1 /* $OpenBSD: ts_asn1.c,v 1.13 2022/07/24 08:16:47 tb Exp $ */
2 /* Written by Nils Larsch for the OpenSSL project 2004.
3 */
4 /* ====================================================================
5 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 *
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * 3. All advertising materials mentioning features or use of this
20 * software must display the following acknowledgment:
21 * "This product includes software developed by the OpenSSL Project
22 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
23 *
24 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25 * endorse or promote products derived from this software without
26 * prior written permission. For written permission, please contact
27 * licensing@OpenSSL.org.
28 *
29 * 5. Products derived from this software may not be called "OpenSSL"
30 * nor may "OpenSSL" appear in their names without prior written
31 * permission of the OpenSSL Project.
32 *
33 * 6. Redistributions of any form whatsoever must retain the following
34 * acknowledgment:
35 * "This product includes software developed by the OpenSSL Project
36 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
37 *
38 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
42 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49 * OF THE POSSIBILITY OF SUCH DAMAGE.
50 * ====================================================================
51 *
52 * This product includes cryptographic software written by Eric Young
53 * (eay@cryptsoft.com). This product includes software written by Tim
54 * Hudson (tjh@cryptsoft.com).
55 *
56 */
57
58 #include <openssl/opensslconf.h>
59
60 #include <openssl/ts.h>
61 #include <openssl/err.h>
62 #include <openssl/asn1t.h>
63
64 #include "ts_local.h"
65
66 static const ASN1_TEMPLATE TS_MSG_IMPRINT_seq_tt[] = {
67 {
68 .flags = 0,
69 .tag = 0,
70 .offset = offsetof(TS_MSG_IMPRINT, hash_algo),
71 .field_name = "hash_algo",
72 .item = &X509_ALGOR_it,
73 },
74 {
75 .flags = 0,
76 .tag = 0,
77 .offset = offsetof(TS_MSG_IMPRINT, hashed_msg),
78 .field_name = "hashed_msg",
79 .item = &ASN1_OCTET_STRING_it,
80 },
81 };
82
83 const ASN1_ITEM TS_MSG_IMPRINT_it = {
84 .itype = ASN1_ITYPE_SEQUENCE,
85 .utype = V_ASN1_SEQUENCE,
86 .templates = TS_MSG_IMPRINT_seq_tt,
87 .tcount = sizeof(TS_MSG_IMPRINT_seq_tt) / sizeof(ASN1_TEMPLATE),
88 .funcs = NULL,
89 .size = sizeof(TS_MSG_IMPRINT),
90 .sname = "TS_MSG_IMPRINT",
91 };
92
93
94 TS_MSG_IMPRINT *
d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT ** a,const unsigned char ** in,long len)95 d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a, const unsigned char **in, long len)
96 {
97 return (TS_MSG_IMPRINT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
98 &TS_MSG_IMPRINT_it);
99 }
100
101 int
i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT * a,unsigned char ** out)102 i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **out)
103 {
104 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_MSG_IMPRINT_it);
