1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2 /* X.509 certificate parser internal definitions
4 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
5 * Written by David Howells (dhowells@redhat.com)
8 #include <linux/time.h>
9 #include <crypto/public_key.h>
10 #include <keys/asymmetric-type.h>
12 struct x509_certificate
{
13 struct x509_certificate
*next
;
14 struct x509_certificate
*signer
; /* Certificate that signed this one */
15 struct public_key
*pub
; /* Public key details */
16 struct public_key_signature
*sig
; /* Signature parameters */
17 char *issuer
; /* Name of certificate issuer */
18 char *subject
; /* Name of certificate subject */
19 struct asymmetric_key_id
*id
; /* Issuer + Serial number */
20 struct asymmetric_key_id
*skid
; /* Subject + subjectKeyId (optional) */
23 const void *tbs
; /* Signed data */
24 unsigned tbs_size
; /* Size of signed data */
25 unsigned raw_sig_size
; /* Size of sigature */
26 const void *raw_sig
; /* Signature data */
27 const void *raw_serial
; /* Raw serial number in ASN.1 */
28 unsigned raw_serial_size
;
29 unsigned raw_issuer_size
;
30 const void *raw_issuer
; /* Raw issuer name in ASN.1 */
31 const void *raw_subject
; /* Raw subject name in ASN.1 */
32 unsigned raw_subject_size
;
33 unsigned raw_skid_size
;
34 const void *raw_skid
; /* Raw subjectKeyId in ASN.1 */
36 bool seen
; /* Infinite recursion prevention */
38 bool self_signed
; /* T if self-signed (check unsupported_sig too) */
39 bool unsupported_key
; /* T if key uses unsupported crypto */
40 bool unsupported_sig
; /* T if signature uses unsupported crypto */
47 extern void x509_free_certificate(struct x509_certificate
*cert
);
48 extern struct x509_certificate
*x509_cert_parse(const void *data
, size_t datalen
);
49 extern int x509_decode_time(time64_t
*_t
, size_t hdrlen
,
51 const unsigned char *value
, size_t vlen
);
56 extern int x509_get_sig_params(struct x509_certificate
*cert
);
57 extern int x509_check_for_self_signed(struct x509_certificate
*cert
);
