/home/dko/projects/mobilec/trunk/src/security/xyssl-0.7/include/xyssl/x509.h

Go to the documentation of this file.
00001 /* SVN FILE INFO
00002  * $Revision: 174 $ : Last Committed Revision
00003  * $Date: 2008-06-24 10:50:29 -0700 (Tue, 24 Jun 2008) $ : Last Committed Date */
00007 #ifndef _X509_H
00008 #define _X509_H
00009 
00010 #ifdef __cplusplus
00011 extern "C" {
00012 #endif
00013 
00014 #include "rsa.h"
00015 
00016 #define ERR_ASN1_OUT_OF_DATA                    0x0014
00017 #define ERR_ASN1_UNEXPECTED_TAG                 0x0016
00018 #define ERR_ASN1_INVALID_LENGTH                 0x0018
00019 #define ERR_ASN1_LENGTH_MISMATCH                0x001A
00020 #define ERR_ASN1_INVALID_DATA                   0x001C
00021 
00022 #define ERR_X509_FEATURE_UNAVAILABLE            0x0020
00023 #define ERR_X509_CERT_INVALID_PEM               0x0040
00024 #define ERR_X509_CERT_INVALID_FORMAT            0x0060
00025 #define ERR_X509_CERT_INVALID_VERSION           0x0080
00026 #define ERR_X509_CERT_INVALID_SERIAL            0x00A0
00027 #define ERR_X509_CERT_INVALID_ALG               0x00C0
00028 #define ERR_X509_CERT_INVALID_NAME              0x00E0
00029 #define ERR_X509_CERT_INVALID_DATE              0x0100
00030 #define ERR_X509_CERT_INVALID_PUBKEY            0x0120
00031 #define ERR_X509_CERT_INVALID_SIGNATURE         0x0140
00032 #define ERR_X509_CERT_INVALID_EXTENSIONS        0x0160
00033 #define ERR_X509_CERT_UNKNOWN_VERSION           0x0180
00034 #define ERR_X509_CERT_UNKNOWN_SIG_ALG           0x01A0
00035 #define ERR_X509_CERT_UNKNOWN_PK_ALG            0x01C0
00036 #define ERR_X509_CERT_SIG_MISMATCH              0x01E0
00037 #define ERR_X509_KEY_INVALID_PEM                0x0200
00038 #define ERR_X509_KEY_INVALID_VERSION            0x0220
00039 #define ERR_X509_KEY_INVALID_FORMAT             0x0240
00040 #define ERR_X509_KEY_INVALID_ENC_IV             0x0260
00041 #define ERR_X509_KEY_UNKNOWN_ENC_ALG            0x0280
00042 #define ERR_X509_KEY_PASSWORD_REQUIRED          0x02A0
00043 #define ERR_X509_KEY_PASSWORD_MISMATCH          0x02C0
00044 #define ERR_X509_SIG_VERIFY_FAILED              0x02E0
00045 
00046 #define BADCERT_HAS_EXPIRED             1
00047 #define BADCERT_CN_MISMATCH             2
00048 #define BADCERT_NOT_TRUSTED             4
00049 
00050 /*
00051  * DER constants
00052  */
00053 #define ASN1_BOOLEAN                 0x01
00054 #define ASN1_INTEGER                 0x02
00055 #define ASN1_BIT_STRING              0x03
00056 #define ASN1_OCTET_STRING            0x04
00057 #define ASN1_NULL                    0x05
00058 #define ASN1_OID                     0x06
00059 #define ASN1_UTF8_STRING             0x0C
00060 #define ASN1_SEQUENCE                0x10
00061 #define ASN1_SET                     0x11
00062 #define ASN1_PRINTABLE_STRING        0x13
00063 #define ASN1_T61_STRING              0x14
00064 #define ASN1_IA5_STRING              0x16
00065 #define ASN1_UTC_TIME                0x17
00066 #define ASN1_UNIVERSAL_STRING        0x1C
00067 #define ASN1_BMP_STRING              0x1E
00068 #define ASN1_PRIMITIVE               0x00
00069 #define ASN1_CONSTRUCTED             0x20
00070 #define ASN1_CONTEXT_SPECIFIC        0x80
00071 
00072 /*
00073  * various object identifiers
00074  */
00075 #define X520_COMMON_NAME                3
00076 #define X520_COUNTRY                    6
00077 #define X520_LOCALITY                   7
00078 #define X520_STATE                      8
00079 #define X520_ORGANIZATION              10
00080 #define X520_ORG_UNIT                  11
00081 #define PKCS9_EMAIL                     1
00082 
00083 #define OID_X520                "\x55\x04"
00084 #define OID_PKCS1               "\x2A\x86\x48\x86\xF7\x0D\x01\x01"
00085 #define OID_PKCS1_RSA           "\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01"
00086 #define OID_PKCS9               "\x2A\x86\x48\x86\xF7\x0D\x01\x09"
00087 
00088 typedef struct _x509_buf
00089 {
00090     int tag;
00091     int len;
00092     unsigned char *p;
00093 }
00094 x509_buf;
00095 
00096 typedef struct _x509_name
00097 {
00098     x509_buf oid;
00099     x509_buf val;
00100     struct _x509_name *next;
00101 }
00102 x509_name;
00103 
00104 typedef struct _x509_time
00105 {
00106     int year, mon, day;
00107     int hour, min, sec;
00108 }
00109 x509_time;
00110 
00111 typedef struct _x509_cert
00112 {
00113     x509_buf raw;
00114     x509_buf tbs;
00115 
00116     int version;
00117     x509_buf serial;
00118     x509_buf sig_oid1;
00119 
00120     x509_buf issuer_raw;
00121     x509_buf subject_raw;
00122 
00123     x509_name issuer;
00124     x509_name subject;
00125 
00126     x509_time valid_from;
00127     x509_time valid_to;
00128 
00129     x509_buf pk_oid;
00130     rsa_context rsa;
00131 
00132     x509_buf issuer_id;
00133     x509_buf subject_id;
00134     x509_buf v3_ext;
00135 
00136     int ca_istrue;
00137     int max_pathlen;
00138 
00139     x509_buf sig_oid2;
00140     x509_buf sig;
00141 
00142     struct _x509_cert *next; 
00143 }
00144 x509_cert;
00145 
00156 int x509_add_certs( x509_cert *chain, unsigned char *buf, int buflen );
00157 
00167 int x509_read_crtfile( x509_cert *chain, char *path );
00168 
00180 int x509_parse_key( rsa_context *rsa, unsigned char *buf, int buflen,
00181                                       unsigned char *pwd, int pwdlen );
00182 
00192 int x509_read_keyfile( rsa_context *rsa, char *path, char *password );
00193 
00198 int x509_dn_gets( char *buf, char *end, x509_name *dn );
00199 
00204 char *x509_cert_info( x509_cert *crt );
00205 
00210 int x509_is_cert_expired( x509_cert *crt );
00211 
00228 int x509_verify_cert( x509_cert *crt, x509_cert *trust_ca,
00229                       char *cn, int *flags );
00230 
00234 void x509_free_cert( x509_cert *crt );
00235 
00241 int x509_self_test( int verbose );
00242 
00243 #ifdef __cplusplus
00244 }
00245 #endif
00246 
00247 #endif /* x509.h */
Generated on Tue Jul 1 15:29:58 2008 for Mobile-C by  doxygen 1.5.4