Mercurial > trustbridge
view common/certhelp.h @ 1367:e7a8ec3185f2
Add nosign option to linux-createpackage and use it in create-dist-package
This should prevent doubled signatures in distributed packages which
were first signed on the development system with the test key and
then from the administrator application.
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Mon, 24 Nov 2014 14:03:47 +0100 |
parents | 265583011f24 |
children |
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik * Software engineering by Intevation GmbH * * This file is Free Software under the GNU GPL (v>=2) * and comes with ABSOLUTELY NO WARRANTY! * See LICENSE.txt for details. */ #ifndef CERTHELP_H #define CERTHELP_H /* Polarssl mh.h contains a conversion which gcc warns about */ #ifndef __clang__ #pragma GCC diagnostic ignored "-Wsign-conversion" #pragma GCC diagnostic ignored "-Wconversion" #endif #include <polarssl/oid.h> #include <polarssl/x509_crt.h> #ifndef __clang__ #pragma GCC diagnostic pop #pragma GCC diagnostic pop #endif #define CERT_OID_CN (unsigned char *)OID_AT_CN "\0" #define CERT_OID_O (unsigned char *)OID_AT_ORGANIZATION "\0" #define CERT_OID_OU (unsigned char *)OID_AT_ORG_UNIT "\0" #define CERT_OID_SN (unsigned char *)OID_AT_SERIAL_NUMBER "\0" #ifdef WIN32 #include <windows.h> #include <wincrypt.h> #endif #ifdef __cplusplus extern "C" { #endif /** * @file * @brief Helper functinos to handle and parse X.509 certificates. * * Simple helper functions based on PolarSSL. */ /** * @brief Extracts value of an gieb OID from an x509_name object. * * The value is copyed to an bull byte terminated c-string. * The caller should free it after use. * @param[in] namebuf ponter to the x509_name object. * @param[in] oid the oid to search for. * @returns the extracted String, or NULL in failure. */ char *get_oid_valstr(x509_name *namebuf, unsigned char *oid); /** * @brief Parse x509 certificate and retrieve specified OID from Subject. * * The value is copyed to an bull byte terminated c-string. * The caller should free it after use. * @param[in] derdata pointer to certificate in DER format. * @param[in] derlen length of the DER data. * @param[in] oid the OID to search for. * @returns the extracted String, or NULL in failure. */ char *x509_parse_subject(unsigned char *derdata, size_t derlen, unsigned char *oid); #ifdef WIN32 /** * @brief Parse a X509 ASN encoded base64 encoded certificate. * * This function creates a Windows cert contect for the certificate * encoded in b64_data. The new certificate has to be freed with * CertFreeCertificateContext. * * @param[in] b64_data pointer to the certificate data. * @param[in] b64_size sizeof the the data. (Without terminating \0) * * @returns NULL on error. */ PCCERT_CONTEXT b64_to_cert_context(char *b64_data, size_t b64_size); #endif #ifdef __cplusplus } #endif #endif