S2OPC OPCUA Toolkit
sopc_pki.h
Go to the documentation of this file.
1 /*
2  * Licensed to Systerel under one or more contributor license
3  * agreements. See the NOTICE file distributed with this work
4  * for additional information regarding copyright ownership.
5  * Systerel licenses this file to you under the Apache
6  * License, Version 2.0 (the "License"); you may not use this
7  * file except in compliance with the License. You may obtain
8  * a copy of the License at
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing,
13  * software distributed under the License is distributed on an
14  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15  * KIND, either express or implied. See the License for the
16  * specific language governing permissions and limitations
17  * under the License.
18  */
19 
35 #ifndef SOPC_PKI_H_
36 #define SOPC_PKI_H_
37 
38 #include "sopc_crypto_decl.h"
39 #include "sopc_crypto_provider.h"
40 #include "sopc_key_manager.h"
41 
42 #define SOPC_CertificateValidationError_Invalid 0x80120000
43 #define SOPC_CertificateValidationError_TimeInvalid 0x80140000
44 #define SOPC_CertificateValidationError_IssuerTimeInvalid 0x80150000
45 #define SOPC_CertificateValidationError_HostNameInvalid 0x80160000
46 #define SOPC_CertificateValidationError_UriInvalid 0x80170000
47 #define SOPC_CertificateValidationError_UseNotAllowed 0x80180000
48 #define SOPC_CertificateValidationError_IssuerUseNotAllowed 0x80190000
49 #define SOPC_CertificateValidationError_Untrusted 0x801A0000
50 #define SOPC_CertificateValidationError_RevocationUnknown 0x801B0000
51 #define SOPC_CertificateValidationError_IssuerRevocationUnknown 0x801C0000
52 #define SOPC_CertificateValidationError_Revoked 0x801D0000
53 #define SOPC_CertificateValidationError_IssuerRevoked 0x801E0000
54 #define SOPC_CertificateValidationError_ChainIncomplete 0x810D0000
55 #define SOPC_CertificateValidationError_Unkown 0x80000000
56 
57 typedef void SOPC_PKIProvider_Free_Func(SOPC_PKIProvider* pPKI);
58 
63 typedef SOPC_ReturnStatus SOPC_FnValidateCertificate(const struct SOPC_PKIProvider* pPKI,
64  const SOPC_CertificateList* pToValidate,
65  uint32_t* error);
66 
70 struct SOPC_PKIProvider
71 {
75  SOPC_PKIProvider_Free_Func* const pFnFree;
76 
89  SOPC_FnValidateCertificate* const pFnValidateCertificate;
90 
92  void* pTrustedIssuerRootsList;
94  void* pTrustedIssuerLinksList;
96  void* pUntrustedIssuerRootsList;
98  void* pUntrustedIssuerLinksList;
100  void* pIssuedCertsList;
102  void* pCertRevocList;
104  void* pUserData;
105 };
106 
110 void SOPC_PKIProvider_Free(SOPC_PKIProvider** ppPKI);
111 
112 #endif /* SOPC_PKI_H_ */
SOPC_CertificateList
The signed public key representation, or a chained list of such keys.
Definition: key_manager_lib.h:66
SOPC_PKIProvider
The PKIProvider object defines the common interface for the Public Key Infrastructure.
Definition: sopc_pki.h:71
SOPC_PKIProvider::pIssuedCertsList
void * pIssuedCertsList
Placeholder for issued certificates that are trusted on a one by one basis.
Definition: sopc_pki.h:100
SOPC_PKIProvider_Free_Func
void SOPC_PKIProvider_Free_Func(SOPC_PKIProvider *pPKI)
Definition: sopc_pki.h:57
sopc_key_manager.h
The SOPC_KeyManager provides an API for Asymmetric Key Management such as loading signed public keys ...
SOPC_PKIProvider::pTrustedIssuerRootsList
void * pTrustedIssuerRootsList
Placeholder for CAs of trusted issuer roots (only roots, not links).
Definition: sopc_pki.h:92
sopc_crypto_decl.h
Defines the common declarations for the cryptographic objects.
SOPC_PKIProvider::pUntrustedIssuerLinksList
void * pUntrustedIssuerLinksList
Placeholder for CAs of untrusted issuers links (between a certificate to validate and a root).
Definition: sopc_pki.h:98
sopc_crypto_provider.h
Defines the cryptographic API. This API mainly relies on the SOPC_CryptoProvider, which is composed o...
SOPC_PKIProvider_Free
void SOPC_PKIProvider_Free(SOPC_PKIProvider **ppPKI)
Free a PKI provider.
SOPC_PKIProvider::pUserData
void * pUserData
PKI implementations can use this placeholder to store more specific data.
Definition: sopc_pki.h:104
SOPC_PKIProvider::pFnFree
SOPC_PKIProvider_Free_Func *const pFnFree
The free function, called upon generic SOPC_PKIProvider destruction.
Definition: sopc_pki.h:75
SOPC_PKIProvider::pUntrustedIssuerRootsList
void * pUntrustedIssuerRootsList
Placeholder for CAs of untrusted issuer roots (CAs used to validate issued certififcates,...
Definition: sopc_pki.h:96
SOPC_FnValidateCertificate
SOPC_ReturnStatus SOPC_FnValidateCertificate(const struct SOPC_PKIProvider *pPKI, const SOPC_CertificateList *pToValidate, uint32_t *error)
error is only set if returned status is different from SOPC_STATUS_OK
Definition: sopc_pki.h:63
SOPC_PKIProvider::pFnValidateCertificate
SOPC_FnValidateCertificate *const pFnValidateCertificate
The validation function, which is wrapped by SOPC_CryptoProvider_Certificate_Validate().
Definition: sopc_pki.h:89
SOPC_PKIProvider::pCertRevocList
void * pCertRevocList
PKI implementations can use this placeholder to store handles to certificate revocation list(s).
Definition: sopc_pki.h:102
SOPC_PKIProvider::pTrustedIssuerLinksList
void * pTrustedIssuerLinksList
Placeholder for CAs of trusted issuers links (between a certificate to validate and a root).
Definition: sopc_pki.h:94
SOPC_ReturnStatus
SOPC_ReturnStatus
Definition: libs2opc_client.h:61
Generated on Wed Feb 8 2023 15:22:54 for S2OPC OPCUA Toolkit by   doxygen 1.8.18