1 /* 2 * WARNING: do not edit! 3 * Generated by makefile from include\openssl\cmp.h.in 4 * 5 * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved. 6 * Copyright Nokia 2007-2019 7 * Copyright Siemens AG 2015-2019 8 * 9 * Licensed under the Apache License 2.0 (the "License"). You may not use 10 * this file except in compliance with the License. You can obtain a copy 11 * in the file LICENSE in the source distribution or at 12 * https://www.openssl.org/source/license.html 13 */ 14 15 16 17 #ifndef OPENSSL_CMP_H 18 # define OPENSSL_CMP_H 19 20 # include <openssl/opensslconf.h> 21 # ifndef OPENSSL_NO_CMP 22 23 # include <openssl/crmf.h> 24 # include <openssl/cmperr.h> 25 # include <openssl/cmp_util.h> 26 # include <openssl/http.h> 27 28 /* explicit #includes not strictly needed since implied by the above: */ 29 # include <openssl/types.h> 30 # include <openssl/safestack.h> 31 # include <openssl/x509.h> 32 # include <openssl/x509v3.h> 33 34 # ifdef __cplusplus 35 extern "C" { 36 # endif 37 38 # define OSSL_CMP_PVNO 2 39 40 /*- 41 * PKIFailureInfo ::= BIT STRING { 42 * -- since we can fail in more than one way! 43 * -- More codes may be added in the future if/when required. 44 * badAlg (0), 45 * -- unrecognized or unsupported Algorithm Identifier 46 * badMessageCheck (1), 47 * -- integrity check failed (e.g., signature did not verify) 48 * badRequest (2), 49 * -- transaction not permitted or supported 50 * badTime (3), 51 * -- messageTime was not sufficiently close to the system time, 52 * -- as defined by local policy 53 * badCertId (4), 54 * -- no certificate could be found matching the provided criteria 55 * badDataFormat (5), 56 * -- the data submitted has the wrong format 57 * wrongAuthority (6), 58 * -- the authority indicated in the request is different from the 59 * -- one creating the response token 60 * incorrectData (7), 61 * -- the requester's data is incorrect (for notary services) 62 * missingTimeStamp (8), 63 * -- when the timestamp is missing but should be there 64 * -- (by policy) 65 * badPOP (9), 66 * -- the proof-of-possession failed 67 * certRevoked (10), 68 * -- the certificate has already been revoked 69 * certConfirmed (11), 70 * -- the certificate has already been confirmed 71 * wrongIntegrity (12), 72 * -- invalid integrity, password based instead of signature or 73 * -- vice versa 74 * badRecipientNonce (13), 75 * -- invalid recipient nonce, either missing or wrong value 76 * timeNotAvailable (14), 77 * -- the TSA's time source is not available 78 * unacceptedPolicy (15), 79 * -- the requested TSA policy is not supported by the TSA. 80 * unacceptedExtension (16), 81 * -- the requested extension is not supported by the TSA. 82 * addInfoNotAvailable (17), 83 * -- the additional information requested could not be 84 * -- understood or is not available 85 * badSenderNonce (18), 86 * -- invalid sender nonce, either missing or wrong size 87 * badCertTemplate (19), 88 * -- invalid cert. template or missing mandatory information 89 * signerNotTrusted (20), 90 * -- signer of the message unknown or not trusted 91 * transactionIdInUse (21), 92 * -- the transaction identifier is already in use 93 * unsupportedVersion (22), 94 * -- the version of the message is not supported 95 * notAuthorized (23), 96 * -- the sender was not authorized to make the preceding 97 * -- request or perform the preceding action 98 * systemUnavail (24), 99 * -- the request cannot be handled due to system unavailability 100 * systemFailure (25), 101 * -- the request cannot be handled due to system failure 102 * duplicateCertReq (26) 103 * -- certificate cannot be issued because a duplicate 104 * -- certificate already exists 105 * } 106 */ 107 # define OSSL_CMP_PKIFAILUREINFO_badAlg 0 108 # define OSSL_CMP_PKIFAILUREINFO_badMessageCheck 1 109 # define OSSL_CMP_PKIFAILUREINFO_badRequest 2 110 # define OSSL_CMP_PKIFAILUREINFO_badTime 3 111 # define OSSL_CMP_PKIFAILUREINFO_badCertId 4 112 # define OSSL_CMP_PKIFAILUREINFO_badDataFormat 5 113 # define OSSL_CMP_PKIFAILUREINFO_wrongAuthority 6 114 # define OSSL_CMP_PKIFAILUREINFO_incorrectData 7 115 # define OSSL_CMP_PKIFAILUREINFO_missingTimeStamp 8 116 # define OSSL_CMP_PKIFAILUREINFO_badPOP 9 117 # define OSSL_CMP_PKIFAILUREINFO_certRevoked 10 118 # define OSSL_CMP_PKIFAILUREINFO_certConfirmed 11 119 # define OSSL_CMP_PKIFAILUREINFO_wrongIntegrity 12 120 # define OSSL_CMP_PKIFAILUREINFO_badRecipientNonce 13 121 # define OSSL_CMP_PKIFAILUREINFO_timeNotAvailable 14 122 # define OSSL_CMP_PKIFAILUREINFO_unacceptedPolicy 15 123 # define