libfreerdp-core/certificate.h

   1 /**
   2  * FreeRDP: A Remote Desktop Protocol Client
   3  * Certificate Handling
   4  *
   5  * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
   6  *
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *     http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  */
  19
  20 #ifndef __CERTIFICATE_H
  21 #define __CERTIFICATE_H
  22
  23 typedef struct rdp_certificate_data rdpCertificateData;
  24 typedef struct rdp_certificate_store rdpCertificateStore;
  25
  26 #include "rdp.h"
  27 #include "ber.h"
  28 #include "crypto.h"
  29
  30 #include <freerdp/settings.h>
  31 #include <freerdp/utils/blob.h>
  32 #include <freerdp/utils/stream.h>
  33 #include <freerdp/utils/hexdump.h>
  34
  35 /* Certificate Version */
  36 #define CERT_CHAIN_VERSION_1            0x00000001
  37 #define CERT_CHAIN_VERSION_2            0x00000002
  38 #define CERT_CHAIN_VERSION_MASK         0x7FFFFFFF
  39 #define CERT_PERMANENTLY_ISSUED         0x00000000
  40 #define CERT_TEMPORARILY_ISSUED         0x80000000
  41
  42 #define SIGNATURE_ALG_RSA               0x00000001
  43 #define KEY_EXCHANGE_ALG_RSA            0x00000001
  44
  45 #define BB_RSA_KEY_BLOB                 6
  46 #define BB_RSA_SIGNATURE_BLOB           8
  47
  48 struct rdp_key
  49 {
  50         rdpBlob modulus;
  51         rdpBlob private_exponent;
  52         uint8 exponent[4];
  53 };
  54
  55 struct rdp_certificate_data
  56 {
  57         char* hostname;
  58         char* fingerprint;
  59 };
  60
  61 struct rdp_certificate_store
  62 {
  63         FILE* fp;
  64         char* path;
  65         char* file;
  66         rdpSettings* settings;
  67         rdpCertificateData* certificate_data;
  68 };
  69
  70 rdpCertificateData* certificate_data_new(char* hostname, char* fingerprint);
  71 void certificate_data_free(rdpCertificateData* certificate_data);
  72 rdpCertificateStore* certificate_store_new(rdpSettings* settings);
  73 void certificate_store_free(rdpCertificateStore* certificate_store);
  74 int certificate_data_match(rdpCertificateStore* certificate_store, rdpCertificateData* certificate_data);
  75 void certificate_data_print(rdpCertificateStore* certificate_store, rdpCertificateData* certificate_data);
  76
  77 void certificate_read_x509_certificate(rdpCertBlob* cert, rdpCertInfo* info);
  78
  79 rdpX509CertChain* certificate_new_x509_certificate_chain(uint32 count);
  80 void certificate_free_x509_certificate_chain(rdpX509CertChain* x509_cert_chain);
  81
  82 boolean certificate_read_server_proprietary_certificate(rdpCertificate* certificate, STREAM* s);
  83 boolean certificate_read_server_x509_certificate_chain(rdpCertificate* certificate, STREAM* s);
  84 boolean certificate_read_server_certificate(rdpCertificate* certificate, uint8* server_cert, int length);
  85
  86 rdpCertificate* certificate_new();
  87 void certificate_free(rdpCertificate* certificate);
  88
  89 rdpKey* key_new(const char *keyfile);
  90 void key_free(rdpKey* key);
  91
  92 #ifdef WITH_DEBUG_CERTIFICATE
  93 #define DEBUG_CERTIFICATE(fmt, ...) DEBUG_CLASS(CERTIFICATE, fmt, ## __VA_ARGS__)
  94 #else
  95 #define DEBUG_CERTIFICATE(fmt, ...) DEBUG_NULL(fmt, ## __VA_ARGS__)
  96 #endif
  97
  98 #endif /* __CERTIFICATE_H */