| /*- |
| * {- join("\n * ", @autowarntext) -} |
| * |
| * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved. |
| * Copyright Nokia 2007-2019 |
| * Copyright Siemens AG 2015-2019 |
| * |
| * Licensed under the Apache License 2.0 (the "License"). You may not use |
| * this file except in compliance with the License. You can obtain a copy |
| * in the file LICENSE in the source distribution or at |
| * https://www.openssl.org/source/license.html |
| * |
| * CRMF (RFC 4211) implementation by M. Peylo, M. Viljanen, and D. von Oheimb. |
| */ |
| |
| {- |
| use OpenSSL::stackhash qw(generate_stack_macros); |
| -} |
| |
| #ifndef OPENSSL_CRMF_H |
| # define OPENSSL_CRMF_H |
| |
| # include <openssl/opensslconf.h> |
| |
| # ifndef OPENSSL_NO_CRMF |
| # include <openssl/opensslv.h> |
| # include <openssl/safestack.h> |
| # include <openssl/crmferr.h> |
| # include <openssl/x509v3.h> /* for GENERAL_NAME etc. */ |
| |
| /* explicit #includes not strictly needed since implied by the above: */ |
| # include <openssl/types.h> |
| # include <openssl/x509.h> |
| |
| # ifdef __cplusplus |
| extern "C" { |
| # endif |
| |
| # define OSSL_CRMF_POPOPRIVKEY_THISMESSAGE 0 |
| # define OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE 1 |
| # define OSSL_CRMF_POPOPRIVKEY_DHMAC 2 |
| # define OSSL_CRMF_POPOPRIVKEY_AGREEMAC 3 |
| # define OSSL_CRMF_POPOPRIVKEY_ENCRYPTEDKEY 4 |
| |
| # define OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT 0 |
| # define OSSL_CRMF_SUBSEQUENTMESSAGE_CHALLENGERESP 1 |
| |
| typedef struct ossl_crmf_encryptedvalue_st OSSL_CRMF_ENCRYPTEDVALUE; |
| DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDVALUE) |
| typedef struct ossl_crmf_msg_st OSSL_CRMF_MSG; |
| DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSG) |
| DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_MSG) |
| {- |
| generate_stack_macros("OSSL_CRMF_MSG"); |
| -} |
| typedef struct ossl_crmf_attributetypeandvalue_st OSSL_CRMF_ATTRIBUTETYPEANDVALUE; |
| typedef struct ossl_crmf_pbmparameter_st OSSL_CRMF_PBMPARAMETER; |
| DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PBMPARAMETER) |
| typedef struct ossl_crmf_poposigningkey_st OSSL_CRMF_POPOSIGNINGKEY; |
| typedef struct ossl_crmf_certrequest_st OSSL_CRMF_CERTREQUEST; |
| typedef struct ossl_crmf_certid_st OSSL_CRMF_CERTID; |
| DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTID) |
| DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTID) |
| {- |
| generate_stack_macros("OSSL_CRMF_CERTID"); |
| -} |
| |
| typedef struct ossl_crmf_pkipublicationinfo_st OSSL_CRMF_PKIPUBLICATIONINFO; |
| DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKIPUBLICATIONINFO) |
| typedef struct ossl_crmf_singlepubinfo_st OSSL_CRMF_SINGLEPUBINFO; |
| DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_SINGLEPUBINFO) |
| typedef struct ossl_crmf_certtemplate_st OSSL_CRMF_CERTTEMPLATE; |
| DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTTEMPLATE) |
| typedef STACK_OF(OSSL_CRMF_MSG) OSSL_CRMF_MSGS; |
| DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS) |
| |
| typedef struct ossl_crmf_optionalvalidity_st OSSL_CRMF_OPTIONALVALIDITY; |
| |
| /* crmf_pbm.c */ |
| OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OSSL_LIB_CTX *libctx, size_t slen, |
| int owfnid, size_t itercnt, |
| int macnid); |
| int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq, |
| const OSSL_CRMF_PBMPARAMETER *pbmp, |
| const unsigned char *msg, size_t msglen, |
| const unsigned char *sec, size_t seclen, |
| unsigned char **mac, size_t *maclen); |
| |
| /* crmf_lib.c */ |
| int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg, |
| const ASN1_UTF8STRING *tok); |
| ASN1_UTF8STRING |
| *OSSL_CRMF_MSG_get0_regCtrl_regToken(const OSSL_CRMF_MSG *msg); |
