1*de0e0e4dSAntonio Huete Jimenez /* $OpenBSD: ts.h,v 1.19 2022/09/11 17:31:19 tb Exp $ */ 2f5b1c8a1SJohn Marino /* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL 3f5b1c8a1SJohn Marino * project 2002, 2003, 2004. 4f5b1c8a1SJohn Marino */ 5f5b1c8a1SJohn Marino /* ==================================================================== 6f5b1c8a1SJohn Marino * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 7f5b1c8a1SJohn Marino * 8f5b1c8a1SJohn Marino * Redistribution and use in source and binary forms, with or without 9f5b1c8a1SJohn Marino * modification, are permitted provided that the following conditions 10f5b1c8a1SJohn Marino * are met: 11f5b1c8a1SJohn Marino * 12f5b1c8a1SJohn Marino * 1. Redistributions of source code must retain the above copyright 13f5b1c8a1SJohn Marino * notice, this list of conditions and the following disclaimer. 14f5b1c8a1SJohn Marino * 15f5b1c8a1SJohn Marino * 2. Redistributions in binary form must reproduce the above copyright 16f5b1c8a1SJohn Marino * notice, this list of conditions and the following disclaimer in 17f5b1c8a1SJohn Marino * the documentation and/or other materials provided with the 18f5b1c8a1SJohn Marino * distribution. 19f5b1c8a1SJohn Marino * 20f5b1c8a1SJohn Marino * 3. All advertising materials mentioning features or use of this 21f5b1c8a1SJohn Marino * software must display the following acknowledgment: 22f5b1c8a1SJohn Marino * "This product includes software developed by the OpenSSL Project 23f5b1c8a1SJohn Marino * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24f5b1c8a1SJohn Marino * 25f5b1c8a1SJohn Marino * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26f5b1c8a1SJohn Marino * endorse or promote products derived from this software without 27f5b1c8a1SJohn Marino * prior written permission. For written permission, please contact 28f5b1c8a1SJohn Marino * licensing@OpenSSL.org. 29f5b1c8a1SJohn Marino * 30f5b1c8a1SJohn Marino * 5. Products derived from this software may not be called "OpenSSL" 31f5b1c8a1SJohn Marino * nor may "OpenSSL" appear in their names without prior written 32f5b1c8a1SJohn Marino * permission of the OpenSSL Project. 33f5b1c8a1SJohn Marino * 34f5b1c8a1SJohn Marino * 6. Redistributions of any form whatsoever must retain the following 35f5b1c8a1SJohn Marino * acknowledgment: 36f5b1c8a1SJohn Marino * "This product includes software developed by the OpenSSL Project 37f5b1c8a1SJohn Marino * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38f5b1c8a1SJohn Marino * 39f5b1c8a1SJohn Marino * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40f5b1c8a1SJohn Marino * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41f5b1c8a1SJohn Marino * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42f5b1c8a1SJohn Marino * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43f5b1c8a1SJohn Marino * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44f5b1c8a1SJohn Marino * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45f5b1c8a1SJohn Marino * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46f5b1c8a1SJohn Marino * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47f5b1c8a1SJohn Marino * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48f5b1c8a1SJohn Marino * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49f5b1c8a1SJohn Marino * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50f5b1c8a1SJohn Marino * OF THE POSSIBILITY OF SUCH DAMAGE. 51f5b1c8a1SJohn Marino * ==================================================================== 52f5b1c8a1SJohn Marino * 53f5b1c8a1SJohn Marino * This product includes cryptographic software written by Eric Young 54f5b1c8a1SJohn Marino * (eay@cryptsoft.com). This product includes software written by Tim 55f5b1c8a1SJohn Marino * Hudson (tjh@cryptsoft.com). 56f5b1c8a1SJohn Marino * 57f5b1c8a1SJohn Marino */ 58f5b1c8a1SJohn Marino 59f5b1c8a1SJohn Marino #ifndef HEADER_TS_H 60f5b1c8a1SJohn Marino #define HEADER_TS_H 61f5b1c8a1SJohn Marino 62f5b1c8a1SJohn Marino #include <openssl/opensslconf.h> 63f5b1c8a1SJohn Marino 64f5b1c8a1SJohn Marino #ifndef OPENSSL_NO_BUFFER 65f5b1c8a1SJohn Marino #include <openssl/buffer.h> 66f5b1c8a1SJohn Marino #endif 67f5b1c8a1SJohn Marino #ifndef OPENSSL_NO_EVP 68f5b1c8a1SJohn Marino #include <openssl/evp.h> 69f5b1c8a1SJohn Marino #endif 70f5b1c8a1SJohn Marino #ifndef OPENSSL_NO_BIO 71f5b1c8a1SJohn Marino #include <openssl/bio.h> 72f5b1c8a1SJohn Marino #endif 73f5b1c8a1SJohn Marino #include <openssl/stack.h> 74f5b1c8a1SJohn Marino #include <openssl/asn1.h> 75f5b1c8a1SJohn Marino #include <openssl/safestack.h> 76f5b1c8a1SJohn Marino 77f5b1c8a1SJohn Marino #ifndef OPENSSL_NO_RSA 78f5b1c8a1SJohn Marino #include <openssl/rsa.h> 79f5b1c8a1SJohn Marino #endif 80f5b1c8a1SJohn Marino 81f5b1c8a1SJohn Marino #ifndef OPENSSL_NO_DSA 82f5b1c8a1SJohn Marino #include <openssl/dsa.h> 83f5b1c8a1SJohn Marino #endif 84f5b1c8a1SJohn Marino 85f5b1c8a1SJohn Marino #ifndef OPENSSL_NO_DH 86f5b1c8a1SJohn Marino #include <openssl/dh.h> 87f5b1c8a1SJohn Marino #endif 88f5b1c8a1SJohn Marino 89f5b1c8a1SJohn Marino #ifdef __cplusplus 90f5b1c8a1SJohn Marino extern "C" { 91f5b1c8a1SJohn Marino #endif 92f5b1c8a1SJohn Marino 93f5b1c8a1SJohn