1 /* 2 * WARNING: do not edit! 3 * Generated by Makefile from include/openssl/cmp.h.in 4 * 5 * Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved. 6 * Copyright Nokia 2007-2019 7 * Copyright Siemens AG 2015-2019 8 * 9 * Licensed under the Apache License 2.0 (the "License"). You may not use 10 * this file except in compliance with the License. You can obtain a copy 11 * in the file LICENSE in the source distribution or at 12 * https://www.openssl.org/source/license.html 13 */ 14 15 16 17 #ifndef OPENSSL_CMP_H 18 # define OPENSSL_CMP_H 19 20 # include <openssl/opensslconf.h> 21 # ifndef OPENSSL_NO_CMP 22 23 # include <openssl/crmf.h> 24 # include <openssl/cmperr.h> 25 # include <openssl/cmp_util.h> 26 # include <openssl/http.h> 27 28 /* explicit #includes not strictly needed since implied by the above: */ 29 # include <openssl/types.h> 30 # include <openssl/safestack.h> 31 # include <openssl/x509.h> 32 # include <openssl/x509v3.h> 33 34 # ifdef __cplusplus 35 extern "C" { 36 # endif 37 38 # define OSSL_CMP_PVNO 2 39 40 /*- 41 * PKIFailureInfo ::= BIT STRING { 42 * -- since we can fail in more than one way! 43 * -- More codes may be added in the future if/when required. 44 * badAlg (0), 45 * -- unrecognized or unsupported Algorithm Identifier 46 * badMessageCheck (1), 47 * -- integrity check failed (e.g., signature did not verify) 48 * badRequest (2), 49 * -- transaction not permitted or supported 50 * badTime (3), 51 * -- messageTime was not sufficiently close to the system time, 52 * -- as defined by local policy 53 * badCertId (4), 54 * -- no certificate could be found matching the provided criteria 55 * badDataFormat (5), 56 * -- the data submitted has the wrong format 57 * wrongAuthority (6), 58 * -- the authority indicated in the request is different from the 59 * -- one creating the response token 60 * incorrectData (7), 61 * -- the requester's data is incorrect (for notary services) 62 * missingTimeStamp (8), 63 * -- when the timestamp is missing but should be there 64 * -- (by policy) 65 * badPOP (9), 66 * -- the proof-of-possession failed 67 * certRevoked (10), 68 * -- the certificate has already been revoked 69 * certConfirmed (11), 70 * -- the certificate has already been confirmed 71 * wrongIntegrity (12), 72 * -- invalid integrity, password based instead of signature or 73 * -- vice versa 74 * badRecipientNonce (13), 75 * -- invalid recipient nonce, either missing or wrong value 76 * timeNotAvailable (14), 77 * -- the TSA's time source is not available 78 * unacceptedPolicy (15), 79 * -- the requested TSA policy is not supported by the TSA. 80 * unacceptedExtension (16), 81 * -- the requested extension is not supported by the TSA. 82 * addInfoNotAvailable (17), 83 * -- the additional information requested could not be 84 * -- understood or is not available 85 * badSenderNonce (18), 86 * -- invalid sender nonce, either missing or wrong size 87 * badCertTemplate (19), 88 * -- invalid cert. template or missing mandatory information 89 * signerNotTrusted (20), 90 * -- signer of the message unknown or not trusted 91 * transactionIdInUse (21), 92 * -- the transaction identifier is already in use 93 * unsupportedVersion (22), 94 * -- the version of the message is not supported 95 * notAuthorized (23), 96 * -- the sender was not authorized to make the preceding 97 * -- request or perform the preceding action 98 * systemUnavail (24), 99 * -- the request cannot be handled due to system unavailability 100 * systemFailure (25), 101 * -- the request cannot be handled due to system failure 102 * duplicateCertReq (26) 103 * -- certificate cannot be issued because a duplicate 104 * -- certificate already exists 105 * } 106 */ 107 # define OSSL_CMP_PKIFAILUREINFO_badAlg 0 108 # define OSSL_CMP_PKIFAILUREINFO_badMessageCheck 1 109 # define OSSL_CMP_PKIFAILUREINFO_badRequest 2 110 # define OSSL_CMP_PKIFAILUREINFO_badTime 3 111 # define OSSL_CMP_PKIFAILUREINFO_badCertId 4 112 # define OSSL_CMP_PKIFAILUREINFO_badDataFormat 5 113 # define OSSL_CMP_PKIFAILUREINFO_wrongAuthority 6 114 # define OSSL_CMP_PKIFAILUREINFO_incorrectData 7 115 # define OSSL_CMP_PKIFAILUREINFO_missingTimeStamp 8 116 # define OSSL_CMP_PKIFAILUREINFO_badPOP 9 117 # define OSSL_CMP_PKIFAILUREINFO_certRevoked 10 118 # define OSSL_CMP_PKIFAILUREINFO_certConfirmed 11 119 # define OSSL_CMP_PKIFAILUREINFO_wrongIntegrity 12 120 # define OSSL_CMP_PKIFAILUREINFO_badRecipientNonce 13 121 # define OSSL_CMP_PKIFAILUREINFO_timeNotAvailable 14 122 # define OSSL_CMP_PKIFAILUREINFO_unacceptedPolicy 15 123 # define OSSL_CMP_PKIFAILUREINFO_unacceptedExtension 16 