Webserver+3d print
Embed:
(wiki syntax)
Show/hide line numbers
x509.h
Go to the documentation of this file.
00001 /** 00002 * @file x509.h 00003 * @brief X.509 certificate parsing and verification 00004 * 00005 * @section License 00006 * 00007 * Copyright (C) 2010-2017 Oryx Embedded SARL. All rights reserved. 00008 * 00009 * This file is part of CycloneCrypto Open. 00010 * 00011 * This program is free software; you can redistribute it and/or 00012 * modify it under the terms of the GNU General Public License 00013 * as published by the Free Software Foundation; either version 2 00014 * of the License, or (at your option) any later version. 00015 * 00016 * This program is distributed in the hope that it will be useful, 00017 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00018 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00019 * GNU General Public License for more details. 00020 * 00021 * You should have received a copy of the GNU General Public License 00022 * along with this program; if not, write to the Free Software Foundation, 00023 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 00024 * 00025 * @author Oryx Embedded SARL (www.oryx-embedded.com) 00026 * @version 1.7.6 00027 **/ 00028 00029 #ifndef _X509_H 00030 #define _X509_H 00031 00032 //Dependencies 00033 #include "crypto.h" 00034 #include "date_time.h" 00035 #include "rsa.h" 00036 #include "dsa.h" 00037 #include "ec.h" 00038 00039 00040 /** 00041 * @brief X.509 versions 00042 **/ 00043 00044 typedef enum 00045 { 00046 X509_VERSION_1 = 0x00, 00047 X509_VERSION_2 = 0x01, 00048 X509_VERSION_3 = 0x02, 00049 } X509Version; 00050 00051 00052 /** 00053 * @brief Issuer or subject name 00054 **/ 00055 00056 typedef struct 00057 { 00058 const uint8_t *rawData; 00059 size_t rawDataLen; 00060 const char_t *commonName; 00061 size_t commonNameLen; 00062 const char_t *surname; 00063 size_t surnameLen; 00064 const char_t *serialNumber; 00065 size_t serialNumberLen; 00066 const char_t *countryName; 00067 size_t countryNameLen; 00068 const char_t *localityName; 00069 size_t localityNameLen; 00070 const char_t *stateOrProvinceName; 00071 size_t stateOrProvinceNameLen; 00072 const char_t *organizationName; 00073 size_t organizationNameLen; 00074 const char_t *organizationalUnitName; 00075 size_t organizationalUnitNameLen; 00076 const char_t *title; 00077 size_t titleLen; 00078 const char_t *name; 00079 size_t nameLen; 00080 const char_t *givenName; 00081 size_t givenNameLen; 00082 const char_t *initials; 00083 size_t initialsLen; 00084 const char_t *generationQualifier; 00085 size_t generationQualifierLen; 00086 const char_t *dnQualifier; 00087 size_t dnQualifierLen; 00088 const char_t *pseudonym; 00089 size_t pseudonymLen; 00090 } X509Name; 00091 00092 00093 /** 00094 * @brief Validity 00095 **/ 00096 00097 typedef struct 00098 { 00099 DateTime notBefore; 00100 DateTime notAfter; 00101 } X509Validity; 00102 00103 00104 /** 00105 * @brief RSA public key 00106 **/ 00107 00108 typedef struct 00109 { 00110 const uint8_t *n; 00111 size_t nLen; 00112 const uint8_t *e; 00113 size_t eLen; 00114 } X509RsaPublicKey; 00115 00116 00117 /** 00118 * @brief DSA domain parameters 00119 **/ 00120 00121 typedef struct 00122 { 00123 const uint8_t *p; 00124 size_t pLen; 00125 const uint8_t *q; 00126 size_t qLen; 00127 const uint8_t *g; 00128 size_t gLen; 00129 } X509DsaParameters; 00130 00131 00132 /** 00133 * @brief DSA public key 00134 **/ 00135 00136 typedef struct 00137 { 00138 const uint8_t *y; 00139 size_t yLen; 00140 } X509DsaPublicKey; 00141 00142 00143 /** 00144 * @brief EC parameters 00145 **/ 00146 00147 typedef struct 00148 { 00149 const uint8_t *namedCurve; 00150 size_t namedCurveLen; 00151 } X509EcParameters; 00152 00153 00154 /** 00155 * @brief EC public key 00156 **/ 00157 00158 typedef struct 00159 { 00160 const uint8_t *q; 00161 size_t qLen; 00162 } X509EcPublicKey; 00163 00164 00165 /** 00166 * @brief Subject public key info 00167 **/ 00168 00169 typedef struct 00170 { 00171 const uint8_t *oid; 00172 size_t oidLen; 00173 #if (RSA_SUPPORT == ENABLED) 00174 X509RsaPublicKey rsaPublicKey; 00175 #endif 00176 #if (DSA_SUPPORT == ENABLED) 00177 X509DsaParameters dsaParams; 00178 X509DsaPublicKey dsaPublicKey; 00179 #endif 00180 #if (EC_SUPPORT == ENABLED) 00181 X509EcParameters ecParams; 00182 X509EcPublicKey ecPublicKey; 00183 #endif 00184 } X509SubjectPublicKeyInfo; 00185 00186 00187 /** 00188 * @brief Basic constraints 00189 **/ 00190 00191 typedef struct 00192 { 00193 bool_t ca; 00194 uint_t pathLenConstraint; 00195 } X509BasicContraints; 00196 00197 00198 /** 00199 * @brief X.509 certificate 00200 **/ 00201 00202 typedef struct 00203 { 00204 const uint8_t *tbsCertificate; 00205 size_t tbsCertificateLen; 00206 uint8_t version; 00207 const uint8_t *serialNumber; 00208 size_t serialNumberLen; 00209 X509Name issuer; 00210 X509Validity validity; 00211 X509Name subject; 00212 X509SubjectPublicKeyInfo subjectPublicKeyInfo; 00213 X509BasicContraints basicConstraints; 00214 const uint8_t *signatureAlgo; 00215 size_t signatureAlgoLen; 00216 const uint8_t *signatureValue; 00217 size_t signatureValueLen; 00218 } X509CertificateInfo; 00219 00220 00221 //X.509 related constants 00222 extern const uint8_t X509_COMMON_NAME_OID[3]; 00223 extern const uint8_t X509_SURNAME_OID[3]; 00224 extern const uint8_t X509_SERIAL_NUMBER_OID[3]; 00225 extern const uint8_t X509_COUNTRY_NAME_OID[3]; 00226 extern const uint8_t X509_LOCALITY_NAME_OID[3]; 00227 extern const uint8_t X509_STATE_OR_PROVINCE_NAME_OID[3]; 00228 extern const uint8_t X509_ORGANIZATION_NAME_OID[3]; 00229 extern const uint8_t X509_ORGANIZATIONAL_UNIT_NAME_OID[3]; 00230 extern const uint8_t X509_TITLE_OID[3]; 00231 extern const uint8_t X509_NAME_OID[3]; 00232 extern const uint8_t X509_GIVEN_NAME_OID[3]; 00233 extern const uint8_t X509_INITIALS_OID[3]; 00234 extern const uint8_t X509_GENERATION_QUALIFIER_OID[3]; 00235 extern const uint8_t X509_DN_QUALIFIER_OID[3]; 00236 extern const uint8_t X509_PSEUDONYM_OID[3]; 00237 00238 extern const uint8_t X509_SUBJECT_DIRECTORY_ATTR_OID[3]; 00239 extern const uint8_t X509_SUBJECT_KEY_ID_OID[3]; 00240 extern const uint8_t X509_KEY_USAGE_OID[3]; 00241 extern const uint8_t X509_SUBJECT_ALT_NAME_OID[3]; 00242 extern const uint8_t X509_ISSUER_ALT_NAME_OID[3]; 00243 extern const uint8_t X509_BASIC_CONSTRAINTS_OID[3]; 00244 extern const uint8_t X509_NAME_CONSTRAINTS_OID[3]; 00245 extern const uint8_t X509_CRL_DISTR_POINTS_OID[3]; 00246 extern const uint8_t X509_CERTIFICATE_POLICIES_OID[3]; 00247 extern const uint8_t X509_POLICY_MAPPINGS_OID[3]; 00248 extern const uint8_t X509_AUTHORITY_KEY_ID_OID[3]; 00249 extern const uint8_t X509_POLICY_CONSTRAINTS_OID[3]; 00250 extern const