OSSL_CMP_PKIFAILUREINFO_unacceptedExtension 16 124 # define OSSL_CMP_PKIFAILUREINFO_addInfoNotAvailable 17 125 # define OSSL_CMP_PKIFAILUREINFO_badSenderNonce 18 126 # define OSSL_CMP_PKIFAILUREINFO_badCertTemplate 19 127 # define OSSL_CMP_PKIFAILUREINFO_signerNotTrusted 20 128 # define OSSL_CMP_PKIFAILUREINFO_transactionIdInUse 21 129 # define OSSL_CMP_PKIFAILUREINFO_unsupportedVersion 22 130 # define OSSL_CMP_PKIFAILUREINFO_notAuthorized 23 131 # define OSSL_CMP_PKIFAILUREINFO_systemUnavail 24 132 # define OSSL_CMP_PKIFAILUREINFO_systemFailure 25 133 # define OSSL_CMP_PKIFAILUREINFO_duplicateCertReq 26 134 # define OSSL_CMP_PKIFAILUREINFO_MAX 26 135 # define OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN \ 136 ((1 << (OSSL_CMP_PKIFAILUREINFO_MAX + 1)) - 1) 137 # if OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX 138 # error CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int 139 # endif 140 141 typedef ASN1_BIT_STRING OSSL_CMP_PKIFAILUREINFO; 142 143 # define OSSL_CMP_CTX_FAILINFO_badAlg (1 << 0) 144 # define OSSL_CMP_CTX_FAILINFO_badMessageCheck (1 << 1) 145 # define OSSL_CMP_CTX_FAILINFO_badRequest (1 << 2) 146 # define OSSL_CMP_CTX_FAILINFO_badTime (1 << 3) 147 # define OSSL_CMP_CTX_FAILINFO_badCertId (1 << 4) 148 # define OSSL_CMP_CTX_FAILINFO_badDataFormat (1 << 5) 149 # define OSSL_CMP_CTX_FAILINFO_wrongAuthority (1 << 6) 150 # define OSSL_CMP_CTX_FAILINFO_incorrectData (1 << 7) 151 # define OSSL_CMP_CTX_FAILINFO_missingTimeStamp (1 << 8) 152 # define OSSL_CMP_CTX_FAILINFO_badPOP (1 << 9) 153 # define OSSL_CMP_CTX_FAILINFO_certRevoked (1 << 10) 154 # define OSSL_CMP_CTX_FAILINFO_certConfirmed (1 << 11) 155 # define OSSL_CMP_CTX_FAILINFO_wrongIntegrity (1 << 12) 156 # define OSSL_CMP_CTX_FAILINFO_badRecipientNonce (1 << 13) 157 # define OSSL_CMP_CTX_FAILINFO_timeNotAvailable (1 << 14) 158 # define OSSL_CMP_CTX_FAILINFO_unacceptedPolicy (1 << 15) 159 # define OSSL_CMP_CTX_FAILINFO_unacceptedExtension (1 << 16) 160 # define OSSL_CMP_CTX_FAILINFO_addInfoNotAvailable (1 << 17) 161 # define OSSL_CMP_CTX_FAILINFO_badSenderNonce (1 << 18) 162 # define OSSL_CMP_CTX_FAILINFO_badCertTemplate (1 << 19) 163 # define OSSL_CMP_CTX_FAILINFO_signerNotTrusted (1 << 20) 164 # define OSSL_CMP_CTX_FAILINFO_transactionIdInUse (1 << 21) 165 # define OSSL_CMP_CTX_FAILINFO_unsupportedVersion (1 << 22) 166 # define OSSL_CMP_CTX_FAILINFO_notAuthorized (1 << 23) 167 # define OSSL_CMP_CTX_FAILINFO_systemUnavail (1 << 24) 168 # define OSSL_CMP_CTX_FAILINFO_systemFailure (1 << 25) 169 # define OSSL_CMP_CTX_FAILINFO_duplicateCertReq (1 << 26) 170 171 /*- 172 * PKIStatus ::= INTEGER { 173 * accepted (0), 174 * -- you got exactly what you asked for 175 * grantedWithMods (1), 176 * -- you got something like what you asked for; the 177 * -- requester is responsible for ascertaining the differences 178 * rejection (2), 179 * -- you don't get it, more information elsewhere in the message 180 * waiting (3), 181 * -- the request body part has not yet been processed; expect to 182 * -- hear more later (note: proper handling of this status 183 * -- response MAY use the polling req/rep PKIMessages specified 184 * -- in Section 5.3.22; alternatively, polling in the underlying 185 * -- transport layer MAY have some utility in this regard) 186 * revocationWarning (4), 187 * -- this message contains a warning that a revocation is 188 * -- imminent 189 * revocationNotification (5), 190 * -- notification that a revocation has occurred 191 * keyUpdateWarning (6) 192 * -- update already done for the oldCertId specified in 193 * -- CertReqMsg 194 * } 195 */ 196 # define OSSL_CMP_PKISTATUS_accepted 0 197 # define OSSL_CMP_PKISTATUS_grantedWithMods 1 198 # define OSSL_CMP_PKISTATUS_rejection 2 199 # define OSSL_CMP_PKISTATUS_waiting 3 200 # define OSSL_CMP_PKISTATUS_revocationWarning 4 201 # define OSSL_CMP_PKISTATUS_revocationNotification 5 202 # define OSSL_CMP_PKISTATUS_keyUpdateWarning 6 203 204 typedef ASN1_INTEGER OSSL_CMP_PKISTATUS; 205 DECLARE_ASN1_ITEM(OSSL_CMP_PKISTATUS) 206 207 # define OSSL_CMP_CERTORENCCERT_CERTIFICATE 0 208 # define OSSL_CMP_CERTORENCCERT_ENCRYPTEDCERT 1 209 210 /* data type declarations */ 211 typedef struct ossl_cmp_ctx_st OSSL_CMP_CTX; 212 typedef struct ossl_cmp_pkiheader_st OSSL_CMP_PKIHEADER; 213 DECLARE_ASN1_FUNCTIONS(OSSL_CMP_PKIHEADER) 214 typedef struct ossl_cmp_msg_st OSSL_CMP_MSG; 215 DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_MSG) 216 DECLARE_ASN1_ENCODE_FUNCTIONS(OSSL_CMP_MSG, OSSL_CMP_MSG, OSSL_CMP_MSG) 217 typedef struct ossl_cmp_certstatus_st