scepclient: Some code cleanup.
[strongswan.git] / src / scepclient / scep.h
1 /*
2 * Copyright (C) 2005 Jan Hutter, Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #ifndef _SCEP_H
17 #define _SCEP_H
18
19 #include <credentials/certificates/certificate.h>
20
21 #include "../pluto/defs.h"
22 #include "../pluto/pkcs7.h"
23
24 /* supported SCEP operation types */
25 typedef enum {
26 SCEP_PKI_OPERATION,
27 SCEP_GET_CA_CERT
28 } scep_op_t;
29
30 /* SCEP pkiStatus values */
31 typedef enum {
32 SCEP_SUCCESS,
33 SCEP_FAILURE,
34 SCEP_PENDING,
35 SCEP_UNKNOWN
36 } pkiStatus_t;
37
38 /* SCEP messageType values */
39 typedef enum {
40 SCEP_CertRep_MSG,
41 SCEP_PKCSReq_MSG,
42 SCEP_GetCertInitial_MSG,
43 SCEP_GetCert_MSG,
44 SCEP_GetCRL_MSG,
45 SCEP_Unknown_MSG
46 } scep_msg_t;
47
48 /* SCEP failure reasons */
49 typedef enum {
50 SCEP_badAlg_REASON = 0,
51 SCEP_badMessageCheck_REASON = 1,
52 SCEP_badRequest_REASON = 2,
53 SCEP_badTime_REASON = 3,
54 SCEP_badCertId_REASON = 4,
55 SCEP_unknown_REASON = 5
56 } failInfo_t;
57
58 /* SCEP attributes */
59 typedef struct {
60 scep_msg_t msgType;
61 pkiStatus_t pkiStatus;
62 failInfo_t failInfo;
63 chunk_t transID;
64 chunk_t senderNonce;
65 chunk_t recipientNonce;
66 } scep_attributes_t;
67
68 extern const scep_attributes_t empty_scep_attributes;
69
70 bool parse_attributes(chunk_t blob, scep_attributes_t *attrs);
71 void scep_generate_transaction_id(public_key_t *key,
72 chunk_t *transID,
73 chunk_t *serialNumber);
74 chunk_t scep_generate_pkcs10_fingerprint(chunk_t pkcs10);
75 chunk_t scep_transId_attribute(chunk_t transaction_id);
76 chunk_t scep_messageType_attribute(scep_msg_t m);
77 chunk_t scep_senderNonce_attribute(void);
78 chunk_t scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg,
79 certificate_t *enc_cert, int enc_alg,
80 certificate_t *signer_cert, int digest_alg,
81 private_key_t *private_key);
82 bool scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op,
83 bool http_get_request, chunk_t *response);
84 err_t scep_parse_response(chunk_t response, chunk_t transID,
85 contentInfo_t *data, scep_attributes_t *attrs,
86 certificate_t *signer_cert);
87
88 #endif /* _SCEP_H */