]>
Commit | Line | Data |
---|---|---|
a61b7f2f | 1 | /*- |
8869ad4a AK |
2 | * Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved. |
3 | * Copyright Nokia 2007-2019 | |
4 | * Copyright Siemens AG 2015-2019 | |
2a3b52ea | 5 | * |
ce9b9964 | 6 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
2a3b52ea DO |
7 | * this file except in compliance with the License. You can obtain a copy |
8 | * in the file LICENSE in the source distribution or at | |
9 | * https://www.openssl.org/source/license.html | |
10 | * | |
a61b7f2f | 11 | * CRMF (RFC 4211) implementation by M. Peylo, M. Viljanen, and D. von Oheimb. |
2a3b52ea DO |
12 | */ |
13 | ||
14 | #ifndef OSSL_HEADER_CRMF_H | |
15 | # define OSSL_HEADER_CRMF_H | |
16 | ||
17 | # include <openssl/opensslconf.h> | |
18 | ||
538f38db | 19 | # ifndef OPENSSL_NO_CRMF |
2a3b52ea DO |
20 | # include <openssl/opensslv.h> |
21 | # include <openssl/safestack.h> | |
22 | # include <openssl/crmferr.h> | |
23 | # include <openssl/x509v3.h> /* for GENERAL_NAME etc. */ | |
24 | ||
25 | /* explicit #includes not strictly needed since implied by the above: */ | |
26 | # include <openssl/ossl_typ.h> | |
27 | # include <openssl/x509.h> | |
28 | ||
29 | # ifdef __cplusplus | |
30 | extern "C" { | |
31 | # endif | |
32 | ||
33 | # define OSSL_CRMF_POPOPRIVKEY_THISMESSAGE 0 | |
34 | # define OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE 1 | |
35 | # define OSSL_CRMF_POPOPRIVKEY_DHMAC 2 | |
36 | # define OSSL_CRMF_POPOPRIVKEY_AGREEMAC 3 | |
37 | # define OSSL_CRMF_POPOPRIVKEY_ENCRYPTEDKEY 4 | |
38 | ||
39 | # define OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT 0 | |
40 | # define OSSL_CRMF_SUBSEQUENTMESSAGE_CHALLENGERESP 1 | |
41 | ||
a61b7f2f | 42 | typedef struct OSSL_crmf_encryptedvalue_st OSSL_CRMF_ENCRYPTEDVALUE; |
2a3b52ea DO |
43 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDVALUE) |
44 | typedef struct OSSL_crmf_msg_st OSSL_CRMF_MSG; | |
45 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSG) | |
46 | DEFINE_STACK_OF(OSSL_CRMF_MSG) | |
47 | typedef struct OSSL_crmf_attributetypeandvalue_st OSSL_CRMF_ATTRIBUTETYPEANDVALUE; | |
48 | typedef struct OSSL_crmf_pbmparameter_st OSSL_CRMF_PBMPARAMETER; | |
49 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PBMPARAMETER) | |
50 | typedef struct OSSL_crmf_poposigningkey_st OSSL_CRMF_POPOSIGNINGKEY; | |
51 | typedef struct OSSL_crmf_certrequest_st OSSL_CRMF_CERTREQUEST; | |
52 | typedef struct OSSL_crmf_certid_st OSSL_CRMF_CERTID; | |
53 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTID) | |
54 | DEFINE_STACK_OF(OSSL_CRMF_CERTID) | |
55 | ||
56 | typedef struct OSSL_crmf_pkipublicationinfo_st OSSL_CRMF_PKIPUBLICATIONINFO; | |
57 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKIPUBLICATIONINFO) | |
58 | typedef struct OSSL_crmf_singlepubinfo_st OSSL_CRMF_SINGLEPUBINFO; | |
59 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_SINGLEPUBINFO) | |
60 | typedef struct OSSL_crmf_certtemplate_st OSSL_CRMF_CERTTEMPLATE; | |
61 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTTEMPLATE) | |
62 | typedef STACK_OF(OSSL_CRMF_MSG) OSSL_CRMF_MSGS; | |
63 | DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS) | |
64 | ||
65 | typedef struct OSSL_crmf_optionalvalidity_st OSSL_CRMF_OPTIONALVALIDITY; | |
66 | ||
67 | /* crmf_pbm.c */ | |
68 | OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid, | |
69 | int itercnt, int macnid); | |
70 | int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp, | |