OSSL_CMP_CERTSTATUS; 218 SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_CERTSTATUS, OSSL_CMP_CERTSTATUS, OSSL_CMP_CERTSTATUS) 219 #define sk_OSSL_CMP_CERTSTATUS_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk)) 220 #define sk_OSSL_CMP_CERTSTATUS_value(sk, idx) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk), (idx))) 221 #define sk_OSSL_CMP_CERTSTATUS_new(cmp) ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_CERTSTATUS_compfunc_type(cmp))) 222 #define sk_OSSL_CMP_CERTSTATUS_new_null() ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_new_null()) 223 #define sk_OSSL_CMP_CERTSTATUS_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_CERTSTATUS_compfunc_type(cmp), (n))) 224 #define sk_OSSL_CMP_CERTSTATUS_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), (n)) 225 #define sk_OSSL_CMP_CERTSTATUS_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk)) 226 #define sk_OSSL_CMP_CERTSTATUS_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk)) 227 #define sk_OSSL_CMP_CERTSTATUS_delete(sk, i) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), (i))) 228 #define sk_OSSL_CMP_CERTSTATUS_delete_ptr(sk, ptr) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr))) 229 #define sk_OSSL_CMP_CERTSTATUS_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr)) 230 #define sk_OSSL_CMP_CERTSTATUS_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr)) 231 #define sk_OSSL_CMP_CERTSTATUS_pop(sk) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk))) 232 #define sk_OSSL_CMP_CERTSTATUS_shift(sk) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk))) 233 #define sk_OSSL_CMP_CERTSTATUS_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk),ossl_check_OSSL_CMP_CERTSTATUS_freefunc_type(freefunc)) 234 #define sk_OSSL_CMP_CERTSTATUS_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr), (idx)) 235 #define sk_OSSL_CMP_CERTSTATUS_set(sk, idx, ptr) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_set(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), (idx), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr))) 236 #define sk_OSSL_CMP_CERTSTATUS_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr)) 237 #define sk_OSSL_CMP_CERTSTATUS_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr)) 238 #define sk_OSSL_CMP_CERTSTATUS_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr), pnum) 239 #define sk_OSSL_CMP_CERTSTATUS_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk)) 240 #define sk_OSSL_CMP_CERTSTATUS_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk)) 241 #define sk_OSSL_CMP_CERTSTATUS_dup(sk) ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk))) 242 #define sk_OSSL_CMP_CERTSTATUS_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_CERTSTATUS_freefunc_type(freefunc))) 243 #define sk_OSSL_CMP_CERTSTATUS_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_CERTSTATUS_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_compfunc_type(cmp))) 244 245 typedef struct ossl_cmp_itav_st OSSL_CMP_ITAV; 246 DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV) 247 SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_ITAV, OSSL_CMP_ITAV, OSSL_CMP_ITAV) 248 #define sk_OSSL_CMP_ITAV_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk)) 249 #define sk_OSSL_CMP_ITAV_value(sk, idx) ((OSSL_CMP_ITAV *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk), (idx))) 250 #define sk_OSSL_CMP_ITAV_new(cmp) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_ITAV_compfunc_type(cmp))) 251 #define sk_OSSL_CMP_ITAV_new_null() ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_new_null()) 252 #define sk_OSSL_CMP_ITAV_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_ITAV_compfunc_type(cmp), (n))) 253 #define sk_OSSL_CMP_ITAV_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_ITAV_sk_type(sk), (n)) 254 #define sk_OSSL_CMP_ITAV_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_ITAV_sk_type(sk)) 255 #define sk_OSSL_CMP_ITAV_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_ITAV_sk_type(sk)) 256 #define sk_OSSL_CMP_ITAV_delete(sk, i) ((OSSL_CMP_ITAV *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_ITAV_sk_type(sk), (i))) 257 #define sk_OSSL_CMP_ITAV_delete_ptr(sk, ptr) ((OSSL_CMP_ITAV *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr))) 258 #define sk_OSSL_CMP_ITAV_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr)) 259 #define sk_OSSL_CMP_ITAV_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr)) 260 #define sk_OSSL_CMP_ITAV_pop(sk) ((OSSL_CMP_ITAV *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_ITAV_sk_type(sk))) 261 #define sk_OSSL_CMP_ITAV_shift(sk) ((OSSL_CMP_ITAV *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_ITAV_sk_type(sk))) 262 #define sk_OSSL_CMP_ITAV_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_ITAV_sk_type(sk),ossl_check_OSSL_CMP_ITAV_freefunc_type(freefunc)) 263 #define sk_OSSL_CMP_ITAV_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr), (idx)) 264 #define sk_OSSL_CMP_ITAV_set(sk, idx, ptr) ((OSSL_CMP_ITAV *)OPENSSL_sk_set(ossl_check_OSSL_CMP_ITAV_sk_type(sk), (idx), ossl_check_OSSL_CMP_ITAV_type(ptr))) 265 #define sk_OSSL_CMP_ITAV_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr)) 266 #define sk_OSSL_CMP_ITAV_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr)) 267 #define sk_OSSL_CMP_ITAV_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr), pnum) 268 #define sk_OSSL_CMP_ITAV_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_ITAV_sk_type(sk)) 269 #define sk_OSSL_CMP_ITAV_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk)) 270 #define sk_OSSL_CMP_ITAV_dup(sk) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk))) 271 #define sk_OSSL_CMP_ITAV_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_ITAV_freefunc_type(freefunc))) 272 #define sk_OSSL_CMP_ITAV_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_ITAV_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_compfunc_type(cmp))) 273 274 typedef struct ossl_cmp_revrepcontent_st OSSL_CMP_REVREPCONTENT; 275 typedef struct ossl_cmp_pkisi_st OSSL_CMP_PKISI; 276 DECLARE_ASN1_FUNCTIONS(OSSL_CMP_PKISI) 277 DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_PKISI) 278 SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_PKISI, OSSL_CMP_PKISI, OSSL_CMP_PKISI) 279 #define sk_OSSL_CMP_PKISI_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk)) 280 #define sk_OSSL_CMP_PKISI_value(sk, idx) ((OSSL_CMP_PKISI *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk), (idx))) 281 #define sk_OSSL_CMP_PKISI_new(cmp) ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_PKISI_compfunc_type(cmp))) 282 #define sk_OSSL_CMP_PKISI_new_null() ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_new_null()) 283 #define sk_OSSL_CMP_PKISI_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_PKISI_compfunc_type(cmp), (n))) 284 #define sk_OSSL_CMP_PKISI_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_PKISI_sk_type(sk), (n)) 285 #define sk_OSSL_CMP_PKISI_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_PKISI_sk_type(sk)) 286 #define sk_OSSL_CMP_PKISI_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_PKISI_sk_type(sk)) 287 #define sk_OSSL_CMP_PKISI_delete(sk, i) ((OSSL_CMP_PKISI *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_PKISI_sk_type(sk), (i))) 288 #define sk_OSSL_CMP_PKISI_delete_ptr(sk, ptr) ((OSSL_CMP_PKISI *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr))) 289 #define sk_OSSL_CMP_PKISI_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr)) 290 #define sk_OSSL_CMP_PKISI_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr)) 291 #define sk_OSSL_CMP_PKISI_pop(sk) ((OSSL_CMP_PKISI *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_PKISI_sk_type(sk))) 292 #define sk_OSSL_CMP_PKISI_shift(sk) ((OSSL_CMP_PKISI *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_PKISI_sk_type(sk))) 293 #define sk_OSSL_CMP_PKISI_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_PKISI_sk_type(sk),ossl_check_OSSL_CMP_PKISI_freefunc_type(freefunc)) 294 #define sk_OSSL_CMP_PKISI_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr), (idx)) 295 #define sk_OSSL_CMP_PKISI_set(sk, idx, ptr) ((OSSL_CMP_PKISI *)OPENSSL_sk_set(ossl_check_OSSL_CMP_PKISI_sk_type(sk), (idx), ossl_check_OSSL_CMP_PKISI_type(ptr))) 296 #define sk_OSSL_CMP_PKISI_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr)) 297 #define sk_OSSL_CMP_PKISI_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr)) 298 #define sk_OSSL_CMP_PKISI_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr), pnum) 299 #define sk_OSSL_CMP_PKISI_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_PKISI_sk_type(sk)) 300 #define sk_OSSL_CMP_PKISI_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk)) 301 #define sk_OSSL_CMP_PKISI_dup(sk) ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk))) 302 #define sk_OSSL_CMP_PKISI_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_PKISI_freefunc_type(freefunc))) 303 #define sk_OSSL_CMP_PKISI_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_PKISI_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_compfunc_type(cmp))) 304 305 typedef struct ossl_cmp_certrepmessage_st