/home/dko/projects/mobilec/tags/MobileC-v1.10.2/MobileC-v1.10.2/src/security/xyssl-0.9/include/xyssl/x509.h

Go to the documentation of this file.
00001 
00004 #ifndef XYSSL_X509_H
00005 #define XYSSL_X509_H
00006 
00007 #include "xyssl/rsa.h"
00008 
00009 #define XYSSL_ERR_ASN1_OUT_OF_DATA                      -0x0014
00010 #define XYSSL_ERR_ASN1_UNEXPECTED_TAG                   -0x0016
00011 #define XYSSL_ERR_ASN1_INVALID_LENGTH                   -0x0018
00012 #define XYSSL_ERR_ASN1_LENGTH_MISMATCH                  -0x001A
00013 #define XYSSL_ERR_ASN1_INVALID_DATA                     -0x001C
00014 
00015 #define XYSSL_ERR_X509_FEATURE_UNAVAILABLE              -0x0020
00016 #define XYSSL_ERR_X509_CERT_INVALID_PEM                 -0x0040
00017 #define XYSSL_ERR_X509_CERT_INVALID_FORMAT              -0x0060
00018 #define XYSSL_ERR_X509_CERT_INVALID_VERSION             -0x0080
00019 #define XYSSL_ERR_X509_CERT_INVALID_SERIAL              -0x00A0
00020 #define XYSSL_ERR_X509_CERT_INVALID_ALG                 -0x00C0
00021 #define XYSSL_ERR_X509_CERT_INVALID_NAME                -0x00E0
00022 #define XYSSL_ERR_X509_CERT_INVALID_DATE                -0x0100
00023 #define XYSSL_ERR_X509_CERT_INVALID_PUBKEY              -0x0120
00024 #define XYSSL_ERR_X509_CERT_INVALID_SIGNATURE           -0x0140
00025 #define XYSSL_ERR_X509_CERT_INVALID_EXTENSIONS          -0x0160
00026 #define XYSSL_ERR_X509_CERT_UNKNOWN_VERSION             -0x0180
00027 #define XYSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG             -0x01A0
00028 #define XYSSL_ERR_X509_CERT_UNKNOWN_PK_ALG              -0x01C0
00029 #define XYSSL_ERR_X509_CERT_SIG_MISMATCH                -0x01E0
00030 #define XYSSL_ERR_X509_CERT_VERIFY_FAILED               -0x0200
00031 #define XYSSL_ERR_X509_KEY_INVALID_PEM                  -0x0220
00032 #define XYSSL_ERR_X509_KEY_INVALID_VERSION              -0x0240
00033 #define XYSSL_ERR_X509_KEY_INVALID_FORMAT               -0x0260
00034 #define XYSSL_ERR_X509_KEY_INVALID_ENC_IV               -0x0280
00035 #define XYSSL_ERR_X509_KEY_UNKNOWN_ENC_ALG              -0x02A0
00036 #define XYSSL_ERR_X509_KEY_PASSWORD_REQUIRED            -0x02C0
00037 #define XYSSL_ERR_X509_KEY_PASSWORD_MISMATCH            -0x02E0
00038 #define XYSSL_ERR_X509_POINT_ERROR                      -0x0300
00039 #define XYSSL_ERR_X509_VALUE_TO_LENGTH                  -0x0320
00040 
00041 #define BADCERT_EXPIRED                 1
00042 #define BADCERT_REVOKED                 2
00043 #define BADCERT_CN_MISMATCH             4
00044 #define BADCERT_NOT_TRUSTED             8
00045 
00046 /*
00047  * DER constants
00048  */
00049 #define ASN1_BOOLEAN                 0x01
00050 #define ASN1_INTEGER                 0x02
00051 #define ASN1_BIT_STRING              0x03
00052 #define ASN1_OCTET_STRING            0x04
00053 #define ASN1_NULL                    0x05
00054 #define ASN1_OID                     0x06
00055 #define ASN1_UTF8_STRING             0x0C
00056 #define ASN1_SEQUENCE                0x10
00057 #define ASN1_SET                     0x11
00058 #define ASN1_PRINTABLE_STRING        0x13
00059 #define ASN1_T61_STRING              0x14
00060 #define ASN1_IA5_STRING              0x16
00061 #define ASN1_UTC_TIME                0x17
00062 #define ASN1_UNIVERSAL_STRING        0x1C
00063 #define ASN1_BMP_STRING              0x1E
00064 #define ASN1_PRIMITIVE               0x00
00065 #define ASN1_CONSTRUCTED             0x20
00066 #define ASN1_CONTEXT_SPECIFIC        0x80
00067 
00068 /*
00069  * various object identifiers
00070  */
00071 #define X520_COMMON_NAME                3
00072 #define X520_COUNTRY                    6
00073 #define X520_LOCALITY                   7
00074 #define X520_STATE                      8
00075 #define X520_ORGANIZATION              10
