x509v3.c File Reference

#include "includes.h"
#include "common.h"
#include "crypto/crypto.h"
#include "asn1.h"
#include "x509v3.h"

Include dependency graph for x509v3.c:

Go to the source code of this file.

Functions
void	x509_certificate_chain_free (struct x509_certificate *cert)
void	x509_certificate_free (struct x509_certificate *cert)
static void	x509_free_name (struct x509_name *name)
int	x509_name_compare (struct x509_name *a, struct x509_name *b)
static int	x509_parse_algorithm_identifier (const u8 *buf, size_t len, struct x509_algorithm_identifier *id, const u8 **next)
static int	x509_parse_name (const u8 *buf, size_t len, struct x509_name *name, const u8 **next)
static int	x509_parse_public_key (const u8 *buf, size_t len, struct x509_certificate *cert, const u8 **next)
static int	x509_str_compare (const char *a, const char *b)
static void	x509_str_strip_whitespace (char *a)
static int	x509_whitespace (char c)
: Name to convert
x509_name_string - Convert an X.509 certificate name into a string : Buffer for the string : Maximum buffer length
void	x509_name_string (struct x509_name *name, char *buf, size_t len)
static int	x509_parse_time (const u8 *buf, size_t len, u8 asn1_tag, os_time_t *val)
static int	x509_parse_validity (const u8 *buf, size_t len, struct x509_certificate *cert, const u8 **next)
static int	x509_id_ce_oid (struct asn1_oid *oid)
static int	x509_parse_ext_key_usage (struct x509_certificate *cert, const u8 *pos, size_t len)
static int	x509_parse_ext_basic_constraints (struct x509_certificate *cert, const u8 *pos, size_t len)
static int	x509_parse_alt_name_rfc8222 (struct x509_name *name, const u8 *pos, size_t len)
static int	x509_parse_alt_name_dns (struct x509_name *name, const u8 *pos, size_t len)
static int	x509_parse_alt_name_uri (struct x509_name *name, const u8 *pos, size_t len)
static int	x509_parse_alt_name_ip (struct x509_name *name, const u8 *pos, size_t len)
static int	x509_parse_alt_name_rid (struct x509_name *name, const u8 *pos, size_t len)
static int	x509_parse_ext_alt_name (struct x509_name *name, const u8 *pos, size_t len)
static int	x509_parse_ext_subject_alt_name (struct x509_certificate *cert, const u8 *pos, size_t len)
static int	x509_parse_ext_issuer_alt_name (struct x509_certificate *cert, const u8 *pos, size_t len)
static int	x509_parse_extension_data (struct x509_certificate *cert, struct asn1_oid *oid, const u8 *pos, size_t len)
static int	x509_parse_extension (struct x509_certificate *cert, const u8 *pos, size_t len, const u8 **next)
static int	x509_parse_extensions (struct x509_certificate *cert, const u8 *pos, size_t len)
static int	x509_parse_tbs_certificate (const u8 *buf, size_t len, struct x509_certificate *cert, const u8 **next)
static int	x509_rsadsi_oid (struct asn1_oid *oid)
static int	x509_pkcs_oid (struct asn1_oid *oid)
static int	x509_digest_oid (struct asn1_oid *oid)
static int	x509_sha1_oid (struct asn1_oid *oid)
static int	x509_sha256_oid (struct asn1_oid *oid)
struct x509_certificate *	x509_certificate_parse (const u8 *buf, size_t len)
int	x509_certificate_check_signature (struct x509_certificate *issuer, struct x509_certificate *cert)
static int	x509_valid_issuer (const struct x509_certificate *cert)
int	x509_certificate_chain_validate (struct x509_certificate *trusted, struct x509_certificate *chain, int *reason)
: Subject name to search for
x509_certificate_get_subject - Get a certificate based on Subject name : Certificate chain to search through Returns: Pointer to the certificate with the given Subject name or NULL on failure
struct x509_certificate *	x509_certificate_get_subject (struct x509_certificate *chain, struct x509_name *name)
int	x509_certificate_self_signed (struct x509_certificate *cert)

