]>
Commit | Line | Data |
---|---|---|
4dde554c DDO |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
6d1f50b5 | 5 | ossl_cmp_certresponse_get1_cert, |
62dcd2aa DDO |
6 | ossl_cmp_pkisi_get_status, |
7 | ossl_cmp_PKIStatus_to_string, | |
8 | ossl_cmp_pkisi_get0_statusString, | |
9 | ossl_cmp_pkisi_get_pkifailureinfo, | |
10 | ossl_cmp_pkisi_check_pkifailureinfo | |
4dde554c DDO |
11 | - functions for managing PKI status information |
12 | ||
13 | =head1 SYNOPSIS | |
14 | ||
15 | #include "cmp.h" | |
16 | ||
17 | # define OSSL_CMP_PKIFAILUREINFO_badAlg 0 | |
18 | # define OSSL_CMP_PKIFAILUREINFO_badMessageCheck 1 | |
19 | # define OSSL_CMP_PKIFAILUREINFO_badRequest 2 | |
20 | # define OSSL_CMP_PKIFAILUREINFO_badTime 3 | |
21 | # define OSSL_CMP_PKIFAILUREINFO_badCertId 4 | |
22 | # define OSSL_CMP_PKIFAILUREINFO_badDataFormat 5 | |
23 | # define OSSL_CMP_PKIFAILUREINFO_wrongAuthority 6 | |
24 | # define OSSL_CMP_PKIFAILUREINFO_incorrectData 7 | |
25 | # define OSSL_CMP_PKIFAILUREINFO_missingTimeStamp 8 | |
26 | # define OSSL_CMP_PKIFAILUREINFO_badPOP 9 | |
27 | # define OSSL_CMP_PKIFAILUREINFO_certRevoked 10 | |
28 | # define OSSL_CMP_PKIFAILUREINFO_certConfirmed 11 | |
29 | # define OSSL_CMP_PKIFAILUREINFO_wrongIntegrity 12 | |
30 | # define OSSL_CMP_PKIFAILUREINFO_badRecipientNonce 13 | |
31 | # define OSSL_CMP_PKIFAILUREINFO_timeNotAvailable 14 | |
32 | # define OSSL_CMP_PKIFAILUREINFO_unacceptedPolicy 15 | |
33 | # define OSSL_CMP_PKIFAILUREINFO_unacceptedExtension 16 | |
34 | # define OSSL_CMP_PKIFAILUREINFO_addInfoNotAvailable 17 | |
35 | # define OSSL_CMP_PKIFAILUREINFO_badSenderNonce 18 | |
36 | # define OSSL_CMP_PKIFAILUREINFO_badCertTemplate 19 | |
37 | # define OSSL_CMP_PKIFAILUREINFO_signerNotTrusted 20 | |
38 | # define OSSL_CMP_PKIFAILUREINFO_transactionIdInUse 21 | |
39 | # define OSSL_CMP_PKIFAILUREINFO_unsupportedVersion 22 | |
40 | # define OSSL_CMP_PKIFAILUREINFO_notAuthorized 23 | |
41 | # define OSSL_CMP_PKIFAILUREINFO_systemUnavail 24 | |
42 | # define OSSL_CMP_PKIFAILUREINFO_systemFailure 25 | |
43 | # define OSSL_CMP_PKIFAILUREINFO_duplicateCertReq 26 | |
44 | # define OSSL_CMP_PKIFAILUREINFO_MAX 26 | |
45 | ||
e0f1ec3b DDO |
46 | X509 *ossl_cmp_certresponse_get1_cert(const OSSL_CMP_CTX *ctx, |
47 | const OSSL_CMP_CERTRESPONSE *crep); | |
62dcd2aa DDO |
48 | int ossl_cmp_pkisi_get_status(const OSSL_CMP_PKISI *si); |
49 | const char *ossl_cmp_PKIStatus_to_string(int status); | |
50 | OSSL_CMP_PKIFREETEXT *ossl_cmp_pkisi_get0_statusString(const OSSL_CMP_PKISI *si); | |
51 | int ossl_cmp_pkisi_get_pkifailureinfo(const OSSL_CMP_PKISI *si); | |
52 | int ossl_cmp_pkisi_check_pkifailureinfo(const OSSL_CMP_PKISI *si, int index); | |
4dde554c DDO |
53 | |
54 | =head1 DESCRIPTION | |
55 | ||
6d1f50b5 DDO |
56 | ossl_cmp_certresponse_get1_cert() returns a pointer to a copy of the newly |
57 | enrolled certificate from the given certResponse I<crep>, or NULL on error. | |
e0f1ec3b | 58 | Uses data from I<ctx>, which in case of indirect POPO includes the private key. |
6d1f50b5 DDO |
59 | |
60 | ossl_cmp_pkisi_get_status() returns the PKIStatus of I<si>, or -1 on error. | |
4dde554c | 61 | |
62dcd2aa DDO |
62 | ossl_cmp_PKIStatus_to_string() returns a human-readable string representing |
63 | the PKIStatus values as specified in RFC 4210, Appendix F. | |
4dde554c | 64 | |
62dcd2aa | 65 | ossl_cmp_pkisi_get0_statusString() returns a direct pointer to the statusString |
6d1f50b5 | 66 | field contained in I<si>. |
4dde554c | 67 | |
62dcd2aa | 68 | ossl_cmp_pkisi_get_pkifailureinfo() returns the PKIFailureInfo bits |
6d1f50b5 | 69 | of I<si>, encoded as integer, or -1 on error. |
62dcd2aa DDO |
70 | |
71 | ossl_cmp_pkisi_check_pkifailureinfo() returns the state of the bit (0 or 1) | |
6d1f50b5 | 72 | with index I<index> in the PKIFailureInfo of the I<si>, or -1 on error. |
4dde554c DDO |
73 | |
74 | =head1 NOTES | |
75 | ||
76 | CMP is defined in RFC 4210 (and CRMF in RFC 4211). | |
77 | ||
78 | =head1 RETURN VALUES | |
79 | ||
80 | See the individual functions above. | |
81 | ||
82 | =head1 SEE ALSO | |
83 | ||
299e0f1e | 84 | L<OSSL_CMP_CTX_new(3)>, L<ossl_cmp_certreq_new(3)> |
4dde554c DDO |
85 | |
86 | =head1 HISTORY | |
87 | ||
88 | The OpenSSL CMP support was added in OpenSSL 3.0. | |
89 | ||
90 | =head1 COPYRIGHT | |
91 | ||
da1c088f | 92 | Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved. |
4dde554c DDO |
93 | |
94 | Licensed under the Apache License 2.0 (the "License"). You may not use | |
95 | this file except in compliance with the License. You can obtain a copy | |
96 | in the file LICENSE in the source distribution or at | |
97 | L<https://www.openssl.org/source/license.html>. | |
98 | ||
99 | =cut |