00001
00027 #ifndef POLARSSL_X509_CRT_H
00028 #define POLARSSL_X509_CRT_H
00029
00030 #include "config.h"
00031
00032 #include "x509.h"
00033
00034 #include "x509_crl.h"
00035
00041 #ifdef __cplusplus
00042 extern "C" {
00043 #endif
00044
00053 typedef struct _x509_crt
00054 {
00055 x509_buf raw;
00056 x509_buf tbs;
00058 int version;
00059 x509_buf serial;
00060 x509_buf sig_oid1;
00062 x509_buf issuer_raw;
00063 x509_buf subject_raw;
00065 x509_name issuer;
00066 x509_name subject;
00068 x509_time valid_from;
00069 x509_time valid_to;
00071 pk_context pk;
00073 x509_buf issuer_id;
00074 x509_buf subject_id;
00075 x509_buf v3_ext;
00076 x509_sequence subject_alt_names;
00078 int ext_types;
00079 int ca_istrue;
00080 int max_pathlen;
00082 unsigned char key_usage;
00084 x509_sequence ext_key_usage;
00086 unsigned char ns_cert_type;
00088 x509_buf sig_oid2;
00089 x509_buf sig;
00090 md_type_t sig_md;
00091 pk_type_t sig_pk ;
00092
00093 struct _x509_crt *next;
00094 }
00095 x509_crt;
00096
00097 #define X509_CRT_VERSION_1 0
00098 #define X509_CRT_VERSION_2 1
00099 #define X509_CRT_VERSION_3 2
00100
00101 #define X509_RFC5280_MAX_SERIAL_LEN 32
00102 #define X509_RFC5280_UTC_TIME_LEN 15
00103
00107 typedef struct _x509write_cert
00108 {
00109 int version;
00110 mpi serial;
00111 pk_context *subject_key;
00112 pk_context *issuer_key;
00113 asn1_named_data *subject;
00114 asn1_named_data *issuer;
00115 md_type_t md_alg;
00116 char not_before[X509_RFC5280_UTC_TIME_LEN + 1];
00117 char not_after[X509_RFC5280_UTC_TIME_LEN + 1];
00118 asn1_named_data *extensions;
00119 }
00120 x509write_cert;
00121
00122 #if defined(POLARSSL_X509_CRT_PARSE_C)
00123
00133 int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf,
00134 size_t buflen );
00135
00150 int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen );
00151
00152 #if defined(POLARSSL_FS_IO)
00153
00166 int x509_crt_parse_file( x509_crt *chain, const char *path );
00167
00181 int x509_crt_parse_path( x509_crt *chain, const char *path );
00182 #endif
00183
00196 int x509_crt_info( char *buf, size_t size, const char *prefix,
00197 const x509_crt *crt );
00198
00235 int x509_crt_verify( x509_crt *crt,
00236 x509_crt *trust_ca,
00237 x509_crl *ca_crl,
00238 const char *cn, int *flags,
00239 int (*f_vrfy)(void *, x509_crt *, int, int *),
00240 void *p_vrfy );
00241
00242 #if defined(POLARSSL_X509_CRL_PARSE_C)
00243
00252 int x509_crt_revoked( const x509_crt *crt, const x509_crl *crl );
00253 #endif
00254
00260 void x509_crt_init( x509_crt *crt );
00261
00267 void x509_crt_free( x509_crt *crt );
00268 #endif
00269
00270
00271
00272
00273 #if defined(POLARSSL_X509_CRT_WRITE_C)
00274
00279 void x509write_crt_init( x509write_cert *ctx );
00280
00289 void x509write_crt_set_version( x509write_cert *ctx, int version );
00290
00299 int x509write_crt_set_serial( x509write_cert *ctx, const mpi *serial );
00300
00315 int x509write_crt_set_validity( x509write_cert *ctx, const char *not_before,
00316 const char *not_after );
00317
00330 int x509write_crt_set_issuer_name( x509write_cert *ctx,
00331 const char *issuer_name );
00332
00345 int x509write_crt_set_subject_name( x509write_cert *ctx,
00346 const char *subject_name );
00347
00354 void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key );
00355
00362 void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key );
00363
00371 void x509write_crt_set_md_alg( x509write_cert *ctx, md_type_t md_alg );
00372
00386 int x509write_crt_set_extension( x509write_cert *ctx,
00387 const char *oid, size_t oid_len,
00388 int critical,
00389 const unsigned char *val, size_t val_len );
00390
00402 int x509write_crt_set_basic_constraints( x509write_cert *ctx,
00403 int is_ca, int max_pathlen );
00404
00405 #if defined(POLARSSL_SHA1_C)
00406
00415 int x509write_crt_set_subject_key_identifier( x509write_cert *ctx );
00416
00426 int x509write_crt_set_authority_key_identifier( x509write_cert *ctx );
00427 #endif
00428
00438 int x509write_crt_set_key_usage( x509write_cert *ctx, unsigned char key_usage );
00439
00449 int x509write_crt_set_ns_cert_type( x509write_cert *ctx,
00450 unsigned char ns_cert_type );
00451
00457 void x509write_crt_free( x509write_cert *ctx );
00458
00479 int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
00480 int (*f_rng)(void *, unsigned char *, size_t),
00481 void *p_rng );
00482
00483 #if defined(POLARSSL_PEM_WRITE_C)
00484
00500 int x509write_crt_pem( x509write_cert *ctx, unsigned char *buf, size_t size,
00501 int (*f_rng)(void *, unsigned char *, size_t),
00502 void *p_rng );
00503 #endif
00504 #endif
00505
00506 #ifdef __cplusplus
00507 }
00508 #endif
00509
00510 #endif