ess_asn1.c 3.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117
  1. /*
  2. * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <openssl/err.h>
  10. #include <openssl/asn1t.h>
  11. #include <openssl/cms.h>
  12. #include <openssl/ess.h>
  13. #include <openssl/x509v3.h>
  14. #include "crypto/ess.h"
  15. #include "crypto/cms.h"
  16. /* ASN1 stuff for ESS Structure */
  17. ASN1_SEQUENCE(ESS_ISSUER_SERIAL) = {
  18. ASN1_SEQUENCE_OF(ESS_ISSUER_SERIAL, issuer, GENERAL_NAME),
  19. ASN1_SIMPLE(ESS_ISSUER_SERIAL, serial, ASN1_INTEGER)
  20. } static_ASN1_SEQUENCE_END(ESS_ISSUER_SERIAL)
  21. IMPLEMENT_ASN1_FUNCTIONS(ESS_ISSUER_SERIAL)
  22. IMPLEMENT_ASN1_DUP_FUNCTION(ESS_ISSUER_SERIAL)
  23. ASN1_SEQUENCE(ESS_CERT_ID) = {
  24. ASN1_SIMPLE(ESS_CERT_ID, hash, ASN1_OCTET_STRING),
  25. ASN1_OPT(ESS_CERT_ID, issuer_serial, ESS_ISSUER_SERIAL)
  26. } static_ASN1_SEQUENCE_END(ESS_CERT_ID)
  27. IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID)
  28. IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID)
  29. ASN1_SEQUENCE(ESS_SIGNING_CERT) = {
  30. ASN1_SEQUENCE_OF(ESS_SIGNING_CERT, cert_ids, ESS_CERT_ID),
  31. ASN1_SEQUENCE_OF_OPT(ESS_SIGNING_CERT, policy_info, POLICYINFO)
  32. } static_ASN1_SEQUENCE_END(ESS_SIGNING_CERT)
  33. IMPLEMENT_ASN1_FUNCTIONS(ESS_SIGNING_CERT)
  34. IMPLEMENT_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT)
  35. ASN1_SEQUENCE(ESS_CERT_ID_V2) = {
  36. ASN1_OPT(ESS_CERT_ID_V2, hash_alg, X509_ALGOR),
  37. ASN1_SIMPLE(ESS_CERT_ID_V2, hash, ASN1_OCTET_STRING),
  38. ASN1_OPT(ESS_CERT_ID_V2, issuer_serial, ESS_ISSUER_SERIAL)
  39. } static_ASN1_SEQUENCE_END(ESS_CERT_ID_V2)
  40. IMPLEMENT_ASN1_FUNCTIONS(ESS_CERT_ID_V2)
  41. IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID_V2)
  42. ASN1_SEQUENCE(ESS_SIGNING_CERT_V2) = {
  43. ASN1_SEQUENCE_OF(ESS_SIGNING_CERT_V2, cert_ids, ESS_CERT_ID_V2),
  44. ASN1_SEQUENCE_OF_OPT(ESS_SIGNING_CERT_V2, policy_info, POLICYINFO)
  45. } static_ASN1_SEQUENCE_END(ESS_SIGNING_CERT_V2)
  46. IMPLEMENT_ASN1_FUNCTIONS(ESS_SIGNING_CERT_V2)
  47. IMPLEMENT_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT_V2)
  48. /* No cms support means no CMS_SignerInfo* definitions */
  49. #ifndef OPENSSL_NO_CMS
  50. /*
  51. * Returns < 0 if attribute is not found, 1 if found, or
  52. * -1 on attribute parsing failure.
  53. */
  54. int ossl_cms_signerinfo_get_signing_cert_v2(const CMS_SignerInfo *si,
  55. ESS_SIGNING_CERT_V2 **psc)
  56. {
  57. ASN1_STRING *str;
  58. ESS_SIGNING_CERT_V2 *sc;
  59. ASN1_OBJECT *obj = OBJ_nid2obj(NID_id_smime_aa_signingCertificateV2);
  60. if (psc != NULL)
  61. *psc = NULL;
  62. str = CMS_signed_get0_data_by_OBJ(si, obj, -3, V_ASN1_SEQUENCE);
  63. if (str == NULL)
  64. return 0;
  65. sc = ASN1_item_unpack(str, ASN1_ITEM_rptr(ESS_SIGNING_CERT_V2));
  66. if (sc == NULL)
  67. return -1;
  68. if (psc != NULL)
  69. *psc = sc;
  70. else
  71. ESS_SIGNING_CERT_V2_free(sc);
  72. return 1;
  73. }
  74. /*
  75. * Returns < 0 if attribute is not found, 1 if found, or
  76. * -1 on attribute parsing failure.
  77. */
  78. int ossl_cms_signerinfo_get_signing_cert(const CMS_SignerInfo *si,
  79. ESS_SIGNING_CERT **psc)
  80. {
  81. ASN1_STRING *str;
  82. ESS_SIGNING_CERT *sc;
  83. ASN1_OBJECT *obj = OBJ_nid2obj(NID_id_smime_aa_signingCertificate);
  84. if (psc != NULL)
  85. *psc = NULL;
  86. str = CMS_signed_get0_data_by_OBJ(si, obj, -3, V_ASN1_SEQUENCE);
  87. if (str == NULL)
  88. return 0;
  89. sc = ASN1_item_unpack(str, ASN1_ITEM_rptr(ESS_SIGNING_CERT));
  90. if (sc == NULL)
  91. return -1;
  92. if (psc != NULL)
  93. *psc = sc;
  94. else
  95. ESS_SIGNING_CERT_free(sc);
  96. return 1;
  97. }
  98. #endif /* !OPENSSL_NO_CMS */