1/*
2**
3** Copyright 2009, The Android Open Source Project
4**
5** Licensed under the Apache License, Version 2.0 (the "License");
6** you may not use this file except in compliance with the License.
7** You may obtain a copy of the License at
8**
9**     http://www.apache.org/licenses/LICENSE-2.0
10**
11** Unless required by applicable law or agreed to in writing, software
12** distributed under the License is distributed on an "AS IS" BASIS,
13** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14** See the License for the specific language governing permissions and
15** limitations under the License.
16*/
17
18#ifndef __CERT_H__
19#define __CERT_H__
20
21#define ANDROID_KEYSTORE "Android Keystore"
22#define KEYGEN_STORE_SIZE     5
23#define KEYLENGTH_MEDIUM      1024
24#define KEYLENGTH_MAXIMUM     2048
25#define MAX_CERT_NAME_LEN     128
26#define MAX_PEM_LENGTH        4096
27#define REPLY_MAX             MAX_PEM_LENGTH
28
29
30#define STR(token) #token
31#define ERR_INVALID_KEY_LENGTH  1
32#define ERR_CONSTRUCT_NEW_DATA  2
33#define ERR_RSA_KEYGEN          3
34#define ERR_X509_PROCESS        4
35#define ERR_SPKAC_TOO_LONG      5
36#define ERR_INVALID_ARGS        6
37#define ERR_MAXIMUM             7
38
39typedef struct {
40    EVP_PKEY *pkey;
41    unsigned char *public_key;
42    int key_len;
43} PKEY_STORE;
44
45typedef struct {
46    PKCS12  *p12;
47    EVP_PKEY *pkey;
48    X509 *cert;
49    STACK_OF(X509) *certs;
50} PKCS12_KEYSTORE;
51
52#define PKEY_STORE_free(x) { \
53    if(x.pkey) EVP_PKEY_free(x.pkey); \
54    if(x.public_key) free(x.public_key); \
55}
56
57#define nelem(x) (sizeof (x) / sizeof *(x))
58
59int gen_csr(int bits, const char *organizations, char reply[REPLY_MAX]);
60PKCS12_KEYSTORE *get_pkcs12_keystore_handle(const char *buf, int bufLen,
61                                            const char *passwd);
62int get_pkcs12_certificate(PKCS12_KEYSTORE *p12store, char *buf, int size);
63int get_pkcs12_private_key(PKCS12_KEYSTORE *p12store, char *buf, int size);
64int pop_pkcs12_certs_stack(PKCS12_KEYSTORE *p12store, char *buf, int size);
65void free_pkcs12_keystore(PKCS12_KEYSTORE *p12store);
66int is_pkcs12(const char *buf, int bufLen);
67X509 *parse_cert(const char *buf, int bufLen);
68int get_cert_name(X509 *cert, char *buf, int size);
69int get_issuer_name(X509 *cert, char *buf, int size);
70int is_ca_cert(X509 *cert);
71int get_private_key_pem(X509 *cert, char *buf, int size);
72
73#endif
74