projects / thirdparty / openssl.git / blame
| Commit | Line | Data |
|---|---|---|
| 7dcee34c DHG |
1 | /* |
| 2 | * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. | |
| 3 | * | |
| 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
| 5 | * this file except in compliance with the License. You can obtain a copy | |
| 6 | * in the file LICENSE in the source distribution or at | |
| 7 | * https://www.openssl.org/source/license.html | |
| 8 | */ | |
| 9 | ||
| 10 | #include <openssl/asn1t.h> | |
| 11 | #include <openssl/x509.h> | |
| 12 | #include <openssl/x509v3.h> | |
| 13 | #include "x509_acert.h" | |
| 14 | ||
| 15 | /* | |
| 16 | * OpenSSL ASN.1 template translation of RFC 5755 4.1. | |
| 17 | */ | |
| 18 | ||
| 19 | ASN1_SEQUENCE(OSSL_OBJECT_DIGEST_INFO) = { | |
| 20 | ASN1_EMBED(OSSL_OBJECT_DIGEST_INFO, digestedObjectType, ASN1_ENUMERATED), | |
| 21 | ASN1_OPT(OSSL_OBJECT_DIGEST_INFO, otherObjectTypeID, ASN1_OBJECT), | |
| 22 | ASN1_EMBED(OSSL_OBJECT_DIGEST_INFO, digestAlgorithm, X509_ALGOR), | |
| 23 | ASN1_EMBED(OSSL_OBJECT_DIGEST_INFO, objectDigest, ASN1_BIT_STRING), | |
| 24 | } ASN1_SEQUENCE_END(OSSL_OBJECT_DIGEST_INFO) | |
| 25 | ||
| 26 | ASN1_SEQUENCE(OSSL_ISSUER_SERIAL) = { | |
| 27 | ASN1_SEQUENCE_OF(OSSL_ISSUER_SERIAL, issuer, GENERAL_NAME), | |
| 28 | ASN1_EMBED(OSSL_ISSUER_SERIAL, serial, ASN1_INTEGER), | |
| 29 | ASN1_OPT(OSSL_ISSUER_SERIAL, issuerUID, ASN1_BIT_STRING), | |
| 30 | } ASN1_SEQUENCE_END(OSSL_ISSUER_SERIAL) | |
| 31 | ||
| 32 | ASN1_SEQUENCE(X509_ACERT_ISSUER_V2FORM) = { | |
| 33 | ASN1_SEQUENCE_OF_OPT(X509_ACERT_ISSUER_V2FORM, issuerName, GENERAL_NAME), | |
| 34 | ASN1_IMP_OPT(X509_ACERT_ISSUER_V2FORM, baseCertificateId, OSSL_ISSUER_SERIAL, 0), | |
| 35 | ASN1_IMP_OPT(X509_ACERT_ISSUER_V2FORM, objectDigestInfo, OSSL_OBJECT_DIGEST_INFO, 1), | |
| 36 | } ASN1_SEQUENCE_END(X509_ACERT_ISSUER_V2FORM) | |
| 37 | ||
| 38 | ASN1_CHOICE(X509_ACERT_ISSUER) = { | |
| 39 | ASN1_SEQUENCE_OF(X509_ACERT_ISSUER, u.v1Form, GENERAL_NAME), | |
| 40 | ASN1_IMP(X509_ACERT_ISSUER, u.v2Form, X509_ACERT_ISSUER_V2FORM, 0), | |
| 41 | } ASN1_CHOICE_END(X509_ACERT_ISSUER) | |
| 42 | ||
| 43 | ASN1_SEQUENCE(X509_HOLDER) = { | |
| 44 | ASN1_IMP_OPT(X509_HOLDER, baseCertificateID, OSSL_ISSUER_SERIAL, 0), | |
| 45 | ASN1_IMP_SEQUENCE_OF_OPT(X509_HOLDER, entityName, GENERAL_NAME, 1), | |
| 46 | ASN1_IMP_OPT(X509_HOLDER, objectDigestInfo, OSSL_OBJECT_DIGEST_INFO, 2), | |
| 47 | } ASN1_SEQUENCE_END(X509_HOLDER) | |
| 48 | ||
| 49 | ASN1_SEQUENCE(X509_ACERT_INFO) = { | |
| 50 | ASN1_EMBED(X509_ACERT_INFO, version, ASN1_INTEGER), | |
| 51 | ASN1_EMBED(X509_ACERT_INFO, holder, X509_HOLDER), | |
| 52 | ASN1_EMBED(X509_ACERT_INFO, issuer, X509_ACERT_ISSUER), | |
| 53 | ASN1_EMBED(X509_ACERT_INFO, signature, X509_ALGOR), | |
| 54 | ASN1_EMBED(X509_ACERT_INFO, serialNumber, ASN1_INTEGER), | |
| 55 | ASN1_EMBED(X509_ACERT_INFO, validityPeriod, X509_VAL), | |
| 56 | ASN1_SEQUENCE_OF(X509_ACERT_INFO, attributes, X509_ATTRIBUTE), | |
| 57 | ASN1_OPT(X509_ACERT_INFO, issuerUID, ASN1_BIT_STRING), | |
| 58 | ASN1_SEQUENCE_OF_OPT(X509_ACERT_INFO, extensions, X509_EXTENSION), | |
| 59 | } ASN1_SEQUENCE_END(X509_ACERT_INFO) | |
| 60 | ||
| 61 | ASN1_SEQUENCE(X509_ACERT) = { | |
| 62 | ASN1_SIMPLE(X509_ACERT, acinfo, X509_ACERT_INFO), | |
| 63 | ASN1_EMBED(X509_ACERT, sig_alg, X509_ALGOR), | |
| 64 | ASN1_EMBED(X509_ACERT, signature, ASN1_BIT_STRING), | |
| 65 | } ASN1_SEQUENCE_END(X509_ACERT) | |
| 66 | ||
| 67 | IMPLEMENT_ASN1_FUNCTIONS(X509_ACERT) | |
| 68 | IMPLEMENT_ASN1_DUP_FUNCTION(X509_ACERT) | |
| 69 | IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X509_ACERT_INFO) | |
| 70 | IMPLEMENT_ASN1_ALLOC_FUNCTIONS(OSSL_ISSUER_SERIAL) | |
| 71 | IMPLEMENT_ASN1_ALLOC_FUNCTIONS(OSSL_OBJECT_DIGEST_INFO) | |
| 72 | IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X509_ACERT_ISSUER_V2FORM) | |
| 73 | ||
| 74 | IMPLEMENT_PEM_rw(X509_ACERT, X509_ACERT, PEM_STRING_ACERT, X509_ACERT) | |
| 75 | ||
| 9e1a8b5e DHG |
76 | static X509_NAME *get_dirName(const GENERAL_NAMES *names) |
| 77 | { | |
| 78 | GENERAL_NAME *dirName; | |
| 79 | ||
| 80 | if (sk_GENERAL_NAME_num(names) != 1) | |
| 81 | return NULL; | |
| 82 | ||
| 83 | dirName = sk_GENERAL_NAME_value(names, 0); | |
| 84 | if (dirName->type != GEN_DIRNAME) | |
| 85 | return NULL; | |
| 86 | ||
| 87 | return dirName->d.directoryName; | |
| 88 | } | |
| 89 | ||
| 90 | void OSSL_OBJECT_DIGEST_INFO_get0_digest(const OSSL_OBJECT_DIGEST_INFO *o, | |
| 91 | int *digestedObjectType, | |
| 92 | const X509_ALGOR **digestAlgorithm, | |
| 93 | const ASN1_BIT_STRING **digest) | |
| 94 | { | |
| 95 | if (digestedObjectType != NULL) | |
| 96 | *digestedObjectType = ASN1_ENUMERATED_get(&o->digestedObjectType); | |
| 97 | if (digestAlgorithm != NULL) | |
| 98 | *digestAlgorithm = &o->digestAlgorithm; | |
| 99 | if (digest != NULL) | |
| 100 | *digest = &o->objectDigest; | |
| 101 | } | |
| 102 | ||
| 103 | const X509_NAME *OSSL_ISSUER_SERIAL_get0_issuer(const OSSL_ISSUER_SERIAL *isss) | |
| 104 | { | |
| 105 | return get_dirName(isss->issuer); | |
| 106 | } | |
| 107 | ||
| 108 | const ASN1_INTEGER *OSSL_ISSUER_SERIAL_get0_serial(const OSSL_ISSUER_SERIAL *isss) | |
