]>
git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/ocsp/ocsp_req.c
2 /* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
6 This file was originally part of ocsp.c and was transfered to Richard
7 Levitte from CertCo by Kathy Weinhold in mid-spring 2000 to be included
8 in OpenSSL or released as a patch kit. */
10 /* ====================================================================
11 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
17 * 1. Redistributions of source code must retain the above copyright
18 * notice, this list of conditions and the following disclaimer.
20 * 2. Redistributions in binary form must reproduce the above copyright
21 * notice, this list of conditions and the following disclaimer in
22 * the documentation and/or other materials provided with the
25 * 3. All advertising materials mentioning features or use of this
26 * software must display the following acknowledgment:
27 * "This product includes software developed by the OpenSSL Project
28 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
30 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
31 * endorse or promote products derived from this software without
32 * prior written permission. For written permission, please contact
33 * openssl-core@openssl.org.
35 * 5. Products derived from this software may not be called "OpenSSL"
36 * nor may "OpenSSL" appear in their names without prior written
37 * permission of the OpenSSL Project.
39 * 6. Redistributions of any form whatsoever must retain the following
41 * "This product includes software developed by the OpenSSL Project
42 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
44 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
45 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
46 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
47 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
48 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
49 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
50 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
51 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
53 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
54 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
55 * OF THE POSSIBILITY OF SUCH DAMAGE.
56 * ====================================================================
58 * This product includes cryptographic software written by Eric Young
59 * (eay@cryptsoft.com). This product includes software written by Tim
60 * Hudson (tjh@cryptsoft.com).
64 #include <openssl/bio.h>
65 #include <openssl/asn1_mac.h>
66 #include <openssl/err.h>
67 #include <openssl/ocsp.h>
68 #include <openssl/x509v3.h>
70 /* Make sure we work well with older variants of OpenSSL */
71 #ifndef OPENSSL_malloc
72 #define OPENSSL_malloc Malloc
74 #ifndef OPENSSL_realloc
75 #define OPENSSL_realloc Realloc
78 #define OPENSSL_free Free
81 IMPLEMENT_STACK_OF(OCSP_ONEREQ
)
82 IMPLEMENT_ASN1_SET_OF(OCSP_ONEREQ
)
84 OCSP_REQINFO
*OCSP_REQINFO_new(void)
86 OCSP_REQINFO
*ret
=NULL
;
