1 /* $OpenBSD: ts_asn1.c,v 1.15 2024/04/15 15:52:46 tb Exp $ */ 2 /* Written by Nils Larsch for the OpenSSL project 2004. 3 */ 4 /* ==================================================================== 5 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in 16 * the documentation and/or other materials provided with the 17 * distribution. 18 * 19 * 3. All advertising materials mentioning features or use of this 20 * software must display the following acknowledgment: 21 * "This product includes software developed by the OpenSSL Project 22 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 23 * 24 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 25 * endorse or promote products derived from this software without 26 * prior written permission. For written permission, please contact 27 * licensing@OpenSSL.org. 28 * 29 * 5. Products derived from this software may not be called "OpenSSL" 30 * nor may "OpenSSL" appear in their names without prior written 31 * permission of the OpenSSL Project. 32 * 33 * 6. Redistributions of any form whatsoever must retain the following 34 * acknowledgment: 35 * "This product includes software developed by the OpenSSL Project 36 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 37 * 38 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 39 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 41 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 42 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 43 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 45 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49 * OF THE POSSIBILITY OF SUCH DAMAGE. 50 * ==================================================================== 51 * 52 * This product includes cryptographic software written by Eric Young 53 * (eay@cryptsoft.com). This product includes software written by Tim 54 * Hudson (tjh@cryptsoft.com). 55 * 56 */ 57 58 #include <openssl/opensslconf.h> 59 60 #include <openssl/ts.h> 61 #include <openssl/err.h> 62 #include <openssl/asn1t.h> 63 64 #include "ts_local.h" 65 66 static const ASN1_TEMPLATE TS_MSG_IMPRINT_seq_tt[] = { 67 { 68 .flags = 0, 69 .tag = 0, 70 .offset = offsetof(TS_MSG_IMPRINT, hash_algo), 71 .field_name = "hash_algo", 72 .item = &X509_ALGOR_it, 73 }, 74 { 75 .flags = 0, 76 .tag = 0, 77 .offset = offsetof(TS_MSG_IMPRINT, hashed_msg), 78 .field_name = "hashed_msg", 79 .item = &ASN1_OCTET_STRING_it, 80 }, 81 }; 82 83 static const ASN1_ITEM TS_MSG_IMPRINT_it = { 84 .itype = ASN1_ITYPE_SEQUENCE, 85 .utype = V_ASN1_SEQUENCE, 86 .templates = TS_MSG_IMPRINT_seq_tt, 87 .tcount = sizeof(TS_MSG_IMPRINT_seq_tt) / sizeof(ASN1_TEMPLATE), 88 .funcs = NULL, 89 .size = sizeof(TS_MSG_IMPRINT), 90 .sname = "TS_MSG_IMPRINT", 91 }; 92 93 94 TS_MSG_IMPRINT * 95 d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a, const unsigned char **in, long len) 96 { 97 return (TS_MSG_IMPRINT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 98 &TS_MSG_IMPRINT_it); 99 } 100 LCRYPTO_ALIAS(d2i_TS_MSG_IMPRINT); 101 102 int 103 i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **out) 104 { 105 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_MSG_IMPRINT_it); 106 } 107 LCRYPTO_ALIAS(i2d_TS_MSG_IMPRINT); 108 109 TS_MSG_IMPRINT * 110 TS_MSG_IMPRINT_new(void) 111 { 112 return (TS_MSG_IMPRINT *)ASN1_item_new(&TS_MSG_IMPRINT_it); 113 } 114 LCRYPTO_ALIAS(TS_MSG_IMPRINT_new); 115 116 void 117 TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a) 118 { 119 ASN1_item_free((ASN1_VALUE *)a, &TS_MSG_IMPRINT_it); 120 } 121 LCRYPTO_ALIAS(TS_MSG_IMPRINT_free); 122 123 TS_MSG_IMPRINT * 124 TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *x) 125 { 126 return ASN1_item_dup(&TS_MSG_IMPRINT_it, x); 127 } 128 LCRYPTO_ALIAS(TS_MSG_IMPRINT_dup); 129 130 #ifndef OPENSSL_NO_BIO 131 TS_MSG_IMPRINT * 132 d2i_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT **a) 133 { 134 return ASN1_item_d2i_bio(&TS_MSG_IMPRINT_it, bp, a); 135 } 136 LCRYPTO_ALIAS(d2i_TS_MSG_IMPRINT_bio); 137 138 int 139 i2d_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT *a) 140 { 141 return ASN1_item_i2d_bio(&TS_MSG_IMPRINT_it, bp, a); 142 } 143 LCRYPTO_ALIAS(i2d_TS_MSG_IMPRINT_bio); 144 #endif 145 146 TS_MSG_IMPRINT * 147 d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a) 148 { 149 return ASN1_item_d2i_fp(&TS_MSG_IMPRINT_it, fp, a); 150 } 151 LCRYPTO_ALIAS(d2i_TS_MSG_IMPRINT_fp); 152 153 int 154 i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a) 155 { 156 return ASN1_item_i2d_fp(&TS_MSG_IMPRINT_it, fp, a); 157 } 158 LCRYPTO_ALIAS(i2d_TS_MSG_IMPRINT_fp); 159 160 static const ASN1_TEMPLATE TS_REQ_seq_tt[] = { 161 { 162 .flags = 0, 163 .tag = 0, 164 .offset = offsetof(TS_REQ, version), 165 .field_name = "version", 166 .item = &ASN1_INTEGER_it, 167 }, 168 { 169 .flags = 0, 170 .tag = 0, 171 .offset = offsetof(TS_REQ, msg_imprint), 172 .field_name = "msg_imprint", 173 .item = &TS_MSG_IMPRINT_it, 174 }, 175 { 176 .flags = ASN1_TFLG_OPTIONAL, 177 .tag = 0, 178 .offset = offsetof(TS_REQ, policy_id), 179 .field_name = "policy_id", 180 .item = &ASN1_OBJECT_it, 181 }, 182 { 183 .flags = ASN1_TFLG_OPTIONAL, 184 .tag = 0, 185 .offset = offsetof(TS_REQ, nonce), 186 .field_name = "nonce", 187 .item = &ASN1_INTEGER_it, 188 }, 189 { 190 .flags = ASN1_TFLG_OPTIONAL, 191 .tag = 0, 192 .offset = offsetof(TS_REQ, cert_req), 193 .field_name = "cert_req", 194 .item = &ASN1_FBOOLEAN_it, 195 }, 196 { 197 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, 198 .tag = 0, 199 .offset = offsetof(TS_REQ, extensions), 200 .field_name = "extensions", 201 .item = &X509_EXTENSION_it, 202 }, 203 }; 204 205 static const ASN1_ITEM TS_REQ_it = { 206 .itype = ASN1_ITYPE_SEQUENCE, 207 .utype = V_ASN1_SEQUENCE, 208 .templates = TS_REQ_seq_tt, 209 .tcount = sizeof(TS_REQ_seq_tt) / sizeof(ASN1_TEMPLATE), 210 .funcs = NULL, 211 .size = sizeof(TS_REQ), 212 .sname = "TS_REQ", 213 }; 214 215 216 TS_REQ * 217 d2i_TS_REQ(TS_REQ **a, const unsigned char **in, long len) 218 { 219 return (TS_REQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 220 &TS_REQ_it); 221 } 222 LCRYPTO_ALIAS(d2i_TS_REQ); 223 224 int 225 i2d_TS_REQ(const TS_REQ *a, unsigned char **out) 226 { 227 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_REQ_it); 228 } 229 LCRYPTO_ALIAS(i2d_TS_REQ); 230 231 TS_REQ * 232 TS_REQ_new(void) 233 { 234 return (TS_REQ *)ASN1_item_new(&TS_REQ_it); 235 } 236 LCRYPTO_ALIAS(TS_REQ_new); 237 238 void 239 TS_REQ_free(TS_REQ *a) 240 { 241 ASN1_item_free((ASN1_VALUE *)a, &TS_REQ_it); 242 } 243 LCRYPTO_ALIAS(TS_REQ_free); 244 245 TS_REQ * 246 TS_REQ_dup(TS_REQ *x) 247 { 248 return ASN1_item_dup(&TS_REQ_it, x); 249 } 250 LCRYPTO_ALIAS(TS_REQ_dup); 251 252 #ifndef OPENSSL_NO_BIO 253 TS_REQ * 254 d2i_TS_REQ_bio(BIO *bp, TS_REQ **a) 255 { 256 return ASN1_item_d2i_bio(&TS_REQ_it, bp, a); 257 } 258 LCRYPTO_ALIAS(d2i_TS_REQ_bio); 259 260 int 261 i2d_TS_REQ_bio(BIO *bp, TS_REQ *a) 262 { 263 return ASN1_item_i2d_bio(&TS_REQ_it, bp, a); 264 } 265 LCRYPTO_ALIAS(i2d_TS_REQ_bio); 266 #endif 