keystore/jni/cert.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73

/*
**
** Copyright 2009, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
**     http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/

#ifndef __CERT_H__
#define __CERT_H__

#define ANDROID_KEYSTORE "Android Keystore"
#define KEYGEN_STORE_SIZE     5
#define KEYLENGTH_MEDIUM      1024
#define KEYLENGTH_MAXIMUM     2048
#define MAX_CERT_NAME_LEN     128
#define MAX_PEM_LENGTH        4096
#define REPLY_MAX             MAX_PEM_LENGTH


#define STR(token) #token
#define ERR_INVALID_KEY_LENGTH  1
#define ERR_CONSTRUCT_NEW_DATA  2
#define ERR_RSA_KEYGEN          3
#define ERR_X509_PROCESS        4
#define ERR_SPKAC_TOO_LONG      5
#define ERR_INVALID_ARGS        6
#define ERR_MAXIMUM             7

typedef struct {
    EVP_PKEY *pkey;
    unsigned char *public_key;
    int key_len;
} PKEY_STORE;

typedef struct {
    PKCS12  *p12;
    EVP_PKEY *pkey;
    X509 *cert;
    STACK_OF(X509) *certs;
} PKCS12_KEYSTORE;

#define PKEY_STORE_free(x) { \
    if(x.pkey) EVP_PKEY_free(x.pkey); \
    if(x.public_key) free(x.public_key); \
}

#define nelem(x) (sizeof (x) / sizeof *(x))

int gen_csr(int bits, const char *organizations, char reply[REPLY_MAX]);
PKCS12_KEYSTORE *get_pkcs12_keystore_handle(const char *buf, int bufLen,
                                            const char *passwd);
int get_pkcs12_certificate(PKCS12_KEYSTORE *p12store, char *buf, int size);
int get_pkcs12_private_key(PKCS12_KEYSTORE *p12store, char *buf, int size);
int pop_pkcs12_certs_stack(PKCS12_KEYSTORE *p12store, char *buf, int size);
void free_pkcs12_keystore(PKCS12_KEYSTORE *p12store);
int is_pkcs12(const char *buf, int bufLen);
X509 *parse_cert(const char *buf, int bufLen);
int get_cert_name(X509 *cert, char *buf, int size);
int get_issuer_name(X509 *cert, char *buf, int size);
int is_ca_cert(X509 *cert);
int get_private_key_pem(X509 *cert, char *buf, int size);

#endif