Rizin
unix-like reverse engineering framework and cli tools
rz_x509.h
Go to the documentation of this file.
1 #ifndef RZ_X509_H
2 #define RZ_X509_H
3 
4 #include <rz_util/rz_asn1.h>
5 #include <rz_util/rz_pj.h>
6 
7 #ifdef __cplusplus
8 extern "C" {
9 #endif
10 
11 /*
12  * Following RFC 5280
13  */
14 
15 typedef struct rz_x509_validity_t {
16  RASN1String *notBefore;
17  RASN1String *notAfter;
18 } RX509Validity;
19 
20 typedef struct rz_x509_name_t {
21  ut32 length;
22  RASN1String **oids;
23  RASN1String **names;
24 } RX509Name;
25 
26 typedef struct rz_x509_algorithmidentifier_t {
27  RASN1String *algorithm; // OBJECT IDENTIFIER
28  RASN1String *parameters; // OPTIONAL
29 } RX509AlgorithmIdentifier;
30 
31 /*
32 //SubjectKeyIdentifier OCTET STRING so it should be an ASN1Object
33 
34 typedef struct rz_x509_keyusage_t {
35  ut8 digitalSignature : 1;
36  ut8 contentCommitment : 1;
37  ut8 keyEncipherment : 1;
38  ut8 dataEncipherment : 1;
39  ut8 keyAgreement : 1;
40  ut8 keyCertSign : 1;
41  ut8 cRLSign : 1;
42  ut8 encipherOnly : 1;
43  ut8 decipherOnly : 1;
44 } X509KeyUsage;
45  */
46 
47 typedef struct rz_x509_authoritykeyidentifier_t {
48  RASN1Binary *keyIdentifier;
49  RX509Name authorityCertIssuer;
50  RASN1Binary *authorityCertSerialNumber;
51 } RX509AuthorityKeyIdentifier;
52 
53 typedef struct rz_x509_subjectpublickeyinfo_t {
54  RX509AlgorithmIdentifier algorithm;
55  // This is a bit string, but it encapsulate mod + pubkey
56  RASN1Binary *subjectPublicKey; // BIT STRING
57  // This struct won't follow RFC,
58  // just because it should be seen as this.
59  RASN1Binary *subjectPublicKeyExponent;
60  RASN1Binary *subjectPublicKeyModule;
61 } RX509SubjectPublicKeyInfo;
62 
63 typedef struct rz_x509_extension_t {
64  RASN1String *extnID; // OBJECT IDENTIFIER
65  bool critical;
66  RASN1Binary *extnValue; // OCTET STRING
67 } RX509Extension;
68 
69 typedef struct rz_x509_extensions_t {
70  ut32 length;
71  RX509Extension **extensions;
72 } RX509Extensions;
73 
74 typedef struct rz_x509_tbscertificate_t {
75  ut32 version; // INTEGER
76  RASN1String *serialNumber; // INTEGER
77  RX509AlgorithmIdentifier signature;
78  RX509Name issuer;
79  RX509Validity validity;
80  RX509Name subject;
81  RX509SubjectPublicKeyInfo subjectPublicKeyInfo;
82  RASN1Binary *issuerUniqueID; // BIT STRING
83  RASN1Binary *subjectUniqueID; // BIT STRING
84  RX509Extensions extensions;
85 } RX509TBSCertificate;
86 
87 typedef struct rz_x509_certificate_t {
88  RX509TBSCertificate tbsCertificate;
89  RX509AlgorithmIdentifier algorithmIdentifier;
90  RASN1Binary *signature; // BIT STRING
91 } RX509Certificate;
