rz_x509.h File Reference

#include <rz_util/rz_asn1.h>
#include <rz_util/rz_pj.h>

Go to the source code of this file.

Classes
struct	rz_x509_validity_t
struct	rz_x509_name_t
struct	rz_x509_algorithmidentifier_t
struct	rz_x509_authoritykeyidentifier_t
struct	rz_x509_subjectpublickeyinfo_t
struct	rz_x509_extension_t
struct	rz_x509_extensions_t
struct	rz_x509_tbscertificate_t
struct	rz_x509_certificate_t
struct	rz_x509_crlentry
struct	rz_x509_certificaterevocationlist

Typedefs
typedef struct rz_x509_validity_t	RX509Validity
typedef struct rz_x509_name_t	RX509Name
typedef struct rz_x509_algorithmidentifier_t	RX509AlgorithmIdentifier
typedef struct rz_x509_authoritykeyidentifier_t	RX509AuthorityKeyIdentifier
typedef struct rz_x509_subjectpublickeyinfo_t	RX509SubjectPublicKeyInfo
typedef struct rz_x509_extension_t	RX509Extension
typedef struct rz_x509_extensions_t	RX509Extensions
typedef struct rz_x509_tbscertificate_t	RX509TBSCertificate
typedef struct rz_x509_certificate_t	RX509Certificate
typedef struct rz_x509_crlentry	RX509CRLEntry
typedef struct rz_x509_certificaterevocationlist	RX509CertificateRevocationList

Functions
RZ_API RX509CertificateRevocationList *	rz_x509_parse_crl (RASN1Object *object)
RZ_API char *	rz_x509_crl_to_string (RX509CertificateRevocationList *crl, const char *pad)
RZ_API void	rz_x509_crl_json (PJ *pj, RX509CertificateRevocationList *crl)
RZ_API RX509Certificate *	rz_x509_parse_certificate (RASN1Object *object)
RZ_API RX509Certificate *	rz_x509_parse_certificate2 (const ut8 *buffer, ut32 length)
RZ_API void	rz_x509_free_certificate (RX509Certificate *certificate)
RZ_API void	rz_x509_certificate_json (PJ *pj, RX509Certificate *certificate)
RZ_API void	rz_x509_certificate_dump (RX509Certificate *cert, const char *pad, RzStrBuf *sb)

Typedef Documentation

RX509AlgorithmIdentifier

typedef struct rz_x509_algorithmidentifier_t RX509AlgorithmIdentifier

RX509AuthorityKeyIdentifier

typedef struct rz_x509_authoritykeyidentifier_t RX509AuthorityKeyIdentifier

RX509Certificate

typedef struct rz_x509_certificate_t RX509Certificate

RX509CertificateRevocationList

typedef struct rz_x509_certificaterevocationlist RX509CertificateRevocationList

RX509CRLEntry

typedef struct rz_x509_crlentry RX509CRLEntry

RX509Extension

typedef struct rz_x509_extension_t RX509Extension

RX509Extensions

typedef struct rz_x509_extensions_t RX509Extensions

RX509Name

typedef struct rz_x509_name_t RX509Name

RX509SubjectPublicKeyInfo

typedef struct rz_x509_subjectpublickeyinfo_t RX509SubjectPublicKeyInfo

RX509TBSCertificate

typedef struct rz_x509_tbscertificate_t RX509TBSCertificate

RX509Validity

typedef struct rz_x509_validity_t RX509Validity

Function Documentation

rz_x509_certificate_dump()

RZ_API void rz_x509_certificate_dump	(	RX509Certificate *	cert,
		const char *	pad,
		RzStrBuf *	sb
	)

Definition at line 546 of file x509.c.

