Kenji Arai
/
mbed-os_TYBLE16
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: TYBLE16_simple_data_logger TYBLE16_MP3_Air
Embed:
(wiki syntax)
Show/hide line numbers
x509_crt.h
Go to the documentation of this file.
00001 /** 00002 * \file x509_crt.h 00003 * 00004 * \brief X.509 certificate parsing and writing 00005 */ 00006 /* 00007 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 00008 * SPDX-License-Identifier: Apache-2.0 00009 * 00010 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00011 * not use this file except in compliance with the License. 00012 * You may obtain a copy of the License at 00013 * 00014 * http://www.apache.org/licenses/LICENSE-2.0 00015 * 00016 * Unless required by applicable law or agreed to in writing, software 00017 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00018 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00019 * See the License for the specific language governing permissions and 00020 * limitations under the License. 00021 * 00022 * This file is part of mbed TLS (https://tls.mbed.org) 00023 */ 00024 #ifndef MBEDTLS_X509_CRT_H 00025 #define MBEDTLS_X509_CRT_H 00026 00027 #if !defined(MBEDTLS_CONFIG_FILE) 00028 #include "mbedtls/config.h" 00029 #else 00030 #include MBEDTLS_CONFIG_FILE 00031 #endif 00032 00033 #include "mbedtls/x509.h" 00034 #include "mbedtls/x509_crl.h" 00035 #include "mbedtls/bignum.h" 00036 00037 /** 00038 * \addtogroup x509_module 00039 * \{ 00040 */ 00041 00042 #ifdef __cplusplus 00043 extern "C" { 00044 #endif 00045 00046 /** 00047 * \name Structures and functions for parsing and writing X.509 certificates 00048 * \{ 00049 */ 00050 00051 /** 00052 * Container for an X.509 certificate. The certificate may be chained. 00053 */ 00054 typedef struct mbedtls_x509_crt 00055 { 00056 int own_buffer; /**< Indicates if \c raw is owned 00057 * by the structure or not. */ 00058 mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ 00059 mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ 00060 00061 int version; /**< The X.509 version. (1=v1, 2=v2, 3=v3) */ 00062 mbedtls_x509_buf serial; /**< Unique id for certificate issued by a specific CA. */ 00063 mbedtls_x509_buf sig_oid; /**< Signature algorithm, e.g. sha1RSA */ 00064 00065 mbedtls_x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */ 00066 mbedtls_x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */ 00067 00068 mbedtls_x509_name issuer; /**< The parsed issuer data (named information object). */ 00069 mbedtls_x509_name subject; /**< The parsed subject data (named information object). */ 00070 00071 mbedtls_x509_time valid_from; /**< Start time of certificate validity. */ 00072 mbedtls_x509_time valid_to; /**< End time of certificate validity. */ 00073 00074 mbedtls_x509_buf pk_raw; 00075 mbedtls_pk_context pk; /**< Container for the public key context. */ 00076 00077 mbedtls_x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ 00078 mbedtls_x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */ 00079 mbedtls_x509_buf v3_ext; /**< Optional X.509 v3 extensions. */ 00080 mbedtls_x509_sequence subject_alt_names; /**< Optional list of raw entries of Subject Alternative Names extension (currently only dNSName and OtherName are listed). */ 00081 00082 mbedtls_x509_sequence certificate_policies; /**< Optional list of certificate policies (Only anyPolicy is printed and enforced, however the rest of the policies are still listed). */ 00083 00084 int ext_types; /**< Bit string containing detected and parsed extensions */ 00085 int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */ 00086 int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */ 00087 00088 unsigned int key_usage; /**< Optional key usage extension value: See the values in x509.h */ 00089 00090 mbedtls_x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */ 00091 00092 unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */ 00093 00094 mbedtls_x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ 00095 mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ 00096 mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ 00097 void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ 00098 00099 struct mbedtls_x509_crt *next; /**< Next certificate in the CA-chain. */ 00100 } 00101 mbedtls_x509_crt; 00102 00103 /** 00104 * From RFC 5280 section 4.2.1.6: 00105 * OtherName ::= SEQUENCE { 00106 * type-id OBJECT IDENTIFIER, 00107 * value [0] EXPLICIT ANY DEFINED BY type-id } 00108 */ 00109 typedef struct mbedtls_x509_san_other_name 00110 { 00111 /** 00112 * The type_id is an OID as deifned in RFC 5280. 