1 /* $OpenBSD: cert.h,v 1.9 2001/07/01 19:48:42 niklas Exp $ */ 2 /* $EOM: cert.h,v 1.8 2000/09/28 12:53:27 niklas Exp $ */ 3 4 /* 5 * Copyright (c) 1998, 1999 Niels Provos. All rights reserved. 6 * Copyright (c) 2000, 2001 Niklas Hallqvist. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by Ericsson Radio Systems. 19 * 4. The name of the author may not be used to endorse or promote products 20 * derived from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34 /* 35 * This code was written under funding by Ericsson Radio Systems. 36 */ 37 38 #ifndef _CERT_H_ 39 #define _CERT_H_ 40 41 #include <sys/param.h> 42 #include <sys/types.h> 43 #include <sys/queue.h> 44 45 /* 46 * CERT handler for each kind of certificate: 47 * 48 * cert_init - Initialize CERT handler - called only once. 49 * cert_get - Get a certificate in internal representation from raw data. 50 * cert_validate - validated a certificate, if it returns != 0 we can use it. 51 * cert_insert - inserts cert into memory storage, we can retrieve with 52 * cert_obtain. 53 * cert_dup - duplicate a certificate 54 * cert_serialize - convert to a "serialized" form; KeyNote stays the same, 55 * X509 is converted to the ASN1 notation. 56 * cert_printable - for X509, the hex representation of the serialized form; 57 * for KeyNote, itself. 58 * cert_from_printable - the reverse of cert_printable 59 */ 60 61 struct cert_handler { 62 u_int16_t id; /* ISAKMP Cert Encoding ID */ 63 int (*cert_init) (void); 64 void *(*cert_get) (u_int8_t *, u_int32_t); 65 int (*cert_validate) (void *); 66 int (*cert_insert) (int, void *); 67 void (*cert_free) (void *); 68 int (*certreq_validate) (u_int8_t *, u_int32_t); 69 void *(*certreq_decode) (u_int8_t *, u_int32_t); 70 void (*free_aca) (void *); 71 int (*cert_obtain) (u_int8_t *, size_t, void *, u_int8_t **, u_int32_t *); 72 int (*cert_get_key) (void *, void *); 73 int (*cert_get_subjects) (void *, int *, u_int8_t ***, u_int32_t **); 74 void *(*cert_dup) (void *); 75 void (*cert_serialize) (void *, u_int8_t **, u_int32_t *); 76 char *(*cert_printable) (void *); 77 void *(*cert_from_printable) (char *); 78 }; 79 80 /* The acceptable authority of cert request. */ 81 struct certreq_aca { 82 TAILQ_ENTRY (certreq_aca) link; 83 84 u_int16_t id; 85 struct cert_handler *handler; 86 87 /* If data is a null pointer, everything is acceptable. */ 88 void *data; 89 }; 90 91 struct certreq_aca *certreq_decode (u_int16_t, u_int8_t *, u_int32_t); 92 void cert_free_subjects (int, u_int8_t **, u_int32_t *); 93 struct cert_handler *cert_get (u_int16_t); 94 int cert_init (void); 95 96 #endif /* _CERT_H_ */ 97