[BACK]Return to scep.h CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / scepclient
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / scepclient / scep.h
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Wed Jun 3 09:46:44 2020 UTC (4 years, 4 months ago) by misho
Branches: strongswan, MAIN
CVS tags: v5_9_2p0, v5_8_4p7, HEAD
Strongswan

    1: /*
    2:  * Copyright (C) 2012 Tobias Brunner
    3:  * Copyright (C) 2005 Jan Hutter, Martin Willi
    4:  * HSR Hochschule fuer Technik Rapperswil
    5:  *
    6:  * This program is free software; you can redistribute it and/or modify it
    7:  * under the terms of the GNU General Public License as published by the
    8:  * Free Software Foundation; either version 2 of the License, or (at your
    9:  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
   10:  *
   11:  * This program is distributed in the hope that it will be useful, but
   12:  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
   13:  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
   14:  * for more details.
   15:  */
   16: 
   17: #ifndef _SCEP_H
   18: #define _SCEP_H
   19: 
   20: #include <credentials/containers/pkcs7.h>
   21: #include <credentials/certificates/certificate.h>
   22: 
   23: /* supported SCEP operation types */
   24: typedef enum {
   25: 	SCEP_PKI_OPERATION,
   26: 	SCEP_GET_CA_CERT
   27: } scep_op_t;
   28: 
   29: /* SCEP pkiStatus values */
   30: typedef enum {
   31:    SCEP_SUCCESS,
   32:    SCEP_FAILURE,
   33:    SCEP_PENDING,
   34:    SCEP_UNKNOWN
   35: } pkiStatus_t;
   36: 
   37: /* SCEP messageType values */
   38: typedef enum {
   39:    SCEP_CertRep_MSG,
   40:    SCEP_PKCSReq_MSG,
   41:    SCEP_GetCertInitial_MSG,
   42:    SCEP_GetCert_MSG,
   43:    SCEP_GetCRL_MSG,
   44:    SCEP_Unknown_MSG
   45: } scep_msg_t;
   46: 
   47: /* SCEP failure reasons */
   48: typedef enum {
   49:    SCEP_badAlg_REASON =          0,
   50:    SCEP_badMessageCheck_REASON = 1,
   51:    SCEP_badRequest_REASON =      2,
   52:    SCEP_badTime_REASON =         3,
   53:    SCEP_badCertId_REASON =       4,
   54:    SCEP_unknown_REASON =         5
   55: } failInfo_t;
   56: 
   57: /* SCEP attributes */
   58: typedef struct {
   59: 	scep_msg_t  msgType;
   60: 	pkiStatus_t pkiStatus;
   61: 	failInfo_t  failInfo;
   62: 	chunk_t     transID;
   63: 	chunk_t     senderNonce;
   64: 	chunk_t     recipientNonce;
   65: } scep_attributes_t;
   66: 
   67: extern const scep_attributes_t empty_scep_attributes;
   68: 
   69: bool parse_attributes(chunk_t blob, scep_attributes_t *attrs);
   70: void scep_generate_transaction_id(public_key_t *key,
   71: 								  chunk_t *transID,
   72: 								  chunk_t *serialNumber);
   73: chunk_t scep_generate_pkcs10_fingerprint(chunk_t pkcs10);
   74: chunk_t scep_transId_attribute(chunk_t transaction_id);
   75: chunk_t scep_messageType_attribute(scep_msg_t m);
   76: chunk_t scep_senderNonce_attribute(void);
   77: chunk_t scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg,
   78: 						certificate_t *enc_cert, encryption_algorithm_t enc_alg,
   79: 						size_t key_size, certificate_t *signer_cert,
   80: 						hash_algorithm_t digest_alg, private_key_t *private_key);
   81: bool scep_http_request(const char *url, chunk_t msg, scep_op_t op,
   82: 					   bool http_get_request, u_int timeout, char *src,
   83: 					   chunk_t *response);
   84: err_t scep_parse_response(chunk_t response, chunk_t transID,
   85: 						  container_t **out, scep_attributes_t *attrs);
   86: 
   87: #endif /* _SCEP_H */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>