                                                                                            {
    RASN1String *algo = NULL;
    char *pad2;
    if (!cert) {
        return;
    }
    if (!pad) {
        pad = "";
    }
    pad2 = rz_str_newf("%s  ", pad);
    if (!pad2) {
        return;
    }
    rz_strbuf_appendf(sb, "%sTBSCertificate:\n", pad);
    rz_x509_tbscertificate_dump(&cert->tbsCertificate, pad2, sb);
 
    algo = cert->algorithmIdentifier.algorithm;
    //  signature = rz_asn1_stringify_bytes (certificate->signature->binary, certificate->signature->length);
    //  eprintf ("%sAlgorithm:\n%s%s\n%sSignature: %u bytes\n%s\n",
    //              pad, pad2, algo ? algo->string : "",
    //              pad, certificate->signature->length, signature ? signature->string : "");
    rz_strbuf_appendf(sb, "%sAlgorithm:\n%s%s\n%sSignature: %u bytes\n",
        pad, pad2, algo ? algo->string : "", pad, cert->signature->length);
    free(pad2);
    //  rz_asn1_free_string (signature);
}

References rz_x509_algorithmidentifier_t::algorithm, rz_x509_certificate_t::algorithmIdentifier, free(), rz_asn1_bin_t::length, NULL, pad(), rz_str_newf(), rz_strbuf_appendf(), rz_x509_tbscertificate_dump(), sb, rz_x509_certificate_t::signature, rz_asn1_string_t::string, and rz_x509_certificate_t::tbsCertificate.

Referenced by cmd_print_fromage(), and rz_pkcs7_cms_to_string().

rz_x509_certificate_json()

RZ_API void rz_x509_certificate_json	(	PJ *	pj,
		RX509Certificate *	certificate
	)

Definition at line 790 of file x509.c.

                                                                            {
    if (!certificate) {
        return;
    }
    RASN1String *m = NULL;
    pj_o(pj);
    pj_k(pj, "TBSCertificate");
    rz_x509_tbscertificate_json(pj, &certificate->tbsCertificate);
    if (certificate->algorithmIdentifier.algorithm) {
        pj_ks(pj, "Algorithm", certificate->algorithmIdentifier.algorithm->string);
    }
    if (certificate->signature) {
        m = rz_asn1_stringify_integer(certificate->signature->binary, certificate->signature->length);
        if (m) {
            pj_ks(pj, "Signature", m->string);
        }
        rz_asn1_free_string(m);
    }
    pj_end(pj);
}

References rz_x509_algorithmidentifier_t::algorithm, rz_x509_certificate_t::algorithmIdentifier, rz_asn1_bin_t::binary, rz_asn1_bin_t::length, regress::m, NULL, pj_end(), pj_k(), pj_ks(), pj_o(), rz_asn1_free_string(), rz_asn1_stringify_integer(), rz_x509_tbscertificate_json(), rz_x509_certificate_t::signature, rz_asn1_string_t::string, and rz_x509_certificate_t::tbsCertificate.

Referenced by rz_pkcs7_cms_json().

rz_x509_crl_json()

RZ_API void rz_x509_crl_json	(	PJ *	pj,
		RX509CertificateRevocationList *	crl
	)

Definition at line 719 of file x509.c.

                                                                          {
    ut32 i;
    if (crl) {
        if (crl->signature.algorithm) {
            pj_ks(pj, "Signature", crl->signature.algorithm->string);
        }
        pj_k(pj, "Issuer");
        pj_o(pj);
        rz_x509_name_json(pj, &crl->issuer);
        pj_end(pj);
        if (crl->lastUpdate) {
            pj_ks(pj, "LastUpdate", crl->lastUpdate->string);
        }
        if (crl->nextUpdate) {
            pj_ks(pj, "NextUpdate", crl->nextUpdate->string);
        }
        pj_k(pj, "RevokedCertificates");
        pj_a(pj);
        for (i = 0; i < crl->length; i++) {
            rz_x509_crlentry_json(pj, crl->revokedCertificates[i]);
        }
        pj_end(pj);
    }
}

References rz_x509_algorithmidentifier_t::algorithm, i, rz_x509_certificaterevocationlist::issuer, rz_x509_certificaterevocationlist::lastUpdate, rz_x509_certificaterevocationlist::length, rz_x509_certificaterevocationlist::nextUpdate, pj_a(), pj_end(), pj_k(), pj_ks(), pj_o(), rz_x509_certificaterevocationlist::revokedCertificates, rz_x509_crlentry_json(), rz_x509_name_json(), rz_x509_certificaterevocationlist::signature, and rz_asn1_string_t::string.