Marino #include <openssl/x509.h> 94f5b1c8a1SJohn Marino #include <openssl/x509v3.h> 95f5b1c8a1SJohn Marino 96*de0e0e4dSAntonio Huete Jimenez typedef struct TS_msg_imprint_st TS_MSG_IMPRINT; 97*de0e0e4dSAntonio Huete Jimenez typedef struct TS_req_st TS_REQ; 98*de0e0e4dSAntonio Huete Jimenez typedef struct TS_accuracy_st TS_ACCURACY; 99*de0e0e4dSAntonio Huete Jimenez typedef struct TS_tst_info_st TS_TST_INFO; 100f5b1c8a1SJohn Marino 101*de0e0e4dSAntonio Huete Jimenez /* Possible values for status. */ 102f5b1c8a1SJohn Marino #define TS_STATUS_GRANTED 0 103f5b1c8a1SJohn Marino #define TS_STATUS_GRANTED_WITH_MODS 1 104f5b1c8a1SJohn Marino #define TS_STATUS_REJECTION 2 105f5b1c8a1SJohn Marino #define TS_STATUS_WAITING 3 106f5b1c8a1SJohn Marino #define TS_STATUS_REVOCATION_WARNING 4 107f5b1c8a1SJohn Marino #define TS_STATUS_REVOCATION_NOTIFICATION 5 108f5b1c8a1SJohn Marino 109*de0e0e4dSAntonio Huete Jimenez /* Possible values for failure_info. */ 110f5b1c8a1SJohn Marino #define TS_INFO_BAD_ALG 0 111f5b1c8a1SJohn Marino #define TS_INFO_BAD_REQUEST 2 112f5b1c8a1SJohn Marino #define TS_INFO_BAD_DATA_FORMAT 5 113f5b1c8a1SJohn Marino #define TS_INFO_TIME_NOT_AVAILABLE 14 114f5b1c8a1SJohn Marino #define TS_INFO_UNACCEPTED_POLICY 15 115f5b1c8a1SJohn Marino #define TS_INFO_UNACCEPTED_EXTENSION 16 116f5b1c8a1SJohn Marino #define TS_INFO_ADD_INFO_NOT_AVAILABLE 17 117f5b1c8a1SJohn Marino #define TS_INFO_SYSTEM_FAILURE 25 118f5b1c8a1SJohn Marino 119*de0e0e4dSAntonio Huete Jimenez typedef struct TS_status_info_st TS_STATUS_INFO; 120f5b1c8a1SJohn Marino 121f5b1c8a1SJohn Marino DECLARE_STACK_OF(ASN1_UTF8STRING) 122f5b1c8a1SJohn Marino 123*de0e0e4dSAntonio Huete Jimenez typedef struct ESS_issuer_serial ESS_ISSUER_SERIAL; 124*de0e0e4dSAntonio Huete Jimenez typedef struct ESS_cert_id ESS_CERT_ID; 125f5b1c8a1SJohn Marino DECLARE_STACK_OF(ESS_CERT_ID) 126*de0e0e4dSAntonio Huete Jimenez typedef struct ESS_signing_cert ESS_SIGNING_CERT; 127f5b1c8a1SJohn Marino 128*de0e0e4dSAntonio Huete Jimenez typedef struct ESS_cert_id_v2 ESS_CERT_ID_V2; 129*de0e0e4dSAntonio Huete Jimenez DECLARE_STACK_OF(ESS_CERT_ID_V2) 130f5b1c8a1SJohn Marino 131*de0e0e4dSAntonio Huete Jimenez typedef struct ESS_signing_cert_v2 ESS_SIGNING_CERT_V2; 132f5b1c8a1SJohn Marino 133*de0e0e4dSAntonio Huete Jimenez typedef struct TS_resp_st TS_RESP; 134f5b1c8a1SJohn Marino 135f5b1c8a1SJohn Marino TS_REQ *TS_REQ_new(void); 136f5b1c8a1SJohn Marino void TS_REQ_free(TS_REQ *a); 137f5b1c8a1SJohn Marino int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp); 138f5b1c8a1SJohn Marino TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length); 139f5b1c8a1SJohn Marino 140f5b1c8a1SJohn Marino TS_REQ *TS_REQ_dup(TS_REQ *a); 141f5b1c8a1SJohn Marino 142f5b1c8a1SJohn Marino TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a); 143f5b1c8a1SJohn Marino int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a); 144f5b1c8a1SJohn Marino TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a); 145f5b1c8a1SJohn Marino int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a); 146f5b1c8a1SJohn Marino 147f5b1c8a1SJohn Marino TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void); 148f5b1c8a1SJohn Marino void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a); 149f5b1c8a1SJohn Marino int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp); 150f5b1c8a1SJohn Marino TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a, 151f5b1c8a1SJohn Marino const unsigned char **pp, long length); 152f5b1c8a1SJohn Marino 153f5b1c8a1SJohn Marino TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a); 154f5b1c8a1SJohn Marino 155f5b1c8a1SJohn Marino TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a); 156f5b1c8a1SJohn Marino int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a); 157f5b1c8a1SJohn Marino TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a); 158f5b1c8a1SJohn Marino int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a); 159f5b1c8a1SJohn Marino 160f5b1c8a1SJohn Marino TS_RESP *TS_RESP_new(void); 161f5b1c8a1SJohn Marino void TS_RESP_free(TS_RESP *a); 162f5b1c8a1SJohn Marino int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp); 163f5b1c8a1SJohn Marino TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length); 164f5b1c8a1SJohn Marino TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token); 165f5b1c8a1SJohn Marino TS_RESP *TS_RESP_dup(TS_RESP *a); 166f5b1c8a1SJohn Marino 167f5b1c8a1SJohn Marino TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a); 168f5b1c8a1SJohn Marino int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a); 169f5b1c8a1SJohn Marino TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a); 170f5b1c8a1SJohn Marino int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a); 171f5b1c8a1SJohn Marino 172f5b1c8a1SJohn Marino TS_STATUS_INFO *TS_STATUS_INFO_new(void); 173f5b1c8a1SJohn Marino void TS_STATUS_INFO_free(TS_STATUS_INFO *a); 174f5b1c8a1SJohn Marino int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp); 175f5b1c8a1SJohn Marino TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a, 176f5b1c8a1SJohn Marino const unsigned char **pp, long length); 177f5b1c8a1SJohn Marino TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a); 178f5b1c8a1SJohn Marino 179f5b1c8a1SJohn Marino TS_TST_INFO *TS_TST_INFO_new(void); 180f5b1c8a1SJohn Marino void TS_TST_INFO_free(TS_TST_INFO *a); 181f5b1c8a1SJohn Marino int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp); 182f5b1c8a1SJohn Marino TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp, 183f5b1c8a1SJohn Marino long length); 184f5b1c8a1SJohn Marino TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a); 185f5b1c8a1SJohn Marino 186f5b1c8a1SJohn Marino TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a); 187f5b1c8a1SJohn Marino int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a); 188f5b1c8a1SJohn Marino TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a); 189f5b1c8a1SJohn Marino int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a); 190f5b1c8a1SJohn Marino 191f5b1c8a1SJohn Marino TS_ACCURACY *TS_ACCURACY_new(void); 192f5b1c8a1SJohn Marino void TS_ACCURACY_free(TS_ACCURACY *a); 193f5b1c8a1SJohn Marino int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp); 194f5b1c8a1SJohn Marino TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp, 195f5b1c8a1SJohn Marino long length); 196f5b1c8a1SJohn Marino TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a); 197f5b1c8a1SJohn Marino 198f5b1c8a1SJohn Marino ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void); 199f5b1c8a1SJohn Marino void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a); 200f5b1c8a1SJohn Marino int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, 201f5b1c8a1SJohn Marino unsigned char **pp); 202f5b1c8a1SJohn Marino ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a, 203f5b1c8a1SJohn Marino const unsigned char **pp, long length); 204f5b1c8a1SJohn Marino ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a); 205f5b1c8a1SJohn Marino 206f5b1c8a1SJohn Marino ESS_CERT_ID *ESS_CERT_ID_new(void); 207f5b1c8a1SJohn Marino void ESS_CERT_ID_free(ESS_CERT_ID *a); 208f5b1c8a1SJohn Marino int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp); 209f5b1c8a1SJohn Marino ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp, 210f5b1c8a1SJohn Marino long length); 211f5b1c8a1SJohn Marino ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a); 212f5b1c8a1SJohn Marino 213f5b1c8a1SJohn Marino ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void); 214f5b1c8a1SJohn Marino void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a); 215f5b1c8a1SJohn Marino int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, 216f5b1c8a1SJohn Marino unsigned char **pp); 217f5b1c8a1SJohn Marino ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a, 218f5b1c8a1SJohn Marino const unsigned char **pp, long length); 219f5b1c8a1SJohn Marino ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a); 220f5b1c8a1SJohn Marino 221f5b1c8a1SJohn Marino int TS_REQ_set_version(TS_REQ *a, long version); 222f5b1c8a1SJohn Marino long TS_REQ_get_version(const TS_REQ *a); 223f5b1c8a1SJohn Marino 224f5b1c8a1SJohn Marino int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint); 225f5b1c8a1SJohn Marino TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a); 226f5b1c8a1SJohn Marino 227f5b1c8a1SJohn Marino int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg); 228f5b1c8a1SJohn Marino X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a); 229f5b1c8a1SJohn Marino 230f5b1c8a1SJohn Marino int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len); 231f5b1c8a1SJohn Marino ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a); 232f5b1c8a1SJohn Marino 23372c33676SMaxim Ag int TS_REQ_set_policy_id(TS_REQ *a, const ASN1_OBJECT *policy); 234f5b1c8a1SJohn Marino ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a); 235f5b1c8a1SJohn Marino 236f5b1c8a1SJohn Marino int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce); 237f5b1c8a1SJohn Marino const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a); 238f5b1c8a1SJohn Marino 239f5b1c8a1SJohn Marino int TS_REQ_set_cert_req(TS_REQ *a, int cert_req); 240f5b1c8a1SJohn Marino int TS_REQ_get_cert_req(const TS_REQ *a); 241f5b1c8a1SJohn Marino 242f5b1c8a1SJohn Marino STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a); 243f5b1c8a1SJohn Marino void TS_REQ_ext_free(TS_REQ *a); 244f5b1c8a1SJohn Marino int TS_REQ_get_ext_count(TS_REQ *a); 245f5b1c8a1SJohn Marino int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos); 24672c33676SMaxim Ag int TS_REQ_get_ext_by_OBJ(TS_REQ *a, const ASN1_OBJECT *obj, int lastpos); 247f5b1c8a1SJohn Marino int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos); 248f5b1c8a1SJohn Marino X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc); 249f5b1c8a1SJohn Marino X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc); 250f5b1c8a1SJohn Marino int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc); 251f5b1c8a1SJohn Marino void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx); 252f5b1c8a1SJohn Marino 253f5b1c8a1SJohn Marino /* Function declarations for TS_REQ defined in ts/ts_req_print.c */ 254f5b1c8a1SJohn Marino 255f5b1c8a1SJohn Marino int TS_REQ_print_bio(BIO *bio, TS_REQ *a); 256f5b1c8a1SJohn Marino 257*de0e0e4dSAntonio