x509_cert_validate.h
Go to the documentation of this file.
1 /**
2  * @file x509_cert_validate.h
3  * @brief X.509 certificate validation
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.4.4
29  **/
30 
31 #ifndef _X509_CERT_VALIDATE_H
32 #define _X509_CERT_VALIDATE_H
33 
34 //Dependencies
35 #include "core/crypto.h"
36 #include "pkix/x509_common.h"
37 
38 //C++ guard
39 #ifdef __cplusplus
40 extern "C" {
41 #endif
42 
43 //X.509 related functions
44 error_t x509ValidateCertificate(const X509CertInfo *certInfo,
45  const X509CertInfo *issuerCertInfo, uint_t pathLen);
46 
47 error_t x509CheckSubjectName(const X509CertInfo *certInfo,
48  const char_t *fqdn);
49 
50 error_t x509CheckNameConstraints(const char_t *subjectName,
51  const X509CertInfo *certInfo);
52 
53 bool_t x509CompareName(const uint8_t *name1, size_t nameLen1,
54  const uint8_t *name2, size_t nameLen2);
55 
56 bool_t x509CompareSubjectName(const char_t *subjectName, size_t subjectNameLen,
57  const char_t *fqdn);
58 
59 bool_t x509CompareSubtree(const char_t *subjectName, const char_t *subtree,
60  size_t subtreeLen);
61 
62 bool_t x509CompareIpAddr(const uint8_t *ipAddr, size_t ipAddrLen,
63  const char_t *str);
64 
65 error_t x509ParseIpv4Addr(const char_t *str, uint8_t *ipAddr);
66 error_t x509ParseIpv6Addr(const char_t *str, uint8_t *ipAddr);
67 
68 //C++ guard
69 #ifdef __cplusplus
70 }
71 #endif
72 
73 #endif
x509_common.h
X.509 common definitions.
bool_t
int bool_t
Definition: compiler_port.h:53
x509CompareName
bool_t x509CompareName(const uint8_t *name1, size_t nameLen1, const uint8_t *name2, size_t nameLen2)
Compare distinguished names.
Definition: x509_cert_validate.c:430
x509CompareSubtree
bool_t x509CompareSubtree(const char_t *subjectName, const char_t *subtree, size_t subtreeLen)
Compare a subject name against the specified subtree.
Definition: x509_cert_validate.c:527
x509ParseIpv6Addr
error_t x509ParseIpv6Addr(const char_t *str, uint8_t *ipAddr)
Convert a string representation of an IPv6 address to a binary IPv6 address.
Definition: x509_cert_validate.c:728
X509CertInfo
X.509 certificate.
Definition: x509_common.h:1071
error_t
error_t
Error codes.
Definition: error.h:43
x509CompareIpAddr
bool_t x509CompareIpAddr(const uint8_t *ipAddr, size_t ipAddrLen, const char_t *str)
Check whether the IP address matches the specified string.
Definition: x509_cert_validate.c:583
crypto.h
General definitions for cryptographic algorithms.
x509CheckNameConstraints
error_t x509CheckNameConstraints(const char_t *subjectName, const X509CertInfo *certInfo)
Check name constraints.
Definition: x509_cert_validate.c:258
x509ValidateCertificate
error_t x509ValidateCertificate(const X509CertInfo *certInfo, const X509CertInfo *issuerCertInfo, uint_t pathLen)
X.509 certificate validation.
Definition: x509_cert_validate.c:54
char_t
char char_t
Definition: compiler_port.h:48
x509CheckSubjectName
error_t x509CheckSubjectName(const X509CertInfo *certInfo, const char_t *fqdn)
Check whether the certificate matches the specified FQDN.
Definition: x509_cert_validate.c:149
ipAddr
Ipv4Addr ipAddr
Definition: ipcp.h:105
x509CompareSubjectName
bool_t x509CompareSubjectName(const char_t *subjectName, size_t subjectNameLen, const char_t *fqdn)
Check whether the subject name matches the specified FQDN.
Definition: x509_cert_validate.c:454
uint_t
unsigned int uint_t
Definition: compiler_port.h:50
x509ParseIpv4Addr
error_t x509ParseIpv4Addr(const char_t *str, uint8_t *ipAddr)
Convert a dot-decimal string to a binary IPv4 address.
Definition: x509_cert_validate.c:641