1 // gnoMint: a graphical interface for managing a certification authority 2 // Copyright (C) 2006-2009 David Marín Carreño <davefx@gmail.com> 3 // 4 // This file is part of gnoMint. 5 // 6 // gnoMint is free software; you can redistribute it and/or modify 7 // it under the terms of the GNU General Public License as published by 8 // the Free Software Foundation; either version 3 of the License, or 9 // (at your option) any later version. 10 // 11 // This program is distributed in the hope that it will be useful, 12 // but WITHOUT ANY WARRANTY; without even the implied warranty of 13 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 // GNU General Public License for more details. 15 // 16 // You should have received a copy of the GNU General Public License 17 // along with this program; if not, write to the Free Software 18 // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 19 20 #ifndef _CA_FILE_H_ 21 #define _CA_FILE_H_ 22 23 #include <sqlite3.h> 24 #include "uint160.h" 25 26 typedef int (*CaFileCallbackFunc) (void *pArg, int argc, char **argv, char **columnNames); 27 28 typedef enum { 29 CA_FILE_ELEMENT_TYPE_CERT=0, 30 CA_FILE_ELEMENT_TYPE_CSR=1 31 } CaFileElementType; 32 33 gchar * ca_file_create (const gchar *filename); 34 35 gboolean ca_file_open (gchar *file_name, gboolean create); 36 37 void ca_file_close (void); 38 39 gboolean ca_file_save_as (gchar *new_file_name); 40 41 gint ca_file_get_number_of_certs (); 42 gint ca_file_get_number_of_csrs (); 43 44 void ca_file_get_next_serial (UInt160 *serial, guint64 ca_id); 45 gboolean ca_file_set_next_serial (UInt160 *serial, guint64 ca_id); 46 47 gchar * ca_file_insert_self_signed_ca (gchar *pem_ca_private_key, 48 gchar *pem_ca_certificate); 49 50 gchar * ca_file_insert_cert (gboolean is_ca, 51 gboolean private_key_in_db, 52 gchar *pem_private_key_info, 53 gchar *pem_certificate); 54 55 gchar * ca_file_insert_imported_cert (gboolean is_ca, 56 const UInt160 serial, 57 const gchar *pem_certificate, 58 guint64 *id); 59 60 gchar * ca_file_insert_csr (gchar *pem_private_key, 61 gchar *pem_csr, 62 gchar *parent_ca_id_str, 63 guint64 *id); 64 gchar * ca_file_insert_imported_privkey (const gchar *privkey_pem); 65 66 gchar * ca_file_remove_csr (guint64 id); 67 gchar * ca_file_revoke_crt (guint64 id); 68 gchar * ca_file_revoke_crt_with_date (guint64 id, time_t date); 69 70 GList * ca_file_get_revoked_certs (guint64 ca_id, gchar **error); 71 72 enum {CA_FILE_CA_COLUMN_ID=0, 73 CA_FILE_CA_COLUMN_SERIAL=1, 74 CA_FILE_CA_COLUMN_SUBJECT=2, 75 CA_FILE_CA_COLUMN_DN=3, 76 CA_FILE_CA_COLUMN_PARENT_DN=4, 77 CA_FILE_CA_COLUMN_PEM=5, 78 CA_FILE_CA_COLUMN_NUMBER=6}; 79 80 enum {CA_FILE_CERT_COLUMN_ID=0, 81 CA_FILE_CERT_COLUMN_IS_CA=1, 82 CA_FILE_CERT_COLUMN_SERIAL=2, 83 CA_FILE_CERT_COLUMN_SUBJECT=3, 84 CA_FILE_CERT_COLUMN_ACTIVATION=4, 85 CA_FILE_CERT_COLUMN_EXPIRATION=5, 86 CA_FILE_CERT_COLUMN_REVOCATION=6, 87 CA_FILE_CERT_COLUMN_PRIVATE_KEY_IN_DB=7, 88 CA_FILE_CERT_COLUMN_PEM=8, 89 CA_FILE_CERT_COLUMN_DN=9, 90 CA_FILE_CERT_COLUMN_PARENT_DN=10, 91 CA_FILE_CERT_COLUMN_PARENT_ROUTE=11, 92 CA_FILE_CERT_COLUMN_NUMBER=12}; 93 94 enum {CA_FILE_CSR_COLUMN_ID=0, 95 CA_FILE_CSR_COLUMN_SUBJECT=1, 96 CA_FILE_CSR_COLUMN_PRIVATE_KEY_IN_DB=2, 97 CA_FILE_CSR_COLUMN_PEM=3, 98 CA_FILE_CSR_COLUMN_PARENT_ID=4, 99 CA_FILE_CSR_COLUMN_NUMBER=5}; 100 101 102 gboolean ca_file_foreach_ca (CaFileCallbackFunc func, gpointer userdata); 103 gboolean ca_file_foreach_crt (CaFileCallbackFunc func, gboolean view_revoked, gpointer userdata); 104 gboolean ca_file_foreach_csr (CaFileCallbackFunc func, gpointer userdata); 105 gboolean ca_file_foreach_policy (CaFileCallbackFunc func, guint64 ca_id, gpointer userdata); 106 107 gboolean ca_file_get_id_from_serial_issuer_id (const UInt160 *serial, const guint64 issuer_id, guint64 *db_id); 108 gboolean ca_file_get_id_from_dn (CaFileElementType type, const gchar *dn, guint64 *db_id); 109 gchar * ca_file_get_dn_from_id (CaFileElementType type, guint64 db_id); 110 gchar * ca_file_get_public_pem_from_id (CaFileElementType type, guint64 db_id); 111 gchar * ca_file_get_pkey_field_from_id (CaFileElementType type, guint64 db_id); 112 gboolean ca_file_get_pkey_in_db_from_id (CaFileElementType type, guint64 db_id); 113 114 gboolean ca_file_set_pkey_field_for_id (CaFileElementType type, const gchar *new_value, guint64 db_id); 115 gboolean ca_file_mark_pkey_as_extracted_for_id (CaFileElementType type, const gchar *filename, guint64 db_id); 116 117 gint ca_file_begin_new_crl_transaction (guint64 ca_id, time_t timestamp); 118 void ca_file_commit_new_crl_transaction (guint64 ca_id, const GList *revoked_certs); 119 void ca_file_rollback_new_crl_transaction (void); 120 121 gchar * ca_file_policy_get (guint64 ca_id, gchar *property_name); 122 gboolean ca_file_policy_set (guint64 ca_id, gchar *property_name, const gchar *value); 123 gint ca_file_policy_get_int (guint64 ca_id, gchar *property_name); 124 gboolean ca_file_policy_set_int (guint64 ca_id, gchar *property_name, gint value); 125 126 gboolean ca_file_is_password_protected(void); 127 gboolean ca_file_check_password (const gchar *password); 128 gboolean ca_file_password_unprotect(const gchar *old_password); 129 gboolean ca_file_password_protect(const gchar *new_password); 130 gboolean ca_file_password_change(const gchar *old_password, const gchar *new_password); 131 132 133 gboolean ca_file_check_if_is_ca_id (guint64 ca_id); 134 gboolean ca_file_check_if_is_cert_id (guint64 cert_id); 135 gboolean ca_file_check_if_is_csr_id (guint64 csr_id); 136 137 138 #endif 139