blob: 2cd883fb45fc54649a0ab0fb518decc990b04091 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +00001/**
2 * \file x509.h
Paul Bakkere0ccd0a2009-01-04 16:27:10 +00003 *
Paul Bakker37ca75d2011-01-06 12:28:03 +00004 * \brief X.509 certificate and private key decoding
5 *
Paul Bakkerefc30292011-11-10 14:43:23 +00006 * Copyright (C) 2006-2011, Brainspark B.V.
Paul Bakkerb96f1542010-07-18 20:36:00 +00007 *
8 * This file is part of PolarSSL (http://www.polarssl.org)
Paul Bakker84f12b72010-07-18 10:13:04 +00009 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Paul Bakkerb96f1542010-07-18 20:36:00 +000010 *
Paul Bakker77b385e2009-07-28 17:23:11 +000011 * All rights reserved.
Paul Bakkere0ccd0a2009-01-04 16:27:10 +000012 *
Paul Bakkere0ccd0a2009-01-04 16:27:10 +000013 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License along
24 * with this program; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Paul Bakker5121ce52009-01-03 21:22:43 +000026 */
Paul Bakker40e46942009-01-03 21:51:57 +000027#ifndef POLARSSL_X509_H
28#define POLARSSL_X509_H
Paul Bakker5121ce52009-01-03 21:22:43 +000029
Paul Bakkerefc30292011-11-10 14:43:23 +000030#include "asn1.h"
Paul Bakker314052f2011-08-15 09:07:52 +000031#include "rsa.h"
32#include "dhm.h"
Paul Bakker5121ce52009-01-03 21:22:43 +000033
Paul Bakker37ca75d2011-01-06 12:28:03 +000034/**
Paul Bakker0f5f72e2011-01-18 14:58:55 +000035 * \addtogroup x509_module
36 * \{
Paul Bakker13e2dfe2009-07-28 07:18:38 +000037 */
Paul Bakker37ca75d2011-01-06 12:28:03 +000038
Paul Bakker37ca75d2011-01-06 12:28:03 +000039/**
Paul Bakker0f5f72e2011-01-18 14:58:55 +000040 * \name X509 Error codes
41 * \{
Paul Bakker13e2dfe2009-07-28 07:18:38 +000042 */
Paul Bakker9d781402011-05-09 16:17:09 +000043#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */
44#define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x2100 /**< The PEM-encoded certificate contains invalid elements, e.g. invalid character. */
45#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x2180 /**< The certificate format is invalid, e.g. different type expected. */
46#define POLARSSL_ERR_X509_CERT_INVALID_VERSION -0x2200 /**< The certificate version element is invalid. */
47#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */
48#define POLARSSL_ERR_X509_CERT_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */
49#define POLARSSL_ERR_X509_CERT_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */
50#define POLARSSL_ERR_X509_CERT_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */
51#define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY -0x2480 /**< The pubkey tag or value is invalid (only RSA is supported). */
52#define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE -0x2500 /**< The signature tag or value invalid. */
53#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x2580 /**< The extension tag or value is invalid. */
54#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x2600 /**< Certificate or CRL has an unsupported version number. */
55#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x2680 /**< Signature algorithm (oid) is unsupported. */
Paul Bakkered56b222011-07-13 11:26:43 +000056#define POLARSSL_ERR_X509_UNKNOWN_PK_ALG -0x2700 /**< Key algorithm is unsupported (only RSA is supported). */
Paul Bakker9d781402011-05-09 16:17:09 +000057#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x2780 /**< Certificate signature algorithms do not match. (see \c ::x509_cert sig_oid) */
58#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2800 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
59#define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x2880 /**< Unsupported RSA key version */
60#define POLARSSL_ERR_X509_KEY_INVALID_FORMAT -0x2900 /**< Invalid RSA key tag or value. */
Paul Bakker6c0ceb32011-12-04 12:24:18 +000061#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2980 /**< Format not recognized as DER or PEM. */
Paul Bakker69e095c2011-12-10 21:55:01 +000062#define POLARSSL_ERR_X509_INVALID_INPUT -0x2A00 /**< Input invalid. */
63#define POLARSSL_ERR_X509_MALLOC_FAILED -0x2A80 /**< Allocation of memory failed. */
64#define POLARSSL_ERR_X509_FILE_IO_ERROR -0x2B00 /**< Read/write of file failed. */
Paul Bakker0f5f72e2011-01-18 14:58:55 +000065/* \} name */
Paul Bakker5121ce52009-01-03 21:22:43 +000066
Paul Bakker37ca75d2011-01-06 12:28:03 +000067
68/**
Paul Bakker0f5f72e2011-01-18 14:58:55 +000069 * \name X509 Verify codes
70 * \{
Paul Bakker37ca75d2011-01-06 12:28:03 +000071 */
Paul Bakkercdf07e92011-01-30 17:05:13 +000072#define BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */
73#define BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */
74#define BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */
75#define BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */
76#define BADCRL_NOT_TRUSTED 0x10 /**< CRL is not correctly signed by the trusted CA. */
77#define BADCRL_EXPIRED 0x20 /**< CRL is expired. */
78#define BADCERT_MISSING 0x40 /**< Certificate was missing. */
79#define BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */
Paul Bakker0f5f72e2011-01-18 14:58:55 +000080/* \} name */
Paul Bakker0f5f72e2011-01-18 14:58:55 +000081/* \} addtogroup x509_module */
Paul Bakker5121ce52009-01-03 21:22:43 +000082
83/*
84 * various object identifiers
85 */
86#define X520_COMMON_NAME 3
87#define X520_COUNTRY 6
88#define X520_LOCALITY 7
89#define X520_STATE 8
90#define X520_ORGANIZATION 10
91#define X520_ORG_UNIT 11
92#define PKCS9_EMAIL 1
93
94#define X509_OUTPUT_DER 0x01
95#define X509_OUTPUT_PEM 0x02
96#define PEM_LINE_LENGTH 72
97#define X509_ISSUER 0x01
98#define X509_SUBJECT 0x02
99
100#define OID_X520 "\x55\x04"
Paul Bakker74111d32011-01-15 16:57:55 +0000101#define OID_CN OID_X520 "\x03"
Paul Bakkerbdb912d2012-02-13 23:11:30 +0000102#define OID_COUNTRY OID_X520 "\x06"
103#define OID_LOCALITY OID_X520 "\x07"
104#define OID_STATE OID_X520 "\x08"
105#define OID_ORGANIZATION OID_X520 "\x0A"
106#define OID_ORG_UNIT OID_X520 "\x0B"
Paul Bakker74111d32011-01-15 16:57:55 +0000107
Paul Bakker5121ce52009-01-03 21:22:43 +0000108#define OID_PKCS1 "\x2A\x86\x48\x86\xF7\x0D\x01\x01"
Paul Bakker74111d32011-01-15 16:57:55 +0000109#define OID_PKCS1_RSA OID_PKCS1 "\x01"
Paul Bakkerbdb912d2012-02-13 23:11:30 +0000110#define OID_PKCS1_SHA1 OID_PKCS1 "\x05"
Paul Bakker400ff6f2011-02-20 10:40:16 +0000111
112#define OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D"
Paul Bakker74111d32011-01-15 16:57:55 +0000113
Paul Bakker5121ce52009-01-03 21:22:43 +0000114#define OID_PKCS9 "\x2A\x86\x48\x86\xF7\x0D\x01\x09"
Paul Bakker74111d32011-01-15 16:57:55 +0000115#define OID_PKCS9_EMAIL OID_PKCS9 "\x01"
116
117/** ISO arc for standard certificate and CRL extensions */
118#define OID_ID_CE "\x55\x1D" /**< id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} */
119
120/**
121 * Private Internet Extensions
122 * { iso(1) identified-organization(3) dod(6) internet(1)
123 * security(5) mechanisms(5) pkix(7) }
124 */
125#define OID_PKIX "\x2B\x06\x01\x05\x05\x07"
126
127/*
128 * OIDs for standard certificate extensions
129 */
130#define OID_AUTHORITY_KEY_IDENTIFIER OID_ID_CE "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } */
131#define OID_SUBJECT_KEY_IDENTIFIER OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } */
132#define OID_KEY_USAGE OID_ID_CE "\x0F" /**< id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } */
133#define OID_CERTIFICATE_POLICIES OID_ID_CE "\x20" /**< id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } */
134#define OID_POLICY_MAPPINGS OID_ID_CE "\x21" /**< id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } */
135#define OID_SUBJECT_ALT_NAME OID_ID_CE "\x11" /**< id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } */
136#define OID_ISSUER_ALT_NAME OID_ID_CE "\x12" /**< id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } */
137#define OID_SUBJECT_DIRECTORY_ATTRS OID_ID_CE "\x09" /**< id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } */
138#define OID_BASIC_CONSTRAINTS OID_ID_CE "\x13" /**< id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } */
139#define OID_NAME_CONSTRAINTS OID_ID_CE "\x1E" /**< id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } */
140#define OID_POLICY_CONSTRAINTS OID_ID_CE "\x24" /**< id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } */
141#define OID_EXTENDED_KEY_USAGE OID_ID_CE "\x25" /**< id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } */
142#define OID_CRL_DISTRIBUTION_POINTS OID_ID_CE "\x1F" /**< id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 } */
143#define OID_INIHIBIT_ANYPOLICY OID_ID_CE "\x36" /**< id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } */
144#define OID_FRESHEST_CRL OID_ID_CE "\x2E" /**< id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46 } */
145
146/*
147 * X.509 v3 Key Usage Extension flags
148 */
149#define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */
150#define KU_NON_REPUDIATION (0x40) /* bit 1 */
151#define KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */
152#define KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */
153#define KU_KEY_AGREEMENT (0x08) /* bit 4 */
154#define KU_KEY_CERT_SIGN (0x04) /* bit 5 */
