diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-08-13 17:44:54 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-08-21 09:04:13 +0200 |
| commit | 6d1f50b520ce0a2eaa624686a26ffd4a5af00d93 (patch) | |
| tree | d094306e91bd79803bb49a9323ec36bd122ecb4e /crypto/cmp/cmp_local.h | |
| parent | cac30a69bcadcfcf5beb034abf958bbcdb8b83cb (diff) | |
Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
Diffstat (limited to 'crypto/cmp/cmp_local.h')
| -rw-r--r-- | crypto/cmp/cmp_local.h | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/crypto/cmp/cmp_local.h b/crypto/cmp/cmp_local.h index 8d21fa0b82..41c10b22c1 100644 --- a/crypto/cmp/cmp_local.h +++ b/crypto/cmp/cmp_local.h @@ -76,13 +76,13 @@ struct ossl_cmp_ctx_st { ASN1_OCTET_STRING *secretValue; /* password/shared secret for MSG_MAC_ALG */ /* PBMParameters for MSG_MAC_ALG */ size_t pbm_slen; /* salt length, currently fixed to 16 */ - int pbm_owf; /* NID of one-way function (OWF), default: SHA256 */ + EVP_MD *pbm_owf; /* one-way function (OWF), default: SHA256 */ int pbm_itercnt; /* OWF iteration count, currently fixed to 500 */ int pbm_mac; /* NID of MAC algorithm, default: HMAC-SHA1 as per RFC 4210 */ /* CMP message header and extra certificates */ X509_NAME *recipient; /* to set in recipient in pkiheader */ - int digest; /* NID of digest used in MSG_SIG_ALG and POPO, default SHA256 */ + EVP_MD *digest; /* digest used in MSG_SIG_ALG and POPO, default SHA256 */ ASN1_OCTET_STRING *transactionID; /* the current transaction ID */ ASN1_OCTET_STRING *senderNonce; /* last nonce sent */ ASN1_OCTET_STRING *recipNonce; /* last nonce received */ @@ -894,14 +894,14 @@ ossl_cmp_pollrepcontent_get0_pollrep(const OSSL_CMP_POLLREPCONTENT *prc, OSSL_CMP_CERTRESPONSE * ossl_cmp_certrepmessage_get0_certresponse(const OSSL_CMP_CERTREPMESSAGE *crm, int rid); -X509 *ossl_cmp_certresponse_get1_certificate(EVP_PKEY *privkey, - const OSSL_CMP_CERTRESPONSE *crep); +X509 *ossl_cmp_certresponse_get1_cert(const OSSL_CMP_CERTRESPONSE *crep, + const OSSL_CMP_CTX *ctx, EVP_PKEY *pkey); +OSSL_CMP_MSG *ossl_cmp_msg_load(const char *file); /* from cmp_protect.c */ -ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_MSG *msg, - const ASN1_OCTET_STRING *secret, - EVP_PKEY *pkey); int ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg); +ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_CTX *ctx, + const OSSL_CMP_MSG *msg); int ossl_cmp_msg_protect(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg); /* from cmp_vfy.c */ @@ -910,7 +910,10 @@ typedef int (*ossl_cmp_allow_unprotected_cb_t)(const OSSL_CMP_CTX *ctx, int invalid_protection, int arg); int ossl_cmp_msg_check_update(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg, ossl_cmp_allow_unprotected_cb_t cb, int cb_arg); -int ossl_cmp_verify_popo(const OSSL_CMP_MSG *msg, int accept_RAVerified); +int ossl_cmp_msg_check_received(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg, + ossl_cmp_allow_unprotected_cb_t cb, int cb_arg); +int ossl_cmp_verify_popo(const OSSL_CMP_CTX *ctx, + const OSSL_CMP_MSG *msg, int accept_RAVerified); /* from cmp_client.c */ int ossl_cmp_exchange_certConf(OSSL_CMP_CTX *ctx, int fail_info, |