You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

224 lines
9.6 KiB

  1. /*
  2. * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #ifndef HEADER_PKCS12_H
  10. # define HEADER_PKCS12_H
  11. # include <openssl/bio.h>
  12. # include <openssl/x509.h>
  13. # include <openssl/pkcs12err.h>
  14. #ifdef __cplusplus
  15. extern "C" {
  16. #endif
  17. # define PKCS12_KEY_ID 1
  18. # define PKCS12_IV_ID 2
  19. # define PKCS12_MAC_ID 3
  20. /* Default iteration count */
  21. # ifndef PKCS12_DEFAULT_ITER
  22. # define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER
  23. # endif
  24. # define PKCS12_MAC_KEY_LENGTH 20
  25. # define PKCS12_SALT_LEN 8
  26. /* It's not clear if these are actually needed... */
  27. # define PKCS12_key_gen PKCS12_key_gen_utf8
  28. # define PKCS12_add_friendlyname PKCS12_add_friendlyname_utf8
  29. /* MS key usage constants */
  30. # define KEY_EX 0x10
  31. # define KEY_SIG 0x80
  32. typedef struct PKCS12_MAC_DATA_st PKCS12_MAC_DATA;
  33. typedef struct PKCS12_st PKCS12;
  34. typedef struct PKCS12_SAFEBAG_st PKCS12_SAFEBAG;
  35. DEFINE_STACK_OF(PKCS12_SAFEBAG)
  36. typedef struct pkcs12_bag_st PKCS12_BAGS;
  37. # define PKCS12_ERROR 0
  38. # define PKCS12_OK 1
  39. /* Compatibility macros */
  40. #if OPENSSL_API_COMPAT < 0x10100000L
  41. # define M_PKCS12_bag_type PKCS12_bag_type
  42. # define M_PKCS12_cert_bag_type PKCS12_cert_bag_type
  43. # define M_PKCS12_crl_bag_type PKCS12_cert_bag_type
  44. # define PKCS12_certbag2x509 PKCS12_SAFEBAG_get1_cert
  45. # define PKCS12_certbag2scrl PKCS12_SAFEBAG_get1_crl
  46. # define PKCS12_bag_type PKCS12_SAFEBAG_get_nid
  47. # define PKCS12_cert_bag_type PKCS12_SAFEBAG_get_bag_nid
  48. # define PKCS12_x5092certbag PKCS12_SAFEBAG_create_cert
  49. # define PKCS12_x509crl2certbag PKCS12_SAFEBAG_create_crl
  50. # define PKCS12_MAKE_KEYBAG PKCS12_SAFEBAG_create0_p8inf
  51. # define PKCS12_MAKE_SHKEYBAG PKCS12_SAFEBAG_create_pkcs8_encrypt
  52. #endif
  53. DEPRECATEDIN_1_1_0(ASN1_TYPE *PKCS12_get_attr(const PKCS12_SAFEBAG *bag, int attr_nid))
  54. ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, int attr_nid);
  55. int PKCS12_mac_present(const PKCS12 *p12);
  56. void PKCS12_get0_mac(const ASN1_OCTET_STRING **pmac,
  57. const X509_ALGOR **pmacalg,
  58. const ASN1_OCTET_STRING **psalt,
  59. const ASN1_INTEGER **piter,
  60. const PKCS12 *p12);
  61. const ASN1_TYPE *PKCS12_SAFEBAG_get0_attr(const PKCS12_SAFEBAG *bag,
  62. int attr_nid);
  63. const ASN1_OBJECT *PKCS12_SAFEBAG_get0_type(const PKCS12_SAFEBAG *bag);
  64. int PKCS12_SAFEBAG_get_nid(const PKCS12_SAFEBAG *bag);
  65. int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag);
  66. X509 *PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag);
  67. X509_CRL *PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag);
  68. const STACK_OF(PKCS12_SAFEBAG) *
  69. PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag);
  70. const PKCS8_PRIV_KEY_INFO *PKCS12_SAFEBAG_get0_p8inf(const PKCS12_SAFEBAG *bag);
  71. const X509_SIG *PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG *bag);
  72. PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509);
  73. PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl);
  74. PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8);
  75. PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8);
  76. PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid,
  77. const char *pass,
  78. int passlen,
  79. unsigned char *salt,
  80. int saltlen, int iter,
  81. PKCS8_PRIV_KEY_INFO *p8inf);
  82. PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
  83. int nid1, int nid2);
  84. PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(const X509_SIG *p8, const char *pass,
  85. int passlen);
  86. PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag,
  87. const char *pass, int passlen);
  88. X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
  89. const char *pass, int passlen, unsigned char *salt,
  90. int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
  91. X509_SIG *PKCS8_set0_pbe(const char *pass, int passlen,
  92. PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe);
  93. PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
  94. STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
  95. PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
  96. unsigned char *salt, int saltlen, int iter,
  97. STACK_OF(PKCS12_SAFEBAG) *bags);