124 # define OSSL_CMP_PKIFAILUREINFO_addInfoNotAvailable 17 125 # define OSSL_CMP_PKIFAILUREINFO_badSenderNonce 18 126 # define OSSL_CMP_PKIFAILUREINFO_badCertTemplate 19 127 # define OSSL_CMP_PKIFAILUREINFO_signerNotTrusted 20 128 # define OSSL_CMP_PKIFAILUREINFO_transactionIdInUse 21 129 # define OSSL_CMP_PKIFAILUREINFO_unsupportedVersion 22 130 # define OSSL_CMP_PKIFAILUREINFO_notAuthorized 23 131 # define OSSL_CMP_PKIFAILUREINFO_systemUnavail 24 132 # define OSSL_CMP_PKIFAILUREINFO_systemFailure 25 133 # define OSSL_CMP_PKIFAILUREINFO_duplicateCertReq 26 134 # define OSSL_CMP_PKIFAILUREINFO_MAX 26 135 # define OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN \ 136 ((1 << (OSSL_CMP_PKIFAILUREINFO_MAX + 1)) - 1) 137 # if OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX 138 # error CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int 139 # endif 140 141 typedef ASN1_BIT_STRING OSSL_CMP_PKIFAILUREINFO; 142 143 # define OSSL_CMP_CTX_FAILINFO_badAlg (1 << 0) 144 # define OSSL_CMP_CTX_FAILINFO_badMessageCheck (1 << 1) 145 # define OSSL_CMP_CTX_FAILINFO_badRequest (1 << 2) 146 # define OSSL_CMP_CTX_FAILINFO_badTime (1 << 3) 147 # define OSSL_CMP_CTX_FAILINFO_badCertId (1 << 4) 148 # define OSSL_CMP_CTX_FAILINFO_badDataFormat (1 << 5) 149 # define OSSL_CMP_CTX_FAILINFO_wrongAuthority (1 << 6) 150 # define OSSL_CMP_CTX_FAILINFO_incorrectData (1 << 7) 151 # define OSSL_CMP_CTX_FAILINFO_missingTimeStamp (1 << 8) 152 # define OSSL_CMP_CTX_FAILINFO_badPOP (1 << 9) 153 # define OSSL_CMP_CTX_FAILINFO_certRevoked (1 << 10) 154 # define OSSL_CMP_CTX_FAILINFO_certConfirmed (1 << 11) 155 # define OSSL_CMP_CTX_FAILINFO_wrongIntegrity (1 << 12) 156 # define OSSL_CMP_CTX_FAILINFO_badRecipientNonce (1 << 13) 157 # define OSSL_CMP_CTX_FAILINFO_timeNotAvailable (1 << 14) 158 # define OSSL_CMP_CTX_FAILINFO_unacceptedPolicy (1 << 15) 159 # define OSSL_CMP_CTX_FAILINFO_unacceptedExtension (1 << 16) 160 # define OSSL_CMP_CTX_FAILINFO_addInfoNotAvailable (1 << 17) 161 # define OSSL_CMP_CTX_FAILINFO_badSenderNonce (1 << 18) 162 # define OSSL_CMP_CTX_FAILINFO_badCertTemplate (1 << 19) 163 # define OSSL_CMP_CTX_FAILINFO_signerNotTrusted (1 << 20) 164 # define OSSL_CMP_CTX_FAILINFO_transactionIdInUse (1 << 21) 165 # define OSSL_CMP_CTX_FAILINFO_unsupportedVersion (1 << 22) 166 # define OSSL_CMP_CTX_FAILINFO_notAuthorized (1 << 23) 167 # define OSSL_CMP_CTX_FAILINFO_systemUnavail (1 << 24) 168 # define OSSL_CMP_CTX_FAILINFO_systemFailure (1 << 25) 169 # define OSSL_CMP_CTX_FAILINFO_duplicateCertReq (1 << 26) 170 171 /*- 172 * PKIStatus ::= INTEGER { 173 * accepted (0), 174 * -- you got exactly what you asked for 175 * grantedWithMods (1), 176 * -- you got something like what you asked for; the 177 * -- requester is responsible for ascertaining the differences 178 * rejection (2), 179 * -- you don't get it, more information elsewhere in the message 180 * waiting (3), 181 * -- the request body part has not yet been processed; expect to 182 * -- hear more later (note: proper handling of this status 183 * -- response MAY use the polling req/rep PKIMessages specified 184 * -- in Section 5.3.22; alternatively, polling in the underlying 185 * -- transport layer MAY have some utility in this regard) 186 * revocationWarning (4), 187 * -- this message contains a warning that a revocation is 188 * -- imminent 189 * revocationNotification (5), 190 * -- notification that a revocation has occurred 191 * keyUpdateWarning (6) 192 * -- update already done for the oldCertId specified in 193 * -- CertReqMsg 194 * } 195 */ 196 # define OSSL_CMP_PKISTATUS_request -3 197 # define OSSL_CMP_PKISTATUS_trans -2 198 # define OSSL_CMP_PKISTATUS_unspecified -1 199 # define OSSL_CMP_PKISTATUS_accepted 0 200 # define OSSL_CMP_PKISTATUS_grantedWithMods 1 201 # define OSSL_CMP_PKISTATUS_rejection 2 202 # define OSSL_CMP_PKISTATUS_waiting 3 203 # define OSSL_CMP_PKISTATUS_revocationWarning 4 204 # define OSSL_CMP_PKISTATUS_revocationNotification 5 205 # define OSSL_CMP_PKISTATUS_keyUpdateWarning 6 206 207 typedef ASN1_INTEGER OSSL_CMP_PKISTATUS; 208 DECLARE_ASN1_ITEM(OSSL_CMP_PKISTATUS) 209 210 # define OSSL_CMP_CERTORENCCERT_CERTIFICATE 0 211 # define OSSL_CMP_CERTORENCCERT_ENCRYPTEDCERT 1 212 213 /* data type declarations */ 214 typedef struct ossl_cmp_ctx_st OSSL_CMP_CTX; 215 typedef struct ossl_cmp_pkiheader_st OSSL_CMP_PKIHEADER; 216 DECLARE_ASN1_FUNCTIONS(OSSL_CMP_PKIHEADER) 217 typedef struct ossl_cmp_msg_st OSSL_CMP_MSG; 218 DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_MSG) 219 DECLARE_ASN1_ENCODE_FUNCTIONS(OSSL_CMP_MSG, OSSL_CMP_MSG, OSSL_CMP_MSG) 