aheinecke@404: /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik aheinecke@404: * Software engineering by Intevation GmbH aheinecke@404: * aheinecke@404: * This file is Free Software under the GNU GPL (v>=2) aheinecke@404: * and comes with ABSOLUTELY NO WARRANTY! aheinecke@404: * See LICENSE.txt for details. aheinecke@404: */ aheinecke@7: #ifndef LISTUTIL_H aheinecke@7: #define LISTUTIL_H aheinecke@7: aheinecke@7: #ifdef __cplusplus aheinecke@7: extern "C" { aheinecke@7: #endif aheinecke@4: aheinecke@4: #include aheinecke@4: aheinecke@4: /** aheinecke@4: * @file listutil.h aheinecke@4: * @brief Functions to work with the certificate list. aheinecke@4: */ aheinecke@4: aheinecke@7: /** aheinecke@7: * @brief Status of the List Operations aheinecke@7: */ aheinecke@4: typedef enum { aheinecke@31: Valid = 100, // Could be read and signature matched aheinecke@4: UnknownError = 1, // The expected unexpected aheinecke@4: TooLarge = 2, // Failed because the file exeeds the limit aheinecke@4: InvalidFormat = 3, // File does not appear to be in list format aheinecke@4: InvalidSignature = 4, // Signature was invalid aheinecke@31: SeekFailed = 5, // Could not seek in the file aheinecke@31: ReadFailed = 6, // File exists but could not read the file aheinecke@70: IncompatibleVersion = 7, // The Format Version does not match aheinecke@70: NoList = 8 // No list parsed aheinecke@4: } list_status_t; aheinecke@4: aheinecke@68: /* Definitions based on the format */ aheinecke@123: #define MAX_LINE_LENGTH 9999 aheinecke@68: #define MAX_LINES 1000 aheinecke@68: aheinecke@4: /** aheinecke@4: * @brief Obtain the complete and verified Certificate list. aheinecke@4: * aheinecke@4: * This checks if the file fileName is a valid certificate aheinecke@4: * list signed by the key specified in pubkey.h aheinecke@4: * aheinecke@4: * The caller has to free data. aheinecke@4: * aheinecke@4: * @param[in] fileName Name of the file (UTF-8 encoded). aheinecke@4: * @param[out] data Newly allocated pointer to the file content. aheinecke@4: * @param[out] size Size in Bytes of the file content. aheinecke@4: * aheinecke@4: * @return status of the operation. aheinecke@4: */ aheinecke@28: list_status_t read_and_verify_list(const char *fileName, char **data, size_t *size); aheinecke@59: aheinecke@59: /** @brief verify the certificate list aheinecke@59: * aheinecke@59: * The public key to verify against is the static publicKeyPEM data defined aheinecke@59: * in the pubkey header. aheinecke@59: * aheinecke@59: * @param [in] data the list data aheinecke@59: * @param [in] size the size of the data aheinecke@59: * aheinecke@59: * @returns 0 if the list is valid a polarssl error or -1 otherwise aheinecke@59: */ aheinecke@68: int verify_list(const char *data, const size_t size); aheinecke@68: aheinecke@286: /** @brief get a list of the certificates marked with I: or R: aheinecke@68: * aheinecke@286: * Get a list of certificates that are contained in the aheinecke@68: * certificatelist pointed to by data. aheinecke@68: * On Success this function makes a copy of the certificates aheinecke@68: * and the certificates need to be freed by the caller. aheinecke@68: * aheinecke@68: * @param [in] data the certificatelist to parse aheinecke@68: * @param [in] size the size of the certificatelist aheinecke@68: * aheinecke@68: * @returns a newly allocated array of strings containing the encoded aheinecke@68: * certificates or NULL on error. aheinecke@68: * */ aheinecke@286: char **get_certs_from_list (char *data, const size_t size); aheinecke@68: aheinecke@7: #ifdef __cplusplus aheinecke@7: } aheinecke@7: #endif aheinecke@7: #endif