📄 x509v3.h
字号:
/* * X.509v3 certificate parsing and processing * Copyright (c) 2006, Jouni Malinen <j@w1.fi> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as * published by the Free Software Foundation. * * Alternatively, this software may be distributed under the terms of BSD * license. * * See README and COPYING for more details. */#ifndef X509V3_H#define X509V3_H#include "asn1.h"struct x509_algorithm_identifier { struct asn1_oid oid;};struct x509_name { char *cn; /* commonName */ char *c; /* countryName */ char *l; /* localityName */ char *st; /* stateOrProvinceName */ char *o; /* organizationName */ char *ou; /* organizationalUnitName */ char *email; /* emailAddress */};struct x509_certificate { struct x509_certificate *next; enum { X509_CERT_V1 = 0, X509_CERT_V2 = 1, X509_CERT_V3 = 2 } version; unsigned long serial_number; struct x509_algorithm_identifier signature; struct x509_name issuer; struct x509_name subject; os_time_t not_before; os_time_t not_after; struct x509_algorithm_identifier public_key_alg; u8 *public_key; size_t public_key_len; struct x509_algorithm_identifier signature_alg; u8 *sign_value; size_t sign_value_len; /* Extensions */ unsigned int extensions_present;#define X509_EXT_BASIC_CONSTRAINTS (1 << 0)#define X509_EXT_PATH_LEN_CONSTRAINT (1 << 1)#define X509_EXT_KEY_USAGE (1 << 2) /* BasicConstraints */ int ca; /* cA */ unsigned long path_len_constraint; /* pathLenConstraint */ /* KeyUsage */ unsigned long key_usage;#define X509_KEY_USAGE_DIGITAL_SIGNATURE (1 << 0)#define X509_KEY_USAGE_NON_REPUDIATION (1 << 1)#define X509_KEY_USAGE_KEY_ENCIPHERMENT (1 << 2)#define X509_KEY_USAGE_DATA_ENCIPHERMENT (1 << 3)#define X509_KEY_USAGE_KEY_AGREEMENT (1 << 4)#define X509_KEY_USAGE_KEY_CERT_SIGN (1 << 5)#define X509_KEY_USAGE_CRL_SIGN (1 << 6)#define X509_KEY_USAGE_ENCIPHER_ONLY (1 << 7)#define X509_KEY_USAGE_DECIPHER_ONLY (1 << 8) /* * The DER format certificate follows struct x509_certificate. These * pointers point to that buffer. */ const u8 *cert_start; size_t cert_len; const u8 *tbs_cert_start; size_t tbs_cert_len;};enum { X509_VALIDATE_OK, X509_VALIDATE_BAD_CERTIFICATE, X509_VALIDATE_UNSUPPORTED_CERTIFICATE, X509_VALIDATE_CERTIFICATE_REVOKED, X509_VALIDATE_CERTIFICATE_EXPIRED, X509_VALIDATE_CERTIFICATE_UNKNOWN, X509_VALIDATE_UNKNOWN_CA};#ifdef CONFIG_INTERNAL_X509void x509_certificate_free(struct x509_certificate *cert);struct x509_certificate * x509_certificate_parse(const u8 *buf, size_t len);void x509_name_string(struct x509_name *name, char *buf, size_t len);int x509_name_compare(struct x509_name *a, struct x509_name *b);void x509_certificate_chain_free(struct x509_certificate *cert);int x509_certificate_check_signature(struct x509_certificate *issuer, struct x509_certificate *cert);int x509_certificate_chain_validate(struct x509_certificate *trusted, struct x509_certificate *chain, int *reason);struct x509_certificate *x509_certificate_get_subject(struct x509_certificate *chain, struct x509_name *name);int x509_certificate_self_signed(struct x509_certificate *cert);#else /* CONFIG_INTERNAL_X509 */static inline void x509_certificate_free(struct x509_certificate *cert){}static inline struct x509_certificate *x509_certificate_parse(const u8 *buf, size_t len){ return NULL;}static inline void x509_name_string(struct x509_name *name, char *buf, size_t len){ if (len) buf[0] = '\0';}static inline void x509_certificate_chain_free(struct x509_certificate *cert){}static inline intx509_certificate_chain_validate(struct x509_certificate *trusted, struct x509_certificate *chain, int *reason){ return -1;}static inline struct x509_certificate *x509_certificate_get_subject(struct x509_certificate *chain, struct x509_name *name){ return NULL;}static inline int x509_certificate_self_signed(struct x509_certificate *cert){ return -1;}#endif /* CONFIG_INTERNAL_X509 */#endif /* X509V3_H */⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -