1 | /* |
2 | * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at |
7 | * https://www.openssl.org/source/license.html |
8 | */ |
9 | |
10 | /* internal ESS related stuff */ |
11 | |
12 | ESS_SIGNING_CERT *ESS_SIGNING_CERT_get(PKCS7_SIGNER_INFO *si); |
13 | int ESS_SIGNING_CERT_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc); |
14 | |
15 | ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert, |
16 | STACK_OF(X509) *certs, |
17 | int issuer_needed); |
18 | |
19 | ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_get(PKCS7_SIGNER_INFO *si); |
20 | int ESS_SIGNING_CERT_V2_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT_V2 *sc); |
21 | |
22 | ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new_init(const EVP_MD *hash_alg, |
23 | X509 *signcert, |
24 | STACK_OF(X509) *certs, |
25 | int issuer_needed); |
26 | |
27 | /*- |
28 | * IssuerSerial ::= SEQUENCE { |
29 | * issuer GeneralNames, |
30 | * serialNumber CertificateSerialNumber |
31 | * } |
32 | */ |
33 | |
34 | struct ESS_issuer_serial { |
35 | STACK_OF(GENERAL_NAME) *issuer; |
36 | ASN1_INTEGER *serial; |
37 | }; |
38 | |
39 | /*- |
40 | * ESSCertID ::= SEQUENCE { |
41 | * certHash Hash, |
42 | * issuerSerial IssuerSerial OPTIONAL |
43 | * } |
44 | */ |
45 | |
46 | struct ESS_cert_id { |
47 | ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */ |
48 | ESS_ISSUER_SERIAL *issuer_serial; |
49 | }; |
50 | |
51 | /*- |
52 | * SigningCertificate ::= SEQUENCE { |
53 | * certs SEQUENCE OF ESSCertID, |
54 | * policies SEQUENCE OF PolicyInformation OPTIONAL |
55 | * } |
56 | */ |
57 | |
58 | struct ESS_signing_cert { |
59 | STACK_OF(ESS_CERT_ID) *cert_ids; |
60 | STACK_OF(POLICYINFO) *policy_info; |
61 | }; |
62 | |
63 | /*- |
64 | * ESSCertIDv2 ::= SEQUENCE { |
65 | * hashAlgorithm AlgorithmIdentifier DEFAULT id-sha256, |
66 | * certHash Hash, |
67 | * issuerSerial IssuerSerial OPTIONAL |
68 | * } |
69 | */ |
70 | |
71 | struct ESS_cert_id_v2_st { |
72 | X509_ALGOR *hash_alg; /* Default: SHA-256 */ |
73 | ASN1_OCTET_STRING *hash; |
74 | ESS_ISSUER_SERIAL *issuer_serial; |
75 | }; |
76 | |
77 | /*- |
78 | * SigningCertificateV2 ::= SEQUENCE { |
79 | * certs SEQUENCE OF ESSCertIDv2, |
80 | * policies SEQUENCE OF PolicyInformation OPTIONAL |
81 | * } |
82 | */ |
83 | |
84 | struct ESS_signing_cert_v2_st { |
85 | STACK_OF(ESS_CERT_ID_V2) *cert_ids; |
86 | STACK_OF(POLICYINFO) *policy_info; |
87 | }; |
88 | |