FreeRDP
core/certificate.c File Reference
#include <errno.h>
#include <stdio.h>
#include <string.h>
#include <winpr/wtypes.h>
#include <winpr/crt.h>
#include <winpr/crypto.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include "certificate.h"
#include "../crypto/opensslcompat.h"

Macros

#define TAG   "com.freerdp.core"
 

Functions

static BOOL certificate_read_x509_certificate (rdpCertBlob *cert, rdpCertInfo *info)
 
static rdpX509CertChain * certificate_new_x509_certificate_chain (UINT32 count)
 
static void certificate_free_x509_certificate_chain (rdpX509CertChain *x509_cert_chain)
 
static BOOL certificate_process_server_public_key (rdpCertificate *certificate, wStream *s, UINT32 length)
 
static BOOL certificate_process_server_public_signature (rdpCertificate *certificate, const BYTE *sigdata, size_t sigdatalen, wStream *s, UINT32 siglen)
 
static BOOL certificate_read_server_proprietary_certificate (rdpCertificate *certificate, wStream *s)
 
static BOOL certificate_read_server_x509_certificate_chain (rdpCertificate *certificate, wStream *s)
 
BOOL certificate_read_server_certificate (rdpCertificate *certificate, BYTE *server_cert, size_t length)
 
rdpRsaKey * key_new_from_content (const char *keycontent, const char *keyfile)
 
rdpRsaKey * key_new (const char *keyfile)
 
void key_free (rdpRsaKey *key)
 
rdpCertificate * certificate_clone (rdpCertificate *certificate)
 
rdpCertificate * certificate_new (void)
 
void certificate_free (rdpCertificate *certificate)
 

Variables

static const char * certificate_read_errors []
 

Macro Definition Documentation

#define TAG   "com.freerdp.core"

FreeRDP: A Remote Desktop Protocol Implementation Certificate Handling

Copyright 2011 Jiten Pathy Copyright 2011 Marc-Andre Moreau marca.nosp@m.ndre.nosp@m..more.nosp@m.au@g.nosp@m.mail..nosp@m.com Copyright 2015 Thincast Technologies GmbH Copyright 2015 DI (FH) Martin Haimberger marti.nosp@m.n.ha.nosp@m.imber.nosp@m.ger@.nosp@m.thinc.nosp@m.ast..nosp@m.com

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Function Documentation

rdpCertificate* certificate_clone ( rdpCertificate *  certificate)

Here is the caller graph for this function:

void certificate_free ( rdpCertificate *  certificate)

Free certificate module.

Parameters
certificatecertificate module to be freed

Here is the call graph for this function:

Here is the caller graph for this function:

static void certificate_free_x509_certificate_chain ( rdpX509CertChain *  x509_cert_chain)
static

Free X.509 Certificate Chain.

Parameters
x509_cert_chainX.509 certificate chain to be freed

Here is the caller graph for this function:

rdpCertificate* certificate_new ( void  )

Instantiate new certificate module.

Parameters
rdpRDP module
Returns
new certificate module

Here is the caller graph for this function:

static rdpX509CertChain* certificate_new_x509_certificate_chain ( UINT32  count)
static

Instantiate new X.509 Certificate Chain.

Parameters
countcertificate chain count
Returns
new X.509 certificate chain

Here is the caller graph for this function:

static BOOL certificate_process_server_public_key ( rdpCertificate *  certificate,
wStream *  s,
UINT32  length 
)
static

Here is the call graph for this function:

Here is the caller graph for this function:

static BOOL certificate_process_server_public_signature ( rdpCertificate *  certificate,
const BYTE sigdata,
size_t  sigdatalen,
wStream *  s,
UINT32  siglen 
)
static

Here is the call graph for this function:

Here is the caller graph for this function:

BOOL certificate_read_server_certificate ( rdpCertificate *  certificate,
BYTE server_cert,
size_t  length 
)

Read a Server Certificate.

Parameters
certificatecertificate module
server_certserver certificate
lengthcertificate length

Here is the call graph for this function:

Here is the caller graph for this function:

static BOOL certificate_read_server_proprietary_certificate ( rdpCertificate *  certificate,
wStream *  s 
)
static

Read a Server Proprietary Certificate.

Parameters
certificatecertificate module
sstream

Here is the call graph for this function:

Here is the caller graph for this function:

static BOOL certificate_read_server_x509_certificate_chain ( rdpCertificate *  certificate,
wStream *  s 
)
static

Read an X.509 Certificate Chain.

Parameters
certificatecertificate module
sstream

Here is the call graph for this function:

Here is the caller graph for this function:

static BOOL certificate_read_x509_certificate ( rdpCertBlob *  cert,
rdpCertInfo *  info 
)
static

Read X.509 Certificate

Parameters
certificatecertificate module
certX.509 certificate

Here is the call graph for this function:

Here is the caller graph for this function:

void key_free ( rdpRsaKey *  key)

Here is the caller graph for this function:

rdpRsaKey* key_new ( const char *  keyfile)

Here is the call graph for this function:

Here is the caller graph for this function:

rdpRsaKey* key_new_from_content ( const char *  keycontent,
const char *  keyfile 
)

Here is the call graph for this function:

Here is the caller graph for this function:

Variable Documentation

const char* certificate_read_errors[]
static
Initial value:
=
{
"Certificate tag",
"TBSCertificate",
"Explicit Contextual Tag [0]",
"version",
"CertificateSerialNumber",
"AlgorithmIdentifier",
"Issuer Name",
"Validity",
"Subject Name",
"SubjectPublicKeyInfo Tag",
"subjectPublicKeyInfo::AlgorithmIdentifier",
"subjectPublicKeyInfo::subjectPublicKey",
"RSAPublicKey Tag",
"modulusLength",
"zero padding",
"modulusLength",
"modulus",
"publicExponent length",
"publicExponent"
}

X.509 Certificate Structure

Certificate ::= SEQUENCE { tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier, signatureValue BIT_STRING }

TBSCertificate ::= SEQUENCE { version [0] EXPLICIT Version DEFAULT v1, serialNumber CertificateSerialNumber, signature AlgorithmIdentifier, issuer Name, validity Validity, subject Name, subjectPublicKeyInfo SubjectPublicKeyInfo, issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, subjectUniqueId [2] IMPLICIT UniqueIdentifier OPTIONAL, extensions [3] EXPLICIT Extensions OPTIONAL }

Version ::= INTEGER { v1(0), v2(1), v3(2) }

CertificateSerialNumber ::= INTEGER

AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT_IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL }

Name ::= CHOICE { RDNSequence }

RDNSequence ::= SEQUENCE OF RelativeDistinguishedName

RelativeDistinguishedName ::= SET OF AttributeTypeAndValue

AttributeTypeAndValue ::= SEQUENCE { type AttributeType, value AttributeValue }

AttributeType ::= OBJECT_IDENTIFIER

AttributeValue ::= ANY DEFINED BY AttributeType

Validity ::= SEQUENCE { notBefore Time, notAfter Time }

Time ::= CHOICE { utcTime UTCTime, generalTime GeneralizedTime }

UniqueIdentifier ::= BIT_STRING

SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BIT_STRING }

RSAPublicKey ::= SEQUENCE { modulus INTEGER publicExponent INTEGER }

Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension

Extension ::= SEQUENCE { extnID OBJECT_IDENTIFIER critical BOOLEAN DEFAULT FALSE, extnValue OCTET_STRING }