105 }
106
107 TS_MSG_IMPRINT *
TS_MSG_IMPRINT_new(void)108 TS_MSG_IMPRINT_new(void)
109 {
110 return (TS_MSG_IMPRINT *)ASN1_item_new(&TS_MSG_IMPRINT_it);
111 }
112
113 void
TS_MSG_IMPRINT_free(TS_MSG_IMPRINT * a)114 TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a)
115 {
116 ASN1_item_free((ASN1_VALUE *)a, &TS_MSG_IMPRINT_it);
117 }
118
119 TS_MSG_IMPRINT *
TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT * x)120 TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *x)
121 {
122 return ASN1_item_dup(&TS_MSG_IMPRINT_it, x);
123 }
124
125 #ifndef OPENSSL_NO_BIO
126 TS_MSG_IMPRINT *
d2i_TS_MSG_IMPRINT_bio(BIO * bp,TS_MSG_IMPRINT ** a)127 d2i_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT **a)
128 {
129 return ASN1_item_d2i_bio(&TS_MSG_IMPRINT_it, bp, a);
130 }
131
132 int
i2d_TS_MSG_IMPRINT_bio(BIO * bp,TS_MSG_IMPRINT * a)133 i2d_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT *a)
134 {
135 return ASN1_item_i2d_bio(&TS_MSG_IMPRINT_it, bp, a);
136 }
137 #endif
138
139 TS_MSG_IMPRINT *
d2i_TS_MSG_IMPRINT_fp(FILE * fp,TS_MSG_IMPRINT ** a)140 d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a)
141 {
142 return ASN1_item_d2i_fp(&TS_MSG_IMPRINT_it, fp, a);
143 }
144
145 int
i2d_TS_MSG_IMPRINT_fp(FILE * fp,TS_MSG_IMPRINT * a)146 i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a)
147 {
148 return ASN1_item_i2d_fp(&TS_MSG_IMPRINT_it, fp, a);
149 }
150
151 static const ASN1_TEMPLATE TS_REQ_seq_tt[] = {
152 {
153 .flags = 0,
154 .tag = 0,
155 .offset = offsetof(TS_REQ, version),
156 .field_name = "version",
157 .item = &ASN1_INTEGER_it,
158 },
159 {
160 .flags = 0,
161 .tag = 0,
162 .offset = offsetof(TS_REQ, msg_imprint),
163 .field_name = "msg_imprint",
164 .item = &TS_MSG_IMPRINT_it,
165 },
166 {
167 .flags = ASN1_TFLG_OPTIONAL,
168 .tag = 0,
169 .offset = offsetof(TS_REQ, policy_id),
170 .field_name = "policy_id",
171 .item = &ASN1_OBJECT_it,
172 },
173 {
174 .flags = ASN1_TFLG_OPTIONAL,
175 .tag = 0,
176 .offset = offsetof(TS_REQ, nonce),
177 .field_name = "nonce",
178 .item = &ASN1_INTEGER_it,
179 },
180 {
181 .flags = ASN1_TFLG_OPTIONAL,
182 .tag = 0,
183 .offset = offsetof(TS_REQ, cert_req),
184 .field_name = "cert_req",
185 .item = &ASN1_FBOOLEAN_it,
186 },
187 {
188 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
189 .tag = 0,
190 .offset = offsetof(TS_REQ, extensions),
191 .field_name = "extensions",
192 .item = &X509_EXTENSION_it,
193 },
194 };
195
196 const ASN1_ITEM TS_REQ_it = {
197 .itype = ASN1_ITYPE_SEQUENCE,
198 .utype = V_ASN1_SEQUENCE,
199 .templates = TS_REQ_seq_tt,
200 .tcount = sizeof(TS_REQ_seq_tt) / sizeof(ASN1_TEMPLATE),
201 .funcs = NULL,
202 .size = sizeof(TS_REQ),
203 .sname = "TS_REQ",
204 };
205
206
207 TS_REQ *
d2i_TS_REQ(TS_REQ ** a,const unsigned char ** in,long len)208 d2i_TS_REQ(TS_REQ **a, const unsigned char **in, long len)
209 {
210 return (TS_REQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
211 &TS_REQ_it);
212 }
