Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 1 | /* |
Justin Chadwell | 3168a20 | 2019-09-09 15:24:31 +0100 | [diff] [blame] | 2 | * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved. |
Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 3 | * |
dp-arm | fa3cf0b | 2017-05-03 09:38:09 +0100 | [diff] [blame] | 4 | * SPDX-License-Identifier: BSD-3-Clause |
Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 5 | */ |
| 6 | |
Antonio Nino Diaz | 5eb8837 | 2018-11-08 10:20:19 +0000 | [diff] [blame] | 7 | #ifndef CERT_H |
| 8 | #define CERT_H |
Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 9 | |
| 10 | #include <openssl/ossl_typ.h> |
| 11 | #include <openssl/x509.h> |
Juan Castillo | e6d30e9 | 2015-06-12 11:27:59 +0100 | [diff] [blame] | 12 | #include "ext.h" |
Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 13 | #include "key.h" |
| 14 | |
Soby Mathew | 2bb78d3 | 2018-03-29 14:29:55 +0100 | [diff] [blame] | 15 | #define CERT_MAX_EXT 5 |
Juan Castillo | e6d30e9 | 2015-06-12 11:27:59 +0100 | [diff] [blame] | 16 | |
Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 17 | /* |
| 18 | * This structure contains information related to the generation of the |
| 19 | * certificates. All these fields must be known and specified at build time |
| 20 | * except for the file name, which is picked up from the command line at |
| 21 | * run time. |
| 22 | * |
| 23 | * One instance of this structure must be created for each of the certificates |
| 24 | * present in the chain of trust. |
| 25 | * |
| 26 | * If the issuer points to this same instance, the generated certificate will |
| 27 | * be self-signed. |
| 28 | */ |
| 29 | typedef struct cert_s cert_t; |
| 30 | struct cert_s { |
| 31 | int id; /* Unique identifier */ |
| 32 | |
Juan Castillo | 1218dd5 | 2015-07-03 16:23:16 +0100 | [diff] [blame] | 33 | const char *opt; /* Command line option to pass filename */ |
Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 34 | const char *fn; /* Filename to save the certificate */ |
Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 35 | const char *cn; /* Subject CN (Company Name) */ |
Juan Castillo | 212f738 | 2015-12-15 16:37:57 +0000 | [diff] [blame] | 36 | const char *help_msg; /* Help message */ |
Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 37 | |
Juan Castillo | e6d30e9 | 2015-06-12 11:27:59 +0100 | [diff] [blame] | 38 | /* These fields must be defined statically */ |
| 39 | int key; /* Key to be signed */ |
| 40 | int issuer; /* Issuer certificate */ |
| 41 | int ext[CERT_MAX_EXT]; /* Certificate extensions */ |
| 42 | int num_ext; /* Number of extensions in the certificate */ |
Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 43 | |
Juan Castillo | e6d30e9 | 2015-06-12 11:27:59 +0100 | [diff] [blame] | 44 | X509 *x; /* X509 certificate container */ |
Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 45 | }; |
| 46 | |
Juan Castillo | e6d30e9 | 2015-06-12 11:27:59 +0100 | [diff] [blame] | 47 | /* Exported API */ |
Juan Castillo | 1218dd5 | 2015-07-03 16:23:16 +0100 | [diff] [blame] | 48 | int cert_init(void); |
| 49 | cert_t *cert_get_by_opt(const char *opt); |
Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 50 | int cert_add_ext(X509 *issuer, X509 *subject, int nid, char *value); |
Qixiang Xu | 76a5a9b | 2017-11-09 13:51:58 +0800 | [diff] [blame] | 51 | int cert_new( |
Qixiang Xu | 76a5a9b | 2017-11-09 13:51:58 +0800 | [diff] [blame] | 52 | int md_alg, |
| 53 | cert_t *cert, |
| 54 | int days, |
| 55 | int ca, |
| 56 | STACK_OF(X509_EXTENSION) * sk); |
Juan Castillo | 11abdcd | 2014-10-21 11:30:42 +0100 | [diff] [blame] | 57 | |
Juan Castillo | e6d30e9 | 2015-06-12 11:27:59 +0100 | [diff] [blame] | 58 | /* Macro to register the certificates used in the CoT */ |
| 59 | #define REGISTER_COT(_certs) \ |
| 60 | cert_t *certs = &_certs[0]; \ |
Sandrine Bailleux | df8de2d | 2016-01-04 15:49:23 +0000 | [diff] [blame] | 61 | const unsigned int num_certs = sizeof(_certs)/sizeof(_certs[0]) |
Juan Castillo | e6d30e9 | 2015-06-12 11:27:59 +0100 | [diff] [blame] | 62 | |
| 63 | /* Exported variables */ |
| 64 | extern cert_t *certs; |
| 65 | extern const unsigned int num_certs; |
| 66 | |
Antonio Nino Diaz | 5eb8837 | 2018-11-08 10:20:19 +0000 | [diff] [blame] | 67 | #endif /* CERT_H */ |