185 the library context I<libctx> and property query string I<propq>,
195 OSSL_CMP_CTX_reinit() prepares the given I<ctx> for a further transaction by
202 OSSL_CMP_CTX_get0_libctx() returns the I<libctx> argument that was used
203 when constructing I<ctx> with OSSL_CMP_CTX_new(), which may be NULL.
205 OSSL_CMP_CTX_get0_propq() returns the I<propq> argument that was used
206 when constructing I<ctx> with OSSL_CMP_CTX_new(), which may be NULL.
253         if and only if OSSL_CMP_CTX_set_http_cb_arg() sets a non-NULL I<arg>.
363 OSSL_CMP_CTX_set_log_cb() sets in I<ctx> the callback function I<cb>
365 When I<cb> is NULL errors are printed to STDERR (if available, else ignored)
374 if set in the I<ctx> for uniformity with CMP logging if given. Otherwise it uses
381 OSSL_CMP_CTX_set1_server() sets the given server I<address>
382 (which may be a hostname or IP address or NULL) in the given I<ctx>.
385 If not used or the I<port> argument is 0
409 The callback may modify the I<bio> provided by L<OSSL_CMP_MSG_http_perform(3)>
410 as described for the I<bio_update_fn> parameter of L<OSSL_HTTP_open(3)>.
411 The callback may make use of a custom defined argument I<arg>,
412 as described for the I<arg> parameter of L<OSSL_HTTP_open(3)>.
419 I<arg> is not consumed, and it must therefore explicitly be freed when not
420 needed any more. I<arg> may be NULL to clear the entry.
433 The callback should send the CMP request message it obtains via the I<req>
441 I<arg> is not consumed, and it must therefore explicitly be freed when not
442 needed any more. I<arg> may be NULL to clear the entry.
448 OSSL_CMP_CTX_set1_srvCert() sets the expected server cert in I<ctx> and trusts
453 The I<cert> argument may be NULL to clear the entry.
470 It sets in the CMP context I<ctx> the certificate store of type X509_STORE
480 It extracts from the CMP context I<ctx> the pointer to the currently set
488 This list of untrusted certificates in I<ctx> will get augmented by extraCerts
492 list of untrusted certs in I<ctx>, which may be empty if unset.
494 OSSL_CMP_CTX_set1_cert() sets the CMP I<signer certificate>,
495 also called I<protection certificate>,
497 Therefore the public key of this I<cert> must correspond to
502 The subject of this I<cert> will be used as the sender field of outgoing
507 The I<cert> argument may be NULL to clear the entry.
510 certificate previously set in the I<ctx>. It adds the optional I<candidates>,
512 to the untrusted certs that may already exist in the I<ctx>.
514 If I<own_trusted> is NULL it builds the chain as far down as possible and
516 verifiable where the chain reaches a trust anchor contained in I<own_trusted>.
517 On success the function stores the resulting chain in I<ctx>
521 with the I<candidates> and I<own_trusted> arguments being NULL.
528 The I<pkey> argument may be NULL to clear the entry.
530 OSSL_CMP_CTX_set1_secretValue() sets in I<ctx> the byte string I<sec> of length
531 I<len> to use as pre-shared secret, or clears it if the I<sec> argument is NULL.
537 OSSL_CMP_CTX_set1_referenceValue() sets the given referenceValue I<ref> with
538 length I<len> in the given I<ctx> or clears it if the I<ref> argument is NULL.
547 the I<ref> value is taken as the fallback value for the senderKID.
560 OSSL_CMP_CTX_push0_geninfo_ITAV() adds I<itav> to the stack in the I<ctx> to be
567 OSSL_CMP_CTX_get0_geninfo_ITAVs() returns the list of ITAVs set in I<ctx>
576 The I<priv> parameter must be 0 if and only if the given key is a public key.
582 If the I<priv> parameter is not 0 and the selected key does not have a
596 The I<subjectName> is also used as fallback for the sender field
625 For IR/CR/KUR this sets the I<reference certificate>,
627 The I<reference certificate> determined this way, if any, is used for providing
640 OSSL_CMP_CTX_push0_genm_ITAV() adds I<itav> to the stack in the I<ctx> which
646 verified using this trust store and untrusted certificates from the I<ctx>,
650 chain as far as possible using the same untrusted certificates from the I<ctx>,
663 and should inspect the certificate it obtains via the I<cert> parameter and may
664 overrule the pre-decision given in the I<fail_info> and I<*txt> parameters.
667 may set the I<*txt> output parameter to point to a string constant with more
669 in the I<ctx> by means of OSSL_CMP_CTX_set_certConf_cb_arg(), which may be
678 I<arg> is not consumed, and it must therefore explicitly be freed when not
679 needed any more. I<arg> may be NULL to clear the entry.
747 OSSL_CMP_CTX_set1_senderNonce() stores the last sent sender I<nonce> in
748 the I<ctx>. This will be used to validate the recipNonce in incoming messages.
781 OSSL_CMP_certConf_cb() returns I<fail_info> if it is not equal to 0,

Last Index update Thu Oct 03 06:04:22 UTC 2024

Dedicated to & Maintained by Room-11