Annotation of embedaddon/axTLS/ssl/crypto_misc.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (c) 2007, Cameron Rich
3: *
4: * All rights reserved.
5: *
6: * Redistribution and use in source and binary forms, with or without
7: * modification, are permitted provided that the following conditions are met:
8: *
9: * * Redistributions of source code must retain the above copyright notice,
10: * this list of conditions and the following disclaimer.
11: * * Redistributions in binary form must reproduce the above copyright notice,
12: * this list of conditions and the following disclaimer in the documentation
13: * and/or other materials provided with the distribution.
14: * * Neither the name of the axTLS project nor the names of its contributors
15: * may be used to endorse or promote products derived from this software
16: * without specific prior written permission.
17: *
18: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19: * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20: * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21: * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
22: * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
23: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
24: * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
25: * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
26: * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
27: * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
28: * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29: */
30:
31: /**
32: * @file crypto_misc.h
33: */
34:
35: #ifndef HEADER_CRYPTO_MISC_H
36: #define HEADER_CRYPTO_MISC_H
37:
38: #ifdef __cplusplus
39: extern "C" {
40: #endif
41:
42: #include "crypto.h"
43: #include "bigint.h"
44:
45: /**************************************************************************
46: * X509 declarations
47: **************************************************************************/
48: #define X509_OK 0
49: #define X509_NOT_OK -1
50: #define X509_VFY_ERROR_NO_TRUSTED_CERT -2
51: #define X509_VFY_ERROR_BAD_SIGNATURE -3
52: #define X509_VFY_ERROR_NOT_YET_VALID -4
53: #define X509_VFY_ERROR_EXPIRED -5
54: #define X509_VFY_ERROR_SELF_SIGNED -6
55: #define X509_VFY_ERROR_INVALID_CHAIN -7
56: #define X509_VFY_ERROR_UNSUPPORTED_DIGEST -8
57: #define X509_INVALID_PRIV_KEY -9
58:
59: /*
60: * The Distinguished Name
61: */
62: #define X509_NUM_DN_TYPES 3
63: #define X509_COMMON_NAME 0
64: #define X509_ORGANIZATION 1
65: #define X509_ORGANIZATIONAL_UNIT 2
66:
67: struct _x509_ctx
68: {
69: char *ca_cert_dn[X509_NUM_DN_TYPES];
70: char *cert_dn[X509_NUM_DN_TYPES];
71: char **subject_alt_dnsnames;
72: time_t not_before;
73: time_t not_after;
74: uint8_t *signature;
75: uint16_t sig_len;
76: uint8_t sig_type;
77: RSA_CTX *rsa_ctx;
78: bigint *digest;
79: struct _x509_ctx *next;
80: };
81:
82: typedef struct _x509_ctx X509_CTX;
83:
84: #ifdef CONFIG_SSL_CERT_VERIFICATION
85: typedef struct
86: {
87: X509_CTX *cert[CONFIG_X509_MAX_CA_CERTS];
88: } CA_CERT_CTX;
89: #endif
90:
91: int x509_new(const uint8_t *cert, int *len, X509_CTX **ctx);
92: void x509_free(X509_CTX *x509_ctx);
93: #ifdef CONFIG_SSL_CERT_VERIFICATION
94: int x509_verify(const CA_CERT_CTX *ca_cert_ctx, const X509_CTX *cert);
95: #endif
96: #ifdef CONFIG_SSL_FULL_MODE
97: void x509_print(const X509_CTX *cert, CA_CERT_CTX *ca_cert_ctx);
98: const char * x509_display_error(int error);
99: #endif
100:
101: /**************************************************************************
102: * ASN1 declarations
103: **************************************************************************/
104: #define ASN1_INTEGER 0x02
105: #define ASN1_BIT_STRING 0x03
106: #define ASN1_OCTET_STRING 0x04
107: #define ASN1_NULL 0x05
108: #define ASN1_PRINTABLE_STR2 0x0C
109: #define ASN1_OID 0x06
110: #define ASN1_PRINTABLE_STR2 0x0C
111: #define ASN1_PRINTABLE_STR 0x13
112: #define ASN1_TELETEX_STR 0x14
113: #define ASN1_IA5_STR 0x16
114: #define ASN1_UTC_TIME 0x17
115: #define ASN1_UNICODE_STR 0x1e
116: #define ASN1_SEQUENCE 0x30
117: #define ASN1_CONTEXT_DNSNAME 0x82
118: #define ASN1_SET 0x31
119: #define ASN1_V3_DATA 0xa3
120: #define ASN1_IMPLICIT_TAG 0x80
121: #define ASN1_CONTEXT_DNSNAME 0x82
122: #define ASN1_EXPLICIT_TAG 0xa0
123: #define ASN1_V3_DATA 0xa3
124:
125: #define SIG_TYPE_MD2 0x02
126: #define SIG_TYPE_MD5 0x04
127: #define SIG_TYPE_SHA1 0x05
128:
129: int get_asn1_length(const uint8_t *buf, int *offset);
130: int asn1_get_private_key(const uint8_t *buf, int len, RSA_CTX **rsa_ctx);
131: int asn1_next_obj(const uint8_t *buf, int *offset, int obj_type);
132: int asn1_skip_obj(const uint8_t *buf, int *offset, int obj_type);
133: int asn1_get_int(const uint8_t *buf, int *offset, uint8_t **object);
134: int asn1_version(const uint8_t *cert, int *offset, X509_CTX *x509_ctx);
135: int asn1_validity(const uint8_t *cert, int *offset, X509_CTX *x509_ctx);
136: int asn1_name(const uint8_t *cert, int *offset, char *dn[]);
137: int asn1_public_key(const uint8_t *cert, int *offset, X509_CTX *x509_ctx);
138: #ifdef CONFIG_SSL_CERT_VERIFICATION
139: int asn1_signature(const uint8_t *cert, int *offset, X509_CTX *x509_ctx);
140: int asn1_find_subjectaltname(const uint8_t* cert, int offset);
141: int asn1_compare_dn(char * const dn1[], char * const dn2[]);
142: #endif /* CONFIG_SSL_CERT_VERIFICATION */
143: int asn1_signature_type(const uint8_t *cert,
144: int *offset, X509_CTX *x509_ctx);
145:
146: /**************************************************************************
147: * MISC declarations
148: **************************************************************************/
149: #define SALT_SIZE 8
150:
151: extern const char * const unsupported_str;
152:
153: typedef void (*crypt_func)(void *, const uint8_t *, uint8_t *, int);
154: typedef void (*hmac_func)(const uint8_t *msg, int length, const uint8_t *key,
155: int key_len, uint8_t *digest);
156:
157: int get_file(const char *filename, uint8_t **buf);
158:
159: #if defined(CONFIG_SSL_FULL_MODE) || defined(WIN32) || defined(CONFIG_DEBUG)
160: EXP_FUNC void STDCALL print_blob(const char *format, const uint8_t *data, int size, ...);
161: #else
162: #define print_blob(...)
163: #endif
164:
165: EXP_FUNC int STDCALL base64_decode(const char *in, int len,
166: uint8_t *out, int *outlen);
167:
168: #ifdef __cplusplus
169: }
170: #endif
171:
172: #endif
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to crypto_misc.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / axTLS / ssl