OSSL_CMP_CERTREPMESSAGE; 306 SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_CERTREPMESSAGE, OSSL_CMP_CERTREPMESSAGE, OSSL_CMP_CERTREPMESSAGE) 307 #define sk_OSSL_CMP_CERTREPMESSAGE_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)) 308 #define sk_OSSL_CMP_CERTREPMESSAGE_value(sk, idx) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), (idx))) 309 #define sk_OSSL_CMP_CERTREPMESSAGE_new(cmp) ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_CERTREPMESSAGE_compfunc_type(cmp))) 310 #define sk_OSSL_CMP_CERTREPMESSAGE_new_null() ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_new_null()) 311 #define sk_OSSL_CMP_CERTREPMESSAGE_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_CERTREPMESSAGE_compfunc_type(cmp), (n))) 312 #define sk_OSSL_CMP_CERTREPMESSAGE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), (n)) 313 #define sk_OSSL_CMP_CERTREPMESSAGE_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)) 314 #define sk_OSSL_CMP_CERTREPMESSAGE_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)) 315 #define sk_OSSL_CMP_CERTREPMESSAGE_delete(sk, i) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), (i))) 316 #define sk_OSSL_CMP_CERTREPMESSAGE_delete_ptr(sk, ptr) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr))) 317 #define sk_OSSL_CMP_CERTREPMESSAGE_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr)) 318 #define sk_OSSL_CMP_CERTREPMESSAGE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr)) 319 #define sk_OSSL_CMP_CERTREPMESSAGE_pop(sk) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk))) 320 #define sk_OSSL_CMP_CERTREPMESSAGE_shift(sk) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk))) 321 #define sk_OSSL_CMP_CERTREPMESSAGE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk),ossl_check_OSSL_CMP_CERTREPMESSAGE_freefunc_type(freefunc)) 322 #define sk_OSSL_CMP_CERTREPMESSAGE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr), (idx)) 323 #define sk_OSSL_CMP_CERTREPMESSAGE_set(sk, idx, ptr) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_set(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), (idx), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr))) 324 #define sk_OSSL_CMP_CERTREPMESSAGE_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr)) 325 #define sk_OSSL_CMP_CERTREPMESSAGE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr)) 326 #define sk_OSSL_CMP_CERTREPMESSAGE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr), pnum) 327 #define sk_OSSL_CMP_CERTREPMESSAGE_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)) 328 #define sk_OSSL_CMP_CERTREPMESSAGE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)) 329 #define sk_OSSL_CMP_CERTREPMESSAGE_dup(sk) ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk))) 330 #define sk_OSSL_CMP_CERTREPMESSAGE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_CERTREPMESSAGE_freefunc_type(freefunc))) 331 #define sk_OSSL_CMP_CERTREPMESSAGE_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_CERTREPMESSAGE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_compfunc_type(cmp))) 332 333 typedef struct ossl_cmp_pollrep_st OSSL_CMP_POLLREP; 334 typedef STACK_OF(OSSL_CMP_POLLREP) OSSL_CMP_POLLREPCONTENT; 335 typedef struct ossl_cmp_certresponse_st OSSL_CMP_CERTRESPONSE; 336 SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_CERTRESPONSE, OSSL_CMP_CERTRESPONSE, OSSL_CMP_CERTRESPONSE) 337 #define sk_OSSL_CMP_CERTRESPONSE_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk)) 338 #define sk_OSSL_CMP_CERTRESPONSE_value(sk, idx) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk), (idx))) 339 #define sk_OSSL_CMP_CERTRESPONSE_new(cmp) ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_CERTRESPONSE_compfunc_type(cmp))) 340 #define sk_OSSL_CMP_CERTRESPONSE_new_null() ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_new_null()) 341 #define sk_OSSL_CMP_CERTRESPONSE_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_CERTRESPONSE_compfunc_type(cmp), (n))) 342 #define sk_OSSL_CMP_CERTRESPONSE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), (n)) 343 #define sk_OSSL_CMP_CERTRESPONSE_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk)) 344 #define sk_OSSL_CMP_CERTRESPONSE_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk)) 345 #define sk_OSSL_CMP_CERTRESPONSE_delete(sk, i) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), (i))) 346 #define sk_OSSL_CMP_CERTRESPONSE_delete_ptr(sk, ptr) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr))) 347 #define sk_OSSL_CMP_CERTRESPONSE_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr)) 