aheinecke@404: /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik aheinecke@404: * Software engineering by Intevation GmbH aheinecke@404: * aheinecke@404: * This file is Free Software under the GNU GPL (v>=2) aheinecke@404: * and comes with ABSOLUTELY NO WARRANTY! aheinecke@404: * See LICENSE.txt for details. aheinecke@404: */ wilde@259: #ifndef CERTHELP_H wilde@259: #define CERTHELP_H wilde@259: wilde@259: /* Polarssl mh.h contains a conversion which gcc warns about */ andre@1264: #ifndef __clang__ wilde@259: #pragma GCC diagnostic ignored "-Wsign-conversion" wilde@259: #pragma GCC diagnostic ignored "-Wconversion" andre@1264: #endif wilde@259: #include wilde@259: #include andre@1264: #ifndef __clang__ wilde@259: #pragma GCC diagnostic pop wilde@259: #pragma GCC diagnostic pop andre@1264: #endif wilde@259: wilde@259: #define CERT_OID_CN (unsigned char *)OID_AT_CN "\0" wilde@259: #define CERT_OID_O (unsigned char *)OID_AT_ORGANIZATION "\0" aheinecke@337: #define CERT_OID_OU (unsigned char *)OID_AT_ORG_UNIT "\0" aheinecke@337: #define CERT_OID_SN (unsigned char *)OID_AT_SERIAL_NUMBER "\0" andre@1288: andre@1288: #ifdef WIN32 andre@1288: #include andre@1288: #include andre@1288: #endif andre@1288: aheinecke@337: #ifdef __cplusplus aheinecke@337: extern "C" { aheinecke@337: #endif wilde@259: wilde@259: /** wilde@259: * @file wilde@259: * @brief Helper functinos to handle and parse X.509 certificates. wilde@259: * wilde@259: * Simple helper functions based on PolarSSL. wilde@259: */ wilde@259: wilde@259: /** wilde@259: * @brief Extracts value of an gieb OID from an x509_name object. wilde@259: * wilde@259: * The value is copyed to an bull byte terminated c-string. wilde@259: * The caller should free it after use. wilde@259: * @param[in] namebuf ponter to the x509_name object. wilde@259: * @param[in] oid the oid to search for. wilde@259: * @returns the extracted String, or NULL in failure. wilde@259: */ wilde@259: char *get_oid_valstr(x509_name *namebuf, unsigned char *oid); wilde@259: wilde@259: /** wilde@259: * @brief Parse x509 certificate and retrieve specified OID from Subject. wilde@259: * wilde@259: * The value is copyed to an bull byte terminated c-string. wilde@259: * The caller should free it after use. wilde@259: * @param[in] derdata pointer to certificate in DER format. wilde@259: * @param[in] derlen length of the DER data. wilde@259: * @param[in] oid the OID to search for. wilde@259: * @returns the extracted String, or NULL in failure. wilde@259: */ wilde@259: char *x509_parse_subject(unsigned char *derdata, size_t derlen, wilde@259: unsigned char *oid); andre@1288: andre@1288: #ifdef WIN32 andre@1288: /** andre@1288: * @brief Parse a X509 ASN encoded base64 encoded certificate. andre@1288: * andre@1288: * This function creates a Windows cert contect for the certificate andre@1288: * encoded in b64_data. The new certificate has to be freed with andre@1288: * CertFreeCertificateContext. andre@1288: * andre@1288: * @param[in] b64_data pointer to the certificate data. andre@1288: * @param[in] b64_size sizeof the the data. (Without terminating \0) andre@1288: * andre@1288: * @returns NULL on error. andre@1288: */ andre@1288: PCCERT_CONTEXT b64_to_cert_context(char *b64_data, size_t b64_size); andre@1288: #endif andre@1288: aheinecke@337: #ifdef __cplusplus aheinecke@337: } aheinecke@337: #endif wilde@259: wilde@259: #endif