1 /* X.509 certificate parser internal definitions 2 * 3 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version 9 * 2 of the Licence, or (at your option) any later version. 10 */ 11 12 #include <linux/time.h> 13 #include <crypto/public_key.h> 14 #include <keys/asymmetric-type.h> 15 16 struct x509_certificate { 17 struct x509_certificate *next; 18 struct x509_certificate *signer; /* Certificate that signed this one */ 19 struct public_key *pub; /* Public key details */ 20 struct public_key_signature *sig; /* Signature parameters */ 21 char *issuer; /* Name of certificate issuer */ 22 char *subject; /* Name of certificate subject */ 23 struct asymmetric_key_id *id; /* Issuer + Serial number */ 24 struct asymmetric_key_id *skid; /* Subject + subjectKeyId (optional) */ 25 time64_t valid_from; 26 time64_t valid_to; 27 const void *tbs; /* Signed data */ 28 unsigned tbs_size; /* Size of signed data */ 29 unsigned raw_sig_size; /* Size of sigature */ 30 const void *raw_sig; /* Signature data */ 31 const void *raw_serial; /* Raw serial number in ASN.1 */ 32 unsigned raw_serial_size; 33 unsigned raw_issuer_size; 34 const void *raw_issuer; /* Raw issuer name in ASN.1 */ 35 const void *raw_subject; /* Raw subject name in ASN.1 */ 36 unsigned raw_subject_size; 37 unsigned raw_skid_size; 38 const void *raw_skid; /* Raw subjectKeyId in ASN.1 */ 39 unsigned index; 40 bool seen; /* Infinite recursion prevention */ 41 bool verified; 42 bool self_signed; /* T if self-signed (check unsupported_sig too) */ 43 bool unsupported_key; /* T if key uses unsupported crypto */ 44 bool unsupported_sig; /* T if signature uses unsupported crypto */ 45 bool blacklisted; 46 }; 47 48 /* 49 * x509_cert_parser.c 50 */ 51 extern void x509_free_certificate(struct x509_certificate *cert); 52 extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen); 53 extern int x509_decode_time(time64_t *_t, size_t hdrlen, 54 unsigned char tag, 55 const unsigned char *value, size_t vlen); 56 57 /* 58 * x509_public_key.c 59 */ 60 extern int x509_get_sig_params(struct x509_certificate *cert); 61 extern int x509_check_for_self_signed(struct x509_certificate *cert); 62