1c19800e8SDoug Rabson /* 2*ae771770SStanislav Sedov * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan 3c19800e8SDoug Rabson * (Royal Institute of Technology, Stockholm, Sweden). 4c19800e8SDoug Rabson * All rights reserved. 5c19800e8SDoug Rabson * 6c19800e8SDoug Rabson * Redistribution and use in source and binary forms, with or without 7c19800e8SDoug Rabson * modification, are permitted provided that the following conditions 8c19800e8SDoug Rabson * are met: 9c19800e8SDoug Rabson * 10c19800e8SDoug Rabson * 1. Redistributions of source code must retain the above copyright 11c19800e8SDoug Rabson * notice, this list of conditions and the following disclaimer. 12c19800e8SDoug Rabson * 13c19800e8SDoug Rabson * 2. Redistributions in binary form must reproduce the above copyright 14c19800e8SDoug Rabson * notice, this list of conditions and the following disclaimer in the 15c19800e8SDoug Rabson * documentation and/or other materials provided with the distribution. 16c19800e8SDoug Rabson * 17c19800e8SDoug Rabson * 3. Neither the name of the Institute nor the names of its contributors 18c19800e8SDoug Rabson * may be used to endorse or promote products derived from this software 19c19800e8SDoug Rabson * without specific prior written permission. 20c19800e8SDoug Rabson * 21c19800e8SDoug Rabson * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22c19800e8SDoug Rabson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23c19800e8SDoug Rabson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24c19800e8SDoug Rabson * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25c19800e8SDoug Rabson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26c19800e8SDoug Rabson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27c19800e8SDoug Rabson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28c19800e8SDoug Rabson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29c19800e8SDoug Rabson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30c19800e8SDoug Rabson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31c19800e8SDoug Rabson * SUCH DAMAGE. 32c19800e8SDoug Rabson */ 33c19800e8SDoug Rabson 34*ae771770SStanislav Sedov /* $Id$ */ 35*ae771770SStanislav Sedov 36*ae771770SStanislav Sedov #ifndef HEIMDAL_HX509_H 37*ae771770SStanislav Sedov #define HEIMDAL_HX509_H 1 38*ae771770SStanislav Sedov 39*ae771770SStanislav Sedov #include <rfc2459_asn1.h> 40*ae771770SStanislav Sedov #include <stdarg.h> 41*ae771770SStanislav Sedov #include <stdio.h> 42c19800e8SDoug Rabson 43c19800e8SDoug Rabson typedef struct hx509_cert_attribute_data *hx509_cert_attribute; 44c19800e8SDoug Rabson typedef struct hx509_cert_data *hx509_cert; 45c19800e8SDoug Rabson typedef struct hx509_certs_data *hx509_certs; 46c19800e8SDoug Rabson typedef struct hx509_context_data *hx509_context; 47c19800e8SDoug Rabson typedef struct hx509_crypto_data *hx509_crypto; 48c19800e8SDoug Rabson typedef struct hx509_lock_data *hx509_lock; 49c19800e8SDoug Rabson typedef struct hx509_name_data *hx509_name; 50c19800e8SDoug Rabson typedef struct hx509_private_key *hx509_private_key; 51*ae771770SStanislav Sedov typedef struct hx509_private_key_ops hx509_private_key_ops; 52c19800e8SDoug Rabson typedef struct hx509_validate_ctx_data *hx509_validate_ctx; 53c19800e8SDoug Rabson typedef struct hx509_verify_ctx_data *hx509_verify_ctx; 54c19800e8SDoug Rabson typedef struct hx509_revoke_ctx_data *hx509_revoke_ctx; 55c19800e8SDoug Rabson typedef struct hx509_query_data hx509_query; 56c19800e8SDoug Rabson typedef void * hx509_cursor; 57c19800e8SDoug Rabson typedef struct hx509_request_data *hx509_request; 58c19800e8SDoug Rabson typedef struct hx509_error_data *hx509_error; 59c19800e8SDoug Rabson typedef struct hx509_peer_info *hx509_peer_info; 60c19800e8SDoug Rabson typedef struct hx509_ca_tbs *hx509_ca_tbs; 61*ae771770SStanislav Sedov typedef struct hx509_env_data *hx509_env; 62c19800e8SDoug Rabson typedef struct hx509_crl *hx509_crl; 63c19800e8SDoug Rabson 64c19800e8SDoug Rabson typedef void (*hx509_vprint_func)(void *, const char *, va_list); 65c19800e8SDoug Rabson 66c19800e8SDoug Rabson enum { 67c19800e8SDoug Rabson HX509_VHN_F_ALLOW_NO_MATCH = 1 68c19800e8SDoug Rabson }; 69c19800e8SDoug Rabson 70c19800e8SDoug Rabson enum { 71c19800e8SDoug Rabson HX509_VALIDATE_F_VALIDATE = 1, 72c19800e8SDoug Rabson HX509_VALIDATE_F_VERBOSE = 2 73c19800e8SDoug Rabson }; 74c19800e8SDoug Rabson 75*ae771770SStanislav Sedov enum { 76*ae771770SStanislav Sedov HX509_CRYPTO_PADDING_PKCS7 = 0, 77*ae771770SStanislav Sedov HX509_CRYPTO_PADDING_NONE = 1 78*ae771770SStanislav Sedov }; 79*ae771770SStanislav Sedov 80*ae771770SStanislav Sedov enum { 81*ae771770SStanislav Sedov HX509_KEY_FORMAT_GUESS = 0, 82*ae771770SStanislav Sedov HX509_KEY_FORMAT_DER = 1, 83*ae771770SStanislav Sedov HX509_KEY_FORMAT_WIN_BACKUPKEY = 2 84*ae771770SStanislav Sedov }; 85*ae771770SStanislav Sedov typedef uint32_t hx509_key_format_t; 86*ae771770SStanislav Sedov 87c19800e8SDoug Rabson struct hx509_cert_attribute_data { 88c19800e8SDoug Rabson heim_oid oid; 89c19800e8SDoug Rabson heim_octet_string data; 90c19800e8SDoug Rabson }; 91c19800e8SDoug Rabson 92c19800e8SDoug Rabson typedef enum { 93c19800e8SDoug Rabson HX509_PROMPT_TYPE_PASSWORD = 0x1, /* password, hidden */ 94c19800e8SDoug Rabson HX509_PROMPT_TYPE_QUESTION = 0x2, /* question, not hidden */ 95c19800e8SDoug Rabson HX509_PROMPT_TYPE_INFO = 0x4 /* infomation, reply doesn't matter */ 96c19800e8SDoug Rabson } hx509_prompt_type; 97c19800e8SDoug Rabson 98c19800e8SDoug Rabson typedef struct hx509_prompt { 99c19800e8SDoug Rabson const char *prompt; 100c19800e8SDoug Rabson hx509_prompt_type type; 101c19800e8SDoug Rabson heim_octet_string reply; 102c19800e8SDoug Rabson } hx509_prompt; 103c19800e8SDoug Rabson 104c19800e8SDoug Rabson typedef int (*hx509_prompter_fct)(void *, const hx509_prompt *); 105c19800e8SDoug Rabson 106c19800e8SDoug Rabson typedef struct hx509_octet_string_list { 107c19800e8SDoug Rabson size_t len; 108c19800e8SDoug Rabson heim_octet_string *val; 109c19800e8SDoug Rabson } hx509_octet_string_list; 110c19800e8SDoug Rabson 111c19800e8SDoug Rabson typedef struct hx509_pem_header { 112c19800e8SDoug Rabson struct hx509_pem_header *next; 113c19800e8SDoug Rabson char *header; 114c19800e8SDoug Rabson char *value; 115c19800e8SDoug Rabson } hx509_pem_header; 116c19800e8SDoug Rabson 117c19800e8SDoug Rabson typedef int 118c19800e8SDoug Rabson (*hx509_pem_read_func)(hx509_context, const char *, const hx509_pem_header *, 119c19800e8SDoug Rabson const void *, size_t, void *ctx); 120c19800e8SDoug Rabson 121c19800e8SDoug Rabson /* 122c19800e8SDoug Rabson * Options passed to hx509_query_match_option. 