1/*
2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10/*- CertID ::= SEQUENCE {
11 * hashAlgorithm AlgorithmIdentifier,
12 * issuerNameHash OCTET STRING, -- Hash of Issuer's DN
13 * issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields)
14 * serialNumber CertificateSerialNumber }
15 */
16struct ocsp_cert_id_st {
17 X509_ALGOR hashAlgorithm;
18 ASN1_OCTET_STRING issuerNameHash;
19 ASN1_OCTET_STRING issuerKeyHash;
20 ASN1_INTEGER serialNumber;
21};
22
23/*- Request ::= SEQUENCE {
24 * reqCert CertID,
25 * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
26 */
27struct ocsp_one_request_st {
28 OCSP_CERTID *reqCert;
29 STACK_OF(X509_EXTENSION) *singleRequestExtensions;
30};
31
32/*- TBSRequest ::= SEQUENCE {
33 * version [0] EXPLICIT Version DEFAULT v1,
34 * requestorName [1] EXPLICIT GeneralName OPTIONAL,
35 * requestList SEQUENCE OF Request,
36 * requestExtensions [2] EXPLICIT Extensions OPTIONAL }
37 */
38struct ocsp_req_info_st {
39 ASN1_INTEGER *version;
40 GENERAL_NAME *requestorName;
41 STACK_OF(OCSP_ONEREQ) *requestList;
42 STACK_OF(X509_EXTENSION) *requestExtensions;
43};
44
45/*- Signature ::= SEQUENCE {
46 * signatureAlgorithm AlgorithmIdentifier,
47 * signature BIT STRING,
48 * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
49 */
50struct ocsp_signature_st {
51 X509_ALGOR signatureAlgorithm;
52 ASN1_BIT_STRING *signature;
53 STACK_OF(X509) *certs;
54};
55
56/*- OCSPRequest ::= SEQUENCE {
57 * tbsRequest TBSRequest,
58 * optionalSignature [0] EXPLICIT Signature OPTIONAL }
59 */
60struct ocsp_request_st {
61 OCSP_REQINFO tbsRequest;
62 OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */
63};
64
65/*- OCSPResponseStatus ::= ENUMERATED {
66 * successful (0), --Response has valid confirmations
67 * malformedRequest (1), --Illegal confirmation request
68 * internalError (2), --Internal error in issuer
69 * tryLater (3), --Try again later
70 * --(4) is not used
71 * sigRequired (5), --Must sign the request
72 * unauthorized (6) --Request unauthorized
73 * }
74 */
75
76/*- ResponseBytes ::= SEQUENCE {
77 * responseType OBJECT IDENTIFIER,
78 * response OCTET STRING }
79 */
80struct ocsp_resp_bytes_st {
81 ASN1_OBJECT *responseType;
82 ASN1_OCTET_STRING *response;
83};
84
85/*- OCSPResponse ::= SEQUENCE {
86 * responseStatus OCSPResponseStatus,
87 * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
88 */
89struct ocsp_response_st {
90 ASN1_ENUMERATED *responseStatus;
91 OCSP_RESPBYTES *responseBytes;
92};
93
94/*- ResponderID ::= CHOICE {
95 * byName [1] Name,
96 * byKey [2] KeyHash }
97 */
98struct ocsp_responder_id_st {
99 int type;
100 union {
101 X509_NAME *byName;
102 ASN1_OCTET_STRING *byKey;
103 } value;
104};
105
106/*- KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
107 * --(excluding the tag and length fields)
108 */
109
110/*- RevokedInfo ::= SEQUENCE {
111 * revocationTime GeneralizedTime,
112 * revocationReason [0] EXPLICIT CRLReason OPTIONAL }
113 */
114struct ocsp_revoked_info_st {
115 ASN1_GENERALIZEDTIME *revocationTime;
116 ASN1_ENUMERATED *revocationReason;
117};
118
119/*- CertStatus ::= CHOICE {
120 * good [0] IMPLICIT NULL,
121 * revoked [1] IMPLICIT RevokedInfo,
122 * unknown [2] IMPLICIT UnknownInfo }
123 */
124struct ocsp_cert_status_st {
125 int type;
126 union {
127 ASN1_NULL *good;
128 OCSP_REVOKEDINFO *revoked;
129 ASN1_NULL *unknown;
130 } value;
131};
132
133/*- SingleResponse ::= SEQUENCE {
134 * certID CertID,
135 * certStatus CertStatus,
136 * thisUpdate GeneralizedTime,
137 * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
138 * singleExtensions [1] EXPLICIT Extensions OPTIONAL }
139 */
140struct ocsp_single_response_st {
