x509_parser.h 2.3 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061
  1. /* X.509 certificate parser internal definitions
  2. *
  3. * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
  4. * Written by David Howells (dhowells@redhat.com)
  5. *
  6. * This program is free software; you can redistribute it and/or
  7. * modify it under the terms of the GNU General Public Licence
  8. * as published by the Free Software Foundation; either version
  9. * 2 of the Licence, or (at your option) any later version.
  10. */
  11. #include <linux/time.h>
  12. #include <crypto/public_key.h>
  13. #include <keys/asymmetric-type.h>
  14. struct x509_certificate {
  15. struct x509_certificate *next;
  16. struct x509_certificate *signer; /* Certificate that signed this one */
  17. struct public_key *pub; /* Public key details */
  18. struct public_key_signature *sig; /* Signature parameters */
  19. char *issuer; /* Name of certificate issuer */
  20. char *subject; /* Name of certificate subject */
  21. struct asymmetric_key_id *id; /* Issuer + Serial number */
  22. struct asymmetric_key_id *skid; /* Subject + subjectKeyId (optional) */
  23. time64_t valid_from;
  24. time64_t valid_to;
  25. const void *tbs; /* Signed data */
  26. unsigned tbs_size; /* Size of signed data */
  27. unsigned raw_sig_size; /* Size of sigature */
  28. const void *raw_sig; /* Signature data */
  29. const void *raw_serial; /* Raw serial number in ASN.1 */
  30. unsigned raw_serial_size;
  31. unsigned raw_issuer_size;
  32. const void *raw_issuer; /* Raw issuer name in ASN.1 */
  33. const void *raw_subject; /* Raw subject name in ASN.1 */
  34. unsigned raw_subject_size;
  35. unsigned raw_skid_size;
  36. const void *raw_skid; /* Raw subjectKeyId in ASN.1 */
  37. unsigned index;
  38. bool seen; /* Infinite recursion prevention */
  39. bool verified;
  40. bool self_signed; /* T if self-signed (check unsupported_sig too) */
  41. bool unsupported_key; /* T if key uses unsupported crypto */
  42. bool unsupported_sig; /* T if signature uses unsupported crypto */
  43. };
  44. /*
  45. * x509_cert_parser.c
  46. */
  47. extern void x509_free_certificate(struct x509_certificate *cert);
  48. extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen);
  49. extern int x509_decode_time(time64_t *_t, size_t hdrlen,
  50. unsigned char tag,
  51. const unsigned char *value, size_t vlen);
  52. /*
  53. * x509_public_key.c
  54. */
  55. extern int x509_get_sig_params(struct x509_certificate *cert);
  56. extern int x509_check_for_self_signed(struct x509_certificate *cert);