| David Howells | c26fd69 | 2012-09-24 17:11:48 +0100 | [diff] [blame] | 1 | /* X.509 certificate parser internal definitions |
| 2 | * |
| 3 | * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. |
| 4 | * Written by David Howells (dhowells@redhat.com) |
| 5 | * |
| 6 | * This program is free software; you can redistribute it and/or |
| 7 | * modify it under the terms of the GNU General Public Licence |
| 8 | * as published by the Free Software Foundation; either version |
| 9 | * 2 of the Licence, or (at your option) any later version. |
| 10 | */ |
| 11 | |
| David Howells | 57be4a7 | 2013-08-30 16:16:34 +0100 | [diff] [blame] | 12 | #include <linux/time.h> |
| David Howells | c26fd69 | 2012-09-24 17:11:48 +0100 | [diff] [blame] | 13 | #include <crypto/public_key.h> |
| 14 | |
| 15 | struct x509_certificate { |
| 16 | struct x509_certificate *next; |
| David Howells | 84aabd4 | 2014-07-01 16:40:19 +0100 | [diff] [blame] | 17 | struct x509_certificate *signer; /* Certificate that signed this one */ |
| David Howells | c26fd69 | 2012-09-24 17:11:48 +0100 | [diff] [blame] | 18 | struct public_key *pub; /* Public key details */ |
| David Howells | 84aabd4 | 2014-07-01 16:40:19 +0100 | [diff] [blame] | 19 | struct public_key_signature sig; /* Signature parameters */ |
| David Howells | c26fd69 | 2012-09-24 17:11:48 +0100 | [diff] [blame] | 20 | char *issuer; /* Name of certificate issuer */ |
| 21 | char *subject; /* Name of certificate subject */ |
| Dmitry Kasatkin | 8dd6098 | 2014-10-06 16:52:12 +0100 | [diff] [blame] | 22 | struct asymmetric_key_id *id; /* Serial number + issuer */ |
| 23 | struct asymmetric_key_id *skid; /* Subject + subjectKeyId (optional) */ |
| 24 | struct asymmetric_key_id *authority; /* Authority key identifier (optional) */ |
| David Howells | a5752d1 | 2012-10-02 14:36:16 +0100 | [diff] [blame] | 25 | struct tm valid_from; |
| 26 | struct tm valid_to; |
| David Howells | c26fd69 | 2012-09-24 17:11:48 +0100 | [diff] [blame] | 27 | const void *tbs; /* Signed data */ |
| David Howells | b426beb | 2013-08-30 16:18:02 +0100 | [diff] [blame] | 28 | unsigned tbs_size; /* Size of signed data */ |
| 29 | unsigned raw_sig_size; /* Size of sigature */ |
| 30 | const void *raw_sig; /* Signature data */ |
| David Howells | 84aabd4 | 2014-07-01 16:40:19 +0100 | [diff] [blame] | 31 | const void *raw_serial; /* Raw serial number in ASN.1 */ |
| 32 | unsigned raw_serial_size; |
| 33 | unsigned raw_issuer_size; |
| 34 | const void *raw_issuer; /* Raw issuer name in ASN.1 */ |
| 35 | const void *raw_subject; /* Raw subject name in ASN.1 */ |
| 36 | unsigned raw_subject_size; |
| David Howells | dd2f6c4 | 2014-10-03 16:17:02 +0100 | [diff] [blame] | 37 | unsigned raw_skid_size; |
| 38 | const void *raw_skid; /* Raw subjectKeyId in ASN.1 */ |
| David Howells | 84aabd4 | 2014-07-01 16:40:19 +0100 | [diff] [blame] | 39 | unsigned index; |
| 40 | bool seen; /* Infinite recursion prevention */ |
| 41 | bool verified; |
| 42 | bool trusted; |
| David Howells | 4155942 | 2014-09-16 17:36:15 +0100 | [diff] [blame] | 43 | bool unsupported_crypto; /* T if can't be verified due to missing crypto */ |
| David Howells | c26fd69 | 2012-09-24 17:11:48 +0100 | [diff] [blame] | 44 | }; |
| 45 | |
| 46 | /* |
| 47 | * x509_cert_parser.c |
| 48 | */ |
| 49 | extern void x509_free_certificate(struct x509_certificate *cert); |
| 50 | extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen); |
| David Howells | b426beb | 2013-08-30 16:18:02 +0100 | [diff] [blame] | 51 | |
| 52 | /* |
| 53 | * x509_public_key.c |
| 54 | */ |
| 55 | extern int x509_get_sig_params(struct x509_certificate *cert); |
| 56 | extern int x509_check_signature(const struct public_key *pub, |
| 57 | struct x509_certificate *cert); |