VirtualBox

source: vbox/trunk/include/iprt/crypto/taf.h@ 78377

Last change on this file since 78377 was 76585, checked in by vboxsync, 6 years ago

*: scm --fix-header-guard-endif

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 7.2 KB
Line 
1/** @file
2 * IPRT - Crypto - Trust Anchor Format (RFC-5914).
3 */
4
5/*
6 * Copyright (C) 2006-2019 Oracle Corporation
7 *
8 * This file is part of VirtualBox Open Source Edition (OSE), as
9 * available from http://www.virtualbox.org. This file is free software;
10 * you can redistribute it and/or modify it under the terms of the GNU
11 * General Public License (GPL) as published by the Free Software
12 * Foundation, in version 2 as it comes in the "COPYING" file of the
13 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
14 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
15 *
16 * The contents of this file may alternatively be used under the terms
17 * of the Common Development and Distribution License Version 1.0
18 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
19 * VirtualBox OSE distribution, in which case the provisions of the
20 * CDDL are applicable instead of those of the GPL.
21 *
22 * You may elect to license modified versions of this file under the
23 * terms and conditions of either the GPL or the CDDL or both.
24 */
25
26#ifndef IPRT_INCLUDED_crypto_taf_h
27#define IPRT_INCLUDED_crypto_taf_h
28#ifndef RT_WITHOUT_PRAGMA_ONCE
29# pragma once
30#endif
31
32#include <iprt/asn1.h>
33#include <iprt/crypto/x509.h>
34
35
36RT_C_DECLS_BEGIN
37
38/** @defgroup grp_rt_crtaf RTCrTaf - Trust Anchor Format (RFC-5914)
39 * @ingroup grp_rt_crypto
40 * @{
41 */
42
43
44/**
45 * RFC-5914 CertPathControls (IPRT representation).
46 */
47typedef struct RTCRTAFCERTPATHCONTROLS
48{
49 /** Sequence core. */
50 RTASN1SEQUENCECORE SeqCore;
51 /** The trust anchor subject. For use in path construction. */
52 RTCRX509NAME TaName;
53 /** Certificate, optional, implicit tag 0. */
54 RTCRX509CERTIFICATE Certificate;
55 /** Certificate policies, optional, implicit tag 1.
56 * @remarks This is an ASN.1 SEQUENCE, not an ASN.1 SET as the name
57 * mistakenly might be taken to indicate. */
58 RTCRX509CERTIFICATEPOLICIES PolicySet;
59 /** Policy flags, optional, implicit tag 2. */
60 RTASN1BITSTRING PolicyFlags;
61 /** Name constraints, optional, implicit tag 3. */
62 RTCRX509NAMECONSTRAINTS NameConstr;
63 /** Path length constraints, optional, implicit tag 4. */
64 RTASN1INTEGER PathLenConstraint;
65} RTCRTAFCERTPATHCONTROLS;
66/** Pointer to the IPRT representation of a RFC-5914 CertPathControls. */
67typedef RTCRTAFCERTPATHCONTROLS *PRTCRTAFCERTPATHCONTROLS;
68/** Pointer to the const IPRT representation of a RFC-5914 CertPathControls. */
69typedef RTCRTAFCERTPATHCONTROLS const *PCRTCRTAFCERTPATHCONTROLS;
70RTASN1TYPE_STANDARD_PROTOTYPES(RTCRTAFCERTPATHCONTROLS, RTDECL, RTCrTafCertPathControls, SeqCore.Asn1Core);
71
72/** @name Bit definitions for RTCRTAFCERTPATHCONTROL::PolicyFlags
73 * @{ */
74#define RTCRTAFCERTPOLICYFLAGS_INHIBIT_POLICY_MAPPING 0
75#define RTCRTAFCERTPOLICYFLAGS_REQUIRE_EXPLICIT_POLICY 1
76#define RTCRTAFCERTPOLICYFLAGS_INHIBIT_ANY_POLICY 2
77/** @} */
78
79
80/**
81 * RFC-5914 TrustAnchorInfo (IPRT representation).
82 */
83typedef struct RTCRTAFTRUSTANCHORINFO
84{
85 /** Sequence core. */
86 RTASN1SEQUENCECORE SeqCore;
87 /** The version number (defaults to v1). */
88 RTASN1INTEGER Version;
89 /** The public key of the trust anchor. */
90 RTCRX509SUBJECTPUBLICKEYINFO PubKey;
91 /** Key identifier. */
92 RTASN1OCTETSTRING KeyIdentifier;
93 /** Trust anchor title, optional, size 1 to 64. */
94 RTASN1STRING TaTitle;
