xref: /openbsd-src/lib/libcrypto/pkcs12/pkcs12_local.h (revision a49530d730a50ca4dac4bc7514f79894aa6176d0) 
1*a49530d7Stb /* $OpenBSD: pkcs12_local.h,v 1.5 2024/03/02 10:15:16 tb Exp $ */
2e4978644Stb /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3e4978644Stb  * project 1999.
4e4978644Stb  */
5e4978644Stb /* ====================================================================
6e4978644Stb  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
7e4978644Stb  *
8e4978644Stb  * Redistribution and use in source and binary forms, with or without
9e4978644Stb  * modification, are permitted provided that the following conditions
10e4978644Stb  * are met:
11e4978644Stb  *
12e4978644Stb  * 1. Redistributions of source code must retain the above copyright
13e4978644Stb  *    notice, this list of conditions and the following disclaimer.
14e4978644Stb  *
15e4978644Stb  * 2. Redistributions in binary form must reproduce the above copyright
16e4978644Stb  *    notice, this list of conditions and the following disclaimer in
17e4978644Stb  *    the documentation and/or other materials provided with the
18e4978644Stb  *    distribution.
19e4978644Stb  *
20e4978644Stb  * 3. All advertising materials mentioning features or use of this
21e4978644Stb  *    software must display the following acknowledgment:
22e4978644Stb  *    "This product includes software developed by the OpenSSL Project
23e4978644Stb  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24e4978644Stb  *
25e4978644Stb  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26e4978644Stb  *    endorse or promote products derived from this software without
27e4978644Stb  *    prior written permission. For written permission, please contact
28e4978644Stb  *    licensing@OpenSSL.org.
29e4978644Stb  *
30e4978644Stb  * 5. Products derived from this software may not be called "OpenSSL"
31e4978644Stb  *    nor may "OpenSSL" appear in their names without prior written
32e4978644Stb  *    permission of the OpenSSL Project.
33e4978644Stb  *
34e4978644Stb  * 6. Redistributions of any form whatsoever must retain the following
35e4978644Stb  *    acknowledgment:
36e4978644Stb  *    "This product includes software developed by the OpenSSL Project
37e4978644Stb  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38e4978644Stb  *
39e4978644Stb  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40e4978644Stb  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41e4978644Stb  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42e4978644Stb  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43e4978644Stb  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44e4978644Stb  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45e4978644Stb  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46e4978644Stb  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47e4978644Stb  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48e4978644Stb  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49e4978644Stb  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50e4978644Stb  * OF THE POSSIBILITY OF SUCH DAMAGE.
51e4978644Stb  * ====================================================================
52e4978644Stb  *
53e4978644Stb  * This product includes cryptographic software written by Eric Young
54e4978644Stb  * (eay@cryptsoft.com).  This product includes software written by Tim
55e4978644Stb  * Hudson (tjh@cryptsoft.com).
56e4978644Stb  *
57e4978644Stb  */
58e4978644Stb 
59e4978644Stb #ifndef HEADER_PKCS12_LOCAL_H
60e4978644Stb #define HEADER_PKCS12_LOCAL_H
61e4978644Stb 
62e4978644Stb __BEGIN_HIDDEN_DECLS
63e4978644Stb 
6452161715Stb struct PKCS12_MAC_DATA_st {
6552161715Stb 	X509_SIG *dinfo;
6652161715Stb 	ASN1_OCTET_STRING *salt;
6752161715Stb 	ASN1_INTEGER *iter;	/* defaults to 1 */
6852161715Stb };
6952161715Stb 
7052161715Stb struct PKCS12_st {
7152161715Stb 	ASN1_INTEGER *version;
7252161715Stb 	PKCS12_MAC_DATA *mac;
7352161715Stb 	PKCS7 *authsafes;
7452161715Stb };
7552161715Stb 
7652161715Stb struct PKCS12_SAFEBAG_st {
7752161715Stb 	ASN1_OBJECT *type;
7852161715Stb 	union {
7952161715Stb 	struct pkcs12_bag_st *bag; /* secret, crl and certbag */
8052161715Stb 	struct pkcs8_priv_key_info_st	*keybag; /* keybag */
8152161715Stb 	X509_SIG *shkeybag; /* shrouded key bag */
8252161715Stb 		STACK_OF(PKCS12_SAFEBAG) *safes;
8352161715Stb 		ASN1_TYPE *other;
8452161715Stb 	} value;
8552161715Stb 	STACK_OF(X509_ATTRIBUTE) *attrib;
8652161715Stb };
8752161715Stb 
8852161715Stb struct pkcs12_bag_st {
8952161715Stb 	ASN1_OBJECT *type;
9052161715Stb 	union {
9152161715Stb 		ASN1_OCTET_STRING *x509cert;
9252161715Stb 		ASN1_OCTET_STRING *x509crl;
9352161715Stb 		ASN1_OCTET_STRING *octet;
