1=pod 2 3=head1 NAME 4 5ossl_cmp_certresponse_get1_cert, 6ossl_cmp_pkisi_get_status, 7ossl_cmp_PKIStatus_to_string, 8ossl_cmp_pkisi_get0_statusString, 9ossl_cmp_pkisi_get_pkifailureinfo, 10ossl_cmp_pkisi_check_pkifailureinfo 11- functions for managing PKI status information 12 13=head1 SYNOPSIS 14 15 #include "cmp.h" 16 17# define OSSL_CMP_PKIFAILUREINFO_badAlg 0 18# define OSSL_CMP_PKIFAILUREINFO_badMessageCheck 1 19# define OSSL_CMP_PKIFAILUREINFO_badRequest 2 20# define OSSL_CMP_PKIFAILUREINFO_badTime 3 21# define OSSL_CMP_PKIFAILUREINFO_badCertId 4 22# define OSSL_CMP_PKIFAILUREINFO_badDataFormat 5 23# define OSSL_CMP_PKIFAILUREINFO_wrongAuthority 6 24# define OSSL_CMP_PKIFAILUREINFO_incorrectData 7 25# define OSSL_CMP_PKIFAILUREINFO_missingTimeStamp 8 26# define OSSL_CMP_PKIFAILUREINFO_badPOP 9 27# define OSSL_CMP_PKIFAILUREINFO_certRevoked 10 28# define OSSL_CMP_PKIFAILUREINFO_certConfirmed 11 29# define OSSL_CMP_PKIFAILUREINFO_wrongIntegrity 12 30# define OSSL_CMP_PKIFAILUREINFO_badRecipientNonce 13 31# define OSSL_CMP_PKIFAILUREINFO_timeNotAvailable 14 32# define OSSL_CMP_PKIFAILUREINFO_unacceptedPolicy 15 33# define OSSL_CMP_PKIFAILUREINFO_unacceptedExtension 16 34# define OSSL_CMP_PKIFAILUREINFO_addInfoNotAvailable 17 35# define OSSL_CMP_PKIFAILUREINFO_badSenderNonce 18 36# define OSSL_CMP_PKIFAILUREINFO_badCertTemplate 19 37# define OSSL_CMP_PKIFAILUREINFO_signerNotTrusted 20 38# define OSSL_CMP_PKIFAILUREINFO_transactionIdInUse 21 39# define OSSL_CMP_PKIFAILUREINFO_unsupportedVersion 22 40# define OSSL_CMP_PKIFAILUREINFO_notAuthorized 23 41# define OSSL_CMP_PKIFAILUREINFO_systemUnavail 24 42# define OSSL_CMP_PKIFAILUREINFO_systemFailure 25 43# define OSSL_CMP_PKIFAILUREINFO_duplicateCertReq 26 44# define OSSL_CMP_PKIFAILUREINFO_MAX 26 45 46 X509 *ossl_cmp_certresponse_get1_cert(const OSSL_CMP_CTX *ctx, 47 const OSSL_CMP_CERTRESPONSE *crep); 48 int ossl_cmp_pkisi_get_status(const OSSL_CMP_PKISI *si); 49 const char *ossl_cmp_PKIStatus_to_string(int status); 50 OSSL_CMP_PKIFREETEXT *ossl_cmp_pkisi_get0_statusString(const OSSL_CMP_PKISI *si); 51 int ossl_cmp_pkisi_get_pkifailureinfo(const OSSL_CMP_PKISI *si); 52 int ossl_cmp_pkisi_check_pkifailureinfo(const OSSL_CMP_PKISI *si, int index); 53 54=head1 DESCRIPTION 55 56ossl_cmp_certresponse_get1_cert() returns a pointer to a copy of the newly 57enrolled certificate from the given certResponse I<crep>, or NULL on error. 58Uses data from I<ctx>, which in case of indirect POPO includes the private key. 59 60ossl_cmp_pkisi_get_status() returns the PKIStatus of I<si>, or -1 on error. 61 62ossl_cmp_PKIStatus_to_string() returns a human-readable string representing 63the PKIStatus values as specified in RFC 4210, Appendix F. 64 65ossl_cmp_pkisi_get0_statusString() returns a direct pointer to the statusString 66field contained in I<si>. 67 68ossl_cmp_pkisi_get_pkifailureinfo() returns the PKIFailureInfo bits 69of I<si>, encoded as integer, or -1 on error. 70 71ossl_cmp_pkisi_check_pkifailureinfo() returns the state of the bit (0 or 1) 72with index I<index> in the PKIFailureInfo of the I<si>, or -1 on error. 73 74=head1 NOTES 75 76CMP is defined in RFC 4210 (and CRMF in RFC 4211). 77 78=head1 RETURN VALUES 79 80See the individual functions above. 81 82=head1 SEE ALSO 83 84L<OSSL_CMP_CTX_new(3)>, L<ossl_cmp_certreq_new(3)> 85 86=head1 HISTORY 87 88The OpenSSL CMP support was added in OpenSSL 3.0. 89 90=head1 COPYRIGHT 91 92Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved. 93 94Licensed under the Apache License 2.0 (the "License"). You may not use 95this file except in compliance with the License. You can obtain a copy 96in the file LICENSE in the source distribution or at 97L<https://www.openssl.org/source/license.html>. 98 99=cut 100