2
2
* Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3
3
* Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4
4
* Copyright (C) 2002 Mario Strasser
5
* Copyright (C) 2000-2003 Andreas Steffen, Zuercher Hochschule Winterthur
5
* Copyright (C) 2000-2004 Andreas Steffen, Zuercher Hochschule Winterthur
7
7
* This program is free software; you can redistribute it and/or modify it
8
8
* under the terms of the GNU General Public License as published by the
143
153
extern const x509crl_t empty_x509crl;
144
154
extern const x509cert_t empty_x509cert;
156
extern bool same_serial(chunk_t a, chunk_t b);
157
extern bool same_keyid(chunk_t a, chunk_t b);
146
158
extern bool same_dn(chunk_t a, chunk_t b);
147
159
#define MAX_CA_PATH_LEN 7
148
160
extern bool trusted_ca(chunk_t a, chunk_t b, int *pathlen);
159
171
extern void select_x509cert_id(x509cert_t *cert, struct id *end_id);
160
172
extern bool parse_x509cert(chunk_t blob, u_int level0, x509cert_t *cert);
161
173
extern bool parse_x509crl(chunk_t blob, u_int level0, x509crl_t *crl);
174
extern int parse_algorithmIdentifier(chunk_t blob, int level0);
162
175
extern void parse_authorityKeyIdentifier(chunk_t blob, int level0
163
176
, chunk_t *authKeyID, chunk_t *authKeySerialNumber);
164
177
extern chunk_t get_directoryName(chunk_t blob, int level, bool implicit);
165
178
extern err_t check_validity(const x509cert_t *cert, time_t *until);
166
extern bool verify_x509cert(const x509cert_t *cert, bool strict, time_t *until);
179
extern bool compute_digest(chunk_t tbs, int alg, chunk_t *digest);
180
extern bool check_signature(chunk_t tbs, chunk_t sig, int algorithm
181
, const x509cert_t *issuer_cert);
182
extern bool verify_x509cert(/*const*/ x509cert_t *cert, bool strict, time_t *until);
167
183
extern x509cert_t* add_x509cert(x509cert_t *cert);
184
extern x509cert_t* get_x509cert(chunk_t issuer, chunk_t serial, chunk_t keyid
185
, x509cert_t* chain);
186
extern x509cert_t* get_authcert(chunk_t subject, chunk_t serial, chunk_t keyid
187
, u_char auth_flags);
168
188
extern void share_x509cert(x509cert_t *cert);
169
189
extern void release_x509cert(x509cert_t *cert);
170
190
extern void free_x509cert(x509cert_t *cert);
171
191
extern void store_x509certs(x509cert_t **firstcert, bool strict);
172
extern void load_cacerts(void);
192
extern void add_authcert(x509cert_t *cert, u_char auth_flags);
193
extern bool trust_authcert_candidate(const x509cert_t *cert
194
, const x509cert_t *alt_chain);
195
extern void load_authcerts(const char *type, const char *path
196
, u_char auth_flags);
173
197
extern void load_crls(void);
174
198
extern void check_crls(void);
175
199
extern bool insert_crl(chunk_t blob, chunk_t crl_uri);
176
200
extern void list_x509_end_certs(bool utc);
177
extern void list_cacerts(bool utc);
201
extern void list_authcerts(const char *caption, u_char auth_flags, bool utc);
178
202
extern void list_crls(bool utc, bool strict);
179
extern void free_cacerts(void);
203
extern void free_authcerts(void);
180
204
extern void free_crls(void);
181
205
extern void free_crl(x509crl_t *crl);
182
206
extern void free_generalNames(generalName_t* gn, bool free_name);