[apple/security.git] / OSX / libsecurity_apple_x509_tp / lib / tpCrlVerify.h

/*
 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/*
 * tpCrlVerify.h - routines to verify CRLs and to verify certs against CRLs.
 *
 */
 
#ifndef	_TP_CRL_VERIFY_H_
#define _TP_CRL_VERIFY_H_

#include <Security/cssmtype.h>
#include <security_utilities/alloc.h>
#include <Security/cssmapple.h>
#include <Security/cssmapplePriv.h>

class TPCertInfo;
class TPCertGroup;
class TPCrlInfo;
class TPCrlGroup;

/*
 * Enumerated CRL policies enforced by this module.
 */
typedef enum {
	kRevokeNone,			/* no revocation checking */
	kRevokeCrlBasic,
	kRevokeOcsp	
} TPRevocationPolicy;

/* Module-specific default policy */
#define TP_CRL_POLICY_DEFAULT	kRevokeNone

/*
 * Various parameters widely used in any operation involving CRL and 
 * OCSP verification. Most fields are optional.
 */
class TPVerifyContext {
	NOCOPY(TPVerifyContext)
public:
	TPVerifyContext(
		Allocator			&_alloc,
		CSSM_CL_HANDLE		_clHand,
		CSSM_CSP_HANDLE		_cspHand,
		CSSM_TIMESTRING		_verifyTime,
		uint32				_numAnchorCerts,
		const CSSM_DATA		*_anchorCerts,
		TPCertGroup			*_signerCerts,
		TPCrlGroup			*_inputCrls,
		TPCertGroup			&_gatheredCerts,
		CSSM_DL_DB_LIST_PTR	_dbList,
		TPRevocationPolicy	_policy,
		CSSM_APPLE_TP_ACTION_FLAGS	_actionFlags,
		CSSM_APPLE_TP_CRL_OPTIONS	*_crlOpts,
		CSSM_APPLE_TP_OCSP_OPTIONS	*_ocspOpts,
		const CSSM_OID		*_policyOid,
		const char			*_policyStr,
		uint32				_policyStrLen,
		CSSM_KEYUSE			_keyUse)
			: alloc(_alloc),
				clHand(_clHand),
				cspHand(_cspHand),
				verifyTime(_verifyTime),
				numAnchorCerts(_numAnchorCerts),
				anchorCerts(_anchorCerts),
				signerCerts(_signerCerts),
				inputCrls(_inputCrls),
				gatheredCerts(_gatheredCerts),
				dbList(_dbList),
				policy(_policy),
				actionFlags(_actionFlags),
				crlOpts(_crlOpts),
				ocspOpts(_ocspOpts),
				policyOid(_policyOid),
				policyStr(_policyStr),
				policyStrLen(_policyStrLen),
				keyUse(_keyUse)
					{ }
	
	~TPVerifyContext() { }
	
	Allocator						&alloc;
	CSSM_CL_HANDLE					clHand;
	CSSM_CSP_HANDLE					cspHand;
	
	/* 
	 * NULL means "verify for this momemt", otherwise indicates 
	 * time at which an entity is to be verified.
	 */
    CSSM_TIMESTRING 				verifyTime;
	
	/* trusted anchors */
	/* FIXME - maybe this should be a TPCertGroup */
    uint32 							numAnchorCerts;
	const CSSM_DATA					*anchorCerts;
	
	/* 
	 * Intermediate signing certs. Always present.
	 * This could come from the raw cert group to be verified
	 * in CertGroupVerify(), or the explicit SignerCertGroup in
	 * CrlVerify(). IN both cases the cert group owns the certs and 
	 * eventually frees them. These certs have not been verified in any 
	 * way other than to ensure that they parse and have been cached
	 * by the CL.
	 */
	TPCertGroup						*signerCerts;

	/* Raw CRLs provided by caller, state unknown, optional */
	TPCrlGroup						*inputCrls;
	
	/*
	 * Other certificates gathered during the course of this operation,
	 * currently consisting of certs fetched from DBs and from the net.
	 * This is currently set to AppleTPSession::CertGroupVerify's
	 * certsToBeFreed, to include certs fetched from the net (a
	 * significant optimization) and from DLDB (a side effect, also
	 * a slight optimization).
	 */
	TPCertGroup						&gatheredCerts;
	
	/* can contain certs and/or CRLs */
    CSSM_DL_DB_LIST_PTR 			dbList;
	
	TPRevocationPolicy				policy;
	CSSM_APPLE_TP_ACTION_FLAGS		actionFlags;
	
	/* one of these valid, depends on policy */
	const CSSM_APPLE_TP_CRL_OPTIONS	*crlOpts;
	const CSSM_APPLE_TP_OCSP_OPTIONS *ocspOpts;
	
	/* optional user trust parameters */
	const CSSM_OID					*policyOid;
	const char						*policyStr;
	uint32							policyStrLen;
	CSSM_KEYUSE						keyUse;
};

extern "C" {

/* CRL - specific */
CSSM_RETURN tpVerifyCertGroupWithCrls(
	TPVerifyContext					&tpVerifyContext,
	TPCertGroup 					&certGroup);		// to be verified 
	
/* general purpose, switch to policy-specific code based on TPVerifyContext.policy */
CSSM_RETURN tpRevocationPolicyVerify(
	TPVerifyContext					&tpVerifyContext,
	TPCertGroup 					&certGroup);		// to be verified 

