[thirdparty/openssl.git] / crypto / include / internal / ess_int.h

/*
 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/* internal ESS related stuff */

ESS_SIGNING_CERT *ESS_SIGNING_CERT_get(PKCS7_SIGNER_INFO *si);
int ESS_SIGNING_CERT_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);

ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
                                            STACK_OF(X509) *certs,
                                            int issuer_needed);

ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_get(PKCS7_SIGNER_INFO *si);
int ESS_SIGNING_CERT_V2_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT_V2 *sc);

ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new_init(const EVP_MD *hash_alg,
                                                  X509 *signcert,
                                                  STACK_OF(X509) *certs,
                                                  int issuer_needed);

/*-
 * IssuerSerial ::= SEQUENCE {
 *        issuer                  GeneralNames,
 *        serialNumber            CertificateSerialNumber
 * }
 */

struct ESS_issuer_serial {
    STACK_OF(GENERAL_NAME) *issuer;
    ASN1_INTEGER *serial;
};

/*-
 * ESSCertID ::=  SEQUENCE {
 *        certHash                Hash,
 *        issuerSerial            IssuerSerial OPTIONAL
 * }
 */

struct ESS_cert_id {
    ASN1_OCTET_STRING *hash;    /* Always SHA-1 digest. */
    ESS_ISSUER_SERIAL *issuer_serial;
};

/*-
 * SigningCertificate ::=  SEQUENCE {
 *        certs                   SEQUENCE OF ESSCertID,
 *        policies                SEQUENCE OF PolicyInformation OPTIONAL
 * }
 */

struct ESS_signing_cert {
    STACK_OF(ESS_CERT_ID) *cert_ids;
    STACK_OF(POLICYINFO) *policy_info;
};

/*-
 * ESSCertIDv2 ::=  SEQUENCE {
 *        hashAlgorithm           AlgorithmIdentifier DEFAULT id-sha256,
 *        certHash                Hash,
 *        issuerSerial            IssuerSerial OPTIONAL
 * }
 */

struct ESS_cert_id_v2_st {
    X509_ALGOR *hash_alg;       /* Default: SHA-256 */
    ASN1_OCTET_STRING *hash;
    ESS_ISSUER_SERIAL *issuer_serial;
};

/*-
 * SigningCertificateV2 ::= SEQUENCE {
 *        certs                   SEQUENCE OF ESSCertIDv2,
 *        policies                SEQUENCE OF PolicyInformation OPTIONAL
 * }
 */

struct ESS_signing_cert_v2_st {
    STACK_OF(ESS_CERT_ID_V2) *cert_ids;
    STACK_OF(POLICYINFO) *policy_info;
};
Commit	Line	Data
e85d19c6 AI	1	/*
	2	* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	/* internal ESS related stuff */
	11
	12	ESS_SIGNING_CERT ESS_SIGNING_CERT_get(PKCS7_SIGNER_INFO si);
	13	int ESS_SIGNING_CERT_add(PKCS7_SIGNER_INFO si, ESS_SIGNING_CERT sc);
	14
8c00f267 F	15	ESS_SIGNING_CERT ESS_SIGNING_CERT_new_init(X509 signcert,
	16	STACK_OF(X509) *certs,
	17	int issuer_needed);
	18
e85d19c6 AI	19	ESS_SIGNING_CERT_V2 ESS_SIGNING_CERT_V2_get(PKCS7_SIGNER_INFO si);
	20	int ESS_SIGNING_CERT_V2_add(PKCS7_SIGNER_INFO si, ESS_SIGNING_CERT_V2 sc);
	21
8c00f267 F	22	ESS_SIGNING_CERT_V2 ESS_SIGNING_CERT_V2_new_init(const EVP_MD hash_alg,
	23	X509 *signcert,
	24	STACK_OF(X509) *certs,
	25	int issuer_needed);
	26
e85d19c6 AI	27	/*-
	28	* IssuerSerial ::= SEQUENCE {
	29	* issuer GeneralNames,
	30	* serialNumber CertificateSerialNumber
	31	* }
	32	*/
	33
	34	struct ESS_issuer_serial {
	35	STACK_OF(GENERAL_NAME) *issuer;
	36	ASN1_INTEGER *serial;
	37	};
	38
	39	/*-
	40	* ESSCertID ::= SEQUENCE {
	41	* certHash Hash,
	42	* issuerSerial IssuerSerial OPTIONAL
	43	* }
	44	*/
	45
	46	struct ESS_cert_id {
	47	ASN1_OCTET_STRING hash; / Always SHA-1 digest. */
	48	ESS_ISSUER_SERIAL *issuer_serial;
	49	};
	50
	51	/*-
	52	* SigningCertificate ::= SEQUENCE {
	53	* certs SEQUENCE OF ESSCertID,
	54	* policies SEQUENCE OF PolicyInformation OPTIONAL
	55	* }
	56	*/
	57
	58	struct ESS_signing_cert {
	59	STACK_OF(ESS_CERT_ID) *cert_ids;
	60	STACK_OF(POLICYINFO) *policy_info;
	61	};
	62
	63	/*-
	64	* ESSCertIDv2 ::= SEQUENCE {
	65	* hashAlgorithm AlgorithmIdentifier DEFAULT id-sha256,
	66	* certHash Hash,
	67	* issuerSerial IssuerSerial OPTIONAL
	68	* }
	69	*/
	70
	71	struct ESS_cert_id_v2_st {
	72	X509_ALGOR hash_alg; / Default: SHA-256 */
	73	ASN1_OCTET_STRING *hash;
	74	ESS_ISSUER_SERIAL *issuer_serial;
	75	};
	76
	77	/*-
	78	* SigningCertificateV2 ::= SEQUENCE {
	79	* certs SEQUENCE OF ESSCertIDv2,
	80	* policies SEQUENCE OF PolicyInformation OPTIONAL
	81	* }
	82	*/
	83
	84	struct ESS_signing_cert_v2_st {
	85	STACK_OF(ESS_CERT_ID_V2) *cert_ids;
	86	STACK_OF(POLICYINFO) *policy_info;
	87	};