Hannes Tschofenig
Example program to test AES-GCM functionality. Used for a workshop
SSL/include/polarssl/x509.h@0:796d0f61a05b, 2018-09-27 (annotated)
- Committer:
- HannesTschofenig
- Date:
- Thu Sep 27 06:34:22 2018 +0000
- Revision:
- 0:796d0f61a05b
Example AES-GCM test program
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| HannesTschofenig | 0:796d0f61a05b | 1 | /** |
| HannesTschofenig | 0:796d0f61a05b | 2 | * \file x509.h |
| HannesTschofenig | 0:796d0f61a05b | 3 | * |
| HannesTschofenig | 0:796d0f61a05b | 4 | * \brief X.509 generic defines and structures |
| HannesTschofenig | 0:796d0f61a05b | 5 | * |
| HannesTschofenig | 0:796d0f61a05b | 6 | * Copyright (C) 2006-2014, Brainspark B.V. |
| HannesTschofenig | 0:796d0f61a05b | 7 | * |
| HannesTschofenig | 0:796d0f61a05b | 8 | * This file is part of PolarSSL (http://www.polarssl.org) |
| HannesTschofenig | 0:796d0f61a05b | 9 | * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> |
| HannesTschofenig | 0:796d0f61a05b | 10 | * |
| HannesTschofenig | 0:796d0f61a05b | 11 | * All rights reserved. |
| HannesTschofenig | 0:796d0f61a05b | 12 | * |
| HannesTschofenig | 0:796d0f61a05b | 13 | * This program is free software; you can redistribute it and/or modify |
| HannesTschofenig | 0:796d0f61a05b | 14 | * it under the terms of the GNU General Public License as published by |
| HannesTschofenig | 0:796d0f61a05b | 15 | * the Free Software Foundation; either version 2 of the License, or |
| HannesTschofenig | 0:796d0f61a05b | 16 | * (at your option) any later version. |
| HannesTschofenig | 0:796d0f61a05b | 17 | * |
| HannesTschofenig | 0:796d0f61a05b | 18 | * This program is distributed in the hope that it will be useful, |
| HannesTschofenig | 0:796d0f61a05b | 19 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| HannesTschofenig | 0:796d0f61a05b | 20 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| HannesTschofenig | 0:796d0f61a05b | 21 | * GNU General Public License for more details. |
| HannesTschofenig | 0:796d0f61a05b | 22 | * |
| HannesTschofenig | 0:796d0f61a05b | 23 | * You should have received a copy of the GNU General Public License along |
| HannesTschofenig | 0:796d0f61a05b | 24 | * with this program; if not, write to the Free Software Foundation, Inc., |
| HannesTschofenig | 0:796d0f61a05b | 25 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
| HannesTschofenig | 0:796d0f61a05b | 26 | */ |
| HannesTschofenig | 0:796d0f61a05b | 27 | #ifndef POLARSSL_X509_H |
| HannesTschofenig | 0:796d0f61a05b | 28 | #define POLARSSL_X509_H |
| HannesTschofenig | 0:796d0f61a05b | 29 | |
| HannesTschofenig | 0:796d0f61a05b | 30 | #if !defined(POLARSSL_CONFIG_FILE) |
| HannesTschofenig | 0:796d0f61a05b | 31 | #include "config.h" |
| HannesTschofenig | 0:796d0f61a05b | 32 | #else |
| HannesTschofenig | 0:796d0f61a05b | 33 | #include POLARSSL_CONFIG_FILE |
| HannesTschofenig | 0:796d0f61a05b | 34 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 35 | |
| HannesTschofenig | 0:796d0f61a05b | 36 | #include "asn1.h" |
| HannesTschofenig | 0:796d0f61a05b | 37 | #include "pk.h" |
| HannesTschofenig | 0:796d0f61a05b | 38 | |
| HannesTschofenig | 0:796d0f61a05b | 39 | #if defined(POLARSSL_RSA_C) |
| HannesTschofenig | 0:796d0f61a05b | 40 | #include "rsa.h" |
| HannesTschofenig | 0:796d0f61a05b | 41 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 42 | |
| HannesTschofenig | 0:796d0f61a05b | 43 | /** |
| HannesTschofenig | 0:796d0f61a05b | 44 | * \addtogroup x509_module |
