OpenPACE
cv_cert.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2010-2012 Dominik Oepen and Frank Morgner
3  *
4  * This file is part of OpenPACE.
5  *
6  * OpenPACE is free software: you can redistribute it and/or modify it under
7  * the terms of the GNU General Public License as published by the Free
8  * Software Foundation, either version 3 of the License, or (at your option)
9  * any later version.
10  *
11  * OpenPACE is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
13  * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
14  * details.
15  *
16  * You should have received a copy of the GNU General Public License along with
17  * OpenPACE. If not, see <http://www.gnu.org/licenses/>.
18  *
19  * Additional permission under GNU GPL version 3 section 7
20  *
21  * If you modify this Program, or any covered work, by linking or combining it
22  * with OpenSSL (or a modified version of that library), containing
23  * parts covered by the terms of OpenSSL's license, the licensors of
24  * this Program grant you additional permission to convey the resulting work.
25  * Corresponding Source for a non-source form of such a combination shall include
26  * the source code for the parts of OpenSSL used as well as that of the
27  * covered work.
28  *
29  * If you modify this Program, or any covered work, by linking or combining it
30  * with OpenSC (or a modified version of that library), containing
31  * parts covered by the terms of OpenSC's license, the licensors of
32  * this Program grant you additional permission to convey the resulting work.
33  * Corresponding Source for a non-source form of such a combination shall include
34  * the source code for the parts of OpenSC used as well as that of the
35  * covered work.
36  */
37 
46 #ifndef CVC_CERT_H_
47 #define CVC_CERT_H_
48 
49 #ifdef __cplusplus
50 extern "C" {
51 #endif
52 
53 #include <eac/objects.h>
54 #include <openssl/asn1.h>
55 #include <openssl/asn1t.h>
56 #include <openssl/bio.h>
57 
58 struct eac_ctx;
59 
60 #ifndef ASN1_APP_IMP
61 
62 #define ASN1_APP_IMP(stname, field, type, tag) ASN1_EX_TYPE(ASN1_TFLG_IMPTAG|ASN1_TFLG_APPLICATION, tag, stname, field, type)
63 #endif
64 #ifndef ASN1_APP_IMP_OPT
65 
66 #define ASN1_APP_IMP_OPT(stname, field, type, tag) ASN1_EX_TYPE(ASN1_TFLG_IMPTAG|ASN1_TFLG_APPLICATION|ASN1_TFLG_OPTIONAL, tag, stname, field, type)
67 #endif
68 #ifndef ASN1_APP_EXP_OPT
69 
70 #define ASN1_APP_EXP_OPT(stname, field, type, tag) ASN1_EX_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION|ASN1_TFLG_OPTIONAL, tag, stname, field, type)
71 #endif
72 #ifndef ASN1_APP_IMP_SEQUENCE_OF_OPT
73 #define ASN1_APP_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
74  ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_IMPTAG|ASN1_TFLG_APPLICATION|ASN1_TFLG_OPTIONAL, tag, stname, field, type)
75 #endif
76 
78 enum cvc_terminal_role {
80  CVC_Terminal = 0,
82  CVC_DocVer, /* XXX Ugly */
84  CVC_DV,
86  CVC_CVCA
87 };
88 
89 /* Number of bits and bytes of the relative authorization field in the CHAT.
90  * See TR-03110 pp. 85 */
91 #define EAC_AT_CHAT_BYTES 5
92 #define EAC_AT_CHAT_BITS 38
93 #define EAC_IS_CHAT_BYTES 1
94 #define EAC_IS_CHAT_BITS 6
95 #define EAC_ST_CHAT_BYTES 1
96 #define EAC_ST_CHAT_BITS 6
97 
101 typedef struct cvc_chat_seq_st {
104  ASN1_OBJECT *terminal_type;
106  ASN1_OCTET_STRING *relative_authorization;
107 } CVC_CHAT_SEQ;
109 typedef CVC_CHAT_SEQ CVC_CHAT;
110 DECLARE_ASN1_FUNCTIONS(CVC_CHAT)
111 
112 
120 typedef struct cvc_pubkey_st {
122  ASN1_OBJECT *oid;
124  ASN1_OCTET_STRING *cont1;
126  ASN1_OCTET_STRING *cont2;
128  ASN1_OCTET_STRING *cont3;
130  ASN1_OCTET_STRING *cont4;
132  ASN1_OCTET_STRING *cont5;
134  ASN1_OCTET_STRING *cont6;
136  ASN1_OCTET_STRING *cont7;
137 } CVC_PUBKEY_BODY;
138 typedef CVC_PUBKEY_BODY CVC_PUBKEY;
139 DECLARE_ASN1_FUNCTIONS(CVC_PUBKEY)
140 DECLARE_ASN1_ITEM(CVC_PUBKEY)
141 
142 
148 typedef struct cvc_discretionary_data_template_seq_st {
150  ASN1_OBJECT *type;
152  ASN1_OCTET_STRING *discretionary_data1;
154  ASN1_OCTET_STRING *discretionary_data2;
156  ASN1_OCTET_STRING *discretionary_data3;
157 } CVC_DISCRETIONARY_DATA_TEMPLATE_SEQ;
159 typedef CVC_DISCRETIONARY_DATA_TEMPLATE_SEQ CVC_DISCRETIONARY_DATA_TEMPLATE;
160 DECLARE_ASN1_FUNCTIONS(CVC_DISCRETIONARY_DATA_TEMPLATE)
161 DECLARE_ASN1_ITEM(CVC_DISCRETIONARY_DATA_TEMPLATE)
162 
163 
164 
168 typedef struct cvc_cert_body_seq_st {
172  ASN1_INTEGER *certificate_profile_identifier;
176  ASN1_UTF8STRING *certificate_authority_reference;
180  CVC_PUBKEY *public_key;
184  ASN1_UTF8STRING *certificate_holder_reference;
186  CVC_CHAT *chat;
190  ASN1_OCTET_STRING *certificate_effective_date;
194  ASN1_OCTET_STRING *certificate_expiration_date;
198  STACK_OF(CVC_DISCRETIONARY_DATA_TEMPLATE) *certificate_extensions;
199 } CVC_CERT_BODY_SEQ;
201 typedef CVC_CERT_BODY_SEQ CVC_CERT_BODY;
202 DECLARE_ASN1_FUNCTIONS(CVC_CERT_BODY)
203 DECLARE_ASN1_ITEM(CVC_CERT_BODY)
204 
205 
209 typedef struct cvc_cert_seq_st {
211  CVC_CERT_BODY *body;
213  ASN1_OCTET_STRING *signature;
214 } CVC_CERT_SEQ;
216 typedef CVC_CERT_SEQ CVC_CERT;
217 
218 typedef struct cvc_commcert_seq_st {
221  STACK_OF(ASN1_OCTET_STRING) *values;
222 } CVC_COMMCERT_SEQ;
233  typedef struct cvc_certificate_description_st {
235  ASN1_OBJECT *descriptionType;
237  ASN1_UTF8STRING *issuerName;
240  ASN1_PRINTABLESTRING *issuerURL;
242  ASN1_UTF8STRING *subjectName;
245  ASN1_PRINTABLESTRING *subjectURL;
248  ASN1_OCTET_STRING *termsOfUsage;
250  ASN1_PRINTABLESTRING *redirectURL;
253  CVC_COMMCERT_SEQ *commCertificates;
254 } CVC_CERTIFICATE_DESCRIPTION;
255 DECLARE_ASN1_FUNCTIONS(CVC_CERTIFICATE_DESCRIPTION)
256 
257 
258 
262 typedef struct cvc_cert_request_body_seq_st {
266  ASN1_INTEGER *certificate_profile_identifier;
270  ASN1_UTF8STRING *certificate_authority_reference;
274  CVC_PUBKEY *public_key;
278  ASN1_UTF8STRING *certificate_holder_reference;
282  STACK_OF(CVC_DISCRETIONARY_DATA_TEMPLATE) *certificate_extensions;
283 } CVC_CERT_REQUEST_BODY_SEQ;
285 typedef CVC_CERT_REQUEST_BODY_SEQ CVC_CERT_REQUEST_BODY;
286 DECLARE_ASN1_FUNCTIONS(CVC_CERT_REQUEST_BODY)
287 
288 
292 typedef struct cvc_cert_request_seq_st {
294  CVC_CERT_REQUEST_BODY *body;
296  ASN1_OCTET_STRING *inner_signature;
297 } CVC_CERT_REQUEST_SEQ;
