1 /* $OpenBSD: pkcs12_local.h,v 1.5 2024/03/02 10:15:16 tb Exp $ */ 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * project 1999. 4 */ 5 /* ==================================================================== 6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing@OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58 59 #ifndef HEADER_PKCS12_LOCAL_H 60 #define HEADER_PKCS12_LOCAL_H 61 62 __BEGIN_HIDDEN_DECLS 63 64 struct PKCS12_MAC_DATA_st { 65 X509_SIG *dinfo; 66 ASN1_OCTET_STRING *salt; 67 ASN1_INTEGER *iter; /* defaults to 1 */ 68 }; 69 70 struct PKCS12_st { 71 ASN1_INTEGER *version; 72 PKCS12_MAC_DATA *mac; 73 PKCS7 *authsafes; 74 }; 75 76 struct PKCS12_SAFEBAG_st { 77 ASN1_OBJECT *type; 78 union { 79 struct pkcs12_bag_st *bag; /* secret, crl and certbag */ 80 struct pkcs8_priv_key_info_st *keybag; /* keybag */ 81 X509_SIG *shkeybag; /* shrouded key bag */ 82 STACK_OF(PKCS12_SAFEBAG) *safes; 83 ASN1_TYPE *other; 84 } value; 85 STACK_OF(X509_ATTRIBUTE) *attrib; 86 }; 87 88 struct pkcs12_bag_st { 89 ASN1_OBJECT *type; 90 union { 91 ASN1_OCTET_STRING *x509cert; 92 ASN1_OCTET_STRING *x509crl; 93 ASN1_OCTET_STRING *octet; 94 ASN1_IA5STRING *sdsicert; 95 ASN1_TYPE *other; /* Secret or other bag */ 96 } value; 97 }; 98 99 extern const ASN1_ITEM PKCS12_SAFEBAGS_it; 100 extern const ASN1_ITEM PKCS12_AUTHSAFES_it; 101 102 PKCS12_BAGS *PKCS12_BAGS_new(void); 103 void PKCS12_BAGS_free(PKCS12_BAGS *a); 104 PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, const unsigned char **in, long len); 105 int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **out); 106 extern const ASN1_ITEM PKCS12_BAGS_it; 107 108 PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void); 109 void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a); 110 PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, const unsigned char **in, long len); 111 int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **out); 112 extern const ASN1_ITEM PKCS12_MAC_DATA_it; 113 114 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8); 115 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8); 116 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509); 117 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl); 118 PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid, 119 const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, 120 PKCS8_PRIV_KEY_INFO *p8); 121 122 PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert); 123 PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, 124 int key_usage, int iter, int key_nid, const char *pass); 125 int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, 126 int safe_nid, int iter, const char *pass); 127 PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid); 128 129 int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, 130 int namelen); 131 int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, 132 int namelen); 133 int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name, 134 int namelen); 135 int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, 136 int namelen); 137 138 int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, 139 unsigned char *mac, unsigned int *maclen); 140 141 ASN1_TYPE *PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs, 142 int attr_nid); 143 144 PKCS12 *PKCS12_init(int mode); 145 146 void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it, 147 const char *pass, int passlen, const ASN1_OCTET_STRING *oct, int zbuf); 148 ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, 149 const ASN1_ITEM *it, const char *pass, int passlen, void *obj, int zbuf); 150 PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, 151 int nid1, int nid2); 152 153 int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, 154 int saltlen, int id, int iter, int n, unsigned char *out, 155 const EVP_MD *md_type); 156 int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, 157 int saltlen, int id, int iter, int n, unsigned char *out, 158 const EVP_MD *md_type); 159 160 int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes); 161 PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk); 162 PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, 163 unsigned char *salt, int saltlen, int iter, STACK_OF(PKCS12_SAFEBAG) *bags); 164 165 unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor, const char *pass, 166 int passlen, const unsigned char *in, int inlen, unsigned char **data, 167 int *datalen, int en_de); 168 169 int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, 170 int saltlen, const EVP_MD *md_type); 171 172 /* XXX - should go into pkcs7_local.h. */ 173 ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7); 174 175 __END_HIDDEN_DECLS 176 177 #endif /* !HEADER_PKCS12_LOCAL_H */ 178