1/*- 2 * WARNING: do not edit! 3 * Generated by Makefile from include/openssl/crmf.h.in 4 * 5 * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved. 6 * Copyright Nokia 2007-2019 7 * Copyright Siemens AG 2015-2019 8 * 9 * Licensed under the Apache License 2.0 (the "License"). You may not use 10 * this file except in compliance with the License. You can obtain a copy 11 * in the file LICENSE in the source distribution or at 12 * https://www.openssl.org/source/license.html 13 * 14 * CRMF (RFC 4211) implementation by M. Peylo, M. Viljanen, and D. von Oheimb. 15 */ 16 17 18 19#ifndef OPENSSL_CRMF_H 20# define OPENSSL_CRMF_H 21 22# include <openssl/opensslconf.h> 23 24# ifndef OPENSSL_NO_CRMF 25# include <openssl/opensslv.h> 26# include <openssl/safestack.h> 27# include <openssl/crmferr.h> 28# include <openssl/x509v3.h> /* for GENERAL_NAME etc. */ 29 30/* explicit #includes not strictly needed since implied by the above: */ 31# include <openssl/types.h> 32# include <openssl/x509.h> 33 34# ifdef __cplusplus 35extern "C" { 36# endif 37 38# define OSSL_CRMF_POPOPRIVKEY_THISMESSAGE 0 39# define OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE 1 40# define OSSL_CRMF_POPOPRIVKEY_DHMAC 2 41# define OSSL_CRMF_POPOPRIVKEY_AGREEMAC 3 42# define OSSL_CRMF_POPOPRIVKEY_ENCRYPTEDKEY 4 43 44# define OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT 0 45# define OSSL_CRMF_SUBSEQUENTMESSAGE_CHALLENGERESP 1 46 47typedef struct ossl_crmf_encryptedvalue_st OSSL_CRMF_ENCRYPTEDVALUE; 48DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDVALUE) 49typedef struct ossl_crmf_msg_st OSSL_CRMF_MSG; 50DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSG) 51DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_MSG) 52SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CRMF_MSG, OSSL_CRMF_MSG, OSSL_CRMF_MSG) 53#define sk_OSSL_CRMF_MSG_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk)) 54#define sk_OSSL_CRMF_MSG_value(sk, idx) ((OSSL_CRMF_MSG *)OPENSSL_sk_value(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk), (idx))) 55#define sk_OSSL_CRMF_MSG_new(cmp) ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_new(ossl_check_OSSL_CRMF_MSG_compfunc_type(cmp))) 56#define sk_OSSL_CRMF_MSG_new_null() ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_new_null()) 57#define sk_OSSL_CRMF_MSG_new_reserve(cmp, n) ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CRMF_MSG_compfunc_type(cmp), (n))) 58#define sk_OSSL_CRMF_MSG_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CRMF_MSG_sk_type(sk), (n)) 59#define sk_OSSL_CRMF_MSG_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CRMF_MSG_sk_type(sk)) 60#define sk_OSSL_CRMF_MSG_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CRMF_MSG_sk_type(sk)) 61#define sk_OSSL_CRMF_MSG_delete(sk, i) ((OSSL_CRMF_MSG *)OPENSSL_sk_delete(ossl_check_OSSL_CRMF_MSG_sk_type(sk), (i))) 62#define sk_OSSL_CRMF_MSG_delete_ptr(sk, ptr) ((OSSL_CRMF_MSG *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr))) 63#define sk_OSSL_CRMF_MSG_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr)) 64#define sk_OSSL_CRMF_MSG_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr)) 65#define sk_OSSL_CRMF_MSG_pop(sk) ((OSSL_CRMF_MSG *)OPENSSL_sk_pop(ossl_check_OSSL_CRMF_MSG_sk_type(sk))) 66#define sk_OSSL_CRMF_MSG_shift(sk) ((OSSL_CRMF_MSG *)OPENSSL_sk_shift(ossl_check_OSSL_CRMF_MSG_sk_type(sk))) 67#define sk_OSSL_CRMF_MSG_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CRMF_MSG_sk_type(sk),ossl_check_OSSL_CRMF_MSG_freefunc_type(freefunc)) 68#define sk_OSSL_CRMF_MSG_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr), (idx)) 69#define sk_OSSL_CRMF_MSG_set(sk, idx, ptr) ((OSSL_CRMF_MSG *)OPENSSL_sk_set(ossl_check_OSSL_CRMF_MSG_sk_type(sk), (idx), ossl_check_OSSL_CRMF_MSG_type(ptr))) 70#define sk_OSSL_CRMF_MSG_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr)) 71#define sk_OSSL_CRMF_MSG_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr)) 72#define sk_OSSL_CRMF_MSG_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr), pnum) 73#define sk_OSSL_CRMF_MSG_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CRMF_MSG_sk_type(sk)) 74#define sk_OSSL_CRMF_MSG_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk)) 75#define sk_OSSL_CRMF_MSG_dup(sk) ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk))) 76#define