Huete Jimenez /* Function declarations for TS_RESP defined in ts/ts_rsp_utils.c */ 258f5b1c8a1SJohn Marino 259f5b1c8a1SJohn Marino int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info); 260f5b1c8a1SJohn Marino TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a); 261f5b1c8a1SJohn Marino 262*de0e0e4dSAntonio Huete Jimenez const ASN1_UTF8STRING *TS_STATUS_INFO_get0_failure_info(const TS_STATUS_INFO *si); 263*de0e0e4dSAntonio Huete Jimenez const STACK_OF(ASN1_UTF8STRING) * 264*de0e0e4dSAntonio Huete Jimenez TS_STATUS_INFO_get0_text(const TS_STATUS_INFO *si); 265*de0e0e4dSAntonio Huete Jimenez const ASN1_INTEGER *TS_STATUS_INFO_get0_status(const TS_STATUS_INFO *si); 266*de0e0e4dSAntonio Huete Jimenez int TS_STATUS_INFO_set_status(TS_STATUS_INFO *si, int i); 267*de0e0e4dSAntonio Huete Jimenez 268f5b1c8a1SJohn Marino /* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */ 269f5b1c8a1SJohn Marino void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info); 270f5b1c8a1SJohn Marino PKCS7 *TS_RESP_get_token(TS_RESP *a); 271f5b1c8a1SJohn Marino TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a); 272f5b1c8a1SJohn Marino 273f5b1c8a1SJohn Marino int TS_TST_INFO_set_version(TS_TST_INFO *a, long version); 274f5b1c8a1SJohn Marino long TS_TST_INFO_get_version(const TS_TST_INFO *a); 275f5b1c8a1SJohn Marino 276f5b1c8a1SJohn Marino int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id); 277f5b1c8a1SJohn Marino ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a); 278f5b1c8a1SJohn Marino 279f5b1c8a1SJohn Marino int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint); 280f5b1c8a1SJohn Marino TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a); 281f5b1c8a1SJohn Marino 282f5b1c8a1SJohn Marino int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial); 283f5b1c8a1SJohn Marino const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a); 284f5b1c8a1SJohn Marino 285f5b1c8a1SJohn Marino int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime); 286f5b1c8a1SJohn Marino const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a); 287f5b1c8a1SJohn Marino 288f5b1c8a1SJohn Marino int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy); 289f5b1c8a1SJohn Marino TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a); 290f5b1c8a1SJohn Marino 291f5b1c8a1SJohn Marino int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds); 292f5b1c8a1SJohn Marino const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a); 293f5b1c8a1SJohn Marino 294f5b1c8a1SJohn Marino int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis); 295f5b1c8a1SJohn Marino const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a); 296f5b1c8a1SJohn Marino 297f5b1c8a1SJohn Marino int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros); 298f5b1c8a1SJohn Marino const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a); 299f5b1c8a1SJohn Marino 300f5b1c8a1SJohn Marino int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering); 301f5b1c8a1SJohn Marino int TS_TST_INFO_get_ordering(const TS_TST_INFO *a); 302f5b1c8a1SJohn Marino 303f5b1c8a1SJohn Marino int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce); 304f5b1c8a1SJohn Marino const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a); 305f5b1c8a1SJohn Marino 306f5b1c8a1SJohn Marino int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa); 307f5b1c8a1SJohn Marino GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a); 308f5b1c8a1SJohn Marino 309f5b1c8a1SJohn Marino STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a); 310f5b1c8a1SJohn Marino void TS_TST_INFO_ext_free(TS_TST_INFO *a); 311f5b1c8a1SJohn Marino int TS_TST_INFO_get_ext_count(TS_TST_INFO *a); 312f5b1c8a1SJohn Marino int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos); 31372c33676SMaxim Ag int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, const ASN1_OBJECT *obj, 31472c33676SMaxim Ag int lastpos); 315f5b1c8a1SJohn Marino int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos); 316f5b1c8a1SJohn Marino X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc); 317f5b1c8a1SJohn Marino X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc); 318f5b1c8a1SJohn Marino int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc); 319f5b1c8a1SJohn Marino void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx); 320f5b1c8a1SJohn Marino 321*de0e0e4dSAntonio Huete Jimenez /* Declarations related to response generation, defined in ts/ts_rsp_sign.c. */ 322f5b1c8a1SJohn Marino 323f5b1c8a1SJohn Marino /* Optional flags for response generation. */ 324f5b1c8a1SJohn Marino 325f5b1c8a1SJohn Marino /* Don't include the TSA name in response. */ 326f5b1c8a1SJohn Marino #define TS_TSA_NAME 0x01 327f5b1c8a1SJohn Marino 328f5b1c8a1SJohn Marino /* Set ordering to true in response. */ 329f5b1c8a1SJohn Marino #define TS_ORDERING 0x02 330f5b1c8a1SJohn Marino 331f5b1c8a1SJohn Marino /* 332f5b1c8a1SJohn Marino * Include the signer certificate and the other specified certificates in 333f5b1c8a1SJohn Marino * the ESS signing certificate attribute beside the PKCS7 signed data. 334f5b1c8a1SJohn Marino * Only the signer certificates is included by default. 