]>
git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/x509/x509_acert.c
d6b78bfc7cad3248241d0afcc1fe7b719623b1b5
2 * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/asn1t.h>
11 #include <openssl/x509.h>
12 #include <openssl/x509v3.h>
13 #include "x509_acert.h"
16 * OpenSSL ASN.1 template translation of RFC 5755 4.1.
19 ASN1_SEQUENCE(OSSL_OBJECT_DIGEST_INFO
) = {
20 ASN1_EMBED(OSSL_OBJECT_DIGEST_INFO
, digestedObjectType
, ASN1_ENUMERATED
),
21 ASN1_OPT(OSSL_OBJECT_DIGEST_INFO
, otherObjectTypeID
, ASN1_OBJECT
),
22 ASN1_EMBED(OSSL_OBJECT_DIGEST_INFO
, digestAlgorithm
, X509_ALGOR
),
23 ASN1_EMBED(OSSL_OBJECT_DIGEST_INFO
, objectDigest
, ASN1_BIT_STRING
),
24 } ASN1_SEQUENCE_END(OSSL_OBJECT_DIGEST_INFO
)
26 ASN1_SEQUENCE(OSSL_ISSUER_SERIAL
) = {
27 ASN1_SEQUENCE_OF(OSSL_ISSUER_SERIAL
, issuer
, GENERAL_NAME
),
28 ASN1_EMBED(OSSL_ISSUER_SERIAL
, serial
, ASN1_INTEGER
),
29 ASN1_OPT(OSSL_ISSUER_SERIAL
, issuerUID
, ASN1_BIT_STRING
),
30 } ASN1_SEQUENCE_END(OSSL_ISSUER_SERIAL
)
32 ASN1_SEQUENCE(X509_ACERT_ISSUER_V2FORM
) = {
33 ASN1_SEQUENCE_OF_OPT(X509_ACERT_ISSUER_V2FORM
, issuerName
, GENERAL_NAME
),
34 ASN1_IMP_OPT(X509_ACERT_ISSUER_V2FORM
, baseCertificateId
, OSSL_ISSUER_SERIAL
, 0),
35 ASN1_IMP_OPT(X509_ACERT_ISSUER_V2FORM
, objectDigestInfo
, OSSL_OBJECT_DIGEST_INFO
, 1),
36 } ASN1_SEQUENCE_END(X509_ACERT_ISSUER_V2FORM
)
38 ASN1_CHOICE(X509_ACERT_ISSUER
) = {
39 ASN1_SEQUENCE_OF(X509_ACERT_ISSUER
, u
.v1Form
, GENERAL_NAME
),
40 ASN1_IMP(X509_ACERT_ISSUER
, u
.v2Form
, X509_ACERT_ISSUER_V2FORM
, 0),
41 } ASN1_CHOICE_END(X509_ACERT_ISSUER
)
43 ASN1_SEQUENCE(X509_HOLDER
) = {
44 ASN1_IMP_OPT(X509_HOLDER
, baseCertificateID
, OSSL_ISSUER_SERIAL
, 0),
45 ASN1_IMP_SEQUENCE_OF_OPT(X509_HOLDER
, entityName
, GENERAL_NAME
, 1),
46 ASN1_IMP_OPT(X509_HOLDER
, objectDigestInfo
, OSSL_OBJECT_DIGEST_INFO
, 2),
47 } ASN1_SEQUENCE_END(X509_HOLDER
)
49 ASN1_SEQUENCE(X509_ACERT_INFO
) = {
50 ASN1_EMBED(X509_ACERT_INFO
, version
, ASN1_INTEGER
),
51 ASN1_EMBED(X509_ACERT_INFO
, holder
, X509_HOLDER
),
52 ASN1_EMBED(X509_ACERT_INFO
, issuer
, X509_ACERT_ISSUER
),
53 ASN1_EMBED(X509_ACERT_INFO
, signature
, X509_ALGOR
),
54 ASN1_EMBED(X509_ACERT_INFO
, serialNumber
, ASN1_INTEGER
),
55 ASN1_EMBED(X509_ACERT_INFO
, validityPeriod
, X509_VAL
),
56 ASN1_SEQUENCE_OF(X509_ACERT_INFO
, attributes
, X509_ATTRIBUTE
),
57 ASN1_OPT(X509_ACERT_INFO
, issuerUID
, ASN1_BIT_STRING
),
58 ASN1_SEQUENCE_OF_OPT(X509_ACERT_INFO
, extensions
, X509_EXTENSION
),
59 } ASN1_SEQUENCE_END(X509_ACERT_INFO
)
61 ASN1_SEQUENCE(X509_ACERT
) = {
62 ASN1_SIMPLE(X509_ACERT
, acinfo
, X509_ACERT_INFO
),
63 ASN1_EMBED(X509_ACERT
, sig_alg
, X509_ALGOR
),
64 ASN1_EMBED(X509_ACERT
, signature
, ASN1_BIT_STRING
),
65 } ASN1_SEQUENCE_END(X509_ACERT
)
67 IMPLEMENT_ASN1_FUNCTIONS(X509_ACERT
)
68 IMPLEMENT_ASN1_DUP_FUNCTION(X509_ACERT
)
69 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X509_ACERT_INFO
)