220 typedef struct ossl_cmp_certstatus_st OSSL_CMP_CERTSTATUS; 221 SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_CERTSTATUS, OSSL_CMP_CERTSTATUS, OSSL_CMP_CERTSTATUS) 222 #define sk_OSSL_CMP_CERTSTATUS_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk)) 223 #define sk_OSSL_CMP_CERTSTATUS_value(sk, idx) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk), (idx))) 224 #define sk_OSSL_CMP_CERTSTATUS_new(cmp) ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_CERTSTATUS_compfunc_type(cmp))) 225 #define sk_OSSL_CMP_CERTSTATUS_new_null() ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_new_null()) 226 #define sk_OSSL_CMP_CERTSTATUS_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_CERTSTATUS_compfunc_type(cmp), (n))) 227 #define sk_OSSL_CMP_CERTSTATUS_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), (n)) 228 #define sk_OSSL_CMP_CERTSTATUS_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk)) 229 #define sk_OSSL_CMP_CERTSTATUS_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk)) 230 #define sk_OSSL_CMP_CERTSTATUS_delete(sk, i) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), (i))) 231 #define sk_OSSL_CMP_CERTSTATUS_delete_ptr(sk, ptr) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr))) 232 #define sk_OSSL_CMP_CERTSTATUS_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr)) 233 #define sk_OSSL_CMP_CERTSTATUS_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr)) 234 #define sk_OSSL_CMP_CERTSTATUS_pop(sk) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk))) 235 #define sk_OSSL_CMP_CERTSTATUS_shift(sk) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk))) 236 #define sk_OSSL_CMP_CERTSTATUS_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk),ossl_check_OSSL_CMP_CERTSTATUS_freefunc_type(freefunc)) 237 #define sk_OSSL_CMP_CERTSTATUS_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr), (idx)) 238 #define sk_OSSL_CMP_CERTSTATUS_set(sk, idx, ptr) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_set(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), (idx), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr))) 239 #define sk_OSSL_CMP_CERTSTATUS_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr)) 240 #define sk_OSSL_CMP_CERTSTATUS_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr)) 241 #define sk_OSSL_CMP_CERTSTATUS_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr), pnum) 242 #define sk_OSSL_CMP_CERTSTATUS_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk)) 243 #define sk_OSSL_CMP_CERTSTATUS_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk)) 244 #define sk_OSSL_CMP_CERTSTATUS_dup(sk) ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk))) 245 #define sk_OSSL_CMP_CERTSTATUS_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_CERTSTATUS_freefunc_type(freefunc))) 246 #define sk_OSSL_CMP_CERTSTATUS_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_CERTSTATUS_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_compfunc_type(cmp))) 247 248 typedef struct ossl_cmp_itav_st OSSL_CMP_ITAV; 249 DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV) 250 SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_ITAV, OSSL_CMP_ITAV, OSSL_CMP_ITAV) 251 #define sk_OSSL_CMP_ITAV_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk)) 252 #define sk_OSSL_CMP_ITAV_value(sk, idx) ((OSSL_CMP_ITAV *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk), (idx))) 253 #define sk_OSSL_CMP_ITAV_new(cmp) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_ITAV_compfunc_type(cmp))) 254 #define sk_OSSL_CMP_ITAV_new_null() ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_new_null()) 255 #define sk_OSSL_CMP_ITAV_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_ITAV_compfunc_type(cmp), (n))) 256 #define sk_OSSL_CMP_ITAV_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_ITAV_sk_type(sk), (n)) 257 #define sk_OSSL_CMP_ITAV_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_ITAV_sk_type(sk)) 258 #define sk_OSSL_CMP_ITAV_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_ITAV_sk_type(sk)) 259 #define sk_OSSL_CMP_ITAV_delete(sk, i) ((OSSL_CMP_ITAV *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_ITAV_sk_type(sk), (i))) 260 #define sk_OSSL_CMP_ITAV_delete_ptr(sk, ptr) ((OSSL_CMP_ITAV *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr))) 261 #define sk_OSSL_CMP_ITAV_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr)) 262 #define sk_OSSL_CMP_ITAV_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr)) 263 #define sk_OSSL_CMP_ITAV_pop(sk) ((OSSL_CMP_ITAV *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_ITAV_sk_type(sk))) 