1*695fd1d8Sbeck /* $OpenBSD: ts.h,v 1.24 2024/03/26 00:39:22 beck Exp $ */ 2f1535dc8Sdjm /* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL 3f1535dc8Sdjm * project 2002, 2003, 2004. 4f1535dc8Sdjm */ 5f1535dc8Sdjm /* ==================================================================== 6f1535dc8Sdjm * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 7f1535dc8Sdjm * 8f1535dc8Sdjm * Redistribution and use in source and binary forms, with or without 9f1535dc8Sdjm * modification, are permitted provided that the following conditions 10f1535dc8Sdjm * are met: 11f1535dc8Sdjm * 12f1535dc8Sdjm * 1. Redistributions of source code must retain the above copyright 13f1535dc8Sdjm * notice, this list of conditions and the following disclaimer. 14f1535dc8Sdjm * 15f1535dc8Sdjm * 2. Redistributions in binary form must reproduce the above copyright 16f1535dc8Sdjm * notice, this list of conditions and the following disclaimer in 17f1535dc8Sdjm * the documentation and/or other materials provided with the 18f1535dc8Sdjm * distribution. 19f1535dc8Sdjm * 20f1535dc8Sdjm * 3. All advertising materials mentioning features or use of this 21f1535dc8Sdjm * software must display the following acknowledgment: 22f1535dc8Sdjm * "This product includes software developed by the OpenSSL Project 23f1535dc8Sdjm * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24f1535dc8Sdjm * 25f1535dc8Sdjm * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26f1535dc8Sdjm * endorse or promote products derived from this software without 27f1535dc8Sdjm * prior written permission. For written permission, please contact 28f1535dc8Sdjm * licensing@OpenSSL.org. 29f1535dc8Sdjm * 30f1535dc8Sdjm * 5. Products derived from this software may not be called "OpenSSL" 31f1535dc8Sdjm * nor may "OpenSSL" appear in their names without prior written 32f1535dc8Sdjm * permission of the OpenSSL Project. 33f1535dc8Sdjm * 34f1535dc8Sdjm * 6. Redistributions of any form whatsoever must retain the following 35f1535dc8Sdjm * acknowledgment: 36f1535dc8Sdjm * "This product includes software developed by the OpenSSL Project 37f1535dc8Sdjm * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38f1535dc8Sdjm * 39f1535dc8Sdjm * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40f1535dc8Sdjm * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41f1535dc8Sdjm * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42f1535dc8Sdjm * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43f1535dc8Sdjm * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44f1535dc8Sdjm * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45f1535dc8Sdjm * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46f1535dc8Sdjm * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47f1535dc8Sdjm * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48f1535dc8Sdjm * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49f1535dc8Sdjm * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50f1535dc8Sdjm * OF THE POSSIBILITY OF SUCH DAMAGE. 51f1535dc8Sdjm * ==================================================================== 52f1535dc8Sdjm * 53f1535dc8Sdjm * This product includes cryptographic software written by Eric Young 54f1535dc8Sdjm * (eay@cryptsoft.com). This product includes software written by Tim 55f1535dc8Sdjm * Hudson (tjh@cryptsoft.com). 56f1535dc8Sdjm * 57f1535dc8Sdjm */ 58f1535dc8Sdjm 59f1535dc8Sdjm #ifndef HEADER_TS_H 60f1535dc8Sdjm #define HEADER_TS_H 61f1535dc8Sdjm 62f1535dc8Sdjm #include <openssl/opensslconf.h> 638cf4d6a6Sjsing 64f1535dc8Sdjm #ifndef OPENSSL_NO_BUFFER 65f1535dc8Sdjm #include <openssl/buffer.h> 66f1535dc8Sdjm #endif 67f1535dc8Sdjm #ifndef OPENSSL_NO_EVP 68f1535dc8Sdjm #include <openssl/evp.h> 69f1535dc8Sdjm #endif 70f1535dc8Sdjm #ifndef OPENSSL_NO_BIO 71f1535dc8Sdjm #include <openssl/bio.h> 72f1535dc8Sdjm #endif 73f1535dc8Sdjm #include <openssl/stack.h> 74f1535dc8Sdjm #include <openssl/asn1.h> 75f1535dc8Sdjm #include <openssl/safestack.h> 76f1535dc8Sdjm 77f1535dc8Sdjm #ifndef OPENSSL_NO_RSA 78f1535dc8Sdjm #include <openssl/rsa.h> 79f1535dc8Sdjm #endif 80f1535dc8Sdjm 81f1535dc8Sdjm #ifndef OPENSSL_NO_DSA 82f1535dc8Sdjm #include <openssl/dsa.h> 83f1535dc8Sdjm #endif 84f1535dc8Sdjm 85f1535dc8Sdjm #ifndef OPENSSL_NO_DH 86f1535dc8Sdjm #include <openssl/dh.h> 87f1535dc8Sdjm #endif 88f1535dc8Sdjm 89f1535dc8Sdjm #ifdef __cplusplus 90f1535dc8Sdjm extern "C" { 91f1535dc8Sdjm #endif 92f1535dc8Sdjm 93f1535dc8Sdjm #include <openssl/x509.h> 94f1535dc8Sdjm #include <openssl/x509v3.h> 95f1535dc8Sdjm 96c0a153faStb typedef struct TS_msg_imprint_st TS_MSG_IMPRINT; 97c0a153faStb typedef struct TS_req_st TS_REQ; 98c0a153faStb typedef struct TS_accuracy_st TS_ACCURACY; 99c0a153faStb typedef struct TS_tst_info_st TS_TST_INFO; 100f1535dc8Sdjm 101c0a153faStb /* Possible values for status. */ 102f1535dc8Sdjm #define TS_STATUS_GRANTED 0 103f1535dc8Sdjm #define TS_STATUS_GRANTED_WITH_MODS 1 104f1535dc8Sdjm #define TS_STATUS_REJECTION 2 105f1535dc8Sdjm #define TS_STATUS_WAITING 3 106f1535dc8Sdjm #define TS_STATUS_REVOCATION_WARNING 4 107f1535dc8Sdjm #define TS_STATUS_REVOCATION_NOTIFICATION 5 108f1535dc8Sdjm 109c0a153faStb /* Possible values for failure_info. */ 110f1535dc8Sdjm #define TS_INFO_BAD_ALG 0 111f1535dc8Sdjm #define TS_INFO_BAD_REQUEST 2 112f1535dc8Sdjm #define TS_INFO_BAD_DATA_FORMAT 5 113f1535dc8Sdjm #define TS_INFO_TIME_NOT_AVAILABLE 14 114f1535dc8Sdjm #define TS_INFO_UNACCEPTED_POLICY 15 115f1535dc8Sdjm #define TS_INFO_UNACCEPTED_EXTENSION 16 116f1535dc8Sdjm #define TS_INFO_ADD_INFO_NOT_AVAILABLE 17 117f1535dc8Sdjm #define TS_INFO_SYSTEM_FAILURE 25 118f1535dc8Sdjm 119c0a153faStb typedef struct TS_status_info_st TS_STATUS_INFO; 120f1535dc8Sdjm 121f1535dc8Sdjm DECLARE_STACK_OF(ASN1_UTF8STRING) 122f1535dc8Sdjm 123c0a153faStb typedef struct ESS_issuer_serial ESS_ISSUER_SERIAL; 124c0a153faStb typedef struct ESS_cert_id ESS_CERT_ID; 125f1535dc8Sdjm DECLARE_STACK_OF(ESS_CERT_ID) 126c0a153faStb typedef struct ESS_signing_cert ESS_SIGNING_CERT; 127f1535dc8Sdjm 1280cea7bbeStb typedef struct ESS_cert_id_v2 ESS_CERT_ID_V2; 129ba539a43Skn DECLARE_STACK_OF(ESS_CERT_ID_V2) 130ba539a43Skn 1310cea7bbeStb typedef struct ESS_signing_cert_v2 ESS_SIGNING_CERT_V2; 132c0a153faStb 133c0a153faStb typedef struct TS_resp_st TS_RESP; 134f1535dc8Sdjm 135f1535dc8Sdjm TS_REQ *TS_REQ_new(void); 136f1535dc8Sdjm void TS_REQ_free(TS_REQ *a); 137f1535dc8Sdjm int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp); 138f1535dc8Sdjm TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length); 139f1535dc8Sdjm 140f1535dc8Sdjm TS_REQ *TS_REQ_dup(TS_REQ *a); 141f1535dc8Sdjm 142f1535dc8Sdjm TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a); 143f1535dc8Sdjm int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a); 144f1535dc8Sdjm TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a); 145f1535dc8Sdjm int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a); 146f1535dc8Sdjm 147f1535dc8Sdjm TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void); 148f1535dc8Sdjm void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a); 149f1535dc8Sdjm int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp); 150f1535dc8Sdjm TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a, 151f1535dc8Sdjm const unsigned char **pp, long length); 152f1535dc8Sdjm 153f1535dc8Sdjm TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a); 154f1535dc8Sdjm 155f1535dc8Sdjm TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a); 156f1535dc8Sdjm int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a); 157f1535dc8Sdjm TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a); 158f1535dc8Sdjm int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a); 159f1535dc8Sdjm 160f1535dc8Sdjm TS_RESP *TS_RESP_new(void); 161f1535dc8Sdjm void TS_RESP_free(TS_RESP *a); 162f1535dc8Sdjm int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp); 163f1535dc8Sdjm TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length); 164f1535dc8Sdjm TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token); 165f1535dc8Sdjm TS_RESP *TS_RESP_dup(TS_RESP *a); 166f1535dc8Sdjm 167f1535dc8Sdjm TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a); 168f1535dc8Sdjm int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a); 169f1535dc8Sdjm TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a); 170f1535dc8Sdjm int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a); 171f1535dc8Sdjm 172f1535dc8Sdjm TS_STATUS_INFO *TS_STATUS_INFO_new(void); 173f1535dc8Sdjm void TS_STATUS_INFO_free(TS_STATUS_INFO *a); 174f1535dc8Sdjm int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp); 175f1535dc8Sdjm TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a, 176f1535dc8Sdjm const unsigned char **pp, long length); 177f1535dc8Sdjm TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a); 178f1535dc8Sdjm 