]>
Commit | Line | Data |
---|---|---|
0f113f3e | 1 | /* |
21dcbebc | 2 | * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. |
8d8c7266 | 3 | * |
21dcbebc RS |
4 | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8d8c7266 DSH |
8 | */ |
9 | ||
10 | #ifndef HEADER_PKCS12_H | |
0f113f3e | 11 | # define HEADER_PKCS12_H |
8d8c7266 | 12 | |
0f113f3e MC |
13 | # include <openssl/bio.h> |
14 | # include <openssl/x509.h> | |
82271cee | 15 | |
8d8c7266 DSH |
16 | #ifdef __cplusplus |
17 | extern "C" { | |
18 | #endif | |
19 | ||
0f113f3e MC |
20 | # define PKCS12_KEY_ID 1 |
21 | # define PKCS12_IV_ID 2 | |
22 | # define PKCS12_MAC_ID 3 | |
8d8c7266 | 23 | |
e84240d4 | 24 | /* Default iteration count */ |
0f113f3e MC |
25 | # ifndef PKCS12_DEFAULT_ITER |
26 | # define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER | |
27 | # endif | |
e84240d4 | 28 | |
0f113f3e | 29 | # define PKCS12_MAC_KEY_LENGTH 20 |
8d8c7266 | 30 | |
0f113f3e | 31 | # define PKCS12_SALT_LEN 8 |
8d8c7266 DSH |
32 | |
33 | /* Uncomment out next line for unicode password and names, otherwise ASCII */ | |
34 | ||
0f113f3e MC |
35 | /* |
36 | * #define PBE_UNICODE | |
37 | */ | |
8d8c7266 | 38 | |
0f113f3e MC |
39 | # ifdef PBE_UNICODE |
40 | # define PKCS12_key_gen PKCS12_key_gen_uni | |
41 | # define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni | |
42 | # else | |
43 | # define PKCS12_key_gen PKCS12_key_gen_asc | |
44 | # define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc | |
45 | # endif | |
8d8c7266 DSH |
46 | |
47 | /* MS key usage constants */ | |
48 | ||
0f113f3e MC |
49 | # define KEY_EX 0x10 |
50 | # define KEY_SIG 0x80 | |
8d8c7266 | 51 | |
54c38b7f DSH |
52 | typedef struct PKCS12_MAC_DATA_st PKCS12_MAC_DATA; |
53 | ||
54 | typedef struct PKCS12_st PKCS12; | |
55 | ||
56 | typedef struct PKCS12_SAFEBAG_st PKCS12_SAFEBAG; | |
8d8c7266 | 57 | |
85885715 | 58 | DEFINE_STACK_OF(PKCS12_SAFEBAG) |
f2716dad | 59 | |
54c38b7f | 60 | typedef struct pkcs12_bag_st PKCS12_BAGS; |
8d8c7266 | 61 | |
0f113f3e MC |
62 | # define PKCS12_ERROR 0 |
63 | # define PKCS12_OK 1 | |
8d8c7266 | 64 | |
ecbe0781 | 65 | /* Compatibility macros */ |
8d8c7266 | 66 | |
116503cd DSH |
67 | #if OPENSSL_API_COMPAT < 0x10100000L |
68 | ||
a40d5949 DSH |
69 | # define M_PKCS12_bag_type PKCS12_bag_type |
70 | # define M_PKCS12_cert_bag_type PKCS12_cert_bag_type | |
71 | # define M_PKCS12_crl_bag_type PKCS12_cert_bag_type | |
72 | ||
e8503762 DSH |
73 | # define PKCS12_certbag2x509 PKCS12_SAFEBAG_get1_cert |
74 | # define PKCS12_certbag2scrl PKCS12_SAFEBAG_get1_crl | |
75 | # define PKCS12_get_attr PKCS12_SAFEBAG_get0_attr | |
76 | # define PKCS12_bag_type PKCS12_SAFEBAG_get_nid | |
77 | # define PKCS12_cert_bag_type PKCS12_SAFEBAG_get_bag_nid | |
293042c9 | 78 | # define PKCS12_x5092certbag PKCS12_SAFEBAG_create_cert |
425f3300 DSH |
79 | # define PKCS12_x509crl2certbag PKCS12_SAFEBAG_create_crl |
80 | # define PKCS12_MAKE_KEYBAG PKCS12_SAFEBAG_create0_p8inf | |
81 | # define PKCS12_MAKE_SHKEYBAG PKCS12_SAFEBAG_create_pkcs8_encrypt | |
e8503762 | 82 | |
116503cd DSH |
83 | #endif |
84 | ||
a40d5949 DSH |
85 | ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, int attr_nid); |
86 | int PKCS12_mac_present(PKCS12 *p12); | |
1387a2ec DSH |
87 | void PKCS12_get0_mac(ASN1_OCTET_STRING **pmac, X509_ALGOR **pmacalg, |
88 | ASN1_OCTET_STRING **psalt, ASN1_INTEGER **piter, | |
89 | PKCS12 *p12); | |
1e1b48d1 DSH |
90 | |
91 | ASN1_TYPE *PKCS12_SAFEBAG_get0_attr(PKCS12_SAFEBAG *bag, int attr_nid); | |
92 | ASN1_OBJECT *PKCS12_SAFEBAG_get0_type(PKCS12_SAFEBAG *bag); | |
e8503762 DSH |
93 | int PKCS12_SAFEBAG_get_nid(PKCS12_SAFEBAG *bag); |
94 | int PKCS12_SAFEBAG_get_bag_nid(PKCS12_SAFEBAG *bag); | |
1e1b48d1 DSH |
95 | |
96 | X509 *PKCS12_SAFEBAG_get1_cert(PKCS12_SAFEBAG *bag); | |
97 | X509_CRL *PKCS12_SAFEBAG_get1_crl(PKCS12_SAFEBAG *bag); | |
98 | STACK_OF(PKCS12_SAFEBAG) *PKCS12_SAFEBAG_get0_safes(PKCS12_SAFEBAG *bag); | |
a40d5949 | 99 | PKCS8_PRIV_KEY_INFO *PKCS12_SAFEBAG_get0_p8inf(PKCS12_SAFEBAG *bag); |
1387a2ec | 100 | X509_SIG *PKCS12_SAFEBAG_get0_pkcs8(PKCS12_SAFEBAG *bag); |
8d8c7266 | 101 | |
293042c9 DSH |
102 | PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509); |
103 | PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl); | |
425f3300 DSH |
104 | PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8); |
105 | PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8); | |
106 | PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid, | |