89 M_ASN1_New_Malloc(ret
, OCSP_REQINFO
);
91 ret
->requestorName
= NULL
;
92 ret
->requestList
= NULL
;
93 ret
->requestExtensions
= NULL
;
95 M_ASN1_New_Error(ASN1_F_OCSP_REQINFO_NEW
);
98 void OCSP_REQINFO_free(OCSP_REQINFO
*a
)
100 if (a
== NULL
) return;
101 ASN1_INTEGER_free(a
->version
);
102 GENERAL_NAME_free(a
->requestorName
);
103 sk_OCSP_ONEREQ_pop_free(a
->requestList
, OCSP_ONEREQ_free
);
104 sk_X509_EXTENSION_pop_free(a
->requestExtensions
, X509_EXTENSION_free
);
105 OPENSSL_free((char *)a
);
108 int i2d_OCSP_REQINFO(OCSP_REQINFO
*a
,
114 M_ASN1_I2D_len_EXP_opt(a
->version
,i2d_ASN1_INTEGER
,0,v1
);
115 M_ASN1_I2D_len_EXP_opt(a
->requestorName
,i2d_GENERAL_NAME
,1,v2
);
116 M_ASN1_I2D_len_SEQUENCE_type(OCSP_ONEREQ
,
117 a
->requestList
, i2d_OCSP_ONEREQ
);
118 M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION
,
119 a
->requestExtensions
, i2d_X509_EXTENSION
,2,V_ASN1_SEQUENCE
,v3
);
121 M_ASN1_I2D_seq_total();
122 M_ASN1_I2D_put_EXP_opt(a
->version
,i2d_ASN1_INTEGER
,0,v1
);
123 M_ASN1_I2D_put_EXP_opt(a
->requestorName
,i2d_GENERAL_NAME
,1,v2
);
124 M_ASN1_I2D_put_SEQUENCE_type(OCSP_ONEREQ
,a
->requestList
,i2d_OCSP_ONEREQ
);
125 M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION
,a
->requestExtensions
,i2d_X509_EXTENSION
,2,V_ASN1_SEQUENCE
,v3
);
130 OCSP_REQINFO
*d2i_OCSP_REQINFO(OCSP_REQINFO
**a
,
134 M_ASN1_D2I_vars(a
,OCSP_REQINFO
*,OCSP_REQINFO_new
);
137 M_ASN1_D2I_start_sequence();
138 /* we have the optional version field */
139 if (M_ASN1_next
== (V_ASN1_CONTEXT_SPECIFIC
| V_ASN1_CONSTRUCTED
| 0))
140 { M_ASN1_D2I_get_EXP_opt(ret
->version
,d2i_ASN1_INTEGER
,0);}
143 if (ret
->version
!= NULL
)
145 ASN1_INTEGER_free(ret
->version
);
149 M_ASN1_D2I_get_EXP_opt(ret
->requestorName
,d2i_GENERAL_NAME
,1);
150 M_ASN1_D2I_get_seq_type(OCSP_ONEREQ
, ret
->requestList
,
151 d2i_OCSP_ONEREQ
,OCSP_ONEREQ_free
);
152 /* there is no M_ASN1_D2I_get_EXP_seq* code, so
153 we're using the set version */
154 M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION
,
155 ret
->requestExtensions
,d2i_X509_EXTENSION
,
156 X509_EXTENSION_free
,2,V_ASN1_SEQUENCE
);
157 M_ASN1_D2I_Finish(a
,OCSP_REQINFO_free
,ASN1_F_D2I_OCSP_REQINFO
);
160 int i2a_OCSP_REQINFO(BIO
*bp
,
164 if (a
->version
== NULL
) BIO_puts(bp
, "0");
165 else i2a_ASN1_INTEGER(bp
, a
->version
);
166 if (a
->requestorName
!= NULL
)
170 i2a_GENERAL_NAME(bp
, a
->requestorName
); /* does not exist */
173 if (a
->requestList
!= NULL
)
175 for (i
=0; i
<sk_OCSP_ONEREQ_num(a
->requestList
); i
++)
176 if (sk_OCSP_ONEREQ_value(a
->requestList
,i
) != NULL
)
178 sk_OCSP_ONEREQ_value(a
->requestList
,i
));
179 j
+=sk_OCSP_ONEREQ_num(a
->requestList
);
181 j
+=OCSP_extensions_print(bp
, a
->requestExtensions
,
182 "Request Extensions");
186 OCSP_REQUEST
*OCSP_REQUEST_new(void)
189 OCSP_REQUEST
*ret
=NULL
;
191 M_ASN1_New_Malloc(ret
, OCSP_REQUEST
);
192 M_ASN1_New(ret
->tbsRequest
, OCSP_REQINFO_new
);
193 ret
->optionalSignature
= NULL
;
195 M_ASN1_New_Error(ASN1_F_OCSP_REQUEST_NEW
);
198 void OCSP_REQUEST_free(OCSP_REQUEST