179f1535dc8Sdjm TS_TST_INFO *TS_TST_INFO_new(void); 180f1535dc8Sdjm void TS_TST_INFO_free(TS_TST_INFO *a); 181f1535dc8Sdjm int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp); 182f1535dc8Sdjm TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp, 183f1535dc8Sdjm long length); 184f1535dc8Sdjm TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a); 185f1535dc8Sdjm 186f1535dc8Sdjm TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a); 187f1535dc8Sdjm int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a); 188f1535dc8Sdjm TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a); 189f1535dc8Sdjm int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a); 190f1535dc8Sdjm 191f1535dc8Sdjm TS_ACCURACY *TS_ACCURACY_new(void); 192f1535dc8Sdjm void TS_ACCURACY_free(TS_ACCURACY *a); 193f1535dc8Sdjm int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp); 194f1535dc8Sdjm TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp, 195f1535dc8Sdjm long length); 196f1535dc8Sdjm TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a); 197f1535dc8Sdjm 198f1535dc8Sdjm ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void); 199f1535dc8Sdjm void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a); 200f1535dc8Sdjm int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, 201f1535dc8Sdjm unsigned char **pp); 202f1535dc8Sdjm ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a, 203f1535dc8Sdjm const unsigned char **pp, long length); 204f1535dc8Sdjm ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a); 205f1535dc8Sdjm 206f1535dc8Sdjm ESS_CERT_ID *ESS_CERT_ID_new(void); 207f1535dc8Sdjm void ESS_CERT_ID_free(ESS_CERT_ID *a); 208f1535dc8Sdjm int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp); 209f1535dc8Sdjm ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp, 210f1535dc8Sdjm long length); 211f1535dc8Sdjm ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a); 212f1535dc8Sdjm 213f1535dc8Sdjm ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void); 214f1535dc8Sdjm void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a); 215f1535dc8Sdjm int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, 216f1535dc8Sdjm unsigned char **pp); 217f1535dc8Sdjm ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a, 218f1535dc8Sdjm const unsigned char **pp, long length); 219f1535dc8Sdjm ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a); 220f1535dc8Sdjm 221f1535dc8Sdjm int TS_REQ_set_version(TS_REQ *a, long version); 222f1535dc8Sdjm long TS_REQ_get_version(const TS_REQ *a); 223f1535dc8Sdjm 224f1535dc8Sdjm int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint); 225f1535dc8Sdjm TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a); 226f1535dc8Sdjm 227f1535dc8Sdjm int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg); 228f1535dc8Sdjm X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a); 229f1535dc8Sdjm 230f1535dc8Sdjm int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len); 231f1535dc8Sdjm ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a); 232f1535dc8Sdjm 233335ecd92Stb int TS_REQ_set_policy_id(TS_REQ *a, const ASN1_OBJECT *policy); 234f1535dc8Sdjm ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a); 235f1535dc8Sdjm 236f1535dc8Sdjm int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce); 237f1535dc8Sdjm const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a); 238f1535dc8Sdjm 239f1535dc8Sdjm int TS_REQ_set_cert_req(TS_REQ *a, int cert_req); 240f1535dc8Sdjm int TS_REQ_get_cert_req(const TS_REQ *a); 241f1535dc8Sdjm 242f1535dc8Sdjm STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a); 243f1535dc8Sdjm void TS_REQ_ext_free(TS_REQ *a); 244f1535dc8Sdjm int TS_REQ_get_ext_count(TS_REQ *a); 245f1535dc8Sdjm int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos); 246335ecd92Stb int TS_REQ_get_ext_by_OBJ(TS_REQ *a, const ASN1_OBJECT *obj, int lastpos); 247f1535dc8Sdjm int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos); 248f1535dc8Sdjm X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc); 249f1535dc8Sdjm X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc); 250f1535dc8Sdjm int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc); 251f1535dc8Sdjm void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx); 252f1535dc8Sdjm 253f1535dc8Sdjm /* Function declarations for TS_REQ defined in ts/ts_req_print.c */ 254f1535dc8Sdjm 255f1535dc8Sdjm int TS_REQ_print_bio(BIO *bio, TS_REQ *a); 256f1535dc8Sdjm 257b5215c1cStb /* Function declarations for TS_RESP defined in ts/ts_rsp_utils.c */ 258f1535dc8Sdjm 259f1535dc8Sdjm int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info); 260f1535dc8Sdjm TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a); 261f1535dc8Sdjm 26265294ebeStb const ASN1_UTF8STRING *TS_STATUS_INFO_get0_failure_info(const TS_STATUS_INFO *si); 26365294ebeStb const STACK_OF(ASN1_UTF8STRING) * 26465294ebeStb TS_STATUS_INFO_get0_text(const TS_STATUS_INFO *si); 26565294ebeStb const ASN1_INTEGER *TS_STATUS_INFO_get0_status(const TS_STATUS_INFO *si); 26665294ebeStb int TS_STATUS_INFO_set_status(TS_STATUS_INFO *si, int i); 26765294ebeStb 268f1535dc8Sdjm /* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */ 269f1535dc8Sdjm void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info); 270f1535dc8Sdjm PKCS7 *TS_RESP_get_token(TS_RESP *a); 271f1535dc8Sdjm TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a); 272f1535dc8Sdjm 273f1535dc8Sdjm int TS_TST_INFO_set_version(TS_TST_INFO *a, long version); 274f1535dc8Sdjm long TS_TST_INFO_get_version(const TS_TST_INFO *a); 275f1535dc8Sdjm 276f1535dc8Sdjm int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id); 277f1535dc8Sdjm ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a); 278f1535dc8Sdjm 279f1535dc8Sdjm int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint); 280f1535dc8Sdjm TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a); 281f1535dc8Sdjm 282f1535dc8Sdjm int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial); 283f1535dc8Sdjm const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a); 284f1535dc8Sdjm 285f1535dc8Sdjm int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime); 286f1535dc8Sdjm const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a); 287f1535dc8Sdjm 288f1535dc8Sdjm int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy); 289f1535dc8Sdjm TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a); 290f1535dc8Sdjm 291f1535dc8Sdjm int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds); 292f1535dc8Sdjm const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a); 293f1535dc8Sdjm 294f1535dc8Sdjm int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis); 295f1535dc8Sdjm const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a); 296f1535dc8Sdjm 297f1535dc8Sdjm int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros); 298f1535dc8Sdjm const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a); 299f1535dc8Sdjm 300f1535dc8Sdjm int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering); 301f1535dc8Sdjm int TS_TST_INFO_get_ordering(const TS_TST_INFO *a); 302f1535dc8Sdjm 303f1535dc8Sdjm int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce); 304f1535dc8Sdjm const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a); 305f1535dc8Sdjm 306f1535dc8Sdjm int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa); 307f1535dc8Sdjm GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a); 308f1535dc8Sdjm 309f1535dc8Sdjm STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a); 310f1535dc8Sdjm void TS_TST_INFO_ext_free(TS_TST_INFO *a); 311f1535dc8Sdjm int TS_TST_INFO_get_ext_count(TS_TST_INFO *a); 312f1535dc8Sdjm int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos); 313a1b39ff7Stb int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, const ASN1_OBJECT *obj, 314a1b39ff7Stb int lastpos); 315f1535dc8Sdjm int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos); 316f1535dc8Sdjm X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc); 317f1535dc8Sdjm X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc); 318f1535dc8Sdjm int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc); 319f1535dc8Sdjm void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx); 320f1535dc8Sdjm 321b5215c1cStb /* Declarations related to response generation, defined in ts/ts_rsp_sign.c. */ 322f1535dc8Sdjm 323f1535dc8Sdjm /* Optional flags for response generation. */ 324f1535dc8Sdjm 325f1535dc8Sdjm /* Don't include the TSA name in response. */ 326f1535dc8Sdjm #define TS_TSA_NAME 0x01 327f1535dc8Sdjm 328f1535dc8Sdjm /* Set ordering to true in response. */ 329f1535dc8Sdjm #define TS_ORDERING 0x02 330f1535dc8Sdjm 331f1535dc8Sdjm /* 332f1535dc8Sdjm * Include the signer certificate and the other specified certificates in 333f1535dc8Sdjm * the ESS signing certificate attribute beside the PKCS7 signed data. 334f1535dc8Sdjm * Only the signer certificates is included by default. 