| HannesTschofenig | 0:796d0f61a05b | 45 | * \{ |
| HannesTschofenig | 0:796d0f61a05b | 46 | */ |
| HannesTschofenig | 0:796d0f61a05b | 47 | |
| HannesTschofenig | 0:796d0f61a05b | 48 | /** |
| HannesTschofenig | 0:796d0f61a05b | 49 | * \name X509 Error codes |
| HannesTschofenig | 0:796d0f61a05b | 50 | * \{ |
| HannesTschofenig | 0:796d0f61a05b | 51 | */ |
| HannesTschofenig | 0:796d0f61a05b | 52 | #define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */ |
| HannesTschofenig | 0:796d0f61a05b | 53 | #define POLARSSL_ERR_X509_UNKNOWN_OID -0x2100 /**< Requested OID is unknown. */ |
| HannesTschofenig | 0:796d0f61a05b | 54 | #define POLARSSL_ERR_X509_INVALID_FORMAT -0x2180 /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */ |
| HannesTschofenig | 0:796d0f61a05b | 55 | #define POLARSSL_ERR_X509_INVALID_VERSION -0x2200 /**< The CRT/CRL/CSR version element is invalid. */ |
| HannesTschofenig | 0:796d0f61a05b | 56 | #define POLARSSL_ERR_X509_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */ |
| HannesTschofenig | 0:796d0f61a05b | 57 | #define POLARSSL_ERR_X509_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */ |
| HannesTschofenig | 0:796d0f61a05b | 58 | #define POLARSSL_ERR_X509_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */ |
| HannesTschofenig | 0:796d0f61a05b | 59 | #define POLARSSL_ERR_X509_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */ |
| HannesTschofenig | 0:796d0f61a05b | 60 | #define POLARSSL_ERR_X509_INVALID_SIGNATURE -0x2480 /**< The signature tag or value invalid. */ |
| HannesTschofenig | 0:796d0f61a05b | 61 | #define POLARSSL_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */ |
| HannesTschofenig | 0:796d0f61a05b | 62 | #define POLARSSL_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */ |
| HannesTschofenig | 0:796d0f61a05b | 63 | #define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */ |
| HannesTschofenig | 0:796d0f61a05b | 64 | #define POLARSSL_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::x509_crt sig_oid) */ |
| HannesTschofenig | 0:796d0f61a05b | 65 | #define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */ |
| HannesTschofenig | 0:796d0f61a05b | 66 | #define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */ |
| HannesTschofenig | 0:796d0f61a05b | 67 | #define POLARSSL_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */ |
| HannesTschofenig | 0:796d0f61a05b | 68 | #define POLARSSL_ERR_X509_MALLOC_FAILED -0x2880 /**< Allocation of memory failed. */ |
| HannesTschofenig | 0:796d0f61a05b | 69 | #define POLARSSL_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */ |
| HannesTschofenig | 0:796d0f61a05b | 70 | /* \} name */ |
| HannesTschofenig | 0:796d0f61a05b | 71 | |
| HannesTschofenig | 0:796d0f61a05b | 72 | /** |
| HannesTschofenig | 0:796d0f61a05b | 73 | * \name X509 Verify codes |
| HannesTschofenig | 0:796d0f61a05b | 74 | * \{ |
| HannesTschofenig | 0:796d0f61a05b | 75 | */ |
| HannesTschofenig | 0:796d0f61a05b | 76 | #define BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */ |
| HannesTschofenig | 0:796d0f61a05b | 77 | #define BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */ |
| HannesTschofenig | 0:796d0f61a05b | 78 | #define BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */ |
| HannesTschofenig | 0:796d0f61a05b | 79 | #define BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */ |
| HannesTschofenig | 0:796d0f61a05b | 80 | #define BADCRL_NOT_TRUSTED 0x10 /**< CRL is not correctly signed by the trusted CA. */ |
