view common/certhelp.h @ 1306:845048d4a69f

(issue159) Use user specific appdata directory for nss list with simple rights. Using the ProgramData folder with resticted access rights failed in case the process was not elevated.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 13 Oct 2014 12:31:37 +0200
parents 265583011f24
children
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
#ifndef CERTHELP_H
#define CERTHELP_H

/* Polarssl mh.h contains a conversion which gcc warns about */
#ifndef __clang__
#pragma GCC diagnostic ignored "-Wsign-conversion"
#pragma GCC diagnostic ignored "-Wconversion"
#endif
#include <polarssl/oid.h>
#include <polarssl/x509_crt.h>
#ifndef __clang__
#pragma GCC diagnostic pop
#pragma GCC diagnostic pop
#endif

#define CERT_OID_CN     (unsigned char *)OID_AT_CN "\0"
#define CERT_OID_O      (unsigned char *)OID_AT_ORGANIZATION "\0"
#define CERT_OID_OU     (unsigned char *)OID_AT_ORG_UNIT "\0"
#define CERT_OID_SN     (unsigned char *)OID_AT_SERIAL_NUMBER "\0"

#ifdef WIN32
#include <windows.h>
#include <wincrypt.h>
#endif

#ifdef __cplusplus
extern "C" {
#endif

/**
 * @file
 * @brief Helper functinos to handle and parse X.509 certificates.
 *
 * Simple helper functions based on PolarSSL.
 */

/**
 * @brief Extracts value of an gieb OID from an x509_name object.
 *
 * The value is copyed to an bull byte terminated c-string.
 * The caller should free it after use.
 * @param[in] namebuf ponter to the x509_name object.
 * @param[in] oid the oid to search for.
 * @returns the extracted String, or NULL in failure.
 */
char *get_oid_valstr(x509_name *namebuf, unsigned char *oid);

/**
 * @brief Parse x509 certificate and retrieve specified OID from Subject.
 *
 * The value is copyed to an bull byte terminated c-string.
 * The caller should free it after use.
 * @param[in] derdata pointer to certificate in DER format.
 * @param[in] derlen length of the DER data.
 * @param[in] oid the OID to search for.
 * @returns the extracted String, or NULL in failure.
 */
char *x509_parse_subject(unsigned char *derdata, size_t derlen,
                         unsigned char *oid);

#ifdef WIN32
/**
 * @brief Parse a X509 ASN encoded base64 encoded certificate.
 *
 * This function creates a Windows cert contect for the certificate
 * encoded in b64_data. The new certificate has to be freed with
 * CertFreeCertificateContext.
 *
 * @param[in] b64_data pointer to the certificate data.
 * @param[in] b64_size sizeof the the data. (Without terminating \0)
 *
 * @returns NULL on error.
 */
PCCERT_CONTEXT b64_to_cert_context(char *b64_data, size_t b64_size);
#endif

#ifdef __cplusplus
}
#endif

#endif

http://wald.intevation.org/projects/trustbridge/