1/* 2 * {- join("\n * ", @autowarntext) -} 3 * 4 * Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved. 5 * 6 * Licensed under the Apache License 2.0 (the "License"). You may not use 7 * this file except in compliance with the License. You can obtain a copy 8 * in the file LICENSE in the source distribution or at 9 * https://www.openssl.org/source/license.html 10 */ 11 12{- 13use OpenSSL::stackhash qw(generate_stack_macros); 14-} 15 16#ifndef OPENSSL_X509_ACERT_H 17# define OPENSSL_X509_ACERT_H 18# pragma once 19 20# include <openssl/x509v3.h> 21# include <openssl/x509.h> 22# include <openssl/pem.h> 23 24typedef struct X509_acert_st X509_ACERT; 25typedef struct X509_acert_info_st X509_ACERT_INFO; 26typedef struct ossl_object_digest_info_st OSSL_OBJECT_DIGEST_INFO; 27typedef struct ossl_issuer_serial_st OSSL_ISSUER_SERIAL; 28typedef struct X509_acert_issuer_v2form_st X509_ACERT_ISSUER_V2FORM; 29 30DECLARE_ASN1_FUNCTIONS(X509_ACERT) 31DECLARE_ASN1_DUP_FUNCTION(X509_ACERT) 32DECLARE_ASN1_ITEM(X509_ACERT_INFO) 33DECLARE_ASN1_ALLOC_FUNCTIONS(X509_ACERT_INFO) 34DECLARE_ASN1_ALLOC_FUNCTIONS(OSSL_OBJECT_DIGEST_INFO) 35DECLARE_ASN1_ALLOC_FUNCTIONS(OSSL_ISSUER_SERIAL) 36DECLARE_ASN1_ALLOC_FUNCTIONS(X509_ACERT_ISSUER_V2FORM) 37 38# ifndef OPENSSL_NO_STDIO 39X509_ACERT *d2i_X509_ACERT_fp(FILE *fp, X509_ACERT **acert); 40int i2d_X509_ACERT_fp(FILE *fp, const X509_ACERT *acert); 41# endif 42 43DECLARE_PEM_rw(X509_ACERT, X509_ACERT) 44 45X509_ACERT *d2i_X509_ACERT_bio(BIO *bp, X509_ACERT **acert); 46int i2d_X509_ACERT_bio(BIO *bp, const X509_ACERT *acert); 47 48int X509_ACERT_sign(X509_ACERT *x, EVP_PKEY *pkey, const EVP_MD *md); 49int X509_ACERT_sign_ctx(X509_ACERT *x, EVP_MD_CTX *ctx); 50int X509_ACERT_verify(X509_ACERT *a, EVP_PKEY *r); 51 52# define X509_ACERT_VERSION_2 1 53 54const GENERAL_NAMES *X509_ACERT_get0_holder_entityName(const X509_ACERT *x); 55const OSSL_ISSUER_SERIAL *X509_ACERT_get0_holder_baseCertId(const X509_ACERT *x); 56const OSSL_OBJECT_DIGEST_INFO * X509_ACERT_get0_holder_digest(const X509_ACERT *x); 57const X509_NAME *X509_ACERT_get0_issuerName(const X509_ACERT *x); 58long X509_ACERT_get_version(const X509_ACERT *x); 59void X509_ACERT_get0_signature(const X509_ACERT *x, 60 const ASN1_BIT_STRING **psig, 61 const X509_ALGOR **palg); 62int X509_ACERT_get_signature_nid(const X509_ACERT *x); 63const X509_ALGOR *X509_ACERT_get0_info_sigalg(const X509_ACERT *x); 64const ASN1_INTEGER *X509_ACERT_get0_serialNumber(const X509_ACERT *x); 65const ASN1_TIME *X509_ACERT_get0_notBefore(const X509_ACERT *x); 66const ASN1_TIME *X509_ACERT_get0_notAfter(const X509_ACERT *x); 