#include <gnutls_int.h>
#include <gnutls_datum.h>
#include <gnutls_global.h>
#include <gnutls_errors.h>
#include <common.h>
#include <gnutls_x509.h>
#include <x509_b64.h>
#include <x509.h>
#include <extensions.h>
#include <libtasn1.h>
#include <mpi.h>
#include <privkey.h>
Go to the source code of this file.
Functions | |
int | MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t *cert) |
void | MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert) |
int | MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, const MHD_gnutls_datum_t *data, MHD_gnutls_x509_crt_fmt_t format) |
int | MHD_gnutls_x509_crt_get_version (MHD_gnutls_x509_crt_t cert) |
int | MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, unsigned int *bits) |
static int | is_type_printable (int type) |
int | MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, unsigned int *key_usage, unsigned int *critical) |
int | MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, MHD_gnutls_x509_crt_fmt_t format, void *output_data, size_t *output_data_size) |
static int is_type_printable | ( | int | type | ) | [inline, static] |
Definition at line 259 of file x509.c.
References GNUTLS_SAN_DNSNAME, GNUTLS_SAN_RFC822NAME, and GNUTLS_SAN_URI.
void MHD_gnutls_x509_crt_deinit | ( | MHD_gnutls_x509_crt_t | cert | ) |
MHD_gnutls_x509_crt_deinit - This function deinitializes memory used by a MHD_gnutls_x509_crt_t structure : The structure to be initialized
This function will deinitialize a CRL structure.
Definition at line 81 of file x509.c.
References MHD_gnutls_x509_crt_int::cert, MHD__asn1_delete_structure(), and MHD_gnutls_free.
Referenced by call_get_cert_callback(), MHD__gnutls_certificate_free_cas(), MHD_gtls_x509_raw_cert_to_gcert(), and parse_der_cert_mem().
int MHD_gnutls_x509_crt_export | ( | MHD_gnutls_x509_crt_t | cert, | |
MHD_gnutls_x509_crt_fmt_t | format, | |||
void * | output_data, | |||
size_t * | output_data_size | |||
) |
MHD_gnutls_x509_crt_export - This function will export the certificate : Holds the certificate : the format of output params. One of PEM or DER. : will contain a certificate PEM or DER encoded : holds the size of output_data (and will be replaced by the actual size of parameters)
This function will export the certificate to DER or PEM format.
If the buffer provided is not long enough to hold the output, then *output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
If the structure is PEM encoded, it will have a header of "BEGIN CERTIFICATE".
Return value: In case of failure a negative value will be returned, and 0 on success.
Definition at line 352 of file x509.c.
References MHD_gnutls_x509_crt_int::cert, GNUTLS_E_INVALID_REQUEST, MHD__gnutls_x509_export_int(), and MHD_gnutls_assert.
Referenced by MHD_gtls_x509_crt_to_gcert().
int MHD_gnutls_x509_crt_get_key_usage | ( | MHD_gnutls_x509_crt_t | cert, | |
unsigned int * | key_usage, | |||
unsigned int * | critical | |||
) |
MHD_gnutls_x509_crt_get_key_usage - This function returns the certificate's key usage : should contain a MHD_gnutls_x509_crt_t structure : where the key usage bits will be stored : will be non zero if the extension is marked as critical
This function will return certificate's key usage, by reading the keyUsage X.509 extension (2.5.29.15). The key usage value will ORed values of the: GNUTLS_KEY_DIGITAL_SIGNATURE, GNUTLS_KEY_NON_REPUDIATION, GNUTLS_KEY_KEY_ENCIPHERMENT, GNUTLS_KEY_DATA_ENCIPHERMENT, GNUTLS_KEY_KEY_AGREEMENT, GNUTLS_KEY_KEY_CERT_SIGN, GNUTLS_KEY_CRL_SIGN, GNUTLS_KEY_ENCIPHER_ONLY, GNUTLS_KEY_DECIPHER_ONLY.
A negative value may be returned in case of parsing error. If the certificate does not contain the keyUsage extension GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
Definition at line 288 of file x509.c.
References MHD_gnutls_datum_t::data, GNUTLS_E_INVALID_REQUEST, GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE, MHD__gnutls_free_datum, MHD__gnutls_x509_crt_get_extension(), MHD__gnutls_x509_ext_extract_keyUsage(), MHD_gnutls_assert, and MHD_gnutls_datum_t::size.