| HannesTschofenig | 0:796d0f61a05b | 81 | #define BADCRL_EXPIRED 0x20 /**< CRL is expired. */ |
| HannesTschofenig | 0:796d0f61a05b | 82 | #define BADCERT_MISSING 0x40 /**< Certificate was missing. */ |
| HannesTschofenig | 0:796d0f61a05b | 83 | #define BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */ |
| HannesTschofenig | 0:796d0f61a05b | 84 | #define BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */ |
| HannesTschofenig | 0:796d0f61a05b | 85 | #define BADCERT_FUTURE 0x0200 /**< The certificate validity starts in the future. */ |
| HannesTschofenig | 0:796d0f61a05b | 86 | #define BADCRL_FUTURE 0x0400 /**< The CRL is from the future */ |
| HannesTschofenig | 0:796d0f61a05b | 87 | /* \} name */ |
| HannesTschofenig | 0:796d0f61a05b | 88 | /* \} addtogroup x509_module */ |
| HannesTschofenig | 0:796d0f61a05b | 89 | |
| HannesTschofenig | 0:796d0f61a05b | 90 | /* |
| HannesTschofenig | 0:796d0f61a05b | 91 | * X.509 v3 Key Usage Extension flags |
| HannesTschofenig | 0:796d0f61a05b | 92 | */ |
| HannesTschofenig | 0:796d0f61a05b | 93 | #define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */ |
| HannesTschofenig | 0:796d0f61a05b | 94 | #define KU_NON_REPUDIATION (0x40) /* bit 1 */ |
| HannesTschofenig | 0:796d0f61a05b | 95 | #define KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */ |
| HannesTschofenig | 0:796d0f61a05b | 96 | #define KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */ |
| HannesTschofenig | 0:796d0f61a05b | 97 | #define KU_KEY_AGREEMENT (0x08) /* bit 4 */ |
| HannesTschofenig | 0:796d0f61a05b | 98 | #define KU_KEY_CERT_SIGN (0x04) /* bit 5 */ |
| HannesTschofenig | 0:796d0f61a05b | 99 | #define KU_CRL_SIGN (0x02) /* bit 6 */ |
| HannesTschofenig | 0:796d0f61a05b | 100 | |
| HannesTschofenig | 0:796d0f61a05b | 101 | /* |
| HannesTschofenig | 0:796d0f61a05b | 102 | * Netscape certificate types |
| HannesTschofenig | 0:796d0f61a05b | 103 | * (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html) |
| HannesTschofenig | 0:796d0f61a05b | 104 | */ |
| HannesTschofenig | 0:796d0f61a05b | 105 | |
| HannesTschofenig | 0:796d0f61a05b | 106 | #define NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */ |
| HannesTschofenig | 0:796d0f61a05b | 107 | #define NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */ |
| HannesTschofenig | 0:796d0f61a05b | 108 | #define NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */ |
| HannesTschofenig | 0:796d0f61a05b | 109 | #define NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */ |
| HannesTschofenig | 0:796d0f61a05b | 110 | #define NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */ |
| HannesTschofenig | 0:796d0f61a05b | 111 | #define NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */ |
| HannesTschofenig | 0:796d0f61a05b | 112 | #define NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */ |
| HannesTschofenig | 0:796d0f61a05b | 113 | #define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */ |
| HannesTschofenig | 0:796d0f61a05b | 114 | |
| HannesTschofenig | 0:796d0f61a05b | 115 | /* |
| HannesTschofenig | 0:796d0f61a05b | 116 | * X.509 extension types |
| HannesTschofenig | 0:796d0f61a05b | 117 | * |
| HannesTschofenig | 0:796d0f61a05b | 118 | * Comments refer to the status for using certificates. Status can be |
| HannesTschofenig | 0:796d0f61a05b | 119 | * different for writing certificates or reading CRLs or CSRs. |
| HannesTschofenig | 0:796d0f61a05b | 120 | */ |
