2012-09-24 17:11:48 +01:00
/* X.509 certificate parser internal definitions
*
* Copyright ( C ) 2012 Red Hat , Inc . All Rights Reserved .
* Written by David Howells ( dhowells @ redhat . com )
*
* This program is free software ; you can redistribute it and / or
* modify it under the terms of the GNU General Public Licence
* as published by the Free Software Foundation ; either version
* 2 of the Licence , or ( at your option ) any later version .
*/
2013-08-30 16:16:34 +01:00
# include <linux/time.h>
2012-09-24 17:11:48 +01:00
# include <crypto/public_key.h>
2015-10-21 14:04:48 +01:00
# include <keys/asymmetric-type.h>
2012-09-24 17:11:48 +01:00
struct x509_certificate {
struct x509_certificate * next ;
2014-07-01 16:40:19 +01:00
struct x509_certificate * signer ; /* Certificate that signed this one */
2012-09-24 17:11:48 +01:00
struct public_key * pub ; /* Public key details */
2016-04-06 16:13:33 +01:00
struct public_key_signature * sig ; /* Signature parameters */
2012-09-24 17:11:48 +01:00
char * issuer ; /* Name of certificate issuer */
char * subject ; /* Name of certificate subject */
2015-07-20 21:16:26 +01:00
struct asymmetric_key_id * id ; /* Issuer + Serial number */
2014-10-06 16:52:12 +01:00
struct asymmetric_key_id * skid ; /* Subject + subjectKeyId (optional) */
2015-07-29 16:58:32 +01:00
time64_t valid_from ;
time64_t valid_to ;
2012-09-24 17:11:48 +01:00
const void * tbs ; /* Signed data */
2013-08-30 16:18:02 +01:00
unsigned tbs_size ; /* Size of signed data */
unsigned raw_sig_size ; /* Size of sigature */
const void * raw_sig ; /* Signature data */
2014-07-01 16:40:19 +01:00
const void * raw_serial ; /* Raw serial number in ASN.1 */
unsigned raw_serial_size ;
unsigned raw_issuer_size ;
const void * raw_issuer ; /* Raw issuer name in ASN.1 */
const void * raw_subject ; /* Raw subject name in ASN.1 */
unsigned raw_subject_size ;
2014-10-03 16:17:02 +01:00
unsigned raw_skid_size ;
const void * raw_skid ; /* Raw subjectKeyId in ASN.1 */
2014-07-01 16:40:19 +01:00
unsigned index ;
bool seen ; /* Infinite recursion prevention */
bool verified ;
bool trusted ;
2014-09-16 17:36:15 +01:00
bool unsupported_crypto ; /* T if can't be verified due to missing crypto */
2012-09-24 17:11:48 +01:00
} ;
/*
* x509_cert_parser . c
*/
extern void x509_free_certificate ( struct x509_certificate * cert ) ;
extern struct x509_certificate * x509_cert_parse ( const void * data , size_t datalen ) ;
2015-07-29 16:58:32 +01:00
extern int x509_decode_time ( time64_t * _t , size_t hdrlen ,
unsigned char tag ,
const unsigned char * value , size_t vlen ) ;
2013-08-30 16:18:02 +01:00
/*
* x509_public_key . c
*/
extern int x509_get_sig_params ( struct x509_certificate * cert ) ;
extern int x509_check_signature ( const struct public_key * pub ,
struct x509_certificate * cert ) ;