213
214 int
i2d_TS_REQ(const TS_REQ * a,unsigned char ** out)215 i2d_TS_REQ(const TS_REQ *a, unsigned char **out)
216 {
217 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_REQ_it);
218 }
219
220 TS_REQ *
TS_REQ_new(void)221 TS_REQ_new(void)
222 {
223 return (TS_REQ *)ASN1_item_new(&TS_REQ_it);
224 }
225
226 void
TS_REQ_free(TS_REQ * a)227 TS_REQ_free(TS_REQ *a)
228 {
229 ASN1_item_free((ASN1_VALUE *)a, &TS_REQ_it);
230 }
231
232 TS_REQ *
TS_REQ_dup(TS_REQ * x)233 TS_REQ_dup(TS_REQ *x)
234 {
235 return ASN1_item_dup(&TS_REQ_it, x);
236 }
237
238 #ifndef OPENSSL_NO_BIO
239 TS_REQ *
d2i_TS_REQ_bio(BIO * bp,TS_REQ ** a)240 d2i_TS_REQ_bio(BIO *bp, TS_REQ **a)
241 {
242 return ASN1_item_d2i_bio(&TS_REQ_it, bp, a);
243 }
244
245 int
i2d_TS_REQ_bio(BIO * bp,TS_REQ * a)246 i2d_TS_REQ_bio(BIO *bp, TS_REQ *a)
247 {
248 return ASN1_item_i2d_bio(&TS_REQ_it, bp, a);
249 }
250 #endif
251
252 TS_REQ *
d2i_TS_REQ_fp(FILE * fp,TS_REQ ** a)253 d2i_TS_REQ_fp(FILE *fp, TS_REQ **a)
254 {
255 return ASN1_item_d2i_fp(&TS_REQ_it, fp, a);
256 }
257
258 int
i2d_TS_REQ_fp(FILE * fp,TS_REQ * a)259 i2d_TS_REQ_fp(FILE *fp, TS_REQ *a)
260 {
261 return ASN1_item_i2d_fp(&TS_REQ_it, fp, a);
262 }
263
264 static const ASN1_TEMPLATE TS_ACCURACY_seq_tt[] = {
265 {
266 .flags = ASN1_TFLG_OPTIONAL,
267 .tag = 0,
268 .offset = offsetof(TS_ACCURACY, seconds),
269 .field_name = "seconds",
270 .item = &ASN1_INTEGER_it,
271 },
272 {
273 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
274 .tag = 0,
275 .offset = offsetof(TS_ACCURACY, millis),
276 .field_name = "millis",
277 .item = &ASN1_INTEGER_it,
278 },
279 {
280 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
281 .tag = 1,
282 .offset = offsetof(TS_ACCURACY, micros),
283 .field_name = "micros",
284 .item = &ASN1_INTEGER_it,
285 },
286 };
287
288 const ASN1_ITEM TS_ACCURACY_it = {
289 .itype = ASN1_ITYPE_SEQUENCE,
290 .utype = V_ASN1_SEQUENCE,
291 .templates = TS_ACCURACY_seq_tt,
292 .tcount = sizeof(TS_ACCURACY_seq_tt) / sizeof(ASN1_TEMPLATE),
293 .funcs = NULL,
294 .size = sizeof(TS_ACCURACY),
295 .sname = "TS_ACCURACY",
296 };
297
298
299 TS_ACCURACY *
d2i_TS_ACCURACY(TS_ACCURACY ** a,const unsigned char ** in,long len)300 d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **in, long len)
301 {
302 return (TS_ACCURACY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
303 &TS_ACCURACY_it);
304 }
305
306 int
i2d_TS_ACCURACY(const TS_ACCURACY * a,unsigned char ** out)307 i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **out)
308 {
309 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_ACCURACY_it);
310 }
311
312 TS_ACCURACY *
TS_ACCURACY_new(void)313 TS_ACCURACY_new(void)
314 {
315 return (TS_ACCURACY *)ASN1_item_new(&TS_ACCURACY_it);
316 }
317
318 void
TS_ACCURACY_free(TS_ACCURACY * a)319 TS_ACCURACY_free(TS_ACCURACY *a)
320 {
321 ASN1_item_free((ASN1_VALUE *)a, &TS_ACCURACY_it);
322 }
323
324 TS_ACCURACY *
TS_ACCURACY_dup(TS_ACCURACY * x)325 TS_ACCURACY_dup(TS_ACCURACY *x)
326 {