264 #define sk_OSSL_CMP_ITAV_shift(sk) ((OSSL_CMP_ITAV *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_ITAV_sk_type(sk))) 265 #define sk_OSSL_CMP_ITAV_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_ITAV_sk_type(sk),ossl_check_OSSL_CMP_ITAV_freefunc_type(freefunc)) 266 #define sk_OSSL_CMP_ITAV_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr), (idx)) 267 #define sk_OSSL_CMP_ITAV_set(sk, idx, ptr) ((OSSL_CMP_ITAV *)OPENSSL_sk_set(ossl_check_OSSL_CMP_ITAV_sk_type(sk), (idx), ossl_check_OSSL_CMP_ITAV_type(ptr))) 268 #define sk_OSSL_CMP_ITAV_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr)) 269 #define sk_OSSL_CMP_ITAV_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr)) 270 #define sk_OSSL_CMP_ITAV_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr), pnum) 271 #define sk_OSSL_CMP_ITAV_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_ITAV_sk_type(sk)) 272 #define sk_OSSL_CMP_ITAV_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk)) 273 #define sk_OSSL_CMP_ITAV_dup(sk) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk))) 274 #define sk_OSSL_CMP_ITAV_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_ITAV_freefunc_type(freefunc))) 275 #define sk_OSSL_CMP_ITAV_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_ITAV_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_compfunc_type(cmp))) 276 277 typedef struct ossl_cmp_revrepcontent_st OSSL_CMP_REVREPCONTENT; 278 typedef struct ossl_cmp_pkisi_st OSSL_CMP_PKISI; 279 DECLARE_ASN1_FUNCTIONS(OSSL_CMP_PKISI) 280 DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_PKISI) 281 SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_PKISI, OSSL_CMP_PKISI, OSSL_CMP_PKISI) 282 #define sk_OSSL_CMP_PKISI_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk)) 283 #define sk_OSSL_CMP_PKISI_value(sk, idx) ((OSSL_CMP_PKISI *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk), (idx))) 284 #define sk_OSSL_CMP_PKISI_new(cmp) ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_PKISI_compfunc_type(cmp))) 285 #define sk_OSSL_CMP_PKISI_new_null() ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_new_null()) 286 #define sk_OSSL_CMP_PKISI_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_PKISI_compfunc_type(cmp), (n))) 287 #define sk_OSSL_CMP_PKISI_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_PKISI_sk_type(sk), (n)) 288 #define sk_OSSL_CMP_PKISI_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_PKISI_sk_type(sk)) 289 #define sk_OSSL_CMP_PKISI_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_PKISI_sk_type(sk)) 290 #define sk_OSSL_CMP_PKISI_delete(sk, i) ((OSSL_CMP_PKISI *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_PKISI_sk_type(sk), (i))) 291 #define sk_OSSL_CMP_PKISI_delete_ptr(sk, ptr) ((OSSL_CMP_PKISI *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr))) 292 #define sk_OSSL_CMP_PKISI_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr)) 293 #define sk_OSSL_CMP_PKISI_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr)) 294 #define sk_OSSL_CMP_PKISI_pop(sk) ((OSSL_CMP_PKISI *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_PKISI_sk_type(sk))) 295 #define sk_OSSL_CMP_PKISI_shift(sk) ((OSSL_CMP_PKISI *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_PKISI_sk_type(sk))) 296 #define sk_OSSL_CMP_PKISI_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_PKISI_sk_type(sk),ossl_check_OSSL_CMP_PKISI_freefunc_type(freefunc)) 297 #define sk_OSSL_CMP_PKISI_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr), (idx)) 298 #define sk_OSSL_CMP_PKISI_set(sk, idx, ptr) ((OSSL_CMP_PKISI *)OPENSSL_sk_set(ossl_check_OSSL_CMP_PKISI_sk_type(sk), (idx), ossl_check_OSSL_CMP_PKISI_type(ptr))) 299 #define sk_OSSL_CMP_PKISI_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr)) 300 #define sk_OSSL_CMP_PKISI_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr)) 301 #define sk_OSSL_CMP_PKISI_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr), pnum) 302 #define sk_OSSL_CMP_PKISI_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_PKISI_sk_type(sk)) 303 #define sk_OSSL_CMP_PKISI_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk)) 304 #define sk_OSSL_CMP_PKISI_dup(sk) ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk))) 305 #define sk_OSSL_CMP_PKISI_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_PKISI_freefunc_type(freefunc))) 306 #define sk_OSSL_CMP_PKISI_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_PKISI_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_compfunc_type(cmp))) 307 308 typedef struct ossl_cmp_certrepmessage_st OSSL_CMP_CERTREPMESSAGE; 