1 //  gnoMint: a graphical interface for managing a certification authority
2 //  Copyright (C) 2006-2009 David Marín Carreño <davefx@gmail.com>
3 //
4 //  This file is part of gnoMint.
5 //
6 //  gnoMint is free software; you can redistribute it and/or modify
7 //  it under the terms of the GNU General Public License as published by
8 //  the Free Software Foundation; either version 3 of the License, or
9 //  (at your option) any later version.
10 //
11 //  This program is distributed in the hope that it will be useful,
12 //  but WITHOUT ANY WARRANTY; without even the implied warranty of
13 //  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14 //  GNU General Public License for more details.
15 //
16 //  You should have received a copy of the GNU General Public License
17 //  along with this program; if not, write to the Free Software
18 //  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
19 
20 #ifndef _CA_FILE_H_
21 #define _CA_FILE_H_
22 
23 #include <sqlite3.h>
24 #include "uint160.h"
25 
26 typedef int (*CaFileCallbackFunc) (void *pArg, int argc, char **argv, char **columnNames);
27 
28 typedef enum {
29 	CA_FILE_ELEMENT_TYPE_CERT=0,
30 	CA_FILE_ELEMENT_TYPE_CSR=1
31 } CaFileElementType;
32 
33 gchar * ca_file_create (const gchar *filename);
34 
35 gboolean ca_file_open (gchar *file_name, gboolean create);
36 
37 void ca_file_close (void);
38 
39 gboolean ca_file_save_as (gchar *new_file_name);
40 
41 gint ca_file_get_number_of_certs ();
42 gint ca_file_get_number_of_csrs ();
43 
44 void ca_file_get_next_serial (UInt160 *serial, guint64 ca_id);
45 gboolean ca_file_set_next_serial (UInt160 *serial, guint64 ca_id);
46 
47 gchar * ca_file_insert_self_signed_ca (gchar *pem_ca_private_key,
48                                        gchar *pem_ca_certificate);
49 
50 gchar * ca_file_insert_cert (gboolean is_ca,
51                              gboolean private_key_in_db,
52 			     gchar *pem_private_key_info,
53 			     gchar *pem_certificate);
54 
55 gchar * ca_file_insert_imported_cert (gboolean is_ca,
56                                       const UInt160 serial,
57                                       const gchar *pem_certificate,
58                                       guint64 *id);
59 
60 gchar * ca_file_insert_csr (gchar *pem_private_key,
61 			    gchar *pem_csr,
62 	                    gchar *parent_ca_id_str,
63                             guint64 *id);
64 gchar * ca_file_insert_imported_privkey (const gchar *privkey_pem);
65 
66 gchar * ca_file_remove_csr (guint64 id);
67 gchar * ca_file_revoke_crt (guint64 id);
68 gchar * ca_file_revoke_crt_with_date (guint64 id, time_t date);
69 
70 GList * ca_file_get_revoked_certs (guint64 ca_id, gchar **error);
71 
72 enum {CA_FILE_CA_COLUMN_ID=0,
73       CA_FILE_CA_COLUMN_SERIAL=1,
74       CA_FILE_CA_COLUMN_SUBJECT=2,
75       CA_FILE_CA_COLUMN_DN=3,
76       CA_FILE_CA_COLUMN_PARENT_DN=4,
77       CA_FILE_CA_COLUMN_PEM=5,
78       CA_FILE_CA_COLUMN_NUMBER=6};
79 
80 enum {CA_FILE_CERT_COLUMN_ID=0,
81       CA_FILE_CERT_COLUMN_IS_CA=1,
82       CA_FILE_CERT_COLUMN_SERIAL=2,
83       CA_FILE_CERT_COLUMN_SUBJECT=3,
84       CA_FILE_CERT_COLUMN_ACTIVATION=4,
85       CA_FILE_CERT_COLUMN_EXPIRATION=5,
86       CA_FILE_CERT_COLUMN_REVOCATION=6,
87       CA_FILE_CERT_COLUMN_PRIVATE_KEY_IN_DB=7,
88       CA_FILE_CERT_COLUMN_PEM=8,
89       CA_FILE_CERT_COLUMN_DN=9,
90       CA_FILE_CERT_COLUMN_PARENT_DN=10,
91       CA_FILE_CERT_COLUMN_PARENT_ROUTE=11,
92       CA_FILE_CERT_COLUMN_NUMBER=12};
93 
94 enum {CA_FILE_CSR_COLUMN_ID=0,
95       CA_FILE_CSR_COLUMN_SUBJECT=1,
96       CA_FILE_CSR_COLUMN_PRIVATE_KEY_IN_DB=2,
97       CA_FILE_CSR_COLUMN_PEM=3,
98       CA_FILE_CSR_COLUMN_PARENT_ID=4,
99       CA_FILE_CSR_COLUMN_NUMBER=5};
100 
101 
102 gboolean ca_file_foreach_ca (CaFileCallbackFunc func, gpointer userdata);
103 gboolean ca_file_foreach_crt (CaFileCallbackFunc func, gboolean view_revoked, gpointer userdata);
104 gboolean ca_file_foreach_csr (CaFileCallbackFunc func, gpointer userdata);
105 gboolean ca_file_foreach_policy (CaFileCallbackFunc func, guint64 ca_id, gpointer userdata);
106 
107 gboolean ca_file_get_id_from_serial_issuer_id (const UInt160 *serial, const guint64 issuer_id, guint64 *db_id);
108 gboolean ca_file_get_id_from_dn (CaFileElementType type, const gchar *dn, guint64 *db_id);
109 gchar * ca_file_get_dn_from_id (CaFileElementType type, guint64 db_id);
110 gchar * ca_file_get_public_pem_from_id (CaFileElementType type, guint64 db_id);
111 gchar * ca_file_get_pkey_field_from_id (CaFileElementType type, guint64 db_id);
112 gboolean ca_file_get_pkey_in_db_from_id (CaFileElementType type, guint64 db_id);
113 
114 gboolean ca_file_set_pkey_field_for_id (CaFileElementType type, const gchar *new_value, guint64 db_id);
115 gboolean ca_file_mark_pkey_as_extracted_for_id (CaFileElementType type, const gchar *filename, guint64 db_id);
116 
117 gint ca_file_begin_new_crl_transaction (guint64 ca_id, time_t timestamp);
118 void ca_file_commit_new_crl_transaction (guint64 ca_id, const GList *revoked_certs);
119 void ca_file_rollback_new_crl_transaction (void);
120 
121 gchar * ca_file_policy_get (guint64 ca_id, gchar *property_name);
122 gboolean ca_file_policy_set (guint64 ca_id, gchar *property_name, const gchar *value);
123 gint  ca_file_policy_get_int (guint64 ca_id, gchar *property_name);
124 gboolean ca_file_policy_set_int (guint64 ca_id, gchar *property_name, gint value);
125 
126 gboolean ca_file_is_password_protected(void);
127 gboolean ca_file_check_password (const gchar *password);
128 gboolean ca_file_password_unprotect(const gchar *old_password);
129 gboolean ca_file_password_protect(const gchar *new_password);
130 gboolean ca_file_password_change(const gchar *old_password, const gchar *new_password);
131 
132 
133 gboolean ca_file_check_if_is_ca_id (guint64 ca_id);
134 gboolean ca_file_check_if_is_cert_id (guint64 cert_id);
135 gboolean ca_file_check_if_is_csr_id (guint64 csr_id);
136 
137 
138 #endif
139