]>
Commit | Line | Data |
---|---|---|
4dde554c DDO |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | ossl_cmp_hdr_set_pvno, | |
6 | ossl_cmp_hdr_get_pvno, | |
12bbcee2 | 7 | ossl_cmp_hdr_get_protection_nid, |
4dde554c | 8 | ossl_cmp_hdr_get0_sendernonce, |
cfca56df | 9 | ossl_cmp_general_name_is_NULL_DN, |
4dde554c DDO |
10 | ossl_cmp_hdr_set1_sender, |
11 | ossl_cmp_hdr_set1_recipient, | |
12 | ossl_cmp_hdr_update_messagetime, | |
13 | ossl_cmp_hdr_set1_senderKID, | |
14 | ossl_cmp_hdr_push0_freeText, | |
15 | ossl_cmp_hdr_push1_freeText, | |
16 | ossl_cmp_hdr_generalinfo_item_push0, | |
17 | ossl_cmp_hdr_generalinfo_items_push1, | |
18 | ossl_cmp_hdr_set_implicitConfirm, | |
62dcd2aa | 19 | ossl_cmp_hdr_has_implicitConfirm, |
7b3990e3 | 20 | ossl_cmp_hdr_set_transactionID, |
4dde554c | 21 | ossl_cmp_hdr_init |
7b3990e3 | 22 | - functions handling CMP message headers |
4dde554c DDO |
23 | |
24 | =head1 SYNOPSIS | |
25 | ||
cef3a008 | 26 | #include "cmp_local.h" |
4dde554c DDO |
27 | |
28 | int ossl_cmp_hdr_set_pvno(OSSL_CMP_PKIHEADER *hdr, int pvno); | |
29 | int ossl_cmp_hdr_get_pvno(const OSSL_CMP_PKIHEADER *hdr); | |
12bbcee2 | 30 | int ossl_cmp_hdr_get_protection_nid(const OSSL_CMP_PKIHEADER *hdr); |
4dde554c DDO |
31 | ASN1_OCTET_STRING |
32 | *ossl_cmp_hdr_get0_sendernonce(const OSSL_CMP_PKIHEADER *hdr); | |
cfca56df | 33 | int ossl_cmp_general_name_is_NULL_DN(GENERAL_NAME *name); |
4dde554c DDO |
34 | |
35 | int ossl_cmp_hdr_set1_sender(OSSL_CMP_PKIHEADER *hdr, const X509_NAME *nm); | |
36 | int ossl_cmp_hdr_set1_recipient(OSSL_CMP_PKIHEADER *hdr, const X509_NAME *nm); | |
37 | int ossl_cmp_hdr_update_messagetime(OSSL_CMP_PKIHEADER *hdr); | |
38 | int ossl_cmp_hdr_set1_senderKID(OSSL_CMP_PKIHEADER *hdr, | |
39 | const ASN1_OCTET_STRING *senderKID); | |
40 | int ossl_cmp_hdr_generalinfo_item_push0(OSSL_CMP_PKIHEADER *hdr, | |
41 | OSSL_CMP_ITAV *itav); | |
42 | int ossl_cmp_hdr_generalinfo_items_push1(OSSL_CMP_PKIHEADER *hdr, | |
43 | STACK_OF(OSSL_CMP_ITAV) *itavs); | |
44 | int ossl_cmp_hdr_push0_freeText(OSSL_CMP_PKIHEADER *hdr, | |
45 | ASN1_UTF8STRING *text); | |
46 | int ossl_cmp_hdr_push1_freeText(OSSL_CMP_PKIHEADER *hdr, | |
47 | ASN1_UTF8STRING *text); | |
48 | int ossl_cmp_hdr_set_implicitConfirm(OSSL_CMP_PKIHEADER *hdr); | |
62dcd2aa | 49 | int ossl_cmp_hdr_has_implicitConfirm(OSSL_CMP_PKIHEADER *hdr); |
7b3990e3 | 50 | int ossl_cmp_hdr_set_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr); |
4dde554c DDO |
51 | int ossl_cmp_hdr_init(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr); |
52 | ||
53 | =head1 DESCRIPTION | |
54 | ||
55 | ossl_cmp_hdr_set_pvno() sets hdr->pvno to the given B<pvno>. | |
56 | ||
57 | ossl_cmp_hdr_get_pvno() returns the pvno of the given B<hdr> or -1 on error. | |
58 | ||
12bbcee2 DDO |
59 | ossl_cmp_hdr_get_protection_nid returns the NID of the protection algorithm |
60 | in B<hdr> or NID_undef on error. | |
61 | ||
4dde554c DDO |
62 | ossl_cmp_hdr_get0_sendernonce() returns the sender nonce of the given PKIHeader. |
63 | ||
cfca56df DDO |
64 | ossl_cmp_general_name_is_NULL_DN() determines if the given GENERAL_NAME |
65 | is the NULL-DN. | |
66 | ||
4dde554c DDO |
67 | ossl_cmp_hdr_set1_sender() sets the sender field in the given PKIHeader |
68 | to the given X509 Name value, without consuming the pointer. | |
69 | ||
70 | ossl_cmp_hdr_set1_recipient() sets the recipient field in the given | |
71 | PKIHeader to the given X509 Name value, without consuming the pointer. | |
72 | If B<nm> is NULL, recipient is set to the NULL DN (the empty list of strings). | |
73 | ||
74 | ossl_cmp_hdr_update_messagetime() (re-)sets the messageTime to the current | |
