crypto/ess/ess_asn1.c

   1 /*
   2  * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <openssl/err.h>
  11 #include <openssl/asn1t.h>
  12 #include <openssl/cms.h>
  13 #include <openssl/ess.h>
  14 #include <openssl/x509v3.h>
  15 #include "crypto/ess.h"
  16 #include "crypto/cms.h"
  17
  18 /* ASN1 stuff for ESS Structure */
  19
  20 ASN1_SEQUENCE(ESS_ISSUER_SERIAL) = {
  21         ASN1_SEQUENCE_OF(ESS_ISSUER_SERIAL, issuer, GENERAL_NAME),
  22         ASN1_SIMPLE(ESS_ISSUER_SERIAL, serial, ASN1_INTEGER)
  23 } static_ASN1_SEQUENCE_END(ESS_ISSUER_SERIAL)
  24
  25 IMPLEMENT_ASN1_FUNCTIONS(ESS_ISSUER_SERIAL)
  26 IMPLEMENT_ASN1_DUP_FUNCTION(ESS_ISSUER_SERIAL)
  27
  28 ASN1_SEQUENCE(ESS_CERT_ID) = {
  29         ASN1_SIMPLE(ESS_CERT_ID, hash, ASN1_OCTET_STRING),
  30         ASN1_OPT(ESS_CERT_ID, issuer_serial, ESS_ISSUER_SERIAL)
  31 } static_ASN1_SEQUENCE_END(ESS_CERT_ID)
  32
  33 IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID)
  34 IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID)
  35
  36 ASN1_SEQUENCE(ESS_SIGNING_CERT) = {
  37         ASN1_SEQUENCE_OF(ESS_SIGNING_CERT, cert_ids, ESS_CERT_ID),
  38         ASN1_SEQUENCE_OF_OPT(ESS_SIGNING_CERT, policy_info, POLICYINFO)
  39 } static_ASN1_SEQUENCE_END(ESS_SIGNING_CERT)
  40
  41 IMPLEMENT_ASN1_FUNCTIONS(ESS_SIGNING_CERT)
  42 IMPLEMENT_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT)
  43
  44 ASN1_SEQUENCE(ESS_CERT_ID_V2) = {
  45         ASN1_OPT(ESS_CERT_ID_V2, hash_alg, X509_ALGOR),
  46         ASN1_SIMPLE(ESS_CERT_ID_V2, hash, ASN1_OCTET_STRING),
  47         ASN1_OPT(ESS_CERT_ID_V2, issuer_serial, ESS_ISSUER_SERIAL)
  48 } static_ASN1_SEQUENCE_END(ESS_CERT_ID_V2)
  49
  50 IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID_V2)
  51 IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID_V2)
  52
  53 ASN1_SEQUENCE(ESS_SIGNING_CERT_V2) = {
  54         ASN1_SEQUENCE_OF(ESS_SIGNING_CERT_V2, cert_ids, ESS_CERT_ID_V2),
  55         ASN1_SEQUENCE_OF_OPT(ESS_SIGNING_CERT_V2, policy_info, POLICYINFO)
  56 } static_ASN1_SEQUENCE_END(ESS_SIGNING_CERT_V2)
  57
  58 IMPLEMENT_ASN1_FUNCTIONS(ESS_SIGNING_CERT_V2)
  59 IMPLEMENT_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT_V2)
  60
  61 /* No cms support means no CMS_SignerInfo* definitions */
  62 #ifndef OPENSSL_NO_CMS
  63
  64 /*
  65  * Returns < 0 if attribute is not found, 1 if found, or
  66  * -1 on attribute parsing failure.
  67  */
  68 int cms_signerinfo_get_signing_cert_v2(CMS_SignerInfo *si,
  69                                        ESS_SIGNING_CERT_V2 **psc)
  70 {
  71     ASN1_STRING *str;
  72     ESS_SIGNING_CERT_V2 *sc;
  73     ASN1_OBJECT *obj = OBJ_nid2obj(NID_id_smime_aa_signingCertificateV2);
  74
  75     if (psc != NULL)
  76         *psc = NULL;
  77     str = CMS_signed_get0_data_by_OBJ(si, obj, -3, V_ASN1_SEQUENCE);
  78     if (str == NULL)
  79         return 0;
  80
  81     sc = ASN1_item_unpack(str, ASN1_ITEM_rptr(ESS_SIGNING_CERT_V2));
  82     if (sc == NULL)
  83         return -1;
  84     if (psc != NULL)
  85         *psc = sc;
  86     else
  87         ESS_SIGNING_CERT_V2_free(sc);
  88     return 1;
  89 }
  90
  91 /*
  92  * Returns < 0 if attribute is not found, 1 if found, or
  93  * -1 on attribute parsing failure.
  94  */
  95 int cms_signerinfo_get_signing_cert(CMS_SignerInfo *si,
  96                                     ESS_SIGNING_CERT **psc)
  97 {
  98     ASN1_STRING *str;
  99     ESS_SIGNING_CERT *sc;
 100     ASN1_OBJECT *obj = OBJ_nid2obj(NID_id_smime_aa_signingCertificate);
 101
 102     if (psc != NULL)
 103         *psc = NULL;
 104     str = CMS_signed_get0_data_by_OBJ(si, obj, -3, V_ASN1_SEQUENCE);
 105     if (str == NULL)
 106         return 0;
 107
 108     sc = ASN1_item_unpack(str, ASN1_ITEM_rptr(ESS_SIGNING_CERT));
 109     if (sc == NULL)
 110         return -1;
 111     if (psc != NULL)
 112         *psc = sc;
 113     else
 114         ESS_SIGNING_CERT_free(sc);
 115     return 1;
 116 }
 117 #endif  /* !OPENSSL_NO_CMS */