Commit | Line | Data |
---|---|---|
b4d0d230 | 1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ |
c26fd69f DH |
2 | /* X.509 certificate parser internal definitions |
3 | * | |
4 | * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. | |
5 | * Written by David Howells (dhowells@redhat.com) | |
c26fd69f DH |
6 | */ |
7 | ||
5c6ca9d9 | 8 | #include <linux/cleanup.h> |
57be4a78 | 9 | #include <linux/time.h> |
c26fd69f | 10 | #include <crypto/public_key.h> |
146aa8b1 | 11 | #include <keys/asymmetric-type.h> |
c26fd69f DH |
12 | |
13 | struct x509_certificate { | |
14 | struct x509_certificate *next; | |
84aabd46 | 15 | struct x509_certificate *signer; /* Certificate that signed this one */ |
c26fd69f | 16 | struct public_key *pub; /* Public key details */ |
77d0910d | 17 | struct public_key_signature *sig; /* Signature parameters */ |
c26fd69f DH |
18 | char *issuer; /* Name of certificate issuer */ |
19 | char *subject; /* Name of certificate subject */ | |
b92e6570 | 20 | struct asymmetric_key_id *id; /* Issuer + Serial number */ |
8dd60980 | 21 | struct asymmetric_key_id *skid; /* Subject + subjectKeyId (optional) */ |
fd19a3d1 DH |
22 | time64_t valid_from; |
23 | time64_t valid_to; | |
c26fd69f | 24 | const void *tbs; /* Signed data */ |
b426beb6 | 25 | unsigned tbs_size; /* Size of signed data */ |
4920a4a7 | 26 | unsigned raw_sig_size; /* Size of signature */ |
b426beb6 | 27 | const void *raw_sig; /* Signature data */ |
84aabd46 DH |
28 | const void *raw_serial; /* Raw serial number in ASN.1 */ |
29 | unsigned raw_serial_size; | |
30 | unsigned raw_issuer_size; | |
31 | const void *raw_issuer; /* Raw issuer name in ASN.1 */ | |
32 | const void *raw_subject; /* Raw subject name in ASN.1 */ | |
33 | unsigned raw_subject_size; | |
dd2f6c44 DH |
34 | unsigned raw_skid_size; |
35 | const void *raw_skid; /* Raw subjectKeyId in ASN.1 */ | |
84aabd46 DH |
36 | unsigned index; |
37 | bool seen; /* Infinite recursion prevention */ | |
38 | bool verified; | |
6c2dc5ae | 39 | bool self_signed; /* T if self-signed (check unsupported_sig too) */ |
6c2dc5ae | 40 | bool unsupported_sig; /* T if signature uses unsupported crypto */ |
43652956 | 41 | bool blacklisted; |
c26fd69f DH |
42 | }; |
43 | ||
44 | /* | |
45 | * x509_cert_parser.c | |
46 | */ | |
47 | extern void x509_free_certificate(struct x509_certificate *cert); | |
5c6ca9d9 LW |
48 | DEFINE_FREE(x509_free_certificate, struct x509_certificate *, |
49 | if (!IS_ERR(_T)) x509_free_certificate(_T)) | |
c26fd69f | 50 | extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen); |
fd19a3d1 DH |
51 | extern int x509_decode_time(time64_t *_t, size_t hdrlen, |
52 | unsigned char tag, | |
53 | const unsigned char *value, size_t vlen); | |
b426beb6 DH |
54 | |
55 | /* | |
56 | * x509_public_key.c | |
57 | */ | |
58 | extern int x509_get_sig_params(struct x509_certificate *cert); | |
6c2dc5ae | 59 | extern int x509_check_for_self_signed(struct x509_certificate *cert); |