]>
Commit | Line | Data |
---|---|---|
ec6582cc MW |
1 | /** |
2 | * @file x509.h | |
3 | * | |
4 | * @brief Interface of x509_t. | |
5 | * | |
6 | */ | |
7 | ||
8 | /* | |
9 | * Copyright (C) 2006 Martin Willi | |
10 | * Hochschule fuer Technik Rapperswil | |
11 | * | |
12 | * This program is free software; you can redistribute it and/or modify it | |
13 | * under the terms of the GNU General Public License as published by the | |
14 | * Free Software Foundation; either version 2 of the License, or (at your | |
15 | * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. | |
16 | * | |
17 | * This program is distributed in the hope that it will be useful, but | |
18 | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY | |
19 | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | |
20 | * for more details. | |
21 | */ | |
22 | ||
23 | #ifndef X509_H_ | |
24 | #define X509_H_ | |
25 | ||
26 | #include <types.h> | |
27 | #include <definitions.h> | |
28 | #include <crypto/rsa/rsa_public_key.h> | |
29 | #include <utils/identification.h> | |
30 | #include <utils/iterator.h> | |
31 | ||
32 | ||
33 | typedef struct x509_t x509_t; | |
34 | ||
35 | /** | |
36 | * @brief X509 certificate. | |
37 | * | |
38 | * @b Constructors: | |
39 | * - x509_create_from_chunk() | |
40 | * - x509_create_from_file() | |
41 | * | |
42 | * @todo more code cleanup needed! | |
43 | * @todo fix unimplemented functions... | |
44 | * @todo handle memory management | |
45 | * | |
46 | * @ingroup transforms | |
47 | */ | |
48 | struct x509_t { | |
49 | ||
50 | /** | |
51 | * @brief Get the RSA public key from the certificate. | |
52 | * | |
53 | * @param this calling object | |
54 | * @return public_key | |
55 | */ | |
56 | rsa_public_key_t *(*get_public_key) (x509_t *this); | |
57 | ||
58 | /** | |
59 | * @brief Get the certificate issuers ID. | |
60 | * | |
a8c09d8c MW |
61 | * The resulting ID is always a identification_t |
62 | * of type ID_DER_ASN1_DN. | |
63 | * | |
64 | * @param this calling object | |
65 | * @return issuers ID | |
ec6582cc MW |
66 | */ |
67 | identification_t *(*get_issuer) (x509_t *this); | |
68 | ||
69 | /** | |
70 | * @brief Get the subjects ID. | |
71 | * | |
a8c09d8c MW |
72 | * The resulting ID is always a identification_t |
73 | * of type ID_DER_ASN1_DN. | |
74 | * | |
75 | * @param this calling object | |
76 | * @return subjects ID | |
ec6582cc MW |
77 | */ |
78 | identification_t *(*get_subject) (x509_t *this); | |
79 | ||
80 | /** | |
81 | * @brief Check if a certificate is valid. | |
82 | * | |
83 | * This function uses the issuers public key to verify | |
84 | * the validity of a certificate. | |
85 | * | |
86 | * @todo implement! | |
87 | */ | |
88 | bool (*verify) (x509_t *this, rsa_public_key_t *signer); | |
89 | ||
90 | /** | |
91 | * @brief Get the key identifier of the public key. | |
92 | * | |
93 | * @todo implement! | |
94 | */ | |
95 | chunk_t (*get_subject_key_identifier) (x509_t *this); | |
96 | ||
97 | /** | |
98 | * @brief Compare two certificates. | |
99 | * | |
100 | * Comparison is done via the certificates signature. | |
101 | * | |
102 | * @param this first cert for compare | |
103 | * @param other second cert for compare | |
104 | * @return TRUE if signature is equal | |
105 | */ | |
106 | bool (*equals) (x509_t *this, x509_t *other); | |
107 | ||
108 | /** | |
109 | * @brief Destroys the certificate. | |
110 | * | |
111 | * @param this certificate to destroy | |
112 | */ | |
113 | void (*destroy) (x509_t *this); | |
114 | }; | |
115 | ||
116 | /** | |
117 | * @brief Read a x509 certificate from a DER encoded blob. | |
118 | * | |
119 | * @param chunk chunk containing DER encoded data | |
120 | * @return created x509_t certificate, or NULL if invalid. | |
121 | * | |
122 | * @ingroup transforms | |
123 | */ | |
124 | x509_t *x509_create_from_chunk(chunk_t chunk); | |
125 | ||
126 | /** | |
127 | * @brief Read a x509 certificate from a DER encoded file. | |
128 | * | |
129 | * @param filename file containing DER encoded data | |
130 | * @return created x509_t certificate, or NULL if invalid. | |
131 | * | |
132 | * @ingroup transforms | |
133 | */ | |
134 | x509_t *x509_create_from_file(char *filename); | |
135 | ||
136 | #endif /* X509_H_ */ |