309 SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_CERTREPMESSAGE, OSSL_CMP_CERTREPMESSAGE, OSSL_CMP_CERTREPMESSAGE) 310 #define sk_OSSL_CMP_CERTREPMESSAGE_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)) 311 #define sk_OSSL_CMP_CERTREPMESSAGE_value(sk, idx) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), (idx))) 312 #define sk_OSSL_CMP_CERTREPMESSAGE_new(cmp) ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_CERTREPMESSAGE_compfunc_type(cmp))) 313 #define sk_OSSL_CMP_CERTREPMESSAGE_new_null() ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_new_null()) 314 #define sk_OSSL_CMP_CERTREPMESSAGE_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_CERTREPMESSAGE_compfunc_type(cmp), (n))) 315 #define sk_OSSL_CMP_CERTREPMESSAGE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), (n)) 316 #define sk_OSSL_CMP_CERTREPMESSAGE_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)) 317 #define sk_OSSL_CMP_CERTREPMESSAGE_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)) 318 #define sk_OSSL_CMP_CERTREPMESSAGE_delete(sk, i) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), (i))) 319 #define sk_OSSL_CMP_CERTREPMESSAGE_delete_ptr(sk, ptr) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr))) 320 #define sk_OSSL_CMP_CERTREPMESSAGE_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr)) 321 #define sk_OSSL_CMP_CERTREPMESSAGE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr)) 322 #define sk_OSSL_CMP_CERTREPMESSAGE_pop(sk) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk))) 323 #define sk_OSSL_CMP_CERTREPMESSAGE_shift(sk) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk))) 324 #define sk_OSSL_CMP_CERTREPMESSAGE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk),ossl_check_OSSL_CMP_CERTREPMESSAGE_freefunc_type(freefunc)) 325 #define sk_OSSL_CMP_CERTREPMESSAGE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr), (idx)) 326 #define sk_OSSL_CMP_CERTREPMESSAGE_set(sk, idx, ptr) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_set(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), (idx), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr))) 327 #define sk_OSSL_CMP_CERTREPMESSAGE_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr)) 328 #define sk_OSSL_CMP_CERTREPMESSAGE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr)) 329 #define sk_OSSL_CMP_CERTREPMESSAGE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr), pnum) 330 #define sk_OSSL_CMP_CERTREPMESSAGE_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)) 331 #define sk_OSSL_CMP_CERTREPMESSAGE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)) 332 #define sk_OSSL_CMP_CERTREPMESSAGE_dup(sk) ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk))) 333 #define sk_OSSL_CMP_CERTREPMESSAGE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_CERTREPMESSAGE_freefunc_type(freefunc))) 334 #define sk_OSSL_CMP_CERTREPMESSAGE_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_CERTREPMESSAGE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_compfunc_type(cmp))) 335 336 typedef struct ossl_cmp_pollrep_st OSSL_CMP_POLLREP; 337 typedef STACK_OF(OSSL_CMP_POLLREP) OSSL_CMP_POLLREPCONTENT; 338 typedef struct ossl_cmp_certresponse_st OSSL_CMP_CERTRESPONSE; 339 SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_CERTRESPONSE, OSSL_CMP_CERTRESPONSE, OSSL_CMP_CERTRESPONSE) 340 #define sk_OSSL_CMP_CERTRESPONSE_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk)) 341 #define sk_OSSL_CMP_CERTRESPONSE_value(sk, idx) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk), (idx))) 342 #define sk_OSSL_CMP_CERTRESPONSE_new(cmp) ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_CERTRESPONSE_compfunc_type(cmp))) 343 #define sk_OSSL_CMP_CERTRESPONSE_new_null() ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_new_null()) 344 #define sk_OSSL_CMP_CERTRESPONSE_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_CERTRESPONSE_compfunc_type(cmp), (n))) 345 #define sk_OSSL_CMP_CERTRESPONSE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), (n)) 346 #define sk_OSSL_CMP_CERTRESPONSE_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk)) 347 #define sk_OSSL_CMP_CERTRESPONSE_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk)) 348 #define sk_OSSL_CMP_CERTRESPONSE_delete(sk, i) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), (i))) 349 #define sk_OSSL_CMP_CERTRESPONSE_delete_ptr(sk, ptr) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr))) 350 #define sk_OSSL_CMP_CERTRESPONSE_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr)) 351 #define