handle zero size Base64 conversions
[strongswan.git] / src / scepclient / scep.h
1 /**
2 * @file scep.h
3 * @brief SCEP specific functions
4 *
5 * Contains functions to build and parse SCEP requests and replies
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #ifndef _SCEP_H
24 #define _SCEP_H
25
26 #include <credentials/certificates/certificate.h>
27
28 #include "../pluto/defs.h"
29 #include "../pluto/pkcs7.h"
30
31 /* supported SCEP operation types */
32 typedef enum {
33 SCEP_PKI_OPERATION,
34 SCEP_GET_CA_CERT
35 } scep_op_t;
36
37 /* SCEP pkiStatus values */
38 typedef enum {
39 SCEP_SUCCESS,
40 SCEP_FAILURE,
41 SCEP_PENDING,
42 SCEP_UNKNOWN
43 } pkiStatus_t;
44
45 /* SCEP messageType values */
46 typedef enum {
47 SCEP_CertRep_MSG,
48 SCEP_PKCSReq_MSG,
49 SCEP_GetCertInitial_MSG,
50 SCEP_GetCert_MSG,
51 SCEP_GetCRL_MSG,
52 SCEP_Unknown_MSG
53 } scep_msg_t;
54
55 /* SCEP failure reasons */
56 typedef enum {
57 SCEP_badAlg_REASON = 0,
58 SCEP_badMessageCheck_REASON = 1,
59 SCEP_badRequest_REASON = 2,
60 SCEP_badTime_REASON = 3,
61 SCEP_badCertId_REASON = 4,
62 SCEP_unknown_REASON = 5
63 } failInfo_t;
64
65 /* SCEP attributes */
66 typedef struct {
67 scep_msg_t msgType;
68 pkiStatus_t pkiStatus;
69 failInfo_t failInfo;
70 chunk_t transID;
71 chunk_t senderNonce;
72 chunk_t recipientNonce;
73 } scep_attributes_t;
74
75 extern const scep_attributes_t empty_scep_attributes;
76
77 extern bool parse_attributes(chunk_t blob, scep_attributes_t *attrs);
78 extern void scep_generate_transaction_id(public_key_t *key,
79 chunk_t *transID,
80 chunk_t *serialNumber);
81 extern chunk_t scep_generate_pkcs10_fingerprint(chunk_t pkcs10);
82 extern chunk_t scep_transId_attribute(chunk_t transaction_id);
83 extern chunk_t scep_messageType_attribute(scep_msg_t m);
84 extern chunk_t scep_senderNonce_attribute(void);
85 extern chunk_t scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg,
86 certificate_t *enc_cert, int enc_alg,
87 certificate_t *signer_cert, int digest_alg,
88 private_key_t *private_key);
89 extern bool scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op,
90 bool http_get_request, chunk_t *response);
91 extern err_t scep_parse_response(chunk_t response, chunk_t transID,
92 contentInfo_t *data, scep_attributes_t *attrs,
93 certificate_t *signer_cert);
94
95 #endif /* _SCEP_H */