335f1535dc8Sdjm */ 336f1535dc8Sdjm #define TS_ESS_CERT_ID_CHAIN 0x04 337f1535dc8Sdjm 338f1535dc8Sdjm /* Forward declaration. */ 339f1535dc8Sdjm struct TS_resp_ctx; 340f1535dc8Sdjm 341f1535dc8Sdjm /* This must return a unique number less than 160 bits long. */ 342f1535dc8Sdjm typedef ASN1_INTEGER *(*TS_serial_cb)(struct TS_resp_ctx *, void *); 343f1535dc8Sdjm 344f1535dc8Sdjm /* This must return the seconds and microseconds since Jan 1, 1970 in 345f1535dc8Sdjm the sec and usec variables allocated by the caller. 346f1535dc8Sdjm Return non-zero for success and zero for failure. */ 34729b2bb65Sderaadt typedef int (*TS_time_cb)(struct TS_resp_ctx *, void *, time_t *sec, long *usec); 348f1535dc8Sdjm 349f1535dc8Sdjm /* This must process the given extension. 350f1535dc8Sdjm * It can modify the TS_TST_INFO object of the context. 351f1535dc8Sdjm * Return values: !0 (processed), 0 (error, it must set the 352f1535dc8Sdjm * status info/failure info of the response). 353f1535dc8Sdjm */ 354f1535dc8Sdjm typedef int (*TS_extension_cb)(struct TS_resp_ctx *, X509_EXTENSION *, void *); 355f1535dc8Sdjm 356c0a153faStb typedef struct TS_resp_ctx TS_RESP_CTX; 357f1535dc8Sdjm 358f1535dc8Sdjm DECLARE_STACK_OF(EVP_MD) 359f1535dc8Sdjm 360f1535dc8Sdjm /* Creates a response context that can be used for generating responses. */ 361f1535dc8Sdjm TS_RESP_CTX *TS_RESP_CTX_new(void); 362f1535dc8Sdjm void TS_RESP_CTX_free(TS_RESP_CTX *ctx); 363f1535dc8Sdjm 364f1535dc8Sdjm /* This parameter must be set. */ 365f1535dc8Sdjm int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer); 366f1535dc8Sdjm 367f1535dc8Sdjm /* This parameter must be set. */ 368f1535dc8Sdjm int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key); 369f1535dc8Sdjm 370f1535dc8Sdjm /* This parameter must be set. */ 371335ecd92Stb int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *def_policy); 372f1535dc8Sdjm 373f1535dc8Sdjm /* No additional certs are included in the response by default. */ 374f1535dc8Sdjm int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs); 375f1535dc8Sdjm 376f1535dc8Sdjm /* Adds a new acceptable policy, only the default policy 377f1535dc8Sdjm is accepted by default. */ 378335ecd92Stb int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *policy); 379f1535dc8Sdjm 380f1535dc8Sdjm /* Adds a new acceptable message digest. Note that no message digests 381f1535dc8Sdjm are accepted by default. The md argument is shared with the caller. */ 382f1535dc8Sdjm int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md); 383f1535dc8Sdjm 384f1535dc8Sdjm /* Accuracy is not included by default. */ 385f1535dc8Sdjm int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx, 386f1535dc8Sdjm int secs, int millis, int micros); 387f1535dc8Sdjm 388f1535dc8Sdjm /* Clock precision digits, i.e. the number of decimal digits: 389f1535dc8Sdjm '0' means sec, '3' msec, '6' usec, and so on. Default is 0. */ 390f1535dc8Sdjm int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx, 391f1535dc8Sdjm unsigned clock_precision_digits); 392*695fd1d8Sbeck /* At most we accept sec precision. */ 393*695fd1d8Sbeck #define TS_MAX_CLOCK_PRECISION_DIGITS 0 394f1535dc8Sdjm 395f1535dc8Sdjm /* No flags are set by default. */ 396f1535dc8Sdjm void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags); 397f1535dc8Sdjm 398f1535dc8Sdjm /* Default callback always returns a constant. */ 399f1535dc8Sdjm void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data); 400f1535dc8Sdjm 401b2c8ed29Stb /* Default callback uses gettimeofday() and gmtime(). */ 402b2c8ed29Stb void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data); 403b2c8ed29Stb 404f1535dc8Sdjm /* Default callback rejects all extensions. The extension callback is called 405f1535dc8Sdjm * when the TS_TST_INFO object is already set up and not signed yet. */ 406f1535dc8Sdjm /* FIXME: extension handling is not tested yet. */ 407f1535dc8Sdjm void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx, 408f1535dc8Sdjm TS_extension_cb cb, void *data); 409f1535dc8Sdjm 410f1535dc8Sdjm /* The following methods can be used in the callbacks. */ 411f1535dc8Sdjm int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx, 412f1535dc8Sdjm int status, const char *text); 413f1535dc8Sdjm 414f1535dc8Sdjm /* Sets the status info only if it is still TS_STATUS_GRANTED. */ 415f1535dc8Sdjm int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx, 416f1535dc8Sdjm int status, const char *text); 417f1535dc8Sdjm 418f1535dc8Sdjm int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure); 419f1535dc8Sdjm 420f1535dc8Sdjm /* The get methods below can be used in the extension callback. */ 421f1535dc8Sdjm TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx); 422f1535dc8Sdjm 423f1535dc8Sdjm TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx); 424f1535dc8Sdjm 425f1535dc8Sdjm /* 426f1535dc8Sdjm * Creates the signed TS_TST_INFO and puts it in TS_RESP. 427f1535dc8Sdjm * In case of errors it sets the status info properly. 