| int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg, |
| const ASN1_UTF8STRING *auth); |
| ASN1_UTF8STRING |
| *OSSL_CRMF_MSG_get0_regCtrl_authenticator(const OSSL_CRMF_MSG *msg); |
| int |
| OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi, |
| OSSL_CRMF_SINGLEPUBINFO *spi); |
| # define OSSL_CRMF_PUB_METHOD_DONTCARE 0 |
| # define OSSL_CRMF_PUB_METHOD_X500 1 |
| # define OSSL_CRMF_PUB_METHOD_WEB 2 |
| # define OSSL_CRMF_PUB_METHOD_LDAP 3 |
| int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi, |
| int method, GENERAL_NAME *nm); |
| # define OSSL_CRMF_PUB_ACTION_DONTPUBLISH 0 |
| # define OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH 1 |
| int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi, |
| int action); |
| int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg, |
| const OSSL_CRMF_PKIPUBLICATIONINFO *pi); |
| OSSL_CRMF_PKIPUBLICATIONINFO |
| *OSSL_CRMF_MSG_get0_regCtrl_pkiPublicationInfo(const OSSL_CRMF_MSG *msg); |
| int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg, |
| const X509_PUBKEY *pubkey); |
| X509_PUBKEY |
| *OSSL_CRMF_MSG_get0_regCtrl_protocolEncrKey(const OSSL_CRMF_MSG *msg); |
| int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg, |
| const OSSL_CRMF_CERTID *cid); |
| OSSL_CRMF_CERTID |
| *OSSL_CRMF_MSG_get0_regCtrl_oldCertID(const OSSL_CRMF_MSG *msg); |
| OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer, |
| const ASN1_INTEGER *serial); |
| |
| int OSSL_CRMF_MSG_set1_regInfo_utf8Pairs(OSSL_CRMF_MSG *msg, |
| const ASN1_UTF8STRING *utf8pairs); |
| ASN1_UTF8STRING |
| *OSSL_CRMF_MSG_get0_regInfo_utf8Pairs(const OSSL_CRMF_MSG *msg); |
| int OSSL_CRMF_MSG_set1_regInfo_certReq(OSSL_CRMF_MSG *msg, |
| const OSSL_CRMF_CERTREQUEST *cr); |
| OSSL_CRMF_CERTREQUEST |
| *OSSL_CRMF_MSG_get0_regInfo_certReq(const OSSL_CRMF_MSG *msg); |
| |
| int OSSL_CRMF_MSG_set0_validity(OSSL_CRMF_MSG *crm, |
| ASN1_TIME *notBefore, ASN1_TIME *notAfter); |
| int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid); |
| int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm); |
| int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm, X509_EXTENSIONS *exts); |
| |
| int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, X509_EXTENSION *ext); |
| # define OSSL_CRMF_POPO_NONE -1 |
| # define OSSL_CRMF_POPO_RAVERIFIED 0 |
| # define OSSL_CRMF_POPO_SIGNATURE 1 |
| # define OSSL_CRMF_POPO_KEYENC 2 |
| # define OSSL_CRMF_POPO_KEYAGREE 3 |
| int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm, |
| EVP_PKEY *pkey, const EVP_MD *digest, |
| OSSL_LIB_CTX *libctx, const char *propq); |
| int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, |
| int rid, int acceptRAVerified, |
| OSSL_LIB_CTX *libctx, const char *propq); |
| OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm); |
| const ASN1_INTEGER |
| *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl); |
| const X509_NAME |
| *OSSL_CRMF_CERTTEMPLATE_get0_subject(const OSSL_CRMF_CERTTEMPLATE *tmpl); |
| const X509_NAME |
| *OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl); |
| X509_EXTENSIONS |
| *OSSL_CRMF_CERTTEMPLATE_get0_extensions(const OSSL_CRMF_CERTTEMPLATE *tmpl); |
| const X509_NAME |
| *OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid); |
| const ASN1_INTEGER |
| *OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID *cid); |
| int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl, |
| EVP_PKEY *pubkey, |
| const X509_NAME *subject, |
| const X509_NAME *issuer, |
| const ASN1_INTEGER *serial); |
| X509 |
| *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert, |
| OSSL_LIB_CTX *libctx, const char *propq, |
| EVP_PKEY *pkey); |
| |
| # ifdef __cplusplus |
| } |
| # endif |
| # endif /* !defined(OPENSSL_NO_CRMF) */ |
| #endif /* !defined(OPENSSL_CRMF_H) */ |