335f5b1c8a1SJohn Marino */ 336f5b1c8a1SJohn Marino #define TS_ESS_CERT_ID_CHAIN 0x04 337f5b1c8a1SJohn Marino 338f5b1c8a1SJohn Marino /* Forward declaration. */ 339f5b1c8a1SJohn Marino struct TS_resp_ctx; 340f5b1c8a1SJohn Marino 341f5b1c8a1SJohn Marino /* This must return a unique number less than 160 bits long. */ 342f5b1c8a1SJohn Marino typedef ASN1_INTEGER *(*TS_serial_cb)(struct TS_resp_ctx *, void *); 343f5b1c8a1SJohn Marino 344f5b1c8a1SJohn Marino /* This must return the seconds and microseconds since Jan 1, 1970 in 345f5b1c8a1SJohn Marino the sec and usec variables allocated by the caller. 346f5b1c8a1SJohn Marino Return non-zero for success and zero for failure. */ 347f5b1c8a1SJohn Marino typedef int (*TS_time_cb)(struct TS_resp_ctx *, void *, time_t *sec, long *usec); 348f5b1c8a1SJohn Marino 349f5b1c8a1SJohn Marino /* This must process the given extension. 350f5b1c8a1SJohn Marino * It can modify the TS_TST_INFO object of the context. 351f5b1c8a1SJohn Marino * Return values: !0 (processed), 0 (error, it must set the 352f5b1c8a1SJohn Marino * status info/failure info of the response). 353f5b1c8a1SJohn Marino */ 354f5b1c8a1SJohn Marino typedef int (*TS_extension_cb)(struct TS_resp_ctx *, X509_EXTENSION *, void *); 355f5b1c8a1SJohn Marino 356*de0e0e4dSAntonio Huete Jimenez typedef struct TS_resp_ctx TS_RESP_CTX; 357f5b1c8a1SJohn Marino 358f5b1c8a1SJohn Marino DECLARE_STACK_OF(EVP_MD) 359f5b1c8a1SJohn Marino 360f5b1c8a1SJohn Marino /* Creates a response context that can be used for generating responses. */ 361f5b1c8a1SJohn Marino TS_RESP_CTX *TS_RESP_CTX_new(void); 362f5b1c8a1SJohn Marino void TS_RESP_CTX_free(TS_RESP_CTX *ctx); 363f5b1c8a1SJohn Marino 364f5b1c8a1SJohn Marino /* This parameter must be set. */ 365f5b1c8a1SJohn Marino int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer); 366f5b1c8a1SJohn Marino 367f5b1c8a1SJohn Marino /* This parameter must be set. */ 368f5b1c8a1SJohn Marino int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key); 369f5b1c8a1SJohn Marino 370f5b1c8a1SJohn Marino /* This parameter must be set. */ 37172c33676SMaxim Ag int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *def_policy); 372f5b1c8a1SJohn Marino 373f5b1c8a1SJohn Marino /* No additional certs are included in the response by default. */ 374f5b1c8a1SJohn Marino int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs); 375f5b1c8a1SJohn Marino 376f5b1c8a1SJohn Marino /* Adds a new acceptable policy, only the default policy 377f5b1c8a1SJohn Marino is accepted by default. */ 37872c33676SMaxim Ag int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *policy); 379f5b1c8a1SJohn Marino 380f5b1c8a1SJohn Marino /* Adds a new acceptable message digest. Note that no message digests 381f5b1c8a1SJohn Marino are accepted by default. The md argument is shared with the caller. */ 382f5b1c8a1SJohn Marino int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md); 383f5b1c8a1SJohn Marino 384f5b1c8a1SJohn Marino /* Accuracy is not included by default. */ 385f5b1c8a1SJohn Marino int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx, 386f5b1c8a1SJohn Marino int secs, int millis, int micros); 387f5b1c8a1SJohn Marino 388f5b1c8a1SJohn Marino /* Clock precision digits, i.e. the number of decimal digits: 389f5b1c8a1SJohn Marino '0' means sec, '3' msec, '6' usec, and so on. Default is 0. */ 390f5b1c8a1SJohn Marino int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx, 391f5b1c8a1SJohn Marino unsigned clock_precision_digits); 392f5b1c8a1SJohn Marino /* At most we accept usec precision. */ 393f5b1c8a1SJohn Marino #define TS_MAX_CLOCK_PRECISION_DIGITS 6 394f5b1c8a1SJohn Marino 395f5b1c8a1SJohn Marino /* No flags are set by default. */ 396f5b1c8a1SJohn Marino void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags); 397f5b1c8a1SJohn Marino 398f5b1c8a1SJohn Marino /* Default callback always returns a constant. */ 399f5b1c8a1SJohn Marino void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data); 400f5b1c8a1SJohn Marino 401*de0e0e4dSAntonio Huete Jimenez /* Default callback uses gettimeofday() and gmtime(). */ 402*de0e0e4dSAntonio Huete Jimenez void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data); 403*de0e0e4dSAntonio Huete Jimenez 404f5b1c8a1SJohn Marino /* Default callback rejects all extensions. The extension callback is called 405f5b1c8a1SJohn Marino * when the TS_TST_INFO object is already set up and not signed yet. */ 406f5b1c8a1SJohn Marino /* FIXME: extension handling is not tested yet. */ 407f5b1c8a1SJohn Marino void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx, 408f5b1c8a1SJohn Marino TS_extension_cb cb, void *data); 409f5b1c8a1SJohn Marino 410f5b1c8a1SJohn Marino /* The following methods can be used in the callbacks. */ 411f5b1c8a1SJohn Marino int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx, 412f5b1c8a1SJohn Marino int status, const char *text); 413f5b1c8a1SJohn Marino 414f5b1c8a1SJohn Marino /* Sets the status info only if it is still TS_STATUS_GRANTED. */ 415f5b1c8a1SJohn Marino int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx, 416f5b1c8a1SJohn Marino int status, const char *text); 417f5b1c8a1SJohn Marino 418f5b1c8a1SJohn Marino int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure); 419f5b1c8a1SJohn Marino 420f5b1c8a1SJohn Marino /* The get methods below can be used in the extension callback. */ 421f5b1c8a1SJohn Marino TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx); 422f5b1c8a1SJohn Marino 423f5b1c8a1SJohn Marino TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx); 424f5b1c8a1SJohn Marino 425f5b1c8a1SJohn Marino /* 426f5b1c8a1SJohn Marino * Creates the signed TS_TST_INFO and puts it in TS_RESP. 427f5b1c8a1SJohn Marino * In case of errors it sets the status info properly. 