sk_OSSL_CRMF_MSG_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_copyfunc_type(copyfunc), ossl_check_OSSL_CRMF_MSG_freefunc_type(freefunc))) 77#define sk_OSSL_CRMF_MSG_set_cmp_func(sk, cmp) ((sk_OSSL_CRMF_MSG_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_compfunc_type(cmp))) 78 79typedef struct ossl_crmf_attributetypeandvalue_st OSSL_CRMF_ATTRIBUTETYPEANDVALUE; 80typedef struct ossl_crmf_pbmparameter_st OSSL_CRMF_PBMPARAMETER; 81DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PBMPARAMETER) 82typedef struct ossl_crmf_poposigningkey_st OSSL_CRMF_POPOSIGNINGKEY; 83typedef struct ossl_crmf_certrequest_st OSSL_CRMF_CERTREQUEST; 84typedef struct ossl_crmf_certid_st OSSL_CRMF_CERTID; 85DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTID) 86DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTID) 87SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CRMF_CERTID, OSSL_CRMF_CERTID, OSSL_CRMF_CERTID) 88#define sk_OSSL_CRMF_CERTID_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk)) 89#define sk_OSSL_CRMF_CERTID_value(sk, idx) ((OSSL_CRMF_CERTID *)OPENSSL_sk_value(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk), (idx))) 90#define sk_OSSL_CRMF_CERTID_new(cmp) ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_new(ossl_check_OSSL_CRMF_CERTID_compfunc_type(cmp))) 91#define sk_OSSL_CRMF_CERTID_new_null() ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_new_null()) 92#define sk_OSSL_CRMF_CERTID_new_reserve(cmp, n) ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CRMF_CERTID_compfunc_type(cmp), (n))) 93#define sk_OSSL_CRMF_CERTID_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), (n)) 94#define sk_OSSL_CRMF_CERTID_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CRMF_CERTID_sk_type(sk)) 95#define sk_OSSL_CRMF_CERTID_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CRMF_CERTID_sk_type(sk)) 96#define sk_OSSL_CRMF_CERTID_delete(sk, i) ((OSSL_CRMF_CERTID *)OPENSSL_sk_delete(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), (i))) 97#define sk_OSSL_CRMF_CERTID_delete_ptr(sk, ptr) ((OSSL_CRMF_CERTID *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr))) 98#define sk_OSSL_CRMF_CERTID_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr)) 99#define sk_OSSL_CRMF_CERTID_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr)) 100#define sk_OSSL_CRMF_CERTID_pop(sk) ((OSSL_CRMF_CERTID *)OPENSSL_sk_pop(ossl_check_OSSL_CRMF_CERTID_sk_type(sk))) 101#define sk_OSSL_CRMF_CERTID_shift(sk) ((OSSL_CRMF_CERTID *)OPENSSL_sk_shift(ossl_check_OSSL_CRMF_CERTID_sk_type(sk))) 102#define sk_OSSL_CRMF_CERTID_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CRMF_CERTID_sk_type(sk),ossl_check_OSSL_CRMF_CERTID_freefunc_type(freefunc)) 103#define sk_OSSL_CRMF_CERTID_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr), (idx)) 104#define sk_OSSL_CRMF_CERTID_set(sk, idx, ptr) ((OSSL_CRMF_CERTID *)OPENSSL_sk_set(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), (idx), ossl_check_OSSL_CRMF_CERTID_type(ptr))) 105#define sk_OSSL_CRMF_CERTID_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr)) 106#define sk_OSSL_CRMF_CERTID_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr)) 107#define sk_OSSL_CRMF_CERTID_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr), pnum) 108#define sk_OSSL_CRMF_CERTID_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CRMF_CERTID_sk_type(sk)) 109#define sk_OSSL_CRMF_CERTID_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk)) 110#define sk_OSSL_CRMF_CERTID_dup(sk) ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk))) 111#define sk_OSSL_CRMF_CERTID_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_copyfunc_type(copyfunc), ossl_check_OSSL_CRMF_CERTID_freefunc_type(freefunc))) 112#define sk_OSSL_CRMF_CERTID_set_cmp_func(sk, cmp) ((sk_OSSL_CRMF_CERTID_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_compfunc_type(cmp))) 113 114 115typedef struct ossl_crmf_pkipublicationinfo_st OSSL_CRMF_PKIPUBLICATIONINFO; 116DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKIPUBLICATIONINFO) 117typedef struct ossl_crmf_singlepubinfo_st OSSL_CRMF_SINGLEPUBINFO; 118DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_SINGLEPUBINFO) 119typedef struct ossl_crmf_certtemplate_st OSSL_CRMF_CERTTEMPLATE; 120DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTTEMPLATE) 121typedef STACK_OF(OSSL_CRMF_MSG) OSSL_CRMF_MSGS; 122DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS) 123 124typedef struct