tls_certificate.h
Go to the documentation of this file.
1 /**
2  * @file tls_certificate.h
3  * @brief Certificate handling
4  *
5  * @section License
6  *
7  * Copyright (C) 2010-2018 Oryx Embedded SARL. All rights reserved.
8  *
9  * This file is part of CycloneSSL Open.
10  *
11  * This program is free software; you can redistribute it and/or
12  * modify it under the terms of the GNU General Public License
13  * as published by the Free Software Foundation; either version 2
14  * of the License, or (at your option) any later version.
15  *
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19  * GNU General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License
22  * along with this program; if not, write to the Free Software Foundation,
23  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
24  *
25  * @author Oryx Embedded SARL (www.oryx-embedded.com)
26  * @version 1.9.0
27  **/
28 
29 #ifndef _TLS_CERTIFICATE_H
30 #define _TLS_CERTIFICATE_H
31 
32 //Dependencies
33 #include "tls.h"
35 
36 //C++ guard
37 #ifdef __cplusplus
38  extern "C" {
39 #endif
40 
41 //TLS related functions
42 error_t tlsFormatCertificateList(TlsContext *context, uint8_t *p,
43  size_t *written);
44 
45 error_t tlsFormatRawPublicKey(TlsContext *context, uint8_t *p,
46  size_t *written);
47 
48 error_t tlsParseCertificateList(TlsContext *context, const uint8_t *p,
49  size_t length);
50 
51 error_t tlsParseRawPublicKey(TlsContext *context, const uint8_t *p,
52  size_t length);
53 
55  const uint8_t *certTypes, size_t numCertTypes, const TlsSignHashAlgos *signHashAlgos,
56  const TlsSignHashAlgos *certSignHashAlgos, const TlsSupportedGroupList *curveList,
57  const TlsCertAuthorities *certAuthorities);
58 
60  const char_t *trustedCaList, size_t trustedCaListLen,
61  uint_t pathLength, const char_t *subjectName);
62 
64  TlsCertificateType *certType, TlsSignatureAlgo *certSignAlgo,
65  TlsHashAlgo *certHashAlgo, TlsNamedGroup *namedCurve);
66 
68  const X509SubjectPublicKeyInfo *subjectPublicKeyInfo);
69 
71  TlsConnectionEnd entity, TlsKeyExchMethod keyExchMethod);
72 
73 //C++ guard
74 #ifdef __cplusplus
75  }
76 #endif
77 
78 #endif
TLS (Transport Layer Security)
TlsKeyExchMethod
Key exchange methods.
Definition: tls.h:1019
error_t tlsParseCertificateList(TlsContext *context, const uint8_t *p, size_t length)
Parse certificate chain.
char char_t
Definition: compiler_port.h:41
TlsHashAlgo
Hash algorithms.
Definition: tls.h:1087
uint8_t p
Definition: ndp.h:295
TlsSignatureAlgo
Signature algorithms.
Definition: tls.h:1104
error_t tlsCheckKeyUsage(const X509CertificateInfo *certInfo, TlsConnectionEnd entity, TlsKeyExchMethod keyExchMethod)
Check certificate key usage.
error_t tlsGetCertificateType(const X509CertificateInfo *certInfo, TlsCertificateType *certType, TlsSignatureAlgo *certSignAlgo, TlsHashAlgo *certHashAlgo, TlsNamedGroup *namedCurve)
Retrieve the certificate type.
bool_t tlsIsCertificateAcceptable(TlsContext *context, const TlsCertDesc *cert, const uint8_t *certTypes, size_t numCertTypes, const TlsSignHashAlgos *signHashAlgos, const TlsSignHashAlgos *certSignHashAlgos, const TlsSupportedGroupList *curveList, const TlsCertAuthorities *certAuthorities)
Check whether a certificate is acceptable.
__start_packed struct @65 TlsSignHashAlgos
List of signature algorithms.
error_t tlsParseRawPublicKey(TlsContext *context, const uint8_t *p, size_t length)
Parse raw public key.
__start_packed struct @75 TlsSupportedGroupList
List of supported groups.
TlsNamedGroup
Named groups.
Definition: tls.h:1195
error_t tlsFormatRawPublicKey(TlsContext *context, uint8_t *p, size_t *written)
Format raw public key.
X.509 common definitions.
TlsCertificateType
Certificate types.
Definition: tls.h:1064
Subject public key info.
Definition: x509_common.h:599
error_t
Error codes.
Definition: error.h:40
unsigned int uint_t
Definition: compiler_port.h:43
__start_packed struct @67 TlsCertAuthorities
List of certificate authorities.
error_t tlsReadSubjectPublicKey(TlsContext *context, const X509SubjectPublicKeyInfo *subjectPublicKeyInfo)
Extract the subject public key from the received certificate.
X.509 certificate.
Definition: x509_common.h:748
Certificate descriptor.
Definition: tls.h:1861
bool_t tlsIsCertificateValid(const X509CertificateInfo *certInfo, const char_t *trustedCaList, size_t trustedCaListLen, uint_t pathLength, const char_t *subjectName)
Verify certificate against root CAs.
TlsConnectionEnd
TLS connection end.
Definition: tls.h:855
error_t tlsFormatCertificateList(TlsContext *context, uint8_t *p, size_t *written)
Format certificate chain.
uint8_t length
Definition: dtls_misc.h:140
#define TlsContext
Definition: tls.h:34
int bool_t
Definition: compiler_port.h:47