mirror of
https://github.com/openssl/openssl.git
synced 2024-12-15 06:01:37 +08:00
7960dbec68
Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712)
CMP and CRMF API is added to libcrypto, and the "cmp" app to the openssl CLI.
Adds extensive man pages and tests. Integration into build scripts.
Incremental pull request based on OpenSSL commit 8869ad4a39
of 2019-04-02
4th chunk: CMP context/parameters and utilities
in crypto/cmp/cmp_ctx.c, crypto/cmp/cmp_util.c, and related files
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9107)
111 lines
4.3 KiB
Plaintext
111 lines
4.3 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
OSSL_CRMF_MSG_set1_regCtrl_regToken,
|
|
OSSL_CRMF_MSG_set1_regCtrl_authenticator,
|
|
OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo,
|
|
OSSL_CRMF_MSG_set0_SinglePubInfo,
|
|
OSSL_CRMF_MSG_set_PKIPublicationInfo_action,
|
|
OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo,
|
|
OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey,
|
|
OSSL_CRMF_MSG_set1_regCtrl_oldCertID,
|
|
OSSL_CRMF_CERTID_gen
|
|
- functions setting CRMF Registration Controls
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
#include <openssl/crmf.h>
|
|
|
|
int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg,
|
|
const ASN1_UTF8STRING *tok);
|
|
int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg,
|
|
const ASN1_UTF8STRING *auth);
|
|
int OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(
|
|
OSSL_CRMF_PKIPUBLICATIONINFO *pi,
|
|
OSSL_CRMF_SINGLEPUBINFO *spi);
|
|
int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi,
|
|
int method, GENERAL_NAME *nm);
|
|
int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(
|
|
OSSL_CRMF_PKIPUBLICATIONINFO *pi, int action);
|
|
int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg,
|
|
const OSSL_CRMF_PKIPUBLICATIONINFO *pi);
|
|
int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg,
|
|
const X509_PUBKEY *pubkey);
|
|
int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg,
|
|
const OSSL_CRMF_CERTID *cid);
|
|
OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer,
|
|
const ASN1_INTEGER *serial);
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
OSSL_CRMF_MSG_set1_regCtrl_regToken() sets the regToken control in the given
|
|
B<msg> copying the given B<tok> as value. See RFC 4211, section 6.1.
|
|
|
|
OSSL_CRMF_MSG_set1_regCtrl_authenticator() sets the authenticator control in
|
|
the given B<msg> copying the given B<auth> as value. See RFC 4211, section 6.2.
|
|
|
|
OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo() pushes the given B<spi>
|
|
to B<si>. Consumes the B<spi> pointer.
|
|
|
|
OSSL_CRMF_MSG_set0_SinglePubInfo() sets in the given SinglePubInfo B<spi>
|
|
the B<method> and publication location, in the form of a GeneralName, B<nm>.
|
|
The publication location is optional, and therefore B<nm> may be NULL.
|
|
The function consumes the B<nm> pointer if present.
|
|
Available methods are:
|
|
# define OSSL_CRMF_PUB_METHOD_DONTCARE 0
|
|
# define OSSL_CRMF_PUB_METHOD_X500 1
|
|
# define OSSL_CRMF_PUB_METHOD_WEB 2
|
|
# define OSSL_CRMF_PUB_METHOD_LDAP 3
|
|
|
|
OSSL_CRMF_MSG_set_PKIPublicationInfo_action() sets the action in the given B<pi>
|
|
using the given B<action> as value. See RFC 4211, section 6.3.
|
|
Available actions are:
|
|
# define OSSL_CRMF_PUB_ACTION_DONTPUBLISH 0
|
|
# define OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH 1
|
|
|
|
OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo() sets the pkiPublicationInfo
|
|
control in the given B<msg> copying the given B<tok> as value. See RFC 4211,
|
|
section 6.3.
|
|
|
|
OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey() sets the protocolEncrKey control in
|
|
the given B<msg> copying the given B<pubkey> as value. See RFC 4211 section 6.6.
|
|
|
|
OSSL_CRMF_MSG_set1_regCtrl_oldCertID() sets the oldCertID control in the given
|
|
B<msg> copying the given B<cid> as value. See RFC 4211, section 6.5.
|
|
|
|
OSSL_CRMF_CERTID_gen produces an OSSL_CRMF_CERTID_gen structure copying the
|
|
given B<issuer> name and B<serial> number.
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
OSSL_CRMF_CERTID_gen returns a pointer to the resulting structure
|
|
or NULL on error.
|
|
|
|
All other functions return 1 on success, 0 on error.
|
|
|
|
=head1 NOTES
|
|
|
|
A function OSSL_CRMF_MSG_set1_regCtrl_pkiArchiveOptions() for setting an
|
|
Archive Options Control is not yet implemented due to missing features to
|
|
create the needed OSSL_CRMF_PKIARCHIVEOPTINS content.
|
|
|
|
=head1 SEE ALSO
|
|
|
|
RFC 4211
|
|
|
|
=head1 HISTORY
|
|
|
|
The OpenSSL CRMF support was added in OpenSSL 3.0.
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|