155#define KU_CRL_SIGN (0x02) /* bit 6 */
156
157/*
158 * X.509 v3 Extended key usage OIDs
159 */
160#define OID_ANY_EXTENDED_KEY_USAGE OID_EXTENDED_KEY_USAGE "\x00" /**< anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } */
161
162#define OID_KP OID_PKIX "\x03" /**< id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } */
163#define OID_SERVER_AUTH OID_KP "\x01" /**< id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } */
164#define OID_CLIENT_AUTH OID_KP "\x02" /**< id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } */
165#define OID_CODE_SIGNING OID_KP "\x03" /**< id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } */
166#define OID_EMAIL_PROTECTION OID_KP "\x04" /**< id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } */
167#define OID_TIME_STAMPING OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */
168#define OID_OCSP_SIGNING OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */
169
170#define STRING_SERVER_AUTH "TLS Web Server Authentication"
171#define STRING_CLIENT_AUTH "TLS Web Client Authentication"
172#define STRING_CODE_SIGNING "Code Signing"
173#define STRING_EMAIL_PROTECTION "E-mail Protection"
174#define STRING_TIME_STAMPING "Time Stamping"
175#define STRING_OCSP_SIGNING "OCSP Signing"
176
177/*
178 * OIDs for CRL extensions
179 */
180#define OID_PRIVATE_KEY_USAGE_PERIOD OID_ID_CE "\x10"
181#define OID_CRL_NUMBER OID_ID_CE "\x14" /**< id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } */
182
183/*
184 * Netscape certificate extensions
185 */
186#define OID_NETSCAPE "\x60\x86\x48\x01\x86\xF8\x42" /**< Netscape OID */
187#define OID_NS_CERT OID_NETSCAPE "\x01"
188#define OID_NS_CERT_TYPE OID_NS_CERT "\x01"
189#define OID_NS_BASE_URL OID_NS_CERT "\x02"
190#define OID_NS_REVOCATION_URL OID_NS_CERT "\x03"
191#define OID_NS_CA_REVOCATION_URL OID_NS_CERT "\x04"
192#define OID_NS_RENEWAL_URL OID_NS_CERT "\x07"
193#define OID_NS_CA_POLICY_URL OID_NS_CERT "\x08"
194#define OID_NS_SSL_SERVER_NAME OID_NS_CERT "\x0C"
195#define OID_NS_COMMENT OID_NS_CERT "\x0D"
196#define OID_NS_DATA_TYPE OID_NETSCAPE "\x02"
197#define OID_NS_CERT_SEQUENCE OID_NS_DATA_TYPE "\x05"
198
199/*
200 * Netscape certificate types
201 * (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html)
202 */
203
204#define NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */
205#define NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */
206#define NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */
207#define NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */
208#define NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */
209#define NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */
210#define NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */
211#define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */
212
213#define EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
214#define EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
215#define EXT_KEY_USAGE (1 << 2)
216#define EXT_CERTIFICATE_POLICIES (1 << 3)
217#define EXT_POLICY_MAPPINGS (1 << 4)
218#define EXT_SUBJECT_ALT_NAME (1 << 5)
219#define EXT_ISSUER_ALT_NAME (1 << 6)
220#define EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
221#define EXT_BASIC_CONSTRAINTS (1 << 8)
222#define EXT_NAME_CONSTRAINTS (1 << 9)
223#define EXT_POLICY_CONSTRAINTS (1 << 10)
224#define EXT_EXTENDED_KEY_USAGE (1 << 11)
225#define EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
226#define EXT_INIHIBIT_ANYPOLICY (1 << 13)
227#define EXT_FRESHEST_CRL (1 << 14)
228
229#define EXT_NS_CERT_TYPE (1 << 16)
Paul Bakker5121ce52009-01-03 21:22:43 +0000230
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000231/*
232 * Storage format identifiers
233 * Recognized formats: PEM and DER
234 */
235#define X509_FORMAT_DER 1
236#define X509_FORMAT_PEM 2
237
Paul Bakker37ca75d2011-01-06 12:28:03 +0000238/**
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000239 * \addtogroup x509_module
240 * \{ */
Paul Bakker37ca75d2011-01-06 12:28:03 +0000241
242/**
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000243 * \name Structures for parsing X.509 certificates and CRLs
244 * \{
Paul Bakker37ca75d2011-01-06 12:28:03 +0000245 */
246
247/**
248 * Type-length-value structure that allows for ASN1 using DER.
Paul Bakker5121ce52009-01-03 21:22:43 +0000249 */
Paul Bakkerefc30292011-11-10 14:43:23 +0000250typedef asn1_buf x509_buf;
Paul Bakker5121ce52009-01-03 21:22:43 +0000251
Paul Bakker37ca75d2011-01-06 12:28:03 +0000252/**
Paul Bakker74111d32011-01-15 16:57:55 +0000253 * Container for ASN1 bit strings.