67const ASN1_BIT_STRING *X509_ACERT_get0_issuerUID(const X509_ACERT *x); 68 69int X509_ACERT_print(BIO *bp, X509_ACERT *x); 70int X509_ACERT_print_ex(BIO *bp, X509_ACERT *x, unsigned long nmflags, 71 unsigned long cflag); 72 73int X509_ACERT_get_attr_count(const X509_ACERT *x); 74int X509_ACERT_get_attr_by_NID(const X509_ACERT *x, int nid, int lastpos); 75int X509_ACERT_get_attr_by_OBJ(const X509_ACERT *x, const ASN1_OBJECT *obj, 76 int lastpos); 77X509_ATTRIBUTE *X509_ACERT_get_attr(const X509_ACERT *x, int loc); 78X509_ATTRIBUTE *X509_ACERT_delete_attr(X509_ACERT *x, int loc); 79 80void *X509_ACERT_get_ext_d2i(const X509_ACERT *x, int nid, int *crit, int *idx); 81int X509_ACERT_add1_ext_i2d(X509_ACERT *x, int nid, void *value, int crit, 82 unsigned long flags); 83const STACK_OF(X509_EXTENSION) *X509_ACERT_get0_extensions(const X509_ACERT *x); 84 85# define OSSL_OBJECT_DIGEST_INFO_PUBLIC_KEY 0 86# define OSSL_OBJECT_DIGEST_INFO_PUBLIC_KEY_CERT 1 87# define OSSL_OBJECT_DIGEST_INFO_OTHER 2 /* must not be used in RFC 5755 profile */ 88int X509_ACERT_set_version(X509_ACERT *x, long version); 89void X509_ACERT_set0_holder_entityName(X509_ACERT *x, GENERAL_NAMES *name); 90void X509_ACERT_set0_holder_baseCertId(X509_ACERT *x, OSSL_ISSUER_SERIAL *isss); 91void X509_ACERT_set0_holder_digest(X509_ACERT *x, 92 OSSL_OBJECT_DIGEST_INFO *dinfo); 93 94int X509_ACERT_add1_attr(X509_ACERT *x, X509_ATTRIBUTE *attr); 95int X509_ACERT_add1_attr_by_OBJ(X509_ACERT *x, const ASN1_OBJECT *obj, 96 int type, const void *bytes, int len); 97int X509_ACERT_add1_attr_by_NID(X509_ACERT *x, int nid, int type, 98 const void *bytes, int len); 99int X509_ACERT_add1_attr_by_txt(X509_ACERT *x, const char *attrname, int type, 100 const unsigned char *bytes, int len); 101int X509_ACERT_add_attr_nconf(CONF *conf, const char *section, 102 X509_ACERT *acert); 103 104int X509_ACERT_set1_issuerName(X509_ACERT *x, const X509_NAME *name); 105int X509_ACERT_set1_serialNumber(X509_ACERT *x, const ASN1_INTEGER *serial); 106int X509_ACERT_set1_notBefore(X509_ACERT *x, const ASN1_GENERALIZEDTIME *time); 107int X509_ACERT_set1_notAfter(X509_ACERT *x, const ASN1_GENERALIZEDTIME *time); 108 109void OSSL_OBJECT_DIGEST_INFO_get0_digest(const OSSL_OBJECT_DIGEST_INFO *o, 110 int *digestedObjectType, 111 const X509_ALGOR **digestAlgorithm, 112 const ASN1_BIT_STRING **digest); 113 114int OSSL_OBJECT_DIGEST_INFO_set1_digest(OSSL_OBJECT_DIGEST_INFO *o, 115 int digestedObjectType, 116 X509_ALGOR *digestAlgorithm, 117 ASN1_BIT_STRING *digest); 118 119const X509_NAME *OSSL_ISSUER_SERIAL_get0_issuer(const OSSL_ISSUER_SERIAL *isss); 