corrected a copy-and-paste error
[strongswan.git] / src / scepclient / scep.h
1 /**
2 * @file scep.h
3 * @brief SCEP specific functions
4 *
5 * Contains functions to build and parse SCEP requests and replies
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #ifndef _SCEP_H
24 #define _SCEP_H
25
26 #include "../pluto/defs.h"
27 #include "../pluto/pkcs1.h"
28 #include "../pluto/pkcs7.h"
29
30 /* supported SCEP operation types */
31 typedef enum {
32 SCEP_PKI_OPERATION,
33 SCEP_GET_CA_CERT
34 } scep_op_t;
35
36 /* SCEP pkiStatus values */
37 typedef enum {
38 SCEP_SUCCESS,
39 SCEP_FAILURE,
40 SCEP_PENDING,
41 SCEP_UNKNOWN
42 } pkiStatus_t;
43
44 /* SCEP messageType values */
45 typedef enum {
46 SCEP_CertRep_MSG,
47 SCEP_PKCSReq_MSG,
48 SCEP_GetCertInitial_MSG,
49 SCEP_GetCert_MSG,
50 SCEP_GetCRL_MSG,
51 SCEP_Unknown_MSG
52 } scep_msg_t;
53
54 /* SCEP failure reasons */
55 typedef enum {
56 SCEP_badAlg_REASON = 0,
57 SCEP_badMessageCheck_REASON = 1,
58 SCEP_badRequest_REASON = 2,
59 SCEP_badTime_REASON = 3,
60 SCEP_badCertId_REASON = 4,
61 SCEP_unknown_REASON = 5
62 } failInfo_t;
63
64 /* SCEP attributes */
65 typedef struct {
66 scep_msg_t msgType;
67 pkiStatus_t pkiStatus;
68 failInfo_t failInfo;
69 chunk_t transID;
70 chunk_t senderNonce;
71 chunk_t recipientNonce;
72 } scep_attributes_t;
73
74 extern const scep_attributes_t empty_scep_attributes;
75
76 extern bool parse_attributes(chunk_t blob, scep_attributes_t *attrs);
77 extern void scep_generate_pkcs10_fingerprint(chunk_t pkcs10
78 , chunk_t *fingerprint);
79 extern void scep_generate_transaction_id(const RSA_public_key_t *rsak
80 , chunk_t *transID, chunk_t *serialNumber);
81 extern chunk_t scep_transId_attribute(chunk_t transaction_id);
82 extern chunk_t scep_messageType_attribute(scep_msg_t m);
83 extern chunk_t scep_senderNonce_attribute(void);
84 extern chunk_t scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg
85 , const x509cert_t *enc_cert, int enc_alg
86 , const x509cert_t *signer_cert, int digest_alg
87 , const RSA_private_key_t *private_key);
88 extern bool scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op
89 , fetch_request_t request_type, chunk_t *response);
90 extern err_t scep_parse_response(chunk_t response, chunk_t transID
91 , contentInfo_t *data, scep_attributes_t *attrs, x509cert_t *signer_cert);
92
93 #endif /* _SCEP_H */