1 | Mbed

Users » Sergunb » Code » 1 » Documentation
Embed: (wiki syntax)
Show/hide line numbers x509.h Source File
00001 /**
00002  * @file x509.h
00003  * @brief X.509 certificate parsing and verification
00004  *
00005  * @section License
00006  *
00007  * Copyright (C) 2010-2017 Oryx Embedded SARL. All rights reserved.
00008  *
00009  * This file is part of CycloneCrypto Open.
00010  *
00011  * This program is free software; you can redistribute it and/or
00012  * modify it under the terms of the GNU General Public License
00013  * as published by the Free Software Foundation; either version 2
00014  * of the License, or (at your option) any later version.
00015  *
00016  * This program is distributed in the hope that it will be useful,
00017  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00018  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00019  * GNU General Public License for more details.
00020  *
00021  * You should have received a copy of the GNU General Public License
00022  * along with this program; if not, write to the Free Software Foundation,
00023  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
00024  *
00025  * @author Oryx Embedded SARL (www.oryx-embedded.com)
00026  * @version 1.7.6
00027  **/
00028 
00029 #ifndef _X509_H
00030 #define _X509_H
00031 
00032 //Dependencies
00033 #include "crypto.h"
00034 #include "date_time.h"
00035 #include "rsa.h"
00036 #include "dsa.h"
00037 #include "ec.h"
00038 
00039 
00040 /**
00041  * @brief X.509 versions
00042  **/
00043 
00044 typedef enum
00045 {
00046    X509_VERSION_1 = 0x00,
00047    X509_VERSION_2 = 0x01,
00048    X509_VERSION_3 = 0x02,
00049 } X509Version;
00050 
00051 
00052 /**
00053  * @brief Issuer or subject name
00054  **/
00055 
00056 typedef struct
00057 {
00058    const uint8_t *rawData;
00059    size_t rawDataLen;
00060    const char_t *commonName;
00061    size_t commonNameLen;
00062    const char_t *surname;
00063    size_t surnameLen;
00064    const char_t *serialNumber;
00065    size_t serialNumberLen;
00066    const char_t *countryName;
00067    size_t countryNameLen;
00068    const char_t *localityName;
00069    size_t localityNameLen;
00070    const char_t *stateOrProvinceName;
00071    size_t stateOrProvinceNameLen;
00072    const char_t *organizationName;
00073    size_t organizationNameLen;
00074    const char_t *organizationalUnitName;
00075    size_t organizationalUnitNameLen;
00076    const char_t *title;
00077    size_t titleLen;
00078    const char_t *name;
00079    size_t nameLen;
00080    const char_t *givenName;
00081    size_t givenNameLen;
00082    const char_t *initials;
00083    size_t initialsLen;
00084    const char_t *generationQualifier;
00085    size_t generationQualifierLen;
00086    const char_t *dnQualifier;
00087    size_t dnQualifierLen;
00088    const char_t *pseudonym;
00089    size_t pseudonymLen;
00090 } X509Name;
00091 
00092 
00093 /**
00094  * @brief Validity
00095  **/
00096 
00097 typedef struct
00098 {
00099    DateTime notBefore;
00100    DateTime notAfter;
00101 } X509Validity;
00102 
00103 
00104 /**
00105  * @brief RSA public key
00106  **/
00107 
00108 typedef struct
00109 {
00110    const uint8_t *n;
00111    size_t nLen;
00112    const uint8_t *e;
00113    size_t eLen;
00114 } X509RsaPublicKey;
00115 
00116 
00117 /**
00118  * @brief DSA domain parameters
00119  **/
00120 
00121 typedef struct
00122 {
00123    const uint8_t *p;
00124    size_t pLen;
00125    const uint8_t *q;
00126    size_t qLen;
00127    const uint8_t *g;
00128    size_t gLen;
00129 } X509DsaParameters;
00130 
00131 
00132 /**
00133  * @brief DSA public key