120const ASN1_INTEGER *OSSL_ISSUER_SERIAL_get0_serial(const OSSL_ISSUER_SERIAL *isss); 121const ASN1_BIT_STRING *OSSL_ISSUER_SERIAL_get0_issuerUID(const OSSL_ISSUER_SERIAL *isss); 122 123int OSSL_ISSUER_SERIAL_set1_issuer(OSSL_ISSUER_SERIAL *isss, 124 const X509_NAME *issuer); 125int OSSL_ISSUER_SERIAL_set1_serial(OSSL_ISSUER_SERIAL *isss, 126 const ASN1_INTEGER *serial); 127int OSSL_ISSUER_SERIAL_set1_issuerUID(OSSL_ISSUER_SERIAL *isss, 128 const ASN1_BIT_STRING *uid); 129 130# define OSSL_IETFAS_OCTETS 0 131# define OSSL_IETFAS_OID 1 132# define OSSL_IETFAS_STRING 2 133 134typedef struct OSSL_IETF_ATTR_SYNTAX_VALUE_st OSSL_IETF_ATTR_SYNTAX_VALUE; 135typedef struct OSSL_IETF_ATTR_SYNTAX_st OSSL_IETF_ATTR_SYNTAX; 136{- 137 generate_stack_macros("OSSL_IETF_ATTR_SYNTAX_VALUE"); 138-} 139 140DECLARE_ASN1_ITEM(OSSL_IETF_ATTR_SYNTAX_VALUE) 141DECLARE_ASN1_ALLOC_FUNCTIONS(OSSL_IETF_ATTR_SYNTAX_VALUE) 142DECLARE_ASN1_FUNCTIONS(OSSL_IETF_ATTR_SYNTAX) 143 144const GENERAL_NAMES * 145OSSL_IETF_ATTR_SYNTAX_get0_policyAuthority(const OSSL_IETF_ATTR_SYNTAX *a); 146void OSSL_IETF_ATTR_SYNTAX_set0_policyAuthority(OSSL_IETF_ATTR_SYNTAX *a, 147 GENERAL_NAMES *names); 148 149int OSSL_IETF_ATTR_SYNTAX_get_value_num(const OSSL_IETF_ATTR_SYNTAX *a); 150void *OSSL_IETF_ATTR_SYNTAX_get0_value(const OSSL_IETF_ATTR_SYNTAX *a, 151 int ind, int *type); 152int OSSL_IETF_ATTR_SYNTAX_add1_value(OSSL_IETF_ATTR_SYNTAX *a, int type, 153 void *data); 154int OSSL_IETF_ATTR_SYNTAX_print(BIO *bp, OSSL_IETF_ATTR_SYNTAX *a, int indent); 155 156struct TARGET_CERT_st { 157 OSSL_ISSUER_SERIAL *targetCertificate; 158 GENERAL_NAME *targetName; 159 OSSL_OBJECT_DIGEST_INFO *certDigestInfo; 160}; 161 162typedef struct TARGET_CERT_st OSSL_TARGET_CERT; 163 164# define OSSL_TGT_TARGET_NAME 0 165# define OSSL_TGT_TARGET_GROUP 1 166# define OSSL_TGT_TARGET_CERT 2 167 168typedef struct TARGET_st { 169 int type; 170 union { 171 GENERAL_NAME *targetName; 172 GENERAL_NAME *targetGroup; 173 OSSL_TARGET_CERT *targetCert; 174 } choice; 175} OSSL_TARGET; 176 177typedef STACK_OF(OSSL_TARGET) OSSL_TARGETS; 178typedef STACK_OF(OSSL_TARGETS) OSSL_TARGETING_INFORMATION; 179 180{- 181 generate_stack_macros("OSSL_TARGET"); 182-} 183 184{- 185 generate_stack_macros("OSSL_TARGETS"); 186-} 187 188DECLARE_ASN1_FUNCTIONS(OSSL_TARGET) 189DECLARE_ASN1_FUNCTIONS(OSSL_TARGETS) 190DECLARE_ASN1_FUNCTIONS(OSSL_TARGETING_INFORMATION) 191 192typedef STACK_OF(OSSL_ISSUER_SERIAL) OSSL_AUTHORITY_ATTRIBUTE_ID_SYNTAX; 193DECLARE_ASN1_FUNCTIONS(OSSL_AUTHORITY_ATTRIBUTE_ID_SYNTAX) 194 195{- 196 generate_stack_macros("OSSL_ISSUER_SERIAL"); 197-} 198 199#endif 200