1 /*
2  * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *    http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef X509_CERT_CHAIN_VALIDATE_PARAMETERS_H
17 #define X509_CERT_CHAIN_VALIDATE_PARAMETERS_H
18 
19 #include <stdbool.h>
20 #include <stddef.h>
21 #include <stdint.h>
22 
23 #include "cert_crl_collection.h"
24 #include "cf_blob.h"
25 #include "x509_trust_anchor.h"
26 
27 typedef enum {
28     VALIDATION_POLICY_TYPE_X509 = 0,
29     VALIDATION_POLICY_TYPE_SSL = 1,
30 } HcfValPolicyType;
31 
32 typedef enum {
33     REVOCATION_CHECK_OPTION_PREFER_OCSP = 0,
34     REVOCATION_CHECK_OPTION_ACCESS_NETWORK = 1,
35     REVOCATION_CHECK_OPTION_FALLBACK_NO_PREFER = 2,
36     REVOCATION_CHECK_OPTION_FALLBACK_LOCAL = 3,
37 } HcfRevChkOption;
38 
39 typedef enum {
40     KEYUSAGE_DIGITAL_SIGNATURE = 0,
41     KEYUSAGE_NON_REPUDIATION = 1,
42     KEYUSAGE_KEY_ENCIPHERMENT = 2,
43     KEYUSAGE_DATA_ENCIPHERMENT = 3,
44     KEYUSAGE_KEY_AGREEMENT = 4,
45     KEYUSAGE_KEY_CERT_SIGN = 5,
46     KEYUSAGE_CRL_SIGN = 6,
47     KEYUSAGE_ENCIPHER_ONLY = 7,
48     KEYUSAGE_DECIPHER_ONLY = 8,
49 } HcfKeyUsageType;
50 
51 typedef struct {
52     HcfKeyUsageType *data;
53     uint32_t count;
54 } HcfKuArray;
55 
56 typedef struct {
57     HcfRevChkOption *data;
58     uint32_t count;
59 } HcfRevChkOpArray;
60 
61 typedef struct HcfRevocationCheckParam HcfRevocationCheckParam;
62 struct HcfRevocationCheckParam {
63     CfBlobArray *ocspRequestExtension;
64     CfBlob *ocspResponderURI;
65     HcfX509Certificate *ocspResponderCert;
66     CfBlob *ocspResponses;
67     CfBlob *crlDownloadURI;
68     HcfRevChkOpArray *options;
69     CfBlob *ocspDigest;
70 };
71 
72 typedef struct HcfX509CertChainValidateParams HcfX509CertChainValidateParams;
73 struct HcfX509CertChainValidateParams {
74     CfBlob *date;                                  // string
75     HcfX509TrustAnchorArray *trustAnchors;         // Array<X509TrustAnchor>
76     HcfCertCRLCollectionArray *certCRLCollections; // Array<CertCRLCollection>;
77     HcfRevocationCheckParam *revocationCheckParam;
78     HcfValPolicyType policy;
79     CfBlob *sslHostname;
80     HcfKuArray *keyUsage;
81 };
82 
83 #endif // X509_CERT_CHAIN_VALIDATE_PARAMETERS_H
84