00001
00027 #ifndef POLARSSL_X509_H
00028 #define POLARSSL_X509_H
00029
00030 #include "config.h"
00031
00032 #include "asn1.h"
00033 #include "pk.h"
00034
00035 #if defined(POLARSSL_RSA_C)
00036 #include "rsa.h"
00037 #endif
00038
00048 #define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080
00049 #define POLARSSL_ERR_X509_UNKNOWN_OID -0x2100
00050 #define POLARSSL_ERR_X509_INVALID_FORMAT -0x2180
00051 #define POLARSSL_ERR_X509_INVALID_VERSION -0x2200
00052 #define POLARSSL_ERR_X509_INVALID_SERIAL -0x2280
00053 #define POLARSSL_ERR_X509_INVALID_ALG -0x2300
00054 #define POLARSSL_ERR_X509_INVALID_NAME -0x2380
00055 #define POLARSSL_ERR_X509_INVALID_DATE -0x2400
00056 #define POLARSSL_ERR_X509_INVALID_SIGNATURE -0x2480
00057 #define POLARSSL_ERR_X509_INVALID_EXTENSIONS -0x2500
00058 #define POLARSSL_ERR_X509_UNKNOWN_VERSION -0x2580
00059 #define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG -0x2600
00060 #define POLARSSL_ERR_X509_SIG_MISMATCH -0x2680
00061 #define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2700
00062 #define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780
00063 #define POLARSSL_ERR_X509_BAD_INPUT_DATA -0x2800
00064 #define POLARSSL_ERR_X509_MALLOC_FAILED -0x2880
00065 #define POLARSSL_ERR_X509_FILE_IO_ERROR -0x2900
00066
00067
00072 #define BADCERT_EXPIRED 0x01
00073 #define BADCERT_REVOKED 0x02
00074 #define BADCERT_CN_MISMATCH 0x04
00075 #define BADCERT_NOT_TRUSTED 0x08
00076 #define BADCRL_NOT_TRUSTED 0x10
00077 #define BADCRL_EXPIRED 0x20
00078 #define BADCERT_MISSING 0x40
00079 #define BADCERT_SKIP_VERIFY 0x80
00080 #define BADCERT_OTHER 0x0100
00081
00082
00083
00084
00085
00086
00087 #define KU_DIGITAL_SIGNATURE (0x80)
00088 #define KU_NON_REPUDIATION (0x40)
00089 #define KU_KEY_ENCIPHERMENT (0x20)
00090 #define KU_DATA_ENCIPHERMENT (0x10)
00091 #define KU_KEY_AGREEMENT (0x08)
00092 #define KU_KEY_CERT_SIGN (0x04)
00093 #define KU_CRL_SIGN (0x02)
00094
00095
00096
00097
00098
00099
00100 #define NS_CERT_TYPE_SSL_CLIENT (0x80)
00101 #define NS_CERT_TYPE_SSL_SERVER (0x40)
00102 #define NS_CERT_TYPE_EMAIL (0x20)
00103 #define NS_CERT_TYPE_OBJECT_SIGNING (0x10)
00104 #define NS_CERT_TYPE_RESERVED (0x08)
00105 #define NS_CERT_TYPE_SSL_CA (0x04)
00106 #define NS_CERT_TYPE_EMAIL_CA (0x02)
00107 #define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01)
00108
00109
00110
00111
00112 #define EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
00113 #define EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
00114 #define EXT_KEY_USAGE (1 << 2)
00115 #define EXT_CERTIFICATE_POLICIES (1 << 3)
00116 #define EXT_POLICY_MAPPINGS (1 << 4)
00117 #define EXT_SUBJECT_ALT_NAME (1 << 5)
00118 #define EXT_ISSUER_ALT_NAME (1 << 6)
00119 #define EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
00120 #define EXT_BASIC_CONSTRAINTS (1 << 8)
00121 #define EXT_NAME_CONSTRAINTS (1 << 9)
00122 #define EXT_POLICY_CONSTRAINTS (1 << 10)
00123 #define EXT_EXTENDED_KEY_USAGE (1 << 11)
00124 #define EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
00125 #define EXT_INIHIBIT_ANYPOLICY (1 << 13)
00126 #define EXT_FRESHEST_CRL (1 << 14)
00127
00128 #define EXT_NS_CERT_TYPE (1 << 16)
00129
00130
00131
00132
00133
00134 #define X509_FORMAT_DER 1
00135 #define X509_FORMAT_PEM 2
00136
00137 #ifdef __cplusplus
00138 extern "C" {
00139 #endif
00140
00153 typedef asn1_buf x509_buf;
00154
00158 typedef asn1_bitstring x509_bitstring;
00159
00164 typedef asn1_named_data x509_name;
00165
00169 typedef asn1_sequence x509_sequence;
00170
00172 typedef struct _x509_time
00173 {
00174 int year, mon, day;
00175 int hour, min, sec;
00176 }
00177 x509_time;
00178
00193 int x509_dn_gets( char *buf, size_t size, const x509_name *dn );
00194
00206 int x509_serial_gets( char *buf, size_t size, const x509_buf *serial );
00207
00216 const char *x509_oid_get_description( x509_buf *oid );
00217
00229 int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid );
00230
00240 int x509_time_expired( const x509_time *time );
00241
00247 int x509_self_test( int verbose );
00248
00249
00250
00251
00252
00253 int x509_get_name( unsigned char **p, const unsigned char *end,
00254 x509_name *cur );
00255 int x509_get_alg_null( unsigned char **p, const unsigned char *end,
00256 x509_buf *alg );
00257 int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig );
00258 int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg,
00259 pk_type_t *pk_alg );
00260 int x509_get_time( unsigned char **p, const unsigned char *end,
00261 x509_time *time );
00262 int x509_get_serial( unsigned char **p, const unsigned char *end,
00263 x509_buf *serial );
00264 int x509_get_ext( unsigned char **p, const unsigned char *end,
00265 x509_buf *ext, int tag );
00266 int x509_load_file( const char *path, unsigned char **buf, size_t *n );
00267 int x509_key_size_helper( char *buf, size_t size, const char *name );
00268 int x509_string_to_names( asn1_named_data **head, const char *name );
00269 int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len, int critical, const unsigned char *val, size_t val_len );
00270 int x509_write_extensions( unsigned char **p, unsigned char *start,
00271 asn1_named_data *first );
00272 int x509_write_names( unsigned char **p, unsigned char *start,
00273 asn1_named_data *first );
00274 int x509_write_sig( unsigned char **p, unsigned char *start,
00275 const char *oid, size_t oid_len,
00276 unsigned char *sig, size_t size );
00277
00278 #ifdef __cplusplus
00279 }
00280 #endif
00281
00282 #endif