]>
Commit | Line | Data |
---|---|---|
a61b7f2f | 1 | /*- |
98c35dc4 MC |
2 | * {- join("\n * ", @autowarntext) -} |
3 | * | |
33388b44 | 4 | * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. |
8869ad4a AK |
5 | * Copyright Nokia 2007-2019 |
6 | * Copyright Siemens AG 2015-2019 | |
2a3b52ea | 7 | * |
ce9b9964 | 8 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
2a3b52ea DO |
9 | * this file except in compliance with the License. You can obtain a copy |
10 | * in the file LICENSE in the source distribution or at | |
11 | * https://www.openssl.org/source/license.html | |
12 | * | |
a61b7f2f | 13 | * CRMF (RFC 4211) implementation by M. Peylo, M. Viljanen, and D. von Oheimb. |
2a3b52ea DO |
14 | */ |
15 | ||
98c35dc4 MC |
16 | {- |
17 | use OpenSSL::stackhash qw(generate_stack_macros); | |
18 | -} | |
19 | ||
ae4186b0 DMSP |
20 | #ifndef OPENSSL_CRMF_H |
21 | # define OPENSSL_CRMF_H | |
2a3b52ea DO |
22 | |
23 | # include <openssl/opensslconf.h> | |
24 | ||
538f38db | 25 | # ifndef OPENSSL_NO_CRMF |
2a3b52ea DO |
26 | # include <openssl/opensslv.h> |
27 | # include <openssl/safestack.h> | |
28 | # include <openssl/crmferr.h> | |
29 | # include <openssl/x509v3.h> /* for GENERAL_NAME etc. */ | |
30 | ||
31 | /* explicit #includes not strictly needed since implied by the above: */ | |
50cd4768 | 32 | # include <openssl/types.h> |
2a3b52ea DO |
33 | # include <openssl/x509.h> |
34 | ||
235595c4 | 35 | # ifdef __cplusplus |
2a3b52ea DO |
36 | extern "C" { |
37 | # endif | |
38 | ||
39 | # define OSSL_CRMF_POPOPRIVKEY_THISMESSAGE 0 | |
40 | # define OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE 1 | |
41 | # define OSSL_CRMF_POPOPRIVKEY_DHMAC 2 | |
42 | # define OSSL_CRMF_POPOPRIVKEY_AGREEMAC 3 | |
43 | # define OSSL_CRMF_POPOPRIVKEY_ENCRYPTEDKEY 4 | |
44 | ||
45 | # define OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT 0 | |
46 | # define OSSL_CRMF_SUBSEQUENTMESSAGE_CHALLENGERESP 1 | |
47 | ||
7960dbec | 48 | typedef struct ossl_crmf_encryptedvalue_st OSSL_CRMF_ENCRYPTEDVALUE; |
2a3b52ea | 49 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDVALUE) |
7960dbec | 50 | typedef struct ossl_crmf_msg_st OSSL_CRMF_MSG; |
2a3b52ea | 51 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSG) |
299e0f1e | 52 | DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_MSG) |
98c35dc4 MC |
53 | {- |
54 | generate_stack_macros("OSSL_CRMF_MSG"); | |
55 | -} | |
7960dbec DDO |
56 | typedef struct ossl_crmf_attributetypeandvalue_st OSSL_CRMF_ATTRIBUTETYPEANDVALUE; |
57 | typedef struct ossl_crmf_pbmparameter_st OSSL_CRMF_PBMPARAMETER; | |
2a3b52ea | 58 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PBMPARAMETER) |
7960dbec DDO |
59 | typedef struct ossl_crmf_poposigningkey_st OSSL_CRMF_POPOSIGNINGKEY; |
60 | typedef struct ossl_crmf_certrequest_st OSSL_CRMF_CERTREQUEST; | |
61 | typedef struct ossl_crmf_certid_st OSSL_CRMF_CERTID; | |
2a3b52ea | 62 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTID) |
6e15b81c | 63 | DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTID) |
98c35dc4 MC |
64 | {- |
65 | generate_stack_macros("OSSL_CRMF_CERTID"); | |
66 | -} | |
2a3b52ea | 67 | |
7960dbec | 68 | typedef struct ossl_crmf_pkipublicationinfo_st OSSL_CRMF_PKIPUBLICATIONINFO; |
2a3b52ea | 69 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKIPUBLICATIONINFO) |
7960dbec | 70 | typedef struct ossl_crmf_singlepubinfo_st OSSL_CRMF_SINGLEPUBINFO; |
2a3b52ea | 71 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_SINGLEPUBINFO) |
7960dbec | 72 | typedef struct ossl_crmf_certtemplate_st OSSL_CRMF_CERTTEMPLATE; |
2a3b52ea DO |
73 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTTEMPLATE) |
74 | typedef STACK_OF(OSSL_CRMF_MSG) OSSL_CRMF_MSGS; | |
75 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS) | |
76 | ||
7960dbec | 77 | typedef struct ossl_crmf_optionalvalidity_st OSSL_CRMF_OPTIONALVALIDITY; |
2a3b52ea DO |
78 | |
79 | /* crmf_pbm.c */ | |
b4250010 | 80 | OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OSSL_LIB_CTX *libctx, size_t slen, |
97e00da9 DDO |
81 | int owfnid, size_t itercnt, |
82 | int macnid); | |
b4250010 | 83 | int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq, |