107 | const char *pass, | |
108 | int passlen, | |
109 | unsigned char *salt, | |
110 | int saltlen, int iter, | |
111 | PKCS8_PRIV_KEY_INFO *p8inf); | |
ecbe0781 | 112 | |
0f113f3e MC |
113 | PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, |
114 | int nid1, int nid2); | |
0f113f3e MC |
115 | PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass, |
116 | int passlen); | |
117 | PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag, | |
118 | const char *pass, int passlen); | |
119 | X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, | |
120 | const char *pass, int passlen, unsigned char *salt, | |
121 | int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8); | |
6355d315 DSH |
122 | X509_SIG *PKCS8_set0_pbe(const char *pass, int passlen, |
123 | PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe); | |
f2716dad | 124 | PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk); |
ecbe0781 | 125 | STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7); |
61f5b6f3 | 126 | PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, |
0f113f3e MC |
127 | unsigned char *salt, int saltlen, int iter, |
128 | STACK_OF(PKCS12_SAFEBAG) *bags); | |
129 | STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, | |
130 | int passlen); | |
ecbe0781 DSH |
131 | |
132 | int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes); | |
133 | STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12); | |
134 | ||
0f113f3e MC |
135 | int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, |
136 | int namelen); | |
61f5b6f3 | 137 | int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, |
0f113f3e | 138 | int namelen); |
f2a253e0 | 139 | int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, |
0f113f3e MC |
140 | int namelen); |
141 | int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, | |
142 | const unsigned char *name, int namelen); | |
8d8c7266 | 143 | int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage); |
84c15db5 | 144 | ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid); |
8d8c7266 | 145 | char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag); |
1387a2ec | 146 | STACK_OF(X509_ATTRIBUTE) *PKCS12_SAFEBAG_get0_attrs(PKCS12_SAFEBAG *bag); |
61f5b6f3 | 147 | unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, |
0f113f3e MC |
148 | int passlen, unsigned char *in, int inlen, |
149 | unsigned char **data, int *datalen, | |
150 | int en_de); | |
151 | void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, | |
152 | const char *pass, int passlen, | |
153 | ASN1_OCTET_STRING *oct, int zbuf); | |
154 | ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, | |
155 | const ASN1_ITEM *it, | |
156 | const char *pass, int passlen, | |
157 | void *obj, int zbuf); | |
8d8c7266 | 158 | PKCS12 *PKCS12_init(int mode); |
61f5b6f3 | 159 | int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, |
0f113f3e MC |
160 | int saltlen, int id, int iter, int n, |
161 | unsigned char *out, const EVP_MD *md_type); | |
162 | int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, | |
163 | int saltlen, int id, int iter, int n, | |
164 | unsigned char *out, const EVP_MD *md_type); | |
2bd83ca1 | 165 | int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, |
0f113f3e MC |
166 | ASN1_TYPE *param, const EVP_CIPHER *cipher, |
167 | const EVP_MD *md_type, int en_de); | |
69cbf468 | 168 | int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, |
0f113f3e | 169 | unsigned char *mac, unsigned int *maclen); |
61f5b6f3 BL |
170 | int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen); |
171 | int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, | |
0f113f3e MC |
172 | unsigned char *salt, int saltlen, int iter, |
173 | const EVP_MD *md_type); | |
69cbf468 | 174 | int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, |
0f113f3e MC |
175 | int saltlen, const EVP_MD *md_type); |
176 | unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, | |
177 | unsigned char **uni, int *unilen); | |
c05353c5 | 178 | char *OPENSSL_uni2asc(unsigned char *uni, int unilen); |
9d6b1ce6 DSH |
179 | |
180 | DECLARE_ASN1_FUNCTIONS(PKCS12) | |
181 | DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA) | |
182 | DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG) | |
183 | DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS) | |
184 | ||
ecbe0781 DSH |
185 | DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS) |
186 | DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES) | |
187 | ||