| 109 | { | |
| 110 | return &isss->serial; | |
| 111 | } | |
| 112 | ||
| 113 | const ASN1_BIT_STRING *OSSL_ISSUER_SERIAL_get0_issuerUID(const OSSL_ISSUER_SERIAL *isss) | |
| 114 | { | |
| 115 | return isss->issuerUID; | |
| 116 | } | |
| 117 | ||
| 118 | long X509_ACERT_get_version(const X509_ACERT *x) | |
| 119 | { | |
| 120 | return ASN1_INTEGER_get(&x->acinfo->version); | |
| 121 | } | |
| 122 | ||
| 123 | void X509_ACERT_get0_signature(const X509_ACERT *x, | |
| 124 | const ASN1_BIT_STRING **psig, | |
| 125 | const X509_ALGOR **palg) | |
| 126 | { | |
| 127 | if (psig != NULL) | |
| 128 | *psig = &x->signature; | |
| 129 | if (palg != NULL) | |
| 130 | *palg = &x->sig_alg; | |
| 131 | } | |
| 132 | ||
| 133 | int X509_ACERT_get_signature_nid(const X509_ACERT *x) | |
| 134 | { | |
| 135 | return OBJ_obj2nid(x->sig_alg.algorithm); | |
| 136 | } | |
| 137 | ||
| 138 | const GENERAL_NAMES *X509_ACERT_get0_holder_entityName(const X509_ACERT *x) | |
| 139 | { | |
| 140 | return x->acinfo->holder.entityName; | |
| 141 | } | |
| 142 | ||
| 143 | const OSSL_ISSUER_SERIAL *X509_ACERT_get0_holder_baseCertId(const X509_ACERT *x) | |
| 144 | { | |
| 145 | return x->acinfo->holder.baseCertificateID; | |
| 146 | } | |
| 147 | ||
| 148 | const OSSL_OBJECT_DIGEST_INFO *X509_ACERT_get0_holder_digest(const X509_ACERT *x) | |
| 149 | { | |
| 150 | return x->acinfo->holder.objectDigestInfo; | |
| 151 | } | |
| 152 | ||
| 153 | const X509_NAME *X509_ACERT_get0_issuerName(const X509_ACERT *x) | |
| 154 | { | |
| 155 | if (x->acinfo->issuer.type != X509_ACERT_ISSUER_V2 | |
| 156 | || x->acinfo->issuer.u.v2Form == NULL) | |
| 157 | return NULL; | |
| 158 | ||
| 159 | return get_dirName(x->acinfo->issuer.u.v2Form->issuerName); | |
| 160 | } | |
| 161 | ||
| 162 | const ASN1_BIT_STRING *X509_ACERT_get0_issuerUID(const X509_ACERT *x) | |
| 163 | { | |
| 164 | return x->acinfo->issuerUID; | |
| 165 | } | |
| 166 | ||
| 167 | const X509_ALGOR *X509_ACERT_get0_info_sigalg(const X509_ACERT *x) | |
| 168 | { | |
| 169 | return &x->acinfo->signature; | |
| 170 | } | |
| 171 | ||
| 172 | const ASN1_INTEGER *X509_ACERT_get0_serialNumber(const X509_ACERT *x) | |
| 173 | { | |
| 174 | return &x->acinfo->serialNumber; | |
| 175 | } | |
| 176 | ||
| 177 | const ASN1_GENERALIZEDTIME *X509_ACERT_get0_notBefore(const X509_ACERT *x) | |
| 178 | { | |
| 179 | return x->acinfo->validityPeriod.notBefore; | |
| 180 | } | |
| 181 | ||
| 182 | const ASN1_GENERALIZEDTIME *X509_ACERT_get0_notAfter(const X509_ACERT *x) | |
| 183 | { | |
| 184 | return x->acinfo->validityPeriod.notAfter; | |
| 185 | } |