aheinecke@404: /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
aheinecke@404:  * Software engineering by Intevation GmbH
aheinecke@404:  *
aheinecke@404:  * This file is Free Software under the GNU GPL (v>=2)
aheinecke@404:  * and comes with ABSOLUTELY NO WARRANTY!
aheinecke@404:  * See LICENSE.txt for details.
aheinecke@404:  */
aheinecke@7: #ifndef LISTUTIL_H
aheinecke@7: #define LISTUTIL_H
aheinecke@7: 
aheinecke@7: #ifdef __cplusplus
aheinecke@7: extern "C" {
aheinecke@7: #endif
aheinecke@4: 
aheinecke@4: #include <stddef.h>
aheinecke@4: 
aheinecke@4: /**
aheinecke@4:  * @file listutil.h
aheinecke@4:  * @brief Functions to work with the certificate list.
aheinecke@4:  */
aheinecke@4: 
aheinecke@7: /**
aheinecke@7:  * @brief Status of the List Operations
aheinecke@7:  */
aheinecke@4: typedef enum {
aheinecke@578:     Valid = 100, /*! Could be read and signature matched */
aheinecke@578:     UnknownError = 1, /*! The expected unexpected */
aheinecke@578:     TooLarge = 2, /*! Failed because the file exeeds the limit */
aheinecke@578:     InvalidFormat = 3, /*! File does not appear to be in list format */
aheinecke@578:     InvalidSignature = 4, /*! Signature was invalid */
aheinecke@578:     SeekFailed = 5, /*! Could not seek in the file */
aheinecke@578:     ReadFailed = 6, /*! File exists but could not read the file */
aheinecke@578:     IncompatibleVersion = 7, /*! The Format Version does not match */
aheinecke@578:     NoList = 8 /*! No list parsed */
aheinecke@4: } list_status_t;
aheinecke@4: 
aheinecke@68: /* Definitions based on the format */
aheinecke@123: #define MAX_LINE_LENGTH 9999
aheinecke@68: #define MAX_LINES 1000
aheinecke@68: 
aheinecke@4: /**
aheinecke@4:  * @brief Obtain the complete and verified Certificate list.
aheinecke@4:  *
aheinecke@4:  * This checks if the file fileName is a valid certificate
aheinecke@4:  * list signed by the key specified in pubkey.h
aheinecke@4:  *
aheinecke@4:  * The caller has to free data.
aheinecke@4:  *
aheinecke@4:  * @param[in] fileName Name of the file (UTF-8 encoded).
aheinecke@4:  * @param[out] data Newly allocated pointer to the file content.
aheinecke@4:  * @param[out] size Size in Bytes of the file content.
aheinecke@4:  *
aheinecke@4:  * @return status of the operation.
aheinecke@4:  */
aheinecke@28: list_status_t read_and_verify_list(const char *fileName, char **data, size_t *size);
aheinecke@59: 
aheinecke@59: /** @brief verify the certificate list
aheinecke@59:  *
aheinecke@59:  * The public key to verify against is the static publicKeyPEM data defined
aheinecke@59:  * in the pubkey header.
aheinecke@59:  *
aheinecke@59:  *  @param [in] data the list data
aheinecke@59:  *  @param [in] size the size of the data
aheinecke@59:  *
aheinecke@59:  *  @returns 0 if the list is valid a polarssl error or -1 otherwise
aheinecke@59:  */
aheinecke@68: int verify_list(const char *data, const size_t size);
aheinecke@68: 
aheinecke@286: /** @brief get a list of the certificates marked with I: or R:
aheinecke@68:  *
aheinecke@286:  * Get a list of certificates that are contained in the
aheinecke@68:  * certificatelist pointed to by data.
aheinecke@68:  * On Success this function makes a copy of the certificates
aheinecke@68:  * and the certificates need to be freed by the caller.
aheinecke@68:  *
aheinecke@68:  * @param [in] data the certificatelist to parse
aheinecke@68:  * @param [in] size the size of the certificatelist
aheinecke@68:  *
aheinecke@68:  * @returns a newly allocated array of strings containing the encoded
aheinecke@68:  * certificates or NULL on error.
aheinecke@68:  * */
aheinecke@286: char **get_certs_from_list (char *data, const size_t size);
aheinecke@68: 
aheinecke@7: #ifdef __cplusplus
aheinecke@7: }
aheinecke@7: #endif
aheinecke@7: #endif