1 /* 2 * This file is part of the openHiTLS project. 3 * 4 * openHiTLS is licensed under the Mulan PSL v2. 5 * You can use this software according to the terms and conditions of the Mulan PSL v2. 6 * You may obtain a copy of Mulan PSL v2 at: 7 * 8 * http://license.coscl.org.cn/MulanPSL2 9 * 10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, 11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, 12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. 13 * See the Mulan PSL v2 for more details. 14 */ 15 16 #ifndef HITLS_PKI_CSR_H 17 #define HITLS_PKI_CSR_H 18 19 #include "hitls_pki_types.h" 20 #include "crypt_eal_pkey.h" 21 22 #ifdef __cplusplus 23 extern "C" { 24 #endif 25 26 typedef struct _HITLS_X509_Csr HITLS_X509_Csr; 27 28 /** 29 * @ingroup pki 30 * @brief Allocate a pkcs10 csr. 31 * 32 * @retval HITLS_X509_Csr * 33 */ 34 HITLS_X509_Csr *HITLS_X509_CsrNew(void); 35 36 /** 37 * @ingroup pki 38 * @brief Release the pkcs10 csr. 39 * 40 * @param csr [IN] CSR context. 41 * @retval void 42 */ 43 void HITLS_X509_CsrFree(HITLS_X509_Csr *csr); 44 45 /** 46 * @ingroup pki 47 * @brief Sign a CSR (Certificate Signing Request). 48 * 49 * @attention 1. This function can only be used when generating a new csr. 50 * 2. You need to first call interfaces HITLS_X509_CsrCtrl and HITLS_X509_AttrCtrl to set csr information. 51 * 52 * @param mdId [IN] The message digest algorithm ID. 53 * @param prvKey [IN] The private key context used for signing. 54 * @param algParam [IN] The signature algorithm parameters. 55 * @param csr [IN] The CSR to be signed. 56 * @retval #HITLS_PKI_SUCCESS, success. 57 * Error codes can be found in hitls_pki_errno.h 58 */ 59 int32_t HITLS_X509_CsrSign(int32_t mdId, const CRYPT_EAL_PkeyCtx *prvKey, const HITLS_X509_SignAlgParam *algParam, 60 HITLS_X509_Csr *csr); 61 62 /** 63 * @ingroup pki 64 * @brief Generate csr to store in buffer 65 * 66 * @attention This function is used after parsing the csr or after signing. 67 * 68 * @param format [IN] The format of the generated csr. 69 * @param csr [IN] The csr context 70 * @param buff [OUT] The buffer of the generated csr. 71 * @retval #HITLS_PKI_SUCCESS, success. 72 * Error codes can be found in hitls_pki_errno.h 73 */ 74 int32_t HITLS_X509_CsrGenBuff(int32_t format, HITLS_X509_Csr *csr, BSL_Buffer *buff); 75 76 /** 77 * @ingroup pki 78 * @brief Generate csr to store in file 79 * 80 * @attention This function is used after parsing the csr or after signing. 81 * 82 * @param format [IN] The format of the generated csr. 83 * @param csr [IN] The csr context 84 * @param path [IN] The path of the generated csr. 85 * @retval #HITLS_PKI_SUCCESS, success. 86 * Error codes can be found in hitls_pki_errno.h 87 */ 88 int32_t HITLS_X509_CsrGenFile(int32_t format, HITLS_X509_Csr *csr, const char *path); 89 90 /** 91 * @ingroup pki 92 * @brief Generic function to process csr function 93 * 94 * @param csr [IN] The csr context 95 * @param cmd [IN] HITLS_X509_Cmd 96 * @param val [IN/OUT] input and output value. 97 * @param valLen [IN] value length. 98 * @retval #HITLS_PKI_SUCCESS, success. 99 * Error codes can be found in hitls_pki_errno.h 100 */ 101 int32_t HITLS_X509_CsrCtrl(HITLS_X509_Csr *csr, int32_t cmd, void *val, uint32_t valLen); 102 103 /** 104 * @ingroup pki 105 * @brief Parse the csr in the buffer.When the parameter is BSL_FORMAT_PEM and 106 * BSL_FORMAT_UNKNOWN, the buff of encode needs to end with '\0' 107 * 108 * @param format [IN] Encoding format: BSL_FORMAT_PEM/BSL_FORMAT_ASN1 109 * @param encode [IN] The csr data 110 * @param csr [OUT] The csr context after parsing 111 * @retval #HITLS_PKI_SUCCESS, success. 112 * Error codes can be found in hitls_pki_errno.h 113 */ 114 int32_t HITLS_X509_CsrParseBuff(int32_t format, const BSL_Buffer *encode, HITLS_X509_Csr **csr); 115 116 /** 117 * @ingroup pki 118 * @brief Parse the csr in the file 119 * 120 * @param format [IN] Encoding format: BSL_FORMAT_PEM/BSL_FORMAT_ASN1 121 * @param path [IN] The csr file path 122 * @param csr [OUT] The csr context after parsing 123 * @retval #HITLS_PKI_SUCCESS, success. 124 * Error codes can be found in hitls_pki_errno.h 125 */ 126 int32_t HITLS_X509_CsrParseFile(int32_t format, const char *path, HITLS_X509_Csr **csr); 127 128 /** 129 * @ingroup pki 130 * @brief Csr verify function 131 * 132 * @param csr [OUT] The csr context 133 * @retval #HITLS_PKI_SUCCESS, success. 134 * Error codes can be found in hitls_pki_errno.h 135 */ 136 int32_t HITLS_X509_CsrVerify(HITLS_X509_Csr *csr); 137 138 #ifdef __cplusplus 139 } 140 #endif 141 142 #endif // HITLS_PKI_CSR_H 143