299 typedef CVC_CERT_REQUEST_SEQ CVC_CERT_REQUEST;
300 DECLARE_ASN1_FUNCTIONS(CVC_CERT_REQUEST)
301 
302 
306 typedef struct cvc_cert_authentication_request_seq_st {
308  CVC_CERT_REQUEST *request;
312  ASN1_UTF8STRING *certificate_authority_reference;
314  ASN1_OCTET_STRING *outer_signature;
315 } CVC_CERT_AUTHENTICATION_REQUEST_SEQ;
317 typedef CVC_CERT_AUTHENTICATION_REQUEST_SEQ CVC_CERT_AUTHENTICATION_REQUEST;
318 DECLARE_ASN1_FUNCTIONS(CVC_CERT_AUTHENTICATION_REQUEST)
319 
320 
333 CVC_CERT *CVC_d2i_CVC_CERT(CVC_CERT **cert, const unsigned char **in, long len);
334 
344 int i2d_CVC_CERT(
345 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
346  const
347 #endif
348  CVC_CERT *a, unsigned char **out);
349 
357 #define CVC_CERT_dup(x) ASN1_dup_of(CVC_CERT, i2d_CVC_CERT, CVC_d2i_CVC_CERT, x)
358 
366 #define CVC_PUBKEY_dup(x) ASN1_dup_of(CVC_PUBKEY, i2d_CVC_PUBKEY, d2i_CVC_PUBKEY, x)
367 
375 #define CVC_CHAT_dup(x) ASN1_dup_of(CVC_CHAT, i2d_CVC_CHAT, d2i_CVC_CHAT, x)
376 
382 CVC_CERT *CVC_CERT_new(void);
388 void CVC_CERT_free(CVC_CERT *a);
389 
401 CVC_CERT *d2i_CVC_CERT_bio(BIO *bp, CVC_CERT **cvc);
402 
414 EVP_PKEY *
415 CVC_pubkey2pkey(const CVC_CERT *cert, BN_CTX *bn_ctx, EVP_PKEY *out);
416 
417 CVC_PUBKEY *
418 CVC_pkey2pubkey(int all_parameters, int protocol, EVP_PKEY *key,
419  BN_CTX *bn_ctx, CVC_PUBKEY *out);
420 
421 
422 
438 int certificate_description_print(BIO *bio,
439  const CVC_CERTIFICATE_DESCRIPTION *desc, int indent);
440 
450 int
451 cvc_chat_print(BIO *bio, const CVC_CHAT *chat, int indent);
452 
463 int
464 cvc_chat_print_authorizations(BIO *bio, const CVC_CHAT *chat, int indent);
465 
475 int
476 CVC_print(BIO *bio, const CVC_CERT *cv, int indent);
477 
487 int certificate_request_print(BIO *bio,
488  const CVC_CERT_REQUEST *request, int indent);
489 
499 int certificate_authentication_request_print(BIO *bio,
500  const CVC_CERT_AUTHENTICATION_REQUEST *authentication, int indent);
501 
511 const CVC_CHAT *
512 cvc_get_chat(const CVC_CERT *cvc);
513 
525 enum cvc_terminal_role
526 CVC_get_role(const CVC_CHAT *chat);
527 
535 short
536 CVC_get_profile_identifier(const CVC_CERT *cert);
546 char *
547 CVC_get_car(const CVC_CERT *cert);
557 char *
558 CVC_get_chr(const CVC_CERT *cert);
569 char *
570 CVC_get_effective_date(const CVC_CERT *cert);
581 char *
582 CVC_get_expiration_date(const CVC_CERT *cert);
583 
595 int
596 CVC_verify_signature(const CVC_CERT *cert, int protocol, EVP_PKEY *key);
597 
606 int
607 CVC_verify_request_signature(const CVC_CERT_REQUEST *request);
608 
618 int
619 CVC_verify_authentication_request_signatures(struct eac_ctx *ctx,
620  const CVC_CERT_AUTHENTICATION_REQUEST *authentication);
621 
633 int
634 CVC_check_description(const CVC_CERT *cv, const unsigned char *cert_desc_in,
635  const unsigned int cert_desc_in_len);
636 
646 BUF_MEM *CVC_hash_description(const CVC_CERT *cv,
647  const unsigned char *cert_desc, size_t cert_desc_len);
648 
649 #ifdef __cplusplus
650 }
651 #endif
652 #endif /* CVC_CERT_H_ */
CVC_CERT_BODY_SEQ
struct cvc_cert_body_seq_st CVC_CERT_BODY_SEQ
The body of the CV certificate (without signature)
CVC_get_chr
char * CVC_get_chr(const CVC_CERT *cert)
Return the CAR of a CV certificate as a string.
CVC_get_effective_date
char * CVC_get_effective_date(const CVC_CERT *cert)
Convert the effective date and expiration date, of a certificate to a string.
CVC_print
int CVC_print(BIO *bio, const CVC_CERT *cv, int indent)
Print CV certificate in human readable form.
CVC_CERTIFICATE_DESCRIPTION
struct cvc_certificate_description_st CVC_CERTIFICATE_DESCRIPTION
This structure holds further information about a card verifiable certificate in human readable form.
cvc_certificate_description_st
This structure holds further information about a card verifiable certificate in human readable form.
Definition: cv_cert.h:233
CVC_CVCA
@ CVC_CVCA
Country Verifying Certificate Authority.
Definition: cv_cert.h:86
CVC_CERT_REQUEST_BODY
CVC_CERT_REQUEST_BODY_SEQ CVC_CERT_REQUEST_BODY
Short name for CVC_CERT_REQUEST_BODY_SEQ.
Definition: cv_cert.h:285
cvc_cert_request_seq_st::inner_signature
ASN1_OCTET_STRING * inner_signature
Signature calculated over the hash of the certificate request body.
Definition: cv_cert.h:296
CVC_get_expiration_date
char * CVC_get_expiration_date(const CVC_CERT *cert)
Convert the expiration date of a certificate to a string.
CVC_DV
@ CVC_DV
Document Verifier (official domestic)
Definition: cv_cert.h:84
cvc_cert_request_body_seq_st::certificate_holder_reference
ASN1_UTF8STRING * certificate_holder_reference
Reference to the holder of this certificate request (in Latin1)
Definition: cv_cert.h:278
i2d_CVC_CERT
int i2d_CVC_CERT(CVC_CERT *a, unsigned char **out)
Convert a CV certificate description to its ASN1 representation.
cvc_cert_request_body_seq_st::public_key
CVC_PUBKEY * public_key
Public key associated with this certificate request.
Definition: cv_cert.h:274
objects.h
Definitions of object identifiers.
cvc_terminal_role
cvc_terminal_role
Effective role of the certificate holder.
Definition: cv_cert.h:78
cvc_commcert_seq_st
Definition: cv_cert.h:218
cvc_pubkey_st
Public key data object which may contain domain parameters.
Definition: cv_cert.h:120
cvc_discretionary_data_template_seq_st::discretionary_data1
ASN1_OCTET_STRING * discretionary_data1
holds descretionary data
Definition: cv_cert.h:152
CVC_CHAT
CVC_CHAT_SEQ CVC_CHAT
Short name for CVC_CHAT_SEQ.
Definition: cv_cert.h:109
cvc_cert_request_body_seq_st::certificate_profile_identifier
ASN1_INTEGER * certificate_profile_identifier
Certificate Profile of this certificate request (must be 0).
Definition: cv_cert.h:266
CVC_verify_signature
int CVC_verify_signature(const CVC_CERT *cert, int protocol, EVP_PKEY *key)
Verify the signature of a CV certificate using the public key of the certificate issuer.
cvc_discretionary_data_template_seq_st::discretionary_data2
ASN1_OCTET_STRING * discretionary_data2
holds descretionary data
Definition: cv_cert.h:154
cvc_chat_print
int cvc_chat_print(BIO *bio, const CVC_CHAT *chat, int indent)
Print CHAT in human readable form.
cvc_cert_seq_st
The actual certifcate, consisting of the body and a signature.
Definition: cv_cert.h:209
cvc_cert_request_seq_st::body
CVC_CERT_REQUEST_BODY * body
Body of the certificate request.
Definition: cv_cert.h:294
cvc_certificate_description_st::issuerURL
ASN1_PRINTABLESTRING * issuerURL
Optional URL that points to informations about the issuer of this certificate.
Definition: cv_cert.h:240
CVC_CERT
CVC_CERT_SEQ CVC_CERT
Short name for CVC_CERT_SEQ.
Definition: cv_cert.h:216
cvc_cert_body_seq_st::certificate_profile_identifier
ASN1_INTEGER * certificate_profile_identifier
Certificate Profile of this certificate (must be 0).
Definition: cv_cert.h:172
cvc_certificate_description_st::redirectURL
ASN1_PRINTABLESTRING * redirectURL
Not used.
Definition: cv_cert.h:250
cvc_commcert_seq_st::STACK_OF
STACK_OF(ASN1_OCTET_STRING) *values
Contains hash values of admissible X.509 certificates of the remote terminal (optional)
CVC_get_profile_identifier
short CVC_get_profile_identifier(const CVC_CERT *cert)
Return the profile identifier of a CV certificate as an integer.
d2i_CVC_CERT_bio
CVC_CERT * d2i_CVC_CERT_bio(BIO *bp, CVC_CERT **cvc)
Load a CV certificate from a BIO object.
cvc_pubkey_st::cont4
ASN1_OCTET_STRING * cont4
Generator (DH)/base point (EC)
Definition: cv_cert.h:130
cvc_discretionary_data_template_seq_st::discretionary_data3
ASN1_OCTET_STRING * discretionary_data3
holds descretionary data
Definition: cv_cert.h:156
cvc_cert_authentication_request_seq_st::certificate_authority_reference
ASN1_UTF8STRING * certificate_authority_reference
Reference to certificate authority that issued this authentication request (in Latin1)
Definition: cv_cert.h:312
CVC_CERT_REQUEST_BODY_SEQ
struct cvc_cert_request_body_seq_st CVC_CERT_REQUEST_BODY_SEQ
The body of the CV certificate request (without signature)
CVC_CERT_new
CVC_CERT * CVC_CERT_new(void)
Allocate memory for a CV certificate.
cvc_pubkey_st::oid
ASN1_OBJECT * oid
Object Identifier which specifies the exact protocol to be used during TA.
Definition: cv_cert.h:122
CVC_CERT_SEQ
struct cvc_cert_seq_st CVC_CERT_SEQ
The actual certifcate, consisting of the body and a signature.
cvc_cert_body_seq_st::certificate_expiration_date
ASN1_OCTET_STRING * certificate_expiration_date
Date until which the certicate is valid (YYMMDD, BCD encoded)
Definition: cv_cert.h:194
cvc_cert_body_seq_st::certificate_authority_reference
ASN1_UTF8STRING * certificate_authority_reference
Reference to certificate authority that issued this certificate (in Latin1)
Definition: cv_cert.h:176
CVC_DocVer
@ CVC_DocVer
Document Verifier (non-official/foreign)
Definition: cv_cert.h:82
cvc_cert_body_seq_st::certificate_holder_reference
ASN1_UTF8STRING * certificate_holder_reference
Reference to the holder of this certificate (in Latin1)
Definition: cv_cert.h:184
cvc_cert_body_seq_st::chat
CVC_CHAT * chat
Certificate Holder Authorisation Template.
Definition: cv_cert.h:186
cvc_cert_authentication_request_seq_st::outer_signature
ASN1_OCTET_STRING * outer_signature
Signature calculated over the hash of the certificate request.
Definition: cv_cert.h:314
CVC_verify_request_signature
int CVC_verify_request_signature(const CVC_CERT_REQUEST *request)
Verify the inner signature of a CV certificate request.
CVC_PUBKEY_BODY
struct cvc_pubkey_st CVC_PUBKEY_BODY
Public key data object which may contain domain parameters.
CVC_CERT_AUTHENTICATION_REQUEST
CVC_CERT_AUTHENTICATION_REQUEST_SEQ CVC_CERT_AUTHENTICATION_REQUEST
Short name for CVC_CERT_AUTHENTICATION_REQUEST_SEQ.
Definition: cv_cert.h:317
CVC_pubkey2pkey
EVP_PKEY * CVC_pubkey2pkey(const CVC_CERT *cert, BN_CTX *bn_ctx, EVP_PKEY *out)
Extract the public key from a CV certificate. Since EC domain parameters are only included in CVCA ce...
certificate_request_print
int certificate_request_print(BIO *bio, const CVC_CERT_REQUEST *request, int indent)
Print CV certificate request in human readable form.
CVC_CERT_free
void CVC_CERT_free(CVC_CERT *a)
Free a CV certificate.
CVC_get_role
enum cvc_terminal_role CVC_get_role(const CVC_CHAT *chat)
Extract the terminal-type (terminal, DV, CVCA) from the CHAT.
cvc_cert_request_body_seq_st
The body of the CV certificate request (without signature)
Definition: cv_cert.h:262
cvc_chat_seq_st::terminal_type
ASN1_OBJECT * terminal_type
Role of terminal to which this certificate belongs (Inspection System, Authentication Terminal or Sig...
Definition: cv_cert.h:104
cvc_pubkey_st::cont2
ASN1_OCTET_STRING * cont2
Public exponent (RSA)/order of the Subgroup (DH)/first coefficient (EC)
Definition: cv_cert.h:126
cvc_cert_seq_st::signature
ASN1_OCTET_STRING * signature
Signature calculated over the hash of the certificate body.
Definition: cv_cert.h:213
cvc_cert_request_body_seq_st::certificate_authority_reference
ASN1_UTF8STRING * certificate_authority_reference
Reference to certificate authority that issued this certificate request (in Latin1)
Definition: cv_cert.h:270
eac_ctx
Context for the Extended Access Control protocol.
Definition: eac.h:342
CVC_CERT_BODY
CVC_CERT_BODY_SEQ CVC_CERT_BODY
Short name for CVC_CERT_BODY_SEQ.
Definition: cv_cert.h:201
cvc_pubkey_st::cont6
ASN1_OCTET_STRING * cont6
Public point (EC)
Definition: cv_cert.h:134
certificate_description_print
int certificate_description_print(BIO *bio, const CVC_CERTIFICATE_DESCRIPTION *desc, int indent)
Print CV certificate description in human readable form.
cvc_cert_request_seq_st
The actual certifcate request, consisting of the body and inner signature.
Definition: cv_cert.h:292
cvc_pubkey_st::cont7
ASN1_OCTET_STRING * cont7
Cofactor (EC)
Definition: cv_cert.h:136
certificate_authentication_request_print
int certificate_authentication_request_print(BIO *bio, const CVC_CERT_AUTHENTICATION_REQUEST *authentication, int indent)
Print CV certificate authentication request in human readable form.
CVC_CERT_AUTHENTICATION_REQUEST_SEQ
struct cvc_cert_authentication_request_seq_st CVC_CERT_AUTHENTICATION_REQUEST_SEQ
The authentication request, consisting of the certificate request, certificate authority reference an...
cvc_certificate_description_st::termsOfUsage
ASN1_OCTET_STRING * termsOfUsage
Terms of Usage of the Service holding the certificate. May be formatted as either plain text,...
Definition: cv_cert.h:248
cvc_certificate_description_st::subjectName
ASN1_UTF8STRING * subjectName
Human readable name of the holder of this certificate.
Definition: cv_cert.h:242
cvc_get_chat
const CVC_CHAT * cvc_get_chat(const CVC_CERT *cvc)
Get the CHAT contained in a CV certifcate.
cvc_cert_body_seq_st
The body of the CV certificate (without signature)
Definition: cv_cert.h:168
cvc_discretionary_data_template_seq_st
Discretionary data template, used to encode certificate extensions.
Definition: cv_cert.h:148
CVC_DISCRETIONARY_DATA_TEMPLATE_SEQ
struct cvc_discretionary_data_template_seq_st CVC_DISCRETIONARY_DATA_TEMPLATE_SEQ
Discretionary data template, used to encode certificate extensions.
cvc_pubkey_st::cont5
ASN1_OCTET_STRING * cont5
Public value (DH)/order of the base point (EC)
Definition: cv_cert.h:132
CVC_verify_authentication_request_signatures
int CVC_verify_authentication_request_signatures(struct eac_ctx *ctx, const CVC_CERT_AUTHENTICATION_REQUEST *authentication)
Verify the inner and outer signature of a CV certificate request.
cvc_certificate_description_st::descriptionType
ASN1_OBJECT * descriptionType
Format of the description (Plain Text, PDF or HTML)
Definition: cv_cert.h:235
cvc_discretionary_data_template_seq_st::type
ASN1_OBJECT * type
OID which specifies the type of the extension.
Definition: cv_cert.h:150
cvc_pubkey_st::cont1
ASN1_OCTET_STRING * cont1
Composite modulus (RSA)/prime modulus (DH, EC)
Definition: cv_cert.h:124
cvc_certificate_description_st::issuerName
ASN1_UTF8STRING * issuerName
Human readable name of the issuer of this certificate.
Definition: cv_cert.h:237
cvc_chat_print_authorizations
int cvc_chat_print_authorizations(BIO *bio, const CVC_CHAT *chat, int indent)
Print the relative authorization contained in a CHAT in human readable form.
CVC_hash_description
BUF_MEM * CVC_hash_description(const CVC_CERT *cv, const unsigned char *cert_desc, size_t cert_desc_len)
Create a hash over a certificate's description.
cvc_cert_authentication_request_seq_st
The authentication request, consisting of the certificate request, certificate authority reference an...
Definition: cv_cert.h:306
cvc_pubkey_st::cont3
ASN1_OCTET_STRING * cont3
Order of the subgroup (DH)/second coefficient (EC)
Definition: cv_cert.h:128
cvc_cert_body_seq_st::public_key
CVC_PUBKEY * public_key
Public key associated with this certificate.
Definition: cv_cert.h:180
cvc_chat_seq_st::relative_authorization
ASN1_OCTET_STRING * relative_authorization
Access rights of the terminal to which this certificate belongs.
Definition: cv_cert.h:106
CVC_CERT_REQUEST_SEQ
struct cvc_cert_request_seq_st CVC_CERT_REQUEST_SEQ
The actual certifcate request, consisting of the body and inner signature.
cvc_cert_authentication_request_seq_st::request
CVC_CERT_REQUEST * request
certificate request
Definition: cv_cert.h:308
CVC_CHAT_SEQ
struct cvc_chat_seq_st CVC_CHAT_SEQ
Certificate Holder Authentication Template.
cvc_cert_body_seq_st::certificate_effective_date
ASN1_OCTET_STRING * certificate_effective_date
Date the certificate was issued (YYMMDD, BCD encoded)
Definition: cv_cert.h:190
CVC_check_description
int CVC_check_description(const CVC_CERT *cv, const unsigned char *cert_desc_in, const unsigned int cert_desc_in_len)
Check whether or not the certificate contains the correct hash of the CV certificate description.
CVC_Terminal
@ CVC_Terminal
Terminal (inspection system/authentication terminal/signature terminal)
Definition: cv_cert.h:80
CVC_CERT_REQUEST
CVC_CERT_REQUEST_SEQ CVC_CERT_REQUEST
Short name for CVC_CERT_REQUEST_SEQ.
Definition: cv_cert.h:299
CVC_d2i_CVC_CERT
CVC_CERT * CVC_d2i_CVC_CERT(CVC_CERT **cert, const unsigned char **in, long len)
Convert ASN1 formatted CV certificate to the internal structure.
cvc_chat_seq_st
Certificate Holder Authentication Template.
Definition: cv_cert.h:101
cvc_cert_seq_st::body
CVC_CERT_BODY * body
Body of the certificate.
Definition: cv_cert.h:211
CVC_DISCRETIONARY_DATA_TEMPLATE
CVC_DISCRETIONARY_DATA_TEMPLATE_SEQ CVC_DISCRETIONARY_DATA_TEMPLATE
Short name for CVC_CERT_BODY_SEQ.
Definition: cv_cert.h:159
cvc_certificate_description_st::commCertificates
CVC_COMMCERT_SEQ * commCertificates
Contains hash values of admissible X.509 certificates of the remote terminal (optional)
Definition: cv_cert.h:253
cvc_certificate_description_st::subjectURL
ASN1_PRINTABLESTRING * subjectURL
Optional URL that points to informations about the holder of this certificate.
Definition: cv_cert.h:245
CVC_get_car
char * CVC_get_car(const CVC_CERT *cert)
Return the CAR of a CV certificate as a string.
Generated by   doxygen 1.8.17