254 */
Paul Bakkerefc30292011-11-10 14:43:23 +0000255typedef asn1_bitstring x509_bitstring;
Paul Bakker74111d32011-01-15 16:57:55 +0000256
257/**
Paul Bakker37ca75d2011-01-06 12:28:03 +0000258 * Container for ASN1 named information objects.
259 * It allows for Relative Distinguished Names (e.g. cn=polarssl,ou=code,etc.).
260 */
Paul Bakker5121ce52009-01-03 21:22:43 +0000261typedef struct _x509_name
262{
Paul Bakker37ca75d2011-01-06 12:28:03 +0000263 x509_buf oid; /**< The object identifier. */
264 x509_buf val; /**< The named value. */
265 struct _x509_name *next; /**< The next named information object. */
Paul Bakker5121ce52009-01-03 21:22:43 +0000266}
267x509_name;
268
Paul Bakker74111d32011-01-15 16:57:55 +0000269/**
270 * Container for a sequence of ASN.1 items
271 */
Paul Bakkerefc30292011-11-10 14:43:23 +0000272typedef asn1_sequence x509_sequence;
Paul Bakker74111d32011-01-15 16:57:55 +0000273
Paul Bakker37ca75d2011-01-06 12:28:03 +0000274/** Container for date and time (precision in seconds). */
Paul Bakker5121ce52009-01-03 21:22:43 +0000275typedef struct _x509_time
276{
Paul Bakker37ca75d2011-01-06 12:28:03 +0000277 int year, mon, day; /**< Date. */
278 int hour, min, sec; /**< Time. */
Paul Bakker5121ce52009-01-03 21:22:43 +0000279}
280x509_time;
281
Paul Bakker37ca75d2011-01-06 12:28:03 +0000282/**
283 * Container for an X.509 certificate. The certificate may be chained.
284 */
Paul Bakker5121ce52009-01-03 21:22:43 +0000285typedef struct _x509_cert
286{
Paul Bakker37ca75d2011-01-06 12:28:03 +0000287 x509_buf raw; /**< The raw certificate data (DER). */
288 x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
Paul Bakker5121ce52009-01-03 21:22:43 +0000289
Paul Bakker37ca75d2011-01-06 12:28:03 +0000290 int version; /**< The X.509 version. (0=v1, 1=v2, 2=v3) */
291 x509_buf serial; /**< Unique id for certificate issued by a specific CA. */
292 x509_buf sig_oid1; /**< Signature algorithm, e.g. sha1RSA */
Paul Bakker5121ce52009-01-03 21:22:43 +0000293
Paul Bakker37ca75d2011-01-06 12:28:03 +0000294 x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */
295 x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */
Paul Bakker5121ce52009-01-03 21:22:43 +0000296
Paul Bakker37ca75d2011-01-06 12:28:03 +0000297 x509_name issuer; /**< The parsed issuer data (named information object). */
298 x509_name subject; /**< The parsed subject data (named information object). */
Paul Bakker5121ce52009-01-03 21:22:43 +0000299
Paul Bakker37ca75d2011-01-06 12:28:03 +0000300 x509_time valid_from; /**< Start time of certificate validity. */
301 x509_time valid_to; /**< End time of certificate validity. */
Paul Bakker5121ce52009-01-03 21:22:43 +0000302
Paul Bakker37ca75d2011-01-06 12:28:03 +0000303 x509_buf pk_oid; /**< Subject public key info. Includes the public key algorithm and the key itself. */
304 rsa_context rsa; /**< Container for the RSA context. Only RSA is supported for public keys at this time. */
Paul Bakker5121ce52009-01-03 21:22:43 +0000305
Paul Bakker37ca75d2011-01-06 12:28:03 +0000306 x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */
307 x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */
308 x509_buf v3_ext; /**< Optional X.509 v3 extensions. Only Basic Contraints are supported at this time. */
Paul Bakkera8cd2392012-02-11 16:09:32 +0000309 x509_sequence subject_alt_names; /**< Optional list of Subject Alternative Names (Only dNSName supported). */
Paul Bakker5121ce52009-01-03 21:22:43 +0000310
Paul Bakker74111d32011-01-15 16:57:55 +0000311 int ext_types; /**< Bit string containing detected and parsed extensions */
Paul Bakker37ca75d2011-01-06 12:28:03 +0000312 int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */
313 int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. */
Paul Bakker5121ce52009-01-03 21:22:43 +0000314
Paul Bakker74111d32011-01-15 16:57:55 +0000315 unsigned char key_usage; /**< Optional key usage extension value: See the values below */
316
317 x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */
318
319 unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values below */
320
Paul Bakker37ca75d2011-01-06 12:28:03 +0000321 x509_buf sig_oid2; /**< Signature algorithm. Must match sig_oid1. */
322 x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */
323 int sig_alg; /**< Internal representation of the signature algorithm, e.g. SIG_RSA_MD2 */
Paul Bakker5121ce52009-01-03 21:22:43 +0000324
Paul Bakker37ca75d2011-01-06 12:28:03 +0000325 struct _x509_cert *next; /**< Next certificate in the CA-chain. */
Paul Bakker5121ce52009-01-03 21:22:43 +0000326}
327x509_cert;
328
Paul Bakker37ca75d2011-01-06 12:28:03 +0000329/**
330 * Certificate revocation list entry.