}

#endif	/* _TP_CRL_VERIFY_H_ */
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	/*
	20	* tpCrlVerify.h - routines to verify CRLs and to verify certs against CRLs.
	21	*
b1ab9ed8 A	22	*/
	23
	24	#ifndef _TP_CRL_VERIFY_H_
	25	#define _TP_CRL_VERIFY_H_
	26
	27	#include <Security/cssmtype.h>
	28	#include <security_utilities/alloc.h>
	29	#include <Security/cssmapple.h>
	30	#include <Security/cssmapplePriv.h>
	31
	32	class TPCertInfo;
	33	class TPCertGroup;
	34	class TPCrlInfo;
	35	class TPCrlGroup;
	36
	37	/*
	38	* Enumerated CRL policies enforced by this module.
	39	*/
	40	typedef enum {
	41	kRevokeNone, /* no revocation checking */
	42	kRevokeCrlBasic,
	43	kRevokeOcsp
	44	} TPRevocationPolicy;
	45
	46	/* Module-specific default policy */
	47	#define TP_CRL_POLICY_DEFAULT kRevokeNone
	48
	49	/*
	50	* Various parameters widely used in any operation involving CRL and
	51	* OCSP verification. Most fields are optional.
	52	*/
	53	class TPVerifyContext {
	54	NOCOPY(TPVerifyContext)
	55	public:
	56	TPVerifyContext(
	57	Allocator &_alloc,
	58	CSSM_CL_HANDLE _clHand,
	59	CSSM_CSP_HANDLE _cspHand,
	60	CSSM_TIMESTRING _verifyTime,
	61	uint32 _numAnchorCerts,
	62	const CSSM_DATA *_anchorCerts,
	63	TPCertGroup *_signerCerts,
	64	TPCrlGroup *_inputCrls,
	65	TPCertGroup &_gatheredCerts,
	66	CSSM_DL_DB_LIST_PTR _dbList,
	67	TPRevocationPolicy _policy,
	68	CSSM_APPLE_TP_ACTION_FLAGS _actionFlags,
	69	CSSM_APPLE_TP_CRL_OPTIONS *_crlOpts,
	70	CSSM_APPLE_TP_OCSP_OPTIONS *_ocspOpts,
	71	const CSSM_OID *_policyOid,
	72	const char *_policyStr,
	73	uint32 _policyStrLen,
	74	CSSM_KEYUSE _keyUse)
	75	: alloc(_alloc),
	76	clHand(_clHand),
	77	cspHand(_cspHand),
	78	verifyTime(_verifyTime),
	79	numAnchorCerts(_numAnchorCerts),
	80	anchorCerts(_anchorCerts),
	81	signerCerts(_signerCerts),
	82	inputCrls(_inputCrls),
	83	gatheredCerts(_gatheredCerts),
	84	dbList(_dbList),
	85	policy(_policy),
86	actionFlags(_actionFlags),
87	crlOpts(_crlOpts),
88	ocspOpts(_ocspOpts),
89	policyOid(_policyOid),
90	policyStr(_policyStr),
91	policyStrLen(_policyStrLen),
92	keyUse(_keyUse)
93	{ }
94
95	~TPVerifyContext() { }
96
97	Allocator &alloc;
98	CSSM_CL_HANDLE clHand;
99	CSSM_CSP_HANDLE cspHand;
100
101	/*
102	* NULL means "verify for this momemt", otherwise indicates
103	* time at which an entity is to be verified.
104	*/
105	CSSM_TIMESTRING verifyTime;
106
107	/* trusted anchors */
108	/* FIXME - maybe this should be a TPCertGroup */
109	uint32 numAnchorCerts;
110	const CSSM_DATA *anchorCerts;
111
112	/*
113	* Intermediate signing certs. Always present.
114	* This could come from the raw cert group to be verified
115	* in CertGroupVerify(), or the explicit SignerCertGroup in
116	* CrlVerify(). IN both cases the cert group owns the certs and
117	* eventually frees them. These certs have not been verified in any
118	* way other than to ensure that they parse and have been cached
119	* by the CL.
120	*/
121	TPCertGroup *signerCerts;
122
123	/* Raw CRLs provided by caller, state unknown, optional */
124	TPCrlGroup *inputCrls;
125
126	/*
127	* Other certificates gathered during the course of this operation,
128	* currently consisting of certs fetched from DBs and from the net.
129	* This is currently set to AppleTPSession::CertGroupVerify's
130	* certsToBeFreed, to include certs fetched from the net (a
131	* significant optimization) and from DLDB (a side effect, also
132	* a slight optimization).
133	*/
134	TPCertGroup &gatheredCerts;
135
136	/* can contain certs and/or CRLs */
137	CSSM_DL_DB_LIST_PTR dbList;
138
139	TPRevocationPolicy policy;
140	CSSM_APPLE_TP_ACTION_FLAGS actionFlags;
141
142	/* one of these valid, depends on policy */
143	const CSSM_APPLE_TP_CRL_OPTIONS *crlOpts;
144	const CSSM_APPLE_TP_OCSP_OPTIONS *ocspOpts;
145
146	/* optional user trust parameters */
147	const CSSM_OID *policyOid;
148	const char *policyStr;
149	uint32 policyStrLen;
150	CSSM_KEYUSE keyUse;
151	};
152
153	extern "C" {
154
155	/* CRL - specific */
156	CSSM_RETURN tpVerifyCertGroupWithCrls(
157	TPVerifyContext &tpVerifyContext,
158	TPCertGroup &certGroup); // to be verified
159
160	/* general purpose, switch to policy-specific code based on TPVerifyContext.policy */
161	CSSM_RETURN tpRevocationPolicyVerify(
162	TPVerifyContext &tpVerifyContext,
163	TPCertGroup &certGroup); // to be verified
164
165	}
166
167	#endif /* _TP_CRL_VERIFY_H_ */