1 /* 2 * Copyright (c) 2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef CF_X509_CERTIFICATE_H 17 #define CF_X509_CERTIFICATE_H 18 19 #include "certificate.h" 20 #include "cf_blob.h" 21 #include "cf_result.h" 22 23 typedef struct HcfX509Certificate HcfX509Certificate; 24 25 struct HcfX509Certificate { 26 /** HcfCX509Certificate inherit HcfCertificate. */ 27 HcfCertificate base; 28 29 /** Check whether the certificate is valid at the given time. 30 * time format: YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ 31 */ 32 CfResult (*checkValidityWithDate)(HcfX509Certificate *self, const char *date); 33 34 /** Get version number from certificate. */ 35 long (*getVersion)(HcfX509Certificate *self); 36 37 /** Get serial number from certificate. */ 38 CfResult (*getSerialNumber)(HcfX509Certificate *self, CfBlob *out); 39 40 /** Get issuer distinguished name from certificate. */ 41 CfResult (*getIssuerName)(HcfX509Certificate *self, CfBlob *out); 42 43 /** Get subject distinguished name from certificate. */ 44 CfResult (*getSubjectName)(HcfX509Certificate *self, CfBlob *out); 45 46 /** Get the not before time within the validity period of the certificate. 47 * time format: YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ 48 */ 49 CfResult (*getNotBeforeTime)(HcfX509Certificate *self, CfBlob *outDate); 50 51 /** Get the not after time within the validity period of the certificate. 52 * time format: YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ 53 */ 54 CfResult (*getNotAfterTime)(HcfX509Certificate *self, CfBlob *outDate); 55 56 /** Get signature value from certificate. */ 57 CfResult (*getSignature)(HcfX509Certificate *self, CfBlob *sigOut); 58 59 /** Get signature algorithm name from certificate. */ 60 CfResult (*getSignatureAlgName)(HcfX509Certificate *self, CfBlob *outName); 61 62 /** Get signature algorithm oid from certificate. */ 63 CfResult (*getSignatureAlgOid)(HcfX509Certificate *self, CfBlob *out); 64 65 /** Get the DER encoded signature algorithm parameters from the signature algorithm of the certificate. */ 66 CfResult (*getSignatureAlgParams)(HcfX509Certificate *self, CfBlob *sigAlgParamsOut); 67 68 /** Get a Boolean array representing the bits of keyuse extension. 69 * The key usage extension defines the purpose of the key. */ 70 CfResult (*getKeyUsage)(HcfX509Certificate *self, CfBlob *boolArr); 71 72 /** Get a const string list that represents the object identifier of the extkeyusage. */ 73 CfResult (*getExtKeyUsage)(HcfX509Certificate *self, CfArray *keyUsageOut); 74 75 /** Get the path length of the certificate constraint from the key extensions(BasicConstraints). 76 * The BasicConstraints identify whether the issuer of the certificate is CA and the depth of the cert chain. 77 * Only when CA is set to true, pathLenConstraint is meaningful. 78 */ 79 int32_t (*getBasicConstraints)(HcfX509Certificate *self); 80 81 /** Get subject alternative name from certificate. */ 82 CfResult (*getSubjectAltNames)(HcfX509Certificate *self, CfArray *outName); 83 84 /** Get issuer alternative name from certificate. */ 85 CfResult (*getIssuerAltNames)(HcfX509Certificate *self, CfArray *outName); 86 }; 87 88 #ifdef __cplusplus 89 extern "C" { 90 #endif 91 92 CfResult HcfX509CertificateCreate(const CfEncodingBlob *inStream, HcfX509Certificate **returnObj); 93 94 #ifdef __cplusplus 95 } 96 #endif 97 98 #endif // CF_X509_CERTIFICATE_H 99 100