6d1f50b5 | 84 | const OSSL_CRMF_PBMPARAMETER *pbmp, |
2a3b52ea DO |
85 | const unsigned char *msg, size_t msglen, |
86 | const unsigned char *sec, size_t seclen, | |
a61b7f2f | 87 | unsigned char **mac, size_t *maclen); |
2a3b52ea DO |
88 | |
89 | /* crmf_lib.c */ | |
90 | int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg, | |
91 | const ASN1_UTF8STRING *tok); | |
92 | int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg, | |
93 | const ASN1_UTF8STRING *auth); | |
235595c4 DDO |
94 | int |
95 | OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi, | |
96 | OSSL_CRMF_SINGLEPUBINFO *spi); | |
2a3b52ea DO |
97 | # define OSSL_CRMF_PUB_METHOD_DONTCARE 0 |
98 | # define OSSL_CRMF_PUB_METHOD_X500 1 | |
99 | # define OSSL_CRMF_PUB_METHOD_WEB 2 | |
100 | # define OSSL_CRMF_PUB_METHOD_LDAP 3 | |
101 | int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi, | |
102 | int method, GENERAL_NAME *nm); | |
103 | # define OSSL_CRMF_PUB_ACTION_DONTPUBLISH 0 | |
104 | # define OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH 1 | |
235595c4 DDO |
105 | int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi, |
106 | int action); | |
2a3b52ea | 107 | int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg, |
235595c4 | 108 | const OSSL_CRMF_PKIPUBLICATIONINFO *pi); |
2a3b52ea DO |
109 | int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg, |
110 | const X509_PUBKEY *pubkey); | |
111 | int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg, | |
112 | const OSSL_CRMF_CERTID *cid); | |
113 | OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer, | |
114 | const ASN1_INTEGER *serial); | |
115 | ||
116 | int OSSL_CRMF_MSG_set1_regInfo_utf8Pairs(OSSL_CRMF_MSG *msg, | |
117 | const ASN1_UTF8STRING *utf8pairs); | |
118 | int OSSL_CRMF_MSG_set1_regInfo_certReq(OSSL_CRMF_MSG *msg, | |
119 | const OSSL_CRMF_CERTREQUEST *cr); | |
120 | ||
11baa470 DDO |
121 | int OSSL_CRMF_MSG_set0_validity(OSSL_CRMF_MSG *crm, |
122 | ASN1_TIME *notBefore, ASN1_TIME *notAfter); | |
2a3b52ea | 123 | int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid); |
62dcd2aa | 124 | int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm); |
2a3b52ea DO |
125 | int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm, X509_EXTENSIONS *exts); |
126 | ||
7960dbec | 127 | int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, X509_EXTENSION *ext); |
235595c4 | 128 | # define OSSL_CRMF_POPO_NONE -1 |
2a3b52ea DO |
129 | # define OSSL_CRMF_POPO_RAVERIFIED 0 |
130 | # define OSSL_CRMF_POPO_SIGNATURE 1 | |
131 | # define OSSL_CRMF_POPO_KEYENC 2 | |
132 | # define OSSL_CRMF_POPO_KEYAGREE 3 | |
6d1f50b5 DDO |
133 | int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm, |
134 | EVP_PKEY *pkey, const EVP_MD *digest, | |
b4250010 | 135 | OSSL_LIB_CTX *libctx, const char *propq); |
2a3b52ea | 136 | int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, |
6d1f50b5 | 137 | int rid, int acceptRAVerified, |
b4250010 | 138 | OSSL_LIB_CTX *libctx, const char *propq); |
2a3b52ea | 139 | OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm); |
62dcd2aa DDO |
140 | ASN1_INTEGER |
141 | *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl); | |
8cc86b81 | 142 | const X509_NAME |
62dcd2aa | 143 | *OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl); |
8cc86b81 DDO |
144 | const X509_NAME |
145 | *OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid); | |
7960dbec | 146 | ASN1_INTEGER *OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID *cid); |
2a3b52ea | 147 | int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl, |
a61b7f2f | 148 | EVP_PKEY *pubkey, |
2a3b52ea DO |
149 | const X509_NAME *subject, |
150 | const X509_NAME *issuer, | |
151 | const ASN1_INTEGER *serial); | |
62dcd2aa DDO |
152 | X509 |
153 | *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert, | |
b4250010 | 154 | OSSL_LIB_CTX *libctx, const char *propq, |
62dcd2aa | 155 | EVP_PKEY *pkey); |
2a3b52ea DO |
156 | |
157 | # ifdef __cplusplus | |
158 | } | |
159 | # endif | |
62dcd2aa DDO |
160 | # endif /* !defined(OPENSSL_NO_CRMF) */ |
161 | #endif /* !defined(OPENSSL_CRMF_H) */ |