92 
93 // RFC 1422
94 
95 typedef struct rz_x509_crlentry {
96  RASN1Binary *userCertificate; // INTEGER ?
97  RASN1String *revocationDate; // UTCTime
98 } RX509CRLEntry;
99 
100 typedef struct rz_x509_certificaterevocationlist {
101  RX509AlgorithmIdentifier signature;
102  RX509Name issuer;
103  RASN1String *lastUpdate; // UTCTime
104  RASN1String *nextUpdate; // UTCTime
105  ut32 length;
106  RX509CRLEntry **revokedCertificates;
107 } RX509CertificateRevocationList;
108 
109 RZ_API RX509CertificateRevocationList *rz_x509_parse_crl(RASN1Object *object);
110 // RZ_API void rz_x509_free_crl(RX509CertificateRevocationList *crl);
111 // RZ_API void rz_x509_crl_dump(RX509CertificateRevocationList *crl, const char* pad);
112 RZ_API char *rz_x509_crl_to_string(RX509CertificateRevocationList *crl, const char *pad);
113 RZ_API void rz_x509_crl_json(PJ *pj, RX509CertificateRevocationList *crl);
114 
115 RZ_API RX509Certificate *rz_x509_parse_certificate(RASN1Object *object);
116 RZ_API RX509Certificate *rz_x509_parse_certificate2(const ut8 *buffer, ut32 length);
117 RZ_API void rz_x509_free_certificate(RX509Certificate *certificate);
118 RZ_API void rz_x509_certificate_json(PJ *pj, RX509Certificate *certificate);
119 RZ_API void rz_x509_certificate_dump(RX509Certificate *cert, const char *pad, RzStrBuf *sb);
120 
121 #ifdef __cplusplus
122 }
123 #endif
124 
125 #endif /* RZ_X509_H */
sb
static SblHeader sb
Definition: bin_mbn.c:26
RZ_API
#define RZ_API
Definition: core_plugin_example.c:36
length
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void static offset struct stat static buf void long static basep static whence static length const void static len static semflg const void static shmflg const struct timespec struct timespec static rem const char static group const void length
Definition: sflib.h:133
ut32
uint32_t ut32
Definition: demangler_util.h:31
ut8
uint8_t ut8
Definition: lh5801.h:11
pad
static void pad(RzStrBuf *sb, ut32 count)
Definition: protobuf.c:36
rz_asn1.h
rz_pj.h
rz_x509_crl_json
RZ_API void rz_x509_crl_json(PJ *pj, RX509CertificateRevocationList *crl)
Definition: x509.c:719
rz_x509_parse_certificate2
RZ_API RX509Certificate * rz_x509_parse_certificate2(const ut8 *buffer, ut32 length)
Definition: x509.c:249
RX509Extension
struct rz_x509_extension_t RX509Extension
RX509Certificate
struct rz_x509_certificate_t RX509Certificate
rz_x509_free_certificate
RZ_API void rz_x509_free_certificate(RX509Certificate *certificate)
Definition: x509.c:387
rz_x509_parse_crl
RZ_API RX509CertificateRevocationList * rz_x509_parse_crl(RASN1Object *object)
Definition: x509.c:275
RX509CertificateRevocationList
struct rz_x509_certificaterevocationlist RX509CertificateRevocationList
RX509Extensions
struct rz_x509_extensions_t RX509Extensions
RX509SubjectPublicKeyInfo
struct rz_x509_subjectpublickeyinfo_t RX509SubjectPublicKeyInfo
RX509CRLEntry
struct rz_x509_crlentry RX509CRLEntry
rz_x509_parse_certificate
RZ_API RX509Certificate * rz_x509_parse_certificate(RASN1Object *object)
Definition: x509.c:217
rz_x509_certificate_dump
RZ_API void rz_x509_certificate_dump(RX509Certificate *cert, const char *pad, RzStrBuf *sb)
Definition: x509.c:546
RX509Validity
struct rz_x509_validity_t RX509Validity
RX509TBSCertificate
struct rz_x509_tbscertificate_t RX509TBSCertificate
rz_x509_crl_to_string
RZ_API char * rz_x509_crl_to_string(RX509CertificateRevocationList *crl, const char *pad)
Definition: x509.c:592
RX509AlgorithmIdentifier
struct rz_x509_algorithmidentifier_t RX509AlgorithmIdentifier
RX509Name
struct rz_x509_name_t RX509Name
rz_x509_certificate_json
RZ_API void rz_x509_certificate_json(PJ *pj, RX509Certificate *certificate)
Definition: x509.c:790
RX509AuthorityKeyIdentifier
struct rz_x509_authoritykeyidentifier_t RX509AuthorityKeyIdentifier
buffer
Definition: buffer.h:15
pj_t
Definition: rz_pj.h:12
rz_asn1_bin_t
Definition: rz_asn1.h:74
rz_asn1_object_t
Definition: rz_asn1.h:79
rz_asn1_string_t
Definition: rz_asn1.h:63
rz_x509_algorithmidentifier_t
Definition: rz_x509.h:26
rz_x509_algorithmidentifier_t::algorithm