ossl_crmf_optionalvalidity_st OSSL_CRMF_OPTIONALVALIDITY; 125 126/* crmf_pbm.c */ 127OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OSSL_LIB_CTX *libctx, size_t slen, 128 int owfnid, size_t itercnt, 129 int macnid); 130int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq, 131 const OSSL_CRMF_PBMPARAMETER *pbmp, 132 const unsigned char *msg, size_t msglen, 133 const unsigned char *sec, size_t seclen, 134 unsigned char **mac, size_t *maclen); 135 136/* crmf_lib.c */ 137int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg, 138 const ASN1_UTF8STRING *tok); 139ASN1_UTF8STRING 140*OSSL_CRMF_MSG_get0_regCtrl_regToken(const OSSL_CRMF_MSG *msg); 141int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg, 142 const ASN1_UTF8STRING *auth); 143ASN1_UTF8STRING 144*OSSL_CRMF_MSG_get0_regCtrl_authenticator(const OSSL_CRMF_MSG *msg); 145int 146OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi, 147 OSSL_CRMF_SINGLEPUBINFO *spi); 148# define OSSL_CRMF_PUB_METHOD_DONTCARE 0 149# define OSSL_CRMF_PUB_METHOD_X500 1 150# define OSSL_CRMF_PUB_METHOD_WEB 2 151# define OSSL_CRMF_PUB_METHOD_LDAP 3 152int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi, 153 int method, GENERAL_NAME *nm); 154# define OSSL_CRMF_PUB_ACTION_DONTPUBLISH 0 155# define OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH 1 156int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi, 157 int action); 158int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg, 159 const OSSL_CRMF_PKIPUBLICATIONINFO *pi); 160OSSL_CRMF_PKIPUBLICATIONINFO 161*OSSL_CRMF_MSG_get0_regCtrl_pkiPublicationInfo(const OSSL_CRMF_MSG *msg); 162int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg, 163 const X509_PUBKEY *pubkey); 164X509_PUBKEY 165*OSSL_CRMF_MSG_get0_regCtrl_protocolEncrKey(const OSSL_CRMF_MSG *msg); 166int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg, 167 const OSSL_CRMF_CERTID *cid); 168OSSL_CRMF_CERTID 169*OSSL_CRMF_MSG_get0_regCtrl_oldCertID(const OSSL_CRMF_MSG *msg); 170OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer, 171 const ASN1_INTEGER *serial); 172 173int OSSL_CRMF_MSG_set1_regInfo_utf8Pairs(OSSL_CRMF_MSG *msg, 174 const ASN1_UTF8STRING *utf8pairs); 175ASN1_UTF8STRING 176*OSSL_CRMF_MSG_get0_regInfo_utf8Pairs(const OSSL_CRMF_MSG *msg); 177int OSSL_CRMF_MSG_set1_regInfo_certReq(OSSL_CRMF_MSG *msg, 178 const OSSL_CRMF_CERTREQUEST *cr); 179OSSL_CRMF_CERTREQUEST 180*OSSL_CRMF_MSG_get0_regInfo_certReq(const OSSL_CRMF_MSG *msg); 181 182int OSSL_CRMF_MSG_set0_validity(OSSL_CRMF_MSG *crm, 183 ASN1_TIME *notBefore, ASN1_TIME *notAfter); 184int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid); 185int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm); 186int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm, X509_EXTENSIONS *exts); 187 188int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, X509_EXTENSION *ext); 189# define OSSL_CRMF_POPO_NONE -1 190# define OSSL_CRMF_POPO_RAVERIFIED 0 191# define OSSL_CRMF_POPO_SIGNATURE 1 192# define OSSL_CRMF_POPO_KEYENC 2 193# define OSSL_CRMF_POPO_KEYAGREE 3 194int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm, 195 EVP_PKEY *pkey, const EVP_MD *digest, 196 OSSL_LIB_CTX *libctx, const char *propq); 197int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, 198 int rid, int acceptRAVerified, 199 OSSL_LIB_CTX *libctx, const char *propq); 200OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm); 201const ASN1_INTEGER 202*OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl); 203const X509_NAME 204*OSSL_CRMF_CERTTEMPLATE_get0_subject(const OSSL_CRMF_CERTTEMPLATE *tmpl); 205const X509_NAME 206*OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl); 207X509_EXTENSIONS 208*OSSL_CRMF_CERTTEMPLATE_get0_extensions(const OSSL_CRMF_CERTTEMPLATE *tmpl); 209const X509_NAME 210*OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid); 211const ASN1_INTEGER 212*OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID *cid); 213int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl, 214 EVP_PKEY *pubkey, 215 const X509_NAME *subject, 216 const X509_NAME *issuer, 217 const ASN1_INTEGER *serial); 218X509 219*OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert, 220 OSSL_LIB_CTX *libctx, const char *propq, 221 EVP_PKEY *pkey); 222 223# ifdef __cplusplus 224} 225# endif 226# endif /* !defined(OPENSSL_NO_CRMF) */ 227#endif /* !defined(OPENSSL_CRMF_H) */ 228