1*b077aed3SPierre Pronchery=pod 2*b077aed3SPierre Pronchery 3*b077aed3SPierre Pronchery=head1 NAME 4*b077aed3SPierre Pronchery 5*b077aed3SPierre Proncheryossl_cmp_certresponse_get1_cert, 6*b077aed3SPierre Proncheryossl_cmp_pkisi_get_status, 7*b077aed3SPierre Proncheryossl_cmp_PKIStatus_to_string, 8*b077aed3SPierre Proncheryossl_cmp_pkisi_get0_statusString, 9*b077aed3SPierre Proncheryossl_cmp_pkisi_get_pkifailureinfo, 10*b077aed3SPierre Proncheryossl_cmp_pkisi_check_pkifailureinfo 11*b077aed3SPierre Pronchery- functions for managing PKI status information 12*b077aed3SPierre Pronchery 13*b077aed3SPierre Pronchery=head1 SYNOPSIS 14*b077aed3SPierre Pronchery 15*b077aed3SPierre Pronchery #include "cmp.h" 16*b077aed3SPierre Pronchery 17*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_badAlg 0 18*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_badMessageCheck 1 19*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_badRequest 2 20*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_badTime 3 21*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_badCertId 4 22*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_badDataFormat 5 23*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_wrongAuthority 6 24*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_incorrectData 7 25*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_missingTimeStamp 8 26*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_badPOP 9 27*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_certRevoked 10 28*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_certConfirmed 11 29*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_wrongIntegrity 12 30*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_badRecipientNonce 13 31*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_timeNotAvailable 14 32*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_unacceptedPolicy 15 33*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_unacceptedExtension 16 34*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_addInfoNotAvailable 17 35*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_badSenderNonce 18 36*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_badCertTemplate 19 37*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_signerNotTrusted 20 38*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_transactionIdInUse 21 39*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_unsupportedVersion 22 40*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_notAuthorized 23 41*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_systemUnavail 24 42*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_systemFailure 25 43*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_duplicateCertReq 26 44*b077aed3SPierre Pronchery# define OSSL_CMP_PKIFAILUREINFO_MAX 26 45*b077aed3SPierre Pronchery 46*b077aed3SPierre Pronchery X509 *ossl_cmp_certresponse_get1_cert(const OSSL_CMP_CTX *ctx, 47*b077aed3SPierre Pronchery const OSSL_CMP_CERTRESPONSE *crep); 48*b077aed3SPierre Pronchery int ossl_cmp_pkisi_get_status(const OSSL_CMP_PKISI *si); 49*b077aed3SPierre Pronchery const char *ossl_cmp_PKIStatus_to_string(int status); 50*b077aed3SPierre Pronchery OSSL_CMP_PKIFREETEXT *ossl_cmp_pkisi_get0_statusString(const OSSL_CMP_PKISI *si); 51*b077aed3SPierre Pronchery int ossl_cmp_pkisi_get_pkifailureinfo(const OSSL_CMP_PKISI *si); 52*b077aed3SPierre Pronchery int ossl_cmp_pkisi_check_pkifailureinfo(const OSSL_CMP_PKISI *si, int index); 53*b077aed3SPierre Pronchery 54*b077aed3SPierre Pronchery=head1 DESCRIPTION 55*b077aed3SPierre Pronchery 56*b077aed3SPierre Proncheryossl_cmp_certresponse_get1_cert() returns a pointer to a copy of the newly 57*b077aed3SPierre Proncheryenrolled certificate from the given certResponse I<crep>, or NULL on error. 58*b077aed3SPierre ProncheryUses data from I<ctx>, which in case of indirect POPO includes the private key. 59*b077aed3SPierre Pronchery 60*b077aed3SPierre Proncheryossl_cmp_pkisi_get_status() returns the PKIStatus of I<si>, or -1 on error. 61*b077aed3SPierre Pronchery 62*b077aed3SPierre Proncheryossl_cmp_PKIStatus_to_string() returns a human-readable string representing 63*b077aed3SPierre Proncherythe PKIStatus values as specified in RFC 4210, Appendix F. 64*b077aed3SPierre Pronchery 65*b077aed3SPierre Proncheryossl_cmp_pkisi_get0_statusString() returns a direct pointer to the statusString 66*b077aed3SPierre Proncheryfield contained in I<si>. 67*b077aed3SPierre Pronchery 68*b077aed3SPierre Proncheryossl_cmp_pkisi_get_pkifailureinfo() returns the PKIFailureInfo bits 69*b077aed3SPierre Proncheryof I<si>, encoded as integer, or -1 on error. 70*b077aed3SPierre Pronchery 71*b077aed3SPierre Proncheryossl_cmp_pkisi_check_pkifailureinfo() returns the state of the bit (0 or 1) 72*b077aed3SPierre Proncherywith index I<index> in the PKIFailureInfo of the I<si>, or -1 on error. 73*b077aed3SPierre Pronchery 74*b077aed3SPierre Pronchery=head1 NOTES 75*b077aed3SPierre Pronchery 76*b077aed3SPierre ProncheryCMP is defined in RFC 4210 (and CRMF in RFC 4211). 77*b077aed3SPierre Pronchery 78*b077aed3SPierre Pronchery=head1 RETURN VALUES 79*b077aed3SPierre Pronchery 80*b077aed3SPierre ProncherySee the individual functions above. 81*b077aed3SPierre Pronchery 82*b077aed3SPierre Pronchery=head1 SEE ALSO 83*b077aed3SPierre Pronchery 84*b077aed3SPierre ProncheryL<OSSL_CMP_CTX_new(3)>, L<ossl_cmp_certreq_new(3)> 85*b077aed3SPierre Pronchery 86*b077aed3SPierre Pronchery=head1 HISTORY 87*b077aed3SPierre Pronchery 88*b077aed3SPierre ProncheryThe OpenSSL CMP support was added in OpenSSL 3.0. 89*b077aed3SPierre Pronchery 90*b077aed3SPierre Pronchery=head1 COPYRIGHT 91*b077aed3SPierre Pronchery 92*b077aed3SPierre ProncheryCopyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved. 93*b077aed3SPierre Pronchery 94*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 95*b077aed3SPierre Proncherythis file except in compliance with the License. You can obtain a copy 96*b077aed3SPierre Proncheryin the file LICENSE in the source distribution or at 97*b077aed3SPierre ProncheryL<https://www.openssl.org/source/license.html>. 98*b077aed3SPierre Pronchery 99*b077aed3SPierre Pronchery=cut 100