Referenced by rz_pkcs7_cms_json().

rz_x509_crl_to_string()

RZ_API char* rz_x509_crl_to_string	(	RX509CertificateRevocationList *	crl,
		const char *	pad
	)

Definition at line 592 of file x509.c.

                                                                                         {
    RASN1String *algo = NULL, *last = NULL, *next = NULL;
    ut32 i;
    char *pad2, *pad3;
    if (!crl) {
        return NULL;
    }
    if (!pad) {
        pad = "";
    }
    pad3 = rz_str_newf("%s    ", pad);
    if (!pad3) {
        return NULL;
    }
    pad2 = pad3 + 2;
    algo = crl->signature.algorithm;
    last = crl->lastUpdate;
    next = crl->nextUpdate;
    RzStrBuf *sb = rz_strbuf_new("");
    rz_strbuf_appendf(sb, "%sCRL:\n%sSignature:\n%s%s\n%sIssuer\n", pad, pad2, pad3,
        algo ? algo->string : "", pad2);
    rz_x509_name_dump(&crl->issuer, pad3, sb);
 
    rz_strbuf_appendf(sb, "%sLast Update: %s\n%sNext Update: %s\n%sRevoked Certificates:\n",
        pad2, last ? last->string : "Missing",
        pad2, next ? next->string : "Missing", pad2);
 
    for (i = 0; i < crl->length; i++) {
        rz_x509_crlentry_dump(crl->revokedCertificates[i], pad3, sb);
    }
 
    free(pad3);
    return rz_strbuf_drain(sb);
}

References rz_x509_algorithmidentifier_t::algorithm, free(), i, rz_x509_certificaterevocationlist::issuer, rz_x509_certificaterevocationlist::lastUpdate, rz_x509_certificaterevocationlist::length, rz_x509_certificaterevocationlist::nextUpdate, NULL, pad(), rz_x509_certificaterevocationlist::revokedCertificates, rz_str_newf(), rz_strbuf_appendf(), rz_strbuf_drain(), rz_strbuf_new(), rz_x509_crlentry_dump(), rz_x509_name_dump(), sb, rz_x509_certificaterevocationlist::signature, and rz_asn1_string_t::string.

Referenced by rz_pkcs7_cms_to_string().

rz_x509_free_certificate()

RZ_API void rz_x509_free_certificate

(

RX509Certificate *

certificate

)

Definition at line 387 of file x509.c.

                                                                    {
    if (certificate) {
        rz_asn1_free_binary(certificate->signature);
        rz_x509_free_algorithmidentifier(&certificate->algorithmIdentifier);
        rz_x509_free_tbscertificate(&certificate->tbsCertificate);
        free(certificate);
    }
}

References rz_x509_certificate_t::algorithmIdentifier, free(), rz_asn1_free_binary(), rz_x509_free_algorithmidentifier(), rz_x509_free_tbscertificate(), rz_x509_certificate_t::signature, and rz_x509_certificate_t::tbsCertificate.

Referenced by cmd_print_fromage(), and rz_pkcs7_free_extendedcertificatesandcertificates().

rz_x509_parse_certificate()

RZ_API RX509Certificate* rz_x509_parse_certificate

(

RASN1Object *

object

)

Definition at line 217 of file x509.c.

                                                                        {
    if (!object) {
        return NULL;
    }
    RX509Certificate *cert = RZ_NEW0(RX509Certificate);
    if (!cert) {
        goto fail;
    }
    if (object->klass != CLASS_UNIVERSAL || object->form != FORM_CONSTRUCTED || object->list.length != 3) {
        RZ_FREE(cert);
        goto fail;
    }
    RASN1Object *tmp = object->list.objects[2];
    if (!tmp) {
        RZ_FREE(cert);
        goto fail;
    }
    if (tmp->klass != CLASS_UNIVERSAL || tmp->form != FORM_PRIMITIVE || tmp->tag != TAG_BITSTRING) {
        RZ_FREE(cert);
        goto fail;
    }
    cert->signature = rz_asn1_create_binary(object->list.objects[2]->sector, object->list.objects[2]->length);
    rz_x509_parse_tbscertificate(&cert->tbsCertificate, object->list.objects[0]);
 
    if (!rz_x509_parse_algorithmidentifier(&cert->algorithmIdentifier, object->list.objects[1])) {
        RZ_FREE(cert);
    }
fail:
    rz_asn1_free_object(object);
    return cert;
}

References rz_x509_certificate_t::algorithmIdentifier, CLASS_UNIVERSAL, fail, rz_asn1_object_t::form, FORM_CONSTRUCTED, FORM_PRIMITIVE, rz_asn1_object_t::klass, rz_asn1_list_t::length, rz_asn1_object_t::length, rz_asn1_object_t::list, NULL, rz_asn1_list_t::objects, rz_asn1_create_binary(), rz_asn1_free_object(), RZ_FREE, RZ_NEW0, rz_x509_parse_algorithmidentifier(), rz_x509_parse_tbscertificate(), rz_asn1_object_t::sector, rz_x509_certificate_t::signature, TAG_BITSTRING, rz_x509_certificate_t::tbsCertificate, and autogen_x86imm::tmp.

Referenced by cmd_print_fromage(), rz_pkcs7_parse_extendedcertificatesandcertificates(), and rz_x509_parse_certificate2().

rz_x509_parse_certificate2()

RZ_API RX509Certificate* rz_x509_parse_certificate2	(	const ut8 *	buffer,
		ut32	length
	)

Definition at line 249 of file x509.c.

                                                                                    {
    RX509Certificate *certificate;
    RASN1Object *object;
    if (!buffer || !length) {
        return NULL;
    }
    object = rz_asn1_create_object(buffer, length, buffer);
    certificate = rz_x509_parse_certificate(object);
    // object freed by rz_x509_parse_certificate
    return certificate;
}

References length, NULL, rz_asn1_create_object(), and rz_x509_parse_certificate().

rz_x509_parse_crl()

RZ_API RX509CertificateRevocationList* rz_x509_parse_crl

(

RASN1Object *

object

)

Definition at line 275 of file x509.c.

                                                                              {
    RX509CertificateRevocationList *crl;
    RASN1Object **elems;
    if (!object || object->list.length < 4) {
        return NULL;
    }
    crl = (RX509CertificateRevocationList *)malloc(sizeof(RX509CertificateRevocationList));
    if (!crl) {
        return NULL;
    }
    memset(crl, 0, sizeof(RX509CertificateRevocationList));
    elems = object->list.objects;
    rz_x509_parse_algorithmidentifier(&crl->signature, elems[0]);
    rz_x509_parse_name(&crl->issuer, elems[1]);
    crl->lastUpdate = rz_asn1_stringify_utctime(elems[2]->sector, elems[2]->length);
    crl->nextUpdate = rz_asn1_stringify_utctime(elems[3]->sector, elems[3]->length);
    if (object->list.length > 4 && object->list.objects[4]) {
        ut32 i;
        crl->revokedCertificates = calloc(object->list.objects[4]->list.length, sizeof(RX509CRLEntry *));
        if (!crl->revokedCertificates) {
            free(crl);
            return NULL;
        }
        crl->length = object->list.objects[4]->list.length;
        for (i = 0; i < object->list.objects[4]->list.length; i++) {
            crl->revokedCertificates[i] = rz_x509_parse_crlentry(object->list.objects[4]->list.objects[i]);
        }
    }
    return crl;
}

References calloc(), free(), i, rz_x509_certificaterevocationlist::issuer, rz_x509_certificaterevocationlist::lastUpdate, rz_asn1_list_t::length, rz_x509_certificaterevocationlist::length, length, rz_asn1_object_t::list, malloc(), memset(), rz_x509_certificaterevocationlist::nextUpdate, NULL, rz_asn1_list_t::objects, rz_x509_certificaterevocationlist::revokedCertificates, rz_asn1_stringify_utctime(), rz_x509_parse_algorithmidentifier(), rz_x509_parse_crlentry(), rz_x509_parse_name(), and rz_x509_certificaterevocationlist::signature.

Referenced by rz_pkcs7_parse_certificaterevocationlists().