267 268 TS_REQ * 269 d2i_TS_REQ_fp(FILE *fp, TS_REQ **a) 270 { 271 return ASN1_item_d2i_fp(&TS_REQ_it, fp, a); 272 } 273 LCRYPTO_ALIAS(d2i_TS_REQ_fp); 274 275 int 276 i2d_TS_REQ_fp(FILE *fp, TS_REQ *a) 277 { 278 return ASN1_item_i2d_fp(&TS_REQ_it, fp, a); 279 } 280 LCRYPTO_ALIAS(i2d_TS_REQ_fp); 281 282 static const ASN1_TEMPLATE TS_ACCURACY_seq_tt[] = { 283 { 284 .flags = ASN1_TFLG_OPTIONAL, 285 .tag = 0, 286 .offset = offsetof(TS_ACCURACY, seconds), 287 .field_name = "seconds", 288 .item = &ASN1_INTEGER_it, 289 }, 290 { 291 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, 292 .tag = 0, 293 .offset = offsetof(TS_ACCURACY, millis), 294 .field_name = "millis", 295 .item = &ASN1_INTEGER_it, 296 }, 297 { 298 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, 299 .tag = 1, 300 .offset = offsetof(TS_ACCURACY, micros), 301 .field_name = "micros", 302 .item = &ASN1_INTEGER_it, 303 }, 304 }; 305 306 static const ASN1_ITEM TS_ACCURACY_it = { 307 .itype = ASN1_ITYPE_SEQUENCE, 308 .utype = V_ASN1_SEQUENCE, 309 .templates = TS_ACCURACY_seq_tt, 310 .tcount = sizeof(TS_ACCURACY_seq_tt) / sizeof(ASN1_TEMPLATE), 311 .funcs = NULL, 312 .size = sizeof(TS_ACCURACY), 313 .sname = "TS_ACCURACY", 314 }; 315 316 317 TS_ACCURACY * 318 d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **in, long len) 319 { 320 return (TS_ACCURACY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 321 &TS_ACCURACY_it); 322 } 323 LCRYPTO_ALIAS(d2i_TS_ACCURACY); 324 325 int 326 i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **out) 327 { 328 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_ACCURACY_it); 329 } 330 LCRYPTO_ALIAS(i2d_TS_ACCURACY); 331 332 TS_ACCURACY * 333 TS_ACCURACY_new(void) 334 { 335 return (TS_ACCURACY *)ASN1_item_new(&TS_ACCURACY_it); 336 } 337 LCRYPTO_ALIAS(TS_ACCURACY_new); 338 339 void 340 TS_ACCURACY_free(TS_ACCURACY *a) 341 { 342 ASN1_item_free((ASN1_VALUE *)a, &TS_ACCURACY_it); 343 } 344 LCRYPTO_ALIAS(TS_ACCURACY_free); 345 346 TS_ACCURACY * 347 TS_ACCURACY_dup(TS_ACCURACY *x) 348 { 349 return ASN1_item_dup(&TS_ACCURACY_it, x); 350 } 351 LCRYPTO_ALIAS(TS_ACCURACY_dup); 352 353 static const ASN1_TEMPLATE TS_TST_INFO_seq_tt[] = { 354 { 355 .flags = 0, 356 .tag = 0, 357 .offset = offsetof(TS_TST_INFO, version), 358 .field_name = "version", 359 .item = &ASN1_INTEGER_it, 360 }, 361 { 362 .flags = 0, 363 .tag = 0, 364 .offset = offsetof(TS_TST_INFO, policy_id), 365 .field_name = "policy_id", 366 .item = &ASN1_OBJECT_it, 367 }, 368 { 369 .flags = 0, 370 .tag = 0, 371 .offset = offsetof(TS_TST_INFO, msg_imprint), 372 .field_name = "msg_imprint", 373 .item = &TS_MSG_IMPRINT_it, 374 }, 375 { 376 .flags = 0, 377 .tag = 0, 378 .offset = offsetof(TS_TST_INFO, serial), 379 .field_name = "serial", 380 .item = &ASN1_INTEGER_it, 381 }, 382 { 383 .flags = 0, 384 .tag = 0, 385 .offset = offsetof(TS_TST_INFO, time), 386 .field_name = "time", 387 .item = &ASN1_GENERALIZEDTIME_it, 388 }, 389 { 390 .flags = ASN1_TFLG_OPTIONAL, 391 .tag = 0, 392 .offset = offsetof(TS_TST_INFO, accuracy), 393 .field_name = "accuracy", 394 .item = &TS_ACCURACY_it, 395 }, 396 { 397 .flags = ASN1_TFLG_OPTIONAL, 398 .tag = 0, 399 .offset = offsetof(TS_TST_INFO, ordering), 400 .field_name = "ordering", 401 .item = &ASN1_FBOOLEAN_it, 402 }, 403 { 404 .flags = ASN1_TFLG_OPTIONAL, 405 .tag = 0, 406 .offset = offsetof(TS_TST_INFO, nonce), 407 .field_name = "nonce", 408 .item = &ASN1_INTEGER_it, 409 }, 410 { 411 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, 412 .tag = 0, 413 .offset = offsetof(TS_TST_INFO, tsa), 414 .field_name = "tsa", 415 .item = &GENERAL_NAME_it, 416 }, 417 { 418 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, 419 .tag = 1, 420 .offset = offsetof(TS_TST_INFO, extensions), 421 .field_name = "extensions", 422 .item = &X509_EXTENSION_it, 423 }, 424 }; 425 426 static const ASN1_ITEM TS_TST_INFO_it = { 427 .itype = ASN1_ITYPE_SEQUENCE, 428 .utype = V_ASN1_SEQUENCE, 429 .templates = TS_TST_INFO_seq_tt, 430 .tcount = sizeof(TS_TST_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), 431 .funcs = NULL, 432 .size = sizeof(TS_TST_INFO), 433 .sname = "TS_TST_INFO", 434 }; 435 436 437 TS_TST_INFO * 438 d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **in, long len) 439 { 440 return (TS_TST_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 441 &TS_TST_INFO_it); 442 } 443 LCRYPTO_ALIAS(d2i_TS_TST_INFO); 444 445 int 446 i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **out) 447 { 448 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_TST_INFO_it); 449 } 450 LCRYPTO_ALIAS(i2d_TS_TST_INFO); 451 452 TS_TST_INFO * 453 TS_TST_INFO_new(void) 454 { 455 return (TS_TST_INFO *)ASN1_item_new(&TS_TST_INFO_it); 456 } 457 LCRYPTO_ALIAS(TS_TST_INFO_new); 458 459 void 460 TS_TST_INFO_free(TS_TST_INFO *a) 461 { 462 ASN1_item_free((ASN1_VALUE *)a, &TS_TST_INFO_it); 463 } 464 LCRYPTO_ALIAS(TS_TST_INFO_free); 465 466 TS_TST_INFO * 467 TS_TST_INFO_dup(TS_TST_INFO *x) 468 { 469 return ASN1_item_dup(&TS_TST_INFO_it, x); 470 } 471 LCRYPTO_ALIAS(TS_TST_INFO_dup); 472 473 #ifndef OPENSSL_NO_BIO 474 TS_TST_INFO * 475 d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a) 476 { 477 return ASN1_item_d2i_bio(&TS_TST_INFO_it, bp, a); 478 } 479 LCRYPTO_ALIAS(d2i_TS_TST_INFO_bio); 480 481 int 482 i2d_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO *a) 483 { 484 return ASN1_item_i2d_bio(&TS_TST_INFO_it, bp, a); 485 } 486 LCRYPTO_ALIAS(i2d_TS_TST_INFO_bio); 487 #endif 488 489 TS_TST_INFO * 490 d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a) 491 { 492 return ASN1_item_d2i_fp(&TS_TST_INFO_it, fp, a); 493 } 494 LCRYPTO_ALIAS(d2i_TS_TST_INFO_fp); 495 496 int 497 i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a) 498 { 499 return ASN1_item_i2d_fp(&TS_TST_INFO_it, fp, a); 500 } 501 LCRYPTO_ALIAS(i2d_TS_TST_INFO_fp); 502 503 static const ASN1_TEMPLATE TS_STATUS_INFO_seq_tt[] = { 504 { 505 .flags = 0, 506 .tag = 0, 507 .offset = offsetof(TS_STATUS_INFO, status), 508 .field_name = "status", 509 .item = &ASN1_INTEGER_it, 510 }, 511 { 512 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, 513 .tag = 0, 514 .offset = offsetof(TS_STATUS_INFO, text), 515 .field_name = "text", 516 .item = &ASN1_UTF8STRING_it, 517 }, 518 { 519 .flags = ASN1_TFLG_OPTIONAL, 520 .tag = 0, 521 .offset = offsetof(TS_STATUS_INFO, failure_info), 522 .field_name = "failure_info", 523 .item = &ASN1_BIT_STRING_it, 524 }, 525 }; 526 527 static const ASN1_ITEM TS_STATUS_INFO_it = { 528 .itype = ASN1_ITYPE_SEQUENCE, 529 .utype = V_ASN1_SEQUENCE, 530 .templates = TS_STATUS_INFO_seq_tt, 531 .tcount = sizeof(TS_STATUS_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), 532 .funcs = NULL, 533 .size = sizeof(TS_STATUS_INFO), 534 .sname = "TS_STATUS_INFO", 535 }; 536 537 538 TS_STATUS_INFO * 539 d2i_TS_STATUS_INFO(TS_STATUS_INFO **a, const unsigned char **in, long len) 540 { 541 return (TS_STATUS_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 542 &TS_STATUS_INFO_it); 543 } 544 LCRYPTO_ALIAS(d2i_TS_STATUS_INFO); 