VirtualBox

source: vbox/trunk/include/iprt/crypto/pem.h@ 88383

Last change on this file since 88383 was 84509, checked in by vboxsync, 5 years ago

iprt/cdefs.h,*: Introducing RT_FLEXIBLE_ARRAY_EXTENSION as a g++ hack that allows us to use RT_FLEXIBLE_ARRAY without the compiler going all pendantic on us. Only tested with 10.1.0. bugref:9746

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 11.4 KB
Line 
1/** @file
2 * IPRT - Crypto - PEM-file Reader & Writer.
3 */
4
5/*
6 * Copyright (C) 2006-2020 Oracle Corporation
7 *
8 * This file is part of VirtualBox Open Source Edition (OSE), as
9 * available from http://www.virtualbox.org. This file is free software;
10 * you can redistribute it and/or modify it under the terms of the GNU
11 * General Public License (GPL) as published by the Free Software
12 * Foundation, in version 2 as it comes in the "COPYING" file of the
13 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
14 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
15 *
16 * The contents of this file may alternatively be used under the terms
17 * of the Common Development and Distribution License Version 1.0
18 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
19 * VirtualBox OSE distribution, in which case the provisions of the
20 * CDDL are applicable instead of those of the GPL.
21 *
22 * You may elect to license modified versions of this file under the
23 * terms and conditions of either the GPL or the CDDL or both.
24 */
25
26#ifndef IPRT_INCLUDED_crypto_pem_h
27#define IPRT_INCLUDED_crypto_pem_h
28#ifndef RT_WITHOUT_PRAGMA_ONCE
29# pragma once
30#endif
31
32#include <iprt/types.h>
33#include <iprt/asn1.h> /* PRTASN1CORE */
34#include <iprt/string.h> /* PFNRTSTROUTPUT */
35
36
37RT_C_DECLS_BEGIN
38
39/** @defgroup grp_rt_spc RTCrPem - PEM-file Reader & Writer
40 * @ingroup grp_rt_crypto
41 * @{
42 */
43
44
45/**
46 * One PEM marker word (use RT_STR_TUPLE to initialize).
47 */
48typedef struct RTCRPEMMARKERWORD
49{
50 /** The word string. */
51 const char *pszWord;
52 /** The length. */
53 uint32_t cchWord;
54} RTCRPEMMARKERWORD;
55/** Pointer to a const marker word. */
56typedef RTCRPEMMARKERWORD const *PCRTCRPEMMARKERWORD;
57
58
59/**
60 * A PEM marker.
61 *
62 * This is an array of words with lengths, optimized for avoid unnecessary
63 * strlen() while searching the file content. It is ASSUMED that all PEM
64 * section markers starts with either 'BEGIN' or 'END', followed by the words
65 * in the this structure.
66 */
67typedef struct RTCRPEMMARKER
68{
69 /** Pointer to an array of marker words. */
70 PCRTCRPEMMARKERWORD paWords;
71 /** Number of works in the array papszWords points to. */
72 uint32_t cWords;
73} RTCRPEMMARKER;
74/** Pointer to a const PEM marker. */
75typedef RTCRPEMMARKER const *PCRTCRPEMMARKER;
76
77
78/**
79 * A PEM field.
80 */
81typedef struct RTCRPEMFIELD
82{
83 /** Pointer to the next field. */
84 struct RTCRPEMFIELD const *pNext;
85 /** The field value. */
86 char const *pszValue;
87 /** The field value length. */
88 size_t cchValue;
89 /** The field name length. */
90 size_t cchName;
91 /** The field name. */
92 RT_FLEXIBLE_ARRAY_EXTENSION
93 char szName[RT_FLEXIBLE_ARRAY];
94} RTCRPEMFIELD;
95/** Pointer to a PEM field. */
96typedef RTCRPEMFIELD *PRTCRPEMFIELD;
97/** Pointer to a const PEM field. */
98typedef RTCRPEMFIELD const *PCRTCRPEMFIELD;
99
100
101/**
102 * A PEM section.
103 *
104 * The API works on linked lists of these.
105 */
106typedef struct RTCRPEMSECTION
107{
108 /** Pointer to the next file section. */
109 struct RTCRPEMSECTION const *pNext;
110 /** The marker for this section. NULL if binary file. */
111 PCRTCRPEMMARKER pMarker;
112 /** Pointer to the binary data. */
113 uint8_t *pbData;
114 /** The size of the binary data. */
115 size_t cbData;
116 /** List of fields, NULL if none. */
117 PCRTCRPEMFIELD pFieldHead;
118 /** Set if RTCRPEMREADFILE_F_SENSITIVE was specified. */
119 bool fSensitive;
120} RTCRPEMSECTION;
121/** Pointer to a PEM section. */
122typedef RTCRPEMSECTION *PRTCRPEMSECTION;
123/** Pointer to a const PEM section. */
124typedef RTCRPEMSECTION const *PCRTCRPEMSECTION;
125
126
127/**
128 * Frees sections returned by RTCrPemReadFile and RTCrPemParseContent.