8d8c7266 | 188 | void PKCS12_PBE_add(void); |
61f5b6f3 | 189 | int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, |
0f113f3e | 190 | STACK_OF(X509) **ca); |
69cbf468 | 191 | PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, |
0f113f3e MC |
192 | STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, |
193 | int mac_iter, int keytype); | |
9a48b07e DSH |
194 | |
195 | PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert); | |
0f113f3e MC |
196 | PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, |
197 | EVP_PKEY *key, int key_usage, int iter, | |
198 | int key_nid, char *pass); | |
9a48b07e | 199 | int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, |
0f113f3e | 200 | int safe_nid, int iter, char *pass); |
9a48b07e DSH |
201 | PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid); |
202 | ||
8d8c7266 DSH |
203 | int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12); |
204 | int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); | |
205 | PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12); | |
206 | PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); | |
049f5bbc | 207 | int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass); |
8d8c7266 | 208 | |
8d8c7266 | 209 | /* BEGIN ERROR CODES */ |
0f113f3e MC |
210 | /* |
211 | * The following lines are auto generated by the script mkerr.pl. Any changes | |
6d311938 DSH |
212 | * made after this point may be overwritten when the script is next run. |
213 | */ | |
0cd0a820 | 214 | |
b476df64 | 215 | void ERR_load_PKCS12_strings(void); |
6d311938 | 216 | |
8d8c7266 DSH |
217 | /* Error codes for the PKCS12 functions. */ |
218 | ||
219 | /* Function codes. */ | |
0f113f3e MC |
220 | # define PKCS12_F_PKCS12_CREATE 105 |
221 | # define PKCS12_F_PKCS12_GEN_MAC 107 | |
222 | # define PKCS12_F_PKCS12_INIT 109 | |
223 | # define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106 | |
224 | # define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108 | |
225 | # define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117 | |
226 | # define PKCS12_F_PKCS12_KEY_GEN_ASC 110 | |
227 | # define PKCS12_F_PKCS12_KEY_GEN_UNI 111 | |
0f113f3e MC |
228 | # define PKCS12_F_PKCS12_NEWPASS 128 |
229 | # define PKCS12_F_PKCS12_PACK_P7DATA 114 | |
230 | # define PKCS12_F_PKCS12_PACK_P7ENCDATA 115 | |
231 | # define PKCS12_F_PKCS12_PARSE 118 | |
232 | # define PKCS12_F_PKCS12_PBE_CRYPT 119 | |
233 | # define PKCS12_F_PKCS12_PBE_KEYIVGEN 120 | |
425f3300 DSH |
234 | # define PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF 112 |
235 | # define PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8 113 | |
236 | # define PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT 133 | |
0f113f3e MC |
237 | # define PKCS12_F_PKCS12_SETUP_MAC 122 |
238 | # define PKCS12_F_PKCS12_SET_MAC 123 | |
239 | # define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130 | |
240 | # define PKCS12_F_PKCS12_UNPACK_P7DATA 131 | |
241 | # define PKCS12_F_PKCS12_VERIFY_MAC 126 | |
0f113f3e | 242 | # define PKCS12_F_PKCS8_ENCRYPT 125 |
6355d315 | 243 | # define PKCS12_F_PKCS8_SET0_PBE 132 |
8d8c7266 DSH |
244 | |
245 | /* Reason codes. */ | |
0f113f3e MC |
246 | # define PKCS12_R_CANT_PACK_STRUCTURE 100 |
247 | # define PKCS12_R_CONTENT_TYPE_NOT_DATA 121 | |
248 | # define PKCS12_R_DECODE_ERROR 101 | |
249 | # define PKCS12_R_ENCODE_ERROR 102 | |
250 | # define PKCS12_R_ENCRYPT_ERROR 103 | |
251 | # define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120 | |
252 | # define PKCS12_R_INVALID_NULL_ARGUMENT 104 | |
253 | # define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105 | |
254 | # define PKCS12_R_IV_GEN_ERROR 106 | |
255 | # define PKCS12_R_KEY_GEN_ERROR 107 | |
256 | # define PKCS12_R_MAC_ABSENT 108 | |
257 | # define PKCS12_R_MAC_GENERATION_ERROR 109 | |
258 | # define PKCS12_R_MAC_SETUP_ERROR 110 | |
259 | # define PKCS12_R_MAC_STRING_SET_ERROR 111 | |
0f113f3e MC |
260 | # define PKCS12_R_MAC_VERIFY_FAILURE 113 |
261 | # define PKCS12_R_PARSE_ERROR 114 | |
262 | # define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115 | |
263 | # define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116 | |
264 | # define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117 | |
265 | # define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118 | |
266 | # define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119 | |
6d311938 | 267 | |
0cd0a820 | 268 | # ifdef __cplusplus |
8d8c7266 | 269 | } |
0cd0a820 | 270 | # endif |
8d8c7266 | 271 | #endif |