| HannesTschofenig | 0:796d0f61a05b | 121 | #define EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0) |
| HannesTschofenig | 0:796d0f61a05b | 122 | #define EXT_SUBJECT_KEY_IDENTIFIER (1 << 1) |
| HannesTschofenig | 0:796d0f61a05b | 123 | #define EXT_KEY_USAGE (1 << 2) /* Parsed but not used */ |
| HannesTschofenig | 0:796d0f61a05b | 124 | #define EXT_CERTIFICATE_POLICIES (1 << 3) |
| HannesTschofenig | 0:796d0f61a05b | 125 | #define EXT_POLICY_MAPPINGS (1 << 4) |
| HannesTschofenig | 0:796d0f61a05b | 126 | #define EXT_SUBJECT_ALT_NAME (1 << 5) /* Supported (DNS) */ |
| HannesTschofenig | 0:796d0f61a05b | 127 | #define EXT_ISSUER_ALT_NAME (1 << 6) |
| HannesTschofenig | 0:796d0f61a05b | 128 | #define EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7) |
| HannesTschofenig | 0:796d0f61a05b | 129 | #define EXT_BASIC_CONSTRAINTS (1 << 8) /* Supported */ |
| HannesTschofenig | 0:796d0f61a05b | 130 | #define EXT_NAME_CONSTRAINTS (1 << 9) |
| HannesTschofenig | 0:796d0f61a05b | 131 | #define EXT_POLICY_CONSTRAINTS (1 << 10) |
| HannesTschofenig | 0:796d0f61a05b | 132 | #define EXT_EXTENDED_KEY_USAGE (1 << 11) /* Parsed but not used */ |
| HannesTschofenig | 0:796d0f61a05b | 133 | #define EXT_CRL_DISTRIBUTION_POINTS (1 << 12) |
| HannesTschofenig | 0:796d0f61a05b | 134 | #define EXT_INIHIBIT_ANYPOLICY (1 << 13) |
| HannesTschofenig | 0:796d0f61a05b | 135 | #define EXT_FRESHEST_CRL (1 << 14) |
| HannesTschofenig | 0:796d0f61a05b | 136 | |
| HannesTschofenig | 0:796d0f61a05b | 137 | #define EXT_NS_CERT_TYPE (1 << 16) /* Parsed (and then ?) */ |
| HannesTschofenig | 0:796d0f61a05b | 138 | |
| HannesTschofenig | 0:796d0f61a05b | 139 | /* |
| HannesTschofenig | 0:796d0f61a05b | 140 | * Storage format identifiers |
| HannesTschofenig | 0:796d0f61a05b | 141 | * Recognized formats: PEM and DER |
| HannesTschofenig | 0:796d0f61a05b | 142 | */ |
| HannesTschofenig | 0:796d0f61a05b | 143 | #define X509_FORMAT_DER 1 |
| HannesTschofenig | 0:796d0f61a05b | 144 | #define X509_FORMAT_PEM 2 |
| HannesTschofenig | 0:796d0f61a05b | 145 | |
| HannesTschofenig | 0:796d0f61a05b | 146 | #ifdef __cplusplus |
| HannesTschofenig | 0:796d0f61a05b | 147 | extern "C" { |
| HannesTschofenig | 0:796d0f61a05b | 148 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 149 | |
| HannesTschofenig | 0:796d0f61a05b | 150 | /** |
| HannesTschofenig | 0:796d0f61a05b | 151 | * \addtogroup x509_module |
| HannesTschofenig | 0:796d0f61a05b | 152 | * \{ */ |
| HannesTschofenig | 0:796d0f61a05b | 153 | |
| HannesTschofenig | 0:796d0f61a05b | 154 | /** |
| HannesTschofenig | 0:796d0f61a05b | 155 | * \name Structures for parsing X.509 certificates, CRLs and CSRs |
| HannesTschofenig | 0:796d0f61a05b | 156 | * \{ |
| HannesTschofenig | 0:796d0f61a05b | 157 | */ |
| HannesTschofenig | 0:796d0f61a05b | 158 | |
| HannesTschofenig | 0:796d0f61a05b | 159 | /** |
| HannesTschofenig | 0:796d0f61a05b | 160 | * Type-length-value structure that allows for ASN1 using DER. |
| HannesTschofenig | 0:796d0f61a05b | 161 | */ |
| HannesTschofenig | 0:796d0f61a05b | 162 | typedef asn1_buf x509_buf; |
| HannesTschofenig | 0:796d0f61a05b | 163 | |
| HannesTschofenig | 0:796d0f61a05b | 164 | /** |
| HannesTschofenig | 0:796d0f61a05b | 165 | * Container for ASN1 bit strings. |
| HannesTschofenig | 0:796d0f61a05b | 166 | */ |
| HannesTschofenig | 0:796d0f61a05b | 167 | typedef asn1_bitstring x509_bitstring; |
| HannesTschofenig | 0:796d0f61a05b | 168 | |
