2 * Copyright (c) 2007, Cameron Rich
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
9 * * Redistributions of source code must retain the above copyright notice,
10 * this list of conditions and the following disclaimer.
11 * * Redistributions in binary form must reproduce the above copyright notice,
12 * this list of conditions and the following disclaimer in the documentation
13 * and/or other materials provided with the distribution.
14 * * Neither the name of the axTLS project nor the names of its contributors
15 * may be used to endorse or promote products derived from this software
16 * without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
22 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
23 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
24 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
25 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
26 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
27 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
28 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 #ifndef HEADER_CRYPTO_MISC_H
36 #define HEADER_CRYPTO_MISC_H
45 /**************************************************************************
47 **************************************************************************/
49 #define X509_NOT_OK -1
50 #define X509_VFY_ERROR_NO_TRUSTED_CERT -2
51 #define X509_VFY_ERROR_BAD_SIGNATURE -3
52 #define X509_VFY_ERROR_NOT_YET_VALID -4
53 #define X509_VFY_ERROR_EXPIRED -5
54 #define X509_VFY_ERROR_SELF_SIGNED -6
55 #define X509_VFY_ERROR_INVALID_CHAIN -7
56 #define X509_VFY_ERROR_UNSUPPORTED_DIGEST -8
57 #define X509_INVALID_PRIV_KEY -9
60 * The Distinguished Name
62 #define X509_NUM_DN_TYPES 3
63 #define X509_COMMON_NAME 0
64 #define X509_ORGANIZATION 1
65 #define X509_ORGANIZATIONAL_UNIT 2
69 char *ca_cert_dn
[X509_NUM_DN_TYPES
];
70 char *cert_dn
[X509_NUM_DN_TYPES
];
78 struct _x509_ctx
*next
;
81 typedef struct _x509_ctx X509_CTX
;
83 #ifdef CONFIG_SSL_CERT_VERIFICATION
86 X509_CTX
*cert
[CONFIG_X509_MAX_CA_CERTS
];
90 int x509_new(const uint8_t *cert
, int *len
, X509_CTX
**ctx
);
91 void x509_free(X509_CTX
*x509_ctx
);
92 #ifdef CONFIG_SSL_CERT_VERIFICATION
93 int x509_verify(const CA_CERT_CTX
*ca_cert_ctx
, const X509_CTX
*cert
);
95 #ifdef CONFIG_SSL_FULL_MODE
96 void x509_print(const X509_CTX
*cert
, CA_CERT_CTX
*ca_cert_ctx
);
97 const char * x509_display_error(int error
);
100 /**************************************************************************
102 **************************************************************************/
103 #define ASN1_INTEGER 0x02
104 #define ASN1_BIT_STRING 0x03
105 #define ASN1_OCTET_STRING 0x04
106 #define ASN1_NULL 0x05
107 #define ASN1_OID 0x06
108 #define ASN1_PRINTABLE_STR 0x13
109 #define ASN1_TELETEX_STR 0x14
110 #define ASN1_IA5_STR 0x16
111 #define ASN1_UTC_TIME 0x17
112 #define ASN1_UNICODE_STR 0x1e
113 #define ASN1_SEQUENCE 0x30
114 #define ASN1_SET 0x31
115 #define ASN1_IMPLICIT_TAG 0x80
116 #define ASN1_EXPLICIT_TAG 0xa0
118 #define SIG_TYPE_MD2 0x02
119 #define SIG_TYPE_MD5 0x04
120 #define SIG_TYPE_SHA1 0x05
122 int get_asn1_length(const uint8_t *buf
, int *offset
);
123 int asn1_get_private_key(const uint8_t *buf
, int len
, RSA_CTX
**rsa_ctx
);
124 int asn1_next_obj(const uint8_t *buf
, int *offset
, int obj_type
);
125 int asn1_skip_obj(const uint8_t *buf
, int *offset
, int obj_type
);
126 int asn1_get_int(const uint8_t *buf
, int *offset
, uint8_t **object
);
127 int asn1_version(const uint8_t *cert
, int *offset
, X509_CTX
*x509_ctx
);
128 int asn1_validity(const uint8_t *cert
, int *offset
, X509_CTX
*x509_ctx
);
129 int asn1_name(const uint8_t *cert
, int *offset
, char *dn
[]);
130 int asn1_public_key(const uint8_t *cert
, int *offset
, X509_CTX
*x509_ctx
);
131 #ifdef CONFIG_SSL_CERT_VERIFICATION
132 int asn1_signature(const uint8_t *cert
, int *offset
, X509_CTX
*x509_ctx
);
133 int asn1_compare_dn(char * const dn1
[], char * const dn2
[]);
135 int asn1_signature_type(const uint8_t *cert
,
136 int *offset
, X509_CTX
*x509_ctx
);
138 /**************************************************************************
140 **************************************************************************/
143 extern const char * const unsupported_str
;
145 typedef void (*crypt_func
)(void *, const uint8_t *, uint8_t *, int);
146 typedef void (*hmac_func
)(const uint8_t *msg
, int length
, const uint8_t *key
,
147 int key_len
, uint8_t *digest
);
149 int get_file(const char *filename
, uint8_t **buf
);
151 #if defined(CONFIG_SSL_FULL_MODE) || defined(WIN32) || defined(CONFIG_DEBUG)
152 EXP_FUNC
void STDCALL
print_blob(const char *format
, const uint8_t *data
, int size
, ...);
154 #define print_blob(...)
157 EXP_FUNC
int STDCALL
base64_decode(const char *in
, int len
,
158 uint8_t *out
, int *outlen
);