#include <errno.h>
#include <stdio.h>
#include <string.h>
#include <winpr/wtypes.h>
#include <winpr/crt.h>
#include <winpr/file.h>
#include <winpr/crypto.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include "certificate.h"
#include "../crypto/opensslcompat.h"

Macros
#define	TAG "com.freerdp.core"

Functions
static BOOL	certificate_read_x509_certificate (rdpCertBlob cert, rdpCertInfo info)

static rdpX509CertChain *	certificate_new_x509_certificate_chain (UINT32 count)

static void	certificate_free_x509_certificate_chain (rdpX509CertChain *x509_cert_chain)

static BOOL	certificate_process_server_public_key (rdpCertificate certificate, wStream s, UINT32 length)

static BOOL	certificate_process_server_public_signature (rdpCertificate certificate, const BYTE sigdata, size_t sigdatalen, wStream *s, UINT32 siglen)

static BOOL	certificate_read_server_proprietary_certificate (rdpCertificate certificate, wStream s)

static BOOL	certificate_read_server_x509_certificate_chain (rdpCertificate certificate, wStream s)

BOOL	certificate_read_server_certificate (rdpCertificate certificate, const BYTE server_cert, size_t length)

rdpRsaKey *	key_new_from_content (const char keycontent, const char keyfile)

rdpRsaKey *	key_new (const char *keyfile)

rdpRsaKey *	key_clone (const rdpRsaKey *key)

void	key_free (rdpRsaKey *key)

rdpCertificate *	certificate_clone (rdpCertificate *certificate)

rdpCertificate *	certificate_new (void)

void	certificate_free (rdpCertificate *certificate)

Variables
static const char *	certificate_read_errors []

Macro Definition Documentation

◆ TAG

#define TAG "com.freerdp.core"

FreeRDP: A Remote Desktop Protocol Implementation Certificate Handling

Copyright 2011 Jiten Pathy Copyright 2011 Marc-Andre Moreau marca.nosp@m.ndre.nosp@m..more.nosp@m.au@g.nosp@m.mail..nosp@m.com Copyright 2015 Thincast Technologies GmbH Copyright 2015 DI (FH) Martin Haimberger marti.nosp@m.n.ha.nosp@m.imber.nosp@m.ger@.nosp@m.thinc.nosp@m.ast..nosp@m.com

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Function Documentation

◆ certificate_clone()

rdpCertificate* certificate_clone ( rdpCertificate * certificate )

Here is the call graph for this function:

Here is the caller graph for this function:

◆ certificate_free()

void certificate_free ( rdpCertificate * certificate )

Free certificate module.

Parameters

certificate certificate module to be freed

Here is the call graph for this function:

Here is the caller graph for this function:

◆ certificate_free_x509_certificate_chain()

static void certificate_free_x509_certificate_chain ( rdpX509CertChain * x509_cert_chain )

static

Free X.509 Certificate Chain.

Parameters

x509_cert_chain X.509 certificate chain to be freed

Here is the caller graph for this function:

◆ certificate_new()

rdpCertificate* certificate_new ( void )

Instantiate new certificate module.

Parameters

rdp	RDP module

Returns: new certificate module

Here is the caller graph for this function:

◆ certificate_new_x509_certificate_chain()

static rdpX509CertChain* certificate_new_x509_certificate_chain ( UINT32 count )

static

Instantiate new X.509 Certificate Chain.

Parameters

count certificate chain count

Returns: new X.509 certificate chain

Here is the caller graph for this function:

◆ certificate_process_server_public_key()

static BOOL certificate_process_server_public_key	(	rdpCertificate *	certificate,
		wStream *	s,
		UINT32	length
	)

static

Here is the call graph for this function:

Here is the caller graph for this function:

◆ certificate_process_server_public_signature()

static BOOL certificate_process_server_public_signature	(	rdpCertificate *	certificate,
		const BYTE *	sigdata,
		size_t	sigdatalen,
		wStream *	s,
		UINT32	siglen
	)

static

Here is the call graph for this function:

Here is the caller graph for this function:

◆ certificate_read_server_certificate()

BOOL certificate_read_server_certificate	(	rdpCertificate *	certificate,
		const BYTE *	server_cert,
		size_t	length
	)

Read a Server Certificate.

Parameters

certificate	certificate module
server_cert	server certificate
length	certificate length

Here is the call graph for this function:

Here is the caller graph for this function:

◆ certificate_read_server_proprietary_certificate()

static BOOL certificate_read_server_proprietary_certificate	(	rdpCertificate *	certificate,
		wStream *	s
	)

static

Read a Server Proprietary Certificate.

Parameters

certificate	certificate module
s	stream

Here is the call graph for this function:

Here is the caller graph for this function:

◆ certificate_read_server_x509_certificate_chain()

static BOOL certificate_read_server_x509_certificate_chain	(	rdpCertificate *	certificate,
		wStream *	s
	)

static

Read an X.509 Certificate Chain.

Parameters

certificate	certificate module
s	stream

Here is the call graph for this function:

Here is the caller graph for this function:

◆ certificate_read_x509_certificate()

static BOOL certificate_read_x509_certificate	(	rdpCertBlob *	cert,
		rdpCertInfo *	info
	)

static

Read X.509 Certificate

Parameters

certificate	certificate module
cert	X.509 certificate

Here is the call graph for this function:

Here is the caller graph for this function:

◆ key_clone()

rdpRsaKey* key_clone ( const rdpRsaKey * key )

Here is the call graph for this function:

Here is the caller graph for this function:

◆ key_free()

void key_free ( rdpRsaKey * key )

Here is the caller graph for this function:

◆ key_new()

rdpRsaKey* key_new ( const char * keyfile )

Here is the call graph for this function:

Here is the caller graph for this function:

◆ key_new_from_content()

rdpRsaKey* key_new_from_content	(	const char *	keycontent,
		const char *	keyfile
	)

Here is the call graph for this function:

Here is the caller graph for this function:

Variable Documentation

◆ certificate_read_errors

const char* certificate_read_errors[]

static

Initial value:

= { "Certificate tag",
                                                     "TBSCertificate",
                                                     "Explicit Contextual Tag [0]",
                                                     "version",
                                                     "CertificateSerialNumber",
                                                     "AlgorithmIdentifier",
                                                     "Issuer Name",
                                                     "Validity",
                                                     "Subject Name",
                                                     "SubjectPublicKeyInfo Tag",
                                                     "subjectPublicKeyInfo::AlgorithmIdentifier",
                                                     "subjectPublicKeyInfo::subjectPublicKey",
                                                     "RSAPublicKey Tag",
                                                     "modulusLength",
                                                     "zero padding",
                                                     "modulusLength",
                                                     "modulus",
                                                     "publicExponent length",
                                                     "publicExponent" }

X.509 Certificate Structure

Certificate ::= SEQUENCE { tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier, signatureValue BIT_STRING }

TBSCertificate ::= SEQUENCE { version [0] EXPLICIT Version DEFAULT v1, serialNumber CertificateSerialNumber, signature AlgorithmIdentifier, issuer Name, validity Validity, subject Name, subjectPublicKeyInfo SubjectPublicKeyInfo, issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, subjectUniqueId [2] IMPLICIT UniqueIdentifier OPTIONAL, extensions [3] EXPLICIT Extensions OPTIONAL }

Version ::= INTEGER { v1(0), v2(1), v3(2) }

CertificateSerialNumber ::= INTEGER

AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT_IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL }

Name ::= CHOICE { RDNSequence }

RDNSequence ::= SEQUENCE OF RelativeDistinguishedName

RelativeDistinguishedName ::= SET OF AttributeTypeAndValue

AttributeTypeAndValue ::= SEQUENCE { type AttributeType, value AttributeValue }

AttributeType ::= OBJECT_IDENTIFIER

AttributeValue ::= ANY DEFINED BY AttributeType

Validity ::= SEQUENCE { notBefore Time, notAfter Time }

Time ::= CHOICE { utcTime UTCTime, generalTime GeneralizedTime }

UniqueIdentifier ::= BIT_STRING

SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BIT_STRING }

RSAPublicKey ::= SEQUENCE { modulus INTEGER publicExponent INTEGER }

Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension

Extension ::= SEQUENCE { extnID OBJECT_IDENTIFIER critical BOOLEAN DEFAULT FALSE, extnValue OCTET_STRING }

Macros

Functions

Variables

Macro Definition Documentation

◆ TAG

Function Documentation

◆ certificate_clone()

◆ certificate_free()

◆ certificate_free_x509_certificate_chain()

◆ certificate_new()

◆ certificate_new_x509_certificate_chain()

◆ certificate_process_server_public_key()

◆ certificate_process_server_public_signature()

◆ certificate_read_server_certificate()

◆ certificate_read_server_proprietary_certificate()

◆ certificate_read_server_x509_certificate_chain()

◆ certificate_read_x509_certificate()

◆ key_clone()

◆ key_free()

◆ key_new()

◆ key_new_from_content()

Variable Documentation

◆ certificate_read_errors