327 return ASN1_item_dup(&TS_ACCURACY_it, x);
328 }
329
330 static const ASN1_TEMPLATE TS_TST_INFO_seq_tt[] = {
331 {
332 .flags = 0,
333 .tag = 0,
334 .offset = offsetof(TS_TST_INFO, version),
335 .field_name = "version",
336 .item = &ASN1_INTEGER_it,
337 },
338 {
339 .flags = 0,
340 .tag = 0,
341 .offset = offsetof(TS_TST_INFO, policy_id),
342 .field_name = "policy_id",
343 .item = &ASN1_OBJECT_it,
344 },
345 {
346 .flags = 0,
347 .tag = 0,
348 .offset = offsetof(TS_TST_INFO, msg_imprint),
349 .field_name = "msg_imprint",
350 .item = &TS_MSG_IMPRINT_it,
351 },
352 {
353 .flags = 0,
354 .tag = 0,
355 .offset = offsetof(TS_TST_INFO, serial),
356 .field_name = "serial",
357 .item = &ASN1_INTEGER_it,
358 },
359 {
360 .flags = 0,
361 .tag = 0,
362 .offset = offsetof(TS_TST_INFO, time),
363 .field_name = "time",
364 .item = &ASN1_GENERALIZEDTIME_it,
365 },
366 {
367 .flags = ASN1_TFLG_OPTIONAL,
368 .tag = 0,
369 .offset = offsetof(TS_TST_INFO, accuracy),
370 .field_name = "accuracy",
371 .item = &TS_ACCURACY_it,
372 },
373 {
374 .flags = ASN1_TFLG_OPTIONAL,
375 .tag = 0,
376 .offset = offsetof(TS_TST_INFO, ordering),
377 .field_name = "ordering",
378 .item = &ASN1_FBOOLEAN_it,
379 },
380 {
381 .flags = ASN1_TFLG_OPTIONAL,
382 .tag = 0,
383 .offset = offsetof(TS_TST_INFO, nonce),
384 .field_name = "nonce",
385 .item = &ASN1_INTEGER_it,
386 },
387 {
388 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
389 .tag = 0,
390 .offset = offsetof(TS_TST_INFO, tsa),
391 .field_name = "tsa",
392 .item = &GENERAL_NAME_it,
393 },
394 {
395 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
396 .tag = 1,
397 .offset = offsetof(TS_TST_INFO, extensions),
398 .field_name = "extensions",
399 .item = &X509_EXTENSION_it,
400 },
401 };
402
403 const ASN1_ITEM TS_TST_INFO_it = {
404 .itype = ASN1_ITYPE_SEQUENCE,
405 .utype = V_ASN1_SEQUENCE,
406 .templates = TS_TST_INFO_seq_tt,
407 .tcount = sizeof(TS_TST_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
408 .funcs = NULL,
409 .size = sizeof(TS_TST_INFO),
410 .sname = "TS_TST_INFO",
411 };
412
413
414 TS_TST_INFO *
d2i_TS_TST_INFO(TS_TST_INFO ** a,const unsigned char ** in,long len)415 d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **in, long len)
416 {
417 return (TS_TST_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
418 &TS_TST_INFO_it);
419 }
420
421 int
i2d_TS_TST_INFO(const TS_TST_INFO * a,unsigned char ** out)422 i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **out)
423 {
424 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_TST_INFO_it);
425 }
426
427 TS_TST_INFO *
TS_TST_INFO_new(void)428 TS_TST_INFO_new(void)
429 {
430 return (TS_TST_INFO *)ASN1_item_new(&TS_TST_INFO_it);
431 }
432
433 void
TS_TST_INFO_free(TS_TST_INFO * a)434 TS_TST_INFO_free(TS_TST_INFO *a)
435 {
436 ASN1_item_free((ASN1_VALUE *)a, &TS_TST_INFO_it);
437 }
438
439 TS_TST_INFO *
TS_TST_INFO_dup(TS_TST_INFO * x)440 TS_TST_INFO_dup(TS_TST_INFO *x)
441 {
442 return ASN1_item_dup(&TS_TST_INFO_it, x);
443 }