545 546 int 547 i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **out) 548 { 549 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_STATUS_INFO_it); 550 } 551 LCRYPTO_ALIAS(i2d_TS_STATUS_INFO); 552 553 TS_STATUS_INFO * 554 TS_STATUS_INFO_new(void) 555 { 556 return (TS_STATUS_INFO *)ASN1_item_new(&TS_STATUS_INFO_it); 557 } 558 LCRYPTO_ALIAS(TS_STATUS_INFO_new); 559 560 void 561 TS_STATUS_INFO_free(TS_STATUS_INFO *a) 562 { 563 ASN1_item_free((ASN1_VALUE *)a, &TS_STATUS_INFO_it); 564 } 565 LCRYPTO_ALIAS(TS_STATUS_INFO_free); 566 567 TS_STATUS_INFO * 568 TS_STATUS_INFO_dup(TS_STATUS_INFO *x) 569 { 570 return ASN1_item_dup(&TS_STATUS_INFO_it, x); 571 } 572 LCRYPTO_ALIAS(TS_STATUS_INFO_dup); 573 574 static int 575 ts_resp_set_tst_info(TS_RESP *a) 576 { 577 long status; 578 579 status = ASN1_INTEGER_get(a->status_info->status); 580 581 if (a->token) { 582 if (status != 0 && status != 1) { 583 TSerror(TS_R_TOKEN_PRESENT); 584 return 0; 585 } 586 if (a->tst_info != NULL) 587 TS_TST_INFO_free(a->tst_info); 588 a->tst_info = PKCS7_to_TS_TST_INFO(a->token); 589 if (!a->tst_info) { 590 TSerror(TS_R_PKCS7_TO_TS_TST_INFO_FAILED); 591 return 0; 592 } 593 } else if (status == 0 || status == 1) { 594 TSerror(TS_R_TOKEN_NOT_PRESENT); 595 return 0; 596 } 597 598 return 1; 599 } 600 601 static int 602 ts_resp_cb(int op, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) 603 { 604 TS_RESP *ts_resp = (TS_RESP *)*pval; 605 606 if (op == ASN1_OP_NEW_POST) { 607 ts_resp->tst_info = NULL; 608 } else if (op == ASN1_OP_FREE_POST) { 609 if (ts_resp->tst_info != NULL) 610 TS_TST_INFO_free(ts_resp->tst_info); 611 } else if (op == ASN1_OP_D2I_POST) { 612 if (ts_resp_set_tst_info(ts_resp) == 0) 613 return 0; 614 } 615 return 1; 616 } 617 618 static const ASN1_AUX TS_RESP_aux = { 619 .app_data = NULL, 620 .flags = 0, 621 .ref_offset = 0, 622 .ref_lock = 0, 623 .asn1_cb = ts_resp_cb, 624 .enc_offset = 0, 625 }; 626 static const ASN1_TEMPLATE TS_RESP_seq_tt[] = { 627 { 628 .flags = 0, 629 .tag = 0, 630 .offset = offsetof(TS_RESP, status_info), 631 .field_name = "status_info", 632 .item = &TS_STATUS_INFO_it, 633 }, 634 { 635 .flags = ASN1_TFLG_OPTIONAL, 636 .tag = 0, 637 .offset = offsetof(TS_RESP, token), 638 .field_name = "token", 639 .item = &PKCS7_it, 640 }, 641 }; 642 643 static const ASN1_ITEM TS_RESP_it = { 644 .itype = ASN1_ITYPE_SEQUENCE, 645 .utype = V_ASN1_SEQUENCE, 646 .templates = TS_RESP_seq_tt, 647 .tcount = sizeof(TS_RESP_seq_tt) / sizeof(ASN1_TEMPLATE), 648 .funcs = &TS_RESP_aux, 649 .size = sizeof(TS_RESP), 650 .sname = "TS_RESP", 651 }; 652 653 654 TS_RESP * 655 d2i_TS_RESP(TS_RESP **a, const unsigned char **in, long len) 656 { 657 return (TS_RESP *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 658 &TS_RESP_it); 659 } 660 LCRYPTO_ALIAS(d2i_TS_RESP); 661 662 int 663 i2d_TS_RESP(const TS_RESP *a, unsigned char **out) 664 { 665 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_RESP_it); 666 } 667 LCRYPTO_ALIAS(i2d_TS_RESP); 668 669 TS_RESP * 670 TS_RESP_new(void) 671 { 672 return (TS_RESP *)ASN1_item_new(&TS_RESP_it); 673 } 674 LCRYPTO_ALIAS(TS_RESP_new); 675 676 void 677 TS_RESP_free(TS_RESP *a) 678 { 679 ASN1_item_free((ASN1_VALUE *)a, &TS_RESP_it); 680 } 681 LCRYPTO_ALIAS(TS_RESP_free); 682 683 TS_RESP * 684 TS_RESP_dup(TS_RESP *x) 685 { 686 return ASN1_item_dup(&TS_RESP_it, x); 687 } 688 LCRYPTO_ALIAS(TS_RESP_dup); 689 690 #ifndef OPENSSL_NO_BIO 691 TS_RESP * 692 d2i_TS_RESP_bio(BIO *bp, TS_RESP **a) 693 { 694 