00113 * To check the value of the type id, you should use 00114 * \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf. 00115 */ 00116 mbedtls_x509_buf type_id; /**< The type id. */ 00117 union 00118 { 00119 /** 00120 * From RFC 4108 section 5: 00121 * HardwareModuleName ::= SEQUENCE { 00122 * hwType OBJECT IDENTIFIER, 00123 * hwSerialNum OCTET STRING } 00124 */ 00125 struct 00126 { 00127 mbedtls_x509_buf oid; /**< The object identifier. */ 00128 mbedtls_x509_buf val; /**< The named value. */ 00129 } 00130 hardware_module_name; 00131 } 00132 value; 00133 } 00134 mbedtls_x509_san_other_name; 00135 00136 /** 00137 * A structure for holding the parsed Subject Alternative Name, according to type 00138 */ 00139 typedef struct mbedtls_x509_subject_alternative_name 00140 { 00141 int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */ 00142 union { 00143 mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */ 00144 mbedtls_x509_buf unstructured_name; /**< The buffer for the un constructed types. Only dnsName currently supported */ 00145 } 00146 san; /**< A union of the supported SAN types */ 00147 } 00148 mbedtls_x509_subject_alternative_name; 00149 00150 /** 00151 * Build flag from an algorithm/curve identifier (pk, md, ecp) 00152 * Since 0 is always XXX_NONE, ignore it. 00153 */ 00154 #define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( (id) - 1 ) ) 00155 00156 /** 00157 * Security profile for certificate verification. 00158 * 00159 * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG(). 00160 */ 00161 typedef struct mbedtls_x509_crt_profile 00162 { 00163 uint32_t allowed_mds; /**< MDs for signatures */ 00164 uint32_t allowed_pks; /**< PK algs for signatures */ 00165 uint32_t allowed_curves; /**< Elliptic curves for ECDSA */ 00166 uint32_t rsa_min_bitlen; /**< Minimum size for RSA keys */ 00167 } 00168 mbedtls_x509_crt_profile; 00169 00170 #define MBEDTLS_X509_CRT_VERSION_1 0 00171 #define MBEDTLS_X509_CRT_VERSION_2 1 00172 #define MBEDTLS_X509_CRT_VERSION_3 2 00173 00174 #define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32 00175 #define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15 00176 00177 #if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN ) 00178 #define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 00179 #endif 00180 00181 /** 00182 * Container for writing a certificate (CRT) 00183 */ 00184 typedef struct mbedtls_x509write_cert 00185 { 00186 int version; 00187 mbedtls_mpi serial; 00188 mbedtls_pk_context *subject_key; 00189 mbedtls_pk_context *issuer_key; 00190 mbedtls_asn1_named_data *subject; 00191 mbedtls_asn1_named_data *issuer; 00192 mbedtls_md_type_t md_alg; 00193 char not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]; 00194 char not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]; 00195 mbedtls_asn1_named_data *extensions; 00196 } 00197 mbedtls_x509write_cert; 00198 00199 /** 00200 * Item in a verification chain: cert and flags for it 00201 */ 00202 typedef struct { 00203 mbedtls_x509_crt *crt; 00204 uint32_t flags; 00205 } mbedtls_x509_crt_verify_chain_item; 00206 00207 /** 00208 * Max size of verification chain: end-entity + intermediates + trusted root 00209 */ 00210 #define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) 00211 00212 /** 00213 * Verification chain as built by \c mbedtls_crt_verify_chain() 00214 */ 00215 typedef struct 00216 { 00217 mbedtls_x509_crt_verify_chain_item items[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE]; 00218 unsigned len; 00219 00220 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) 00221 /* This stores the list of potential trusted signers obtained from 00222 * the CA callback used for the CRT verification, if configured. 00223 * We must track it somewhere because the callback passes its 00224 * ownership to the caller. */ 00225 mbedtls_x509_crt *trust_ca_cb_result; 00226 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ 00227 } mbedtls_x509_crt_verify_chain; 00228 00229 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) 00230 00231 /** 00232 * \brief Context for resuming X.509 verify operations 00233 */ 00234 typedef struct 00235 { 00236 /* for check_signature() */ 00237 mbedtls_pk_restart_ctx pk; 00238 00239 /* for find_parent_in() */ 00240 mbedtls_x509_crt *parent; /* non-null iff parent_in in progress */ 00241 mbedtls_x509_crt *fallback_parent; 00242 int fallback_signature_is_good; 00243 00244 /* for find_parent() */ 00245 int parent_is_trusted; /* -1 if find_parent is not in progress */ 00246 00247 /* for verify_chain() */ 00248 enum { 00249 x509_crt_rs_none, 00250 x509_crt_rs_find_parent, 00251 } in_progress; /* none if no operation is in progress */ 00252 int self_cnt; 00253 mbedtls_x509_crt_verify_chain ver_chain; 00254 00255 } mbedtls_x509_crt_restart_ctx; 00256 00257 #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ 00258 00259 /* Now we can declare functions that take a pointer to that */ 00260 typedef void mbedtls_x509_crt_restart_ctx; 00261 00262 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ 00263 00264 #if defined(MBEDTLS_X509_CRT_PARSE_C) 00265 /** 00266 * Default security profile. Should provide a good balance between security 00267 * and compatibility with current deployments. 00268 */ 00269 extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default; 00270 00271 /** 00272 * Expected next default profile. Recommended for new deployments. 