| 1 | /* |
|---|---|
| 2 | * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. |
| 3 | * |
| 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
| 5 | * this file except in compliance with the License. You can obtain a copy |
| 6 | * in the file LICENSE in the source distribution or at |
| 7 | * https://www.openssl.org/source/license.html |
| 8 | */ |
| 9 | |
| 10 | /*- |
| 11 | * MessageImprint ::= SEQUENCE { |
| 12 | * hashAlgorithm AlgorithmIdentifier, |
| 13 | * hashedMessage OCTET STRING } |
| 14 | */ |
| 15 | struct TS_msg_imprint_st { |
| 16 | X509_ALGOR *hash_algo; |
| 17 | ASN1_OCTET_STRING *hashed_msg; |
| 18 | }; |
| 19 | |
| 20 | /*- |
| 21 | * TimeStampResp ::= SEQUENCE { |
| 22 | * status PKIStatusInfo, |
| 23 | * timeStampToken TimeStampToken OPTIONAL } |
| 24 | */ |
| 25 | struct TS_resp_st { |
| 26 | TS_STATUS_INFO *status_info; |
| 27 | PKCS7 *token; |
| 28 | TS_TST_INFO *tst_info; |
| 29 | }; |
| 30 | |
| 31 | /*- |
| 32 | * TimeStampReq ::= SEQUENCE { |
| 33 | * version INTEGER { v1(1) }, |
| 34 | * messageImprint MessageImprint, |
| 35 | * --a hash algorithm OID and the hash value of the data to be |
| 36 | * --time-stamped |
| 37 | * reqPolicy TSAPolicyId OPTIONAL, |
| 38 | * nonce INTEGER OPTIONAL, |
| 39 | * certReq BOOLEAN DEFAULT FALSE, |
| 40 | * extensions [0] IMPLICIT Extensions OPTIONAL } |
| 41 | */ |
| 42 | struct TS_req_st { |
| 43 | ASN1_INTEGER *version; |
| 44 | TS_MSG_IMPRINT *msg_imprint; |
| 45 | ASN1_OBJECT *policy_id; |
| 46 | ASN1_INTEGER *nonce; |
| 47 | ASN1_BOOLEAN cert_req; |
| 48 | STACK_OF(X509_EXTENSION) *extensions; |
| 49 | }; |
| 50 | |
| 51 | /*- |
| 52 | * Accuracy ::= SEQUENCE { |
| 53 | * seconds INTEGER OPTIONAL, |
| 54 | * millis [0] INTEGER (1..999) OPTIONAL, |
| 55 | * micros [1] INTEGER (1..999) OPTIONAL } |
| 56 | */ |
| 57 | struct TS_accuracy_st { |
| 58 | ASN1_INTEGER *seconds; |
| 59 | ASN1_INTEGER *millis; |
| 60 | ASN1_INTEGER *micros; |
| 61 | }; |
| 62 | |
| 63 | /*- |
| 64 | * TSTInfo ::= SEQUENCE { |
| 65 | * version INTEGER { v1(1) }, |
| 66 | * policy TSAPolicyId, |
| 67 | * messageImprint MessageImprint, |
| 68 | * -- MUST have the same value as the similar field in |
| 69 | * -- TimeStampReq |
| 70 | * serialNumber INTEGER, |
| 71 | * -- Time-Stamping users MUST be ready to accommodate integers |
| 72 | * -- up to 160 bits. |
| 73 | * genTime GeneralizedTime, |
| 74 | * accuracy Accuracy OPTIONAL, |
| 75 | * ordering BOOLEAN DEFAULT FALSE, |
| 76 | * nonce INTEGER OPTIONAL, |
| 77 | * -- MUST be present if the similar field was present |
| 78 | * -- in TimeStampReq. In that case it MUST have the same value. |
| 79 | * tsa [0] GeneralName OPTIONAL, |
| 80 | * extensions [1] IMPLICIT Extensions OPTIONAL } |
| 81 | */ |
| 82 | struct TS_tst_info_st { |
| 83 | ASN1_INTEGER *version; |
| 84 | ASN1_OBJECT *policy_id; |
| 85 | TS_MSG_IMPRINT *msg_imprint; |
