4 * @brief Interface of x509_t.
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
27 #include <definitions.h>
28 #include <crypto/rsa/rsa_public_key.h>
29 #include <utils/identification.h>
30 #include <utils/iterator.h>
33 typedef struct x509_t x509_t
;
36 * @brief X509 certificate.
39 * - x509_create_from_chunk()
40 * - x509_create_from_file()
42 * @todo more code cleanup needed!
43 * @todo fix unimplemented functions...
44 * @todo handle memory management
51 * @brief Get the RSA public key from the certificate.
53 * @param this calling object
56 rsa_public_key_t
*(*get_public_key
) (x509_t
*this);
59 * @brief Get the certificate issuers ID.
61 * The resulting ID is always a identification_t
62 * of type ID_DER_ASN1_DN.
64 * @param this calling object
67 identification_t
*(*get_issuer
) (x509_t
*this);
70 * @brief Get the subjects ID.
72 * The resulting ID is always a identification_t
73 * of type ID_DER_ASN1_DN.
75 * @param this calling object
78 identification_t
*(*get_subject
) (x509_t
*this);
81 * @brief Check if a certificate is valid.
83 * This function uses the issuers public key to verify
84 * the validity of a certificate.
88 bool (*verify
) (x509_t
*this, rsa_public_key_t
*signer
);
91 * @brief Get the key identifier of the public key.
95 chunk_t (*get_subject_key_identifier
) (x509_t
*this);
98 * @brief Compare two certificates.
100 * Comparison is done via the certificates signature.
102 * @param this first cert for compare
103 * @param other second cert for compare
104 * @return TRUE if signature is equal
106 bool (*equals
) (x509_t
*this, x509_t
*other
);
109 * @brief Destroys the certificate.
111 * @param this certificate to destroy
113 void (*destroy
) (x509_t
*this);
117 * @brief Read a x509 certificate from a DER encoded blob.
119 * @param chunk chunk containing DER encoded data
120 * @return created x509_t certificate, or NULL if invalid.
122 * @ingroup transforms
124 x509_t
*x509_create_from_chunk(chunk_t chunk
);
127 * @brief Read a x509 certificate from a DER encoded file.
129 * @param filename file containing DER encoded data
130 * @return created x509_t certificate, or NULL if invalid.
132 * @ingroup transforms
134 x509_t
*x509_create_from_file(char *filename
);