sk_OSSL_CMP_CERTRESPONSE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr)) 352 #define sk_OSSL_CMP_CERTRESPONSE_pop(sk) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk))) 353 #define sk_OSSL_CMP_CERTRESPONSE_shift(sk) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk))) 354 #define sk_OSSL_CMP_CERTRESPONSE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk),ossl_check_OSSL_CMP_CERTRESPONSE_freefunc_type(freefunc)) 355 #define sk_OSSL_CMP_CERTRESPONSE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr), (idx)) 356 #define sk_OSSL_CMP_CERTRESPONSE_set(sk, idx, ptr) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_set(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), (idx), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr))) 357 #define sk_OSSL_CMP_CERTRESPONSE_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr)) 358 #define sk_OSSL_CMP_CERTRESPONSE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr)) 359 #define sk_OSSL_CMP_CERTRESPONSE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr), pnum) 360 #define sk_OSSL_CMP_CERTRESPONSE_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk)) 361 #define sk_OSSL_CMP_CERTRESPONSE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk)) 362 #define sk_OSSL_CMP_CERTRESPONSE_dup(sk) ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk))) 363 #define sk_OSSL_CMP_CERTRESPONSE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_CERTRESPONSE_freefunc_type(freefunc))) 364 #define sk_OSSL_CMP_CERTRESPONSE_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_CERTRESPONSE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_compfunc_type(cmp))) 365 366 typedef STACK_OF(ASN1_UTF8STRING) OSSL_CMP_PKIFREETEXT; 367 368 /* 369 * function DECLARATIONS 370 */ 371 372 /* from cmp_asn.c */ 373 OSSL_CMP_ITAV *OSSL_CMP_ITAV_create(ASN1_OBJECT *type, ASN1_TYPE *value); 374 void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV *itav, ASN1_OBJECT *type, 375 ASN1_TYPE *value); 376 ASN1_OBJECT *OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV *itav); 377 ASN1_TYPE *OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV *itav); 378 int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **itav_sk_p, 379 OSSL_CMP_ITAV *itav); 380 void OSSL_CMP_ITAV_free(OSSL_CMP_ITAV *itav); 381 void OSSL_CMP_MSG_free(OSSL_CMP_MSG *msg); 382 383 /* from cmp_ctx.c */ 384 OSSL_CMP_CTX *OSSL_CMP_CTX_new(OSSL_LIB_CTX *libctx, const char *propq); 385 void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx); 386 int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx); 387 /* CMP general options: */ 388 # define OSSL_CMP_OPT_LOG_VERBOSITY 0 389 /* CMP transfer options: */ 390 # define OSSL_CMP_OPT_KEEP_ALIVE 10 391 # define OSSL_CMP_OPT_MSG_TIMEOUT 11 392 # define OSSL_CMP_OPT_TOTAL_TIMEOUT 12 393 /* CMP request options: */ 394 # define OSSL_CMP_OPT_VALIDITY_DAYS 20 395 # define OSSL_CMP_OPT_SUBJECTALTNAME_NODEFAULT 21 396 # define OSSL_CMP_OPT_SUBJECTALTNAME_CRITICAL 22 397 # define OSSL_CMP_OPT_POLICIES_CRITICAL 23 398 # define OSSL_CMP_OPT_POPO_METHOD 24 399 # define OSSL_CMP_OPT_IMPLICIT_CONFIRM 25 400 # define OSSL_CMP_OPT_DISABLE_CONFIRM 26 401 # define OSSL_CMP_OPT_REVOCATION_REASON 27 402 /* CMP protection options: */ 403 # define OSSL_CMP_OPT_UNPROTECTED_SEND 30 404 # define OSSL_CMP_OPT_UNPROTECTED_ERRORS 31 405 # define OSSL_CMP_OPT_OWF_ALGNID 32 406 # define OSSL_CMP_OPT_MAC_ALGNID 33 407 # define OSSL_CMP_OPT_DIGEST_ALGNID 34 408 # define OSSL_CMP_OPT_IGNORE_KEYUSAGE 35 409 # define OSSL_CMP_OPT_PERMIT_TA_IN_EXTRACERTS_FOR_IR 36 410 int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val); 411 int OSSL_CMP_CTX_get_option(const OSSL_CMP_CTX *ctx, int opt); 412 /* CMP-specific callback for logging and outputting the error queue: */ 413 int OSSL_CMP_CTX_set_log_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_log_cb_t cb); 414 # define OSSL_CMP_CTX_set_log_verbosity(ctx, level) \ 415 OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_LOG_VERBOSITY, level) 416 void OSSL_CMP_CTX_print_errors(const OSSL_CMP_CTX *ctx); 417 /* message transfer: */ 418 int OSSL_CMP_CTX_set1_serverPath(OSSL_CMP_CTX *ctx, const char *path); 419 int OSSL_CMP_CTX_set1_server(OSSL_CMP_CTX *ctx, const char *address); 420 int OSSL_CMP_CTX_set_serverPort(OSSL_CMP_CTX *ctx, int port); 421 int OSSL_CMP_CTX_set1_proxy(OSSL_CMP_CTX *ctx, const char *name); 422 int OSSL_CMP_CTX_set1_no_proxy(OSSL_CMP_CTX *ctx, const char *names); 423 int OSSL_CMP_CTX_set_http_cb(OSSL_CMP_CTX *ctx, OSSL_HTTP_bio_cb_t cb); 424 int OSSL_CMP_CTX_set_http_cb_arg(OSSL_CMP_CTX *ctx, void *arg); 425 void *OSSL_CMP_CTX_get_http_cb_arg(const