|
Eneboo - Documentación para desarrolladores
|
src/libdigidoc/openssl/include/openssl/pkcs12.h
Ir a la documentación de este archivo.
00001 /* pkcs12.h */ 00002 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 00003 * project 1999. 00004 */ 00005 /* ==================================================================== 00006 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 00007 * 00008 * Redistribution and use in source and binary forms, with or without 00009 * modification, are permitted provided that the following conditions 00010 * are met: 00011 * 00012 * 1. Redistributions of source code must retain the above copyright 00013 * notice, this list of conditions and the following disclaimer. 00014 * 00015 * 2. Redistributions in binary form must reproduce the above copyright 00016 * notice, this list of conditions and the following disclaimer in 00017 * the documentation and/or other materials provided with the 00018 * distribution. 00019 * 00020 * 3. All advertising materials mentioning features or use of this 00021 * software must display the following acknowledgment: 00022 * "This product includes software developed by the OpenSSL Project 00023 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 00024 * 00025 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 00026 * endorse or promote products derived from this software without 00027 * prior written permission. For written permission, please contact 00028 * licensing@OpenSSL.org. 00029 * 00030 * 5. Products derived from this software may not be called "OpenSSL" 00031 * nor may "OpenSSL" appear in their names without prior written 00032 * permission of the OpenSSL Project. 00033 * 00034 * 6. Redistributions of any form whatsoever must retain the following 00035 * acknowledgment: 00036 * "This product includes software developed by the OpenSSL Project 00037 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 00038 * 00039 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 00040 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 00041 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 00042 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 00043 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 00044 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 00045 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 00046 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 00047 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 00048 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 00049 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 00050 * OF THE POSSIBILITY OF SUCH DAMAGE. 00051 * ==================================================================== 00052 * 00053 * This product includes cryptographic software written by Eric Young 00054 * (eay@cryptsoft.com). This product includes software written by Tim 00055 * Hudson (tjh@cryptsoft.com). 00056 * 00057 */ 00058 00059 #ifndef HEADER_PKCS12_H 00060 #define HEADER_PKCS12_H 00061 00062 #include <openssl/bio.h> 00063 #include <openssl/x509.h> 00064 00065 #ifdef __cplusplus 00066 extern "C" { 00067 #endif 00068 00069 #define PKCS12_KEY_ID 1 00070 #define PKCS12_IV_ID 2 00071 #define PKCS12_MAC_ID 3 00072 00073 /* Default iteration count */ 00074 #ifndef PKCS12_DEFAULT_ITER 00075 #define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER 00076 #endif 00077 00078 #define PKCS12_MAC_KEY_LENGTH 20 00079 00080 #define PKCS12_SALT_LEN 8 00081 00082 /* Uncomment out next line for unicode password and names, otherwise ASCII */ 00083 00084 /*#define PBE_UNICODE*/ 00085 00086 #ifdef PBE_UNICODE 00087 #define PKCS12_key_gen PKCS12_key_gen_uni 00088 #define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni 00089 #else 00090 #define PKCS12_key_gen PKCS12_key_gen_asc 00091 #define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc 00092 #endif 00093 00094 /* MS key usage constants */ 00095 00096 #define KEY_EX 0x10 00097 #define KEY_SIG 0x80 00098 00099 typedef struct { 00100 X509_SIG *dinfo; 00101 ASN1_OCTET_STRING *salt; 00102 ASN1_INTEGER *iter; /* defaults to 1 */ 00103 } PKCS12_MAC_DATA; 00104 00105 typedef struct { 00106 ASN1_INTEGER *version; 00107 PKCS12_MAC_DATA *mac; 00108 PKCS7 *authsafes; 00109 } PKCS12; 00110 00111 PREDECLARE_STACK_OF(PKCS12_SAFEBAG) 00112 00113 typedef struct { 00114 ASN1_OBJECT *type; 00115 union { 00116 struct pkcs12_bag_st *bag; /* secret, crl and certbag */ 00117 struct pkcs8_priv_key_info_st *keybag; /* keybag */ 00118 X509_SIG *shkeybag; /* shrouded key bag */ 00119 STACK_OF(PKCS12_SAFEBAG) *safes; 00120 ASN1_TYPE *other; 00121 }value; 00122 STACK_OF(X509_ATTRIBUTE) *attrib; 00123 } PKCS12_SAFEBAG; 00124 00125 DECLARE_STACK_OF(PKCS12_SAFEBAG) 00126 DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG) 00127 DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG) 00128 00129 typedef struct pkcs12_bag_st { 00130 ASN1_OBJECT *type; 00131 union { 00132 ASN1_OCTET_STRING *x509cert; 00133 ASN1_OCTET_STRING *x509crl; 00134 ASN1_OCTET_STRING *octet; 00135 ASN1_IA5STRING *sdsicert; 00136 ASN1_TYPE *other; /* Secret or other bag */ 00137 }value; 00138 } PKCS12_BAGS; 00139 00140 #define PKCS12_ERROR 0 00141 #define PKCS12_OK 1 00142 00143 /* Compatibility macros */ 00144 00145 #define M_PKCS12_x5092certbag PKCS12_x5092certbag 00146 #define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag 00147 00148 #define M_PKCS12_certbag2x509 PKCS12_certbag2x509 00149 #define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl 00150 00151 #define M_PKCS12_unpack_p7data PKCS12_unpack_p7data 00152 #define M_PKCS12_pack_authsafes PKCS12_pack_authsafes 00153 #define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes 00154 #define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata 00155 00156 #define M_PKCS12_decrypt_skey PKCS12_decrypt_skey 00157 #define M_PKCS8_decrypt PKCS8_decrypt 00158 00159 #define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type) 00160 #define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type) 00161 #define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type 00162 00163 #define PKCS12_get_attr(bag, attr_nid) \ 00164 PKCS12_get_attr_gen(bag->attrib, attr_nid) 00165 00166 #define PKCS8_get_attr(p8, attr_nid) \ 00167 PKCS12_get_attr_gen(p8->attributes, attr_nid) 00168 00169 #define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0) 00170 00171 00172 PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509); 00173 PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl); 00174 X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag); 00175 X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag); 00176 00177 PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid1, 00178 int nid2); 00179 PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8); 00180 PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass, int passlen); 00181 PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag, const char *pass, 00182 int passlen); 00183 X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, 00184 const char *pass, int passlen, 00185 unsigned char *salt, int saltlen, int iter, 00186 PKCS8_PRIV_KEY_INFO *p8); 00187 PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass, 00188 int passlen, unsigned char *salt, 00189 int saltlen, int iter, 00190 PKCS8_PRIV_KEY_INFO *p8); 00191 PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk); 00192 STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7); 00193 PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, 00194 unsigned char *salt, int saltlen, int iter, 00195 STACK_OF(PKCS12_SAFEBAG) *bags); 00196 STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen); 00197 00198 int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes); 00199 STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12); 00200 00201 int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen); 00202 int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, 00203 int namelen); 00204 int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, 00205 int namelen); 00206 int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name, 00207 int namelen); 00208 int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage); 00209 ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid); 00210 char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag); 00211 unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, 00212 int passlen, unsigned char *in, int inlen, 00213 unsigned char **data, int *datalen, int en_de); 00214 void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, 00215 const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf); 00216 ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *it, 00217 const char *pass, int passlen, 00218 void *obj, int zbuf); 00219 PKCS12 *PKCS12_init(int mode); 00220 int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, 00221 int saltlen, int id, int iter, int n, 00222 unsigned char *out, const EVP_MD *md_type); 00223 int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type); 00224 int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, 00225 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md_type, 00226 int en_de); 00227 int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, 00228 unsigned char *mac, unsigned int *maclen); 00229 int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen); 00230 int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, 00231 unsigned char *salt, int saltlen, int iter, 00232 const EVP_MD *md_type); 00233 int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, 00234 int saltlen, const EVP_MD *md_type); 00235 #if defined(NETWARE) || defined(OPENSSL_SYS_NETWARE) 00236 /* Rename these functions to avoid name clashes on NetWare OS */ 00237 unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen); 00238 char *OPENSSL_uni2asc(unsigned char *uni, int unilen); 00239 #else 00240 unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen); 00241 char *uni2asc(unsigned char *uni, int unilen); 00242 #endif 00243 DECLARE_ASN1_FUNCTIONS(PKCS12) 00244 DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA) 00245 DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG) 00246 DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS) 00247 00248 DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS) 00249 DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES) 00250 00251 void PKCS12_PBE_add(void); 00252 int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, 00253 STACK_OF(X509) **ca); 00254 PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, 00255 STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, 00256 int mac_iter, int keytype); 00257 00258 PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert); 00259 PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, 00260 int key_usage, int iter, 00261 int key_nid, char *pass); 00262 int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, 00263 int safe_nid, int iter, char *pass); 00264 PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid); 00265 00266 int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12); 00267 int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); 00268 PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12); 00269 PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); 00270 int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass); 00271 00272 /* BEGIN ERROR CODES */ 00273 /* The following lines are auto generated by the script mkerr.pl. Any changes 00274 * made after this point may be overwritten when the script is next run. 00275 */ 00276 void ERR_load_PKCS12_strings(void); 00277 00278 /* Error codes for the PKCS12 functions. */ 00279 00280 /* Function codes. */ 00281 #define PKCS12_F_PARSE_BAG 129 00282 #define PKCS12_F_PARSE_BAGS 103 00283 #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100 00284 #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127 00285 #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102 00286 #define PKCS12_F_PKCS12_ADD_LOCALKEYID 104 00287 #define PKCS12_F_PKCS12_CREATE 105 00288 #define PKCS12_F_PKCS12_GEN_MAC 107 00289 #define PKCS12_F_PKCS12_INIT 109 00290 #define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106 00291 #define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108 00292 #define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117 00293 #define PKCS12_F_PKCS12_KEY_GEN_ASC 110 00294 #define PKCS12_F_PKCS12_KEY_GEN_UNI 111 00295 #define PKCS12_F_PKCS12_MAKE_KEYBAG 112 00296 #define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113 00297 #define PKCS12_F_PKCS12_NEWPASS 128 00298 #define PKCS12_F_PKCS12_PACK_P7DATA 114 00299 #define PKCS12_F_PKCS12_PACK_P7ENCDATA 115 00300 #define PKCS12_F_PKCS12_PARSE 118 00301 #define PKCS12_F_PKCS12_PBE_CRYPT 119 00302 #define PKCS12_F_PKCS12_PBE_KEYIVGEN 120 00303 #define PKCS12_F_PKCS12_SETUP_MAC 122 00304 #define PKCS12_F_PKCS12_SET_MAC 123 00305 #define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130 00306 #define PKCS12_F_PKCS12_UNPACK_P7DATA 131 00307 #define PKCS12_F_PKCS12_VERIFY_MAC 126 00308 #define PKCS12_F_PKCS8_ADD_KEYUSAGE 124 00309 #define PKCS12_F_PKCS8_ENCRYPT 125 00310 00311 /* Reason codes. */ 00312 #define PKCS12_R_CANT_PACK_STRUCTURE 100 00313 #define PKCS12_R_CONTENT_TYPE_NOT_DATA 121 00314 #define PKCS12_R_DECODE_ERROR 101 00315 #define PKCS12_R_ENCODE_ERROR 102 00316 #define PKCS12_R_ENCRYPT_ERROR 103 00317 #define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120 00318 #define PKCS12_R_INVALID_NULL_ARGUMENT 104 00319 #define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105 00320 #define PKCS12_R_IV_GEN_ERROR 106 00321 #define PKCS12_R_KEY_GEN_ERROR 107 00322 #define PKCS12_R_MAC_ABSENT 108 00323 #define PKCS12_R_MAC_GENERATION_ERROR 109 00324 #define PKCS12_R_MAC_SETUP_ERROR 110 00325 #define PKCS12_R_MAC_STRING_SET_ERROR 111 00326 #define PKCS12_R_MAC_VERIFY_ERROR 112 00327 #define PKCS12_R_MAC_VERIFY_FAILURE 113 00328 #define PKCS12_R_PARSE_ERROR 114 00329 #define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115 00330 #define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116 00331 #define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117 00332 #define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118 00333 #define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119 00334 00335 #ifdef __cplusplus 00336 } 00337 #endif 00338 #endif