00273 * Currently targets a 128-bit security level, except for RSA-2048. 00274 */ 00275 extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next; 00276 00277 /** 00278 * NSA Suite B profile. 00279 */ 00280 extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb; 00281 00282 /** 00283 * \brief Parse a single DER formatted certificate and add it 00284 * to the end of the provided chained list. 00285 * 00286 * \param chain The pointer to the start of the CRT chain to attach to. 00287 * When parsing the first CRT in a chain, this should point 00288 * to an instance of ::mbedtls_x509_crt initialized through 00289 * mbedtls_x509_crt_init(). 00290 * \param buf The buffer holding the DER encoded certificate. 00291 * \param buflen The size in Bytes of \p buf. 00292 * 00293 * \note This function makes an internal copy of the CRT buffer 00294 * \p buf. In particular, \p buf may be destroyed or reused 00295 * after this call returns. To avoid duplicating the CRT 00296 * buffer (at the cost of stricter lifetime constraints), 00297 * use mbedtls_x509_crt_parse_der_nocopy() instead. 00298 * 00299 * \return \c 0 if successful. 00300 * \return A negative error code on failure. 00301 */ 00302 int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, 00303 const unsigned char *buf, 00304 size_t buflen ); 00305 00306 /** 00307 * \brief Parse a single DER formatted certificate and add it 00308 * to the end of the provided chained list. This is a 00309 * variant of mbedtls_x509_crt_parse_der() which takes 00310 * temporary ownership of the CRT buffer until the CRT 00311 * is destroyed. 00312 * 00313 * \param chain The pointer to the start of the CRT chain to attach to. 00314 * When parsing the first CRT in a chain, this should point 00315 * to an instance of ::mbedtls_x509_crt initialized through 00316 * mbedtls_x509_crt_init(). 00317 * \param buf The address of the readable buffer holding the DER encoded 00318 * certificate to use. On success, this buffer must be 00319 * retained and not be changed for the liftetime of the 00320 * CRT chain \p chain, that is, until \p chain is destroyed 00321 * through a call to mbedtls_x509_crt_free(). 00322 * \param buflen The size in Bytes of \p buf. 00323 * 00324 * \note This call is functionally equivalent to 00325 * mbedtls_x509_crt_parse_der(), but it avoids creating a 00326 * copy of the input buffer at the cost of stronger lifetime 00327 * constraints. This is useful in constrained environments 00328 * where duplication of the CRT cannot be tolerated. 00329 * 00330 * \return \c 0 if successful. 00331 * \return A negative error code on failure. 00332 */ 00333 int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, 00334 const unsigned char *buf, 00335 size_t buflen ); 00336 00337 /** 00338 * \brief Parse one DER-encoded or one or more concatenated PEM-encoded 00339 * certificates and add them to the chained list. 00340 * 00341 * For CRTs in PEM encoding, the function parses permissively: 00342 * if at least one certificate can be parsed, the function 00343 * returns the number of certificates for which parsing failed 00344 * (hence \c 0 if all certificates were parsed successfully). 00345 * If no certificate could be parsed, the function returns 00346 * the first (negative) error encountered during parsing. 00347 * 00348 * PEM encoded certificates may be interleaved by other data 00349 * such as human readable descriptions of their content, as 00350 * long as the certificates are enclosed in the PEM specific 00351 * '-----{BEGIN/END} CERTIFICATE-----' delimiters. 00352 * 00353 * \param chain The chain to which to add the parsed certificates. 00354 * \param buf The buffer holding the certificate data in PEM or DER format. 00355 * For certificates in PEM encoding, this may be a concatenation 00356 * of multiple certificates; for DER encoding, the buffer must 00357 * comprise exactly one certificate. 00358 * \param buflen The size of \p buf, including the terminating \c NULL byte 00359 * in case of PEM encoded data. 00360 * 00361 * \return \c 0 if all certificates were parsed successfully. 00362 * \return The (positive) number of certificates that couldn't 00363 * be parsed if parsing was partly successful (see above). 00364 * \return A negative X509 or PEM error code otherwise. 00365 * 00366 */ 00367 int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ); 00368 00369 #if defined(MBEDTLS_FS_IO) 00370 /** 00371 * \brief Load one or more certificates and add them 00372 * to the chained list. Parses permissively. If some 00373 * certificates can be parsed, the result is the number 00374 * of failed certificates it encountered. If none complete 00375 * correctly, the first error is returned. 