- x509 certificate loading with pluto asn1 code
[strongswan.git] / Source / lib / crypto / x509.h
1 /**
2 * @file x509.h
3 *
4 * @brief Interface of x509_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #ifndef X509_H_
24 #define X509_H_
25
26 #include <types.h>
27 #include <definitions.h>
28 #include <crypto/rsa/rsa_public_key.h>
29 #include <utils/identification.h>
30 #include <utils/iterator.h>
31
32
33 typedef struct x509_t x509_t;
34
35 /**
36 * @brief X509 certificate.
37 *
38 * @b Constructors:
39 * - x509_create_from_chunk()
40 * - x509_create_from_file()
41 *
42 * @todo more code cleanup needed!
43 * @todo fix unimplemented functions...
44 * @todo handle memory management
45 *
46 * @ingroup transforms
47 */
48 struct x509_t {
49
50 /**
51 * @brief Get the RSA public key from the certificate.
52 *
53 * @param this calling object
54 * @return public_key
55 */
56 rsa_public_key_t *(*get_public_key) (x509_t *this);
57
58 /**
59 * @brief Get the certificate issuers ID.
60 *
61 * @todo implement!
62 */
63 identification_t *(*get_issuer) (x509_t *this);
64
65 /**
66 * @brief Get the subjects ID.
67 *
68 * @todo implement!
69 */
70 identification_t *(*get_subject) (x509_t *this);
71
72 /**
73 * @brief Check if a certificate is valid.
74 *
75 * This function uses the issuers public key to verify
76 * the validity of a certificate.
77 *
78 * @todo implement!
79 */
80 bool (*verify) (x509_t *this, rsa_public_key_t *signer);
81
82 /**
83 * @brief Get the key identifier of the public key.
84 *
85 * @todo implement!
86 */
87 chunk_t (*get_subject_key_identifier) (x509_t *this);
88
89 /**
90 * @brief Compare two certificates.
91 *
92 * Comparison is done via the certificates signature.
93 *
94 * @param this first cert for compare
95 * @param other second cert for compare
96 * @return TRUE if signature is equal
97 */
98 bool (*equals) (x509_t *this, x509_t *other);
99
100 /**
101 * @brief Destroys the certificate.
102 *
103 * @param this certificate to destroy
104 */
105 void (*destroy) (x509_t *this);
106 };
107
108 /**
109 * @brief Read a x509 certificate from a DER encoded blob.
110 *
111 * @param chunk chunk containing DER encoded data
112 * @return created x509_t certificate, or NULL if invalid.
113 *
114 * @ingroup transforms
115 */
116 x509_t *x509_create_from_chunk(chunk_t chunk);
117
118 /**
119 * @brief Read a x509 certificate from a DER encoded file.
120 *
121 * @param filename file containing DER encoded data
122 * @return created x509_t certificate, or NULL if invalid.
123 *
124 * @ingroup transforms
125 */
126 x509_t *x509_create_from_file(char *filename);
127
128 #endif /* X509_H_ */