---

Function Documentation

void x509_certificate_chain_free

(

struct x509_certificate *

cert

)

x509_certificate_free - Free an X.509 certificate chain : Pointer to the first certificate in the chain

Definition at line 71 of file x509v3.c.

int x509_certificate_chain_validate	(	struct x509_certificate *	trusted,
		struct x509_certificate *	chain,
		int *	reason
	)

x509_certificate_chain_validate - Validate X.509 certificate chain : List of trusted certificates : Certificate chain to be validated (first chain must be issued by signed by the second certificate in the chain and so on) : Buffer for returning failure reason (X509_VALIDATE_*) Returns: 0 if chain is valid, -1 if not

Definition at line 1813 of file x509v3.c.

int x509_certificate_check_signature	(	struct x509_certificate *	issuer,
		struct x509_certificate *	cert
	)

x509_certificate_check_signature - Verify certificate signature : Issuer certificate : Certificate to be verified Returns: 0 if cert has a valid signature that was signed by the issuer, -1 if not

Definition at line 1565 of file x509v3.c.

void x509_certificate_free

(

struct x509_certificate *

cert

)

x509_certificate_free - Free an X.509 certificate : Certificate to be freed

Definition at line 50 of file x509v3.c.

struct x509_certificate* x509_certificate_get_subject	(	struct x509_certificate *	chain,
		struct x509_name *	name
	)		[read]

Definition at line 1942 of file x509v3.c.

struct x509_certificate* x509_certificate_parse	(	const u8 *	buf,
		size_t	len
	)		[read]

x509_certificate_parse - Parse a X.509 certificate in DER format : Pointer to the X.509 certificate in DER format : Buffer length Returns: Pointer to the parsed certificate or NULL on failure

Caller is responsible for freeing the returned certificate by calling x509_certificate_free().

Definition at line 1459 of file x509v3.c.

int x509_certificate_self_signed

(

struct x509_certificate *

cert

)

x509_certificate_self_signed - Is the certificate self-signed? : Certificate Returns: 1 if certificate is self-signed, 0 if not

Definition at line 1960 of file x509v3.c.

static int x509_digest_oid

(

struct asn1_oid *

oid

)

[static]

Definition at line 1415 of file x509v3.c.

static void x509_free_name

(

struct x509_name *

name

)

[static]

Definition at line 23 of file x509v3.c.

static int x509_id_ce_oid

(

struct asn1_oid *

oid

)

[static]

Definition at line 699 of file x509v3.c.

int x509_name_compare	(	struct x509_name *	a,
		struct x509_name *	b
	)

x509_name_compare - Compare X.509 certificate names : Certificate name : Certificate name Returns: <0, 0, or >0 based on whether a is less than, equal to, or greater than b

Definition at line 152 of file x509v3.c.

void x509_name_string	(	struct x509_name *	name,
		char *	buf,
		size_t	len
	)

Definition at line 459 of file x509v3.c.

static int x509_parse_algorithm_identifier	(	const u8 *	buf,
		size_t	len,
		struct x509_algorithm_identifier *	id,
		const u8 **	next
	)		[static]

Definition at line 189 of file x509v3.c.

static int x509_parse_alt_name_dns	(	struct x509_name *	name,
		const u8 *	pos,
		size_t	len
	)		[static]

Definition at line 853 of file x509v3.c.

static int x509_parse_alt_name_ip	(	struct x509_name *	name,
		const u8 *	pos,
		size_t	len
	)		[static]

Definition at line 899 of file x509v3.c.

static int x509_parse_alt_name_rfc8222	(	struct x509_name *	name,
		const u8 *	pos,
		size_t	len
	)		[static]

Definition at line 831 of file x509v3.c.