141 OCSP_CERTID *certId;
142 OCSP_CERTSTATUS *certStatus;
143 ASN1_GENERALIZEDTIME *thisUpdate;
144 ASN1_GENERALIZEDTIME *nextUpdate;
145 STACK_OF(X509_EXTENSION) *singleExtensions;
146};
147
148/*- ResponseData ::= SEQUENCE {
149 * version [0] EXPLICIT Version DEFAULT v1,
150 * responderID ResponderID,
151 * producedAt GeneralizedTime,
152 * responses SEQUENCE OF SingleResponse,
153 * responseExtensions [1] EXPLICIT Extensions OPTIONAL }
154 */
155struct ocsp_response_data_st {
156 ASN1_INTEGER *version;
157 OCSP_RESPID responderId;
158 ASN1_GENERALIZEDTIME *producedAt;
159 STACK_OF(OCSP_SINGLERESP) *responses;
160 STACK_OF(X509_EXTENSION) *responseExtensions;
161};
162
163/*- BasicOCSPResponse ::= SEQUENCE {
164 * tbsResponseData ResponseData,
165 * signatureAlgorithm AlgorithmIdentifier,
166 * signature BIT STRING,
167 * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
168 */
169 /*
170 * Note 1: The value for "signature" is specified in the OCSP rfc2560 as
171 * follows: "The value for the signature SHALL be computed on the hash of
172 * the DER encoding ResponseData." This means that you must hash the
173 * DER-encoded tbsResponseData, and then run it through a crypto-signing
174 * function, which will (at least w/RSA) do a hash-'n'-private-encrypt
175 * operation. This seems a bit odd, but that's the spec. Also note that
176 * the data structures do not leave anywhere to independently specify the
177 * algorithm used for the initial hash. So, we look at the
178 * signature-specification algorithm, and try to do something intelligent.
179 * -- Kathy Weinhold, CertCo
180 */
181 /*
182 * Note 2: It seems that the mentioned passage from RFC 2560 (section
183 * 4.2.1) is open for interpretation. I've done tests against another
184 * responder, and found that it doesn't do the double hashing that the RFC
185 * seems to say one should. Therefore, all relevant functions take a flag
186 * saying which variant should be used. -- Richard Levitte, OpenSSL team
187 * and CeloCom
188 */
189struct ocsp_basic_response_st {
190 OCSP_RESPDATA tbsResponseData;
191 X509_ALGOR signatureAlgorithm;
192 ASN1_BIT_STRING *signature;
193 STACK_OF(X509) *certs;
194};
195
196/*-
197 * CrlID ::= SEQUENCE {
198 * crlUrl [0] EXPLICIT IA5String OPTIONAL,
199 * crlNum [1] EXPLICIT INTEGER OPTIONAL,
200 * crlTime [2] EXPLICIT GeneralizedTime OPTIONAL }
201 */
202struct ocsp_crl_id_st {
203 ASN1_IA5STRING *crlUrl;
204 ASN1_INTEGER *crlNum;
205 ASN1_GENERALIZEDTIME *crlTime;
206};
207
208/*-
209 * ServiceLocator ::= SEQUENCE {
210 * issuer Name,
211 * locator AuthorityInfoAccessSyntax OPTIONAL }
212 */
213struct ocsp_service_locator_st {
214 X509_NAME *issuer;
215 STACK_OF(ACCESS_DESCRIPTION) *locator;
216};
217
218# define OCSP_REQUEST_sign(o,pkey,md) \
219 ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
220 &(o)->optionalSignature->signatureAlgorithm,NULL,\
221 (o)->optionalSignature->signature,&(o)->tbsRequest,pkey,md)
222
223# define OCSP_BASICRESP_sign(o,pkey,md,d) \
224 ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),&(o)->signatureAlgorithm,\
225 NULL,(o)->signature,&(o)->tbsResponseData,pkey,md)
226
227# define OCSP_BASICRESP_sign_ctx(o,ctx,d) \
228 ASN1_item_sign_ctx(ASN1_ITEM_rptr(OCSP_RESPDATA),&(o)->signatureAlgorithm,\
229 NULL,(o)->signature,&(o)->tbsResponseData,ctx)
230
231# define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
232 &(a)->optionalSignature->signatureAlgorithm,\
233 (a)->optionalSignature->signature,&(a)->tbsRequest,r)
234
235# define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
236 &(a)->signatureAlgorithm,(a)->signature,&(a)->tbsResponseData,r)
237