123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141 |
- =pod
- =head1 NAME
- ossl_cmp_hdr_set_pvno,
- ossl_cmp_hdr_get_pvno,
- ossl_cmp_hdr_get_protection_nid,
- ossl_cmp_hdr_get0_sendernonce,
- ossl_cmp_general_name_is_NULL_DN,
- ossl_cmp_hdr_set1_sender,
- ossl_cmp_hdr_set1_recipient,
- ossl_cmp_hdr_update_messagetime,
- ossl_cmp_hdr_set1_senderKID,
- ossl_cmp_hdr_push0_freeText,
- ossl_cmp_hdr_push1_freeText,
- ossl_cmp_hdr_generalinfo_item_push0,
- ossl_cmp_hdr_generalinfo_items_push1,
- ossl_cmp_hdr_set_implicitConfirm,
- ossl_cmp_hdr_has_implicitConfirm,
- ossl_cmp_hdr_init
- - functions manipulating CMP message headers
- =head1 SYNOPSIS
- #include "cmp_local.h"
- int ossl_cmp_hdr_set_pvno(OSSL_CMP_PKIHEADER *hdr, int pvno);
- int ossl_cmp_hdr_get_pvno(const OSSL_CMP_PKIHEADER *hdr);
- int ossl_cmp_hdr_get_protection_nid(const OSSL_CMP_PKIHEADER *hdr);
- ASN1_OCTET_STRING
- *ossl_cmp_hdr_get0_sendernonce(const OSSL_CMP_PKIHEADER *hdr);
- int ossl_cmp_general_name_is_NULL_DN(GENERAL_NAME *name);
- int ossl_cmp_hdr_set1_sender(OSSL_CMP_PKIHEADER *hdr, const X509_NAME *nm);
- int ossl_cmp_hdr_set1_recipient(OSSL_CMP_PKIHEADER *hdr, const X509_NAME *nm);
- int ossl_cmp_hdr_update_messagetime(OSSL_CMP_PKIHEADER *hdr);
- int ossl_cmp_hdr_set1_senderKID(OSSL_CMP_PKIHEADER *hdr,
- const ASN1_OCTET_STRING *senderKID);
- int ossl_cmp_hdr_generalinfo_item_push0(OSSL_CMP_PKIHEADER *hdr,
- OSSL_CMP_ITAV *itav);
- int ossl_cmp_hdr_generalinfo_items_push1(OSSL_CMP_PKIHEADER *hdr,
- STACK_OF(OSSL_CMP_ITAV) *itavs);
- int ossl_cmp_hdr_push0_freeText(OSSL_CMP_PKIHEADER *hdr,
- ASN1_UTF8STRING *text);
- int ossl_cmp_hdr_push1_freeText(OSSL_CMP_PKIHEADER *hdr,
- ASN1_UTF8STRING *text);
- int ossl_cmp_hdr_set_implicitConfirm(OSSL_CMP_PKIHEADER *hdr);
- int ossl_cmp_hdr_has_implicitConfirm(OSSL_CMP_PKIHEADER *hdr);
- int ossl_cmp_hdr_init(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr);
- =head1 DESCRIPTION
- ossl_cmp_hdr_set_pvno() sets hdr->pvno to the given B<pvno>.
- ossl_cmp_hdr_get_pvno() returns the pvno of the given B<hdr> or -1 on error.
- ossl_cmp_hdr_get_protection_nid returns the NID of the protection algorithm
- in B<hdr> or NID_undef on error.
- ossl_cmp_hdr_get0_sendernonce() returns the sender nonce of the given PKIHeader.
- ossl_cmp_general_name_is_NULL_DN() determines if the given GENERAL_NAME
- is the NULL-DN.
- ossl_cmp_hdr_set1_sender() sets the sender field in the given PKIHeader
- to the given X509 Name value, without consuming the pointer.
- ossl_cmp_hdr_set1_recipient() sets the recipient field in the given
- PKIHeader to the given X509 Name value, without consuming the pointer.
- If B<nm> is NULL, recipient is set to the NULL DN (the empty list of strings).
- ossl_cmp_hdr_update_messagetime() (re-)sets the messageTime to the current
- system time. As written in RFC 4210, section 5.1.1:
- The messageTime field contains the time at which the sender created the message.
- This may be useful to allow end entities to correct/check their local time for
- consistency with the time on a central system.
- ossl_cmp_hdr_set1_senderKID() Sets hdr->senderKID to the given string.
- In an PBMAC-protected IR this usually is a reference number issued by the CA,
- else the subject key ID of the sender's protecting certificate.
- ossl_cmp_hdr_push0_freeText() pushes an ASN1_UTF8STRING to
- hdr->freeText and consumes the given pointer.
- ossl_cmp_hdr_push1_freeText() pushes an ASN1_UTF8STRING to
- hdr->freeText and does not consume the pointer.
- ossl_cmp_hdr_generalinfo_item_push0() adds the given InfoTypeAndValue
- item to the hdr->generalInfo stack. Consumes the B<itav> pointer.
- ossl_cmp_hdr_generalinfo_items_push1() adds a copy of the B<itavs> stack to
- the generalInfo field of PKIheader of the B<hdr>. Does not consume the B<itavs>
- pointer.
- ossl_cmp_hdr_set_implicitConfirm() sets implicitConfirm in the generalInfo field
- of the PKIMessage header.
- ossl_cmp_hdr_has_implicitConfirm() returns 1 if implicitConfirm is
- set int generalInfo field of the given PKIMessage header, 0 if not.
- ossl_cmp_hdr_init() initializes a PKIHeader structure based on the
- values in the given OSSL_CMP_CTX structure.
- This starts a new transaction in case ctx->transactionID is NULL.
- The sender name is copied from the subject of the client cert, if any,
- or else from the subject name provided for certification requests.
- As required by RFC 4210 section 5.1.1., if the sender name is not known
- to the client it set to the NULL-DN. In this case for identification at least
- the senderKID must be set, which we take from any referenceValue provided.
- =head1 NOTES
- CMP is defined in RFC 4210 (and CRMF in RFC 4211).
- =head1 RETURN VALUES
- ossl_cmp_hdr_get_pvno() returns the pvno of the given B<hdr> or -1 on error.
- ossl_cmp_hdr_get_protection_nid returns the respective NID, NID_undef on error.
- ossl_cmp_hdr_get0_sendernonce() returns the respective nonce, or NULL.
- ossl_cmp_general_name_is_NULL_DN() returns 1 given a NULL-DN, else 0.
- All other functions return 1 on success, 0 on error.
- See the individual functions above.
- =head1 HISTORY
- The OpenSSL CMP support was added in OpenSSL 3.0.
- =head1 COPYRIGHT
- Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
- Licensed under the Apache License 2.0 (the "License"). You may not use
- this file except in compliance with the License. You can obtain a copy
- in the file LICENSE in the source distribution or at
- L<https://www.openssl.org/source/license.html>.
- =cut
|