75 | system time. As written in RFC 4210, section 5.1.1: | |
76 | The messageTime field contains the time at which the sender created the message. | |
77 | This may be useful to allow end entities to correct/check their local time for | |
78 | consistency with the time on a central system. | |
79 | ||
80 | ossl_cmp_hdr_set1_senderKID() Sets hdr->senderKID to the given string. | |
81 | In an PBMAC-protected IR this usually is a reference number issued by the CA, | |
82 | else the subject key ID of the sender's protecting certificate. | |
83 | ||
84 | ossl_cmp_hdr_push0_freeText() pushes an ASN1_UTF8STRING to | |
85 | hdr->freeText and consumes the given pointer. | |
86 | ||
87 | ossl_cmp_hdr_push1_freeText() pushes an ASN1_UTF8STRING to | |
88 | hdr->freeText and does not consume the pointer. | |
89 | ||
90 | ossl_cmp_hdr_generalinfo_item_push0() adds the given InfoTypeAndValue | |
91 | item to the hdr->generalInfo stack. Consumes the B<itav> pointer. | |
92 | ||
93 | ossl_cmp_hdr_generalinfo_items_push1() adds a copy of the B<itavs> stack to | |
94 | the generalInfo field of PKIheader of the B<hdr>. Does not consume the B<itavs> | |
95 | pointer. | |
96 | ||
97 | ossl_cmp_hdr_set_implicitConfirm() sets implicitConfirm in the generalInfo field | |
98 | of the PKIMessage header. | |
99 | ||
62dcd2aa | 100 | ossl_cmp_hdr_has_implicitConfirm() returns 1 if implicitConfirm is |
4dde554c DDO |
101 | set int generalInfo field of the given PKIMessage header, 0 if not. |
102 | ||
7b3990e3 DDO |
103 | ossl_cmp_hdr_set_transactionID() sets the B<transactionID> field in C<hdr>. |
104 | In case ctx->transactionID is NULL, it starts a new transaction | |
105 | by creating and storing a new random valuee with 128 bits length. | |
106 | ||
4dde554c DDO |
107 | ossl_cmp_hdr_init() initializes a PKIHeader structure based on the |
108 | values in the given OSSL_CMP_CTX structure. | |
109 | This starts a new transaction in case ctx->transactionID is NULL. | |
110 | The sender name is copied from the subject of the client cert, if any, | |
111 | or else from the subject name provided for certification requests. | |
112 | As required by RFC 4210 section 5.1.1., if the sender name is not known | |
113 | to the client it set to the NULL-DN. In this case for identification at least | |
114 | the senderKID must be set, which we take from any referenceValue provided. | |
115 | ||
116 | =head1 NOTES | |
117 | ||
118 | CMP is defined in RFC 4210 (and CRMF in RFC 4211). | |
119 | ||
120 | =head1 RETURN VALUES | |
121 | ||
122 | ossl_cmp_hdr_get_pvno() returns the pvno of the given B<hdr> or -1 on error. | |
123 | ||
12bbcee2 DDO |
124 | ossl_cmp_hdr_get_protection_nid returns the respective NID, NID_undef on error. |
125 | ||
126 | ossl_cmp_hdr_get0_sendernonce() returns the respective nonce, or NULL. | |
4dde554c | 127 | |
cfca56df DDO |
128 | ossl_cmp_general_name_is_NULL_DN() returns 1 given a NULL-DN, else 0. |
129 | ||
4dde554c DDO |
130 | All other functions return 1 on success, 0 on error. |
131 | ||
132 | See the individual functions above. | |
133 | ||
7b3990e3 DDO |
134 | =head1 SEE ALSO |
135 | ||
136 | L<ossl_cmp_msg_create(3)> | |
137 | ||
4dde554c DDO |
138 | =head1 HISTORY |
139 | ||
140 | The OpenSSL CMP support was added in OpenSSL 3.0. | |
141 | ||
142 | =head1 COPYRIGHT | |
143 | ||
54b40531 | 144 | Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved. |
4dde554c DDO |
145 | |
146 | Licensed under the Apache License 2.0 (the "License"). You may not use | |
147 | this file except in compliance with the License. You can obtain a copy | |
148 | in the file LICENSE in the source distribution or at | |
149 | L<https://www.openssl.org/source/license.html>. | |
150 | ||
151 | =cut |