95 /** Certificate path controls, optional. */
96 RTCRTAFCERTPATHCONTROLS CertPath;
97 /** Extensions, explicit optional, context tag 1. */
98 struct
99 {
100 /** Context tag 1. */
101 RTASN1CONTEXTTAG1 CtxTag1;
102 /** The extensions. */
103 RTCRX509EXTENSIONS Exts;
104 } T1;
105 /** Title language tag, implicit optional, context tag 2.
106 * Defaults to "en". */
107 RTASN1STRING TaTitleLangTag;
108} RTCRTAFTRUSTANCHORINFO;
109/** Pointer to the IPRT representation of a RFC-5914 TrustAnchorInfo. */
110typedef RTCRTAFTRUSTANCHORINFO *PRTCRTAFTRUSTANCHORINFO;
111/** Pointer to the const IPRT representation of a RFC-5914 TrustAnchorInfo. */
112typedef RTCRTAFTRUSTANCHORINFO const *PCRTCRTAFTRUSTANCHORINFO;
113RTASN1TYPE_STANDARD_PROTOTYPES(RTCRTAFTRUSTANCHORINFO, RTDECL, RTCrTafTrustAnchorInfo, SeqCore.Asn1Core);
114
115/** TrustAnchorInfo version 1. */
116#define RTCRTAFTRUSTANCHORINFO_V1 1
117
118
119/** Indicates what kind of value a TrustAnchorChoice structure contains. */
120typedef enum RTCRTAFTRUSTANCHORCHOICEVAL
121{
122 /** Invalid zero value. */
123 RTCRTAFTRUSTANCHORCHOICEVAL_INVALID = 0,
124 /** RTCRTAFTRUSTANCHORCHOICE::u.pCertificate. */
125 RTCRTAFTRUSTANCHORCHOICEVAL_CERTIFICATE,
126 /** RTCRTAFTRUSTANCHORCHOICE::u.pT1. */
127 RTCRTAFTRUSTANCHORCHOICEVAL_TBS_CERTIFICATE,
128 /** RTCRTAFTRUSTANCHORCHOICE::u.pT2. */
129 RTCRTAFTRUSTANCHORCHOICEVAL_TRUST_ANCHOR_INFO,
130 /** End of valid choices. */
131 RTCRTAFTRUSTANCHORCHOICEVAL_END,
132 /** Make sure it's (at least) 32-bit wide. */
133 RTCRTAFTRUSTANCHORCHOICEVAL_32BIT_HACK = 0x7fffffff
134} RTCRTAFTRUSTANCHORCHOICEVAL;
135
136
137/**
138 * RFC-5914 TrustAnchorChoice (IPRT representation).
139 */
140typedef struct RTCRTAFTRUSTANCHORCHOICE
141{
142 /** Dummy object for simplifying everything. */
143 RTASN1DUMMY Dummy;
144 /** Allocation for the valid member (to optimize space usage). */
145 RTASN1ALLOCATION Allocation;
146 /** Indicates which of the pointers are valid. */
147 RTCRTAFTRUSTANCHORCHOICEVAL enmChoice;
148 /** Choice union. */
149 union
150 {
151 /** Generic ASN.1 core pointer for the choice. */
152 PRTASN1CORE pAsn1Core;
153 /** Choice 0: X509 certificate. */
154 PRTCRX509CERTIFICATE pCertificate;
155 /** Choice 1: To-be-signed certificate part. This may differ from the
156 * TBSCertificate member of the original certificate. */
157 struct
158 {
159 /** Explicit context tag. */
160 RTASN1CONTEXTTAG1 CtxTag1;
161 /** Pointer to the TBS certificate structure. */
162 RTCRX509TBSCERTIFICATE TbsCert;
163 } *pT1;
164
165 /** Choice 2: To-be-signed certificate part. This may differ from the
166 * TBSCertificate member of the original certificate. */
167 struct
168 {
169 /** Explicit context tag. */
170 RTASN1CONTEXTTAG2 CtxTag2;
171 /** Pointer to the trust anchor infomration structure. */
172 RTCRTAFTRUSTANCHORINFO TaInfo;
173 } *pT2;
174 } u;
175} RTCRTAFTRUSTANCHORCHOICE;
176/** Pointer to the IPRT representation of a RFC-5914 TrustAnchorChoice. */
177typedef RTCRTAFTRUSTANCHORCHOICE *PRTCRTAFTRUSTANCHORCHOICE;
178/** Pointer to the const IPRT representation of a RFC-5914 TrustAnchorChoice. */
179typedef RTCRTAFTRUSTANCHORCHOICE const *PCRTCRTAFTRUSTANCHORCHOICE;
180RTASN1TYPE_STANDARD_PROTOTYPES(RTCRTAFTRUSTANCHORCHOICE, RTDECL, RTCrTafTrustAnchorChoice, Dummy.Asn1Core);
181
182/*
183 * RFC-5914 TrustAnchorList (IPRT representation).
184 */
185RTASN1_IMPL_GEN_SEQ_OF_TYPEDEFS_AND_PROTOS(RTCRTAFTRUSTANCHORLIST, RTCRTAFTRUSTANCHORCHOICE, RTDECL, RTCrTafTrustAnchorList);
186
187/** @} */
188
189RT_C_DECLS_END
190
191#endif /* !IPRT_INCLUDED_crypto_taf_h */
192
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette