FreeRDP
|
#include <errno.h>
#include <stdio.h>
#include <string.h>
#include <winpr/wtypes.h>
#include <winpr/crt.h>
#include <winpr/crypto.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include "certificate.h"
#include "../crypto/opensslcompat.h"
Macros | |
#define | TAG "com.freerdp.core" |
Functions | |
static BOOL | certificate_read_x509_certificate (rdpCertBlob *cert, rdpCertInfo *info) |
static rdpX509CertChain * | certificate_new_x509_certificate_chain (UINT32 count) |
static void | certificate_free_x509_certificate_chain (rdpX509CertChain *x509_cert_chain) |
static BOOL | certificate_process_server_public_key (rdpCertificate *certificate, wStream *s, UINT32 length) |
static BOOL | certificate_process_server_public_signature (rdpCertificate *certificate, const BYTE *sigdata, size_t sigdatalen, wStream *s, UINT32 siglen) |
static BOOL | certificate_read_server_proprietary_certificate (rdpCertificate *certificate, wStream *s) |
static BOOL | certificate_read_server_x509_certificate_chain (rdpCertificate *certificate, wStream *s) |
BOOL | certificate_read_server_certificate (rdpCertificate *certificate, BYTE *server_cert, size_t length) |
rdpRsaKey * | key_new_from_content (const char *keycontent, const char *keyfile) |
rdpRsaKey * | key_new (const char *keyfile) |
void | key_free (rdpRsaKey *key) |
rdpCertificate * | certificate_clone (rdpCertificate *certificate) |
rdpCertificate * | certificate_new (void) |
void | certificate_free (rdpCertificate *certificate) |
Variables | |
static const char * | certificate_read_errors [] |
#define TAG "com.freerdp.core" |
FreeRDP: A Remote Desktop Protocol Implementation Certificate Handling
Copyright 2011 Jiten Pathy Copyright 2011 Marc-Andre Moreau marca Copyright 2015 Thincast Technologies GmbH Copyright 2015 DI (FH) Martin Haimberger ndre .more au@g mail. commarti n.ha imber ger@ thinc ast. com
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
rdpCertificate* certificate_clone | ( | rdpCertificate * | certificate | ) |
void certificate_free | ( | rdpCertificate * | certificate | ) |
Free certificate module.
certificate | certificate module to be freed |
|
static |
Free X.509 Certificate Chain.
x509_cert_chain | X.509 certificate chain to be freed |
rdpCertificate* certificate_new | ( | void | ) |
Instantiate new certificate module.
rdp | RDP module |
|
static |
Instantiate new X.509 Certificate Chain.
count | certificate chain count |
|
static |
|
static |
BOOL certificate_read_server_certificate | ( | rdpCertificate * | certificate, |
BYTE * | server_cert, | ||
size_t | length | ||
) |
Read a Server Certificate.
certificate | certificate module |
server_cert | server certificate |
length | certificate length |
|
static |
Read a Server Proprietary Certificate.
certificate | certificate module |
s | stream |
|
static |
Read an X.509 Certificate Chain.
certificate | certificate module |
s | stream |
|
static |
Read X.509 Certificate
certificate | certificate module |
cert | X.509 certificate |
void key_free | ( | rdpRsaKey * | key | ) |
rdpRsaKey* key_new | ( | const char * | keyfile | ) |
rdpRsaKey* key_new_from_content | ( | const char * | keycontent, |
const char * | keyfile | ||
) |
|
static |
X.509 Certificate Structure
Certificate ::= SEQUENCE { tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier, signatureValue BIT_STRING }
TBSCertificate ::= SEQUENCE { version [0] EXPLICIT Version DEFAULT v1, serialNumber CertificateSerialNumber, signature AlgorithmIdentifier, issuer Name, validity Validity, subject Name, subjectPublicKeyInfo SubjectPublicKeyInfo, issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, subjectUniqueId [2] IMPLICIT UniqueIdentifier OPTIONAL, extensions [3] EXPLICIT Extensions OPTIONAL }
Version ::= INTEGER { v1(0), v2(1), v3(2) }
CertificateSerialNumber ::= INTEGER
AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT_IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL }
Name ::= CHOICE { RDNSequence }
RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
RelativeDistinguishedName ::= SET OF AttributeTypeAndValue
AttributeTypeAndValue ::= SEQUENCE { type AttributeType, value AttributeValue }
AttributeType ::= OBJECT_IDENTIFIER
AttributeValue ::= ANY DEFINED BY AttributeType
Validity ::= SEQUENCE { notBefore Time, notAfter Time }
Time ::= CHOICE { utcTime UTCTime, generalTime GeneralizedTime }
UniqueIdentifier ::= BIT_STRING
SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BIT_STRING }
RSAPublicKey ::= SEQUENCE { modulus INTEGER publicExponent INTEGER }
Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
Extension ::= SEQUENCE { extnID OBJECT_IDENTIFIER critical BOOLEAN DEFAULT FALSE, extnValue OCTET_STRING }