00376 * 00377 * \param chain points to the start of the chain 00378 * \param path filename to read the certificates from 00379 * 00380 * \return 0 if all certificates parsed successfully, a positive number 00381 * if partly successful or a specific X509 or PEM error code 00382 */ 00383 int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ); 00384 00385 /** 00386 * \brief Load one or more certificate files from a path and add them 00387 * to the chained list. Parses permissively. If some 00388 * certificates can be parsed, the result is the number 00389 * of failed certificates it encountered. If none complete 00390 * correctly, the first error is returned. 00391 * 00392 * \param chain points to the start of the chain 00393 * \param path directory / folder to read the certificate files from 00394 * 00395 * \return 0 if all certificates parsed successfully, a positive number 00396 * if partly successful or a specific X509 or PEM error code 00397 */ 00398 int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); 00399 00400 #endif /* MBEDTLS_FS_IO */ 00401 /** 00402 * \brief This function parses an item in the SubjectAlternativeNames 00403 * extension. 00404 * 00405 * \param san_buf The buffer holding the raw data item of the subject 00406 * alternative name. 00407 * \param san The target structure to populate with the parsed presentation 00408 * of the subject alternative name encoded in \p san_raw. 00409 * 00410 * \note Only "dnsName" and "otherName" of type hardware_module_name 00411 * as defined in RFC 4180 is supported. 00412 * 00413 * \note This function should be called on a single raw data of 00414 * subject alternative name. For example, after successful 00415 * certificate parsing, one must iterate on every item in the 00416 * \p crt->subject_alt_names sequence, and pass it to 00417 * this function. 00418 * 00419 * \warning The target structure contains pointers to the raw data of the 00420 * parsed certificate, and its lifetime is restricted by the 00421 * lifetime of the certificate. 00422 * 00423 * \return \c 0 on success 00424 * \return #MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE for an unsupported 00425 * SAN type. 00426 * \return Another negative value for any other failure. 00427 */ 00428 int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, 00429 mbedtls_x509_subject_alternative_name *san ); 00430 /** 00431 * \brief Returns an informational string about the 00432 * certificate. 00433 * 00434 * \param buf Buffer to write to 00435 * \param size Maximum size of buffer 00436 * \param prefix A line prefix 00437 * \param crt The X509 certificate to represent 00438 * 00439 * \return The length of the string written (not including the 00440 * terminated nul byte), or a negative error code. 00441 */ 00442 int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, 00443 const mbedtls_x509_crt *crt ); 00444 00445 /** 00446 * \brief Returns an informational string about the 00447 * verification status of a certificate. 00448 * 00449 * \param buf Buffer to write to 00450 * \param size Maximum size of buffer 00451 * \param prefix A line prefix 00452 * \param flags Verification flags created by mbedtls_x509_crt_verify() 00453 * 00454 * \return The length of the string written (not including the 00455 * terminated nul byte), or a negative error code. 00456 */ 00457 int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, 00458 uint32_t flags ); 00459 00460 /** 00461 * \brief Verify a chain of certificates. 00462 * 00463 * The verify callback is a user-supplied callback that 00464 * can clear / modify / add flags for a certificate. If set, 00465 * the verification callback is called for each 00466 * certificate in the chain (from the trust-ca down to the 00467 * presented crt). The parameters for the callback are: 00468 * (void *parameter, mbedtls_x509_crt *crt, int certificate_depth, 00469 * int *flags). With the flags representing current flags for 00470 * that specific certificate and the certificate depth from 00471 * the bottom (Peer cert depth = 0). 00472 * 00473 * All flags left after returning from the callback 00474 * are also returned to the application. The function should 00475 * return 0 for anything (including invalid certificates) 00476 * other than fatal error, as a non-zero return code 00477 * immediately aborts the verification process. For fatal 00478 * errors, a specific error code should be used (different 00479 * from MBEDTLS_ERR_X509_CERT_VERIFY_FAILED which should not 00480 * be returned at this point), or MBEDTLS_ERR_X509_FATAL_ERROR 00481 * can be used if no better code is available. 00482 * 00483 * \note In case verification failed, the results can be displayed 00484 * using \c mbedtls_x509_crt_verify_info() 00485 * 00486 * \note Same as \c mbedtls_x509_crt_verify_with_profile() with the 00487 * default security profile. 