428f5b1c8a1SJohn Marino * Returns NULL only in case of memory allocation/fatal error. 429f5b1c8a1SJohn Marino */ 430f5b1c8a1SJohn Marino TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio); 431f5b1c8a1SJohn Marino 432f5b1c8a1SJohn Marino /* 433f5b1c8a1SJohn Marino * Declarations related to response verification, 434*de0e0e4dSAntonio Huete Jimenez * they are defined in ts/ts_rsp_verify.c. 435f5b1c8a1SJohn Marino */ 436f5b1c8a1SJohn Marino 437f5b1c8a1SJohn Marino int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs, 438f5b1c8a1SJohn Marino X509_STORE *store, X509 **signer_out); 439f5b1c8a1SJohn Marino 440f5b1c8a1SJohn Marino /* Context structure for the generic verify method. */ 441f5b1c8a1SJohn Marino 442f5b1c8a1SJohn Marino /* Verify the signer's certificate and the signature of the response. */ 443f5b1c8a1SJohn Marino #define TS_VFY_SIGNATURE (1u << 0) 444f5b1c8a1SJohn Marino /* Verify the version number of the response. */ 445f5b1c8a1SJohn Marino #define TS_VFY_VERSION (1u << 1) 446f5b1c8a1SJohn Marino /* Verify if the policy supplied by the user matches the policy of the TSA. */ 447f5b1c8a1SJohn Marino #define TS_VFY_POLICY (1u << 2) 448f5b1c8a1SJohn Marino /* Verify the message imprint provided by the user. This flag should not be 449f5b1c8a1SJohn Marino specified with TS_VFY_DATA. */ 450f5b1c8a1SJohn Marino #define TS_VFY_IMPRINT (1u << 3) 451f5b1c8a1SJohn Marino /* Verify the message imprint computed by the verify method from the user 452f5b1c8a1SJohn Marino provided data and the MD algorithm of the response. This flag should not be 453f5b1c8a1SJohn Marino specified with TS_VFY_IMPRINT. */ 454f5b1c8a1SJohn Marino #define TS_VFY_DATA (1u << 4) 455f5b1c8a1SJohn Marino /* Verify the nonce value. */ 456f5b1c8a1SJohn Marino #define TS_VFY_NONCE (1u << 5) 457f5b1c8a1SJohn Marino /* Verify if the TSA name field matches the signer certificate. */ 458f5b1c8a1SJohn Marino #define TS_VFY_SIGNER (1u << 6) 459f5b1c8a1SJohn Marino /* Verify if the TSA name field equals to the user provided name. */ 460f5b1c8a1SJohn Marino #define TS_VFY_TSA_NAME (1u << 7) 461f5b1c8a1SJohn Marino 462f5b1c8a1SJohn Marino /* You can use the following convenience constants. */ 463f5b1c8a1SJohn Marino #define TS_VFY_ALL_IMPRINT (TS_VFY_SIGNATURE \ 464f5b1c8a1SJohn Marino | TS_VFY_VERSION \ 465f5b1c8a1SJohn Marino | TS_VFY_POLICY \ 466f5b1c8a1SJohn Marino | TS_VFY_IMPRINT \ 467f5b1c8a1SJohn Marino | TS_VFY_NONCE \ 468f5b1c8a1SJohn Marino | TS_VFY_SIGNER \ 469f5b1c8a1SJohn Marino | TS_VFY_TSA_NAME) 470f5b1c8a1SJohn Marino #define TS_VFY_ALL_DATA (TS_VFY_SIGNATURE \ 471f5b1c8a1SJohn Marino | TS_VFY_VERSION \ 472f5b1c8a1SJohn Marino | TS_VFY_POLICY \ 473f5b1c8a1SJohn Marino | TS_VFY_DATA \ 474f5b1c8a1SJohn Marino | TS_VFY_NONCE \ 475f5b1c8a1SJohn Marino | TS_VFY_SIGNER \ 476f5b1c8a1SJohn Marino | TS_VFY_TSA_NAME) 477f5b1c8a1SJohn Marino 478*de0e0e4dSAntonio Huete Jimenez typedef struct TS_verify_ctx TS_VERIFY_CTX; 479f5b1c8a1SJohn Marino 480f5b1c8a1SJohn Marino int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response); 481f5b1c8a1SJohn Marino int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token); 482f5b1c8a1SJohn Marino 483f5b1c8a1SJohn Marino /* 484f5b1c8a1SJohn Marino * Declarations related to response verification context, 485f5b1c8a1SJohn Marino * they are defined in ts/ts_verify_ctx.c. 486f5b1c8a1SJohn Marino */ 487f5b1c8a1SJohn Marino 488f5b1c8a1SJohn Marino /* Set all fields to zero. */ 489f5b1c8a1SJohn Marino TS_VERIFY_CTX *TS_VERIFY_CTX_new(void); 490f5b1c8a1SJohn Marino void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx); 491f5b1c8a1SJohn Marino void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx); 492f5b1c8a1SJohn Marino void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx); 493f5b1c8a1SJohn Marino 494*de0e0e4dSAntonio Huete Jimenez int TS_VERIFY_CTX_add_flags(TS_VERIFY_CTX *ctx, int flags); 495*de0e0e4dSAntonio Huete Jimenez int TS_VERIFY_CTX_set_flags(TS_VERIFY_CTX *ctx, int flags); 496*de0e0e4dSAntonio Huete Jimenez BIO *TS_VERIFY_CTX_set_data(TS_VERIFY_CTX *ctx, BIO *bio); 497*de0e0e4dSAntonio Huete Jimenez X509_STORE *TS_VERIFY_CTX_set_store(TS_VERIFY_CTX *ctx, X509_STORE *store); 498*de0e0e4dSAntonio Huete Jimenez /* R$ special */ 499*de0e0e4dSAntonio Huete Jimenez #define TS_VERIFY_CTS_set_certs TS_VERIFY_CTX_set_certs 500*de0e0e4dSAntonio Huete Jimenez STACK_OF(X509) *TS_VERIFY_CTX_set_certs(TS_VERIFY_CTX *ctx, 501*de0e0e4dSAntonio Huete Jimenez STACK_OF(X509) *certs); 502*de0e0e4dSAntonio Huete Jimenez unsigned char *TS_VERIFY_CTX_set_imprint(TS_VERIFY_CTX *ctx, 503*de0e0e4dSAntonio Huete Jimenez unsigned char *imprint, long imprint_len); 504*de0e0e4dSAntonio Huete Jimenez 505f5b1c8a1SJohn Marino /* 506f5b1c8a1SJohn Marino * If ctx is NULL, it allocates and returns a new object, otherwise 507f5b1c8a1SJohn Marino * it returns ctx. It initialises all the members as follows: 508f5b1c8a1SJohn Marino * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE) 509f5b1c8a1SJohn Marino * certs = NULL 510f5b1c8a1SJohn Marino * store = NULL 511f5b1c8a1SJohn Marino * policy = policy from the request or NULL if absent (in this case 512f5b1c8a1SJohn Marino * TS_VFY_POLICY is cleared from flags as well) 513f5b1c8a1SJohn Marino * md_alg = MD algorithm from request 514f5b1c8a1SJohn Marino * imprint, imprint_len = imprint from request 515f5b1c8a1SJohn Marino * data = NULL 516f5b1c8a1SJohn Marino * nonce, nonce_len = nonce from the request or NULL if absent (in this case 517f5b1c8a1SJohn Marino * TS_VFY_NONCE is cleared from flags as well) 518f5b1c8a1SJohn Marino * tsa_name = NULL 519f5b1c8a1SJohn Marino * Important: after calling this method TS_VFY_SIGNATURE should be added! 520f5b1c8a1SJohn Marino */ 521f5b1c8a1SJohn Marino TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx); 522f5b1c8a1SJohn Marino 523*de0e0e4dSAntonio Huete Jimenez /* Function declarations for TS_RESP defined in ts/ts_rsp_print.c */ 524f5b1c8a1SJohn Marino 525f5b1c8a1SJohn Marino int TS_RESP_print_bio(BIO *bio, TS_RESP *a); 526f5b1c8a1SJohn Marino int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a); 527f5b1c8a1SJohn Marino int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a); 528f5b1c8a1SJohn Marino 529f5b1c8a1SJohn Marino /* Common utility functions defined in ts/ts_lib.c */ 530f5b1c8a1SJohn Marino 531f5b1c8a1SJohn Marino int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num); 532f5b1c8a1SJohn Marino int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj); 533f5b1c8a1SJohn Marino int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions); 534f5b1c8a1SJohn Marino int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg); 535f5b1c8a1SJohn Marino int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg); 536f5b1c8a1SJohn Marino 537f5b1c8a1SJohn Marino /* Function declarations for handling configuration options, 538f5b1c8a1SJohn Marino defined in ts/ts_conf.c */ 539f5b1c8a1SJohn Marino 540f5b1c8a1SJohn Marino X509 *TS_CONF_load_cert(const char *file); 541f5b1c8a1SJohn Marino STACK_OF(X509) *TS_CONF_load_certs(const char *file); 542f5b1c8a1SJohn Marino EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass); 543f5b1c8a1SJohn Marino const char *TS_CONF_get_tsa_section(CONF *conf, const char *section); 544f5b1c8a1SJohn Marino int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb, 545f5b1c8a1SJohn Marino TS_RESP_CTX *ctx); 546f5b1c8a1SJohn Marino int TS_CONF_set_crypto_device(CONF *conf, const char *section, 547f5b1c8a1SJohn Marino const char *device); 548f5b1c8a1SJohn Marino int TS_CONF_set_default_engine(const char *name); 549f5b1c8a1SJohn Marino int TS_CONF_set_signer_cert(CONF *conf, const char *section, 550f5b1c8a1SJohn Marino const char *cert, TS_RESP_CTX *ctx); 551f5b1c8a1SJohn Marino int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs, 552f5b1c8a1SJohn Marino TS_RESP_CTX *ctx); 553f5b1c8a1SJohn Marino int TS_CONF_set_signer_key(CONF *conf, const char *section, 554f5b1c8a1SJohn Marino const char *key, const char *pass, TS_RESP_CTX *ctx); 555f5b1c8a1SJohn Marino int TS_CONF_set_def_policy(CONF *conf, const char *section, 556f5b1c8a1SJohn Marino const char *policy, TS_RESP_CTX *ctx); 557f5b1c8a1SJohn Marino int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx); 558f5b1c8a1SJohn Marino int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx); 559f5b1c8a1SJohn Marino int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx); 560f5b1c8a1SJohn Marino int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section, 561f5b1c8a1SJohn Marino TS_RESP_CTX *ctx); 562f5b1c8a1SJohn Marino int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx); 563f5b1c8a1SJohn Marino int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx); 564f5b1c8a1SJohn Marino int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section, 565f5b1c8a1SJohn Marino TS_RESP_CTX *ctx); 566f5b1c8a1SJohn Marino 567f5b1c8a1SJohn Marino void ERR_load_TS_strings(void); 568f5b1c8a1SJohn Marino 569f5b1c8a1SJohn Marino /* Error codes for the TS functions. */ 570f5b1c8a1SJohn Marino 571f5b1c8a1SJohn Marino /* Function codes. */ 572f5b1c8a1SJohn Marino #define TS_F_D2I_TS_RESP 147 573f5b1c8a1SJohn Marino #define TS_F_DEF_SERIAL_CB 110 574f5b1c8a1SJohn Marino #define TS_F_DEF_TIME_CB 111 575f5b1c8a1SJohn Marino #define TS_F_ESS_ADD_SIGNING_CERT 112 576f5b1c8a1SJohn Marino #define TS_F_ESS_CERT_ID_NEW_INIT 113 577f5b1c8a1SJohn Marino #define TS_F_ESS_SIGNING_CERT_NEW_INIT 114 578f5b1c8a1SJohn Marino #define TS_F_INT_TS_RESP_VERIFY_TOKEN 149 579f5b1c8a1SJohn Marino #define TS_F_PKCS7_TO_TS_TST_INFO 148 580f5b1c8a1SJohn Marino #define TS_F_TS_ACCURACY_SET_MICROS 115 581f5b1c8a1SJohn Marino #define TS_F_TS_ACCURACY_SET_MILLIS 116 582f5b1c8a1SJohn Marino #define TS_F_TS_ACCURACY_SET_SECONDS 117 583f5b1c8a1SJohn Marino #define TS_F_TS_CHECK_IMPRINTS 100 584f5b1c8a1SJohn Marino #define TS_F_TS_CHECK_NONCES 101 585f5b1c8a1SJohn Marino #define TS_F_TS_CHECK_POLICY 102 586f5b1c8a1SJohn Marino #define TS_F_TS_CHECK_SIGNING_CERTS 103 587f5b1c8a1SJohn Marino #define TS_F_TS_CHECK_STATUS_INFO 104 588f5b1c8a1SJohn Marino #define TS_F_TS_COMPUTE_IMPRINT 145 589f5b1c8a1SJohn Marino #define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146 590f5b1c8a1SJohn Marino #define TS_F_TS_GET_STATUS_TEXT 105 591f5b1c8a1SJohn Marino #define TS_F_TS_MSG_IMPRINT_SET_ALGO 118 592f5b1c8a1SJohn Marino #define TS_F_TS_REQ_SET_MSG_IMPRINT 119 593f5b1c8a1SJohn Marino #define TS_F_TS_REQ_SET_NONCE 120 594f5b1c8a1SJohn Marino #define TS_F_TS_REQ_SET_POLICY_ID 121 595f5b1c8a1SJohn Marino #define TS_F_TS_RESP_CREATE_RESPONSE 122 596f5b1c8a1SJohn Marino #define TS_F_TS_RESP_CREATE_TST_INFO 123 597f5b1c8a1SJohn Marino #define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124 598f5b1c8a1SJohn Marino #define TS_F_TS_RESP_CTX_ADD_MD 125 599f5b1c8a1SJohn Marino #define TS_F_TS_RESP_CTX_ADD_POLICY 126 600f5b1c8a1SJohn Marino #define TS_F_TS_RESP_CTX_NEW 127 601f5b1c8a1SJohn Marino #define TS_F_TS_RESP_CTX_SET_ACCURACY 128 602f5b1c8a1SJohn Marino #define TS_F_TS_RESP_CTX_SET_CERTS 129 603f5b1c8a1SJohn Marino #define TS_F_TS_RESP_CTX_SET_DEF_POLICY 130 604f5b1c8a1SJohn Marino #define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131 605f5b1c8a1SJohn Marino #define TS_F_TS_RESP_CTX_SET_STATUS_INFO 132 606f5b1c8a1SJohn Marino #define TS_F_TS_RESP_GET_POLICY 133 607f5b1c8a1SJohn Marino #define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134 608f5b1c8a1SJohn Marino #define TS_F_TS_RESP_SET_STATUS_INFO 135 609f5b1c8a1SJohn Marino #define TS_F_TS_RESP_SET_TST_INFO 150 610f5b1c8a1SJohn Marino #define TS_F_TS_RESP_SIGN 136 611f5b1c8a1SJohn Marino #define TS_F_TS_RESP_VERIFY_SIGNATURE 106 612f5b1c8a1SJohn Marino #define TS_F_TS_RESP_VERIFY_TOKEN 107 613f5b1c8a1SJohn Marino #define TS_F_TS_TST_INFO_SET_ACCURACY 137 614f5b1c8a1SJohn Marino #define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138 615f5b1c8a1SJohn Marino #define TS_F_TS_TST_INFO_SET_NONCE 139 616f5b1c8a1SJohn Marino #define TS_F_TS_TST_INFO_SET_POLICY_ID 140 617f5b1c8a1SJohn Marino #define TS_F_TS_TST_INFO_SET_SERIAL 141 618f5b1c8a1SJohn Marino #define TS_F_TS_TST_INFO_SET_TIME 142 619f5b1c8a1SJohn Marino #define TS_F_TS_TST_INFO_SET_TSA 143 620f5b1c8a1SJohn Marino #define TS_F_TS_VERIFY 108 621f5b1c8a1SJohn Marino #define TS_F_TS_VERIFY_CERT 109 622f5b1c8a1SJohn Marino #define TS_F_TS_VERIFY_CTX_NEW 144 623f5b1c8a1SJohn Marino 624f5b1c8a1SJohn Marino /* Reason codes. */ 625f5b1c8a1SJohn Marino #define TS_R_BAD_PKCS7_TYPE 132 626f5b1c8a1SJohn Marino #define TS_R_BAD_TYPE 133 627f5b1c8a1SJohn Marino #define TS_R_CERTIFICATE_VERIFY_ERROR 100 628f5b1c8a1SJohn Marino #define TS_R_COULD_NOT_SET_ENGINE 127 629f5b1c8a1SJohn Marino #define TS_R_COULD_NOT_SET_TIME 115 630f5b1c8a1SJohn Marino #define TS_R_D2I_TS_RESP_INT_FAILED 128 631f5b1c8a1SJohn Marino #define TS_R_DETACHED_CONTENT 134 632f5b1c8a1SJohn Marino #define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116 633f5b1c8a1SJohn Marino #define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101 634f5b1c8a1SJohn Marino #define TS_R_INVALID_NULL_POINTER 102 635f5b1c8a1SJohn Marino #define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117 636f5b1c8a1SJohn Marino #define TS_R_MESSAGE_IMPRINT_MISMATCH 103 637f5b1c8a1SJohn Marino #define TS_R_NONCE_MISMATCH 104 638f5b1c8a1SJohn Marino #define TS_R_NONCE_NOT_RETURNED 105 639f5b1c8a1SJohn Marino #define TS_R_NO_CONTENT 106 640f5b1c8a1SJohn Marino #define TS_R_NO_TIME_STAMP_TOKEN 107 641f5b1c8a1SJohn Marino #define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118 642f5b1c8a1SJohn Marino #define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119 643f5b1c8a1SJohn Marino #define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129 644f5b1c8a1SJohn Marino #define TS_R_POLICY_MISMATCH 108 645f5b1c8a1SJohn Marino #define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120 646f5b1c8a1SJohn Marino #define TS_R_RESPONSE_SETUP_ERROR 121 647f5b1c8a1SJohn Marino #define TS_R_SIGNATURE_FAILURE 109 648f5b1c8a1SJohn Marino #define TS_R_THERE_MUST_BE_ONE_SIGNER 110 649f5b1c8a1SJohn Marino #define TS_R_TIME_SYSCALL_ERROR 122 650f5b1c8a1SJohn Marino #define TS_R_TOKEN_NOT_PRESENT 130 651f5b1c8a1SJohn Marino #define TS_R_TOKEN_PRESENT 131 652f5b1c8a1SJohn Marino #define TS_R_TSA_NAME_MISMATCH 111 653f5b1c8a1SJohn Marino #define TS_R_TSA_UNTRUSTED 112 654f5b1c8a1SJohn Marino #define TS_R_TST_INFO_SETUP_ERROR 123 655f5b1c8a1SJohn Marino #define TS_R_TS_DATASIGN 124 656f5b1c8a1SJohn Marino #define TS_R_UNACCEPTABLE_POLICY 125 657f5b1c8a1SJohn Marino #define TS_R_UNSUPPORTED_MD_ALGORITHM 126 658f5b1c8a1SJohn Marino #define TS_R_UNSUPPORTED_VERSION 113 659f5b1c8a1SJohn Marino #define TS_R_WRONG_CONTENT_TYPE 114 660f5b1c8a1SJohn Marino 661f5b1c8a1SJohn Marino #ifdef __cplusplus 662f5b1c8a1SJohn Marino } 663f5b1c8a1SJohn Marino #endif 664f5b1c8a1SJohn Marino #endif 665