static int x509_parse_alt_name_rid	(	struct x509_name *	name,
		const u8 *	pos,
		size_t	len
	)		[static]

Definition at line 914 of file x509v3.c.

static int x509_parse_alt_name_uri	(	struct x509_name *	name,
		const u8 *	pos,
		size_t	len
	)		[static]

Definition at line 875 of file x509v3.c.

static int x509_parse_ext_alt_name	(	struct x509_name *	name,
		const u8 *	pos,
		size_t	len
	)		[static]

Definition at line 930 of file x509v3.c.

static int x509_parse_ext_basic_constraints	(	struct x509_certificate *	cert,
		const u8 *	pos,
		size_t	len
	)		[static]

Definition at line 746 of file x509v3.c.

static int x509_parse_ext_issuer_alt_name	(	struct x509_certificate *	cert,
		const u8 *	pos,
		size_t	len
	)		[static]

Definition at line 1035 of file x509v3.c.

static int x509_parse_ext_key_usage	(	struct x509_certificate *	cert,
		const u8 *	pos,
		size_t	len
	)		[static]

Definition at line 709 of file x509v3.c.

static int x509_parse_ext_subject_alt_name	(	struct x509_certificate *	cert,
		const u8 *	pos,
		size_t	len
	)		[static]

Definition at line 1008 of file x509v3.c.

static int x509_parse_extension	(	struct x509_certificate *	cert,
		const u8 *	pos,
		size_t	len,
		const u8 **	next
	)		[static]

Definition at line 1091 of file x509v3.c.

static int x509_parse_extension_data	(	struct x509_certificate *	cert,
		struct asn1_oid *	oid,
		const u8 *	pos,
		size_t	len
	)		[static]

Definition at line 1062 of file x509v3.c.

static int x509_parse_extensions	(	struct x509_certificate *	cert,
		const u8 *	pos,
		size_t	len
	)		[static]

Definition at line 1173 of file x509v3.c.

static int x509_parse_name	(	const u8 *	buf,
		size_t	len,
		struct x509_name *	name,
		const u8 **	next
	)		[static]

Definition at line 301 of file x509v3.c.

static int x509_parse_public_key	(	const u8 *	buf,
		size_t	len,
		struct x509_certificate *	cert,
		const u8 **	next
	)		[static]

Definition at line 228 of file x509v3.c.

static int x509_parse_tbs_certificate	(	const u8 *	buf,
		size_t	len,
		struct x509_certificate *	cert,
		const u8 **	next
	)		[static]

Definition at line 1203 of file x509v3.c.

static int x509_parse_time	(	const u8 *	buf,
		size_t	len,
		u8	asn1_tag,
		os_time_t *	val
	)		[static]

Definition at line 525 of file x509v3.c.

static int x509_parse_validity	(	const u8 *	buf,
		size_t	len,
		struct x509_certificate *	cert,
		const u8 **	next
	)		[static]

Definition at line 635 of file x509v3.c.

static int x509_pkcs_oid

(

struct asn1_oid *

oid

)

[static]

Definition at line 1407 of file x509v3.c.

static int x509_rsadsi_oid

(

struct asn1_oid *

oid

)

[static]

Definition at line 1397 of file x509v3.c.

static int x509_sha1_oid

(

struct asn1_oid *

oid

)

[static]

Definition at line 1423 of file x509v3.c.

static int x509_sha256_oid

(

struct asn1_oid *

oid

)

[static]

Definition at line 1435 of file x509v3.c.

static int x509_str_compare	(	const char *	a,
		const char *	b
	)		[static]

Definition at line 112 of file x509v3.c.

static void x509_str_strip_whitespace

(

char *

a

)

[static]

Definition at line 90 of file x509v3.c.

static int x509_valid_issuer

(

const struct x509_certificate *

cert

)

[static]

Definition at line 1778 of file x509v3.c.

static int x509_whitespace

(

char

c

)

[static]

Definition at line 84 of file x509v3.c.