uint8_t X509_EXTENDED_KEY_USAGE_OID[3]; 00251 extern const uint8_t X509_FRESHEST_CRL_OID[3]; 00252 extern const uint8_t X509_INHIBIT_ANY_POLICY_OID[3]; 00253 00254 //X.509 related functions 00255 error_t x509ParseCertificate(const uint8_t *data, size_t length, 00256 X509CertificateInfo *certInfo); 00257 00258 error_t x509ParseTbsCertificate(const uint8_t *data, size_t length, 00259 size_t *totalLength, X509CertificateInfo *certInfo); 00260 00261 error_t x509ParseVersion(const uint8_t *data, size_t length, 00262 size_t *totalLength, X509CertificateInfo *certInfo); 00263 00264 error_t x509ParseSerialNumber(const uint8_t *data, size_t length, 00265 size_t *totalLength, X509CertificateInfo *certInfo); 00266 00267 error_t x509ParseSignature(const uint8_t *data, size_t length, 00268 size_t *totalLength, X509CertificateInfo *certInfo); 00269 00270 error_t x509ParseName(const uint8_t *data, size_t length, 00271 size_t *totalLength, X509Name *name); 00272 00273 error_t x509ParseValidity(const uint8_t *data, size_t length, 00274 size_t *totalLength, X509CertificateInfo *certInfo); 00275 00276 error_t x509ParseTime(const uint8_t *data, size_t length, 00277 size_t *totalLength, DateTime *dateTime); 00278 00279 error_t x509ParseSubjectPublicKeyInfo(const uint8_t *data, size_t length, 00280 size_t *totalLength, X509CertificateInfo *certInfo); 00281 00282 error_t x509ParseAlgorithmIdentifier(const uint8_t *data, size_t length, 00283 size_t *totalLength, X509CertificateInfo *certInfo); 00284 00285 error_t x509ParseRsaPublicKey(const uint8_t *data, 00286 size_t length, X509CertificateInfo *certInfo); 00287 00288 error_t x509ParseDsaParameters(const uint8_t *data, 00289 size_t length, X509CertificateInfo *certInfo); 00290 00291 error_t x509ParseDsaPublicKey(const uint8_t *data, 00292 size_t length, X509CertificateInfo *certInfo); 00293 00294 error_t x509ParseEcParameters(const uint8_t *data, 00295 size_t length, X509CertificateInfo *certInfo); 00296 00297 error_t x509ParseEcPublicKey(const uint8_t *data, 00298 size_t length, X509CertificateInfo *certInfo); 00299 00300 error_t x509ParseIssuerUniqueId(const uint8_t *data, size_t length, 00301 size_t *totalLength, X509CertificateInfo *certInfo); 00302 00303 error_t x509ParseSubjectUniqueId(const uint8_t *data, size_t length, 00304 size_t *totalLength, X509CertificateInfo *certInfo); 00305 00306 error_t x509ParseExtensions(const uint8_t *data, size_t length, 00307 size_t *totalLength, X509CertificateInfo *certInfo); 00308 00309 error_t x509ParseBasicConstraints(const uint8_t *data, 00310 size_t length, X509CertificateInfo *certInfo); 00311 00312 error_t x509ParseSignatureAlgo(const uint8_t *data, size_t length, 00313 size_t *totalLength, X509CertificateInfo *certInfo); 00314 00315 error_t x509ParseSignatureValue(const uint8_t *data, size_t length, 00316 size_t *totalLength, X509CertificateInfo *certInfo); 00317 00318 error_t x509ParseInt(const uint8_t *data, size_t length, uint_t *value); 00319 00320 error_t x509ReadRsaPublicKey(const X509CertificateInfo *certInfo, RsaPublicKey *key); 00321 error_t x509ReadDsaPublicKey(const X509CertificateInfo *certInfo, DsaPublicKey *key); 00322 00323 error_t x509ValidateCertificate(const X509CertificateInfo *certInfo, 00324 const X509CertificateInfo *issuerCertInfo); 00325 00326 #endif 00327
Generated on Tue Jul 12 2022 17:10:17 by
1.7.2