*a
)
200 if (a
== NULL
) return;
201 OCSP_REQINFO_free(a
->tbsRequest
);
202 OCSP_SIGNATURE_free(a
->optionalSignature
);
203 OPENSSL_free((char *)a
);
206 int i2d_OCSP_REQUEST(OCSP_REQUEST
*a
,
212 M_ASN1_I2D_len(a
->tbsRequest
, i2d_OCSP_REQINFO
);
213 M_ASN1_I2D_len_EXP_opt(a
->optionalSignature
, i2d_OCSP_SIGNATURE
, 0, v
);
214 M_ASN1_I2D_seq_total();
215 M_ASN1_I2D_put(a
->tbsRequest
, i2d_OCSP_REQINFO
);
216 M_ASN1_I2D_put_EXP_opt(a
->optionalSignature
, i2d_OCSP_SIGNATURE
, 0, v
);
220 OCSP_REQUEST
*d2i_OCSP_REQUEST(OCSP_REQUEST
**a
,
224 M_ASN1_D2I_vars(a
,OCSP_REQUEST
*,OCSP_REQUEST_new
);
227 M_ASN1_D2I_start_sequence();
228 M_ASN1_D2I_get(ret
->tbsRequest
, d2i_OCSP_REQINFO
);
229 M_ASN1_D2I_get_EXP_opt(ret
->optionalSignature
, d2i_OCSP_SIGNATURE
, 0);
230 M_ASN1_D2I_Finish(a
,OCSP_REQUEST_free
,ASN1_F_D2I_OCSP_REQUEST
);
233 int i2a_OCSP_REQUEST(BIO
*bp
,
236 i2a_OCSP_REQINFO(bp
, a
->tbsRequest
);
237 i2a_OCSP_SIGNATURE(bp
, a
->optionalSignature
);
238 return a
->optionalSignature
? 2 : 1;
241 OCSP_ONEREQ
*OCSP_ONEREQ_new(void)
244 OCSP_ONEREQ
*ret
=NULL
;
246 M_ASN1_New_Malloc(ret
, OCSP_ONEREQ
);
247 M_ASN1_New(ret
->reqCert
, OCSP_CERTID_new
);
248 ret
->singleRequestExtensions
= NULL
;
250 M_ASN1_New_Error(ASN1_F_OCSP_ONEREQ_NEW
);
253 void OCSP_ONEREQ_free(OCSP_ONEREQ
*a
)
255 if (a
== NULL
) return;
256 OCSP_CERTID_free(a
->reqCert
);
257 sk_X509_EXTENSION_pop_free(a
->singleRequestExtensions
, X509_EXTENSION_free
);
258 OPENSSL_free((char *)a
);
261 int i2d_OCSP_ONEREQ(OCSP_ONEREQ
*a
,
267 M_ASN1_I2D_len(a
->reqCert
, i2d_OCSP_CERTID
);
268 M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION
,
269 a
->singleRequestExtensions
, i2d_X509_EXTENSION
, 0,
271 M_ASN1_I2D_seq_total();
272 M_ASN1_I2D_put(a
->reqCert
, i2d_OCSP_CERTID
);
273 M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION
,
274 a
->singleRequestExtensions
, i2d_X509_EXTENSION
, 0,
279 OCSP_ONEREQ
*d2i_OCSP_ONEREQ(OCSP_ONEREQ
**a
,
283 M_ASN1_D2I_vars(a
,OCSP_ONEREQ
*,OCSP_ONEREQ_new
);
286 M_ASN1_D2I_start_sequence();
287 M_ASN1_D2I_get(ret
->reqCert
, d2i_OCSP_CERTID
);
288 /* there is no M_ASN1_D2I_get_EXP_seq* code, so
289 we're using the set version */
290 M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION
,
291 ret
->singleRequestExtensions
, d2i_X509_EXTENSION
,
292 X509_EXTENSION_free
, 0, V_ASN1_SEQUENCE
);
293 M_ASN1_D2I_Finish(a
,OCSP_ONEREQ_free
,ASN1_F_D2I_OCSP_ONEREQ
);
296 int i2a_OCSP_ONEREQ(BIO
*bp
,
299 i2a_OCSP_CERTID(bp
, a
->reqCert
);
301 /* XXX need generic extension print method or need to register
302 * ocsp extensions with existing extension handler mechanism,
303 * invoke i2a callbacks.
305 if (a
->singleRequestExtensions
!= NULL
)
307 for (i
=0; i
<sk_X509_EXTENSION_num(a
->singleRequestExtensions
); i
++)
308 if (sk_X509_EXTENSION_value(a
->singleRequestExtensions
,i
) != NULL
)
309 i2a_X509_EXTENSION(bp
,
310 sk_X509_EXTENSION_value(
311 a
->singleRequestExtensions
, i
));
312 j
+=sk_X509_EXTENSION_num(a
->singleRequestExtensions
);