70 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(OSSL_ISSUER_SERIAL
)
71 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(OSSL_OBJECT_DIGEST_INFO
)
72 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X509_ACERT_ISSUER_V2FORM
)
74 IMPLEMENT_PEM_rw(X509_ACERT
, X509_ACERT
, PEM_STRING_ACERT
, X509_ACERT
)
76 static X509_NAME
*get_dirName(const GENERAL_NAMES
*names
)
78 GENERAL_NAME
*dirName
;
80 if (sk_GENERAL_NAME_num(names
) != 1)
83 dirName
= sk_GENERAL_NAME_value(names
, 0);
84 if (dirName
->type
!= GEN_DIRNAME
)
87 return dirName
->d
.directoryName
;
90 void OSSL_OBJECT_DIGEST_INFO_get0_digest(const OSSL_OBJECT_DIGEST_INFO
*o
,
91 int *digestedObjectType
,
92 const X509_ALGOR
**digestAlgorithm
,
93 const ASN1_BIT_STRING
**digest
)
95 if (digestedObjectType
!= NULL
)
96 *digestedObjectType
= ASN1_ENUMERATED_get(&o
->digestedObjectType
);
97 if (digestAlgorithm
!= NULL
)
98 *digestAlgorithm
= &o
->digestAlgorithm
;
100 *digest
= &o
->objectDigest
;
103 const X509_NAME
*OSSL_ISSUER_SERIAL_get0_issuer(const OSSL_ISSUER_SERIAL
*isss
)
105 return get_dirName(isss
->issuer
);
108 const ASN1_INTEGER
*OSSL_ISSUER_SERIAL_get0_serial(const OSSL_ISSUER_SERIAL
*isss
)
110 return &isss
->serial
;
113 const ASN1_BIT_STRING
*OSSL_ISSUER_SERIAL_get0_issuerUID(const OSSL_ISSUER_SERIAL
*isss
)
115 return isss
->issuerUID
;
118 long X509_ACERT_get_version(const X509_ACERT
*x
)
120 return ASN1_INTEGER_get(&x
->acinfo
->version
);
123 void X509_ACERT_get0_signature(const X509_ACERT
*x
,
124 const ASN1_BIT_STRING
**psig
,
125 const X509_ALGOR
**palg
)
128 *psig
= &x
->signature
;
133 int X509_ACERT_get_signature_nid(const X509_ACERT
*x
)
135 return OBJ_obj2nid(x
->sig_alg
.algorithm
);
138 const GENERAL_NAMES
*X509_ACERT_get0_holder_entityName(const X509_ACERT
*x
)
140 return x
->acinfo
->holder
.entityName
;
143 const OSSL_ISSUER_SERIAL
*X509_ACERT_get0_holder_baseCertId(const X509_ACERT
*x
)
145 return x
->acinfo
->holder
.baseCertificateID
;
148 const OSSL_OBJECT_DIGEST_INFO
*X509_ACERT_get0_holder_digest(const X509_ACERT
*x
)
150 return x
->acinfo
->holder
.objectDigestInfo
;
153 const X509_NAME
*X509_ACERT_get0_issuerName(const X509_ACERT
*x
)
155 if (x
->acinfo
->issuer
.type
!= X509_ACERT_ISSUER_V2
156 || x
->acinfo
->issuer
.u
.v2Form
== NULL
)
159 return get_dirName(x
->acinfo
->issuer
.u
.v2Form
->issuerName
);
162 const ASN1_BIT_STRING
*X509_ACERT_get0_issuerUID(const X509_ACERT
*x
)
164 return x
->acinfo
->issuerUID
;
167 const X509_ALGOR
*X509_ACERT_get0_info_sigalg(const X509_ACERT
*x
)
169 return &x
->acinfo
->signature
;
172 const ASN1_INTEGER
*X509_ACERT_get0_serialNumber(const X509_ACERT
*x
)
174 return &x
->acinfo
->serialNumber
;
177 const ASN1_GENERALIZEDTIME
*X509_ACERT_get0_notBefore(const X509_ACERT
*x
)
179 return x
->acinfo
->validityPeriod
.notBefore
;
182 const ASN1_GENERALIZEDTIME
*X509_ACERT_get0_notAfter(const X509_ACERT
*x
)
184 return x
->acinfo
->validityPeriod
.notAfter
;