in]hpkpAn HPKP database entry
[out]pin_typesAn array of pointers where hash types will be stored.
[out]pins_b64An array of pointers where the public keys in base64 format will be stored

Gets all the public key hashes added to the given HPKP database entry.

The size of the arrays used must be at least one returned by wget_hpkp_get_n_pins().

◆ wget_hpkp_get_pins()

void wget_hpkp_get_pins ( wget_hpkp hpkp,
const char **  pin_types,
size_t *  sizes,
const void **  pins 
)
Parameters
[in]hpkpAn HPKP database entry
[out]pin_typesAn array of pointers where hash types will be stored.
[out]sizesAn array of sizes where pin sizes will be stored.
[out]pinsAn array of pointers where the public keys in binary format will be stored

Gets all the public key hashes added to the given HPKP database entry.

The size of the arrays used must be at least one returned by wget_hpkp_get_n_pins().

◆ wget_hpkp_get_host()

const char* wget_hpkp_get_host ( wget_hpkp hpkp)
Parameters
[in]hpkpAn HPKP database entry
Returns
The hostname this entry is valid for

Gets the hostname this entry is valid for, as set by wget_hpkp_set_host()

◆ wget_hpkp_get_maxage()

int64_t wget_hpkp_get_maxage ( wget_hpkp hpkp)
Parameters
[in]hpkpAn HPKP database entry
Returns
The maximum time (in seconds) the entry is valid

Gets the maximum time this entry is valid for, as set by wget_hpkp_set_maxage()

◆ wget_hpkp_get_include_subdomains()

bool wget_hpkp_get_include_subdomains ( wget_hpkp hpkp)
Parameters
[in]hpkpAn HPKP database entry
Returns
true if the HPKP entry is also valid for all subdomains, false otherwise

Gets whether the HPKP database entry is also valid for the subdomains.