331 * Contains the CA-specific serial numbers and revocation dates.
332 */
Paul Bakkerd98030e2009-05-02 15:13:40 +0000333typedef struct _x509_crl_entry
334{
335 x509_buf raw;
336
337 x509_buf serial;
338
339 x509_time revocation_date;
340
341 x509_buf entry_ext;
342
343 struct _x509_crl_entry *next;
344}
345x509_crl_entry;
346
Paul Bakker37ca75d2011-01-06 12:28:03 +0000347/**
348 * Certificate revocation list structure.
349 * Every CRL may have multiple entries.
350 */
Paul Bakkerd98030e2009-05-02 15:13:40 +0000351typedef struct _x509_crl
352{
Paul Bakker37ca75d2011-01-06 12:28:03 +0000353 x509_buf raw; /**< The raw certificate data (DER). */
354 x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
Paul Bakkerd98030e2009-05-02 15:13:40 +0000355
356 int version;
357 x509_buf sig_oid1;
358
Paul Bakker37ca75d2011-01-06 12:28:03 +0000359 x509_buf issuer_raw; /**< The raw issuer data (DER). */
Paul Bakkerd98030e2009-05-02 15:13:40 +0000360
Paul Bakker37ca75d2011-01-06 12:28:03 +0000361 x509_name issuer; /**< The parsed issuer data (named information object). */
Paul Bakkerd98030e2009-05-02 15:13:40 +0000362
Paul Bakker37ca75d2011-01-06 12:28:03 +0000363 x509_time this_update;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000364 x509_time next_update;
365
Paul Bakker37ca75d2011-01-06 12:28:03 +0000366 x509_crl_entry entry; /**< The CRL entries containing the certificate revocation times for this CA. */
Paul Bakkerd98030e2009-05-02 15:13:40 +0000367
368 x509_buf crl_ext;
369
370 x509_buf sig_oid2;
371 x509_buf sig;
Paul Bakker27d66162010-03-17 06:56:01 +0000372 int sig_alg;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000373
374 struct _x509_crl *next;
375}
376x509_crl;
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000377/** \} name Structures for parsing X.509 certificates and CRLs */
378/** \} addtogroup x509_module */
Paul Bakkerd98030e2009-05-02 15:13:40 +0000379
Paul Bakker37ca75d2011-01-06 12:28:03 +0000380/**
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000381 * \name Structures for writing X.509 certificates.
Paul Bakker37ca75d2011-01-06 12:28:03 +0000382 * XvP: commented out as they are not used.
383 * - <tt>typedef struct _x509_node x509_node;</tt>
384 * - <tt>typedef struct _x509_raw x509_raw;</tt>
Paul Bakker5121ce52009-01-03 21:22:43 +0000385 */
Paul Bakker37ca75d2011-01-06 12:28:03 +0000386/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000387typedef struct _x509_node
388{
389 unsigned char *data;
390 unsigned char *p;
391 unsigned char *end;
392
393 size_t len;
394}
395x509_node;
396
397typedef struct _x509_raw
398{
399 x509_node raw;
400 x509_node tbs;
401
402 x509_node version;
403 x509_node serial;
404 x509_node tbs_signalg;
405 x509_node issuer;
406 x509_node validity;
407 x509_node subject;
408 x509_node subpubkey;
409
410 x509_node signalg;
411 x509_node sign;
412}
413x509_raw;
Paul Bakker37ca75d2011-01-06 12:28:03 +0000414*/
Paul Bakker5121ce52009-01-03 21:22:43 +0000415
416#ifdef __cplusplus
417extern "C" {
418#endif
419
420/**
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000421 * \name Functions to read in DHM parameters, a certificate, CRL or private RSA key
422 * \{
Paul Bakker37ca75d2011-01-06 12:28:03 +0000423 */
424
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000425/** \ingroup x509_module */
Paul Bakker37ca75d2011-01-06 12:28:03 +0000426/**
Paul Bakker5121ce52009-01-03 21:22:43 +0000427 * \brief Parse one or more certificates and add them
Paul Bakker69e095c2011-12-10 21:55:01 +0000428 * to the chained list. Parses permissively. If some
429 * certificates can be parsed, the result is the number
430 * of failed certificates it encountered. If none complete
431 * correctly, the first error is returned.