428f1535dc8Sdjm * Returns NULL only in case of memory allocation/fatal error. 429f1535dc8Sdjm */ 430f1535dc8Sdjm TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio); 431f1535dc8Sdjm 432f1535dc8Sdjm /* 433f1535dc8Sdjm * Declarations related to response verification, 434b5215c1cStb * they are defined in ts/ts_rsp_verify.c. 435f1535dc8Sdjm */ 436f1535dc8Sdjm 437f1535dc8Sdjm int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs, 438f1535dc8Sdjm X509_STORE *store, X509 **signer_out); 439f1535dc8Sdjm 440f1535dc8Sdjm /* Context structure for the generic verify method. */ 441f1535dc8Sdjm 442f1535dc8Sdjm /* Verify the signer's certificate and the signature of the response. */ 443f1535dc8Sdjm #define TS_VFY_SIGNATURE (1u << 0) 444f1535dc8Sdjm /* Verify the version number of the response. */ 445f1535dc8Sdjm #define TS_VFY_VERSION (1u << 1) 446f1535dc8Sdjm /* Verify if the policy supplied by the user matches the policy of the TSA. */ 447f1535dc8Sdjm #define TS_VFY_POLICY (1u << 2) 448f1535dc8Sdjm /* Verify the message imprint provided by the user. This flag should not be 449f1535dc8Sdjm specified with TS_VFY_DATA. */ 450f1535dc8Sdjm #define TS_VFY_IMPRINT (1u << 3) 451f1535dc8Sdjm /* Verify the message imprint computed by the verify method from the user 452f1535dc8Sdjm provided data and the MD algorithm of the response. This flag should not be 453f1535dc8Sdjm specified with TS_VFY_IMPRINT. */ 454f1535dc8Sdjm #define TS_VFY_DATA (1u << 4) 455f1535dc8Sdjm /* Verify the nonce value. */ 456f1535dc8Sdjm #define TS_VFY_NONCE (1u << 5) 457f1535dc8Sdjm /* Verify if the TSA name field matches the signer certificate. */ 458f1535dc8Sdjm #define TS_VFY_SIGNER (1u << 6) 459f1535dc8Sdjm /* Verify if the TSA name field equals to the user provided name. */ 460f1535dc8Sdjm #define TS_VFY_TSA_NAME (1u << 7) 461f1535dc8Sdjm 462f1535dc8Sdjm /* You can use the following convenience constants. */ 463f1535dc8Sdjm #define TS_VFY_ALL_IMPRINT (TS_VFY_SIGNATURE \ 464f1535dc8Sdjm | TS_VFY_VERSION \ 465f1535dc8Sdjm | TS_VFY_POLICY \ 466f1535dc8Sdjm | TS_VFY_IMPRINT \ 467f1535dc8Sdjm | TS_VFY_NONCE \ 468f1535dc8Sdjm | TS_VFY_SIGNER \ 469f1535dc8Sdjm | TS_VFY_TSA_NAME) 470f1535dc8Sdjm #define TS_VFY_ALL_DATA (TS_VFY_SIGNATURE \ 471f1535dc8Sdjm | TS_VFY_VERSION \ 472f1535dc8Sdjm | TS_VFY_POLICY \ 473f1535dc8Sdjm | TS_VFY_DATA \ 474f1535dc8Sdjm | TS_VFY_NONCE \ 475f1535dc8Sdjm | TS_VFY_SIGNER \ 476f1535dc8Sdjm | TS_VFY_TSA_NAME) 477f1535dc8Sdjm 478c0a153faStb typedef struct TS_verify_ctx TS_VERIFY_CTX; 479f1535dc8Sdjm 480f1535dc8Sdjm int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response); 481f1535dc8Sdjm int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token); 482f1535dc8Sdjm 483f1535dc8Sdjm /* 484f1535dc8Sdjm * Declarations related to response verification context, 485f1535dc8Sdjm * they are defined in ts/ts_verify_ctx.c. 486f1535dc8Sdjm */ 487f1535dc8Sdjm 488f1535dc8Sdjm /* Set all fields to zero. */ 489f1535dc8Sdjm TS_VERIFY_CTX *TS_VERIFY_CTX_new(void); 490f1535dc8Sdjm void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx); 491f1535dc8Sdjm void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx); 492f1535dc8Sdjm 4934f19ead7Stb int TS_VERIFY_CTX_add_flags(TS_VERIFY_CTX *ctx, int flags); 4944f19ead7Stb int TS_VERIFY_CTX_set_flags(TS_VERIFY_CTX *ctx, int flags); 4954f19ead7Stb BIO *TS_VERIFY_CTX_set_data(TS_VERIFY_CTX *ctx, BIO *bio); 4964f19ead7Stb X509_STORE *TS_VERIFY_CTX_set_store(TS_VERIFY_CTX *ctx, X509_STORE *store); 4974f19ead7Stb /* R$ special */ 4984f19ead7Stb #define TS_VERIFY_CTS_set_certs TS_VERIFY_CTX_set_certs 4994f19ead7Stb STACK_OF(X509) *TS_VERIFY_CTX_set_certs(TS_VERIFY_CTX *ctx, 5004f19ead7Stb STACK_OF(X509) *certs); 5014f19ead7Stb unsigned char *TS_VERIFY_CTX_set_imprint(TS_VERIFY_CTX *ctx, 5024f19ead7Stb unsigned char *imprint, long imprint_len); 5034f19ead7Stb 504f1535dc8Sdjm /* 505f1535dc8Sdjm * If ctx is NULL, it allocates and returns a new object, otherwise 506f1535dc8Sdjm * it returns ctx. It initialises all the members as follows: 507f1535dc8Sdjm * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE) 508f1535dc8Sdjm * certs = NULL 509f1535dc8Sdjm * store = NULL 510f1535dc8Sdjm * policy = policy from the request or NULL if absent (in this case 511f1535dc8Sdjm * TS_VFY_POLICY is cleared from flags as well) 512f1535dc8Sdjm * md_alg = MD algorithm from request 513f1535dc8Sdjm * imprint, imprint_len = imprint from request 514f1535dc8Sdjm * data = NULL 515f1535dc8Sdjm * nonce, nonce_len = nonce from the request or NULL if absent (in this case 516f1535dc8Sdjm * TS_VFY_NONCE is cleared from flags as well) 517f1535dc8Sdjm * tsa_name = NULL 518f1535dc8Sdjm * Important: after calling this method TS_VFY_SIGNATURE should be added! 519f1535dc8Sdjm */ 520f1535dc8Sdjm TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx); 521f1535dc8Sdjm 522b5215c1cStb /* Function declarations for TS_RESP defined in ts/ts_rsp_print.c */ 523f1535dc8Sdjm 524f1535dc8Sdjm int TS_RESP_print_bio(BIO *bio, TS_RESP *a); 525f1535dc8Sdjm int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a); 526f1535dc8Sdjm int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a); 527f1535dc8Sdjm 528f1535dc8Sdjm /* Common utility functions defined in ts/ts_lib.c */ 529f1535dc8Sdjm 530f1535dc8Sdjm int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num); 531f1535dc8Sdjm int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj); 532f1535dc8Sdjm int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions); 533f1535dc8Sdjm int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg); 534f1535dc8Sdjm int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg); 535f1535dc8Sdjm 536f1535dc8Sdjm /* Function declarations for handling configuration options, 537f1535dc8Sdjm defined in ts/ts_conf.c */ 538f1535dc8Sdjm 539f1535dc8Sdjm X509 *TS_CONF_load_cert(const char *file); 540f1535dc8Sdjm STACK_OF(X509) *TS_CONF_load_certs(const char *file); 541f1535dc8Sdjm EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass); 542f1535dc8Sdjm const char *TS_CONF_get_tsa_section(CONF *conf, const char *section); 543f1535dc8Sdjm int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb, 544f1535dc8Sdjm TS_RESP_CTX *ctx); 545f1535dc8Sdjm int TS_CONF_set_signer_cert(CONF *conf, const char *section, 546f1535dc8Sdjm const char *cert, TS_RESP_CTX *ctx); 547f1535dc8Sdjm int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs, 548f1535dc8Sdjm TS_RESP_CTX *ctx); 549f1535dc8Sdjm int TS_CONF_set_signer_key(CONF *conf, const char *section, 550f1535dc8Sdjm const char *key, const char *pass, TS_RESP_CTX *ctx); 551f1535dc8Sdjm int TS_CONF_set_def_policy(CONF *conf, const char *section, 552f1535dc8Sdjm const char *policy, TS_RESP_CTX *ctx); 553f1535dc8Sdjm int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx); 554f1535dc8Sdjm int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx); 555f1535dc8Sdjm int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx); 556f1535dc8Sdjm int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section, 557f1535dc8Sdjm TS_RESP_CTX *ctx); 558f1535dc8Sdjm int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx); 559f1535dc8Sdjm int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx); 560f1535dc8Sdjm int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section, 561f1535dc8Sdjm TS_RESP_CTX *ctx); 562f1535dc8Sdjm 563f1535dc8Sdjm void ERR_load_TS_strings(void); 564f1535dc8Sdjm 565f1535dc8Sdjm /* Error codes for the TS functions. */ 566f1535dc8Sdjm 567f1535dc8Sdjm /* Function codes. */ 568f1535dc8Sdjm #define TS_F_D2I_TS_RESP 147 569f1535dc8Sdjm #define TS_F_DEF_SERIAL_CB 110 570f1535dc8Sdjm #define TS_F_DEF_TIME_CB 111 571f1535dc8Sdjm #define TS_F_ESS_ADD_SIGNING_CERT 112 572f1535dc8Sdjm #define TS_F_ESS_CERT_ID_NEW_INIT 113 573f1535dc8Sdjm #define TS_F_ESS_SIGNING_CERT_NEW_INIT 114 574f1535dc8Sdjm #define TS_F_INT_TS_RESP_VERIFY_TOKEN 149 575f1535dc8Sdjm #define TS_F_PKCS7_TO_TS_TST_INFO 148 576f1535dc8Sdjm #define TS_F_TS_ACCURACY_SET_MICROS 115 577f1535dc8Sdjm #define TS_F_TS_ACCURACY_SET_MILLIS 116 578f1535dc8Sdjm #define TS_F_TS_ACCURACY_SET_SECONDS 117 579f1535dc8Sdjm #define TS_F_TS_CHECK_IMPRINTS 100 