00134  **/
00135 
00136 typedef struct
00137 {
00138    const uint8_t *y;
00139    size_t yLen;
00140 } X509DsaPublicKey;
00141 
00142 
00143 /**
00144  * @brief EC parameters
00145  **/
00146 
00147 typedef struct
00148 {
00149    const uint8_t *namedCurve;
00150    size_t namedCurveLen;
00151 } X509EcParameters;
00152 
00153 
00154 /**
00155  * @brief EC public key
00156  **/
00157 
00158 typedef struct
00159 {
00160    const uint8_t *q;
00161    size_t qLen;
00162 } X509EcPublicKey;
00163 
00164 
00165 /**
00166  * @brief Subject public key info
00167  **/
00168 
00169 typedef struct
00170 {
00171    const uint8_t *oid;
00172    size_t oidLen;
00173 #if (RSA_SUPPORT == ENABLED)
00174    X509RsaPublicKey rsaPublicKey;
00175 #endif
00176 #if (DSA_SUPPORT == ENABLED)
00177    X509DsaParameters dsaParams;
00178    X509DsaPublicKey dsaPublicKey;
00179 #endif
00180 #if (EC_SUPPORT == ENABLED)
00181    X509EcParameters ecParams;
00182    X509EcPublicKey ecPublicKey;
00183 #endif
00184 } X509SubjectPublicKeyInfo;
00185 
00186 
00187 /**
00188  * @brief Basic constraints
00189  **/
00190 
00191 typedef struct
00192 {
00193    bool_t ca;
00194    uint_t pathLenConstraint;
00195 } X509BasicContraints;
00196 
00197 
00198 /**
00199  * @brief X.509 certificate
00200  **/
00201 
00202 typedef struct
00203 {
00204    const uint8_t *tbsCertificate;
00205    size_t tbsCertificateLen;
00206    uint8_t version;
00207    const uint8_t *serialNumber;
00208    size_t serialNumberLen;
00209    X509Name issuer;
00210    X509Validity validity;
00211    X509Name subject;
00212    X509SubjectPublicKeyInfo subjectPublicKeyInfo;
00213    X509BasicContraints basicConstraints;
00214    const uint8_t *signatureAlgo;
00215    size_t signatureAlgoLen;
00216    const uint8_t *signatureValue;
00217    size_t signatureValueLen;
00218 } X509CertificateInfo;
00219 
00220 
00221 //X.509 related constants
00222 extern const uint8_t X509_COMMON_NAME_OID[3];
00223 extern const uint8_t X509_SURNAME_OID[3];
00224 extern const uint8_t X509_SERIAL_NUMBER_OID[3];
00225 extern const uint8_t X509_COUNTRY_NAME_OID[3];
00226 extern const uint8_t X509_LOCALITY_NAME_OID[3];
00227 extern const uint8_t X509_STATE_OR_PROVINCE_NAME_OID[3];
00228 extern const uint8_t X509_ORGANIZATION_NAME_OID[3];
00229 extern const uint8_t X509_ORGANIZATIONAL_UNIT_NAME_OID[3];
00230 extern const uint8_t X509_TITLE_OID[3];
00231 extern const uint8_t X509_NAME_OID[3];
00232 extern const uint8_t X509_GIVEN_NAME_OID[3];
00233 extern const uint8_t X509_INITIALS_OID[3];
00234 extern const uint8_t X509_GENERATION_QUALIFIER_OID[3];
00235 extern const uint8_t X509_DN_QUALIFIER_OID[3];
00236 extern const uint8_t X509_PSEUDONYM_OID[3];
00237 
00238 extern const uint8_t X509_SUBJECT_DIRECTORY_ATTR_OID[3];
00239 extern const uint8_t X509_SUBJECT_KEY_ID_OID[3];
00240 extern const uint8_t X509_KEY_USAGE_OID[3];
00241 extern const uint8_t X509_SUBJECT_ALT_NAME_OID[3];
00242 extern const uint8_t X509_ISSUER_ALT_NAME_OID[3];
00243 extern const uint8_t X509_BASIC_CONSTRAINTS_OID[3];
00244 extern const uint8_t X509_NAME_CONSTRAINTS_OID[3];
00245 extern const uint8_t X509_CRL_DISTR_POINTS_OID[3];
00246 extern const uint8_t X509_CERTIFICATE_POLICIES_OID[3];
00247 extern const uint8_t X509_POLICY_MAPPINGS_OID[3];
00248 extern const uint8_t X509_AUTHORITY_KEY_ID_OID[3];
00249 extern const uint8_t X509_POLICY_CONSTRAINTS_OID[3];
00250 extern const uint8_t X509_EXTENDED_KEY_USAGE_OID[3];
00251 extern const uint8_t X509_FRESHEST_CRL_OID[3];
00252 extern const uint8_t X509_INHIBIT_ANY_POLICY_OID[3];
00253 
00254 //X.509 related functions
