annotate common/certhelp.h @ 1369:948f03bb5254

Add signature time extraction for Linux and test for it in binverifytest
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 24 Nov 2014 14:43:10 +0100
parents 265583011f24
children
rev   line source
404
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 337
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 337
diff changeset
2 * Software engineering by Intevation GmbH
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 337
diff changeset
3 *
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 337
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 337
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 337
diff changeset
6 * See LICENSE.txt for details.
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 337
diff changeset
7 */
259
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
8 #ifndef CERTHELP_H
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
9 #define CERTHELP_H
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
10
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
11 /* Polarssl mh.h contains a conversion which gcc warns about */
1264
3cd8dd706aaa Add possibility to build with CLANG and document it.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 404
diff changeset
12 #ifndef __clang__
259
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
13 #pragma GCC diagnostic ignored "-Wsign-conversion"
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
14 #pragma GCC diagnostic ignored "-Wconversion"
1264
3cd8dd706aaa Add possibility to build with CLANG and document it.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 404
diff changeset
15 #endif
259
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
16 #include <polarssl/oid.h>
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
17 #include <polarssl/x509_crt.h>
1264
3cd8dd706aaa Add possibility to build with CLANG and document it.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 404
diff changeset
18 #ifndef __clang__
259
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
19 #pragma GCC diagnostic pop
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
20 #pragma GCC diagnostic pop
1264
3cd8dd706aaa Add possibility to build with CLANG and document it.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 404
diff changeset
21 #endif
259
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
22
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
23 #define CERT_OID_CN (unsigned char *)OID_AT_CN "\0"
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
24 #define CERT_OID_O (unsigned char *)OID_AT_ORGANIZATION "\0"
337
2207e94a0cc3 Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents: 259
diff changeset
25 #define CERT_OID_OU (unsigned char *)OID_AT_ORG_UNIT "\0"
2207e94a0cc3 Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents: 259
diff changeset
26 #define CERT_OID_SN (unsigned char *)OID_AT_SERIAL_NUMBER "\0"
1288
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
27
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
28 #ifdef WIN32
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
29 #include <windows.h>
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
30 #include <wincrypt.h>
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
31 #endif
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
32
337
2207e94a0cc3 Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents: 259
diff changeset
33 #ifdef __cplusplus
2207e94a0cc3 Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents: 259
diff changeset
34 extern "C" {
2207e94a0cc3 Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents: 259
diff changeset
35 #endif
259
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
36
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
37 /**
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
38 * @file
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
39 * @brief Helper functinos to handle and parse X.509 certificates.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
40 *
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
41 * Simple helper functions based on PolarSSL.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
42 */
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
43
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
44 /**
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
45 * @brief Extracts value of an gieb OID from an x509_name object.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
46 *
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
47 * The value is copyed to an bull byte terminated c-string.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
48 * The caller should free it after use.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
49 * @param[in] namebuf ponter to the x509_name object.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
50 * @param[in] oid the oid to search for.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
51 * @returns the extracted String, or NULL in failure.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
52 */
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
53 char *get_oid_valstr(x509_name *namebuf, unsigned char *oid);
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
54
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
55 /**
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
56 * @brief Parse x509 certificate and retrieve specified OID from Subject.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
57 *
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
58 * The value is copyed to an bull byte terminated c-string.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
59 * The caller should free it after use.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
60 * @param[in] derdata pointer to certificate in DER format.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
61 * @param[in] derlen length of the DER data.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
62 * @param[in] oid the OID to search for.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
63 * @returns the extracted String, or NULL in failure.
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
64 */
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
65 char *x509_parse_subject(unsigned char *derdata, size_t derlen,
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
66 unsigned char *oid);
1288
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
67
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
68 #ifdef WIN32
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
69 /**
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
70 * @brief Parse a X509 ASN encoded base64 encoded certificate.
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
71 *
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
72 * This function creates a Windows cert contect for the certificate
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
73 * encoded in b64_data. The new certificate has to be freed with
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
74 * CertFreeCertificateContext.
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
75 *
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
76 * @param[in] b64_data pointer to the certificate data.
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
77 * @param[in] b64_size sizeof the the data. (Without terminating \0)
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
78 *
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
79 * @returns NULL on error.
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
80 */
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
81 PCCERT_CONTEXT b64_to_cert_context(char *b64_data, size_t b64_size);
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
82 #endif
265583011f24 (issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1264
diff changeset
83
337
2207e94a0cc3 Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents: 259
diff changeset
84 #ifdef __cplusplus
2207e94a0cc3 Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents: 259
diff changeset
85 }
2207e94a0cc3 Add some more oid's for data and enable c++ linkage
Andre Heinecke <aheinecke@intevation.de>
parents: 259
diff changeset
86 #endif
259
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
87
20d515604daa Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff changeset
88 #endif

http://wald.intevation.org/projects/trustbridge/