580f1535dc8Sdjm #define TS_F_TS_CHECK_NONCES 101 581f1535dc8Sdjm #define TS_F_TS_CHECK_POLICY 102 582f1535dc8Sdjm #define TS_F_TS_CHECK_SIGNING_CERTS 103 583f1535dc8Sdjm #define TS_F_TS_CHECK_STATUS_INFO 104 584f1535dc8Sdjm #define TS_F_TS_COMPUTE_IMPRINT 145 585f1535dc8Sdjm #define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146 586f1535dc8Sdjm #define TS_F_TS_GET_STATUS_TEXT 105 587f1535dc8Sdjm #define TS_F_TS_MSG_IMPRINT_SET_ALGO 118 588f1535dc8Sdjm #define TS_F_TS_REQ_SET_MSG_IMPRINT 119 589f1535dc8Sdjm #define TS_F_TS_REQ_SET_NONCE 120 590f1535dc8Sdjm #define TS_F_TS_REQ_SET_POLICY_ID 121 591f1535dc8Sdjm #define TS_F_TS_RESP_CREATE_RESPONSE 122 592f1535dc8Sdjm #define TS_F_TS_RESP_CREATE_TST_INFO 123 593f1535dc8Sdjm #define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124 594f1535dc8Sdjm #define TS_F_TS_RESP_CTX_ADD_MD 125 595f1535dc8Sdjm #define TS_F_TS_RESP_CTX_ADD_POLICY 126 596f1535dc8Sdjm #define TS_F_TS_RESP_CTX_NEW 127 597f1535dc8Sdjm #define TS_F_TS_RESP_CTX_SET_ACCURACY 128 598f1535dc8Sdjm #define TS_F_TS_RESP_CTX_SET_CERTS 129 599f1535dc8Sdjm #define TS_F_TS_RESP_CTX_SET_DEF_POLICY 130 600f1535dc8Sdjm #define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131 601f1535dc8Sdjm #define TS_F_TS_RESP_CTX_SET_STATUS_INFO 132 602f1535dc8Sdjm #define TS_F_TS_RESP_GET_POLICY 133 603f1535dc8Sdjm #define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134 604f1535dc8Sdjm #define TS_F_TS_RESP_SET_STATUS_INFO 135 605f1535dc8Sdjm #define TS_F_TS_RESP_SET_TST_INFO 150 606f1535dc8Sdjm #define TS_F_TS_RESP_SIGN 136 607f1535dc8Sdjm #define TS_F_TS_RESP_VERIFY_SIGNATURE 106 608f1535dc8Sdjm #define TS_F_TS_RESP_VERIFY_TOKEN 107 609f1535dc8Sdjm #define TS_F_TS_TST_INFO_SET_ACCURACY 137 610f1535dc8Sdjm #define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138 611f1535dc8Sdjm #define TS_F_TS_TST_INFO_SET_NONCE 139 612f1535dc8Sdjm #define TS_F_TS_TST_INFO_SET_POLICY_ID 140 613f1535dc8Sdjm #define TS_F_TS_TST_INFO_SET_SERIAL 141 614f1535dc8Sdjm #define TS_F_TS_TST_INFO_SET_TIME 142 615f1535dc8Sdjm #define TS_F_TS_TST_INFO_SET_TSA 143 616f1535dc8Sdjm #define TS_F_TS_VERIFY 108 617f1535dc8Sdjm #define TS_F_TS_VERIFY_CERT 109 618f1535dc8Sdjm #define TS_F_TS_VERIFY_CTX_NEW 144 619f1535dc8Sdjm 620f1535dc8Sdjm /* Reason codes. */ 621f1535dc8Sdjm #define TS_R_BAD_PKCS7_TYPE 132 622f1535dc8Sdjm #define TS_R_BAD_TYPE 133 623f1535dc8Sdjm #define TS_R_CERTIFICATE_VERIFY_ERROR 100 624f1535dc8Sdjm #define TS_R_COULD_NOT_SET_ENGINE 127 625f1535dc8Sdjm #define TS_R_COULD_NOT_SET_TIME 115 626f1535dc8Sdjm #define TS_R_D2I_TS_RESP_INT_FAILED 128 627f1535dc8Sdjm #define TS_R_DETACHED_CONTENT 134 628f1535dc8Sdjm #define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116 629f1535dc8Sdjm #define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101 630f1535dc8Sdjm #define TS_R_INVALID_NULL_POINTER 102 631f1535dc8Sdjm #define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117 632f1535dc8Sdjm #define TS_R_MESSAGE_IMPRINT_MISMATCH 103 633f1535dc8Sdjm #define TS_R_NONCE_MISMATCH 104 634f1535dc8Sdjm #define TS_R_NONCE_NOT_RETURNED 105 635f1535dc8Sdjm #define TS_R_NO_CONTENT 106 636f1535dc8Sdjm #define TS_R_NO_TIME_STAMP_TOKEN 107 637f1535dc8Sdjm #define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118 638f1535dc8Sdjm #define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119 639f1535dc8Sdjm #define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129 640f1535dc8Sdjm #define TS_R_POLICY_MISMATCH 108 641f1535dc8Sdjm #define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120 642f1535dc8Sdjm #define TS_R_RESPONSE_SETUP_ERROR 121 643f1535dc8Sdjm #define TS_R_SIGNATURE_FAILURE 109 644f1535dc8Sdjm #define TS_R_THERE_MUST_BE_ONE_SIGNER 110 645f1535dc8Sdjm #define TS_R_TIME_SYSCALL_ERROR 122 646f1535dc8Sdjm #define TS_R_TOKEN_NOT_PRESENT 130 647f1535dc8Sdjm #define TS_R_TOKEN_PRESENT 131 648f1535dc8Sdjm #define TS_R_TSA_NAME_MISMATCH 111 649f1535dc8Sdjm #define TS_R_TSA_UNTRUSTED 112 650f1535dc8Sdjm #define TS_R_TST_INFO_SETUP_ERROR 123 651f1535dc8Sdjm #define TS_R_TS_DATASIGN 124 652f1535dc8Sdjm #define TS_R_UNACCEPTABLE_POLICY 125 653f1535dc8Sdjm #define TS_R_UNSUPPORTED_MD_ALGORITHM 126 654f1535dc8Sdjm #define TS_R_UNSUPPORTED_VERSION 113 655f1535dc8Sdjm #define TS_R_WRONG_CONTENT_TYPE 114 656f1535dc8Sdjm 657f1535dc8Sdjm #ifdef __cplusplus 658f1535dc8Sdjm } 659f1535dc8Sdjm #endif 660f1535dc8Sdjm #endif 661