444
445 #ifndef OPENSSL_NO_BIO
446 TS_TST_INFO *
d2i_TS_TST_INFO_bio(BIO * bp,TS_TST_INFO ** a)447 d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a)
448 {
449 return ASN1_item_d2i_bio(&TS_TST_INFO_it, bp, a);
450 }
451
452 int
i2d_TS_TST_INFO_bio(BIO * bp,TS_TST_INFO * a)453 i2d_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO *a)
454 {
455 return ASN1_item_i2d_bio(&TS_TST_INFO_it, bp, a);
456 }
457 #endif
458
459 TS_TST_INFO *
d2i_TS_TST_INFO_fp(FILE * fp,TS_TST_INFO ** a)460 d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a)
461 {
462 return ASN1_item_d2i_fp(&TS_TST_INFO_it, fp, a);
463 }
464
465 int
i2d_TS_TST_INFO_fp(FILE * fp,TS_TST_INFO * a)466 i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a)
467 {
468 return ASN1_item_i2d_fp(&TS_TST_INFO_it, fp, a);
469 }
470
471 static const ASN1_TEMPLATE TS_STATUS_INFO_seq_tt[] = {
472 {
473 .flags = 0,
474 .tag = 0,
475 .offset = offsetof(TS_STATUS_INFO, status),
476 .field_name = "status",
477 .item = &ASN1_INTEGER_it,
478 },
479 {
480 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
481 .tag = 0,
482 .offset = offsetof(TS_STATUS_INFO, text),
483 .field_name = "text",
484 .item = &ASN1_UTF8STRING_it,
485 },
486 {
487 .flags = ASN1_TFLG_OPTIONAL,
488 .tag = 0,
489 .offset = offsetof(TS_STATUS_INFO, failure_info),
490 .field_name = "failure_info",
491 .item = &ASN1_BIT_STRING_it,
492 },
493 };
494
495 const ASN1_ITEM TS_STATUS_INFO_it = {
496 .itype = ASN1_ITYPE_SEQUENCE,
497 .utype = V_ASN1_SEQUENCE,
498 .templates = TS_STATUS_INFO_seq_tt,
499 .tcount = sizeof(TS_STATUS_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
500 .funcs = NULL,
501 .size = sizeof(TS_STATUS_INFO),
502 .sname = "TS_STATUS_INFO",
503 };
504
505
506 TS_STATUS_INFO *
d2i_TS_STATUS_INFO(TS_STATUS_INFO ** a,const unsigned char ** in,long len)507 d2i_TS_STATUS_INFO(TS_STATUS_INFO **a, const unsigned char **in, long len)
508 {
509 return (TS_STATUS_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
510 &TS_STATUS_INFO_it);
511 }
512
513 int
i2d_TS_STATUS_INFO(const TS_STATUS_INFO * a,unsigned char ** out)514 i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **out)
515 {
516 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_STATUS_INFO_it);
517 }
518
519 TS_STATUS_INFO *
TS_STATUS_INFO_new(void)520 TS_STATUS_INFO_new(void)
521 {
522 return (TS_STATUS_INFO *)ASN1_item_new(&TS_STATUS_INFO_it);
523 }
524
525 void
TS_STATUS_INFO_free(TS_STATUS_INFO * a)526 TS_STATUS_INFO_free(TS_STATUS_INFO *a)
527 {
528 ASN1_item_free((ASN1_VALUE *)a, &TS_STATUS_INFO_it);
529 }
530
531 TS_STATUS_INFO *
TS_STATUS_INFO_dup(TS_STATUS_INFO * x)532 TS_STATUS_INFO_dup(TS_STATUS_INFO *x)
533 {
534 return ASN1_item_dup(&TS_STATUS_INFO_it, x);
535 }
536
537 static int
ts_resp_set_tst_info(TS_RESP * a)538 ts_resp_set_tst_info(TS_RESP *a)
539 {
540 long status;
541
542 status = ASN1_INTEGER_get(a->status_info->status);
543
544 if (a->token) {
545 if (status != 0 && status != 1) {
546 TSerror(TS_R_TOKEN_PRESENT);