Paul Bakker5121ce52009-01-03 21:22:43 +0000432 *
433 * \param chain points to the start of the chain
434 * \param buf buffer holding the certificate data
435 * \param buflen size of the buffer
436 *
Paul Bakker69e095c2011-12-10 21:55:01 +0000437 * \return 0 if all certificates parsed successfully, a positive number
438 * if partly successful or a specific X509 or PEM error code
Paul Bakker5121ce52009-01-03 21:22:43 +0000439 */
Paul Bakker69e095c2011-12-10 21:55:01 +0000440int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen );
Paul Bakker5121ce52009-01-03 21:22:43 +0000441
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000442/** \ingroup x509_module */
Paul Bakker5121ce52009-01-03 21:22:43 +0000443/**
444 * \brief Load one or more certificates and add them
Paul Bakker69e095c2011-12-10 21:55:01 +0000445 * to the chained list. Parses permissively. If some
446 * certificates can be parsed, the result is the number
447 * of failed certificates it encountered. If none complete
448 * correctly, the first error is returned.
Paul Bakker5121ce52009-01-03 21:22:43 +0000449 *
450 * \param chain points to the start of the chain
451 * \param path filename to read the certificates from
452 *
Paul Bakker69e095c2011-12-10 21:55:01 +0000453 * \return 0 if all certificates parsed successfully, a positive number
454 * if partly successful or a specific X509 or PEM error code
Paul Bakker5121ce52009-01-03 21:22:43 +0000455 */
Paul Bakker69e095c2011-12-10 21:55:01 +0000456int x509parse_crtfile( x509_cert *chain, const char *path );
Paul Bakker5121ce52009-01-03 21:22:43 +0000457
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000458/** \ingroup x509_module */
Paul Bakker5121ce52009-01-03 21:22:43 +0000459/**
Paul Bakkerd98030e2009-05-02 15:13:40 +0000460 * \brief Parse one or more CRLs and add them
461 * to the chained list
462 *
463 * \param chain points to the start of the chain
464 * \param buf buffer holding the CRL data
465 * \param buflen size of the buffer
466 *
Paul Bakker96743fc2011-02-12 14:30:57 +0000467 * \return 0 if successful, or a specific X509 or PEM error code
Paul Bakkerd98030e2009-05-02 15:13:40 +0000468 */
Paul Bakker23986e52011-04-24 08:57:21 +0000469int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000470
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000471/** \ingroup x509_module */
Paul Bakkerd98030e2009-05-02 15:13:40 +0000472/**
473 * \brief Load one or more CRLs and add them
474 * to the chained list
475 *
476 * \param chain points to the start of the chain
477 * \param path filename to read the CRLs from
478 *
Paul Bakker96743fc2011-02-12 14:30:57 +0000479 * \return 0 if successful, or a specific X509 or PEM error code
Paul Bakkerd98030e2009-05-02 15:13:40 +0000480 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000481int x509parse_crlfile( x509_crl *chain, const char *path );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000482
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000483/** \ingroup x509_module */
Paul Bakkerd98030e2009-05-02 15:13:40 +0000484/**
Paul Bakker5121ce52009-01-03 21:22:43 +0000485 * \brief Parse a private RSA key
486 *
487 * \param rsa RSA context to be initialized
Paul Bakkerff60ee62010-03-16 21:09:09 +0000488 * \param key input buffer
489 * \param keylen size of the buffer
Paul Bakker5121ce52009-01-03 21:22:43 +0000490 * \param pwd password for decryption (optional)
491 * \param pwdlen size of the password
492 *
Paul Bakker96743fc2011-02-12 14:30:57 +0000493 * \return 0 if successful, or a specific X509 or PEM error code
Paul Bakker5121ce52009-01-03 21:22:43 +0000494 */
495int x509parse_key( rsa_context *rsa,
Paul Bakker23986e52011-04-24 08:57:21 +0000496 const unsigned char *key, size_t keylen,
497 const unsigned char *pwd, size_t pwdlen );
Paul Bakker5121ce52009-01-03 21:22:43 +0000498
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000499/** \ingroup x509_module */
Paul Bakker5121ce52009-01-03 21:22:43 +0000500/**
501 * \brief Load and parse a private RSA key
502 *
503 * \param rsa RSA context to be initialized
504 * \param path filename to read the private key from
Paul Bakker37ca75d2011-01-06 12:28:03 +0000505 * \param password password to decrypt the file (can be NULL)
Paul Bakker5121ce52009-01-03 21:22:43 +0000506 *
Paul Bakker96743fc2011-02-12 14:30:57 +0000507 * \return 0 if successful, or a specific X509 or PEM error code
Paul Bakker5121ce52009-01-03 21:22:43 +0000508 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000509int x509parse_keyfile( rsa_context *rsa, const char *path,
510 const char *password );
Paul Bakker1b57b062011-01-06 15:48:19 +0000511
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000512/** \ingroup x509_module */
Paul Bakker1b57b062011-01-06 15:48:19 +0000513/**
Paul Bakker917e7542011-03-25 14:23:36 +0000514 * \brief Parse a public RSA key
515 *
516 * \param rsa RSA context to be initialized
517 * \param key input buffer
518 * \param keylen size of the buffer
