/*
* Copyright 1999-2006 University of Chicago
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef HEADER_PROXYCERTINFO_H
#define HEADER_PROXYCERTINFO_H
/**
* @file proxycertinfo.h
* @brief Proxy Certificate Info
* @author Sam Meder
* @author Sam Lang
*/
#ifndef GLOBUS_GLOBAL_DOCUMENT_SET
/**
* @mainpage Globus GSI Proxy SSL API
* @copydoc globus_gsi_proxy_ssl_api
*/
#endif
/**
* @defgroup globus_gsi_proxy_ssl_api Globus GSI Proxy SSL API
*
* The globus_gsi_proxy_ssl library provides the ability
* to create a PROXYCERTINFO extension for inclusion in
* an X.509 certificate. The current specification for the
* extension is described in
* RFC 3820.
*
* The library conforms to the ASN.1 implementation in
* the OpenSSL library, and provides
* an interface to convert from a DER encoded PROXYCERTINFO
* to its internal structure and vice-versa.
*
* @section proxycertinfo_section ProxyCertInfo
* @copydoc proxycertinfo
* For more information, see the documentation in
* @link proxycertinfo ProxyCertInfo @endlink
* @section proxypolicy_section ProxyPolicy
* @copydoc proxypolicy
* For more information, see the documentation in
* @link proxypolicy ProxyPolicy @endlink
*/
#include "proxypolicy.h"
#include
#include
#include
#include
#include
#ifdef __cplusplus
extern "C" {
#endif
/**
* @defgroup proxycertinfo ProxyCertInfo
* @ingroup globus_gsi_proxy_ssl_api
*
* The proxycertinfo.h file defines a method of
* maintaining information about proxy certificates.
*/
#define PROXYCERTINFO_OLD_OID "1.3.6.1.4.1.3536.1.222"
#define PROXYCERTINFO_OID "1.3.6.1.5.5.7.1.14"
#define PROXYCERTINFO_SN "PROXYCERTINFO"
#define PROXYCERTINFO_LN "Proxy Certificate Info Extension"
#define PROXYCERTINFO_OLD_SN "OLD_PROXYCERTINFO"
#define PROXYCERTINFO_OLD_LN "Proxy Certificate Info Extension (old OID)"
/*
* Used for error checking
*/
#define ASN1_F_PROXYCERTINFO_NEW 430
#define ASN1_F_D2I_PROXYCERTINFO 431
/* data structures */
/**
* @ingroup proxycertinfo
*
* This typedef maintains information about a proxy
* certificate.
*
* @note NOTE: The API provides functions to manipulate
* the fields of a PROXYCERTINFO. Accessing the fields
* directly is not a good idea.
*
*
* @param path_length an optional field in the ANS.1 DER encoding,
* it specifies the maximum depth of the path of Proxy Certificates
* that can be signed by this End Entity Certificate or Proxy Certificate.
* @param policy a non-optional field in the ANS.1 DER encoding,
* specifies policies on the use of this certificate.
*/
struct PROXYCERTINFO_st
{
ASN1_INTEGER * path_length; /* [ OPTIONAL ] */
PROXYPOLICY * policy;
};
typedef struct PROXYCERTINFO_st PROXYCERTINFO;
DECLARE_STACK_OF(PROXYCERTINFO)
DECLARE_ASN1_SET_OF(PROXYCERTINFO)
/* macros */
#define d2i_PROXYCERTINFO_bio(bp, pci) \
(PROXYCERTINFO *) ASN1_d2i_bio((char *(*)()) PROXYCERTINFO_new, \
(char *(*)()) d2i_PROXYCERTINFO, \
(bp), (unsigned char **) pci)
#define i2d_PROXYCERTINFO_bio(bp, pci) \
ASN1_i2d_bio(i2d_PROXYCERTINFO, bp, \
(unsigned char *)pci)
/* functions */
#if OPENSSL_VERSION_NUMBER < 0x10000000L
ASN1_METHOD * PROXYCERTINFO_asn1_meth();
#endif
PROXYCERTINFO * PROXYCERTINFO_new();
void PROXYCERTINFO_free(
PROXYCERTINFO * cert_info);
PROXYCERTINFO * PROXYCERTINFO_dup(
PROXYCERTINFO * cert_info);
int PROXYCERTINFO_cmp(
const PROXYCERTINFO * a,
const PROXYCERTINFO * b);
int PROXYCERTINFO_print(
BIO * bp,
PROXYCERTINFO * cert_info);
int PROXYCERTINFO_print_fp(
FILE * fp,
PROXYCERTINFO * cert_info);
int PROXYCERTINFO_set_policy(
PROXYCERTINFO * cert_info,
PROXYPOLICY * policy);
PROXYPOLICY * PROXYCERTINFO_get_policy(
PROXYCERTINFO * cert_info);
int PROXYCERTINFO_set_path_length(
PROXYCERTINFO * cert_info,
long path_length);
long PROXYCERTINFO_get_path_length(
PROXYCERTINFO * cert_info);
int i2d_PROXYCERTINFO(
PROXYCERTINFO * cert_info,
unsigned char ** a);
PROXYCERTINFO * d2i_PROXYCERTINFO(
PROXYCERTINFO ** cert_info,
unsigned char ** a,
long length);
int i2d_PROXYCERTINFO_OLD(
PROXYCERTINFO * cert_info,
unsigned char ** a);
PROXYCERTINFO * d2i_PROXYCERTINFO_OLD(
PROXYCERTINFO ** cert_info,
unsigned char ** a,
long length);
X509V3_EXT_METHOD * PROXYCERTINFO_x509v3_ext_meth();
X509V3_EXT_METHOD * PROXYCERTINFO_OLD_x509v3_ext_meth();
STACK_OF(CONF_VALUE) * i2v_PROXYCERTINFO(
struct v3_ext_method * method,
PROXYCERTINFO * ext,
STACK_OF(CONF_VALUE) * extlist);
#ifdef __cplusplus
}
#endif
#endif /* HEADER_PROXYCERTINFO_H */