1/*
2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10/* internal ESS related stuff */
11
12ESS_SIGNING_CERT *ESS_SIGNING_CERT_get(PKCS7_SIGNER_INFO *si);
13int ESS_SIGNING_CERT_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);
14
15ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
16 STACK_OF(X509) *certs,
17 int issuer_needed);
18
19ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_get(PKCS7_SIGNER_INFO *si);
20int ESS_SIGNING_CERT_V2_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT_V2 *sc);
21
22ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new_init(const EVP_MD *hash_alg,
23 X509 *signcert,
24 STACK_OF(X509) *certs,
25 int issuer_needed);
26
27/*-
28 * IssuerSerial ::= SEQUENCE {
29 * issuer GeneralNames,
30 * serialNumber CertificateSerialNumber
31 * }
32 */
33
34struct ESS_issuer_serial {
35 STACK_OF(GENERAL_NAME) *issuer;
36 ASN1_INTEGER *serial;
37};
38
39/*-
40 * ESSCertID ::= SEQUENCE {
41 * certHash Hash,
42 * issuerSerial IssuerSerial OPTIONAL
43 * }
44 */
45
46struct ESS_cert_id {
47 ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */
48 ESS_ISSUER_SERIAL *issuer_serial;
49};
50
51/*-
52 * SigningCertificate ::= SEQUENCE {
53 * certs SEQUENCE OF ESSCertID,
54 * policies SEQUENCE OF PolicyInformation OPTIONAL
55 * }
56 */
57
58struct ESS_signing_cert {
59 STACK_OF(ESS_CERT_ID) *cert_ids;
60 STACK_OF(POLICYINFO) *policy_info;
61};
62
63/*-
64 * ESSCertIDv2 ::= SEQUENCE {
65 * hashAlgorithm AlgorithmIdentifier DEFAULT id-sha256,
66 * certHash Hash,
67 * issuerSerial IssuerSerial OPTIONAL
68 * }
69 */
70
71struct ESS_cert_id_v2_st {
72 X509_ALGOR *hash_alg; /* Default: SHA-256 */
73 ASN1_OCTET_STRING *hash;
74 ESS_ISSUER_SERIAL *issuer_serial;
75};
76
77/*-
78 * SigningCertificateV2 ::= SEQUENCE {
79 * certs SEQUENCE OF ESSCertIDv2,
80 * policies SEQUENCE OF PolicyInformation OPTIONAL
81 * }
82 */
83
84struct ESS_signing_cert_v2_st {
85 STACK_OF(ESS_CERT_ID_V2) *cert_ids;
86 STACK_OF(POLICYINFO) *policy_info;
87};
88