1/* 2 * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34/* $Id: hx509.h,v 1.1.1.1 2011/06/10 09:34:42 andrew Exp $ */ 35 36#ifndef HEIMDAL_HX509_H 37#define HEIMDAL_HX509_H 1 38 39#include <rfc2459_asn1.h> 40#include <stdarg.h> 41#include <stdio.h> 42 43typedef struct hx509_cert_attribute_data *hx509_cert_attribute; 44typedef struct hx509_cert_data *hx509_cert; 45typedef struct hx509_certs_data *hx509_certs; 46typedef struct hx509_context_data *hx509_context; 47typedef struct hx509_crypto_data *hx509_crypto; 48typedef struct hx509_lock_data *hx509_lock; 49typedef struct hx509_name_data *hx509_name; 50typedef struct hx509_private_key *hx509_private_key; 51typedef struct hx509_validate_ctx_data *hx509_validate_ctx; 52typedef struct hx509_verify_ctx_data *hx509_verify_ctx; 53typedef struct hx509_revoke_ctx_data *hx509_revoke_ctx; 54typedef struct hx509_query_data hx509_query; 55typedef void * hx509_cursor; 56typedef struct hx509_request_data *hx509_request; 57typedef struct hx509_error_data *hx509_error; 58typedef struct hx509_peer_info *hx509_peer_info; 59typedef struct hx509_ca_tbs *hx509_ca_tbs; 60typedef struct hx509_env_data *hx509_env; 61typedef struct hx509_crl *hx509_crl; 62 63typedef void (*hx509_vprint_func)(void *, const char *, va_list); 64 65enum { 66 HX509_VHN_F_ALLOW_NO_MATCH = 1 67}; 68 69enum { 70 HX509_VALIDATE_F_VALIDATE = 1, 71 HX509_VALIDATE_F_VERBOSE = 2 72}; 73 74struct hx509_cert_attribute_data { 75 heim_oid oid; 76 heim_octet_string data; 77}; 78 79typedef enum { 80 HX509_PROMPT_TYPE_PASSWORD = 0x1, /* password, hidden */ 81 HX509_PROMPT_TYPE_QUESTION = 0x2, /* question, not hidden */ 82 HX509_PROMPT_TYPE_INFO = 0x4 /* infomation, reply doesn't matter */ 83} hx509_prompt_type; 84 85typedef struct hx509_prompt { 86 const char *prompt; 87 hx509_prompt_type type; 88 heim_octet_string reply; 89} hx509_prompt; 90 91typedef int (*hx509_prompter_fct)(void *, const hx509_prompt *); 92 93typedef struct hx509_octet_string_list { 94 size_t len; 95 heim_octet_string *val; 96} hx509_octet_string_list; 97 98typedef struct hx509_pem_header { 99 struct hx509_pem_header *next; 100 char *header; 101 char *value; 102} hx509_pem_header; 103 104typedef int 105(*hx509_pem_read_func)(hx509_context, const char *, const hx509_pem_header *, 106 const void *, size_t, void *ctx); 107 108/* 109 * Options passed to hx509_query_match_option. 110 */ 111typedef enum { 112 HX509_QUERY_OPTION_PRIVATE_KEY = 1, 113 HX509_QUERY_OPTION_KU_ENCIPHERMENT = 2, 114 HX509_QUERY_OPTION_KU_DIGITALSIGNATURE = 3, 115 HX509_QUERY_OPTION_KU_KEYCERTSIGN = 4, 116 HX509_QUERY_OPTION_END = 0xffff 117} hx509_query_option; 118 119/* flags to hx509_certs_init */ 120#define HX509_CERTS_CREATE 0x01 121#define HX509_CERTS_UNPROTECT_ALL 0x02 122 123/* flags to hx509_set_error_string */ 124#define HX509_ERROR_APPEND 0x01 125 126/* flags to hx509_cms_unenvelope */ 127#define HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT 0x01 128#define HX509_CMS_UE_ALLOW_WEAK 0x02 129 130/* flags to hx509_cms_envelope_1 */ 131#define HX509_CMS_EV_NO_KU_CHECK 0x01 132#define HX509_CMS_EV_ALLOW_WEAK 0x02 133 134/* flags to hx509_cms_verify_signed */ 135#define HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH 0x01 136#define HX509_CMS_VS_NO_KU_CHECK 0x02 137#define HX509_CMS_VS_ALLOW_ZERO_SIGNER 0x04 138#define HX509_CMS_VS_NO_VALIDATE 0x08 139 140/* selectors passed to hx509_crypto_select and hx509_crypto_available */ 141#define HX509_SELECT_ALL 0 142#define HX509_SELECT_DIGEST 1 143#define HX509_SELECT_PUBLIC_SIG 2 144#define HX509_SELECT_PUBLIC_ENC 3 145#define HX509_SELECT_SECRET_ENC 4 146 147/* flags to hx509_ca_tbs_set_template */ 148#define HX509_CA_TEMPLATE_SUBJECT 1 149#define HX509_CA_TEMPLATE_SERIAL 2 150#define HX509_CA_TEMPLATE_NOTBEFORE 4 151#define HX509_CA_TEMPLATE_NOTAFTER 8 152#define HX509_CA_TEMPLATE_SPKI 16 153#define HX509_CA_TEMPLATE_KU 32 154#define HX509_CA_TEMPLATE_EKU 64 155 156/* flags hx509_cms_create_signed* */ 157#define HX509_CMS_SIGNATURE_DETACHED 0x01 158#define HX509_CMS_SIGNATURE_ID_NAME 0x02 159#define HX509_CMS_SIGNATURE_NO_SIGNER 0x04 160 161/* hx509_verify_hostname nametype */ 162typedef enum { 163 HX509_HN_HOSTNAME = 0, 164 HX509_HN_DNSSRV 165} hx509_hostname_type; 166 167#include <hx509-protos.h> 168#include <hx509_err.h> 169 170#endif /* HEIMDAL_HX509_H */ 171