Mercurial > trustbridge
annotate common/certhelp.h @ 1370:289cb3554c55
Fix append-sig.sh to use a temporary file to insert the signature time
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Mon, 24 Nov 2014 14:43:36 +0100 |
parents | 265583011f24 |
children |
rev | line source |
---|---|
404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
2 * Software engineering by Intevation GmbH | |
3 * | |
4 * This file is Free Software under the GNU GPL (v>=2) | |
5 * and comes with ABSOLUTELY NO WARRANTY! | |
6 * See LICENSE.txt for details. | |
7 */ | |
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
8 #ifndef CERTHELP_H |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
9 #define CERTHELP_H |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
10 |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
11 /* Polarssl mh.h contains a conversion which gcc warns about */ |
1264
3cd8dd706aaa
Add possibility to build with CLANG and document it.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
12 #ifndef __clang__ |
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
13 #pragma GCC diagnostic ignored "-Wsign-conversion" |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
14 #pragma GCC diagnostic ignored "-Wconversion" |
1264
3cd8dd706aaa
Add possibility to build with CLANG and document it.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
15 #endif |
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
16 #include <polarssl/oid.h> |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
17 #include <polarssl/x509_crt.h> |
1264
3cd8dd706aaa
Add possibility to build with CLANG and document it.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
18 #ifndef __clang__ |
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
19 #pragma GCC diagnostic pop |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
20 #pragma GCC diagnostic pop |
1264
3cd8dd706aaa
Add possibility to build with CLANG and document it.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
21 #endif |
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
22 |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
23 #define CERT_OID_CN (unsigned char *)OID_AT_CN "\0" |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
24 #define CERT_OID_O (unsigned char *)OID_AT_ORGANIZATION "\0" |
337
2207e94a0cc3
Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents:
259
diff
changeset
|
25 #define CERT_OID_OU (unsigned char *)OID_AT_ORG_UNIT "\0" |
2207e94a0cc3
Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents:
259
diff
changeset
|
26 #define CERT_OID_SN (unsigned char *)OID_AT_SERIAL_NUMBER "\0" |
1288
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
27 |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
28 #ifdef WIN32 |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
29 #include <windows.h> |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
30 #include <wincrypt.h> |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
31 #endif |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
32 |
337
2207e94a0cc3
Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents:
259
diff
changeset
|
33 #ifdef __cplusplus |
2207e94a0cc3
Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents:
259
diff
changeset
|
34 extern "C" { |
2207e94a0cc3
Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents:
259
diff
changeset
|
35 #endif |
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
36 |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
37 /** |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
38 * @file |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
39 * @brief Helper functinos to handle and parse X.509 certificates. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
40 * |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
41 * Simple helper functions based on PolarSSL. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
42 */ |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
43 |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
44 /** |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
45 * @brief Extracts value of an gieb OID from an x509_name object. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
46 * |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
47 * The value is copyed to an bull byte terminated c-string. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
48 * The caller should free it after use. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
49 * @param[in] namebuf ponter to the x509_name object. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
50 * @param[in] oid the oid to search for. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
51 * @returns the extracted String, or NULL in failure. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
52 */ |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
53 char *get_oid_valstr(x509_name *namebuf, unsigned char *oid); |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
54 |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
55 /** |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
56 * @brief Parse x509 certificate and retrieve specified OID from Subject. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
57 * |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
58 * The value is copyed to an bull byte terminated c-string. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
59 * The caller should free it after use. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
60 * @param[in] derdata pointer to certificate in DER format. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
61 * @param[in] derlen length of the DER data. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
62 * @param[in] oid the OID to search for. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
63 * @returns the extracted String, or NULL in failure. |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
64 */ |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
65 char *x509_parse_subject(unsigned char *derdata, size_t derlen, |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
66 unsigned char *oid); |
1288
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
67 |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
68 #ifdef WIN32 |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
69 /** |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
70 * @brief Parse a X509 ASN encoded base64 encoded certificate. |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
71 * |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
72 * This function creates a Windows cert contect for the certificate |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
73 * encoded in b64_data. The new certificate has to be freed with |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
74 * CertFreeCertificateContext. |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
75 * |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
76 * @param[in] b64_data pointer to the certificate data. |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
77 * @param[in] b64_size sizeof the the data. (Without terminating \0) |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
78 * |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
79 * @returns NULL on error. |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
80 */ |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
81 PCCERT_CONTEXT b64_to_cert_context(char *b64_data, size_t b64_size); |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
82 #endif |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1264
diff
changeset
|
83 |
337
2207e94a0cc3
Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents:
259
diff
changeset
|
84 #ifdef __cplusplus |
2207e94a0cc3
Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents:
259
diff
changeset
|
85 } |
2207e94a0cc3
Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents:
259
diff
changeset
|
86 #endif |
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
87 |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
88 #endif |