Add the Labs projects provided in the V10.2.1_191129 zip file.

[freertos] / FreeRTOS-Labs / Source / mbedtls / include / mbedtls / x509_crl.h

/**\r
 * \file x509_crl.h\r
 *\r
 * \brief X.509 certificate revocation list parsing\r
 */\r
/*\r
 *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved\r
 *  SPDX-License-Identifier: Apache-2.0\r
 *\r
 *  Licensed under the Apache License, Version 2.0 (the "License"); you may\r
 *  not use this file except in compliance with the License.\r
 *  You may obtain a copy of the License at\r
 *\r
 *  http://www.apache.org/licenses/LICENSE-2.0\r
 *\r
 *  Unless required by applicable law or agreed to in writing, software\r
 *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT\r
 *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
 *  See the License for the specific language governing permissions and\r
 *  limitations under the License.\r
 *\r
 *  This file is part of mbed TLS (https://tls.mbed.org)\r
 */\r
#ifndef MBEDTLS_X509_CRL_H\r
#define MBEDTLS_X509_CRL_H\r
\r
#if !defined(MBEDTLS_CONFIG_FILE)\r
#include "config.h"\r
#else\r
#include MBEDTLS_CONFIG_FILE\r
#endif\r
\r
#include "x509.h"\r
\r
#ifdef __cplusplus\r
extern "C" {\r
#endif\r
\r
/**\r
 * \addtogroup x509_module\r
 * \{ */\r
\r
/**\r
 * \name Structures and functions for parsing CRLs\r
 * \{\r
 */\r
\r
/**\r
 * Certificate revocation list entry.\r
 * Contains the CA-specific serial numbers and revocation dates.\r
 */\r
typedef struct mbedtls_x509_crl_entry\r
{\r
    mbedtls_x509_buf raw;\r
\r
    mbedtls_x509_buf serial;\r
\r
    mbedtls_x509_time revocation_date;\r
\r
    mbedtls_x509_buf entry_ext;\r
\r
    struct mbedtls_x509_crl_entry *next;\r
}\r
mbedtls_x509_crl_entry;\r
\r
/**\r
 * Certificate revocation list structure.\r
 * Every CRL may have multiple entries.\r
 */\r
typedef struct mbedtls_x509_crl\r
{\r
    mbedtls_x509_buf raw;           /**< The raw certificate data (DER). */\r
    mbedtls_x509_buf tbs;           /**< The raw certificate body (DER). The part that is To Be Signed. */\r
\r
    int version;            /**< CRL version (1=v1, 2=v2) */\r
    mbedtls_x509_buf sig_oid;       /**< CRL signature type identifier */\r
\r
    mbedtls_x509_buf issuer_raw;    /**< The raw issuer data (DER). */\r
\r
    mbedtls_x509_name issuer;       /**< The parsed issuer data (named information object). */\r
\r
    mbedtls_x509_time this_update;\r
    mbedtls_x509_time next_update;\r
\r
    mbedtls_x509_crl_entry entry;   /**< The CRL entries containing the certificate revocation times for this CA. */\r
\r
    mbedtls_x509_buf crl_ext;\r
\r
    mbedtls_x509_buf sig_oid2;\r
    mbedtls_x509_buf sig;\r
    mbedtls_md_type_t sig_md;           /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */\r
    mbedtls_pk_type_t sig_pk;           /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */\r
    void *sig_opts;             /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */\r
\r
    struct mbedtls_x509_crl *next;\r
}\r
mbedtls_x509_crl;\r
\r
/**\r
 * \brief          Parse a DER-encoded CRL and append it to the chained list\r
 *\r
 * \param chain    points to the start of the chain\r
 * \param buf      buffer holding the CRL data in DER format\r
 * \param buflen   size of the buffer\r
 *                 (including the terminating null byte for PEM data)\r
 *\r
 * \return         0 if successful, or a specific X509 or PEM error code\r
 */\r
int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,\r
                        const unsigned char *buf, size_t buflen );\r
/**\r
 * \brief          Parse one or more CRLs and append them to the chained list\r
 *\r
 * \note           Multiple CRLs are accepted only if using PEM format\r
 *\r
 * \param chain    points to the start of the chain\r
 * \param buf      buffer holding the CRL data in PEM or DER format\r
 * \param buflen   size of the buffer\r
 *                 (including the terminating null byte for PEM data)\r
 *\r
 * \return         0 if successful, or a specific X509 or PEM error code\r
 */\r
int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen );\r
\r
#if defined(MBEDTLS_FS_IO)\r
/**\r
 * \brief          Load one or more CRLs and append them to the chained list\r
 *\r
 * \note           Multiple CRLs are accepted only if using PEM format\r
 *\r
 * \param chain    points to the start of the chain\r
 * \param path     filename to read the CRLs from (in PEM or DER encoding)\r
 *\r
 * \return         0 if successful, or a specific X509 or PEM error code\r
 */\r
int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path );\r
#endif /* MBEDTLS_FS_IO */\r
\r
/**\r
 * \brief          Returns an informational string about the CRL.\r
 *\r
 * \param buf      Buffer to write to\r
 * \param size     Maximum size of buffer\r
 * \param prefix   A line prefix\r
 * \param crl      The X509 CRL to represent\r
 *\r
 * \return         The length of the string written (not including the\r
 *                 terminated nul byte), or a negative error code.\r
 */\r
int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,\r
                   const mbedtls_x509_crl *crl );\r
\r
/**\r
 * \brief          Initialize a CRL (chain)\r
 *\r
 * \param crl      CRL chain to initialize\r
 */\r
void mbedtls_x509_crl_init( mbedtls_x509_crl *crl );\r
\r
/**\r
 * \brief          Unallocate all CRL data\r
 *\r
 * \param crl      CRL chain to free\r
 */\r
void mbedtls_x509_crl_free( mbedtls_x509_crl *crl );\r
\r
/* \} name */\r
/* \} addtogroup x509_module */\r
\r
#ifdef __cplusplus\r
}\r
#endif\r
\r
#endif /* mbedtls_x509_crl.h */\r