OSSL_CMP_CTX *ctx); 426 typedef OSSL_CMP_MSG *(*OSSL_CMP_transfer_cb_t) (OSSL_CMP_CTX *ctx, 427 const OSSL_CMP_MSG *req); 428 int OSSL_CMP_CTX_set_transfer_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_transfer_cb_t cb); 429 int OSSL_CMP_CTX_set_transfer_cb_arg(OSSL_CMP_CTX *ctx, void *arg); 430 void *OSSL_CMP_CTX_get_transfer_cb_arg(const OSSL_CMP_CTX *ctx); 431 /* server authentication: */ 432 int OSSL_CMP_CTX_set1_srvCert(OSSL_CMP_CTX *ctx, X509 *cert); 433 int OSSL_CMP_CTX_set1_expected_sender(OSSL_CMP_CTX *ctx, const X509_NAME *name); 434 int OSSL_CMP_CTX_set0_trustedStore(OSSL_CMP_CTX *ctx, X509_STORE *store); 435 X509_STORE *OSSL_CMP_CTX_get0_trustedStore(const OSSL_CMP_CTX *ctx); 436 int OSSL_CMP_CTX_set1_untrusted(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs); 437 STACK_OF(X509) *OSSL_CMP_CTX_get0_untrusted(const OSSL_CMP_CTX *ctx); 438 /* client authentication: */ 439 int OSSL_CMP_CTX_set1_cert(OSSL_CMP_CTX *ctx, X509 *cert); 440 int OSSL_CMP_CTX_build_cert_chain(OSSL_CMP_CTX *ctx, X509_STORE *own_trusted, 441 STACK_OF(X509) *candidates); 442 int OSSL_CMP_CTX_set1_pkey(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey); 443 int OSSL_CMP_CTX_set1_referenceValue(OSSL_CMP_CTX *ctx, 444 const unsigned char *ref, int len); 445 int OSSL_CMP_CTX_set1_secretValue(OSSL_CMP_CTX *ctx, 446 const unsigned char *sec, int len); 447 /* CMP message header and extra certificates: */ 448 int OSSL_CMP_CTX_set1_recipient(OSSL_CMP_CTX *ctx, const X509_NAME *name); 449 int OSSL_CMP_CTX_push0_geninfo_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav); 450 int OSSL_CMP_CTX_reset_geninfo_ITAVs(OSSL_CMP_CTX *ctx); 451 int OSSL_CMP_CTX_set1_extraCertsOut(OSSL_CMP_CTX *ctx, 452 STACK_OF(X509) *extraCertsOut); 453 /* certificate template: */ 454 int OSSL_CMP_CTX_set0_newPkey(OSSL_CMP_CTX *ctx, int priv, EVP_PKEY *pkey); 455 EVP_PKEY *OSSL_CMP_CTX_get0_newPkey(const OSSL_CMP_CTX *ctx, int priv); 456 int OSSL_CMP_CTX_set1_issuer(OSSL_CMP_CTX *ctx, const X509_NAME *name); 457 int OSSL_CMP_CTX_set1_subjectName(OSSL_CMP_CTX *ctx, const X509_NAME *name); 458 int OSSL_CMP_CTX_push1_subjectAltName(OSSL_CMP_CTX *ctx, 459 const GENERAL_NAME *name); 460 int OSSL_CMP_CTX_set0_reqExtensions(OSSL_CMP_CTX *ctx, X509_EXTENSIONS *exts); 461 int OSSL_CMP_CTX_reqExtensions_have_SAN(OSSL_CMP_CTX *ctx); 462 int OSSL_CMP_CTX_push0_policy(OSSL_CMP_CTX *ctx, POLICYINFO *pinfo); 463 int OSSL_CMP_CTX_set1_oldCert(OSSL_CMP_CTX *ctx, X509 *cert); 464 int OSSL_CMP_CTX_set1_p10CSR(OSSL_CMP_CTX *ctx, const X509_REQ *csr); 465 /* misc body contents: */ 466 int OSSL_CMP_CTX_push0_genm_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav); 467 /* certificate confirmation: */ 468 typedef int (*OSSL_CMP_certConf_cb_t) (OSSL_CMP_CTX *ctx, X509 *cert, 469 int fail_info, const char **txt); 470 int OSSL_CMP_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info, 471 const char **text); 472 int OSSL_CMP_CTX_set_certConf_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_certConf_cb_t cb); 473 int OSSL_CMP_CTX_set_certConf_cb_arg(OSSL_CMP_CTX *ctx, void *arg); 474 void *OSSL_CMP_CTX_get_certConf_cb_arg(const OSSL_CMP_CTX *ctx); 475 /* result fetching: */ 476 int OSSL_CMP_CTX_get_status(const OSSL_CMP_CTX *ctx); 477 OSSL_CMP_PKIFREETEXT *OSSL_CMP_CTX_get0_statusString(const OSSL_CMP_CTX *ctx); 478 int OSSL_CMP_CTX_get_failInfoCode(const OSSL_CMP_CTX *ctx); 479 # define OSSL_CMP_PKISI_BUFLEN 1024 480 X509 *OSSL_CMP_CTX_get0_newCert(const OSSL_CMP_CTX *ctx); 481 STACK_OF(X509) *OSSL_CMP_CTX_get1_newChain(const OSSL_CMP_CTX *ctx); 482 STACK_OF(X509) *OSSL_CMP_CTX_get1_caPubs(const OSSL_CMP_CTX *ctx); 483 STACK_OF(X509) *OSSL_CMP_CTX_get1_extraCertsIn(const OSSL_CMP_CTX *ctx); 484 int OSSL_CMP_CTX_set1_transactionID(OSSL_CMP_CTX *ctx, 485 const ASN1_OCTET_STRING *id); 486 int OSSL_CMP_CTX_set1_senderNonce(OSSL_CMP_CTX *ctx, 487 const ASN1_OCTET_STRING *nonce); 488 489 /* from cmp_status.c */ 490 char *OSSL_CMP_CTX_snprint_PKIStatus(const OSSL_CMP_CTX *ctx, char *buf, 491 size_t bufsize); 492 char *OSSL_CMP_snprint_PKIStatusInfo(const OSSL_CMP_PKISI *statusInfo, 493 char *buf, size_t bufsize); 494 OSSL_CMP_PKISI * 495 OSSL_CMP_STATUSINFO_new(int status, int fail_info, const char *text); 496 497 /* from cmp_hdr.c */ 498 ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_transactionID(const 499 OSSL_CMP_PKIHEADER *hdr); 500 ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_recipNonce(const OSSL_CMP_PKIHEADER *hdr); 501 502 /* from cmp_msg.c */ 503 OSSL_CMP_PKIHEADER *OSSL_CMP_MSG_get0_header(const OSSL_CMP_MSG *msg); 504 