  98. STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
  99. int passlen);
  100. int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
  101. STACK_OF(PKCS7) *PKCS12_unpack_authsafes(const PKCS12 *p12);
  102. int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
  103. int namelen);
  104. int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
  105. int namelen);
  106. int PKCS12_add_friendlyname_utf8(PKCS12_SAFEBAG *bag, const char *name,
  107. int namelen);
  108. int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
  109. int namelen);
  110. int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
  111. const unsigned char *name, int namelen);
  112. int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
  113. ASN1_TYPE *PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs,
  114. int attr_nid);
  115. char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
  116. const STACK_OF(X509_ATTRIBUTE) *
  117. PKCS12_SAFEBAG_get0_attrs(const PKCS12_SAFEBAG *bag);
  118. unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor,
  119. const char *pass, int passlen,
  120. const unsigned char *in, int inlen,
  121. unsigned char **data, int *datalen,
  122. int en_de);
  123. void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it,
  124. const char *pass, int passlen,
  125. const ASN1_OCTET_STRING *oct, int zbuf);
  126. ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
  127. const ASN1_ITEM *it,
  128. const char *pass, int passlen,
  129. void *obj, int zbuf);
  130. PKCS12 *PKCS12_init(int mode);
  131. int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
  132. int saltlen, int id, int iter, int n,
  133. unsigned char *out, const EVP_MD *md_type);
  134. int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
  135. int saltlen, int id, int iter, int n,
  136. unsigned char *out, const EVP_MD *md_type);
  137. int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt,
  138. int saltlen, int id, int iter, int n,
  139. unsigned char *out, const EVP_MD *md_type);
  140. int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
  141. ASN1_TYPE *param, const EVP_CIPHER *cipher,
  142. const EVP_MD *md_type, int en_de);
  143. int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
  144. unsigned char *mac, unsigned int *maclen);
  145. int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
  146. int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
  147. unsigned char *salt, int saltlen, int iter,
  148. const EVP_MD *md_type);
  149. int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
  150. int saltlen, const EVP_MD *md_type);
  151. unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
  152. unsigned char **uni, int *unilen);
  153. char *OPENSSL_uni2asc(const unsigned char *uni, int unilen);
  154. unsigned char *OPENSSL_utf82uni(const char *asc, int asclen,
  155. unsigned char **uni, int *unilen);
  156. char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen);
  157. DECLARE_ASN1_FUNCTIONS(PKCS12)
  158. DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
  159. DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
  160. DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
  161. DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
  162. DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
  163. void PKCS12_PBE_add(void);
  164. int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
  165. STACK_OF(X509) **ca);
  166. PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey,
  167. X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert,
  168. int iter, int mac_iter, int keytype);
  169. PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
  170. PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
  171. EVP_PKEY *key, int key_usage, int iter,
  172. int key_nid, const char *pass);
  173. int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
  174. int safe_nid, int iter, const char *pass);
  175. PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
  176. int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
  177. # ifndef OPENSSL_NO_STDIO
  178. int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
  179. # endif
  180. PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
  181. # ifndef OPENSSL_NO_STDIO
  182. PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
  183. # endif
  184. int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass);
  185. # ifdef __cplusplus
  186. }
  187. # endif
  188. #endif