blob: c233f136fb354db9987bf72fcba9b6560b6b30bf [file] [log] [blame]
AKASHI Takahirob4adf622019-11-13 09:45:00 +09001/* SPDX-License-Identifier: GPL-2.0-or-later */
2/* X.509 certificate parser internal definitions
3 *
4 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
5 * Written by David Howells (dhowells@redhat.com)
6 */
7
8#include <linux/time.h>
9#include <crypto/public_key.h>
10#include <keys/asymmetric-type.h>
11
12struct x509_certificate {
13 struct x509_certificate *next;
14 struct x509_certificate *signer; /* Certificate that signed this one */
15 struct public_key *pub; /* Public key details */
16 struct public_key_signature *sig; /* Signature parameters */
17 char *issuer; /* Name of certificate issuer */
18 char *subject; /* Name of certificate subject */
19 struct asymmetric_key_id *id; /* Issuer + Serial number */
20 struct asymmetric_key_id *skid; /* Subject + subjectKeyId (optional) */
21 time64_t valid_from;
22 time64_t valid_to;
23 const void *tbs; /* Signed data */
24 unsigned tbs_size; /* Size of signed data */
25 unsigned raw_sig_size; /* Size of sigature */
26 const void *raw_sig; /* Signature data */
27 const void *raw_serial; /* Raw serial number in ASN.1 */
28 unsigned raw_serial_size;
29 unsigned raw_issuer_size;
30 const void *raw_issuer; /* Raw issuer name in ASN.1 */
31 const void *raw_subject; /* Raw subject name in ASN.1 */
32 unsigned raw_subject_size;
33 unsigned raw_skid_size;
34 const void *raw_skid; /* Raw subjectKeyId in ASN.1 */
35 unsigned index;
36 bool seen; /* Infinite recursion prevention */
37 bool verified;
38 bool self_signed; /* T if self-signed (check unsupported_sig too) */
39 bool unsupported_key; /* T if key uses unsupported crypto */
40 bool unsupported_sig; /* T if signature uses unsupported crypto */
41 bool blacklisted;
42};
43
44/*
45 * x509_cert_parser.c
46 */
47extern void x509_free_certificate(struct x509_certificate *cert);
48extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen);
49extern int x509_decode_time(time64_t *_t, size_t hdrlen,
50 unsigned char tag,
51 const unsigned char *value, size_t vlen);
52
53/*
54 * x509_public_key.c
55 */
56extern int x509_get_sig_params(struct x509_certificate *cert);
57extern int x509_check_for_self_signed(struct x509_certificate *cert);