1*b077aed3SPierre Pronchery /* 2*b077aed3SPierre Pronchery * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. 3*b077aed3SPierre Pronchery * 4*b077aed3SPierre Pronchery * Licensed under the Apache License 2.0 (the "License"). You may not use 5*b077aed3SPierre Pronchery * this file except in compliance with the License. You can obtain a copy 6*b077aed3SPierre Pronchery * in the file LICENSE in the source distribution or at 7*b077aed3SPierre Pronchery * https://www.openssl.org/source/license.html 8*b077aed3SPierre Pronchery */ 9*b077aed3SPierre Pronchery 10*b077aed3SPierre Pronchery #ifndef OSSL_CRYPTO_ESS_H 11*b077aed3SPierre Pronchery # define OSSL_CRYPTO_ESS_H 12*b077aed3SPierre Pronchery # pragma once 13*b077aed3SPierre Pronchery 14*b077aed3SPierre Pronchery /*- 15*b077aed3SPierre Pronchery * IssuerSerial ::= SEQUENCE { 16*b077aed3SPierre Pronchery * issuer GeneralNames, 17*b077aed3SPierre Pronchery * serialNumber CertificateSerialNumber 18*b077aed3SPierre Pronchery * } 19*b077aed3SPierre Pronchery */ 20*b077aed3SPierre Pronchery 21*b077aed3SPierre Pronchery struct ESS_issuer_serial { 22*b077aed3SPierre Pronchery STACK_OF(GENERAL_NAME) *issuer; 23*b077aed3SPierre Pronchery ASN1_INTEGER *serial; 24*b077aed3SPierre Pronchery }; 25*b077aed3SPierre Pronchery 26*b077aed3SPierre Pronchery /*- 27*b077aed3SPierre Pronchery * ESSCertID ::= SEQUENCE { 28*b077aed3SPierre Pronchery * certHash Hash, 29*b077aed3SPierre Pronchery * issuerSerial IssuerSerial OPTIONAL 30*b077aed3SPierre Pronchery * } 31*b077aed3SPierre Pronchery */ 32*b077aed3SPierre Pronchery 33*b077aed3SPierre Pronchery struct ESS_cert_id { 34*b077aed3SPierre Pronchery ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */ 35*b077aed3SPierre Pronchery ESS_ISSUER_SERIAL *issuer_serial; 36*b077aed3SPierre Pronchery }; 37*b077aed3SPierre Pronchery 38*b077aed3SPierre Pronchery /*- 39*b077aed3SPierre Pronchery * SigningCertificate ::= SEQUENCE { 40*b077aed3SPierre Pronchery * certs SEQUENCE OF ESSCertID, 41*b077aed3SPierre Pronchery * policies SEQUENCE OF PolicyInformation OPTIONAL 42*b077aed3SPierre Pronchery * } 43*b077aed3SPierre Pronchery */ 44*b077aed3SPierre Pronchery 45*b077aed3SPierre Pronchery struct ESS_signing_cert { 46*b077aed3SPierre Pronchery STACK_OF(ESS_CERT_ID) *cert_ids; 47*b077aed3SPierre Pronchery STACK_OF(POLICYINFO) *policy_info; 48*b077aed3SPierre Pronchery }; 49*b077aed3SPierre Pronchery 50*b077aed3SPierre Pronchery /*- 51*b077aed3SPierre Pronchery * ESSCertIDv2 ::= SEQUENCE { 52*b077aed3SPierre Pronchery * hashAlgorithm AlgorithmIdentifier DEFAULT id-sha256, 53*b077aed3SPierre Pronchery * certHash Hash, 54*b077aed3SPierre Pronchery * issuerSerial IssuerSerial OPTIONAL 55*b077aed3SPierre Pronchery * } 56*b077aed3SPierre Pronchery */ 57*b077aed3SPierre Pronchery 58*b077aed3SPierre Pronchery struct ESS_cert_id_v2_st { 59*b077aed3SPierre Pronchery X509_ALGOR *hash_alg; /* Default: SHA-256 */ 60*b077aed3SPierre Pronchery ASN1_OCTET_STRING *hash; 61*b077aed3SPierre Pronchery ESS_ISSUER_SERIAL *issuer_serial; 62*b077aed3SPierre Pronchery }; 63*b077aed3SPierre Pronchery 64*b077aed3SPierre Pronchery /*- 65*b077aed3SPierre Pronchery * SigningCertificateV2 ::= SEQUENCE { 66*b077aed3SPierre Pronchery * certs SEQUENCE OF ESSCertIDv2, 67*b077aed3SPierre Pronchery * policies SEQUENCE OF PolicyInformation OPTIONAL 68*b077aed3SPierre Pronchery * } 69*b077aed3SPierre Pronchery */ 70*b077aed3SPierre Pronchery 71*b077aed3SPierre Pronchery struct ESS_signing_cert_v2_st { 72*b077aed3SPierre Pronchery STACK_OF(ESS_CERT_ID_V2) *cert_ids; 73*b077aed3SPierre Pronchery STACK_OF(POLICYINFO) *policy_info; 74*b077aed3SPierre Pronchery }; 75*b077aed3SPierre Pronchery 76*b077aed3SPierre Pronchery #endif /* OSSL_CRYPTO_ESS_H */ 77