return ASN1_item_d2i_bio(&TS_RESP_it, bp, a); 695 } 696 LCRYPTO_ALIAS(d2i_TS_RESP_bio); 697 698 int 699 i2d_TS_RESP_bio(BIO *bp, TS_RESP *a) 700 { 701 return ASN1_item_i2d_bio(&TS_RESP_it, bp, a); 702 } 703 LCRYPTO_ALIAS(i2d_TS_RESP_bio); 704 #endif 705 706 TS_RESP * 707 d2i_TS_RESP_fp(FILE *fp, TS_RESP **a) 708 { 709 return ASN1_item_d2i_fp(&TS_RESP_it, fp, a); 710 } 711 LCRYPTO_ALIAS(d2i_TS_RESP_fp); 712 713 int 714 i2d_TS_RESP_fp(FILE *fp, TS_RESP *a) 715 { 716 return ASN1_item_i2d_fp(&TS_RESP_it, fp, a); 717 } 718 LCRYPTO_ALIAS(i2d_TS_RESP_fp); 719 720 static const ASN1_TEMPLATE ESS_ISSUER_SERIAL_seq_tt[] = { 721 { 722 .flags = ASN1_TFLG_SEQUENCE_OF, 723 .tag = 0, 724 .offset = offsetof(ESS_ISSUER_SERIAL, issuer), 725 .field_name = "issuer", 726 .item = &GENERAL_NAME_it, 727 }, 728 { 729 .flags = 0, 730 .tag = 0, 731 .offset = offsetof(ESS_ISSUER_SERIAL, serial), 732 .field_name = "serial", 733 .item = &ASN1_INTEGER_it, 734 }, 735 }; 736 737 static const ASN1_ITEM ESS_ISSUER_SERIAL_it = { 738 .itype = ASN1_ITYPE_SEQUENCE, 739 .utype = V_ASN1_SEQUENCE, 740 .templates = ESS_ISSUER_SERIAL_seq_tt, 741 .tcount = sizeof(ESS_ISSUER_SERIAL_seq_tt) / sizeof(ASN1_TEMPLATE), 742 .funcs = NULL, 743 .size = sizeof(ESS_ISSUER_SERIAL), 744 .sname = "ESS_ISSUER_SERIAL", 745 }; 746 747 748 ESS_ISSUER_SERIAL * 749 d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a, const unsigned char **in, long len) 750 { 751 return (ESS_ISSUER_SERIAL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 752 &ESS_ISSUER_SERIAL_it); 753 } 754 LCRYPTO_ALIAS(d2i_ESS_ISSUER_SERIAL); 755 756 int 757 i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **out) 758 { 759 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_ISSUER_SERIAL_it); 760 } 761 LCRYPTO_ALIAS(i2d_ESS_ISSUER_SERIAL); 762 763 ESS_ISSUER_SERIAL * 764 ESS_ISSUER_SERIAL_new(void) 765 { 766 return (ESS_ISSUER_SERIAL *)ASN1_item_new(&ESS_ISSUER_SERIAL_it); 767 } 768 LCRYPTO_ALIAS(ESS_ISSUER_SERIAL_new); 769 770 void 771 ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a) 772 { 773 ASN1_item_free((ASN1_VALUE *)a, &ESS_ISSUER_SERIAL_it); 774 } 775 LCRYPTO_ALIAS(ESS_ISSUER_SERIAL_free); 776 777 ESS_ISSUER_SERIAL * 778 ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *x) 779 { 780 return ASN1_item_dup(&ESS_ISSUER_SERIAL_it, x); 781 } 782 LCRYPTO_ALIAS(ESS_ISSUER_SERIAL_dup); 783 784 static const ASN1_TEMPLATE ESS_CERT_ID_seq_tt[] = { 785 { 786 .flags = 0, 787 .tag = 0, 788 .offset = offsetof(ESS_CERT_ID, hash), 789 .field_name = "hash", 790 .item = &ASN1_OCTET_STRING_it, 791 }, 792 { 793 .flags = ASN1_TFLG_OPTIONAL, 794 .tag = 0, 795 .offset = offsetof(ESS_CERT_ID, issuer_serial), 796 .field_name = "issuer_serial", 797 .item = &ESS_ISSUER_SERIAL_it, 798 }, 799 }; 800 801 static const ASN1_ITEM ESS_CERT_ID_it = { 802 .itype = ASN1_ITYPE_SEQUENCE, 803 .utype = V_ASN1_SEQUENCE, 804 .templates = ESS_CERT_ID_seq_tt, 805 .tcount = sizeof(ESS_CERT_ID_seq_tt) / sizeof(ASN1_TEMPLATE), 806 .funcs = NULL, 807 .size = sizeof(ESS_CERT_ID), 808 .sname = "ESS_CERT_ID", 809 }; 810 811 812 ESS_CERT_ID * 813 d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **in, long len) 814 { 815 return (ESS_CERT_ID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 816 &ESS_CERT_ID_it); 817 } 818 LCRYPTO_ALIAS(d2i_ESS_CERT_ID); 819 820 int 821 i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **out) 822 { 823 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_CERT_ID_it); 824 } 825 LCRYPTO_ALIAS(i2d_ESS_CERT_ID); 