519 *
520 * \return 0 if successful, or a specific X509 or PEM error code
521 */
522int x509parse_public_key( rsa_context *rsa,
Paul Bakker23986e52011-04-24 08:57:21 +0000523 const unsigned char *key, size_t keylen );
Paul Bakker917e7542011-03-25 14:23:36 +0000524
525/** \ingroup x509_module */
526/**
527 * \brief Load and parse a public RSA key
528 *
529 * \param rsa RSA context to be initialized
530 * \param path filename to read the private key from
531 *
532 * \return 0 if successful, or a specific X509 or PEM error code
533 */
534int x509parse_public_keyfile( rsa_context *rsa, const char *path );
535
536/** \ingroup x509_module */
537/**
Paul Bakker1b57b062011-01-06 15:48:19 +0000538 * \brief Parse DHM parameters
539 *
540 * \param dhm DHM context to be initialized
541 * \param dhmin input buffer
542 * \param dhminlen size of the buffer
543 *
Paul Bakker96743fc2011-02-12 14:30:57 +0000544 * \return 0 if successful, or a specific X509 or PEM error code
Paul Bakker1b57b062011-01-06 15:48:19 +0000545 */
Paul Bakker23986e52011-04-24 08:57:21 +0000546int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen );
Paul Bakker1b57b062011-01-06 15:48:19 +0000547
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000548/** \ingroup x509_module */
Paul Bakker1b57b062011-01-06 15:48:19 +0000549/**
550 * \brief Load and parse DHM parameters
551 *
552 * \param dhm DHM context to be initialized
553 * \param path filename to read the DHM Parameters from
554 *
Paul Bakker96743fc2011-02-12 14:30:57 +0000555 * \return 0 if successful, or a specific X509 or PEM error code
Paul Bakker1b57b062011-01-06 15:48:19 +0000556 */
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000557int x509parse_dhmfile( dhm_context *dhm, const char *path );
Paul Bakker1b57b062011-01-06 15:48:19 +0000558
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000559/** \} name Functions to read in DHM parameters, a certificate, CRL or private RSA key */
Paul Bakker37ca75d2011-01-06 12:28:03 +0000560
Paul Bakker5121ce52009-01-03 21:22:43 +0000561/**
562 * \brief Store the certificate DN in printable form into buf;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000563 * no more than size characters will be written.
Paul Bakker13e2dfe2009-07-28 07:18:38 +0000564 *
565 * \param buf Buffer to write to
566 * \param size Maximum size of buffer
567 * \param dn The X509 name to represent
568 *
569 * \return The amount of data written to the buffer, or -1 in
570 * case of an error.
Paul Bakker5121ce52009-01-03 21:22:43 +0000571 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000572int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn );
Paul Bakker5121ce52009-01-03 21:22:43 +0000573
574/**
Paul Bakkerdd476992011-01-16 21:34:59 +0000575 * \brief Store the certificate serial in printable form into buf;
576 * no more than size characters will be written.
577 *
578 * \param buf Buffer to write to
579 * \param size Maximum size of buffer
580 * \param serial The X509 serial to represent
581 *
582 * \return The amount of data written to the buffer, or -1 in
583 * case of an error.
584 */
585int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial );
586
587/**
Paul Bakker5121ce52009-01-03 21:22:43 +0000588 * \brief Returns an informational string about the
589 * certificate.
Paul Bakker13e2dfe2009-07-28 07:18:38 +0000590 *
591 * \param buf Buffer to write to
592 * \param size Maximum size of buffer
593 * \param prefix A line prefix
594 * \param crt The X509 certificate to represent
595 *
596 * \return The amount of data written to the buffer, or -1 in
597 * case of an error.
Paul Bakker5121ce52009-01-03 21:22:43 +0000598 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000599int x509parse_cert_info( char *buf, size_t size, const char *prefix,
600 const x509_cert *crt );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000601
602/**
603 * \brief Returns an informational string about the
604 * CRL.
Paul Bakker13e2dfe2009-07-28 07:18:38 +0000605 *
606 * \param buf Buffer to write to
607 * \param size Maximum size of buffer
608 * \param prefix A line prefix
Paul Bakker37ca75d2011-01-06 12:28:03 +0000609 * \param crl The X509 CRL to represent
Paul Bakker13e2dfe2009-07-28 07:18:38 +0000610 *
611 * \return The amount of data written to the buffer, or -1 in
612 * case of an error.
Paul Bakkerd98030e2009-05-02 15:13:40 +0000613 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000614int x509parse_crl_info( char *buf, size_t size, const char *prefix,
615 const x509_crl *crl );
Paul Bakker5121ce52009-01-03 21:22:43 +0000616
617/**
Paul Bakker74111d32011-01-15 16:57:55 +0000618 * \brief Give an known OID, return its descriptive string.
619 *
620 * \param oid buffer containing the oid
621 *
622 * \return Return a string if the OID is known,
623 * or NULL otherwise.
624 */
625const char *x509_oid_get_description( x509_buf *oid );
626
627/*
628 * \brief Give an OID, return a string version of its OID number.
