S2OPC OPCUA Toolkit
sopc_pki_decl.h
Go to the documentation of this file.
1 /*
2  * Licensed to Systerel under one or more contributor license
3  * agreements. See the NOTICE file distributed with this work
4  * for additional information regarding copyright ownership.
5  * Systerel licenses this file to you under the Apache
6  * License, Version 2.0 (the "License"); you may not use this
7  * file except in compliance with the License. You may obtain
8  * a copy of the License at
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing,
13  * software distributed under the License is distributed on an
14  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15  * KIND, either express or implied. See the License for the
16  * specific language governing permissions and limitations
17  * under the License.
18  */
19 
29 #ifndef SOPC_CRYPTO_PKI_DECL_H_
30 #define SOPC_CRYPTO_PKI_DECL_H_
31 
32 #include "sopc_crypto_decl.h"
33 
34 /* The maximum number of rejected certificate stored by the PKI */
35 #ifndef SOPC_PKI_MAX_NB_CERT_REJECTED
36 #define SOPC_PKI_MAX_NB_CERT_REJECTED 10
37 #endif
38 
39 /* The maximum number of trusted/issuer certificate/CRL stored by the PKI */
40 #ifndef SOPC_PKI_MAX_NB_CERT_AND_CRL
41 #define SOPC_PKI_MAX_NB_CERT_AND_CRL 50
42 #endif
43 
44 /*
45  The directory store shall be organized as follows:
46  .
47  |
48  ---- <Directory_store_name>
49  |
50  |---- trusted
51  | |
52  | ---- certs
53  | ---- crl
54  |---- issuers
55  | |
56  | ---- certs
57  | ---- crl
58  |---- rejected
59  |
60  ---- (updatedTrustList) [automatically created for runtime update persistence]
61  | |
62  | ---- trusted
63  | | |
64  | | ---- certs
65  | | ---- crl
66  | ---- issuers
67  | |
68  | ---- certs
69  | ---- crl
70 */
71 
75 typedef enum
76 {
83 
87 typedef enum
88 {
92 
96 typedef enum
97 {
100 
104 typedef enum
105 {
112  SOPC_PKI_KU_KEY_CRL_SIGN = 0x00100
114 
118 typedef enum
119 {
124 
128 typedef enum
129 {
134 
135 typedef struct SOPC_PKIProvider SOPC_PKIProvider;
136 typedef struct SOPC_PKI_Profile SOPC_PKI_Profile;
139 
141  const SOPC_CertificateList* pToValidate,
142  const SOPC_PKI_Profile* pProfile,
143  uint32_t* error);
144 
145 #endif /* SOPC_CRYPTO_PKI_DECL_H_ */
SOPC_PKI_MD_SHA1
@ SOPC_PKI_MD_SHA1
Definition: sopc_pki_decl.h:77
SOPC_PKI_ExtendedKeyUsage_Mask
SOPC_PKI_ExtendedKeyUsage_Mask
Extended Key usage.
Definition: sopc_pki_decl.h:119
SOPC_PKI_CURVES_ANY
@ SOPC_PKI_CURVES_ANY
Definition: sopc_pki_decl.h:98
SOPC_PKI_ChainProfile
Structure containing the certificate chain profile for the validation with SOPC_PKIProvider_ValidateC...
Definition: sopc_pki_struct_lib_internal.h:92
SOPC_CertificateList
The signed public key representation.
Definition: key_manager_cyclone.h:60
SOPC_PKIProvider
The PKIProvider object for the Public Key Infrastructure.
Definition: sopc_pki_struct_lib_internal.h:129
SOPC_PKI_KU_KEY_CRL_SIGN
@ SOPC_PKI_KU_KEY_CRL_SIGN
Definition: sopc_pki_decl.h:112
SOPC_PKI_MD_SHA256
@ SOPC_PKI_MD_SHA256
Definition: sopc_pki_decl.h:78
SOPC_PKI_TYPE_USER
@ SOPC_PKI_TYPE_USER
Definition: sopc_pki_decl.h:132
SOPC_PKI_EllipticCurves
SOPC_PKI_EllipticCurves
Elliptic curves for ECDSA.
