2 * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #ifndef HEADER_PKCS12_H
11 # define HEADER_PKCS12_H
13 # include <openssl/bio.h>
14 # include <openssl/x509.h>
15 # include <openssl/pkcs12err.h>
21 # define PKCS12_KEY_ID 1
22 # define PKCS12_IV_ID 2
23 # define PKCS12_MAC_ID 3
25 /* Default iteration count */
26 # ifndef PKCS12_DEFAULT_ITER
27 # define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER
30 # define PKCS12_MAC_KEY_LENGTH 20
32 # define PKCS12_SALT_LEN 8
34 /* It's not clear if these are actually needed... */
35 # define PKCS12_key_gen PKCS12_key_gen_utf8
36 # define PKCS12_add_friendlyname PKCS12_add_friendlyname_utf8
38 /* MS key usage constants */
43 typedef struct PKCS12_MAC_DATA_st PKCS12_MAC_DATA
;
45 typedef struct PKCS12_st PKCS12
;
47 typedef struct PKCS12_SAFEBAG_st PKCS12_SAFEBAG
;
49 DEFINE_STACK_OF(PKCS12_SAFEBAG
)
51 typedef struct pkcs12_bag_st PKCS12_BAGS
;
53 # define PKCS12_ERROR 0
56 /* Compatibility macros */
58 #if !OPENSSL_API_1_1_0
60 # define M_PKCS12_bag_type PKCS12_bag_type
61 # define M_PKCS12_cert_bag_type PKCS12_cert_bag_type
62 # define M_PKCS12_crl_bag_type PKCS12_cert_bag_type
64 # define PKCS12_certbag2x509 PKCS12_SAFEBAG_get1_cert
65 # define PKCS12_certbag2scrl PKCS12_SAFEBAG_get1_crl
66 # define PKCS12_bag_type PKCS12_SAFEBAG_get_nid
67 # define PKCS12_cert_bag_type PKCS12_SAFEBAG_get_bag_nid
68 # define PKCS12_x5092certbag PKCS12_SAFEBAG_create_cert
69 # define PKCS12_x509crl2certbag PKCS12_SAFEBAG_create_crl
70 # define PKCS12_MAKE_KEYBAG PKCS12_SAFEBAG_create0_p8inf
71 # define PKCS12_MAKE_SHKEYBAG PKCS12_SAFEBAG_create_pkcs8_encrypt
75 DEPRECATEDIN_1_1_0(ASN1_TYPE
*PKCS12_get_attr(const PKCS12_SAFEBAG
*bag
, int attr_nid
))
77 ASN1_TYPE
*PKCS8_get_attr(PKCS8_PRIV_KEY_INFO
*p8
, int attr_nid
);
78 int PKCS12_mac_present(const PKCS12
*p12
);
79 void PKCS12_get0_mac(const ASN1_OCTET_STRING
**pmac
,
80 const X509_ALGOR
**pmacalg
,
81 const ASN1_OCTET_STRING
**psalt
,
82 const ASN1_INTEGER
**piter
,
85 const ASN1_TYPE
*PKCS12_SAFEBAG_get0_attr(const PKCS12_SAFEBAG
*bag
,
87 const ASN1_OBJECT
*PKCS12_SAFEBAG_get0_type(const PKCS12_SAFEBAG
*bag
);
88 int PKCS12_SAFEBAG_get_nid(const PKCS12_SAFEBAG
*bag
);
89 int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG
*bag
);
91 X509
*PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG
*bag
);
92 X509_CRL
*PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG
*bag
);
93 const STACK_OF(PKCS12_SAFEBAG
) *
94 PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG
*bag
);
95 const PKCS8_PRIV_KEY_INFO
*PKCS12_SAFEBAG_get0_p8inf(const PKCS12_SAFEBAG
*bag
);
96 const X509_SIG
*PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG
*bag
);
98 PKCS12_SAFEBAG
*PKCS12_SAFEBAG_create_cert(X509
*x509
);
99 PKCS12_SAFEBAG
*PKCS12_SAFEBAG_create_crl(X509_CRL
*crl
);
100 PKCS12_SAFEBAG
*PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO
*p8
);
101 PKCS12_SAFEBAG
*PKCS12_SAFEBAG_create0_pkcs8(X509_SIG
*p8
);
102 PKCS12_SAFEBAG
*PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid
,
106 int saltlen
, int iter
,
107 PKCS8_PRIV_KEY_INFO
*p8inf
);
109 PKCS12_SAFEBAG
*PKCS12_item_pack_safebag(void *obj
, const ASN1_ITEM
*it
,
111 PKCS8_PRIV_KEY_INFO
*PKCS8_decrypt(const X509_SIG
*p8
, const char *pass
,
113 PKCS8_PRIV_KEY_INFO
*PKCS12_decrypt_skey(const PKCS12_SAFEBAG
*bag
,
114 const char *pass
, int passlen
);
115 X509_SIG
*PKCS8_encrypt(int pbe_nid
, const EVP_CIPHER
*cipher
,
116 const char *pass
, int passlen
, unsigned char *salt
,
117 int saltlen
, int iter
, PKCS8_PRIV_KEY_INFO
*p8
);
118 X509_SIG
*PKCS8_set0_pbe(const char *pass
, int passlen
,
119 PKCS8_PRIV_KEY_INFO
*p8inf
, X509_ALGOR
*pbe
);
120 PKCS7
*PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG
) *sk
);
121 STACK_OF(PKCS12_SAFEBAG
) *PKCS12_unpack_p7data(PKCS7
*p7
);
122 PKCS7
*PKCS12_pack_p7encdata(int pbe_nid
, const char *pass
, int passlen
,
123 unsigned char *salt
, int saltlen
, int iter
,
124 STACK_OF(PKCS12_SAFEBAG
) *bags
);
125 STACK_OF(PKCS12_SAFEBAG
) *PKCS12_unpack_p7encdata(PKCS7
*p7
, const char *pass
,
128 int PKCS12_pack_authsafes(PKCS12
*p12
, STACK_OF(PKCS7
) *safes
);
129 STACK_OF(PKCS7
) *PKCS12_unpack_authsafes(const PKCS12
*p12
);
131 int PKCS12_add_localkeyid(PKCS12_SAFEBAG
*bag
, unsigned char *name
,
133 int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG
*bag
, const char *name
,
135 int PKCS12_add_friendlyname_utf8(PKCS12_SAFEBAG
*bag
, const char *name
,
137 int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG
*bag
, const char *name
,
139 int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG
*bag
,
140 const unsigned char *name
, int namelen
);
141 int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO
*p8
, int usage
);
142 ASN1_TYPE
*PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE
) *attrs
,
144 char *PKCS12_get_friendlyname(PKCS12_SAFEBAG
*bag
);
145 const STACK_OF(X509_ATTRIBUTE
) *
146 PKCS12_SAFEBAG_get0_attrs(const PKCS12_SAFEBAG
*bag
);
147 unsigned char *PKCS12_pbe_crypt(const X509_ALGOR
*algor
,
148 const char *pass
, int passlen
,
149 const unsigned char *in
, int inlen
,
150 unsigned char **data
, int *datalen
,
152 void *PKCS12_item_decrypt_d2i(const X509_ALGOR
*algor
, const ASN1_ITEM
*it
,
153 const char *pass
, int passlen
,
154 const ASN1_OCTET_STRING
*oct
, int zbuf
);
155 ASN1_OCTET_STRING
*PKCS12_item_i2d_encrypt(X509_ALGOR
*algor
,
157 const char *pass
, int passlen
,
158 void *obj
, int zbuf
);
159 PKCS12
*PKCS12_init(int mode
);
160 int PKCS12_key_gen_asc(const char *pass
, int passlen
, unsigned char *salt
,
161 int saltlen
, int id
, int iter
, int n
,
162 unsigned char *out
, const EVP_MD
*md_type
);
163 int PKCS12_key_gen_uni(unsigned char *pass
