1 /*- 2 * WARNING: do not edit! 3 * Generated by Makefile from include/openssl/crmf.h.in 4 * 5 * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved. 6 * Copyright Nokia 2007-2019 7 * Copyright Siemens AG 2015-2019 8 * 9 * Licensed under the Apache License 2.0 (the "License"). You may not use 10 * this file except in compliance with the License. You can obtain a copy 11 * in the file LICENSE in the source distribution or at 12 * https://www.openssl.org/source/license.html 13 * 14 * CRMF (RFC 4211) implementation by M. Peylo, M. Viljanen, and D. von Oheimb. 15 */ 16 17 18 19 #ifndef OPENSSL_CRMF_H 20 # define OPENSSL_CRMF_H 21 22 # include <openssl/opensslconf.h> 23 24 # ifndef OPENSSL_NO_CRMF 25 # include <openssl/opensslv.h> 26 # include <openssl/safestack.h> 27 # include <openssl/crmferr.h> 28 # include <openssl/x509v3.h> /* for GENERAL_NAME etc. */ 29 30 /* explicit #includes not strictly needed since implied by the above: */ 31 # include <openssl/types.h> 32 # include <openssl/x509.h> 33 34 # ifdef __cplusplus 35 extern "C" { 36 # endif 37 38 # define OSSL_CRMF_POPOPRIVKEY_THISMESSAGE 0 39 # define OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE 1 40 # define OSSL_CRMF_POPOPRIVKEY_DHMAC 2 41 # define OSSL_CRMF_POPOPRIVKEY_AGREEMAC 3 42 # define OSSL_CRMF_POPOPRIVKEY_ENCRYPTEDKEY 4 43 44 # define OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT 0 45 # define OSSL_CRMF_SUBSEQUENTMESSAGE_CHALLENGERESP 1 46 47 typedef struct ossl_crmf_encryptedvalue_st OSSL_CRMF_ENCRYPTEDVALUE; 48 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDVALUE) 49 typedef struct ossl_crmf_msg_st OSSL_CRMF_MSG; 50 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSG) 51 DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_MSG) 52 SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CRMF_MSG, OSSL_CRMF_MSG, OSSL_CRMF_MSG) 53 #define sk_OSSL_CRMF_MSG_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk)) 54 #define sk_OSSL_CRMF_MSG_value(sk, idx) ((OSSL_CRMF_MSG *)OPENSSL_sk_value(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk), (idx))) 55 #define sk_OSSL_CRMF_MSG_new(cmp) ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_new(ossl_check_OSSL_CRMF_MSG_compfunc_type(cmp))) 56 #define sk_OSSL_CRMF_MSG_new_null() ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_new_null()) 57 #define sk_OSSL_CRMF_MSG_new_reserve(cmp, n) ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CRMF_MSG_compfunc_type(cmp), (n))) 58 #define sk_OSSL_CRMF_MSG_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CRMF_MSG_sk_type(sk), (n)) 59 #define sk_OSSL_CRMF_MSG_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CRMF_MSG_sk_type(sk)) 60 #define sk_OSSL_CRMF_MSG_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CRMF_MSG_sk_type(sk)) 61 #define sk_OSSL_CRMF_MSG_delete(sk, i) ((OSSL_CRMF_MSG *)OPENSSL_sk_delete(ossl_check_OSSL_CRMF_MSG_sk_type(sk), (i))) 62 #define sk_OSSL_CRMF_MSG_delete_ptr(sk, ptr) ((OSSL_CRMF_MSG *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr))) 63 #define sk_OSSL_CRMF_MSG_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr)) 64 #define sk_OSSL_CRMF_MSG_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr)) 65 #define sk_OSSL_CRMF_MSG_pop(sk) ((OSSL_CRMF_MSG *)OPENSSL_sk_pop(ossl_check_OSSL_CRMF_MSG_sk_type(sk))) 66 #define sk_OSSL_CRMF_MSG_shift(sk) ((OSSL_CRMF_MSG *)OPENSSL_sk_shift(ossl_check_OSSL_CRMF_MSG_sk_type(sk))) 67 #define sk_OSSL_CRMF_MSG_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CRMF_MSG_sk_type(sk),ossl_check_OSSL_CRMF_MSG_freefunc_type(freefunc)) 68 #define sk_OSSL_CRMF_MSG_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr), (idx)) 69 #define sk_OSSL_CRMF_MSG_set(sk, idx, ptr) ((OSSL_CRMF_MSG *)OPENSSL_sk_set(ossl_check_OSSL_CRMF_MSG_sk_type(sk), (idx), ossl_check_OSSL_CRMF_MSG_type(ptr))) 70 #define sk_OSSL_CRMF_MSG_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr)) 71 #define sk_OSSL_CRMF_MSG_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr)) 72 #define sk_OSSL_CRMF_MSG_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr), pnum) 73 #define sk_OSSL_CRMF_MSG_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CRMF_MSG_sk_type(sk)) 74 #define sk_OSSL_CRMF_MSG_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk)) 75 #define sk_OSSL_CRMF_MSG_dup(sk) ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk))) 76 #define