629 *
630 * \param buf Buffer to write to
631 * \param size Maximum size of buffer
632 * \param oid Buffer containing the OID
633 *
634 * \return The amount of data written to the buffer, or -1 in
635 * case of an error.
636 */
637int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid );
638
639/**
Paul Bakker13e2dfe2009-07-28 07:18:38 +0000640 * \brief Check a given x509_time against the system time and check
641 * if it is valid.
642 *
643 * \param time x509_time to check
644 *
645 * \return Return 0 if the x509_time is still valid,
Paul Bakker40ea7de2009-05-03 10:18:48 +0000646 * or 1 otherwise.
Paul Bakker5121ce52009-01-03 21:22:43 +0000647 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000648int x509parse_time_expired( const x509_time *time );
Paul Bakker5121ce52009-01-03 21:22:43 +0000649
650/**
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000651 * \name Functions to verify a certificate
652 * \{
Paul Bakker37ca75d2011-01-06 12:28:03 +0000653 */
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000654/** \ingroup x509_module */
Paul Bakker37ca75d2011-01-06 12:28:03 +0000655/**
Paul Bakker5121ce52009-01-03 21:22:43 +0000656 * \brief Verify the certificate signature
657 *
658 * \param crt a certificate to be verified
659 * \param trust_ca the trusted CA chain
Paul Bakker40ea7de2009-05-03 10:18:48 +0000660 * \param ca_crl the CRL chain for trusted CA's
Paul Bakker5121ce52009-01-03 21:22:43 +0000661 * \param cn expected Common Name (can be set to
662 * NULL if the CN must not be verified)
663 * \param flags result of the verification
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000664 * \param f_vrfy verification function
665 * \param p_vrfy verification parameter
Paul Bakker5121ce52009-01-03 21:22:43 +0000666 *
Paul Bakker40e46942009-01-03 21:51:57 +0000667 * \return 0 if successful or POLARSSL_ERR_X509_SIG_VERIFY_FAILED,
Paul Bakker5121ce52009-01-03 21:22:43 +0000668 * in which case *flags will have one or more of
669 * the following values set:
670 * BADCERT_EXPIRED --
671 * BADCERT_REVOKED --
672 * BADCERT_CN_MISMATCH --
673 * BADCERT_NOT_TRUSTED
674 *
675 * \note TODO: add two arguments, depth and crl
676 */
677int x509parse_verify( x509_cert *crt,
678 x509_cert *trust_ca,
Paul Bakker40ea7de2009-05-03 10:18:48 +0000679 x509_crl *ca_crl,
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000680 const char *cn, int *flags,
681 int (*f_vrfy)(void *, x509_cert *, int, int),
682 void *p_vrfy );
Paul Bakker5121ce52009-01-03 21:22:43 +0000683
Paul Bakker74111d32011-01-15 16:57:55 +0000684/**
685 * \brief Verify the certificate signature
686 *
687 * \param crt a certificate to be verified
688 * \param crl the CRL to verify against
689 *
690 * \return 1 if the certificate is revoked, 0 otherwise
691 *
692 */
693int x509parse_revoked( const x509_cert *crt, const x509_crl *crl );
694
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000695/** \} name Functions to verify a certificate */
Paul Bakker37ca75d2011-01-06 12:28:03 +0000696
697
698
699/**
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000700 * \name Functions to clear a certificate, CRL or private RSA key
701 * \{
Paul Bakker37ca75d2011-01-06 12:28:03 +0000702 */
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000703/** \ingroup x509_module */
Paul Bakker5121ce52009-01-03 21:22:43 +0000704/**
705 * \brief Unallocate all certificate data
Paul Bakker13e2dfe2009-07-28 07:18:38 +0000706 *
707 * \param crt Certificate chain to free
Paul Bakker5121ce52009-01-03 21:22:43 +0000708 */
709void x509_free( x509_cert *crt );
710
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000711/** \ingroup x509_module */
Paul Bakker5121ce52009-01-03 21:22:43 +0000712/**
Paul Bakkerd98030e2009-05-02 15:13:40 +0000713 * \brief Unallocate all CRL data
Paul Bakker13e2dfe2009-07-28 07:18:38 +0000714 *
Paul Bakker37ca75d2011-01-06 12:28:03 +0000715 * \param crl CRL chain to free
Paul Bakkerd98030e2009-05-02 15:13:40 +0000716 */
717void x509_crl_free( x509_crl *crl );
718
Paul Bakker0f5f72e2011-01-18 14:58:55 +0000719/** \} name Functions to clear a certificate, CRL or private RSA key */
Paul Bakker37ca75d2011-01-06 12:28:03 +0000720
721
Paul Bakkerd98030e2009-05-02 15:13:40 +0000722/**
Paul Bakker5121ce52009-01-03 21:22:43 +0000723 * \brief Checkup routine
724 *
725 * \return 0 if successful, or 1 if the test failed
726 */
727int x509_self_test( int verbose );
728
729#ifdef __cplusplus
730}
731#endif
732
733#endif /* x509.h */