129 * @returns IPRT status code.
130 * @param pSectionHead The first section.
131 */
132RTDECL(int) RTCrPemFreeSections(PCRTCRPEMSECTION pSectionHead);
133
134/**
135 * Parses the given data and returns a list of binary sections.
136 *
137 * If the file isn't an ASCII file or if no markers were found, the entire file
138 * content is returned as one single section (with pMarker = NULL).
139 *
140 * @returns IPRT status code.
141 * @retval VINF_EOF if the file is empty. The @a ppSectionHead value will be
142 * NULL.
143 * @retval VWRN_NOT_FOUND no section was found and RTCRPEMREADFILE_F_ONLY_PEM
144 * is specified. The @a ppSectionHead value will be NULL.
145 *
146 * @param pvContent The content bytes to parse.
147 * @param cbContent The number of content bytes.
148 * @param fFlags RTCRPEMREADFILE_F_XXX.
149 * @param paMarkers Array of one or more section markers to look for.
150 * @param cMarkers Number of markers in the array.
151 * @param ppSectionHead Where to return the head of the section list. Call
152 * RTCrPemFreeSections to free.
153 * @param pErrInfo Where to return extend error info. Optional.
154 */
155RTDECL(int) RTCrPemParseContent(void const *pvContent, size_t cbContent, uint32_t fFlags,
156 PCRTCRPEMMARKER paMarkers, size_t cMarkers, PCRTCRPEMSECTION *ppSectionHead, PRTERRINFO pErrInfo);
157
158/**
159 * Reads the content of the given file and returns a list of binary sections
160 * found in the file.
161 *
162 * If the file isn't an ASCII file or if no markers were found, the entire file
163 * content is returned as one single section (with pMarker = NULL).
164 *
165 * @returns IPRT status code.
166 * @retval VINF_EOF if the file is empty. The @a ppSectionHead value will be
167 * NULL.
168 * @retval VWRN_NOT_FOUND no section was found and RTCRPEMREADFILE_F_ONLY_PEM
169 * is specified. The @a ppSectionHead value will be NULL.
170 *
171 * @param pszFilename The path to the file to read.
172 * @param fFlags RTCRPEMREADFILE_F_XXX.
173 * @param paMarkers Array of one or more section markers to look for.
174 * @param cMarkers Number of markers in the array.
175 * @param ppSectionHead Where to return the head of the section list. Call
176 * RTCrPemFreeSections to free.
177 * @param pErrInfo Where to return extend error info. Optional.
178 */
179RTDECL(int) RTCrPemReadFile(const char *pszFilename, uint32_t fFlags, PCRTCRPEMMARKER paMarkers, size_t cMarkers,
180 PCRTCRPEMSECTION *ppSectionHead, PRTERRINFO pErrInfo);
181/** @name RTCRPEMREADFILE_F_XXX - Flags for RTCrPemReadFile and
182 * RTCrPemParseContent.
183 * @{ */
184/** Continue on encoding error. */
185#define RTCRPEMREADFILE_F_CONTINUE_ON_ENCODING_ERROR RT_BIT(0)
186/** Only PEM sections, no binary fallback. */
187#define RTCRPEMREADFILE_F_ONLY_PEM RT_BIT(1)
188/** Sensitive data, use the safer allocator. */
189#define RTCRPEMREADFILE_F_SENSITIVE RT_BIT(2)
190/** Valid flags. */
191#define RTCRPEMREADFILE_F_VALID_MASK UINT32_C(0x00000007)
192/** @} */
193
194/**
195 * Finds the beginning of first PEM section using the specified markers.
196 *
197 * This will not look any further than the first section. Nor will it check for
198 * binaries.
199 *
200 * @returns Pointer to the "-----BEGIN XXXX" sequence on success.
201 * NULL if not found.
202 * @param pvContent The content bytes to parse.
203 * @param cbContent The number of content bytes.
204 * @param paMarkers Array of one or more section markers to look for.
205 * @param cMarkers Number of markers in the array.
206 */
207RTDECL(const char *) RTCrPemFindFirstSectionInContent(void const *pvContent, size_t cbContent,
208 PCRTCRPEMMARKER paMarkers, size_t cMarkers);
209
210
211/**
212 * PEM formatter for a binary data blob.
213 *
214 * @returns Number of output bytes (sum of @a pfnOutput return values).
215 * @param pfnOutput The output callback function.
216 * @param pvUser The user argument to the output callback.