71 | const unsigned char *msg, size_t msglen, | |
72 | const unsigned char *sec, size_t seclen, | |
a61b7f2f | 73 | unsigned char **mac, size_t *maclen); |
2a3b52ea DO |
74 | |
75 | /* crmf_lib.c */ | |
76 | int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg, | |
77 | const ASN1_UTF8STRING *tok); | |
78 | int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg, | |
79 | const ASN1_UTF8STRING *auth); | |
80 | int OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo( | |
81 | OSSL_CRMF_PKIPUBLICATIONINFO *pi, | |
82 | OSSL_CRMF_SINGLEPUBINFO *spi); | |
83 | # define OSSL_CRMF_PUB_METHOD_DONTCARE 0 | |
84 | # define OSSL_CRMF_PUB_METHOD_X500 1 | |
85 | # define OSSL_CRMF_PUB_METHOD_WEB 2 | |
86 | # define OSSL_CRMF_PUB_METHOD_LDAP 3 | |
87 | int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi, | |
88 | int method, GENERAL_NAME *nm); | |
89 | # define OSSL_CRMF_PUB_ACTION_DONTPUBLISH 0 | |
90 | # define OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH 1 | |
91 | int OSSL_CRMF_MSG_set_PKIPublicationInfo_action( | |
92 | OSSL_CRMF_PKIPUBLICATIONINFO *pi, int action); | |
93 | int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg, | |
94 | const OSSL_CRMF_PKIPUBLICATIONINFO *pi); | |
95 | int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg, | |
96 | const X509_PUBKEY *pubkey); | |
97 | int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg, | |
98 | const OSSL_CRMF_CERTID *cid); | |
99 | OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer, | |
100 | const ASN1_INTEGER *serial); | |
101 | ||
102 | int OSSL_CRMF_MSG_set1_regInfo_utf8Pairs(OSSL_CRMF_MSG *msg, | |
103 | const ASN1_UTF8STRING *utf8pairs); | |
104 | int OSSL_CRMF_MSG_set1_regInfo_certReq(OSSL_CRMF_MSG *msg, | |
105 | const OSSL_CRMF_CERTREQUEST *cr); | |
106 | ||
107 | int OSSL_CRMF_MSG_set_validity(OSSL_CRMF_MSG *crm, time_t from, time_t to); | |
108 | int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid); | |
109 | int OSSL_CRMF_MSG_get_certReqId(OSSL_CRMF_MSG *crm); | |
110 | int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm, X509_EXTENSIONS *exts); | |
111 | ||
112 | int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, const X509_EXTENSION *ext); | |
113 | # define OSSL_CRMF_POPO_NONE -1 | |
114 | # define OSSL_CRMF_POPO_RAVERIFIED 0 | |
115 | # define OSSL_CRMF_POPO_SIGNATURE 1 | |
116 | # define OSSL_CRMF_POPO_KEYENC 2 | |
117 | # define OSSL_CRMF_POPO_KEYAGREE 3 | |
a61b7f2f | 118 | int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey, |
2a3b52ea DO |
119 | int dgst, int ppmtd); |
120 | int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, | |
121 | int rid, int acceptRAVerified); | |
122 | OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm); | |
123 | ASN1_INTEGER *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(OSSL_CRMF_CERTTEMPLATE *t); | |
124 | X509_NAME *OSSL_CRMF_CERTTEMPLATE_get0_issuer(OSSL_CRMF_CERTTEMPLATE *tmpl); | |
125 | int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl, | |
a61b7f2f | 126 | EVP_PKEY *pubkey, |
2a3b52ea DO |
127 | const X509_NAME *subject, |
128 | const X509_NAME *issuer, | |
129 | const ASN1_INTEGER *serial); | |
130 | X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(OSSL_CRMF_ENCRYPTEDVALUE *ecert, | |
131 | EVP_PKEY *pkey); | |
132 | ||
133 | # ifdef __cplusplus | |
134 | } | |
135 | # endif | |
538f38db | 136 | # endif /* !defined OPENSSL_NO_CRMF */ |
2a3b52ea | 137 | #endif /* !defined OSSL_HEADER_CRMF_H */ |