1 /* SPDX-License-Identifier: GPL-2.0-or-later * 1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2 /* X.509 certificate parser internal definitio 2 /* X.509 certificate parser internal definitions
3 * 3 *
4 * Copyright (C) 2012 Red Hat, Inc. All Rights 4 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
5 * Written by David Howells (dhowells@redhat.c 5 * Written by David Howells (dhowells@redhat.com)
6 */ 6 */
7 7
8 #include <linux/cleanup.h> <<
9 #include <linux/time.h> 8 #include <linux/time.h>
10 #include <crypto/public_key.h> 9 #include <crypto/public_key.h>
11 #include <keys/asymmetric-type.h> 10 #include <keys/asymmetric-type.h>
12 11
13 struct x509_certificate { 12 struct x509_certificate {
14 struct x509_certificate *next; 13 struct x509_certificate *next;
15 struct x509_certificate *signer; 14 struct x509_certificate *signer; /* Certificate that signed this one */
16 struct public_key *pub; 15 struct public_key *pub; /* Public key details */
17 struct public_key_signature *sig; 16 struct public_key_signature *sig; /* Signature parameters */
18 char *issuer; 17 char *issuer; /* Name of certificate issuer */
19 char *subject; 18 char *subject; /* Name of certificate subject */
20 struct asymmetric_key_id *id; 19 struct asymmetric_key_id *id; /* Issuer + Serial number */
21 struct asymmetric_key_id *skid; 20 struct asymmetric_key_id *skid; /* Subject + subjectKeyId (optional) */
22 time64_t valid_from; 21 time64_t valid_from;
23 time64_t valid_to; 22 time64_t valid_to;
24 const void *tbs; 23 const void *tbs; /* Signed data */
25 unsigned tbs_size; 24 unsigned tbs_size; /* Size of signed data */
26 unsigned raw_sig_size; 25 unsigned raw_sig_size; /* Size of signature */
27 const void *raw_sig; 26 const void *raw_sig; /* Signature data */
28 const void *raw_serial; 27 const void *raw_serial; /* Raw serial number in ASN.1 */
29 unsigned raw_serial_size; 28 unsigned raw_serial_size;
30 unsigned raw_issuer_size; 29 unsigned raw_issuer_size;
31 const void *raw_issuer; 30 const void *raw_issuer; /* Raw issuer name in ASN.1 */
32 const void *raw_subject; 31 const void *raw_subject; /* Raw subject name in ASN.1 */
33 unsigned raw_subject_size; 32 unsigned raw_subject_size;
34 unsigned raw_skid_size; 33 unsigned raw_skid_size;
35 const void *raw_skid; 34 const void *raw_skid; /* Raw subjectKeyId in ASN.1 */
36 unsigned index; 35 unsigned index;
37 bool seen; 36 bool seen; /* Infinite recursion prevention */
38 bool verified; 37 bool verified;
39 bool self_signed; 38 bool self_signed; /* T if self-signed (check unsupported_sig too) */
40 bool unsupported_sig; 39 bool unsupported_sig; /* T if signature uses unsupported crypto */
41 bool blacklisted; 40 bool blacklisted;
42 }; 41 };
43 42
44 /* 43 /*
45 * x509_cert_parser.c 44 * x509_cert_parser.c
46 */ 45 */
47 extern void x509_free_certificate(struct x509_ 46 extern void x509_free_certificate(struct x509_certificate *cert);
48 DEFINE_FREE(x509_free_certificate, struct x509 <<
49 if (!IS_ERR(_T)) x509_free_certifi <<
50 extern struct x509_certificate *x509_cert_pars 47 extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen);
51 extern int x509_decode_time(time64_t *_t, siz 48 extern int x509_decode_time(time64_t *_t, size_t hdrlen,
52 unsigned char tag, 49 unsigned char tag,
53 const unsigned cha 50 const unsigned char *value, size_t vlen);
54 51
55 /* 52 /*
56 * x509_public_key.c 53 * x509_public_key.c
57 */ 54 */
58 extern int x509_get_sig_params(struct x509_cer 55 extern int x509_get_sig_params(struct x509_certificate *cert);
59 extern int x509_check_for_self_signed(struct x 56 extern int x509_check_for_self_signed(struct x509_certificate *cert);
60 57
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.