sk_OSSL_CRMF_MSG_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_copyfunc_type(copyfunc), ossl_check_OSSL_CRMF_MSG_freefunc_type(freefunc))) 77 #define sk_OSSL_CRMF_MSG_set_cmp_func(sk, cmp) ((sk_OSSL_CRMF_MSG_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_compfunc_type(cmp))) 78 79 typedef struct ossl_crmf_attributetypeandvalue_st OSSL_CRMF_ATTRIBUTETYPEANDVALUE; 80 typedef struct ossl_crmf_pbmparameter_st OSSL_CRMF_PBMPARAMETER; 81 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PBMPARAMETER) 82 typedef struct ossl_crmf_poposigningkey_st OSSL_CRMF_POPOSIGNINGKEY; 83 typedef struct ossl_crmf_certrequest_st OSSL_CRMF_CERTREQUEST; 84 typedef struct ossl_crmf_certid_st OSSL_CRMF_CERTID; 85 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTID) 86 DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTID) 87 SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CRMF_CERTID, OSSL_CRMF_CERTID, OSSL_CRMF_CERTID) 88 #define sk_OSSL_CRMF_CERTID_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk)) 89 #define sk_OSSL_CRMF_CERTID_value(sk, idx) ((OSSL_CRMF_CERTID *)OPENSSL_sk_value(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk), (idx))) 90 #define sk_OSSL_CRMF_CERTID_new(cmp) ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_new(ossl_check_OSSL_CRMF_CERTID_compfunc_type(cmp))) 91 #define sk_OSSL_CRMF_CERTID_new_null() ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_new_null()) 92 #define sk_OSSL_CRMF_CERTID_new_reserve(cmp, n) ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CRMF_CERTID_compfunc_type(cmp), (n))) 93 #define sk_OSSL_CRMF_CERTID_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), (n)) 94 #define sk_OSSL_CRMF_CERTID_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CRMF_CERTID_sk_type(sk)) 95 #define sk_OSSL_CRMF_CERTID_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CRMF_CERTID_sk_type(sk)) 96 #define sk_OSSL_CRMF_CERTID_delete(sk, i) ((OSSL_CRMF_CERTID *)OPENSSL_sk_delete(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), (i))) 97 #define sk_OSSL_CRMF_CERTID_delete_ptr(sk, ptr) ((OSSL_CRMF_CERTID *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr))) 98 #define sk_OSSL_CRMF_CERTID_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr)) 99 #define sk_OSSL_CRMF_CERTID_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr)) 100 #define sk_OSSL_CRMF_CERTID_pop(sk) ((OSSL_CRMF_CERTID *)OPENSSL_sk_pop(ossl_check_OSSL_CRMF_CERTID_sk_type(sk))) 101 #define sk_OSSL_CRMF_CERTID_shift(sk) ((OSSL_CRMF_CERTID *)OPENSSL_sk_shift(ossl_check_OSSL_CRMF_CERTID_sk_type(sk))) 102 #define sk_OSSL_CRMF_CERTID_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CRMF_CERTID_sk_type(sk),ossl_check_OSSL_CRMF_CERTID_freefunc_type(freefunc)) 103 #define sk_OSSL_CRMF_CERTID_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr), (idx)) 104 #define sk_OSSL_CRMF_CERTID_set(sk, idx, ptr) ((OSSL_CRMF_CERTID *)OPENSSL_sk_set(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), (idx), ossl_check_OSSL_CRMF_CERTID_type(ptr))) 105 #define sk_OSSL_CRMF_CERTID_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr)) 106 #define sk_OSSL_CRMF_CERTID_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr)) 107 #define sk_OSSL_CRMF_CERTID_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr), pnum) 108 #define sk_OSSL_CRMF_CERTID_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CRMF_CERTID_sk_type(sk)) 109 #define sk_OSSL_CRMF_CERTID_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk)) 110 #define sk_OSSL_CRMF_CERTID_dup(sk) ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk))) 111 #define sk_OSSL_CRMF_CERTID_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_copyfunc_type(copyfunc), ossl_check_OSSL_CRMF_CERTID_freefunc_type(freefunc))) 112 #define sk_OSSL_CRMF_CERTID_set_cmp_func(sk, cmp) ((sk_OSSL_CRMF_CERTID_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_compfunc_type(cmp))) 113 114 115 typedef struct ossl_crmf_pkipublicationinfo_st OSSL_CRMF_PKIPUBLICATIONINFO; 116 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKIPUBLICATIONINFO) 117 typedef struct ossl_crmf_singlepubinfo_st OSSL_CRMF_SINGLEPUBINFO; 118 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_SINGLEPUBINFO) 119 typedef struct ossl_crmf_certtemplate_st OSSL_CRMF_CERTTEMPLATE; 120 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTTEMPLATE) 121 typedef STACK_OF(OSSL_CRMF_MSG) OSSL_CRMF_MSGS; 122 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS) 123 124 typedef struct ossl_crmf_optionalvalidity_st