123c19800e8SDoug Rabson */ 124c19800e8SDoug Rabson typedef enum { 125c19800e8SDoug Rabson HX509_QUERY_OPTION_PRIVATE_KEY = 1, 126c19800e8SDoug Rabson HX509_QUERY_OPTION_KU_ENCIPHERMENT = 2, 127c19800e8SDoug Rabson HX509_QUERY_OPTION_KU_DIGITALSIGNATURE = 3, 128c19800e8SDoug Rabson HX509_QUERY_OPTION_KU_KEYCERTSIGN = 4, 129c19800e8SDoug Rabson HX509_QUERY_OPTION_END = 0xffff 130c19800e8SDoug Rabson } hx509_query_option; 131c19800e8SDoug Rabson 132c19800e8SDoug Rabson /* flags to hx509_certs_init */ 133c19800e8SDoug Rabson #define HX509_CERTS_CREATE 0x01 134c19800e8SDoug Rabson #define HX509_CERTS_UNPROTECT_ALL 0x02 135c19800e8SDoug Rabson 136c19800e8SDoug Rabson /* flags to hx509_set_error_string */ 137c19800e8SDoug Rabson #define HX509_ERROR_APPEND 0x01 138c19800e8SDoug Rabson 139c19800e8SDoug Rabson /* flags to hx509_cms_unenvelope */ 140c19800e8SDoug Rabson #define HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT 0x01 141*ae771770SStanislav Sedov #define HX509_CMS_UE_ALLOW_WEAK 0x02 142*ae771770SStanislav Sedov 143*ae771770SStanislav Sedov /* flags to hx509_cms_envelope_1 */ 144*ae771770SStanislav Sedov #define HX509_CMS_EV_NO_KU_CHECK 0x01 145*ae771770SStanislav Sedov #define HX509_CMS_EV_ALLOW_WEAK 0x02 146*ae771770SStanislav Sedov #define HX509_CMS_EV_ID_NAME 0x04 147*ae771770SStanislav Sedov 148*ae771770SStanislav Sedov /* flags to hx509_cms_verify_signed */ 149*ae771770SStanislav Sedov #define HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH 0x01 150*ae771770SStanislav Sedov #define HX509_CMS_VS_NO_KU_CHECK 0x02 151*ae771770SStanislav Sedov #define HX509_CMS_VS_ALLOW_ZERO_SIGNER 0x04 152*ae771770SStanislav Sedov #define HX509_CMS_VS_NO_VALIDATE 0x08 153c19800e8SDoug Rabson 154c19800e8SDoug Rabson /* selectors passed to hx509_crypto_select and hx509_crypto_available */ 155c19800e8SDoug Rabson #define HX509_SELECT_ALL 0 156c19800e8SDoug Rabson #define HX509_SELECT_DIGEST 1 157c19800e8SDoug Rabson #define HX509_SELECT_PUBLIC_SIG 2 158c19800e8SDoug Rabson #define HX509_SELECT_PUBLIC_ENC 3 159c19800e8SDoug Rabson #define HX509_SELECT_SECRET_ENC 4 160c19800e8SDoug Rabson 161c19800e8SDoug Rabson /* flags to hx509_ca_tbs_set_template */ 162c19800e8SDoug Rabson #define HX509_CA_TEMPLATE_SUBJECT 1 163c19800e8SDoug Rabson #define HX509_CA_TEMPLATE_SERIAL 2 164c19800e8SDoug Rabson #define HX509_CA_TEMPLATE_NOTBEFORE 4 165c19800e8SDoug Rabson #define HX509_CA_TEMPLATE_NOTAFTER 8 166c19800e8SDoug Rabson #define HX509_CA_TEMPLATE_SPKI 16 167c19800e8SDoug Rabson #define HX509_CA_TEMPLATE_KU 32 168c19800e8SDoug Rabson #define HX509_CA_TEMPLATE_EKU 64 169c19800e8SDoug Rabson 170c19800e8SDoug Rabson /* flags hx509_cms_create_signed* */ 171*ae771770SStanislav Sedov #define HX509_CMS_SIGNATURE_DETACHED 0x01 172*ae771770SStanislav Sedov #define HX509_CMS_SIGNATURE_ID_NAME 0x02 173*ae771770SStanislav Sedov #define HX509_CMS_SIGNATURE_NO_SIGNER 0x04 174*ae771770SStanislav Sedov #define HX509_CMS_SIGNATURE_LEAF_ONLY 0x08 175*ae771770SStanislav Sedov #define HX509_CMS_SIGNATURE_NO_CERTS 0x10 176c19800e8SDoug Rabson 177c19800e8SDoug Rabson /* hx509_verify_hostname nametype */ 178c19800e8SDoug Rabson typedef enum { 179c19800e8SDoug Rabson HX509_HN_HOSTNAME = 0, 180c19800e8SDoug Rabson HX509_HN_DNSSRV 181c19800e8SDoug Rabson } hx509_hostname_type; 182c19800e8SDoug Rabson 183c19800e8SDoug Rabson #include <hx509-protos.h> 184*ae771770SStanislav Sedov #include <hx509_err.h> 185*ae771770SStanislav Sedov 186*ae771770SStanislav Sedov #endif /* HEIMDAL_HX509_H */ 187