1 | /* |
2 | * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at |
7 | * https://www.openssl.org/source/license.html |
8 | */ |
9 | |
10 | /*- CertID ::= SEQUENCE { |
11 | * hashAlgorithm AlgorithmIdentifier, |
12 | * issuerNameHash OCTET STRING, -- Hash of Issuer's DN |
13 | * issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields) |
14 | * serialNumber CertificateSerialNumber } |
15 | */ |
16 | struct ocsp_cert_id_st { |
17 | X509_ALGOR hashAlgorithm; |
18 | ASN1_OCTET_STRING issuerNameHash; |
19 | ASN1_OCTET_STRING issuerKeyHash; |
20 | ASN1_INTEGER serialNumber; |
21 | }; |
22 | |
23 | /*- Request ::= SEQUENCE { |
24 | * reqCert CertID, |
25 | * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } |
26 | */ |
27 | struct ocsp_one_request_st { |
28 | OCSP_CERTID *reqCert; |
29 | STACK_OF(X509_EXTENSION) *singleRequestExtensions; |
30 | }; |
31 | |
32 | /*- TBSRequest ::= SEQUENCE { |
33 | * version [0] EXPLICIT Version DEFAULT v1, |
34 | * requestorName [1] EXPLICIT GeneralName OPTIONAL, |
35 | * requestList SEQUENCE OF Request, |
36 | * requestExtensions [2] EXPLICIT Extensions OPTIONAL } |
37 | */ |
38 | struct ocsp_req_info_st { |
39 | ASN1_INTEGER *version; |
40 | GENERAL_NAME *requestorName; |
41 | STACK_OF(OCSP_ONEREQ) *requestList; |
42 | STACK_OF(X509_EXTENSION) *requestExtensions; |
43 | }; |
44 | |
45 | /*- Signature ::= SEQUENCE { |
46 | * signatureAlgorithm AlgorithmIdentifier, |
47 | * signature BIT STRING, |
48 | * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } |
49 | */ |
50 | struct ocsp_signature_st { |
51 | X509_ALGOR signatureAlgorithm; |
52 | ASN1_BIT_STRING *signature; |
53 | STACK_OF(X509) *certs; |
54 | }; |
55 | |
56 | /*- OCSPRequest ::= SEQUENCE { |
57 | * tbsRequest TBSRequest, |
58 | * optionalSignature [0] EXPLICIT Signature OPTIONAL } |
59 | */ |
60 | struct ocsp_request_st { |
61 | OCSP_REQINFO tbsRequest; |
62 | OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */ |
63 | }; |
64 | |
65 | /*- OCSPResponseStatus ::= ENUMERATED { |
66 | * successful (0), --Response has valid confirmations |
67 | * malformedRequest (1), --Illegal confirmation request |
68 | * internalError (2), --Internal error in issuer |
69 | * tryLater (3), --Try again later |
70 | * --(4) is not used |
71 | * sigRequired (5), --Must sign the request |
72 | * unauthorized (6) --Request unauthorized |
73 | * } |
74 | */ |
75 | |
76 | /*- ResponseBytes ::= SEQUENCE { |
77 | * responseType OBJECT IDENTIFIER, |
78 | * response OCTET STRING } |
79 | */ |
80 | struct ocsp_resp_bytes_st { |
81 | ASN1_OBJECT *responseType; |
82 | ASN1_OCTET_STRING *response; |
83 | }; |
84 | |
85 | /*- OCSPResponse ::= SEQUENCE { |
86 | * responseStatus OCSPResponseStatus, |
87 | * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } |
88 | */ |
89 | struct ocsp_response_st { |
90 | ASN1_ENUMERATED *responseStatus; |
91 | OCSP_RESPBYTES *responseBytes; |
92 | }; |
93 | |
94 | /*- ResponderID ::= CHOICE { |
95 | * byName [1] Name, |
96 | * byKey [2] KeyHash } |
97 | */ |
98 | struct ocsp_responder_id_st { |
99 | int type; |
100 | union { |
101 | X509_NAME *byName; |
102 | ASN1_OCTET_STRING *byKey; |
103 | } value; |
104 | }; |
105 | |
106 | /*- KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key |
107 | * --(excluding the tag and length fields) |
108 | */ |
109 | |
110 | /*- RevokedInfo ::= SEQUENCE { |
111 | * revocationTime GeneralizedTime, |
112 | * revocationReason [0] EXPLICIT CRLReason OPTIONAL } |
113 | */ |
114 | struct ocsp_revoked_info_st { |
115 | ASN1_GENERALIZEDTIME *revocationTime; |
116 | ASN1_ENUMERATED *revocationReason; |
117 | }; |
118 | |
119 | /*- CertStatus ::= CHOICE { |
120 | * good [0] IMPLICIT NULL, |
121 | * revoked [1] IMPLICIT RevokedInfo, |
122 | * unknown [2] IMPLICIT UnknownInfo } |
123 | */ |
124 | struct ocsp_cert_status_st { |
125 | int type; |
126 | union { |
127 | ASN1_NULL *good; |
128 | OCSP_REVOKEDINFO *revoked; |
129 | ASN1_NULL *unknown; |
130 | } value; |
131 | }; |
132 | |
133 | /*- SingleResponse ::= SEQUENCE { |
134 | * certID CertID, |
135 | * certStatus CertStatus, |
136 | * thisUpdate GeneralizedTime, |
137 | * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL, |