547 return 0;
548 }
549 if (a->tst_info != NULL)
550 TS_TST_INFO_free(a->tst_info);
551 a->tst_info = PKCS7_to_TS_TST_INFO(a->token);
552 if (!a->tst_info) {
553 TSerror(TS_R_PKCS7_TO_TS_TST_INFO_FAILED);
554 return 0;
555 }
556 } else if (status == 0 || status == 1) {
557 TSerror(TS_R_TOKEN_NOT_PRESENT);
558 return 0;
559 }
560
561 return 1;
562 }
563
564 static int
ts_resp_cb(int op,ASN1_VALUE ** pval,const ASN1_ITEM * it,void * exarg)565 ts_resp_cb(int op, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
566 {
567 TS_RESP *ts_resp = (TS_RESP *)*pval;
568
569 if (op == ASN1_OP_NEW_POST) {
570 ts_resp->tst_info = NULL;
571 } else if (op == ASN1_OP_FREE_POST) {
572 if (ts_resp->tst_info != NULL)
573 TS_TST_INFO_free(ts_resp->tst_info);
574 } else if (op == ASN1_OP_D2I_POST) {
575 if (ts_resp_set_tst_info(ts_resp) == 0)
576 return 0;
577 }
578 return 1;
579 }
580
581 static const ASN1_AUX TS_RESP_aux = {
582 .app_data = NULL,
583 .flags = 0,
584 .ref_offset = 0,
585 .ref_lock = 0,
586 .asn1_cb = ts_resp_cb,
587 .enc_offset = 0,
588 };
589 static const ASN1_TEMPLATE TS_RESP_seq_tt[] = {
590 {
591 .flags = 0,
592 .tag = 0,
593 .offset = offsetof(TS_RESP, status_info),
594 .field_name = "status_info",
595 .item = &TS_STATUS_INFO_it,
596 },
597 {
598 .flags = ASN1_TFLG_OPTIONAL,
599 .tag = 0,
600 .offset = offsetof(TS_RESP, token),
601 .field_name = "token",
602 .item = &PKCS7_it,
603 },
604 };
605
606 const ASN1_ITEM TS_RESP_it = {
607 .itype = ASN1_ITYPE_SEQUENCE,
608 .utype = V_ASN1_SEQUENCE,
609 .templates = TS_RESP_seq_tt,
610 .tcount = sizeof(TS_RESP_seq_tt) / sizeof(ASN1_TEMPLATE),
611 .funcs = &TS_RESP_aux,
612 .size = sizeof(TS_RESP),
613 .sname = "TS_RESP",
614 };
615
616
617 TS_RESP *
d2i_TS_RESP(TS_RESP ** a,const unsigned char ** in,long len)618 d2i_TS_RESP(TS_RESP **a, const unsigned char **in, long len)
619 {
620 return (TS_RESP *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
621 &TS_RESP_it);
622 }
623
624 int
i2d_TS_RESP(const TS_RESP * a,unsigned char ** out)625 i2d_TS_RESP(const TS_RESP *a, unsigned char **out)
626 {
627 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_RESP_it);
628 }
629
630 TS_RESP *
TS_RESP_new(void)631 TS_RESP_new(void)
632 {
633 return (TS_RESP *)ASN1_item_new(&TS_RESP_it);
634 }
635
636 void
TS_RESP_free(TS_RESP * a)637 TS_RESP_free(TS_RESP *a)
638 {
639 ASN1_item_free((ASN1_VALUE *)a, &TS_RESP_it);
640 }
641
642 TS_RESP *
TS_RESP_dup(TS_RESP * x)643 TS_RESP_dup(TS_RESP *x)
644 {
645 return ASN1_item_dup(&TS_RESP_it, x);
646 }
647
648 #ifndef OPENSSL_NO_BIO
649 TS_RESP *
d2i_TS_RESP_bio(BIO * bp,TS_RESP ** a)650 d2i_TS_RESP_bio(BIO *bp, TS_RESP **a)
651 {
652 return ASN1_item_d2i_bio(&TS_RESP_it, bp, a);
653 }
654
655 int
i2d_TS_RESP_bio(BIO * bp,TS_RESP * a)656 i2d_TS_RESP_bio(BIO *bp, TS_RESP *a)
657 {
658 return ASN1_item_i2d_bio(&TS_RESP_it, bp, a);
659 }
660 #endif
661
662 TS_RESP *
d2i_TS_RESP_fp(FILE * fp,TS_RESP ** a)663 d2i_TS_RESP_fp(FILE *fp, TS_RESP **a)