826 827 ESS_CERT_ID * 828 ESS_CERT_ID_new(void) 829 { 830 return (ESS_CERT_ID *)ASN1_item_new(&ESS_CERT_ID_it); 831 } 832 LCRYPTO_ALIAS(ESS_CERT_ID_new); 833 834 void 835 ESS_CERT_ID_free(ESS_CERT_ID *a) 836 { 837 ASN1_item_free((ASN1_VALUE *)a, &ESS_CERT_ID_it); 838 } 839 LCRYPTO_ALIAS(ESS_CERT_ID_free); 840 841 ESS_CERT_ID * 842 ESS_CERT_ID_dup(ESS_CERT_ID *x) 843 { 844 return ASN1_item_dup(&ESS_CERT_ID_it, x); 845 } 846 LCRYPTO_ALIAS(ESS_CERT_ID_dup); 847 848 static const ASN1_TEMPLATE ESS_SIGNING_CERT_seq_tt[] = { 849 { 850 .flags = ASN1_TFLG_SEQUENCE_OF, 851 .tag = 0, 852 .offset = offsetof(ESS_SIGNING_CERT, cert_ids), 853 .field_name = "cert_ids", 854 .item = &ESS_CERT_ID_it, 855 }, 856 { 857 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, 858 .tag = 0, 859 .offset = offsetof(ESS_SIGNING_CERT, policy_info), 860 .field_name = "policy_info", 861 .item = &POLICYINFO_it, 862 }, 863 }; 864 865 static const ASN1_ITEM ESS_SIGNING_CERT_it = { 866 .itype = ASN1_ITYPE_SEQUENCE, 867 .utype = V_ASN1_SEQUENCE, 868 .templates = ESS_SIGNING_CERT_seq_tt, 869 .tcount = sizeof(ESS_SIGNING_CERT_seq_tt) / sizeof(ASN1_TEMPLATE), 870 .funcs = NULL, 871 .size = sizeof(ESS_SIGNING_CERT), 872 .sname = "ESS_SIGNING_CERT", 873 }; 874 875 876 ESS_SIGNING_CERT * 877 d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a, const unsigned char **in, long len) 878 { 879 return (ESS_SIGNING_CERT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 880 &ESS_SIGNING_CERT_it); 881 } 882 LCRYPTO_ALIAS(d2i_ESS_SIGNING_CERT); 883 884 int 885 i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **out) 886 { 887 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_SIGNING_CERT_it); 888 } 889 LCRYPTO_ALIAS(i2d_ESS_SIGNING_CERT); 890 891 ESS_SIGNING_CERT * 892 ESS_SIGNING_CERT_new(void) 893 { 894 return (ESS_SIGNING_CERT *)ASN1_item_new(&ESS_SIGNING_CERT_it); 895 } 896 LCRYPTO_ALIAS(ESS_SIGNING_CERT_new); 897 898 void 899 ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a) 900 { 901 ASN1_item_free((ASN1_VALUE *)a, &ESS_SIGNING_CERT_it); 902 } 903 LCRYPTO_ALIAS(ESS_SIGNING_CERT_free); 904 905 ESS_SIGNING_CERT * 906 ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *x) 907 { 908 return ASN1_item_dup(&ESS_SIGNING_CERT_it, x); 909 } 910 LCRYPTO_ALIAS(ESS_SIGNING_CERT_dup); 911 912 static const ASN1_TEMPLATE ESS_CERT_ID_V2_seq_tt[] = { 913 { 914 .flags = ASN1_TFLG_OPTIONAL, 915 .tag = 0, 916 .offset = offsetof(ESS_CERT_ID_V2, hash_alg), 917 .field_name = "hash_alg", 918 .item = &X509_ALGOR_it, 919 }, 920 { 921 .flags = 0, 922 .tag = 0, 923 .offset = offsetof(ESS_CERT_ID_V2, hash), 924 .field_name = "hash", 925 .item = &ASN1_OCTET_STRING_it, 926 }, 927 { 928 .flags = ASN1_TFLG_OPTIONAL, 929 .tag = 0, 930 .offset = offsetof(ESS_CERT_ID_V2, issuer_serial), 931 .field_name = "issuer_serial", 932 .item = &ESS_ISSUER_SERIAL_it, 933 }, 934 }; 935 936 static const ASN1_ITEM ESS_CERT_ID_V2_it = { 937 .itype = ASN1_ITYPE_SEQUENCE, 938 .utype = V_ASN1_SEQUENCE, 939 .templates = ESS_CERT_ID_V2_seq_tt, 940 .tcount = sizeof(ESS_CERT_ID_V2_seq_tt) / sizeof(ASN1_TEMPLATE), 941 .funcs = NULL, 942 .size = sizeof(ESS_CERT_ID_V2), 943 .sname = "ESS_CERT_ID_V2", 944 }; 945 946 ESS_CERT_ID_V2 * 947 d2i_ESS_CERT_ID_V2(ESS_CERT_ID_V2 **a, const unsigned char **in, long len) 948 { 949 return (ESS_CERT_ID_V2 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 950 &ESS_CERT_ID_V2_it); 951 } 952 953 int 954 i2d_ESS_CERT_ID_V2(const ESS_CERT_ID_V2 *a, unsigned char **out) 