00488 * 00489 * \note It is your responsibility to provide up-to-date CRLs for 00490 * all trusted CAs. If no CRL is provided for the CA that was 00491 * used to sign the certificate, CRL verification is skipped 00492 * silently, that is *without* setting any flag. 00493 * 00494 * \note The \c trust_ca list can contain two types of certificates: 00495 * (1) those of trusted root CAs, so that certificates 00496 * chaining up to those CAs will be trusted, and (2) 00497 * self-signed end-entity certificates to be trusted (for 00498 * specific peers you know) - in that case, the self-signed 00499 * certificate doesn't need to have the CA bit set. 00500 * 00501 * \param crt The certificate chain to be verified. 00502 * \param trust_ca The list of trusted CAs. 00503 * \param ca_crl The list of CRLs for trusted CAs. 00504 * \param cn The expected Common Name. This may be \c NULL if the 00505 * CN need not be verified. 00506 * \param flags The address at which to store the result of the verification. 00507 * If the verification couldn't be completed, the flag value is 00508 * set to (uint32_t) -1. 00509 * \param f_vrfy The verification callback to use. See the documentation 00510 * of mbedtls_x509_crt_verify() for more information. 00511 * \param p_vrfy The context to be passed to \p f_vrfy. 00512 * 00513 * \return \c 0 if the chain is valid with respect to the 00514 * passed CN, CAs, CRLs and security profile. 00515 * \return #MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in case the 00516 * certificate chain verification failed. In this case, 00517 * \c *flags will have one or more 00518 * \c MBEDTLS_X509_BADCERT_XXX or \c MBEDTLS_X509_BADCRL_XXX 00519 * flags set. 00520 * \return Another negative error code in case of a fatal error 00521 * encountered during the verification process. 00522 */ 00523 int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, 00524 mbedtls_x509_crt *trust_ca, 00525 mbedtls_x509_crl *ca_crl, 00526 const char *cn, uint32_t *flags, 00527 int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), 00528 void *p_vrfy ); 00529 00530 /** 00531 * \brief Verify a chain of certificates with respect to 00532 * a configurable security profile. 00533 * 00534 * \note Same as \c mbedtls_x509_crt_verify(), but with explicit 00535 * security profile. 00536 * 00537 * \note The restrictions on keys (RSA minimum size, allowed curves 00538 * for ECDSA) apply to all certificates: trusted root, 00539 * intermediate CAs if any, and end entity certificate. 00540 * 00541 * \param crt The certificate chain to be verified. 00542 * \param trust_ca The list of trusted CAs. 00543 * \param ca_crl The list of CRLs for trusted CAs. 00544 * \param profile The security profile to use for the verification. 00545 * \param cn The expected Common Name. This may be \c NULL if the 00546 * CN need not be verified. 00547 * \param flags The address at which to store the result of the verification. 00548 * If the verification couldn't be completed, the flag value is 00549 * set to (uint32_t) -1. 00550 * \param f_vrfy The verification callback to use. See the documentation 00551 * of mbedtls_x509_crt_verify() for more information. 00552 * \param p_vrfy The context to be passed to \p f_vrfy. 00553 * 00554 * \return \c 0 if the chain is valid with respect to the 00555 * passed CN, CAs, CRLs and security profile. 00556 * \return #MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in case the 00557 * certificate chain verification failed. In this case, 00558 * \c *flags will have one or more 00559 * \c MBEDTLS_X509_BADCERT_XXX or \c MBEDTLS_X509_BADCRL_XXX 00560 * flags set. 00561 * \return Another negative error code in case of a fatal error 00562 * encountered during the verification process. 00563 */ 00564 int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, 00565 mbedtls_x509_crt *trust_ca, 00566 mbedtls_x509_crl *ca_crl, 00567 const mbedtls_x509_crt_profile *profile, 00568 const char *cn, uint32_t *flags, 00569 int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), 00570 void *p_vrfy ); 00571 00572 /** 00573 * \brief Restartable version of \c mbedtls_crt_verify_with_profile() 00574 * 00575 * \note Performs the same job as \c mbedtls_crt_verify_with_profile() 00576 * but can return early and restart according to the limit 00577 * set with \c mbedtls_ecp_set_max_ops() to reduce blocking. 00578 * 00579 * \param crt The certificate chain to be verified. 00580 * \param trust_ca The list of trusted CAs. 00581 * \param ca_crl The list of CRLs for trusted CAs. 00582 * \param profile The security profile to use for the verification. 00583 * \param cn The expected Common Name. This may be \c NULL if the 00584 * CN need not be verified. 00585 * \param flags The address at which to store the result of the verification. 00586 * If the verification couldn't be completed, the flag value is 00587 * set to (uint32_t) -1. 00588 * \param f_vrfy The verification callback to use. See the documentation 00589 * of mbedtls_x509_crt_verify() for more information. 00590 * \param p_vrfy The context to be passed to \p f_vrfy. 00591 * \param rs_ctx The restart context to use. This may be set to \c NULL 00592 * to disable restartable ECC. 00593 * 00594 * \return See \c mbedtls_crt_verify_with_profile(), or 00595 * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of 00596 * operations was reached: see \c mbedtls_ecp_set_max_ops(). 