int OSSL_CMP_MSG_get_bodytype(const OSSL_CMP_MSG *msg); 505 int OSSL_CMP_MSG_update_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg); 506 int OSSL_CMP_MSG_update_recipNonce(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg); 507 OSSL_CRMF_MSG *OSSL_CMP_CTX_setup_CRM(OSSL_CMP_CTX *ctx, int for_KUR, int rid); 508 OSSL_CMP_MSG *OSSL_CMP_MSG_read(const char *file, OSSL_LIB_CTX *libctx, 509 const char *propq); 510 int OSSL_CMP_MSG_write(const char *file, const OSSL_CMP_MSG *msg); 511 OSSL_CMP_MSG *d2i_OSSL_CMP_MSG_bio(BIO *bio, OSSL_CMP_MSG **msg); 512 int i2d_OSSL_CMP_MSG_bio(BIO *bio, const OSSL_CMP_MSG *msg); 513 514 /* from cmp_vfy.c */ 515 int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg); 516 int OSSL_CMP_validate_cert_path(const OSSL_CMP_CTX *ctx, 517 X509_STORE *trusted_store, X509 *cert); 518 519 /* from cmp_http.c */ 520 OSSL_CMP_MSG *OSSL_CMP_MSG_http_perform(OSSL_CMP_CTX *ctx, 521 const OSSL_CMP_MSG *req); 522 523 /* from cmp_server.c */ 524 typedef struct ossl_cmp_srv_ctx_st OSSL_CMP_SRV_CTX; 525 OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx, 526 const OSSL_CMP_MSG *req); 527 OSSL_CMP_MSG * OSSL_CMP_CTX_server_perform(OSSL_CMP_CTX *client_ctx, 528 const OSSL_CMP_MSG *req); 529 OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OSSL_LIB_CTX *libctx, const char *propq); 530 void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx); 531 typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_cert_request_cb_t) 532 (OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *req, int certReqId, 533 const OSSL_CRMF_MSG *crm, const X509_REQ *p10cr, 534 X509 **certOut, STACK_OF(X509) **chainOut, STACK_OF(X509) **caPubs); 535 typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_rr_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx, 536 const OSSL_CMP_MSG *req, 537 const X509_NAME *issuer, 538 const ASN1_INTEGER *serial); 539 typedef int (*OSSL_CMP_SRV_genm_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx, 540 const OSSL_CMP_MSG *req, 541 const STACK_OF(OSSL_CMP_ITAV) *in, 542 STACK_OF(OSSL_CMP_ITAV) **out); 543 typedef void (*OSSL_CMP_SRV_error_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx, 544 const OSSL_CMP_MSG *req, 545 const OSSL_CMP_PKISI *statusInfo, 546 const ASN1_INTEGER *errorCode, 547 const OSSL_CMP_PKIFREETEXT *errDetails); 548 typedef int (*OSSL_CMP_SRV_certConf_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx, 549 const OSSL_CMP_MSG *req, 550 int certReqId, 551 const ASN1_OCTET_STRING *certHash, 552 const OSSL_CMP_PKISI *si); 553 typedef int (*OSSL_CMP_SRV_pollReq_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx, 554 const OSSL_CMP_MSG *req, int certReqId, 555 OSSL_CMP_MSG **certReq, 556 int64_t *check_after); 557 int OSSL_CMP_SRV_CTX_init(OSSL_CMP_SRV_CTX *srv_ctx, void *custom_ctx, 558 OSSL_CMP_SRV_cert_request_cb_t process_cert_request, 559 OSSL_CMP_SRV_rr_cb_t process_rr, 560 OSSL_CMP_SRV_genm_cb_t process_genm, 561 OSSL_CMP_SRV_error_cb_t process_error, 562 OSSL_CMP_SRV_certConf_cb_t process_certConf, 563 OSSL_CMP_SRV_pollReq_cb_t process_pollReq); 564 OSSL_CMP_CTX *OSSL_CMP_SRV_CTX_get0_cmp_ctx(const OSSL_CMP_SRV_CTX *srv_ctx); 565 void *OSSL_CMP_SRV_CTX_get0_custom_ctx(const OSSL_CMP_SRV_CTX *srv_ctx); 566 int OSSL_CMP_SRV_CTX_set_send_unprotected_errors(OSSL_CMP_SRV_CTX *srv_ctx, 567 int val); 568 int OSSL_CMP_SRV_CTX_set_accept_unprotected(OSSL_CMP_SRV_CTX *srv_ctx, int val); 569 int OSSL_CMP_SRV_CTX_set_accept_raverified(OSSL_CMP_SRV_CTX *srv_ctx, int val); 570 int OSSL_CMP_SRV_CTX_set_grant_implicit_confirm(OSSL_CMP_SRV_CTX *srv_ctx, 571 int val); 572 573 /* from cmp_client.c */ 574 X509 *OSSL_CMP_exec_certreq(OSSL_CMP_CTX *ctx, int req_type, 575 const OSSL_CRMF_MSG *crm); 576 # define OSSL_CMP_IR 0 577 # define OSSL_CMP_CR 2 578 # define OSSL_CMP_P10CR 4 579 # define OSSL_CMP_KUR 7 580 # define OSSL_CMP_exec_IR_ses(ctx) \ 581 OSSL_CMP_exec_certreq(ctx, OSSL_CMP_IR, NULL) 582 # define OSSL_CMP_exec_CR_ses(ctx) \ 583 OSSL_CMP_exec_certreq(ctx, OSSL_CMP_CR, NULL) 584 # define OSSL_CMP_exec_P10CR_ses(ctx) \ 585 OSSL_CMP_exec_certreq(ctx, OSSL_CMP_P10CR, NULL) 586 # define OSSL_CMP_exec_KUR_ses(ctx) \ 587 OSSL_CMP_exec_certreq(ctx, OSSL_CMP_KUR, NULL) 588 int OSSL_CMP_try_certreq(OSSL_CMP_CTX *ctx, int req_type, 589 const OSSL_CRMF_MSG *crm, int *checkAfter); 590 int OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx); 591 STACK_OF(OSSL_CMP_ITAV) *OSSL_CMP_exec_GENM_ses(OSSL_CMP_CTX *ctx); 592 593 # ifdef __cplusplus 594 } 595 # endif 596 # endif /* !defined(OPENSSL_NO_CMP) */ 597 #endif /* !defined(OPENSSL_CMP_H) */ 598