| 86 | ASN1_INTEGER *serial; |
| 87 | ASN1_GENERALIZEDTIME *time; |
| 88 | TS_ACCURACY *accuracy; |
| 89 | ASN1_BOOLEAN ordering; |
| 90 | ASN1_INTEGER *nonce; |
| 91 | GENERAL_NAME *tsa; |
| 92 | STACK_OF(X509_EXTENSION) *extensions; |
| 93 | }; |
| 94 | |
| 95 | struct TS_status_info_st { |
| 96 | ASN1_INTEGER *status; |
| 97 | STACK_OF(ASN1_UTF8STRING) *text; |
| 98 | ASN1_BIT_STRING *failure_info; |
| 99 | }; |
| 100 | |
| 101 | struct TS_resp_ctx { |
| 102 | X509 *signer_cert; |
| 103 | EVP_PKEY *signer_key; |
| 104 | const EVP_MD *signer_md; |
| 105 | const EVP_MD *ess_cert_id_digest; |
| 106 | STACK_OF(X509) *certs; /* Certs to include in signed data. */ |
| 107 | STACK_OF(ASN1_OBJECT) *policies; /* Acceptable policies. */ |
| 108 | ASN1_OBJECT *default_policy; /* It may appear in policies, too. */ |
| 109 | STACK_OF(EVP_MD) *mds; /* Acceptable message digests. */ |
| 110 | ASN1_INTEGER *seconds; /* accuracy, 0 means not specified. */ |
| 111 | ASN1_INTEGER *millis; /* accuracy, 0 means not specified. */ |
| 112 | ASN1_INTEGER *micros; /* accuracy, 0 means not specified. */ |
| 113 | unsigned clock_precision_digits; /* fraction of seconds in time stamp |
| 114 | * token. */ |
| 115 | unsigned flags; /* Optional info, see values above. */ |
| 116 | /* Callback functions. */ |
| 117 | TS_serial_cb serial_cb; |
| 118 | void *serial_cb_data; /* User data for serial_cb. */ |
| 119 | TS_time_cb time_cb; |
| 120 | void *time_cb_data; /* User data for time_cb. */ |
| 121 | TS_extension_cb extension_cb; |
| 122 | void *extension_cb_data; /* User data for extension_cb. */ |
| 123 | /* These members are used only while creating the response. */ |
| 124 | TS_REQ *request; |
| 125 | TS_RESP *response; |
| 126 | TS_TST_INFO *tst_info; |
| 127 | }; |
| 128 | |
| 129 | struct TS_verify_ctx { |
| 130 | /* Set this to the union of TS_VFY_... flags you want to carry out. */ |
| 131 | unsigned flags; |
| 132 | /* Must be set only with TS_VFY_SIGNATURE. certs is optional. */ |
| 133 | X509_STORE *store; |
| 134 | STACK_OF(X509) *certs; |
| 135 | /* Must be set only with TS_VFY_POLICY. */ |
| 136 | ASN1_OBJECT *policy; |
| 137 | /* |
| 138 | * Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, the |
| 139 | * algorithm from the response is used. |
| 140 | */ |
| 141 | X509_ALGOR *md_alg; |
| 142 | unsigned char *imprint; |
| 143 | unsigned imprint_len; |
| 144 | /* Must be set only with TS_VFY_DATA. */ |
| 145 | BIO *data; |
| 146 | /* Must be set only with TS_VFY_TSA_NAME. */ |
| 147 | ASN1_INTEGER *nonce; |
| 148 | /* Must be set only with TS_VFY_TSA_NAME. */ |
| 149 | GENERAL_NAME *tsa_name; |
| 150 | }; |
| 151 |
Generated while processing ClickHouse/contrib/openssl/crypto/ts/ts_asn1.c
Generated on 2020-Jan-04 from project ClickHouse revision 19.17.6
Powered by 
Code Browser 2.1
Generator usage only permitted with license.