00597 */ 00598 int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, 00599 mbedtls_x509_crt *trust_ca, 00600 mbedtls_x509_crl *ca_crl, 00601 const mbedtls_x509_crt_profile *profile, 00602 const char *cn, uint32_t *flags, 00603 int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), 00604 void *p_vrfy, 00605 mbedtls_x509_crt_restart_ctx *rs_ctx ); 00606 00607 /** 00608 * \brief The type of trusted certificate callbacks. 00609 * 00610 * Callbacks of this type are passed to and used by the CRT 00611 * verification routine mbedtls_x509_crt_verify_with_ca_cb() 00612 * when looking for trusted signers of a given certificate. 00613 * 00614 * On success, the callback returns a list of trusted 00615 * certificates to be considered as potential signers 00616 * for the input certificate. 00617 * 00618 * \param p_ctx An opaque context passed to the callback. 00619 * \param child The certificate for which to search a potential signer. 00620 * This will point to a readable certificate. 00621 * \param candidate_cas The address at which to store the address of the first 00622 * entry in the generated linked list of candidate signers. 00623 * This will not be \c NULL. 00624 * 00625 * \note The callback must only return a non-zero value on a 00626 * fatal error. If, in contrast, the search for a potential 00627 * signer completes without a single candidate, the 00628 * callback must return \c 0 and set \c *candidate_cas 00629 * to \c NULL. 00630 * 00631 * \return \c 0 on success. In this case, \c *candidate_cas points 00632 * to a heap-allocated linked list of instances of 00633 * ::mbedtls_x509_crt, and ownership of this list is passed 00634 * to the caller. 00635 * \return A negative error code on failure. 00636 */ 00637 typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx, 00638 mbedtls_x509_crt const *child, 00639 mbedtls_x509_crt **candidate_cas ); 00640 00641 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) 00642 /** 00643 * \brief Version of \c mbedtls_x509_crt_verify_with_profile() which 00644 * uses a callback to acquire the list of trusted CA 00645 * certificates. 00646 * 00647 * \param crt The certificate chain to be verified. 00648 * \param f_ca_cb The callback to be used to query for potential signers 00649 * of a given child certificate. See the documentation of 00650 * ::mbedtls_x509_crt_ca_cb_t for more information. 00651 * \param p_ca_cb The opaque context to be passed to \p f_ca_cb. 00652 * \param profile The security profile for the verification. 00653 * \param cn The expected Common Name. This may be \c NULL if the 00654 * CN need not be verified. 00655 * \param flags The address at which to store the result of the verification. 00656 * If the verification couldn't be completed, the flag value is 00657 * set to (uint32_t) -1. 00658 * \param f_vrfy The verification callback to use. See the documentation 00659 * of mbedtls_x509_crt_verify() for more information. 00660 * \param p_vrfy The context to be passed to \p f_vrfy. 00661 * 00662 * \return See \c mbedtls_crt_verify_with_profile(). 00663 */ 00664 int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, 00665 mbedtls_x509_crt_ca_cb_t f_ca_cb, 00666 void *p_ca_cb, 00667 const mbedtls_x509_crt_profile *profile, 00668 const char *cn, uint32_t *flags, 00669 int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), 00670 void *p_vrfy ); 00671 00672 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ 00673 00674 #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) 00675 /** 00676 * \brief Check usage of certificate against keyUsage extension. 00677 * 00678 * \param crt Leaf certificate used. 00679 * \param usage Intended usage(s) (eg MBEDTLS_X509_KU_KEY_ENCIPHERMENT 00680 * before using the certificate to perform an RSA key 00681 * exchange). 00682 * 00683 * \note Except for decipherOnly and encipherOnly, a bit set in the 00684 * usage argument means this bit MUST be set in the 00685 * certificate. For decipherOnly and encipherOnly, it means 00686 * that bit MAY be set. 00687 * 00688 * \return 0 is these uses of the certificate are allowed, 00689 * MBEDTLS_ERR_X509_BAD_INPUT_DATA if the keyUsage extension 00690 * is present but does not match the usage argument. 00691 * 00692 * \note You should only call this function on leaf certificates, on 00693 * (intermediate) CAs the keyUsage extension is automatically 00694 * checked by \c mbedtls_x509_crt_verify(). 00695 */ 00696 int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, 00697 unsigned int usage ); 00698 #endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */ 00699 00700 #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) 00701 /** 00702 * \brief Check usage of certificate against extendedKeyUsage. 00703 * 00704 * \param crt Leaf certificate used. 00705 * \param usage_oid Intended usage (eg MBEDTLS_OID_SERVER_AUTH or 00706 * MBEDTLS_OID_CLIENT_AUTH). 