- x509 certificate loading with pluto asn1 code

- x509 needs a lot more attention!

1 files changed, 128 insertions, 0 deletions

diff --git a/Source/lib/crypto/x509.h b/Source/lib/crypto/x509.h
new file mode 100755
index 000000000..cd2f08ee1
--- /dev/null
+++ b/Source/lib/crypto/x509.h
@@ -0,0 +1,128 @@
+/**
+ * @file x509.h
+ * 
+ * @brief Interface of x509_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef X509_H_
+#define X509_H_
+
+#include <types.h>
+#include <definitions.h>
+#include <crypto/rsa/rsa_public_key.h>
+#include <utils/identification.h>
+#include <utils/iterator.h>
+
+
+typedef struct x509_t x509_t;
+
+/**
+ * @brief X509 certificate.
+ * 
+ * @b Constructors:
+ *  - x509_create_from_chunk()
+ *  - x509_create_from_file()
+ * 
+ * @todo more code cleanup needed!
+ * @todo fix unimplemented functions...
+ * @todo handle memory management
+ *
+ * @ingroup transforms
+ */
+struct x509_t {
+
+	/**
+	 * @brief Get the RSA public key from the certificate.
+	 * 
+	 * @param this				calling object
+	 * @return					public_key
+	 */
+	rsa_public_key_t *(*get_public_key) (x509_t *this);
+		
+	/**
+	 * @brief Get the certificate issuers ID.
+	 * 
+	 * @todo implement!
+	 */
+	identification_t *(*get_issuer) (x509_t *this);
+		
+	/**
+	 * @brief Get the subjects ID.
+	 * 
+	 * @todo implement!
+	 */
+	identification_t *(*get_subject) (x509_t *this);
+	
+	/**
+	 * @brief Check if a certificate is valid.
+	 * 
+	 * This function uses the issuers public key to verify 
+	 * the validity of a certificate.
+	 * 
+	 * @todo implement!
+	 */
+	bool (*verify) (x509_t *this, rsa_public_key_t *signer);
+	
+	/**
+	 * @brief Get the key identifier of the public key.
+	 * 
+	 * @todo implement!
+	 */
+	chunk_t (*get_subject_key_identifier) (x509_t *this);
+	
+	/**
+	 * @brief Compare two certificates.
+	 * 
+	 * Comparison is done via the certificates signature.
+	 * 
+	 * @param this			first cert for compare
+	 * @param other			second cert for compare
+	 * @return				TRUE if signature is equal
+	 */
+	bool (*equals) (x509_t *this, x509_t *other);
+	
+	/**
+	 * @brief Destroys the certificate.
+	 * 
+	 * @param this			certificate to destroy
+	 */
+	void (*destroy) (x509_t *this);
+};
+
+/**
+ * @brief Read a x509 certificate from a DER encoded blob.
+ * 
+ * @param chunk 	chunk containing DER encoded data
+ * @return 			created x509_t certificate, or NULL if invalid.
+ * 
+ * @ingroup transforms
+ */
+x509_t *x509_create_from_chunk(chunk_t chunk);
+
+/**
+ * @brief Read a x509 certificate from a DER encoded file.
+ * 
+ * @param filename 	file containing DER encoded data
+ * @return 			created x509_t certificate, or NULL if invalid.
+ * 
+ * @ingroup transforms
+ */
+x509_t *x509_create_from_file(char *filename);
+
+#endif /* X509_H_ */