OSSL_CRMF_OPTIONALVALIDITY; 125 126 /* crmf_pbm.c */ 127 OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OSSL_LIB_CTX *libctx, size_t slen, 128 int owfnid, size_t itercnt, 129 int macnid); 130 int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq, 131 const OSSL_CRMF_PBMPARAMETER *pbmp, 132 const unsigned char *msg, size_t msglen, 133 const unsigned char *sec, size_t seclen, 134 unsigned char **mac, size_t *maclen); 135 136 /* crmf_lib.c */ 137 int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg, 138 const ASN1_UTF8STRING *tok); 139 ASN1_UTF8STRING 140 *OSSL_CRMF_MSG_get0_regCtrl_regToken(const OSSL_CRMF_MSG *msg); 141 int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg, 142 const ASN1_UTF8STRING *auth); 143 ASN1_UTF8STRING 144 *OSSL_CRMF_MSG_get0_regCtrl_authenticator(const OSSL_CRMF_MSG *msg); 145 int 146 OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi, 147 OSSL_CRMF_SINGLEPUBINFO *spi); 148 # define OSSL_CRMF_PUB_METHOD_DONTCARE 0 149 # define OSSL_CRMF_PUB_METHOD_X500 1 150 # define OSSL_CRMF_PUB_METHOD_WEB 2 151 # define OSSL_CRMF_PUB_METHOD_LDAP 3 152 int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi, 153 int method, GENERAL_NAME *nm); 154 # define OSSL_CRMF_PUB_ACTION_DONTPUBLISH 0 155 # define OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH 1 156 int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi, 157 int action); 158 int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg, 159 const OSSL_CRMF_PKIPUBLICATIONINFO *pi); 160 OSSL_CRMF_PKIPUBLICATIONINFO 161 *OSSL_CRMF_MSG_get0_regCtrl_pkiPublicationInfo(const OSSL_CRMF_MSG *msg); 162 int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg, 163 const X509_PUBKEY *pubkey); 164 X509_PUBKEY 165 *OSSL_CRMF_MSG_get0_regCtrl_protocolEncrKey(const OSSL_CRMF_MSG *msg); 166 int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg, 167 const OSSL_CRMF_CERTID *cid); 168 OSSL_CRMF_CERTID 169 *OSSL_CRMF_MSG_get0_regCtrl_oldCertID(const OSSL_CRMF_MSG *msg); 170 OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer, 171 const ASN1_INTEGER *serial); 172 173 int OSSL_CRMF_MSG_set1_regInfo_utf8Pairs(OSSL_CRMF_MSG *msg, 174 const ASN1_UTF8STRING *utf8pairs); 175 ASN1_UTF8STRING 176 *OSSL_CRMF_MSG_get0_regInfo_utf8Pairs(const OSSL_CRMF_MSG *msg); 177 int OSSL_CRMF_MSG_set1_regInfo_certReq(OSSL_CRMF_MSG *msg, 178 const OSSL_CRMF_CERTREQUEST *cr); 179 OSSL_CRMF_CERTREQUEST 180 *OSSL_CRMF_MSG_get0_regInfo_certReq(const OSSL_CRMF_MSG *msg); 181 182 int OSSL_CRMF_MSG_set0_validity(OSSL_CRMF_MSG *crm, 183 ASN1_TIME *notBefore, ASN1_TIME *notAfter); 184 int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid); 185 int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm); 186 int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm, X509_EXTENSIONS *exts); 187 188 int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, X509_EXTENSION *ext); 189 # define OSSL_CRMF_POPO_NONE -1 190 # define OSSL_CRMF_POPO_RAVERIFIED 0 191 # define OSSL_CRMF_POPO_SIGNATURE 1 192 # define OSSL_CRMF_POPO_KEYENC 2 193 # define OSSL_CRMF_POPO_KEYAGREE 3 194 int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm, 195 EVP_PKEY *pkey, const EVP_MD *digest, 196 OSSL_LIB_CTX *libctx, const char *propq); 197 int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, 198 int rid, int acceptRAVerified, 199 OSSL_LIB_CTX *libctx, const char *propq); 200 OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm); 201 const ASN1_INTEGER 202 *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl); 203 const X509_NAME 204 *OSSL_CRMF_CERTTEMPLATE_get0_subject(const OSSL_CRMF_CERTTEMPLATE *tmpl); 205 const X509_NAME 206 *OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl); 207 X509_EXTENSIONS 208 *OSSL_CRMF_CERTTEMPLATE_get0_extensions(const OSSL_CRMF_CERTTEMPLATE *tmpl); 209 const X509_NAME 210 *OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid); 211 const ASN1_INTEGER 212 *OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID *cid); 213 int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl, 214 EVP_PKEY *pubkey, 215 const X509_NAME *subject, 216 const X509_NAME *issuer, 217 const ASN1_INTEGER *serial); 218 X509 219 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert, 220 OSSL_LIB_CTX *libctx, const char *propq, 221 EVP_PKEY *pkey); 222 223 # ifdef __cplusplus 224 } 225 # endif 226 # endif /* !defined(OPENSSL_NO_CRMF) */ 227 #endif /* !defined(OPENSSL_CRMF_H) */ 228