Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / b811580d91e9c0945b0a923dcec3e10cce04ac30 / . / crypto / asymmetric_keys / x509_parser.h
blob: dbeed6018e63675db5316e254760f10e4a28a2b4 [file] [log] [blame]
David Howellsc26fd692012-09-24 17:11:48 +0100[diff] [blame]1/* X.509 certificate parser internal definitions
2 *
3 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public Licence
8 * as published by the Free Software Foundation; either version
9 * 2 of the Licence, or (at your option) any later version.
10 */
11
David Howells57be4a72013-08-30 16:16:34 +0100[diff] [blame]12#include <linux/time.h>
David Howellsc26fd692012-09-24 17:11:48 +0100[diff] [blame]13#include <crypto/public_key.h>
David Howells146aa8b2015-10-21 14:04:48 +0100[diff] [blame]14#include <keys/asymmetric-type.h>
David Howellsc26fd692012-09-24 17:11:48 +0100[diff] [blame]15
16struct x509_certificate {
17 struct x509_certificate *next;
David Howells84aabd42014-07-01 16:40:19 +0100[diff] [blame]18 struct x509_certificate *signer; /* Certificate that signed this one */
David Howellsc26fd692012-09-24 17:11:48 +0100[diff] [blame]19 struct public_key *pub; /* Public key details */
David Howells84aabd42014-07-01 16:40:19 +0100[diff] [blame]20 struct public_key_signature sig; /* Signature parameters */
David Howellsc26fd692012-09-24 17:11:48 +0100[diff] [blame]21 char *issuer; /* Name of certificate issuer */
22 char *subject; /* Name of certificate subject */
David Howellsb92e6572015-07-20 21:16:26 +0100[diff] [blame]23 struct asymmetric_key_id *id; /* Issuer + Serial number */
Dmitry Kasatkin8dd60982014-10-06 16:52:12 +0100[diff] [blame]24 struct asymmetric_key_id *skid; /* Subject + subjectKeyId (optional) */
David Howellsb92e6572015-07-20 21:16:26 +0100[diff] [blame]25 struct asymmetric_key_id *akid_id; /* CA AuthKeyId matching ->id (optional) */
26 struct asymmetric_key_id *akid_skid; /* CA AuthKeyId matching ->skid (optional) */
David Howellsfd19a3d2015-07-29 16:58:32 +0100[diff] [blame]27 time64_t valid_from;
28 time64_t valid_to;
David Howellsc26fd692012-09-24 17:11:48 +0100[diff] [blame]29 const void *tbs; /* Signed data */
David Howellsb426beb2013-08-30 16:18:02 +0100[diff] [blame]30 unsigned tbs_size; /* Size of signed data */
31 unsigned raw_sig_size; /* Size of sigature */
32 const void *raw_sig; /* Signature data */
David Howells84aabd42014-07-01 16:40:19 +0100[diff] [blame]33 const void *raw_serial; /* Raw serial number in ASN.1 */
34 unsigned raw_serial_size;
35 unsigned raw_issuer_size;
36 const void *raw_issuer; /* Raw issuer name in ASN.1 */
37 const void *raw_subject; /* Raw subject name in ASN.1 */
38 unsigned raw_subject_size;
David Howellsdd2f6c42014-10-03 16:17:02 +0100[diff] [blame]39 unsigned raw_skid_size;
40 const void *raw_skid; /* Raw subjectKeyId in ASN.1 */
David Howells84aabd42014-07-01 16:40:19 +0100[diff] [blame]41 unsigned index;
42 bool seen; /* Infinite recursion prevention */
43 bool verified;
44 bool trusted;
David Howells41559422014-09-16 17:36:15 +0100[diff] [blame]45 bool unsupported_crypto; /* T if can't be verified due to missing crypto */
David Howellsc26fd692012-09-24 17:11:48 +0100[diff] [blame]46};
47
48/*
49 * x509_cert_parser.c
50 */
51extern void x509_free_certificate(struct x509_certificate *cert);
52extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen);
David Howellsfd19a3d2015-07-29 16:58:32 +0100[diff] [blame]53extern int x509_decode_time(time64_t *_t, size_t hdrlen,
54 unsigned char tag,
55 const unsigned char *value, size_t vlen);
David Howellsb426beb2013-08-30 16:18:02 +0100[diff] [blame]56
57/*
58 * x509_public_key.c
59 */
60extern int x509_get_sig_params(struct x509_certificate *cert);
61extern int x509_check_signature(const struct public_key *pub,
62 struct x509_certificate *cert);