Referenced by MHD_gtls_x509_crt_to_gcert().
int MHD_gnutls_x509_crt_get_pk_algorithm | ( | MHD_gnutls_x509_crt_t | cert, | |
unsigned int * | bits | |||
) |
MHD_gnutls_x509_crt_get_pk_algorithm - This function returns the certificate's PublicKey algorithm : should contain a MHD_gnutls_x509_crt_t structure : if bits is non null it will hold the size of the parameters' in bits
This function will return the public key algorithm of an X.509 certificate.
If bits is non null, it should have enough size to hold the parameters size in bits. For RSA the bits returned is the modulus. For DSA the bits returned are of the public exponent.
Returns a member of the enum MHD_GNUTLS_PublicKeyAlgorithm enumeration on success, or a negative value on error.
Definition at line 233 of file x509.c.
References MHD_gnutls_x509_crt_int::cert, GNUTLS_E_INVALID_REQUEST, MHD__gnutls_x509_get_pk_algorithm(), and MHD_gnutls_assert.
Referenced by check_bits(), MHD__gnutls_x509_crt_get_mpis(), and MHD_gtls_x509_crt_to_gcert().
int MHD_gnutls_x509_crt_get_version | ( | MHD_gnutls_x509_crt_t | cert | ) |
MHD_gnutls_x509_crt_get_version - This function returns the Certificate's version number : should contain a MHD_gnutls_x509_crt_t structure
This function will return the version of the specified Certificate.
Returns a negative value on error.
Definition at line 189 of file x509.c.
References ASN1_ELEMENT_NOT_FOUND, ASN1_SUCCESS, MHD_gnutls_x509_crt_int::cert, GNUTLS_E_INVALID_REQUEST, MHD__asn1_read_value(), MHD_gnutls_assert, and MHD_gtls_asn2err().
Referenced by MHD_gtls_x509_crt_to_gcert().
int MHD_gnutls_x509_crt_import | ( | MHD_gnutls_x509_crt_t | cert, | |
const MHD_gnutls_datum_t * | data, | |||
MHD_gnutls_x509_crt_fmt_t | format | |||
) |
MHD_gnutls_x509_crt_import - This function will import a DER or PEM encoded Certificate : The structure to store the parsed certificate. : The DER or PEM encoded certificate. : One of DER or PEM
This function will convert the given DER or PEM encoded Certificate to the native MHD_gnutls_x509_crt_t format. The output will be stored in .
If the Certificate is PEM encoded it should have a header of "X509 CERTIFICATE", or "CERTIFICATE".
Returns 0 on success.
Definition at line 108 of file x509.c.
References ASN1_SUCCESS, MHD_gnutls_x509_crt_int::cert, MHD_gnutls_datum_t::data, GNUTLS_E_INTERNAL_ERROR, GNUTLS_E_INVALID_REQUEST, GNUTLS_X509_FMT_PEM, MHD__asn1_der_decoding(), MHD__gnutls_fbase64_decode(), MHD__gnutls_free_datum, MHD_gnutls_assert, MHD_gnutls_free, MHD_gtls_asn2err(), PEM_X509_CERT, PEM_X509_CERT2, MHD_gnutls_datum_t::size, and MHD_gnutls_x509_crt_int::use_extensions.
Referenced by MHD_gtls_x509_raw_cert_to_gcert(), and parse_der_cert_mem().
int MHD_gnutls_x509_crt_init | ( | MHD_gnutls_x509_crt_t * | cert | ) |
MHD_gnutls_x509_crt_init - This function initializes a MHD_gnutls_x509_crt_t structure : The structure to be initialized
This function will initialize an X.509 certificate structure.
Returns 0 on success.
Definition at line 50 of file x509.c.
References ASN1_SUCCESS, MHD_gnutls_x509_crt_int::cert, GNUTLS_E_MEMORY_ERROR, MHD__asn1_create_element(), MHD__gnutls_get_pkix, MHD_gnutls_assert, MHD_gnutls_calloc, MHD_gnutls_free, and MHD_gtls_asn2err().
Referenced by MHD_gtls_x509_raw_cert_to_gcert(), and parse_der_cert_mem().