| HannesTschofenig | 0:796d0f61a05b | 169 | /** |
| HannesTschofenig | 0:796d0f61a05b | 170 | * Container for ASN1 named information objects. |
| HannesTschofenig | 0:796d0f61a05b | 171 | * It allows for Relative Distinguished Names (e.g. cn=polarssl,ou=code,etc.). |
| HannesTschofenig | 0:796d0f61a05b | 172 | */ |
| HannesTschofenig | 0:796d0f61a05b | 173 | typedef asn1_named_data x509_name; |
| HannesTschofenig | 0:796d0f61a05b | 174 | |
| HannesTschofenig | 0:796d0f61a05b | 175 | /** |
| HannesTschofenig | 0:796d0f61a05b | 176 | * Container for a sequence of ASN.1 items |
| HannesTschofenig | 0:796d0f61a05b | 177 | */ |
| HannesTschofenig | 0:796d0f61a05b | 178 | typedef asn1_sequence x509_sequence; |
| HannesTschofenig | 0:796d0f61a05b | 179 | |
| HannesTschofenig | 0:796d0f61a05b | 180 | /** Container for date and time (precision in seconds). */ |
| HannesTschofenig | 0:796d0f61a05b | 181 | typedef struct _x509_time |
| HannesTschofenig | 0:796d0f61a05b | 182 | { |
| HannesTschofenig | 0:796d0f61a05b | 183 | int year, mon, day; /**< Date. */ |
| HannesTschofenig | 0:796d0f61a05b | 184 | int hour, min, sec; /**< Time. */ |
| HannesTschofenig | 0:796d0f61a05b | 185 | } |
| HannesTschofenig | 0:796d0f61a05b | 186 | x509_time; |
| HannesTschofenig | 0:796d0f61a05b | 187 | |
| HannesTschofenig | 0:796d0f61a05b | 188 | /** \} name Structures for parsing X.509 certificates, CRLs and CSRs */ |
| HannesTschofenig | 0:796d0f61a05b | 189 | /** \} addtogroup x509_module */ |
| HannesTschofenig | 0:796d0f61a05b | 190 | |
| HannesTschofenig | 0:796d0f61a05b | 191 | /** |
| HannesTschofenig | 0:796d0f61a05b | 192 | * \brief Store the certificate DN in printable form into buf; |
| HannesTschofenig | 0:796d0f61a05b | 193 | * no more than size characters will be written. |
| HannesTschofenig | 0:796d0f61a05b | 194 | * |
| HannesTschofenig | 0:796d0f61a05b | 195 | * \param buf Buffer to write to |
| HannesTschofenig | 0:796d0f61a05b | 196 | * \param size Maximum size of buffer |
| HannesTschofenig | 0:796d0f61a05b | 197 | * \param dn The X509 name to represent |
| HannesTschofenig | 0:796d0f61a05b | 198 | * |
| HannesTschofenig | 0:796d0f61a05b | 199 | * \return The amount of data written to the buffer, or -1 in |
| HannesTschofenig | 0:796d0f61a05b | 200 | * case of an error. |
| HannesTschofenig | 0:796d0f61a05b | 201 | */ |
| HannesTschofenig | 0:796d0f61a05b | 202 | int x509_dn_gets( char *buf, size_t size, const x509_name *dn ); |
| HannesTschofenig | 0:796d0f61a05b | 203 | |
| HannesTschofenig | 0:796d0f61a05b | 204 | /** |
| HannesTschofenig | 0:796d0f61a05b | 205 | * \brief Store the certificate serial in printable form into buf; |
| HannesTschofenig | 0:796d0f61a05b | 206 | * no more than size characters will be written. |
| HannesTschofenig | 0:796d0f61a05b | 207 | * |
| HannesTschofenig | 0:796d0f61a05b | 208 | * \param buf Buffer to write to |
| HannesTschofenig | 0:796d0f61a05b | 209 | * \param size Maximum size of buffer |
| HannesTschofenig | 0:796d0f61a05b | 210 | * \param serial The X509 serial to represent |
| HannesTschofenig | 0:796d0f61a05b | 211 | * |
| HannesTschofenig | 0:796d0f61a05b | 212 | * \return The amount of data written to the buffer, or -1 in |
| HannesTschofenig | 0:796d0f61a05b | 213 | * case of an error. |
| HannesTschofenig | 0:796d0f61a05b | 214 | */ |
| HannesTschofenig | 0:796d0f61a05b | 215 | int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ); |
| HannesTschofenig | 0:796d0f61a05b | 216 | |
| HannesTschofenig | 0:796d0f61a05b | 217 | /** |
| HannesTschofenig | 0:796d0f61a05b | 218 | * \brief Give an known OID, return its descriptive string. |
| HannesTschofenig | 0:796d0f61a05b | 219 | * (Deprecated. Use oid_get_extended_key_usage() instead.) |
| HannesTschofenig | 0:796d0f61a05b | 220 | * Warning: only works for extended_key_usage OIDs! |
| HannesTschofenig | 0:796d0f61a05b | 221 | * |
| HannesTschofenig | 0:796d0f61a05b | 222 | * \param oid buffer containing the oid |
| HannesTschofenig | 0:796d0f61a05b | 223 | * |
| HannesTschofenig | 0:796d0f61a05b | 224 | * \return Return a string if the OID is known, |
| HannesTschofenig | 0:796d0f61a05b | 225 | * or NULL otherwise. |
| HannesTschofenig | 0:796d0f61a05b | 226 | */ |
| HannesTschofenig | 0:796d0f61a05b | 227 | const char *x509_oid_get_description( x509_buf *oid ); |
| HannesTschofenig | 0:796d0f61a05b | 228 | |
| HannesTschofenig | 0:796d0f61a05b | 229 | /** |
| HannesTschofenig | 0:796d0f61a05b | 230 | * \brief Give an OID, return a string version of its OID number. |
| HannesTschofenig | 0:796d0f61a05b | 231 | * (Deprecated. Use oid_get_numeric_string() instead) |
| HannesTschofenig | 0:796d0f61a05b | 232 | * |
| HannesTschofenig | 0:796d0f61a05b | 233 | * \param buf Buffer to write to |
| HannesTschofenig | 0:796d0f61a05b | 234 | * \param size Maximum size of buffer |
| HannesTschofenig | 0:796d0f61a05b | 235 | * \param oid Buffer containing the OID |
| HannesTschofenig | 0:796d0f61a05b | 236 | * |
| HannesTschofenig | 0:796d0f61a05b | 237 | * \return Length of the string written (excluding final NULL) or |
| HannesTschofenig | 0:796d0f61a05b | 238 | * POLARSSL_ERR_OID_BUF_TO_SMALL in case of error |
| HannesTschofenig | 0:796d0f61a05b | 239 | */ |
| HannesTschofenig | 0:796d0f61a05b | 240 | int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ); |
| HannesTschofenig | 0:796d0f61a05b | 241 | |
| HannesTschofenig | 0:796d0f61a05b | 242 | /** |
| HannesTschofenig | 0:796d0f61a05b | 243 | * \brief Check a given x509_time against the system time and check |
| HannesTschofenig | 0:796d0f61a05b | 244 | * if it is not expired. |
| HannesTschofenig | 0:796d0f61a05b | 245 | * |
| HannesTschofenig | 0:796d0f61a05b | 246 | * \param time x509_time to check |
| HannesTschofenig | 0:796d0f61a05b | 247 | * |
| HannesTschofenig | 0:796d0f61a05b | 248 | * \return 0 if the x509_time is still valid, |
| HannesTschofenig | 0:796d0f61a05b | 249 | * 1 otherwise. |
| HannesTschofenig | 0:796d0f61a05b | 250 | */ |
| HannesTschofenig | 0:796d0f61a05b | 251 | int x509_time_expired( const x509_time *time ); |
| HannesTschofenig | 0:796d0f61a05b | 252 | |
| HannesTschofenig | 0:796d0f61a05b | 253 | /** |
| HannesTschofenig | 0:796d0f61a05b | 254 | * \brief Check a given x509_time against the system time and check |
| HannesTschofenig | 0:796d0f61a05b | 255 | * if it is not from the future. |
| HannesTschofenig | 0:796d0f61a05b | 256 | * |
| HannesTschofenig | 0:796d0f61a05b | 257 | * \param time x509_time to check |
| HannesTschofenig | 0:796d0f61a05b | 258 | * |
| HannesTschofenig | 0:796d0f61a05b | 259 | * \return 0 if the x509_time is already valid, |
| HannesTschofenig | 0:796d0f61a05b | 260 | * 1 otherwise. |
| HannesTschofenig | 0:796d0f61a05b | 261 | */ |
| HannesTschofenig | 0:796d0f61a05b | 262 | int x509_time_future( const x509_time *time ); |
| HannesTschofenig | 0:796d0f61a05b | 263 | |
| HannesTschofenig | 0:796d0f61a05b | 264 | /** |