348 #define sk_OSSL_CMP_CERTRESPONSE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr)) 349 #define sk_OSSL_CMP_CERTRESPONSE_pop(sk) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk))) 350 #define sk_OSSL_CMP_CERTRESPONSE_shift(sk) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk))) 351 #define sk_OSSL_CMP_CERTRESPONSE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk),ossl_check_OSSL_CMP_CERTRESPONSE_freefunc_type(freefunc)) 352 #define sk_OSSL_CMP_CERTRESPONSE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr), (idx)) 353 #define sk_OSSL_CMP_CERTRESPONSE_set(sk, idx, ptr) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_set(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), (idx), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr))) 354 #define sk_OSSL_CMP_CERTRESPONSE_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr)) 355 #define sk_OSSL_CMP_CERTRESPONSE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr)) 356 #define sk_OSSL_CMP_CERTRESPONSE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr), pnum) 357 #define sk_OSSL_CMP_CERTRESPONSE_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk)) 358 #define sk_OSSL_CMP_CERTRESPONSE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk)) 359 #define sk_OSSL_CMP_CERTRESPONSE_dup(sk) ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk))) 360 #define sk_OSSL_CMP_CERTRESPONSE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_CERTRESPONSE_freefunc_type(freefunc))) 361 #define sk_OSSL_CMP_CERTRESPONSE_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_CERTRESPONSE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_compfunc_type(cmp))) 362 363 typedef STACK_OF(ASN1_UTF8STRING) OSSL_CMP_PKIFREETEXT; 364 365 /* 366 * function DECLARATIONS 367 */ 368 369 /* from cmp_asn.c */ 370 OSSL_CMP_ITAV *OSSL_CMP_ITAV_create(ASN1_OBJECT *type, ASN1_TYPE *value); 371 void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV *itav, ASN1_OBJECT *type, 372 ASN1_TYPE *value); 373 ASN1_OBJECT *OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV *itav); 374 ASN1_TYPE *OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV *itav); 375 int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **itav_sk_p, 376 OSSL_CMP_ITAV *itav); 377 void OSSL_CMP_ITAV_free(OSSL_CMP_ITAV *itav); 378 void OSSL_CMP_MSG_free(OSSL_CMP_MSG *msg); 379 380 /* from cmp_ctx.c */ 381 OSSL_CMP_CTX *OSSL_CMP_CTX_new(OSSL_LIB_CTX *libctx, const char *propq); 382 void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx); 383 int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx); 384 /* CMP general options: */ 385 # define OSSL_CMP_OPT_LOG_VERBOSITY 0 386 /* CMP transfer options: */ 387 # define OSSL_CMP_OPT_KEEP_ALIVE 10 388 # define OSSL_CMP_OPT_MSG_TIMEOUT 11 389 # define OSSL_CMP_OPT_TOTAL_TIMEOUT 12 390 /* CMP request options: */ 391 # define OSSL_CMP_OPT_VALIDITY_DAYS 20 392 # define OSSL_CMP_OPT_SUBJECTALTNAME_NODEFAULT 21 393 # define OSSL_CMP_OPT_SUBJECTALTNAME_CRITICAL 22 394 # define OSSL_CMP_OPT_POLICIES_CRITICAL 23 395 # define OSSL_CMP_OPT_POPO_METHOD 24 396 # define OSSL_CMP_OPT_IMPLICIT_CONFIRM 25 397 # define OSSL_CMP_OPT_DISABLE_CONFIRM 26 398 # define OSSL_CMP_OPT_REVOCATION_REASON 27 399 /* CMP protection options: */ 400 # define OSSL_CMP_OPT_UNPROTECTED_SEND 30 401 # define OSSL_CMP_OPT_UNPROTECTED_ERRORS 31 402 # define OSSL_CMP_OPT_OWF_ALGNID 32 403 # define OSSL_CMP_OPT_MAC_ALGNID 33 404 # define OSSL_CMP_OPT_DIGEST_ALGNID 34 405 # define OSSL_CMP_OPT_IGNORE_KEYUSAGE 35 406 # define OSSL_CMP_OPT_PERMIT_TA_IN_EXTRACERTS_FOR_IR 36 407 int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val); 408 int OSSL_CMP_CTX_get_option(const OSSL_CMP_CTX *ctx, int opt); 409 /* CMP-specific callback for logging and outputting the error queue: */ 410 int OSSL_CMP_CTX_set_log_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_log_cb_t cb); 411 # define OSSL_CMP_CTX_set_log_verbosity(ctx, level) \ 412 OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_LOG_VERBOSITY, level) 413 void OSSL_CMP_CTX_print_errors(const OSSL_CMP_CTX *ctx); 414 /* message transfer: */ 415 int OSSL_CMP_CTX_set1_serverPath(OSSL_CMP_CTX *ctx, const char *path); 416 int OSSL_CMP_CTX_set1_server(OSSL_CMP_CTX *ctx, const char *address); 417 int OSSL_CMP_CTX_set_serverPort(OSSL_CMP_CTX *ctx, int port); 418 int OSSL_CMP_CTX_set1_proxy(OSSL_CMP_CTX *ctx, const char *name); 419 int OSSL_CMP_CTX_set1_no_proxy(OSSL_CMP_CTX *ctx, const char *names); 420 int OSSL_CMP_CTX_set_http_cb(OSSL_CMP_CTX *ctx, OSSL_HTTP_bio_cb_t cb); 421 int