00707 * \param usage_len Length of usage_oid (eg given by MBEDTLS_OID_SIZE()). 00708 * 00709 * \return 0 if this use of the certificate is allowed, 00710 * MBEDTLS_ERR_X509_BAD_INPUT_DATA if not. 00711 * 00712 * \note Usually only makes sense on leaf certificates. 00713 */ 00714 int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, 00715 const char *usage_oid, 00716 size_t usage_len ); 00717 #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ 00718 00719 #if defined(MBEDTLS_X509_CRL_PARSE_C) 00720 /** 00721 * \brief Verify the certificate revocation status 00722 * 00723 * \param crt a certificate to be verified 00724 * \param crl the CRL to verify against 00725 * 00726 * \return 1 if the certificate is revoked, 0 otherwise 00727 * 00728 */ 00729 int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ); 00730 #endif /* MBEDTLS_X509_CRL_PARSE_C */ 00731 00732 /** 00733 * \brief Initialize a certificate (chain) 00734 * 00735 * \param crt Certificate chain to initialize 00736 */ 00737 void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ); 00738 00739 /** 00740 * \brief Unallocate all certificate data 00741 * 00742 * \param crt Certificate chain to free 00743 */ 00744 void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ); 00745 00746 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) 00747 /** 00748 * \brief Initialize a restart context 00749 */ 00750 void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ); 00751 00752 /** 00753 * \brief Free the components of a restart context 00754 */ 00755 void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ); 00756 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ 00757 #endif /* MBEDTLS_X509_CRT_PARSE_C */ 00758 00759 /* \} name */ 00760 /* \} addtogroup x509_module */ 00761 00762 #if defined(MBEDTLS_X509_CRT_WRITE_C) 00763 /** 00764 * \brief Initialize a CRT writing context 00765 * 00766 * \param ctx CRT context to initialize 00767 */ 00768 void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ); 00769 00770 /** 00771 * \brief Set the verion for a Certificate 00772 * Default: MBEDTLS_X509_CRT_VERSION_3 00773 * 00774 * \param ctx CRT context to use 00775 * \param version version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or 00776 * MBEDTLS_X509_CRT_VERSION_3) 00777 */ 00778 void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version ); 00779 00780 /** 00781 * \brief Set the serial number for a Certificate. 00782 * 00783 * \param ctx CRT context to use 00784 * \param serial serial number to set 00785 * 00786 * \return 0 if successful 00787 */ 00788 int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial ); 00789 00790 /** 00791 * \brief Set the validity period for a Certificate 00792 * Timestamps should be in string format for UTC timezone 00793 * i.e. "YYYYMMDDhhmmss" 00794 * e.g. "20131231235959" for December 31st 2013 00795 * at 23:59:59 00796 * 00797 * \param ctx CRT context to use 00798 * \param not_before not_before timestamp 00799 * \param not_after not_after timestamp 00800 * 00801 * \return 0 if timestamp was parsed successfully, or 00802 * a specific error code 00803 */ 00804 int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before, 00805 const char *not_after ); 00806 00807 /** 00808 * \brief Set the issuer name for a Certificate 00809 * Issuer names should contain a comma-separated list 00810 * of OID types and values: 00811 * e.g. "C=UK,O=ARM,CN=mbed TLS CA" 00812 * 00813 * \param ctx CRT context to use 00814 * \param issuer_name issuer name to set 00815 * 00816 * \return 0 if issuer name was parsed successfully, or 00817 * a specific error code 00818 */ 00819 int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, 00820 const char *issuer_name ); 00821 00822 /** 00823 * \brief Set the subject name for a Certificate 00824 * Subject names should contain a comma-separated list 00825 * of OID types and values: 00826 * e.g. "C=UK,O=ARM,CN=mbed TLS Server 1" 00827 * 00828 * \param ctx CRT context to use 00829 * \param subject_name subject name to set 00830 * 00831 * \return 0 if subject name was parsed successfully, or 00832 * a specific error code 00833 */ 00834 int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, 00835 const char *subject_name ); 00836 00837 /** 00838 * \brief Set the subject public key for the certificate 00839 * 00840 * \param ctx CRT context to use 00841 * \param key public key to include 00842 */ 00843 void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); 00844 00845 /** 00846 * \brief Set the issuer key used for signing the certificate 00847 * 00848 * \param ctx CRT context to use 00849 * \param key private key to sign with 00850 */ 00851 void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); 00852 00853 /** 00854 * \brief Set the MD algorithm to use for the signature 00855 * (e.g. MBEDTLS_MD_SHA1) 00856 * 00857 * \param ctx CRT context to use 00858 * \param md_alg MD algorithm to use 00859 */ 00860 void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg ); 00861 00862 /** 00863 * \brief Generic function to add to or replace an extension in the 00864 * CRT 00865 * 00866 * \param ctx CRT context to use 00867 * \param oid OID of the extension 00868 * \param oid_len length of the OID 00869 * \param critical if the extension is critical (per the RFC's definition) 00870 * \param val value of the extension OCTET STRING 00871 * \param val_len length of the value data 00872 * 00873 * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED 00874 */ 00875 int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, 00876 const char *oid, size_t oid_len, 00877 int critical, 00878 const unsigned char *val, size_t val_len ); 00879 00880 /** 00881 * \brief Set the basicConstraints extension for a CRT 00882 * 00883 * \param ctx CRT context to use 00884 * \param is_ca is this a CA certificate 00885 * \param max_pathlen maximum length of certificate chains below this 00886 * certificate (only for CA certificates, -1 is 00887 * inlimited) 00888 * 00889 * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED 00890 */ 00891 int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, 00892 int is_ca, int max_pathlen ); 00893 00894 #if defined(MBEDTLS_SHA1_C) 00895 /** 00896 * \brief Set the subjectKeyIdentifier extension for a CRT 00897 * Requires that mbedtls_x509write_crt_set_subject_key() has been 00898 * called before 00899 * 00900 * \param ctx CRT context to use 00901 * 00902 * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED 00903 */ 00904 int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ); 00905 00906 /** 00907 * \brief Set the authorityKeyIdentifier extension for a CRT 00908 * Requires that mbedtls_x509write_crt_set_issuer_key() has been 00909 * called before 00910 * 00911 * \param ctx CRT context to use 00912 * 00913 * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED 00914 */ 00915 int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ); 00916 #endif /* MBEDTLS_SHA1_C */ 00917 00918 /** 00919 * \brief Set the Key Usage Extension flags 00920 * (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN) 00921 * 00922 * \param ctx CRT context to use 00923 * \param key_usage key usage flags to set 00924 * 00925 * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED 00926 */ 00927 int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, 00928 unsigned int key_usage ); 00929 00930 /** 00931 * \brief Set the Netscape Cert Type flags 00932 * (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL) 00933 * 00934 * \param ctx CRT context to use 00935 * \param ns_cert_type Netscape Cert Type flags to set 00936 * 00937 * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED 00938 */ 00939 int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, 00940 unsigned char ns_cert_type ); 00941 00942 /** 00943 * \brief Free the contents of a CRT write context 00944 * 00945 * \param ctx CRT context to free 00946 */ 00947 void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ); 00948 00949 /** 00950 * \brief Write a built up certificate to a X509 DER structure 00951 * Note: data is written at the end of the buffer! Use the 00952 * return value to determine where you should start 00953 * using the buffer 00954 * 00955 * \param ctx certificate to write away 00956 * \param buf buffer to write to 00957 * \param size size of the buffer 00958 * \param f_rng RNG function (for signature, see note) 00959 * \param p_rng RNG parameter 00960 * 00961 * \return length of data written if successful, or a specific 00962 * error code 00963 * 00964 * \note f_rng may be NULL if RSA is used for signature and the 00965 * signature is made offline (otherwise f_rng is desirable 00966 * for countermeasures against timing attacks). 00967 * ECDSA signatures always require a non-NULL f_rng. 00968 */ 00969 int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, 00970 int (*f_rng)(void *, unsigned char *, size_t), 00971 void *p_rng ); 00972 00973 #if defined(MBEDTLS_PEM_WRITE_C) 00974 /** 00975 * \brief Write a built up certificate to a X509 PEM string 00976 * 00977 * \param ctx certificate to write away 00978 * \param buf buffer to write to 00979 * \param size size of the buffer 00980 * \param f_rng RNG function (for signature, see note) 00981 * \param p_rng RNG parameter 00982 * 00983 * \return 0 if successful, or a specific error code 00984 * 00985 * \note f_rng may be NULL if RSA is used for signature and the 00986 * signature is made offline (otherwise f_rng is desirable 00987 * for countermeasures against timing attacks). 00988 * ECDSA signatures always require a non-NULL f_rng. 00989 */ 00990 int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, 00991 int (*f_rng)(void *, unsigned char *, size_t), 00992 void *p_rng ); 00993 #endif /* MBEDTLS_PEM_WRITE_C */ 00994 #endif /* MBEDTLS_X509_CRT_WRITE_C */ 00995 00996 #ifdef __cplusplus 00997 } 00998 #endif 00999 01000 #endif /* mbedtls_x509_crt.h */
Generated on Tue Jul 12 2022 13:55:05 by
1.7.2