1/* 2** 3** Copyright 2009, The Android Open Source Project 4** 5** Licensed under the Apache License, Version 2.0 (the "License"); 6** you may not use this file except in compliance with the License. 7** You may obtain a copy of the License at 8** 9** http://www.apache.org/licenses/LICENSE-2.0 10** 11** Unless required by applicable law or agreed to in writing, software 12** distributed under the License is distributed on an "AS IS" BASIS, 13** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14** See the License for the specific language governing permissions and 15** limitations under the License. 16*/ 17 18#ifndef __CERT_H__ 19#define __CERT_H__ 20 21#define ANDROID_KEYSTORE "Android Keystore" 22#define KEYGEN_STORE_SIZE 5 23#define KEYLENGTH_MEDIUM 1024 24#define KEYLENGTH_MAXIMUM 2048 25#define MAX_CERT_NAME_LEN 128 26#define MAX_PEM_LENGTH 4096 27#define REPLY_MAX MAX_PEM_LENGTH 28 29 30#define STR(token) #token 31#define ERR_INVALID_KEY_LENGTH 1 32#define ERR_CONSTRUCT_NEW_DATA 2 33#define ERR_RSA_KEYGEN 3 34#define ERR_X509_PROCESS 4 35#define ERR_SPKAC_TOO_LONG 5 36#define ERR_INVALID_ARGS 6 37#define ERR_MAXIMUM 7 38 39typedef struct { 40 EVP_PKEY *pkey; 41 unsigned char *public_key; 42 int key_len; 43} PKEY_STORE; 44 45typedef struct { 46 PKCS12 *p12; 47 EVP_PKEY *pkey; 48 X509 *cert; 49 STACK_OF(X509) *certs; 50} PKCS12_KEYSTORE; 51 52#define PKEY_STORE_free(x) { \ 53 if(x.pkey) EVP_PKEY_free(x.pkey); \ 54 if(x.public_key) free(x.public_key); \ 55} 56 57#define nelem(x) (sizeof (x) / sizeof *(x)) 58 59int gen_csr(int bits, const char *organizations, char reply[REPLY_MAX]); 60PKCS12_KEYSTORE *get_pkcs12_keystore_handle(const char *buf, int bufLen, 61 const char *passwd); 62int get_pkcs12_certificate(PKCS12_KEYSTORE *p12store, char *buf, int size); 63int get_pkcs12_private_key(PKCS12_KEYSTORE *p12store, char *buf, int size); 64int pop_pkcs12_certs_stack(PKCS12_KEYSTORE *p12store, char *buf, int size); 65void free_pkcs12_keystore(PKCS12_KEYSTORE *p12store); 66int is_pkcs12(const char *buf, int bufLen); 67X509 *parse_cert(const char *buf, int bufLen); 68int get_cert_name(X509 *cert, char *buf, int size); 69int get_issuer_name(X509 *cert, char *buf, int size); 70int is_ca_cert(X509 *cert); 71int get_private_key_pem(X509 *cert, char *buf, int size); 72 73#endif 74