, int passlen
, unsigned char *salt
,
164 int saltlen
, int id
, int iter
, int n
,
165 unsigned char *out
, const EVP_MD
*md_type
);
166 int PKCS12_key_gen_utf8(const char *pass
, int passlen
, unsigned char *salt
,
167 int saltlen
, int id
, int iter
, int n
,
168 unsigned char *out
, const EVP_MD
*md_type
);
169 int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX
*ctx
, const char *pass
, int passlen
,
170 ASN1_TYPE
*param
, const EVP_CIPHER
*cipher
,
171 const EVP_MD
*md_type
, int en_de
);
172 int PKCS12_gen_mac(PKCS12
*p12
, const char *pass
, int passlen
,
173 unsigned char *mac
, unsigned int *maclen
);
174 int PKCS12_verify_mac(PKCS12
*p12
, const char *pass
, int passlen
);
175 int PKCS12_set_mac(PKCS12
*p12
, const char *pass
, int passlen
,
176 unsigned char *salt
, int saltlen
, int iter
,
177 const EVP_MD
*md_type
);
178 int PKCS12_setup_mac(PKCS12
*p12
, int iter
, unsigned char *salt
,
179 int saltlen
, const EVP_MD
*md_type
);
180 unsigned char *OPENSSL_asc2uni(const char *asc
, int asclen
,
181 unsigned char **uni
, int *unilen
);
182 char *OPENSSL_uni2asc(const unsigned char *uni
, int unilen
);
183 unsigned char *OPENSSL_utf82uni(const char *asc
, int asclen
,
184 unsigned char **uni
, int *unilen
);
185 char *OPENSSL_uni2utf8(const unsigned char *uni
, int unilen
);
187 DECLARE_ASN1_FUNCTIONS(PKCS12
)
188 DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA
)
189 DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG
)
190 DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS
)
192 DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS
)
193 DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES
)
195 void PKCS12_PBE_add(void);
196 int PKCS12_parse(PKCS12
*p12
, const char *pass
, EVP_PKEY
**pkey
, X509
**cert
,
197 STACK_OF(X509
) **ca
);
198 PKCS12
*PKCS12_create(const char *pass
, const char *name
, EVP_PKEY
*pkey
,
199 X509
*cert
, STACK_OF(X509
) *ca
, int nid_key
, int nid_cert
,
200 int iter
, int mac_iter
, int keytype
);
202 PKCS12_SAFEBAG
*PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG
) **pbags
, X509
*cert
);
203 PKCS12_SAFEBAG
*PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG
) **pbags
,
204 EVP_PKEY
*key
, int key_usage
, int iter
,
205 int key_nid
, const char *pass
);
206 int PKCS12_add_safe(STACK_OF(PKCS7
) **psafes
, STACK_OF(PKCS12_SAFEBAG
) *bags
,
207 int safe_nid
, int iter
, const char *pass
);
208 PKCS12
*PKCS12_add_safes(STACK_OF(PKCS7
) *safes
, int p7_nid
);
210 int i2d_PKCS12_bio(BIO
*bp
, const PKCS12
*p12
);
211 # ifndef OPENSSL_NO_STDIO
212 int i2d_PKCS12_fp(FILE *fp
, const PKCS12
*p12
);
214 PKCS12
*d2i_PKCS12_bio(BIO
*bp
, PKCS12
**p12
);
215 # ifndef OPENSSL_NO_STDIO
216 PKCS12
*d2i_PKCS12_fp(FILE *fp
, PKCS12
**p12
);
218 int PKCS12_newpass(PKCS12
*p12
, const char *oldpass
, const char *newpass
);