1/*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19/*
20 * tpCrlVerify.h - routines to verify CRLs and to verify certs against CRLs.
21 *
22 * Written 9/26/02 by Doug Mitchell.
23 */
24
25#ifndef	_TP_CRL_VERIFY_H_
26#define _TP_CRL_VERIFY_H_
27
28#include <Security/cssmtype.h>
29#include <security_utilities/alloc.h>
30#include <Security/cssmapple.h>
31#include <Security/cssmapplePriv.h>
32
33class TPCertInfo;
34class TPCertGroup;
35class TPCrlInfo;
36class TPCrlGroup;
37
38/*
39 * Enumerated CRL policies enforced by this module.
40 */
41typedef enum {
42	kRevokeNone,			/* no revocation checking */
43	kRevokeCrlBasic,
44	kRevokeOcsp
45} TPRevocationPolicy;
46
47/* Module-specific default policy */
48#define TP_CRL_POLICY_DEFAULT	kRevokeNone
49
50/*
51 * Various parameters widely used in any operation involving CRL and
52 * OCSP verification. Most fields are optional.
53 */
54class TPVerifyContext {
55	NOCOPY(TPVerifyContext)
56public:
57	TPVerifyContext(
58		Allocator			&_alloc,
59		CSSM_CL_HANDLE		_clHand,
60		CSSM_CSP_HANDLE		_cspHand,
61		CSSM_TIMESTRING		_verifyTime,
62		uint32				_numAnchorCerts,
63		const CSSM_DATA		*_anchorCerts,
64		TPCertGroup			*_signerCerts,
65		TPCrlGroup			*_inputCrls,
66		TPCertGroup			&_gatheredCerts,
67		CSSM_DL_DB_LIST_PTR	_dbList,
68		TPRevocationPolicy	_policy,
69		CSSM_APPLE_TP_ACTION_FLAGS	_actionFlags,
70		CSSM_APPLE_TP_CRL_OPTIONS	*_crlOpts,
71		CSSM_APPLE_TP_OCSP_OPTIONS	*_ocspOpts,
72		const CSSM_OID		*_policyOid,
73		const char			*_policyStr,
74		uint32				_policyStrLen,
75		CSSM_KEYUSE			_keyUse)
76			: alloc(_alloc),
77				clHand(_clHand),
78				cspHand(_cspHand),
79				verifyTime(_verifyTime),
80				numAnchorCerts(_numAnchorCerts),
81				anchorCerts(_anchorCerts),
82				signerCerts(_signerCerts),
83				inputCrls(_inputCrls),
84				gatheredCerts(_gatheredCerts),
85				dbList(_dbList),
86				policy(_policy),
87				actionFlags(_actionFlags),
88				crlOpts(_crlOpts),
89				ocspOpts(_ocspOpts),
90				policyOid(_policyOid),
91				policyStr(_policyStr),
92				policyStrLen(_policyStrLen),
93				keyUse(_keyUse)
94					{ }
95
96	~TPVerifyContext() { }
97
98	Allocator						&alloc;
99	CSSM_CL_HANDLE					clHand;
100	CSSM_CSP_HANDLE					cspHand;
101
102	/*
103	 * NULL means "verify for this momemt", otherwise indicates
104	 * time at which an entity is to be verified.
105	 */
106    CSSM_TIMESTRING 				verifyTime;
107
108	/* trusted anchors */
109	/* FIXME - maybe this should be a TPCertGroup */
110    uint32 							numAnchorCerts;
111	const CSSM_DATA					*anchorCerts;
112
113	/*
114	 * Intermediate signing certs. Always present.
115	 * This could come from the raw cert group to be verified
116	 * in CertGroupVerify(), or the explicit SignerCertGroup in
117	 * CrlVerify(). IN both cases the cert group owns the certs and
118	 * eventually frees them. These certs have not been verified in any
119	 * way other than to ensure that they parse and have been cached
120	 * by the CL.
121	 */
122	TPCertGroup						*signerCerts;
123
124	/* Raw CRLs provided by caller, state unknown, optional */
125	TPCrlGroup						*inputCrls;
126
127	/*
128	 * Other certificates gathered during the course of this operation,
129	 * currently consisting of certs fetched from DBs and from the net.
130	 * This is currently set to AppleTPSession::CertGroupVerify's
131	 * certsToBeFreed, to include certs fetched from the net (a
132	 * significant optimization) and from DLDB (a side effect, also
133	 * a slight optimization).
134	 */
135	TPCertGroup						&gatheredCerts;
136
137	/* can contain certs and/or CRLs */
138    CSSM_DL_DB_LIST_PTR 			dbList;
139
140	TPRevocationPolicy				policy;
141	CSSM_APPLE_TP_ACTION_FLAGS		actionFlags;
142
143	/* one of these valid, depends on policy */
144	const CSSM_APPLE_TP_CRL_OPTIONS	*crlOpts;
145	const CSSM_APPLE_TP_OCSP_OPTIONS *ocspOpts;
146
147	/* optional user trust parameters */
148	const CSSM_OID					*policyOid;
149	const char						*policyStr;
150	uint32							policyStrLen;
151	CSSM_KEYUSE						keyUse;
152};
153
154extern "C" {
155
156/* CRL - specific */
157CSSM_RETURN tpVerifyCertGroupWithCrls(
158	TPVerifyContext					&tpVerifyContext,
159	TPCertGroup 					&certGroup);		// to be verified
160
161/* general purpose, switch to policy-specific code based on TPVerifyContext.policy */
162CSSM_RETURN tpRevocationPolicyVerify(
163	TPVerifyContext					&tpVerifyContext,
164	TPCertGroup 					&certGroup);		// to be verified
165
166}
167
168#endif	/* _TP_CRL_VERIFY_H_ */
169