00255 error_t x509ParseCertificate(const uint8_t *data, size_t length,
00256    X509CertificateInfo *certInfo);
00257 
00258 error_t x509ParseTbsCertificate(const uint8_t *data, size_t length,
00259    size_t *totalLength, X509CertificateInfo *certInfo);
00260 
00261 error_t x509ParseVersion(const uint8_t *data, size_t length,
00262    size_t *totalLength, X509CertificateInfo *certInfo);
00263 
00264 error_t x509ParseSerialNumber(const uint8_t *data, size_t length,
00265    size_t *totalLength, X509CertificateInfo *certInfo);
00266 
00267 error_t x509ParseSignature(const uint8_t *data, size_t length,
00268    size_t *totalLength, X509CertificateInfo *certInfo);
00269 
00270 error_t x509ParseName(const uint8_t *data, size_t length,
00271    size_t *totalLength, X509Name *name);
00272 
00273 error_t x509ParseValidity(const uint8_t *data, size_t length,
00274    size_t *totalLength, X509CertificateInfo *certInfo);
00275 
00276 error_t x509ParseTime(const uint8_t *data, size_t length,
00277    size_t *totalLength, DateTime *dateTime);
00278 
00279 error_t x509ParseSubjectPublicKeyInfo(const uint8_t *data, size_t length,
00280    size_t *totalLength, X509CertificateInfo *certInfo);
00281 
00282 error_t x509ParseAlgorithmIdentifier(const uint8_t *data, size_t length,
00283    size_t *totalLength, X509CertificateInfo *certInfo);
00284 
00285 error_t x509ParseRsaPublicKey(const uint8_t *data,
00286    size_t length, X509CertificateInfo *certInfo);
00287 
00288 error_t x509ParseDsaParameters(const uint8_t *data,
00289    size_t length, X509CertificateInfo *certInfo);
00290 
00291 error_t x509ParseDsaPublicKey(const uint8_t *data,
00292    size_t length, X509CertificateInfo *certInfo);
00293 
00294 error_t x509ParseEcParameters(const uint8_t *data,
00295    size_t length, X509CertificateInfo *certInfo);
00296 
00297 error_t x509ParseEcPublicKey(const uint8_t *data,
00298    size_t length, X509CertificateInfo *certInfo);
00299 
00300 error_t x509ParseIssuerUniqueId(const uint8_t *data, size_t length,
00301    size_t *totalLength, X509CertificateInfo *certInfo);
00302 
00303 error_t x509ParseSubjectUniqueId(const uint8_t *data, size_t length,
00304    size_t *totalLength, X509CertificateInfo *certInfo);
00305 
00306 error_t x509ParseExtensions(const uint8_t *data, size_t length,
00307    size_t *totalLength, X509CertificateInfo *certInfo);
00308 
00309 error_t x509ParseBasicConstraints(const uint8_t *data,
00310    size_t length, X509CertificateInfo *certInfo);
00311 
00312 error_t x509ParseSignatureAlgo(const uint8_t *data, size_t length,
00313    size_t *totalLength, X509CertificateInfo *certInfo);
00314 
00315 error_t x509ParseSignatureValue(const uint8_t *data, size_t length,
00316    size_t *totalLength, X509CertificateInfo *certInfo);
00317 
00318 error_t x509ParseInt(const uint8_t *data, size_t length, uint_t *value);
00319 
00320 error_t x509ReadRsaPublicKey(const X509CertificateInfo *certInfo, RsaPublicKey *key);
00321 error_t x509ReadDsaPublicKey(const X509CertificateInfo *certInfo, DsaPublicKey *key);
00322 
00323 error_t x509ValidateCertificate(const X509CertificateInfo *certInfo,
00324    const X509CertificateInfo *issuerCertInfo);
00325 
00326 #endif
00327
Repository toolbox

Repository details

Type:	Library
Created:	04 Feb 2017
Imports:	72
Forks:	0
Commits:	1
Dependents:	1
Dependencies:	0
Followers:	6
Important changes to repositories hosted on mbed.com

x509.h

Repository toolbox

Repository details

Important Information for this Arm website

Important changes to repositories hosted on mbed.com

x509.h

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning
