1b4d0d230SThomas Gleixner /* SPDX-License-Identifier: GPL-2.0-or-later */ 2c26fd69fSDavid Howells /* X.509 certificate parser internal definitions 3c26fd69fSDavid Howells * 4c26fd69fSDavid Howells * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 5c26fd69fSDavid Howells * Written by David Howells (dhowells@redhat.com) 6c26fd69fSDavid Howells */ 7c26fd69fSDavid Howells 857be4a78SDavid Howells #include <linux/time.h> 9c26fd69fSDavid Howells #include <crypto/public_key.h> 10146aa8b1SDavid Howells #include <keys/asymmetric-type.h> 11c26fd69fSDavid Howells 12c26fd69fSDavid Howells struct x509_certificate { 13c26fd69fSDavid Howells struct x509_certificate *next; 1484aabd46SDavid Howells struct x509_certificate *signer; /* Certificate that signed this one */ 15c26fd69fSDavid Howells struct public_key *pub; /* Public key details */ 1677d0910dSDavid Howells struct public_key_signature *sig; /* Signature parameters */ 17c26fd69fSDavid Howells char *issuer; /* Name of certificate issuer */ 18c26fd69fSDavid Howells char *subject; /* Name of certificate subject */ 19b92e6570SDavid Howells struct asymmetric_key_id *id; /* Issuer + Serial number */ 208dd60980SDmitry Kasatkin struct asymmetric_key_id *skid; /* Subject + subjectKeyId (optional) */ 21fd19a3d1SDavid Howells time64_t valid_from; 22fd19a3d1SDavid Howells time64_t valid_to; 23c26fd69fSDavid Howells const void *tbs; /* Signed data */ 24b426beb6SDavid Howells unsigned tbs_size; /* Size of signed data */ 25*4920a4a7STom Rix unsigned raw_sig_size; /* Size of signature */ 26b426beb6SDavid Howells const void *raw_sig; /* Signature data */ 2784aabd46SDavid Howells const void *raw_serial; /* Raw serial number in ASN.1 */ 2884aabd46SDavid Howells unsigned raw_serial_size; 2984aabd46SDavid Howells unsigned raw_issuer_size; 3084aabd46SDavid Howells const void *raw_issuer; /* Raw issuer name in ASN.1 */ 3184aabd46SDavid Howells const void *raw_subject; /* Raw subject name in ASN.1 */ 3284aabd46SDavid Howells unsigned raw_subject_size; 33dd2f6c44SDavid Howells unsigned raw_skid_size; 34dd2f6c44SDavid Howells const void *raw_skid; /* Raw subjectKeyId in ASN.1 */ 3584aabd46SDavid Howells unsigned index; 3684aabd46SDavid Howells bool seen; /* Infinite recursion prevention */ 3784aabd46SDavid Howells bool verified; 386c2dc5aeSDavid Howells bool self_signed; /* T if self-signed (check unsupported_sig too) */ 396c2dc5aeSDavid Howells bool unsupported_sig; /* T if signature uses unsupported crypto */ 4043652956SDavid Howells bool blacklisted; 41c26fd69fSDavid Howells }; 42c26fd69fSDavid Howells 43c26fd69fSDavid Howells /* 44c26fd69fSDavid Howells * x509_cert_parser.c 45c26fd69fSDavid Howells */ 46c26fd69fSDavid Howells extern void x509_free_certificate(struct x509_certificate *cert); 47c26fd69fSDavid Howells extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen); 48fd19a3d1SDavid Howells extern int x509_decode_time(time64_t *_t, size_t hdrlen, 49fd19a3d1SDavid Howells unsigned char tag, 50fd19a3d1SDavid Howells const unsigned char *value, size_t vlen); 51b426beb6SDavid Howells 52b426beb6SDavid Howells /* 53b426beb6SDavid Howells * x509_public_key.c 54b426beb6SDavid Howells */ 55b426beb6SDavid Howells extern int x509_get_sig_params(struct x509_certificate *cert); 566c2dc5aeSDavid Howells extern int x509_check_for_self_signed(struct x509_certificate *cert); 57