00076 #define X520_ORG_UNIT                  11
00077 #define PKCS9_EMAIL                     1
00078 
00079 #define X509_OUTPUT_DER              0x01
00080 #define X509_OUTPUT_PEM              0x02
00081 #define PEM_LINE_LENGTH                72
00082 #define X509_ISSUER                  0x01
00083 #define X509_SUBJECT                 0x02
00084 
00085 #define OID_X520                "\x55\x04"
00086 #define OID_CN                  "\x55\x04\x03"
00087 #define OID_PKCS1               "\x2A\x86\x48\x86\xF7\x0D\x01\x01"
00088 #define OID_PKCS1_RSA           "\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01"
00089 #define OID_PKCS1_RSA_SHA       "\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05"
00090 #define OID_PKCS9               "\x2A\x86\x48\x86\xF7\x0D\x01\x09"
00091 #define OID_PKCS9_EMAIL         "\x2A\x86\x48\x86\xF7\x0D\x01\x09\x01"
00092 
00093 /*
00094  * Structures for parsing X.509 certificates
00095  */
00096 typedef struct _x509_buf
00097 {
00098     int tag;
00099     int len;
00100     unsigned char *p;
00101 }
00102 x509_buf;
00103 
00104 typedef struct _x509_name
00105 {
00106     x509_buf oid;
00107     x509_buf val;
00108     struct _x509_name *next;
00109 }
00110 x509_name;
00111 
00112 typedef struct _x509_time
00113 {
00114     int year, mon, day;
00115     int hour, min, sec;
00116 }
00117 x509_time;
00118 
00119 typedef struct _x509_cert
00120 {
00121     x509_buf raw;
00122     x509_buf tbs;
00123 
00124     int version;
00125     x509_buf serial;
00126     x509_buf sig_oid1;
00127 
00128     x509_buf issuer_raw;
00129     x509_buf subject_raw;
00130 
00131     x509_name issuer;
00132     x509_name subject;
00133 
00134     x509_time valid_from;
00135     x509_time valid_to;
00136 
00137     x509_buf pk_oid;
00138     rsa_context rsa;
00139 
00140     x509_buf issuer_id;
00141     x509_buf subject_id;
00142     x509_buf v3_ext;
00143 
00144     int ca_istrue;
00145     int max_pathlen;
00146 
00147     x509_buf sig_oid2;
00148     x509_buf sig;
00149 
00150     struct _x509_cert *next; 
00151 }
00152 x509_cert;
00153 
00154 /*
00155  * Structures for writing X.509 certificates
00156  */
00157 typedef struct _x509_node
00158 {
00159     unsigned char *data;
00160     unsigned char *p;
00161     unsigned char *end;
00162 
00163     size_t len;
00164 }
00165 x509_node;
00166 
00167 typedef struct _x509_raw
00168 {
00169     x509_node raw;
00170     x509_node tbs;
00171 
00172     x509_node version;
00173     x509_node serial;
00174     x509_node tbs_signalg;
00175     x509_node issuer;
00176     x509_node validity;
00177     x509_node subject;
00178     x509_node subpubkey;
00179 
00180     x509_node signalg;
00181     x509_node sign;
00182 }
00183 x509_raw;
00184 
00185 #ifdef __cplusplus
00186 extern "C" {
00187 #endif
00188 
00199 int x509parse_crt( x509_cert *crt, unsigned char *buf, int buflen );
00200 
00210 int x509parse_crtfile( x509_cert *crt, char *path );
00211 
00223 int x509parse_key( rsa_context *rsa,
00224                    unsigned char *buf, int buflen,
00225                    unsigned char *pwd, int pwdlen );
00226 
00236 int x509parse_keyfile( rsa_context *rsa, char *path, char *password );
00237 
00242 int x509parse_dn_gets( char *buf, char *end, x509_name *dn );
00243 
00248 char *x509parse_cert_info( char *prefix, x509_cert *crt );
00249 
00254 int x509parse_expired( x509_cert *crt );
00255 
00275 int x509parse_verify( x509_cert *crt,
00276                       x509_cert *trust_ca,
00277                       char *cn, int *flags );
00278 
00282 void x509_free( x509_cert *crt );
00283 
00289 int x509_self_test( int verbose );
00290 
00291 #ifdef __cplusplus
00292 }
00293 #endif
00294 
00295 #endif /* x509.h */
Generated on Fri Jul 11 17:59:45 2008 for Mobile-C by  doxygen 1.5.4