aheinecke@404: /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik aheinecke@404: * Software engineering by Intevation GmbH aheinecke@404: * aheinecke@404: * This file is Free Software under the GNU GPL (v>=2) aheinecke@404: * and comes with ABSOLUTELY NO WARRANTY! aheinecke@404: * See LICENSE.txt for details. aheinecke@404: */ aheinecke@7: #ifndef LISTUTIL_H aheinecke@7: #define LISTUTIL_H aheinecke@7: aheinecke@7: #ifdef __cplusplus aheinecke@7: extern "C" { aheinecke@7: #endif aheinecke@4: aheinecke@4: #include andre@1081: #include aheinecke@4: aheinecke@4: /** aheinecke@4: * @file listutil.h aheinecke@4: * @brief Functions to work with the certificate list. aheinecke@4: */ aheinecke@4: aheinecke@7: /** aheinecke@7: * @brief Status of the List Operations aheinecke@7: */ aheinecke@4: typedef enum { aheinecke@578: Valid = 100, /*! Could be read and signature matched */ aheinecke@578: UnknownError = 1, /*! The expected unexpected */ aheinecke@578: TooLarge = 2, /*! Failed because the file exeeds the limit */ aheinecke@578: InvalidFormat = 3, /*! File does not appear to be in list format */ aheinecke@578: InvalidSignature = 4, /*! Signature was invalid */ aheinecke@578: SeekFailed = 5, /*! Could not seek in the file */ aheinecke@578: ReadFailed = 6, /*! File exists but could not read the file */ aheinecke@578: IncompatibleVersion = 7, /*! The Format Version does not match */ aheinecke@578: NoList = 8 /*! No list parsed */ aheinecke@4: } list_status_t; aheinecke@4: aheinecke@68: /* Definitions based on the format */ aheinecke@123: #define MAX_LINE_LENGTH 9999 aheinecke@68: #define MAX_LINES 1000 aheinecke@68: aheinecke@4: /** aheinecke@4: * @brief Obtain the complete and verified Certificate list. aheinecke@4: * aheinecke@4: * This checks if the file fileName is a valid certificate aheinecke@4: * list signed by the key specified in pubkey.h aheinecke@4: * aheinecke@4: * The caller has to free data. aheinecke@4: * aheinecke@4: * @param[in] fileName Name of the file (UTF-8 encoded). aheinecke@4: * @param[out] data Newly allocated pointer to the file content. aheinecke@4: * @param[out] size Size in Bytes of the file content. aheinecke@4: * aheinecke@4: * @return status of the operation. aheinecke@4: */ aheinecke@28: list_status_t read_and_verify_list(const char *fileName, char **data, size_t *size); aheinecke@59: aheinecke@59: /** @brief verify the certificate list aheinecke@59: * aheinecke@59: * The public key to verify against is the static publicKeyPEM data defined aheinecke@59: * in the pubkey header. aheinecke@59: * aheinecke@59: * @param [in] data the list data aheinecke@59: * @param [in] size the size of the data aheinecke@59: * aheinecke@59: * @returns 0 if the list is valid a polarssl error or -1 otherwise aheinecke@59: */ aheinecke@68: int verify_list(const char *data, const size_t size); aheinecke@68: aheinecke@286: /** @brief get a list of the certificates marked with I: or R: aheinecke@68: * aheinecke@286: * Get a list of certificates that are contained in the aheinecke@68: * certificatelist pointed to by data. aheinecke@68: * On Success this function makes a copy of the certificates aheinecke@68: * and the certificates need to be freed by the caller. aheinecke@68: * aheinecke@68: * @param [in] data the certificatelist to parse aheinecke@68: * @param [in] size the size of the certificatelist aheinecke@68: * aheinecke@68: * @returns a newly allocated array of strings containing the encoded aheinecke@68: * certificates or NULL on error. aheinecke@68: * */ aheinecke@286: char **get_certs_from_list (char *data, const size_t size); aheinecke@68: andre@769: /** andre@769: * @brief Read a file into memory. andre@769: * andre@1081: * The caller needs to free data. If fptr is not NULL it will andre@1081: * recieve the pointer to the read file structure. The caller andre@1081: * is responsible for closing this. andre@1081: * fptr only needs to be closed and is only valid if the andre@1081: * return value is 0. andre@769: * emanuel@1053: * @param[in] file_name Name of the file. andre@769: * @param[out] data the file content andre@769: * @param[out] size size in bytes of the file content. andre@769: * @param[in] max_size the maximum amount of bytes to read. andre@1081: * @param[out] fptr pointer to recieve the FILE ptr or NULL andre@769: * andre@769: * @return 0 on success an error code otherwise. andre@769: */ andre@769: int read_file(const char *file_name, char **data, size_t *size, andre@1081: const size_t max_size, FILE **fptr); aheinecke@7: #ifdef __cplusplus aheinecke@7: } aheinecke@7: #endif aheinecke@7: #endif