Definition: sopc_pki_decl.h:97
SOPC_PKI_KU_KEY_ENCIPHERMENT
@ SOPC_PKI_KU_KEY_ENCIPHERMENT
Definition: sopc_pki_decl.h:109
sopc_crypto_decl.h
Defines the common declarations for the cryptographic objects. The structures and macros defined in t...
SOPC_PKI_TYPE_SERVER_APP
@ SOPC_PKI_TYPE_SERVER_APP
Definition: sopc_pki_decl.h:131
SOPC_PKI_KU_DIGITAL_SIGNATURE
@ SOPC_PKI_KU_DIGITAL_SIGNATURE
Definition: sopc_pki_decl.h:108
SOPC_PKI_MdSign
SOPC_PKI_MdSign
Message digests for signatures.
Definition: sopc_pki_decl.h:76
SOPC_PKI_LeafProfile
Structure containing the leaf certificate profile for validation with SOPC_PKIProvider_ValidateCertif...
Definition: sopc_pki_struct_lib_internal.h:63
SOPC_PKI_KU_KEY_DATA_ENCIPHERMENT
@ SOPC_PKI_KU_KEY_DATA_ENCIPHERMENT
Definition: sopc_pki_decl.h:110
SOPC_PKI_TYPE_CLIENT_APP
@ SOPC_PKI_TYPE_CLIENT_APP
Definition: sopc_pki_decl.h:130
SOPC_PKI_EKU_CLIENT_AUTH
@ SOPC_PKI_EKU_CLIENT_AUTH
Definition: sopc_pki_decl.h:121
SOPC_PKI_MD_SHA1_OR_ABOVE
@ SOPC_PKI_MD_SHA1_OR_ABOVE
Definition: sopc_pki_decl.h:80
SOPC_FnValidateCert
SOPC_ReturnStatus SOPC_FnValidateCert(SOPC_PKIProvider *pPKI, const SOPC_CertificateList *pToValidate, const SOPC_PKI_Profile *pProfile, uint32_t *error)
Definition: sopc_pki_decl.h:140
SOPC_PKI_MD_SHA1_AND_SHA256
@ SOPC_PKI_MD_SHA1_AND_SHA256
Definition: sopc_pki_decl.h:79
SOPC_PKI_PkAlgo
SOPC_PKI_PkAlgo
Public key algorithms.
Definition: sopc_pki_decl.h:88
SOPC_PKI_KeyUsage_Mask
SOPC_PKI_KeyUsage_Mask
Key usage.
Definition: sopc_pki_decl.h:105
SOPC_PKI_KU_NONE
@ SOPC_PKI_KU_NONE
Definition: sopc_pki_decl.h:106
SOPC_PKI_Type
SOPC_PKI_Type
Type of PKI.
Definition: sopc_pki_decl.h:129
SOPC_PKI_EKU_SERVER_AUTH
@ SOPC_PKI_EKU_SERVER_AUTH
Definition: sopc_pki_decl.h:122
SOPC_PKI_PK_RSA
@ SOPC_PKI_PK_RSA
Definition: sopc_pki_decl.h:90
SOPC_PKI_Profile
Structure containing the validation configuration.
Definition: sopc_pki_struct_lib_internal.h:118
SOPC_PKI_MD_SHA256_OR_ABOVE
@ SOPC_PKI_MD_SHA256_OR_ABOVE
Definition: sopc_pki_decl.h:81
SOPC_PKI_KU_NON_REPUDIATION
@ SOPC_PKI_KU_NON_REPUDIATION
Definition: sopc_pki_decl.h:107
SOPC_PKI_PK_ANY
@ SOPC_PKI_PK_ANY
Definition: sopc_pki_decl.h:89
SOPC_PKI_KU_KEY_CERT_SIGN
@ SOPC_PKI_KU_KEY_CERT_SIGN
Definition: sopc_pki_decl.h:111
SOPC_PKI_EKU_NONE
@ SOPC_PKI_EKU_NONE
Definition: sopc_pki_decl.h:120
SOPC_ReturnStatus
SOPC_ReturnStatus
Definition: libs2opc_client.h:64