view common/listutil.h @ 975:b3695a3399de

(issue86) Install into default directories on Linux If the mozilla process is now started as root it will try to write into the default directories for NSS Shared and mozilla / thunderbird profiles. Cinst will now start the mozilla process once as root.
author Andre Heinecke <andre.heinecke@intevation.de>
date Fri, 29 Aug 2014 12:59:44 +0200
parents 44257ecdae6d
children 78798d3af8f0
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
#ifndef LISTUTIL_H
#define LISTUTIL_H

#ifdef __cplusplus
extern "C" {
#endif

#include <stddef.h>

/**
 * @file listutil.h
 * @brief Functions to work with the certificate list.
 */

/**
 * @brief Status of the List Operations
 */
typedef enum {
    Valid = 100, /*! Could be read and signature matched */
    UnknownError = 1, /*! The expected unexpected */
    TooLarge = 2, /*! Failed because the file exeeds the limit */
    InvalidFormat = 3, /*! File does not appear to be in list format */
    InvalidSignature = 4, /*! Signature was invalid */
    SeekFailed = 5, /*! Could not seek in the file */
    ReadFailed = 6, /*! File exists but could not read the file */
    IncompatibleVersion = 7, /*! The Format Version does not match */
    NoList = 8 /*! No list parsed */
} list_status_t;

/* Definitions based on the format */
#define MAX_LINE_LENGTH 9999
#define MAX_LINES 1000

/**
 * @brief Obtain the complete and verified Certificate list.
 *
 * This checks if the file fileName is a valid certificate
 * list signed by the key specified in pubkey.h
 *
 * The caller has to free data.
 *
 * @param[in] fileName Name of the file (UTF-8 encoded).
 * @param[out] data Newly allocated pointer to the file content.
 * @param[out] size Size in Bytes of the file content.
 *
 * @return status of the operation.
 */
list_status_t read_and_verify_list(const char *fileName, char **data, size_t *size);

/** @brief verify the certificate list
 *
 * The public key to verify against is the static publicKeyPEM data defined
 * in the pubkey header.
 *
 *  @param [in] data the list data
 *  @param [in] size the size of the data
 *
 *  @returns 0 if the list is valid a polarssl error or -1 otherwise
 */
int verify_list(const char *data, const size_t size);

/** @brief get a list of the certificates marked with I: or R:
 *
 * Get a list of certificates that are contained in the
 * certificatelist pointed to by data.
 * On Success this function makes a copy of the certificates
 * and the certificates need to be freed by the caller.
 *
 * @param [in] data the certificatelist to parse
 * @param [in] size the size of the certificatelist
 *
 * @returns a newly allocated array of strings containing the encoded
 * certificates or NULL on error.
 * */
char **get_certs_from_list (char *data, const size_t size);

/**
 *  @brief Read a file into memory.
 *
 * The caller needs to free data
 *
 * @param[in] fileName Name of the file.
 * @param[out] data the file content
 * @param[out] size size in bytes of the file content.
 * @param[in] max_size the maximum amount of bytes to read.
 *
 * @return 0 on success an error code otherwise.
 */
int read_file(const char *file_name, char **data, size_t *size,
              const size_t max_size);
#ifdef __cplusplus
}
#endif
#endif

http://wald.intevation.org/projects/trustbridge/