9452161715Stb 		ASN1_IA5STRING *sdsicert;
9552161715Stb 		ASN1_TYPE *other; /* Secret or other bag */
9652161715Stb 	} value;
9752161715Stb };
9852161715Stb 
99*a49530d7Stb extern const ASN1_ITEM PKCS12_SAFEBAGS_it;
100*a49530d7Stb extern const ASN1_ITEM PKCS12_AUTHSAFES_it;
101*a49530d7Stb 
102*a49530d7Stb PKCS12_BAGS *PKCS12_BAGS_new(void);
103*a49530d7Stb void PKCS12_BAGS_free(PKCS12_BAGS *a);
104*a49530d7Stb PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, const unsigned char **in, long len);
105*a49530d7Stb int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **out);
106*a49530d7Stb extern const ASN1_ITEM PKCS12_BAGS_it;
107*a49530d7Stb 
108*a49530d7Stb PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void);
109*a49530d7Stb void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a);
110*a49530d7Stb PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, const unsigned char **in, long len);
111*a49530d7Stb int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **out);
112*a49530d7Stb extern const ASN1_ITEM PKCS12_MAC_DATA_it;
113*a49530d7Stb 
114*a49530d7Stb PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8);
115*a49530d7Stb PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8);
116*a49530d7Stb PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509);
117*a49530d7Stb PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl);
118*a49530d7Stb PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid,
119*a49530d7Stb     const char *pass, int passlen, unsigned char *salt, int saltlen, int iter,
120*a49530d7Stb     PKCS8_PRIV_KEY_INFO *p8);
121*a49530d7Stb 
122*a49530d7Stb PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
123*a49530d7Stb PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key,
124*a49530d7Stb     int key_usage, int iter, int key_nid, const char *pass);
125*a49530d7Stb int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
126*a49530d7Stb     int safe_nid, int iter, const char *pass);
127*a49530d7Stb PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
128*a49530d7Stb 
129*a49530d7Stb int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
130*a49530d7Stb     int namelen);
131*a49530d7Stb int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
132*a49530d7Stb     int namelen);
133*a49530d7Stb int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name,
134*a49530d7Stb     int namelen);
135*a49530d7Stb int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
136*a49530d7Stb     int namelen);
137*a49530d7Stb 
138*a49530d7Stb int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
139*a49530d7Stb     unsigned char *mac, unsigned int *maclen);
140*a49530d7Stb 
141*a49530d7Stb ASN1_TYPE *PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs,
142*a49530d7Stb     int attr_nid);
143*a49530d7Stb 
144*a49530d7Stb PKCS12 *PKCS12_init(int mode);
145*a49530d7Stb 
146*a49530d7Stb void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it,
147*a49530d7Stb     const char *pass, int passlen, const ASN1_OCTET_STRING *oct, int zbuf);
148*a49530d7Stb ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
149*a49530d7Stb     const ASN1_ITEM *it, const char *pass, int passlen, void *obj, int zbuf);
150*a49530d7Stb PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
151*a49530d7Stb     int nid1, int nid2);
152*a49530d7Stb 
153*a49530d7Stb int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
154*a49530d7Stb     int saltlen, int id, int iter, int n, unsigned char *out,
155*a49530d7Stb     const EVP_MD *md_type);
156*a49530d7Stb int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
157*a49530d7Stb     int saltlen, int id, int iter, int n, unsigned char *out,
158*a49530d7Stb     const EVP_MD *md_type);
159*a49530d7Stb 
160*a49530d7Stb int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
161*a49530d7Stb PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
162*a49530d7Stb PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
163*a49530d7Stb     unsigned char *salt, int saltlen, int iter, STACK_OF(PKCS12_SAFEBAG) *bags);
164*a49530d7Stb 
165*a49530d7Stb unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor, const char *pass,
166*a49530d7Stb     int passlen, const unsigned char *in, int inlen, unsigned char **data,
167*a49530d7Stb     int *datalen, int en_de);
168*a49530d7Stb 
169*a49530d7Stb int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
170*a49530d7Stb     int saltlen, const EVP_MD *md_type);
171*a49530d7Stb 
1725fd44ab7Stb /* XXX - should go into pkcs7_local.h. */
1735fd44ab7Stb ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7);
1745fd44ab7Stb 
175e4978644Stb __END_HIDDEN_DECLS
176e4978644Stb 
177a9199000Stb #endif /* !HEADER_PKCS12_LOCAL_H */
178