serverRoom/amt-sdk-20-0-0-1/WS-ManagementCPP_Samples_Module/Src/Samples/AccessMonitor/CertificateOperations.h

//----------------------------------------------------------------------------
//
// Copyright (C) 2003 Intel Corporation
//
//  File:       CertificateOperations.h 
//
//  Contents:   Certificates handling functions for an Intel<65> AMT Audit-Log client.
//
//----------------------------------------------------------------------------
#ifndef _CERT_OPERATIONS_H_
#define _CERT_OPERATIONS_H_

#include <string>

#ifdef _WIN32
#include <windows.h>
#include <Wincrypt.h>
#else
/* Linux */
#include <arpa/inet.h> 
#include <openssl/md5.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/x509_vfy.h>
#include <openssl/pem.h>	
#endif


/* Function Prototypes */
#ifdef _WIN32
/*****************************************************************************
 * Get Certificate Name that is encoded in the certificate blob encoded in ASN_1
 * Arguments:
 *	blob	- Certificate blob date.
 *  Length	- Data Length.
 *
 * Return value:
 *	Certificate name
 ****************************************************************************/
std::string GetStringFromASN_1(BYTE *blob, WORD length);

/*****************************************************************************
 * Verify Digital signature (Hash SHA1/SHA256/SHA384)
 * Arguments:
 *	certContext			- Signing Certificate (for Public Key).
 *  data				- Data to verify the signature. 
 *  dataLength			- Data Length.
 *  signature			- Digital signature.
 *  signatureLength		- Digital signature Length.
 *  signatureMechanism	- Digital signature Length signing mechanism.
 *  valid				- Output parameter that indicates if the signature is valid
 *						  or not.
 *
 * Return value:
 *  true - on success
 *  false - on failure (Error)
 ****************************************************************************/
bool VerifySign(PCCERT_CONTEXT  certContext, BYTE *data, DWORD dataLength, 
			   BYTE *signature, DWORD signatureLength, WORD signatureMechanism, bool &valid);

/*****************************************************************************
 * Get Certificate from Active Directory or LDAP 
 * Arguments:
 *	serialNumber		- Certificate Serial Number
 *	serialNumberLength	- Certificate Serial Number Length.
 *	issuerAsn1			- Issuer
 *	issuerAsn1Length	- Issuer length.
 *
 * Return value:
 *	Certificate context or NULL for error.
 ****************************************************************************/
PCCERT_CONTEXT GetCertContext(BYTE *serialNumber, WORD serialNumberLength, BYTE *issuerAsn1, WORD issuerAsn1Length);

/*****************************************************************************
 * Get Certificate Context from PEM File.
 * Arguments:
 *	filename	- PEM Filename.
 *
 * Return value:
 *  PCCERT_CONTEXT - Certificate Context Pointer.
 ****************************************************************************/
PCCERT_CONTEXT GetCetficateContextFromFile(std::string filename);

/*****************************************************************************
 * Validates a Given Certificate Chain. (valid using the Root CA's defined 
 *										 in the computer).
 * Arguments:
 *	chain		- Array of Certificates (PCCERT_CONTEXT)
 *  valid		- Output parameter that indicates if the chain is valid or not
 *
 * Return value:
 *  true - on success
 *  false - on failure (Error)
 ****************************************************************************/
bool ValidCertChain(PCCERT_CONTEXT chain[], bool &valid);

#else
/* Linux */
/*****************************************************************************
* Create X509 OpenSSL Object from certificate string.
*
* Arguments:
*  certStr		- [in] The certificate.
* Return Value:
* 	Pointer to X509 OpenSSL Object that represent X509 Certificate.
*   NULL On Error
****************************************************************************/
X509* LoadCertificateFromMem(unsigned char *certBuf, unsigned int certLen);
#endif


#endif //_CERT_OPERATIONS_H_