955 { 956 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_CERT_ID_V2_it); 957 } 958 959 ESS_CERT_ID_V2 * 960 ESS_CERT_ID_V2_new(void) 961 { 962 return (ESS_CERT_ID_V2 *)ASN1_item_new(&ESS_CERT_ID_V2_it); 963 } 964 965 void 966 ESS_CERT_ID_V2_free(ESS_CERT_ID_V2 *a) 967 { 968 ASN1_item_free((ASN1_VALUE *)a, &ESS_CERT_ID_V2_it); 969 } 970 971 ESS_CERT_ID_V2 * 972 ESS_CERT_ID_V2_dup(ESS_CERT_ID_V2 *x) 973 { 974 return ASN1_item_dup(&ESS_CERT_ID_V2_it, x); 975 } 976 977 static const ASN1_TEMPLATE ESS_SIGNING_CERT_V2_seq_tt[] = { 978 { 979 .flags = ASN1_TFLG_SEQUENCE_OF, 980 .tag = 0, 981 .offset = offsetof(ESS_SIGNING_CERT_V2, cert_ids), 982 .field_name = "cert_ids", 983 .item = &ESS_CERT_ID_V2_it, 984 }, 985 { 986 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, 987 .tag = 0, 988 .offset = offsetof(ESS_SIGNING_CERT_V2, policy_info), 989 .field_name = "policy_info", 990 .item = &POLICYINFO_it, 991 }, 992 }; 993 994 static const ASN1_ITEM ESS_SIGNING_CERT_V2_it = { 995 .itype = ASN1_ITYPE_SEQUENCE, 996 .utype = V_ASN1_SEQUENCE, 997 .templates = ESS_SIGNING_CERT_V2_seq_tt, 998 .tcount = sizeof(ESS_SIGNING_CERT_V2_seq_tt) / sizeof(ASN1_TEMPLATE), 999 .funcs = NULL, 1000 .size = sizeof(ESS_SIGNING_CERT_V2), 1001 .sname = "ESS_SIGNING_CERT_V2", 1002 }; 1003 1004 ESS_SIGNING_CERT_V2 * 1005 d2i_ESS_SIGNING_CERT_V2(ESS_SIGNING_CERT_V2 **a, const unsigned char **in, long len) 1006 { 1007 return (ESS_SIGNING_CERT_V2 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 1008 &ESS_SIGNING_CERT_V2_it); 1009 } 1010 1011 int 1012 i2d_ESS_SIGNING_CERT_V2(const ESS_SIGNING_CERT_V2 *a, unsigned char **out) 1013 { 1014 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_SIGNING_CERT_V2_it); 1015 } 1016 1017 ESS_SIGNING_CERT_V2 * 1018 ESS_SIGNING_CERT_V2_new(void) 1019 { 1020 return (ESS_SIGNING_CERT_V2 *)ASN1_item_new(&ESS_SIGNING_CERT_V2_it); 1021 } 1022 1023 void 1024 ESS_SIGNING_CERT_V2_free(ESS_SIGNING_CERT_V2 *a) 1025 { 1026 ASN1_item_free((ASN1_VALUE *)a, &ESS_SIGNING_CERT_V2_it); 1027 } 1028 1029 ESS_SIGNING_CERT_V2 * 1030 ESS_SIGNING_CERT_V2_dup(ESS_SIGNING_CERT_V2 *x) 1031 { 1032 return ASN1_item_dup(&ESS_SIGNING_CERT_V2_it, x); 1033 } 1034 1035 /* Getting encapsulated TS_TST_INFO object from PKCS7. */ 1036 TS_TST_INFO * 1037 PKCS7_to_TS_TST_INFO(PKCS7 *token) 1038 { 1039 PKCS7_SIGNED *pkcs7_signed; 1040 PKCS7 *enveloped; 1041 ASN1_TYPE *tst_info_wrapper; 1042 ASN1_OCTET_STRING *tst_info_der; 1043 const unsigned char *p; 1044 1045 if (!PKCS7_type_is_signed(token)) { 1046 TSerror(TS_R_BAD_PKCS7_TYPE); 1047 return NULL; 1048 } 1049 1050 /* Content must be present. */ 1051 if (PKCS7_get_detached(token)) { 1052 TSerror(TS_R_DETACHED_CONTENT); 1053 return NULL; 1054 } 1055 1056 /* We have a signed data with content. */ 1057 pkcs7_signed = token->d.sign; 1058 enveloped = pkcs7_signed->contents; 1059 if (OBJ_obj2nid(enveloped->type) != NID_id_smime_ct_TSTInfo) { 1060 TSerror(TS_R_BAD_PKCS7_TYPE); 1061 return NULL; 1062 } 1063 1064 /* We have a DER encoded TST_INFO as the signed data. */ 1065 tst_info_wrapper = enveloped->d.other; 1066 if (tst_info_wrapper->type != V_ASN1_OCTET_STRING) { 1067 TSerror(TS_R_BAD_TYPE); 1068 return NULL; 1069 } 1070 1071 /* We have the correct ASN1_OCTET_STRING type. */ 1072 tst_info_der = tst_info_wrapper->value.octet_string; 1073 /* At last, decode the TST_INFO. */ 1074 p = tst_info_der->data; 1075 return d2i_TS_TST_INFO(NULL, &p, tst_info_der->length); 1076 } 1077 LCRYPTO_ALIAS(PKCS7_to_TS_TST_INFO); 1078