/home/dko/projects/mobilec/trunk/src/security/xyssl-0.7/include/xyssl/x509.h

Go to the documentation of this file.
00001 
00004 #ifndef _X509_H
00005 #define _X509_H
00006 
00007 #ifdef __cplusplus
00008 extern "C" {
00009 #endif
00010 
00011 #include "rsa.h"
00012 
00013 #define ERR_ASN1_OUT_OF_DATA                    0x0014
00014 #define ERR_ASN1_UNEXPECTED_TAG                 0x0016
00015 #define ERR_ASN1_INVALID_LENGTH                 0x0018
00016 #define ERR_ASN1_LENGTH_MISMATCH                0x001A
00017 #define ERR_ASN1_INVALID_DATA                   0x001C
00018 
00019 #define ERR_X509_FEATURE_UNAVAILABLE            0x0020
00020 #define ERR_X509_CERT_INVALID_PEM               0x0040
00021 #define ERR_X509_CERT_INVALID_FORMAT            0x0060
00022 #define ERR_X509_CERT_INVALID_VERSION           0x0080
00023 #define ERR_X509_CERT_INVALID_SERIAL            0x00A0
00024 #define ERR_X509_CERT_INVALID_ALG               0x00C0
00025 #define ERR_X509_CERT_INVALID_NAME              0x00E0
00026 #define ERR_X509_CERT_INVALID_DATE              0x0100
00027 #define ERR_X509_CERT_INVALID_PUBKEY            0x0120
00028 #define ERR_X509_CERT_INVALID_SIGNATURE         0x0140
00029 #define ERR_X509_CERT_INVALID_EXTENSIONS        0x0160
00030 #define ERR_X509_CERT_UNKNOWN_VERSION           0x0180
00031 #define ERR_X509_CERT_UNKNOWN_SIG_ALG           0x01A0
00032 #define ERR_X509_CERT_UNKNOWN_PK_ALG            0x01C0
00033 #define ERR_X509_CERT_SIG_MISMATCH              0x01E0
00034 #define ERR_X509_KEY_INVALID_PEM                0x0200
00035 #define ERR_X509_KEY_INVALID_VERSION            0x0220
00036 #define ERR_X509_KEY_INVALID_FORMAT             0x0240
00037 #define ERR_X509_KEY_INVALID_ENC_IV             0x0260
00038 #define ERR_X509_KEY_UNKNOWN_ENC_ALG            0x0280
00039 #define ERR_X509_KEY_PASSWORD_REQUIRED          0x02A0
00040 #define ERR_X509_KEY_PASSWORD_MISMATCH          0x02C0
00041 #define ERR_X509_SIG_VERIFY_FAILED              0x02E0
00042 
00043 #define BADCERT_HAS_EXPIRED             1
00044 #define BADCERT_CN_MISMATCH             2
00045 #define BADCERT_NOT_TRUSTED             4
00046 
00047 /*
00048  * DER constants
00049  */
00050 #define ASN1_BOOLEAN                 0x01
00051 #define ASN1_INTEGER                 0x02
00052 #define ASN1_BIT_STRING              0x03
00053 #define ASN1_OCTET_STRING            0x04
00054 #define ASN1_NULL                    0x05
00055 #define ASN1_OID                     0x06
00056 #define ASN1_UTF8_STRING             0x0C
00057 #define ASN1_SEQUENCE                0x10
00058 #define ASN1_SET                     0x11
00059 #define ASN1_PRINTABLE_STRING        0x13
00060 #define ASN1_T61_STRING              0x14
00061 #define ASN1_IA5_STRING              0x16
00062 #define ASN1_UTC_TIME                0x17
00063 #define ASN1_UNIVERSAL_STRING        0x1C
00064 #define ASN1_BMP_STRING              0x1E
00065 #define ASN1_PRIMITIVE               0x00
00066 #define ASN1_CONSTRUCTED             0x20
00067 #define ASN1_CONTEXT_SPECIFIC        0x80
00068 
00069 /*
00070  * various object identifiers
00071  */
00072 #define X520_COMMON_NAME                3
00073 #define X520_COUNTRY                    6
00074 #define X520_LOCALITY                   7
00075 #define X520_STATE                      8
00076 #define X520_ORGANIZATION              10
00077 #define X520_ORG_UNIT                  11
00078 #define PKCS9_EMAIL                     1
00079 
00080 #define OID_X520                "\x55\x04"
00081 #define OID_PKCS1               "\x2A\x86\x48\x86\xF7\x0D\x01\x01"
00082 #define OID_PKCS1_RSA           "\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01"
00083 #define OID_PKCS9               "\x2A\x86\x48\x86\xF7\x0D\x01\x09"
00084 
00085 typedef struct _x509_buf
00086 {
00087     int tag;
00088     int len;
00089     unsigned char *p;
00090 }
00091 x509_buf;
00092 
00093 typedef struct _x509_name
00094 {
00095     x509_buf oid;
00096     x509_buf val;
00097     struct _x509_name *next;
00098 }
00099 x509_name;
00100 
00101 typedef struct _x509_time
00102 {
00103     int year, mon, day;
00104     int hour, min, sec;
00105 }
00106 x509_time;
00107 
00108 typedef struct _x509_cert
00109 {
00110     x509_buf raw;
00111     x509_buf tbs;
00112 
00113     int version;
00114     x509_buf serial;
00115     x509_buf sig_oid1;
00116 
00117     x509_buf issuer_raw;
00118     x509_buf subject_raw;
00119 
00120     x509_name issuer;
00121     x509_name subject;
00122 
00123     x509_time valid_from;
00124     x509_time valid_to;
00125 
00126     x509_buf pk_oid;
00127     rsa_context rsa;
00128 
00129     x509_buf issuer_id;
00130     x509_buf subject_id;
00131     x509_buf v3_ext;
00132 
00133     int ca_istrue;
00134     int max_pathlen;
00135 
00136     x509_buf sig_oid2;
00137     x509_buf sig;
00138 
00139     struct _x509_cert *next; 
00140 }
00141 x509_cert;
00142 
00153 int x509_add_certs( x509_cert *chain, unsigned char *buf, int buflen );
00154 
00164 int x509_read_crtfile( x509_cert *chain, char *path );
00165 
00177 int x509_parse_key( rsa_context *rsa, unsigned char *buf, int buflen,
00178                                       unsigned char *pwd, int pwdlen );
00179 
00189 int x509_read_keyfile( rsa_context *rsa, char *path, char *password );
00190 
00195 int x509_dn_gets( char *buf, char *end, x509_name *dn );
00196 
00201 char *x509_cert_info( x509_cert *crt );
00202 
00207 int x509_is_cert_expired( x509_cert *crt );
00208 
00225 int x509_verify_cert( x509_cert *crt, x509_cert *trust_ca,
00226                       char *cn, int *flags );
00227 
00231 void x509_free_cert( x509_cert *crt );
00232 
00238 int x509_self_test( int verbose );
00239 
00240 #ifdef __cplusplus
00241 }
00242 #endif
00243 
00244 #endif /* x509.h */
Generated on Fri May 16 14:49:55 2008 for Mobile-C by  doxygen 1.5.4