OSSL_CMP_CTX_set_http_cb_arg(OSSL_CMP_CTX *ctx, void *arg); 422 void *OSSL_CMP_CTX_get_http_cb_arg(const OSSL_CMP_CTX *ctx); 423 typedef OSSL_CMP_MSG *(*OSSL_CMP_transfer_cb_t) (OSSL_CMP_CTX *ctx, 424 const OSSL_CMP_MSG *req); 425 int OSSL_CMP_CTX_set_transfer_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_transfer_cb_t cb); 426 int OSSL_CMP_CTX_set_transfer_cb_arg(OSSL_CMP_CTX *ctx, void *arg); 427 void *OSSL_CMP_CTX_get_transfer_cb_arg(const OSSL_CMP_CTX *ctx); 428 /* server authentication: */ 429 int OSSL_CMP_CTX_set1_srvCert(OSSL_CMP_CTX *ctx, X509 *cert); 430 int OSSL_CMP_CTX_set1_expected_sender(OSSL_CMP_CTX *ctx, const X509_NAME *name); 431 int OSSL_CMP_CTX_set0_trustedStore(OSSL_CMP_CTX *ctx, X509_STORE *store); 432 X509_STORE *OSSL_CMP_CTX_get0_trustedStore(const OSSL_CMP_CTX *ctx); 433 int OSSL_CMP_CTX_set1_untrusted(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs); 434 STACK_OF(X509) *OSSL_CMP_CTX_get0_untrusted(const OSSL_CMP_CTX *ctx); 435 /* client authentication: */ 436 int OSSL_CMP_CTX_set1_cert(OSSL_CMP_CTX *ctx, X509 *cert); 437 int OSSL_CMP_CTX_build_cert_chain(OSSL_CMP_CTX *ctx, X509_STORE *own_trusted, 438 STACK_OF(X509) *candidates); 439 int OSSL_CMP_CTX_set1_pkey(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey); 440 int OSSL_CMP_CTX_set1_referenceValue(OSSL_CMP_CTX *ctx, 441 const unsigned char *ref, int len); 442 int OSSL_CMP_CTX_set1_secretValue(OSSL_CMP_CTX *ctx, const unsigned char *sec, 443 const int len); 444 /* CMP message header and extra certificates: */ 445 int OSSL_CMP_CTX_set1_recipient(OSSL_CMP_CTX *ctx, const X509_NAME *name); 446 int OSSL_CMP_CTX_push0_geninfo_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav); 447 int OSSL_CMP_CTX_set1_extraCertsOut(OSSL_CMP_CTX *ctx, 448 STACK_OF(X509) *extraCertsOut); 449 /* certificate template: */ 450 int OSSL_CMP_CTX_set0_newPkey(OSSL_CMP_CTX *ctx, int priv, EVP_PKEY *pkey); 451 EVP_PKEY *OSSL_CMP_CTX_get0_newPkey(const OSSL_CMP_CTX *ctx, int priv); 452 int OSSL_CMP_CTX_set1_issuer(OSSL_CMP_CTX *ctx, const X509_NAME *name); 453 int OSSL_CMP_CTX_set1_subjectName(OSSL_CMP_CTX *ctx, const X509_NAME *name); 454 int OSSL_CMP_CTX_push1_subjectAltName(OSSL_CMP_CTX *ctx, 455 const GENERAL_NAME *name); 456 int OSSL_CMP_CTX_set0_reqExtensions(OSSL_CMP_CTX *ctx, X509_EXTENSIONS *exts); 457 int OSSL_CMP_CTX_reqExtensions_have_SAN(OSSL_CMP_CTX *ctx); 458 int OSSL_CMP_CTX_push0_policy(OSSL_CMP_CTX *ctx, POLICYINFO *pinfo); 459 int OSSL_CMP_CTX_set1_oldCert(OSSL_CMP_CTX *ctx, X509 *cert); 460 int OSSL_CMP_CTX_set1_p10CSR(OSSL_CMP_CTX *ctx, const X509_REQ *csr); 461 /* misc body contents: */ 462 int OSSL_CMP_CTX_push0_genm_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav); 463 /* certificate confirmation: */ 464 typedef int (*OSSL_CMP_certConf_cb_t) (OSSL_CMP_CTX *ctx, X509 *cert, 465 int fail_info, const char **txt); 466 int OSSL_CMP_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info, 467 const char **text); 468 int OSSL_CMP_CTX_set_certConf_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_certConf_cb_t cb); 469 int OSSL_CMP_CTX_set_certConf_cb_arg(OSSL_CMP_CTX *ctx, void *arg); 470 void *OSSL_CMP_CTX_get_certConf_cb_arg(const OSSL_CMP_CTX *ctx); 471 /* result fetching: */ 472 int OSSL_CMP_CTX_get_status(const OSSL_CMP_CTX *ctx); 473 OSSL_CMP_PKIFREETEXT *OSSL_CMP_CTX_get0_statusString(const OSSL_CMP_CTX *ctx); 474 int OSSL_CMP_CTX_get_failInfoCode(const OSSL_CMP_CTX *ctx); 475 # define OSSL_CMP_PKISI_BUFLEN 1024 476 X509 *OSSL_CMP_CTX_get0_newCert(const OSSL_CMP_CTX *ctx); 477 STACK_OF(X509) *OSSL_CMP_CTX_get1_newChain(const OSSL_CMP_CTX *ctx); 478 STACK_OF(X509) *OSSL_CMP_CTX_get1_caPubs(const OSSL_CMP_CTX *ctx); 479 STACK_OF(X509) *OSSL_CMP_CTX_get1_extraCertsIn(const OSSL_CMP_CTX *ctx); 480 int OSSL_CMP_CTX_set1_transactionID(OSSL_CMP_CTX *ctx, 481 const ASN1_OCTET_STRING *id); 482 int OSSL_CMP_CTX_set1_senderNonce(OSSL_CMP_CTX *ctx, 483 const ASN1_OCTET_STRING *nonce); 484 485 /* from cmp_status.c */ 486 char *OSSL_CMP_CTX_snprint_PKIStatus(const OSSL_CMP_CTX *ctx, char *buf, 487 size_t bufsize); 488 char *OSSL_CMP_snprint_PKIStatusInfo(const OSSL_CMP_PKISI *statusInfo, 489 char *buf, size_t bufsize); 490 OSSL_CMP_PKISI * 491 OSSL_CMP_STATUSINFO_new(int status, int fail_info, const char *text); 492 493 /* from cmp_hdr.c */ 494 ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_transactionID(const 495 OSSL_CMP_PKIHEADER *hdr); 496 ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_recipNonce(const OSSL_CMP_PKIHEADER *hdr); 497 498 /* from cmp_msg.c */ 499 OSSL_CMP_PKIHEADER *OSSL_CMP_MSG_get0_header(const OSSL_CMP_MSG *msg); 500 int OSSL_CMP_MSG_get_bodytype(const OSSL_CMP_MSG *msg); 501 int OSSL_CMP_MSG_update_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg); 502 OSSL_CRMF_MSG *OSSL_CMP_CTX_setup_CRM(OSSL_CMP_CTX *ctx, int for_KUR, int rid); 503 OSSL_CMP_MSG *OSSL_CMP_MSG_read(const char *file, OSSL_LIB_CTX *libctx, 504 const char *propq); 505 int OSSL_CMP_MSG_write(const char *file, const OSSL_CMP_MSG *msg); 506 OSSL_CMP_MSG *d2i_OSSL_CMP_MSG_bio(BIO *bio, OSSL_CMP_MSG **msg); 507 int i2d_OSSL_CMP_MSG_bio(BIO *bio, const OSSL_CMP_MSG *msg); 508 509 /* from cmp_vfy.c */ 510 int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg); 511 int OSSL_CMP_validate_cert_path(const OSSL_CMP_CTX *ctx, 512 X509_STORE *trusted_store, X509 *cert); 513 514 /* from cmp_http.c */ 515 OSSL_CMP_MSG *OSSL_CMP_MSG_http_perform(OSSL_CMP_CTX *ctx, 516 const OSSL_CMP_MSG *req); 517 518 /* from cmp_server.c */ 519 typedef struct ossl_cmp_srv_ctx_st OSSL_CMP_SRV_CTX; 520 OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx, 521 const OSSL_CMP_MSG *req); 522 OSSL_CMP_MSG * OSSL_CMP_CTX_server_perform(OSSL_CMP_CTX *client_ctx, 523 const OSSL_CMP_MSG *req); 524 OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OSSL_LIB_CTX *libctx, const char *propq); 525 void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx); 526 typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_cert_request_cb_t) 527 (OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *req, int certReqId, 528 const OSSL_CRMF_MSG *crm, const X509_REQ *p10cr, 529 X509 **certOut, STACK_OF(X509) **chainOut, STACK_OF(X509) **caPubs); 530 typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_rr_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx, 531 const OSSL_CMP_MSG *req, 532 const X509_NAME *issuer, 533 const ASN1_INTEGER *serial); 534 typedef int (*OSSL_CMP_SRV_genm_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx, 535 const OSSL_CMP_MSG *req, 536 const STACK_OF(OSSL_CMP_ITAV) *in, 537 STACK_OF(OSSL_CMP_ITAV) **out); 538 typedef void (*OSSL_CMP_SRV_error_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx, 539 const OSSL_CMP_MSG *req, 540 const OSSL_CMP_PKISI *statusInfo, 541 const ASN1_INTEGER *errorCode, 542 const OSSL_CMP_PKIFREETEXT *errDetails); 543 typedef int (*OSSL_CMP_SRV_certConf_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx, 544 const OSSL_CMP_MSG *req, 545 int certReqId, 546 const ASN1_OCTET_STRING *certHash, 547 const OSSL_CMP_PKISI *si); 548 typedef int (*OSSL_CMP_SRV_pollReq_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx, 549 const OSSL_CMP_MSG *req, int certReqId, 550 OSSL_CMP_MSG **certReq, 551 int64_t *check_after); 552 int OSSL_CMP_SRV_CTX_init(OSSL_CMP_SRV_CTX *srv_ctx, void *custom_ctx, 553 OSSL_CMP_SRV_cert_request_cb_t process_cert_request, 554 OSSL_CMP_SRV_rr_cb_t process_rr, 555 OSSL_CMP_SRV_genm_cb_t process_genm, 556 OSSL_CMP_SRV_error_cb_t process_error, 557 OSSL_CMP_SRV_certConf_cb_t process_certConf, 558 OSSL_CMP_SRV_pollReq_cb_t process_pollReq); 559 OSSL_CMP_CTX *OSSL_CMP_SRV_CTX_get0_cmp_ctx(const OSSL_CMP_SRV_CTX *srv_ctx); 560 void *OSSL_CMP_SRV_CTX_get0_custom_ctx(const OSSL_CMP_SRV_CTX *srv_ctx); 561 int OSSL_CMP_SRV_CTX_set_send_unprotected_errors(OSSL_CMP_SRV_CTX *srv_ctx, 562 int val); 563 int OSSL_CMP_SRV_CTX_set_accept_unprotected(OSSL_CMP_SRV_CTX *srv_ctx, int val); 564 int OSSL_CMP_SRV_CTX_set_accept_raverified(OSSL_CMP_SRV_CTX *srv_ctx, int val); 565 int OSSL_CMP_SRV_CTX_set_grant_implicit_confirm(OSSL_CMP_SRV_CTX *srv_ctx, 566 int val); 567 568 /* from cmp_client.c */ 569 X509 *OSSL_CMP_exec_certreq(OSSL_CMP_CTX *ctx, int req_type, 570 const OSSL_CRMF_MSG *crm); 571 # define OSSL_CMP_IR 0 572 # define OSSL_CMP_CR 2 573 # define OSSL_CMP_P10CR 4 574 # define OSSL_CMP_KUR 7 575 # define OSSL_CMP_exec_IR_ses(ctx) \ 576 OSSL_CMP_exec_certreq(ctx, OSSL_CMP_IR, NULL) 577 # define OSSL_CMP_exec_CR_ses(ctx) \ 578 OSSL_CMP_exec_certreq(ctx, OSSL_CMP_CR, NULL) 579 # define OSSL_CMP_exec_P10CR_ses(ctx) \ 580 OSSL_CMP_exec_certreq(ctx, OSSL_CMP_P10CR, NULL) 581 # define OSSL_CMP_exec_KUR_ses(ctx) \ 582 OSSL_CMP_exec_certreq(ctx, OSSL_CMP_KUR, NULL) 583 int OSSL_CMP_try_certreq(OSSL_CMP_CTX *ctx, int req_type, 584 const OSSL_CRMF_MSG *crm, int *checkAfter); 585 int OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx); 586 STACK_OF(OSSL_CMP_ITAV) *OSSL_CMP_exec_GENM_ses(OSSL_CMP_CTX *ctx); 587 588 # ifdef __cplusplus 589 } 590 # endif 591 # endif /* !defined(OPENSSL_NO_CMP) */ 592 #endif /* !defined(OPENSSL_CMP_H) */ 593