1/*
2 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19/*
20 * tpCrlVerify.h - routines to verify CRLs and to verify certs against CRLs.
21 *
22 */
23
24#ifndef	_TP_CRL_VERIFY_H_
25#define _TP_CRL_VERIFY_H_
26
27#include <Security/cssmtype.h>
28#include <security_utilities/alloc.h>
29#include <Security/cssmapple.h>
30#include <Security/cssmapplePriv.h>
31
32class TPCertInfo;
33class TPCertGroup;
34class TPCrlInfo;
35class TPCrlGroup;
36
37/*
38 * Enumerated CRL policies enforced by this module.
39 */
40typedef enum {
41	kRevokeNone,			/* no revocation checking */
42	kRevokeCrlBasic,
43	kRevokeOcsp
44} TPRevocationPolicy;
45
46/* Module-specific default policy */
47#define TP_CRL_POLICY_DEFAULT	kRevokeNone
48
49/*
50 * Various parameters widely used in any operation involving CRL and
51 * OCSP verification. Most fields are optional.
52 */
53class TPVerifyContext {
54	NOCOPY(TPVerifyContext)
55public:
56	TPVerifyContext(
57		Allocator			&_alloc,
58		CSSM_CL_HANDLE		_clHand,
59		CSSM_CSP_HANDLE		_cspHand,
60		CSSM_TIMESTRING		_verifyTime,
61		uint32				_numAnchorCerts,
62		const CSSM_DATA		*_anchorCerts,
63		TPCertGroup			*_signerCerts,
64		TPCrlGroup			*_inputCrls,
65		TPCertGroup			&_gatheredCerts,
66		CSSM_DL_DB_LIST_PTR	_dbList,
67		TPRevocationPolicy	_policy,
68		CSSM_APPLE_TP_ACTION_FLAGS	_actionFlags,
69		CSSM_APPLE_TP_CRL_OPTIONS	*_crlOpts,
70		CSSM_APPLE_TP_OCSP_OPTIONS	*_ocspOpts,
71		const CSSM_OID		*_policyOid,
72		const char			*_policyStr,
73		uint32				_policyStrLen,
74		CSSM_KEYUSE			_keyUse)
75			: alloc(_alloc),
76				clHand(_clHand),
77				cspHand(_cspHand),
78				verifyTime(_verifyTime),
79				numAnchorCerts(_numAnchorCerts),
80				anchorCerts(_anchorCerts),
81				signerCerts(_signerCerts),
82				inputCrls(_inputCrls),
83				gatheredCerts(_gatheredCerts),
84				dbList(_dbList),
85				policy(_policy),
86				actionFlags(_actionFlags),
87				crlOpts(_crlOpts),
88				ocspOpts(_ocspOpts),
89				policyOid(_policyOid),
90				policyStr(_policyStr),
91				policyStrLen(_policyStrLen),
92				keyUse(_keyUse)
93					{ }
94
95	~TPVerifyContext() { }
96
97	Allocator						&alloc;
98	CSSM_CL_HANDLE					clHand;
99	CSSM_CSP_HANDLE					cspHand;
100
101	/*
102	 * NULL means "verify for this momemt", otherwise indicates
103	 * time at which an entity is to be verified.
104	 */
105    CSSM_TIMESTRING 				verifyTime;
106
107	/* trusted anchors */
108	/* FIXME - maybe this should be a TPCertGroup */
109    uint32 							numAnchorCerts;
110	const CSSM_DATA					*anchorCerts;
111
112	/*
113	 * Intermediate signing certs. Always present.
114	 * This could come from the raw cert group to be verified
115	 * in CertGroupVerify(), or the explicit SignerCertGroup in
116	 * CrlVerify(). IN both cases the cert group owns the certs and
117	 * eventually frees them. These certs have not been verified in any
118	 * way other than to ensure that they parse and have been cached
119	 * by the CL.
120	 */
121	TPCertGroup						*signerCerts;
122
123	/* Raw CRLs provided by caller, state unknown, optional */
124	TPCrlGroup						*inputCrls;
125
126	/*
127	 * Other certificates gathered during the course of this operation,
128	 * currently consisting of certs fetched from DBs and from the net.
129	 * This is currently set to AppleTPSession::CertGroupVerify's
130	 * certsToBeFreed, to include certs fetched from the net (a
131	 * significant optimization) and from DLDB (a side effect, also
132	 * a slight optimization).
133	 */
134	TPCertGroup						&gatheredCerts;
135
136	/* can contain certs and/or CRLs */
137    CSSM_DL_DB_LIST_PTR 			dbList;
138
139	TPRevocationPolicy				policy;
140	CSSM_APPLE_TP_ACTION_FLAGS		actionFlags;
141
142	/* one of these valid, depends on policy */
143	const CSSM_APPLE_TP_CRL_OPTIONS	*crlOpts;
144	const CSSM_APPLE_TP_OCSP_OPTIONS *ocspOpts;
145
146	/* optional user trust parameters */
147	const CSSM_OID					*policyOid;
148	const char						*policyStr;
149	uint32							policyStrLen;
150	CSSM_KEYUSE						keyUse;
151};
152
153extern "C" {
154
155/* CRL - specific */
156CSSM_RETURN tpVerifyCertGroupWithCrls(
157	TPVerifyContext					&tpVerifyContext,
158	TPCertGroup 					&certGroup);		// to be verified
159
160/* general purpose, switch to policy-specific code based on TPVerifyContext.policy */
161CSSM_RETURN tpRevocationPolicyVerify(
162	TPVerifyContext					&tpVerifyContext,
163	TPCertGroup 					&certGroup);		// to be verified
164
165}
166
167#endif	/* _TP_CRL_VERIFY_H_ */
168