wpa_supplicant / hostapd
2.5
|
X.509v3 certificate parsing and processing (RFC 3280 profile) More...
#include "includes.h"
#include "common.h"
#include "crypto/crypto.h"
#include "asn1.h"
#include "x509v3.h"
Functions | |
void | x509_certificate_free (struct x509_certificate *cert) |
Free an X.509 certificate. More... | |
void | x509_certificate_chain_free (struct x509_certificate *cert) |
Free an X.509 certificate chain. More... | |
int | x509_name_compare (struct x509_name *a, struct x509_name *b) |
Compare X.509 certificate names. More... | |
void | x509_name_string (struct x509_name *name, char *buf, size_t len) |
Convert an X.509 certificate name into a string. More... | |
struct x509_certificate * | x509_certificate_parse (const u8 *buf, size_t len) |
Parse a X.509 certificate in DER format. More... | |
int | x509_certificate_check_signature (struct x509_certificate *issuer, struct x509_certificate *cert) |
Verify certificate signature. More... | |
int | x509_certificate_chain_validate (struct x509_certificate *trusted, struct x509_certificate *chain, int *reason, int disable_time_checks) |
Validate X.509 certificate chain. More... | |
struct x509_certificate * | x509_certificate_get_subject (struct x509_certificate *chain, struct x509_name *name) |
Get a certificate based on Subject name. More... | |
int | x509_certificate_self_signed (struct x509_certificate *cert) |
Is the certificate self-signed? More... | |
X.509v3 certificate parsing and processing (RFC 3280 profile)
void x509_certificate_chain_free | ( | struct x509_certificate * | cert | ) |
Free an X.509 certificate chain.
cert | Pointer to the first certificate in the chain |
int x509_certificate_chain_validate | ( | struct x509_certificate * | trusted, |
struct x509_certificate * | chain, | ||
int * | reason, | ||
int | disable_time_checks | ||
) |
Validate X.509 certificate chain.
trusted | List of trusted certificates |
chain | Certificate chain to be validated (first chain must be issued by signed by the second certificate in the chain and so on) |
reason | Buffer for returning failure reason (X509_VALIDATE_*) |
int x509_certificate_check_signature | ( | struct x509_certificate * | issuer, |
struct x509_certificate * | cert | ||
) |
Verify certificate signature.
issuer | Issuer certificate |
cert | Certificate to be verified |
void x509_certificate_free | ( | struct x509_certificate * | cert | ) |
Free an X.509 certificate.
cert | Certificate to be freed |
struct x509_certificate* x509_certificate_get_subject | ( | struct x509_certificate * | chain, |
struct x509_name * | name | ||
) |
Get a certificate based on Subject name.
chain | Certificate chain to search through |
name | Subject name to search for |
struct x509_certificate* x509_certificate_parse | ( | const u8 * | buf, |
size_t | len | ||
) |
Parse a X.509 certificate in DER format.
buf | Pointer to the X.509 certificate in DER format |
len | Buffer length |
Caller is responsible for freeing the returned certificate by calling x509_certificate_free().
int x509_certificate_self_signed | ( | struct x509_certificate * | cert | ) |
Is the certificate self-signed?
cert | Certificate |
Compare X.509 certificate names.
a | Certificate name |
b | Certificate name |
void x509_name_string | ( | struct x509_name * | name, |
char * | buf, | ||
size_t | len | ||
) |
Convert an X.509 certificate name into a string.
name | Name to convert |
buf | Buffer for the string |
len | Maximum buffer length |