RASN1String * algorithm
Definition: rz_x509.h:27
rz_x509_algorithmidentifier_t::parameters
RASN1String * parameters
Definition: rz_x509.h:28
rz_x509_authoritykeyidentifier_t
Definition: rz_x509.h:47
rz_x509_authoritykeyidentifier_t::keyIdentifier
RASN1Binary * keyIdentifier
Definition: rz_x509.h:48
rz_x509_authoritykeyidentifier_t::authorityCertIssuer
RX509Name authorityCertIssuer
Definition: rz_x509.h:49
rz_x509_authoritykeyidentifier_t::authorityCertSerialNumber
RASN1Binary * authorityCertSerialNumber
Definition: rz_x509.h:50
rz_x509_certificate_t
Definition: rz_x509.h:87
rz_x509_certificate_t::tbsCertificate
RX509TBSCertificate tbsCertificate
Definition: rz_x509.h:88
rz_x509_certificate_t::signature
RASN1Binary * signature
Definition: rz_x509.h:90
rz_x509_certificate_t::algorithmIdentifier
RX509AlgorithmIdentifier algorithmIdentifier
Definition: rz_x509.h:89
rz_x509_certificaterevocationlist
Definition: rz_x509.h:100
rz_x509_certificaterevocationlist::signature
RX509AlgorithmIdentifier signature
Definition: rz_x509.h:101
rz_x509_certificaterevocationlist::lastUpdate
RASN1String * lastUpdate
Definition: rz_x509.h:103
rz_x509_certificaterevocationlist::length
ut32 length
Definition: rz_x509.h:105
rz_x509_certificaterevocationlist::nextUpdate
RASN1String * nextUpdate
Definition: rz_x509.h:104
rz_x509_certificaterevocationlist::revokedCertificates
RX509CRLEntry ** revokedCertificates
Definition: rz_x509.h:106
rz_x509_certificaterevocationlist::issuer
RX509Name issuer
Definition: rz_x509.h:102
rz_x509_crlentry
Definition: rz_x509.h:95
rz_x509_crlentry::userCertificate
RASN1Binary * userCertificate
Definition: rz_x509.h:96
rz_x509_crlentry::revocationDate
RASN1String * revocationDate
Definition: rz_x509.h:97
rz_x509_extension_t
Definition: rz_x509.h:63
rz_x509_extension_t::critical
bool critical
Definition: rz_x509.h:65
rz_x509_extension_t::extnValue
RASN1Binary * extnValue
Definition: rz_x509.h:66
rz_x509_extension_t::extnID
RASN1String * extnID
Definition: rz_x509.h:64
rz_x509_extensions_t
Definition: rz_x509.h:69
rz_x509_extensions_t::extensions
RX509Extension ** extensions
Definition: rz_x509.h:71
rz_x509_extensions_t::length
ut32 length
Definition: rz_x509.h:70
rz_x509_name_t
Definition: rz_x509.h:20
rz_x509_name_t::names
RASN1String ** names
Definition: rz_x509.h:23
rz_x509_name_t::oids
RASN1String ** oids
Definition: rz_x509.h:22
rz_x509_name_t::length
ut32 length
Definition: rz_x509.h:21
rz_x509_subjectpublickeyinfo_t
Definition: rz_x509.h:53
rz_x509_subjectpublickeyinfo_t::algorithm
RX509AlgorithmIdentifier algorithm
Definition: rz_x509.h:54
rz_x509_subjectpublickeyinfo_t::subjectPublicKeyExponent
RASN1Binary * subjectPublicKeyExponent
Definition: rz_x509.h:59
rz_x509_subjectpublickeyinfo_t::subjectPublicKey
RASN1Binary * subjectPublicKey
Definition: rz_x509.h:56
rz_x509_subjectpublickeyinfo_t::subjectPublicKeyModule
RASN1Binary * subjectPublicKeyModule
Definition: rz_x509.h:60
rz_x509_tbscertificate_t
Definition: rz_x509.h:74
rz_x509_tbscertificate_t::issuer
RX509Name issuer
Definition: rz_x509.h:78
rz_x509_tbscertificate_t::subjectPublicKeyInfo
RX509SubjectPublicKeyInfo subjectPublicKeyInfo
Definition: rz_x509.h:81
rz_x509_tbscertificate_t::serialNumber
RASN1String * serialNumber
Definition: rz_x509.h:76
rz_x509_tbscertificate_t::subjectUniqueID
RASN1Binary * subjectUniqueID
Definition: rz_x509.h:83
rz_x509_tbscertificate_t::signature
RX509AlgorithmIdentifier signature
Definition: rz_x509.h:77
rz_x509_tbscertificate_t::version
ut32 version
Definition: rz_x509.h:75
rz_x509_tbscertificate_t::validity
RX509Validity validity
Definition: rz_x509.h:79
rz_x509_tbscertificate_t::subject
RX509Name subject
Definition: rz_x509.h:80
rz_x509_tbscertificate_t::issuerUniqueID
RASN1Binary * issuerUniqueID
Definition: rz_x509.h:82
rz_x509_tbscertificate_t::extensions
RX509Extensions extensions
Definition: rz_x509.h:84
rz_x509_validity_t
Definition: rz_x509.h:15
rz_x509_validity_t::notBefore
RASN1String * notBefore
Definition: rz_x509.h:16
rz_x509_validity_t::notAfter
RASN1String * notAfter
Definition: rz_x509.h:17