138 | * singleExtensions [1] EXPLICIT Extensions OPTIONAL } |
139 | */ |
140 | struct ocsp_single_response_st { |
141 | OCSP_CERTID *certId; |
142 | OCSP_CERTSTATUS *certStatus; |
143 | ASN1_GENERALIZEDTIME *thisUpdate; |
144 | ASN1_GENERALIZEDTIME *nextUpdate; |
145 | STACK_OF(X509_EXTENSION) *singleExtensions; |
146 | }; |
147 | |
148 | /*- ResponseData ::= SEQUENCE { |
149 | * version [0] EXPLICIT Version DEFAULT v1, |
150 | * responderID ResponderID, |
151 | * producedAt GeneralizedTime, |
152 | * responses SEQUENCE OF SingleResponse, |
153 | * responseExtensions [1] EXPLICIT Extensions OPTIONAL } |
154 | */ |
155 | struct ocsp_response_data_st { |
156 | ASN1_INTEGER *version; |
157 | OCSP_RESPID responderId; |
158 | ASN1_GENERALIZEDTIME *producedAt; |
159 | STACK_OF(OCSP_SINGLERESP) *responses; |
160 | STACK_OF(X509_EXTENSION) *responseExtensions; |
161 | }; |
162 | |
163 | /*- BasicOCSPResponse ::= SEQUENCE { |
164 | * tbsResponseData ResponseData, |
165 | * signatureAlgorithm AlgorithmIdentifier, |
166 | * signature BIT STRING, |
167 | * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } |
168 | */ |
169 | /* |
170 | * Note 1: The value for "signature" is specified in the OCSP rfc2560 as |
171 | * follows: "The value for the signature SHALL be computed on the hash of |
172 | * the DER encoding ResponseData." This means that you must hash the |
173 | * DER-encoded tbsResponseData, and then run it through a crypto-signing |
174 | * function, which will (at least w/RSA) do a hash-'n'-private-encrypt |
175 | * operation. This seems a bit odd, but that's the spec. Also note that |
176 | * the data structures do not leave anywhere to independently specify the |
177 | * algorithm used for the initial hash. So, we look at the |
178 | * signature-specification algorithm, and try to do something intelligent. |
179 | * -- Kathy Weinhold, CertCo |
180 | */ |
181 | /* |
182 | * Note 2: It seems that the mentioned passage from RFC 2560 (section |
183 | * 4.2.1) is open for interpretation. I've done tests against another |
184 | * responder, and found that it doesn't do the double hashing that the RFC |
185 | * seems to say one should. Therefore, all relevant functions take a flag |
186 | * saying which variant should be used. -- Richard Levitte, OpenSSL team |
187 | * and CeloCom |
188 | */ |
189 | struct ocsp_basic_response_st { |
190 | OCSP_RESPDATA tbsResponseData; |
191 | X509_ALGOR signatureAlgorithm; |
192 | ASN1_BIT_STRING *signature; |
193 | STACK_OF(X509) *certs; |
194 | }; |
195 | |
196 | /*- |
197 | * CrlID ::= SEQUENCE { |
198 | * crlUrl [0] EXPLICIT IA5String OPTIONAL, |
199 | * crlNum [1] EXPLICIT INTEGER OPTIONAL, |
200 | * crlTime [2] EXPLICIT GeneralizedTime OPTIONAL } |
201 | */ |
202 | struct ocsp_crl_id_st { |
203 | ASN1_IA5STRING *crlUrl; |
204 | ASN1_INTEGER *crlNum; |
205 | ASN1_GENERALIZEDTIME *crlTime; |
206 | }; |
207 | |
208 | /*- |
209 | * ServiceLocator ::= SEQUENCE { |
210 | * issuer Name, |
211 | * locator AuthorityInfoAccessSyntax OPTIONAL } |
212 | */ |
213 | struct ocsp_service_locator_st { |
214 | X509_NAME *issuer; |
215 | STACK_OF(ACCESS_DESCRIPTION) *locator; |
216 | }; |
217 | |
218 | # define OCSP_REQUEST_sign(o,pkey,md) \ |
219 | ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\ |
220 | &(o)->optionalSignature->signatureAlgorithm,NULL,\ |
221 | (o)->optionalSignature->signature,&(o)->tbsRequest,pkey,md) |
222 | |
223 | # define OCSP_BASICRESP_sign(o,pkey,md,d) \ |
224 | ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),&(o)->signatureAlgorithm,\ |
225 | NULL,(o)->signature,&(o)->tbsResponseData,pkey,md) |
226 | |
227 | # define OCSP_BASICRESP_sign_ctx(o,ctx,d) \ |
228 | ASN1_item_sign_ctx(ASN1_ITEM_rptr(OCSP_RESPDATA),&(o)->signatureAlgorithm,\ |
229 | NULL,(o)->signature,&(o)->tbsResponseData,ctx) |
230 | |
231 | # define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\ |
232 | &(a)->optionalSignature->signatureAlgorithm,\ |
233 | (a)->optionalSignature->signature,&(a)->tbsRequest,r) |
234 | |
235 | # define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\ |
236 | &(a)->signatureAlgorithm,(a)->signature,&(a)->tbsResponseData,r) |
237 | |