1 /* 2 * Copyright (C) 2022 Huawei Technologies Co., Ltd. 3 * Licensed under the Mulan PSL v2. 4 * You can use this software according to the terms and conditions of the Mulan PSL v2. 5 * You may obtain a copy of Mulan PSL v2 at: 6 * http://license.coscl.org.cn/MulanPSL2 7 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR 8 * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR 9 * PURPOSE. 10 * See the Mulan PSL v2 for more details. 11 */ 12 #ifndef __CRYPTO_X509_WRAPPER_H__ 13 #define __CRYPTO_X509_WRAPPER_H__ 14 15 #include <stdint.h> 16 #include <tee_defines.h> 17 18 #define VALIDITY_TIME_SIZE 13 19 typedef struct { 20 uint8_t start[VALIDITY_TIME_SIZE]; 21 uint8_t end[VALIDITY_TIME_SIZE]; 22 } validity_period_t; 23 24 /* 25 * Check the certificate revocation list. 26 * 27 * @param cert [IN] The crl buffer 28 * @param cert_len [IN] The length of crl buffer 29 * @param parent_key [IN] The public key to verify the crl 30 * @param parent_key_len [IN] The length of public key 31 * 32 * @return 1: Check the crl success 33 * @return others: Check the crl failed 34 */ 35 int32_t x509_crl_validate(uint8_t *cert, uint32_t cert_len, uint8_t *parent_key, uint32_t parent_key_len); 36 37 /* 38 * Check the x509 certificate. 39 * 40 * @param cert [IN] The certificate buffer 41 * @param cert_len [IN] The length of certificate buffer 42 * @param parent_key [IN] The public key to verify the crl 43 * @param parent_key_len [IN] The length of public key 44 * 45 * @return 1: Check the cert success 46 * @return others: Check the cert failed 47 */ 48 int32_t x509_cert_validate(uint8_t *cert, uint32_t cert_len, uint8_t *parent_key, uint32_t parent_key_len); 49 50 /* 51 * Get public key from certificate. 52 * 53 * @param pub [OUT] The public key struct 54 * @param in [IN] The certificate buffer 55 * @param inlen [IN] The length of certificate buffer 56 * 57 * @return 0: Get public key success 58 * @return -1: Get public key failed 59 */ 60 int32_t import_pub_from_sp(void *pub, const uint8_t *in, uint32_t inlen); 61 62 /* 63 * Get public key from certificate. 64 * 65 * @param pub [OUT] The public key buffer 66 * @param cert [IN] The certificate buffer 67 * @param cert_len [IN] The length of certificate buffer 68 * 69 * @return -1: Get public key failed 70 * @return others: The length of public key buffer 71 */ 72 int32_t get_subject_public_key(uint8_t *pub, const uint8_t *cert, uint32_t cert_len); 73 74 /* 75 * Get public key from certificate. 76 * 77 * @param pub [OUT] The public key buffer 78 * @param pub_size [IN/OUT] The length of public key buffer 79 * @param cert [IN] The certificate buffer 80 * @param cert_len [IN] The length of certificate buffer 81 * 82 * @return -1: Get public key failed 83 * @return others: The length of public key buffer 84 */ 85 int32_t get_subject_public_key_new(uint8_t *pub, uint32_t pub_size, const uint8_t *cert, uint32_t cert_len); 86 87 /* 88 * Get valid date from certificate. 89 * 90 * @param vd [OUT] The valid data structure 91 * @param cert [IN] The certificate buffer 92 * @param cert_len [IN] The length of certificate buffer 93 * 94 * @return 0: Get valid date success 95 * @return -1: Get valid data failed 96 */ 97 int32_t get_validity_from_cert(validity_period_t *vd, uint8_t *cert, uint32_t cert_len); 98 99 /* 100 * Get common name from certificate. 101 * 102 * @param name [OUT] The common name buffer 103 * @param name_size [IN/OUT] The length of common name buffer 104 * @param cert [IN] The certificate buffer 105 * @param cert_len [IN] The length of certificate buffer 106 * 107 * @return -1: Get common name failed 108 * @return others: Get common name success 109 */ 110 int32_t get_subject_x509_cn(uint8_t *name, uint32_t name_size, const uint8_t *cert, uint32_t cert_len); 111 112 /* 113 * Get organization name from certificate. 114 * 115 * @param name [OUT] The organization name buffer 116 * @param name_size [IN/OUT] The length of organization name buffer 117 * @param cert [IN] The certificate buffer 118 * @param cert_len [IN] The length of certificate buffer 119 * 120 * @return -1: Get organization name failed 121 * @return others: Get organization name success 122 */ 123 int32_t get_subject_x509_ou(uint8_t *name, uint32_t name_size, const uint8_t *cert, uint32_t cert_len); 124 125 /* 126 * Get serial number from certificate. 127 * 128 * @param serial_number [OUT] The serial number buffer 129 * @param serial_number_size [IN/OUT] The length of serial number buffer 130 * @param cert [IN] The certificate buffer 131 * @param cert_len [IN] The length of certificate buffer 132 * 133 * @return -1: Get serial number failed 134 * @return others: Get serial number success 135 */ 136 int32_t get_serial_number_from_cert(uint8_t *serial_number, uint32_t serial_number_size, 137 uint8_t *cert, uint32_t cert_len); 138 139 /* 140 * Get issuer from certificate. 141 * 142 * @param issuer [OUT] The issuer buffer 143 * @param issuer_size [IN/OUT] The length of issuer buffer 144 * @param cert [IN] The certificate buffer 145 * @param cert_len [IN] The length of certificate buffer 146 * 147 * @return -1: Get serial number failed 148 * @return others: Get serial number success 149 */ 150 int32_t get_issuer_from_cert(uint8_t *issuer, uint32_t issuer_size, uint8_t *crl, uint32_t crl_len); 151 #endif 152