217 * @param pvContent The binary blob to output.
218 * @param cbContent Size of the binary blob.
219 * @param pszMarker The PEM marker, .e.g "PRIVATE KEY", "CERTIFICATE" or
220 * similar.
221 * @sa RTCrPemWriteAsn1, RTCrPemWriteAsn1ToVfsFile,
222 * RTCrPemWriteAsn1ToVfsFile
223 */
224RTDECL(size_t) RTCrPemWriteBlob(PFNRTSTROUTPUT pfnOutput, void *pvUser,
225 const void *pvContent, size_t cbContent, const char *pszMarker);
226
227RTDECL(ssize_t) RTCrPemWriteBlobToVfsIoStrm(RTVFSIOSTREAM hVfsIos, const void *pvContent, size_t cbContent, const char *pszMarker);
228RTDECL(ssize_t) RTCrPemWriteBlobToVfsFile(RTVFSFILE hVfsFile, const void *pvContent, size_t cbContent, const char *pszMarker);
229
230/**
231 * PEM formatter for a generic ASN.1 structure.
232 *
233 * This will call both RTAsn1EncodePrepare() and RTAsn1EncodeWrite() on
234 * @a pRoot. Uses DER encoding.
235 *
236 * @returns Number of outputted chars (sum of @a pfnOutput return values),
237 * negative values are error status codes from the ASN.1 encoding.
238 * @param pfnOutput The output callback function.
239 * @param pvUser The user argument to the output callback.
240 * @param fFlags Reserved, MBZ.
241 * @param pRoot The root of the ASN.1 to encode and format as PEM.
242 * @param pszMarker The PEM marker, .e.g "PRIVATE KEY", "CERTIFICATE" or
243 * similar.
244 * @param pErrInfo For encoding errors. Optional.
245 * @sa RTCrPemWriteAsn1ToVfsFile, RTCrPemWriteAsn1ToVfsFile,
246 * RTCrPemWriteBlob
247 */
248RTDECL(ssize_t) RTCrPemWriteAsn1(PFNRTSTROUTPUT pfnOutput, void *pvUser, PRTASN1CORE pRoot,
249 uint32_t fFlags, const char *pszMarker, PRTERRINFO pErrInfo);
250
251/**
252 * PEM formatter for a generic ASN.1 structure and output it to @a hVfsIos.
253 *
254 * This will call both RTAsn1EncodePrepare() and RTAsn1EncodeWrite() on
255 * @a pRoot. Uses DER encoding.
256 *
257 * @returns Number of chars written, negative values are error status codes from
258 * the ASN.1 encoding or from RTVfsIoStrmWrite().
259 * @param hVfsIos Handle to the I/O stream to write it to.
260 * @param fFlags Reserved, MBZ.
261 * @param pRoot The root of the ASN.1 to encode and format as PEM.
262 * @param pszMarker The PEM marker, .e.g "PRIVATE KEY", "CERTIFICATE" or
263 * similar.
264 * @param pErrInfo For encoding errors. Optional.
265 * @sa RTCrPemWriteAsn1ToVfsFile, RTCrPemWriteAsn1, RTCrPemWriteBlob
266 */
267RTDECL(ssize_t) RTCrPemWriteAsn1ToVfsIoStrm(RTVFSIOSTREAM hVfsIos, PRTASN1CORE pRoot,
268 uint32_t fFlags, const char *pszMarker, PRTERRINFO pErrInfo);
269
270/**
271 * PEM formatter for a generic ASN.1 structure and output it to @a hVfsFile.
272 *
273 * This will call both RTAsn1EncodePrepare() and RTAsn1EncodeWrite() on
274 * @a pRoot. Uses DER encoding.
275 *
276 * @returns Number of chars written, negative values are error status codes from
277 * the ASN.1 encoding or from RTVfsIoStrmWrite().
278 * @param hVfsFile Handle to the file to write it to.
279 * @param fFlags Reserved, MBZ.
280 * @param pRoot The root of the ASN.1 to encode and format as PEM.
281 * @param pszMarker The PEM marker, .e.g "PRIVATE KEY", "CERTIFICATE" or
282 * similar.
283 * @param pErrInfo For encoding errors. Optional.
284 * @sa RTCrPemWriteAsn1ToVfsIoStrm, RTCrPemWriteAsn1, RTCrPemWriteBlob
285 */
286RTDECL(ssize_t) RTCrPemWriteAsn1ToVfsFile(RTVFSFILE hVfsFile, PRTASN1CORE pRoot,
287 uint32_t fFlags, const char *pszMarker, PRTERRINFO pErrInfo);
288
289/** @} */
290
291RT_C_DECLS_END
292
293#endif /* !IPRT_INCLUDED_crypto_pem_h */
294
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette