This file is indexed.

/usr/include/osp/ospsecurity.h is in libosptk3-dev 3.4.2-1.1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
/**************************************************************************
*** COPYRIGHT (c) 2002 by TransNexus, Inc.                              ***
***                                                                     ***
*** This software is property of TransNexus, Inc.                       ***
*** This software is freely available under license from TransNexus.    ***
*** The license terms and conditions for free use of this software by   ***
*** third parties are defined in the OSP Toolkit Software License       ***
*** Agreement (LICENSE.txt).  Any use of this software by third         ***
*** parties, which does not comply with the terms and conditions of the ***
*** OSP Toolkit Software License Agreement is prohibited without        ***
*** the prior, express, written consent of TransNexus, Inc.             ***
***                                                                     ***
*** Thank you for using the OSP ToolKit(TM).  Please report any bugs,   ***
*** suggestions or feedback to support@transnexus.com                   ***
***                                                                     ***
**************************************************************************/







/*
 * ospsecurity.h - Prototypes for security object.
 */
#ifndef _OSPSECURITY_H
#define _OSPSECURITY_H

#include "osp/osp.h"
#include "osp/osptrans.h"
#include "osp/ospasn1.h"
#include "osp/osppkcs1.h"
#include "osp/ospx509.h"
#include "osp/ospsslsess.h"

#include <openssl/x509.h>
#include <openssl/safestack.h>

/* defines for Local or Remote validation */
#define OSPC_LOCAL  0x05
#define OSPC_REMOTE 0x06

#define OSPC_SEC_MAX_AUTH_CERTS 5 

#define OSPC_SEC_SIGNATURE_AND_CONTENT 0
#define OSPC_SEC_SIGNATURE_ONLY 1


/*-------------------------------------------*/
/* security typedef                          */
/*-------------------------------------------*/ 
typedef struct _OSPTSEC
{
    unsigned            NumberOfAuthorityCertificates;
    OSPTASN1OBJECT      *AuthorityCertInfo[OSPC_SEC_MAX_AUTH_CERTS];
		X509_STORE					*AuthorityCertStore;
    STACK_OF(X509)      *AuthorityCertStack;
    OSPTASN1OBJECT      *LocalCertInfo;
    OSPTASN1OBJECT      *PrivateKeyInfo;
    OSPTASN1OBJECT      *DigestAlgorithm;
        unsigned            LocalValidation;
    OSPTMUTEX           SecurityMutex;
    OSPTSSLSESSIONID    *SSLSessionIdList;    
    unsigned            SSLLifetime;
    OSPTBOOL            SSLSessionHasMutex;
    OSPTMUTEX           SSLSessionMutex;
    OSPTMUTEX           SSLCertMutex;
    void                *ContextRef;
} OSPTSEC;



#ifdef __cplusplus
extern "C" 
{
#endif

    /********************************/
    /* PROTOTYPES FOR ospsecurity.c */
    /********************************/

    int
    OSPPSecCopyPrivateKey(
        OSPTSEC *ospvSecurity,                  
        OSPTPRIVATEKEY *ospvPrivateKey);

    int  
    OSPPSecGetPrivateKeyData(
        OSPTSEC *ospvSecurity, 
        unsigned char **ospvPrivateKeyData,
        unsigned int  *ospvPrivateKeyDataLength);

    int
    OSPPSecNew(
        OSPTSEC **ospvSecurity);

    int
    OSPPSecGetLocalValidation(
        OSPTSEC *ospvSecurity,
        unsigned *ospvLocalValidation);

    int OSPPSecSetPrivateKey(
        OSPTSEC *ospvSecurity,
        OSPTPRIVATEKEY *ospvPrivateKey);

    int
    OSPPSecSetLocalCertificate(
        OSPTSEC         *ospvSecurity,
        unsigned char   *ospvLocalCertificate,
        unsigned long   *ospvCustomerId,
        unsigned long   *ospvDeviceId);

    int
    OSPPSecSetLocalValidation(
        OSPTSEC     *ospvSecurity, 
        unsigned    ospvLocalValidation);

    int
    OSPPSecGetNumberOfAuthorityCertificates(
        OSPTSEC     *ospvSecurity,
        unsigned    *ospvNumberOfAuthorityCertificates);

    int
    OSPPSecCopyAuthorityCertificates(
        OSPTSEC *ospvSecurity,
        unsigned ospvMaxCertificateSize,
        unsigned char *ospvAuthorityCertificates[],
        unsigned *ospvCertificateCount);

    int
    OSPPSecDelete(
        OSPTSEC     **ospvSecurity);


    int
    OSPPSecVerifyRootAuthorityCertificate(
        OSPTSEC *ospvSecurity,
        void    *ospvRootCACert,
        int      ospvRootCACertLen);

    int
    OSPPSecSetAuthorityCertificates(
        OSPTSEC         *ospvSecurity,
        unsigned        ospvNumberOfAuthorityCertificates,
        const OSPTCERT  *ospvAuthorityCertificates[]);

    int 
    OSPPSecSignatureCreate(
        OSPTSEC *ospvSecurity, 
        unsigned char *ospvContent,
        unsigned ospvContentLength, 
        unsigned char **ospvSignature, 
        unsigned *ospvSignatureLength,
        int ospvSignatureOnly);

    int  
    OSPPSecSignatureVerify(
        OSPTSEC *ospvSecurity, 
        unsigned char **ospvContent, 
        unsigned *ospvContentLength, 
        unsigned char *ospvSignature,
        unsigned ospvSignatureLength,
        int ospvSignatureOnly);

    int 
    OSPPSecCopyLocalCertificate(
        OSPTSEC *ospvSecurity, 
        unsigned *ospvLocalCertificateSize,
        unsigned char *ospvLocalCertificate);

    int
    OSPPSecGetSignerCertSubjectName(
        OSPTSEC         *ospvSecurity,
        unsigned char   *ospvToken,
        unsigned        ospvTokenLen,
        unsigned char   **ospvSubjectName,
        unsigned        *ospvSubjectNameLen);
        

    /******************************/
    /* PROTOTYPES FOR ospsecssl.c */
    /******************************/

    OSPTBOOL
        OSPPSecSSLLifetimeHasExpired(
        OSPTSEC          *ospvSecurity,
        OSPTSSLSESSIONID *ospvSessionId);


    unsigned
    OSPPSecGetSSLLifetime(
        OSPTSEC *ospvSecurity);

    int
    OSPPSecSSLSessionIdNew(
        OSPTSEC        *ospvSecurity,
        unsigned long   ospvLength, 
        unsigned char  *ospvData,
        char           *ospvHostName,
        short           ospvPort);

    int
    OSPPSecSSLSessionIdGet(
        OSPTSEC        *ospvSecurity,
        unsigned long  *ospvLength, 
        unsigned char **ospvData,
        char           *ospvHostName,
        short           ospvPort);

    void
    OSPPSecSSLSessionIdDelete(
        OSPTSEC           *ospvSecurity,
        OSPTSSLSESSIONID **ospvSSLSessionId,
        OSPTBOOL           ospvUseMutex);

    int
    OSPPSecSSLSessionIdInitDB(
        OSPTSEC *ospvSecurity);

    void
    OSPPSecSSLSessionIdDeleteDB(
        OSPTSEC *ospvSecurity);

    void
    OSPPSecSetSSLLifetime(
        OSPTSEC *ospvSecurity,
        unsigned ospvSSLLifetime);

    int
    OSPPSecValidCertChain(
        OSPTSEC *ospvSecurity,
        int     *ospvCAIndex,
        unsigned char *ospvCertificate,
        unsigned int  *ospvCertificateLength);

#ifdef __cplusplus
}
#endif

#endif