implemented gmp_rsa_public_key.encrypt() method
[strongswan.git] / src / scepclient / scep.h
1 /**
2 * @file scep.h
3 * @brief SCEP specific functions
4 *
5 * Contains functions to build and parse SCEP requests and replies
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #ifndef _SCEP_H
24 #define _SCEP_H
25
26 #include "../pluto/defs.h"
27 #include "../pluto/pkcs7.h"
28
29 /* supported SCEP operation types */
30 typedef enum {
31 SCEP_PKI_OPERATION,
32 SCEP_GET_CA_CERT
33 } scep_op_t;
34
35 /* SCEP pkiStatus values */
36 typedef enum {
37 SCEP_SUCCESS,
38 SCEP_FAILURE,
39 SCEP_PENDING,
40 SCEP_UNKNOWN
41 } pkiStatus_t;
42
43 /* SCEP messageType values */
44 typedef enum {
45 SCEP_CertRep_MSG,
46 SCEP_PKCSReq_MSG,
47 SCEP_GetCertInitial_MSG,
48 SCEP_GetCert_MSG,
49 SCEP_GetCRL_MSG,
50 SCEP_Unknown_MSG
51 } scep_msg_t;
52
53 /* SCEP failure reasons */
54 typedef enum {
55 SCEP_badAlg_REASON = 0,
56 SCEP_badMessageCheck_REASON = 1,
57 SCEP_badRequest_REASON = 2,
58 SCEP_badTime_REASON = 3,
59 SCEP_badCertId_REASON = 4,
60 SCEP_unknown_REASON = 5
61 } failInfo_t;
62
63 /* SCEP attributes */
64 typedef struct {
65 scep_msg_t msgType;
66 pkiStatus_t pkiStatus;
67 failInfo_t failInfo;
68 chunk_t transID;
69 chunk_t senderNonce;
70 chunk_t recipientNonce;
71 } scep_attributes_t;
72
73 extern const scep_attributes_t empty_scep_attributes;
74
75 extern bool parse_attributes(chunk_t blob, scep_attributes_t *attrs);
76 extern void scep_generate_transaction_id(public_key_t *key,
77 chunk_t *transID,
78 chunk_t *serialNumber);
79 extern chunk_t scep_generate_pkcs10_fingerprint(chunk_t pkcs10);
80 extern chunk_t scep_transId_attribute(chunk_t transaction_id);
81 extern chunk_t scep_messageType_attribute(scep_msg_t m);
82 extern chunk_t scep_senderNonce_attribute(void);
83 extern chunk_t scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg,
84 const x509cert_t *enc_cert, int enc_alg,
85 const x509cert_t *signer_cert, int digest_alg,
86 private_key_t *private_key);
87 extern bool scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op,
88 bool http_get_request, chunk_t *response);
89 extern err_t scep_parse_response(chunk_t response, chunk_t transID,
90 contentInfo_t *data, scep_attributes_t *attrs,
91 x509cert_t *signer_cert);
92
93 #endif /* _SCEP_H */