| HannesTschofenig | 0:796d0f61a05b | 265 | * \brief Checkup routine |
| HannesTschofenig | 0:796d0f61a05b | 266 | * |
| HannesTschofenig | 0:796d0f61a05b | 267 | * \return 0 if successful, or 1 if the test failed |
| HannesTschofenig | 0:796d0f61a05b | 268 | */ |
| HannesTschofenig | 0:796d0f61a05b | 269 | int x509_self_test( int verbose ); |
| HannesTschofenig | 0:796d0f61a05b | 270 | |
| HannesTschofenig | 0:796d0f61a05b | 271 | /* |
| HannesTschofenig | 0:796d0f61a05b | 272 | * Internal module functions. You probably do not want to use these unless you |
| HannesTschofenig | 0:796d0f61a05b | 273 | * know you do. |
| HannesTschofenig | 0:796d0f61a05b | 274 | */ |
| HannesTschofenig | 0:796d0f61a05b | 275 | int x509_get_name( unsigned char **p, const unsigned char *end, |
| HannesTschofenig | 0:796d0f61a05b | 276 | x509_name *cur ); |
| HannesTschofenig | 0:796d0f61a05b | 277 | int x509_get_alg_null( unsigned char **p, const unsigned char *end, |
| HannesTschofenig | 0:796d0f61a05b | 278 | x509_buf *alg ); |
| HannesTschofenig | 0:796d0f61a05b | 279 | int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ); |
| HannesTschofenig | 0:796d0f61a05b | 280 | int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg, |
| HannesTschofenig | 0:796d0f61a05b | 281 | pk_type_t *pk_alg ); |
| HannesTschofenig | 0:796d0f61a05b | 282 | int x509_get_time( unsigned char **p, const unsigned char *end, |
| HannesTschofenig | 0:796d0f61a05b | 283 | x509_time *time ); |
| HannesTschofenig | 0:796d0f61a05b | 284 | int x509_get_serial( unsigned char **p, const unsigned char *end, |
| HannesTschofenig | 0:796d0f61a05b | 285 | x509_buf *serial ); |
| HannesTschofenig | 0:796d0f61a05b | 286 | int x509_get_ext( unsigned char **p, const unsigned char *end, |
| HannesTschofenig | 0:796d0f61a05b | 287 | x509_buf *ext, int tag ); |
| HannesTschofenig | 0:796d0f61a05b | 288 | int x509_load_file( const char *path, unsigned char **buf, size_t *n ); |
| HannesTschofenig | 0:796d0f61a05b | 289 | int x509_key_size_helper( char *buf, size_t size, const char *name ); |
| HannesTschofenig | 0:796d0f61a05b | 290 | int x509_string_to_names( asn1_named_data **head, const char *name ); |
| HannesTschofenig | 0:796d0f61a05b | 291 | int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len, |
| HannesTschofenig | 0:796d0f61a05b | 292 | int critical, const unsigned char *val, |
| HannesTschofenig | 0:796d0f61a05b | 293 | size_t val_len ); |
| HannesTschofenig | 0:796d0f61a05b | 294 | int x509_write_extensions( unsigned char **p, unsigned char *start, |
| HannesTschofenig | 0:796d0f61a05b | 295 | asn1_named_data *first ); |
| HannesTschofenig | 0:796d0f61a05b | 296 | int x509_write_names( unsigned char **p, unsigned char *start, |
| HannesTschofenig | 0:796d0f61a05b | 297 | asn1_named_data *first ); |
| HannesTschofenig | 0:796d0f61a05b | 298 | int x509_write_sig( unsigned char **p, unsigned char *start, |
| HannesTschofenig | 0:796d0f61a05b | 299 | const char *oid, size_t oid_len, |
| HannesTschofenig | 0:796d0f61a05b | 300 | unsigned char *sig, size_t size ); |
| HannesTschofenig | 0:796d0f61a05b | 301 | |
| HannesTschofenig | 0:796d0f61a05b | 302 | #ifdef __cplusplus |
| HannesTschofenig | 0:796d0f61a05b | 303 | } |
| HannesTschofenig | 0:796d0f61a05b | 304 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 305 | |
| HannesTschofenig | 0:796d0f61a05b | 306 | #endif /* x509.h */ |
| HannesTschofenig | 0:796d0f61a05b | 307 | |
| HannesTschofenig | 0:796d0f61a05b | 308 |