664 {
665 return ASN1_item_d2i_fp(&TS_RESP_it, fp, a);
666 }
667
668 int
i2d_TS_RESP_fp(FILE * fp,TS_RESP * a)669 i2d_TS_RESP_fp(FILE *fp, TS_RESP *a)
670 {
671 return ASN1_item_i2d_fp(&TS_RESP_it, fp, a);
672 }
673
674 static const ASN1_TEMPLATE ESS_ISSUER_SERIAL_seq_tt[] = {
675 {
676 .flags = ASN1_TFLG_SEQUENCE_OF,
677 .tag = 0,
678 .offset = offsetof(ESS_ISSUER_SERIAL, issuer),
679 .field_name = "issuer",
680 .item = &GENERAL_NAME_it,
681 },
682 {
683 .flags = 0,
684 .tag = 0,
685 .offset = offsetof(ESS_ISSUER_SERIAL, serial),
686 .field_name = "serial",
687 .item = &ASN1_INTEGER_it,
688 },
689 };
690
691 const ASN1_ITEM ESS_ISSUER_SERIAL_it = {
692 .itype = ASN1_ITYPE_SEQUENCE,
693 .utype = V_ASN1_SEQUENCE,
694 .templates = ESS_ISSUER_SERIAL_seq_tt,
695 .tcount = sizeof(ESS_ISSUER_SERIAL_seq_tt) / sizeof(ASN1_TEMPLATE),
696 .funcs = NULL,
697 .size = sizeof(ESS_ISSUER_SERIAL),
698 .sname = "ESS_ISSUER_SERIAL",
699 };
700
701
702 ESS_ISSUER_SERIAL *
d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL ** a,const unsigned char ** in,long len)703 d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a, const unsigned char **in, long len)
704 {
705 return (ESS_ISSUER_SERIAL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
706 &ESS_ISSUER_SERIAL_it);
707 }
708
709 int
i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL * a,unsigned char ** out)710 i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **out)
711 {
712 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_ISSUER_SERIAL_it);
713 }
714
715 ESS_ISSUER_SERIAL *
ESS_ISSUER_SERIAL_new(void)716 ESS_ISSUER_SERIAL_new(void)
717 {
718 return (ESS_ISSUER_SERIAL *)ASN1_item_new(&ESS_ISSUER_SERIAL_it);
719 }
720
721 void
ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL * a)722 ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a)
723 {
724 ASN1_item_free((ASN1_VALUE *)a, &ESS_ISSUER_SERIAL_it);
725 }
726
727 ESS_ISSUER_SERIAL *
ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL * x)728 ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *x)
729 {
730 return ASN1_item_dup(&ESS_ISSUER_SERIAL_it, x);
731 }
732
733 static const ASN1_TEMPLATE ESS_CERT_ID_seq_tt[] = {
734 {
735 .flags = 0,
736 .tag = 0,
737 .offset = offsetof(ESS_CERT_ID, hash),
738 .field_name = "hash",
739 .item = &ASN1_OCTET_STRING_it,
740 },
741 {
742 .flags = ASN1_TFLG_OPTIONAL,
743 .tag = 0,
744 .offset = offsetof(ESS_CERT_ID, issuer_serial),
745 .field_name = "issuer_serial",
746 .item = &ESS_ISSUER_SERIAL_it,
747 },
748 };
749
750 const ASN1_ITEM ESS_CERT_ID_it = {
751 .itype = ASN1_ITYPE_SEQUENCE,
752 .utype = V_ASN1_SEQUENCE,
753 .templates = ESS_CERT_ID_seq_tt,
754 .tcount = sizeof(ESS_CERT_ID_seq_tt) / sizeof(ASN1_TEMPLATE),
755 .funcs = NULL,
756 .size = sizeof(ESS_CERT_ID),
757 .sname = "ESS_CERT_ID",
758 };
759
760
761 ESS_CERT_ID *
d2i_ESS_CERT_ID(ESS_CERT_ID ** a,const unsigned char ** in,long len)762 d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **in, long len)
763 {
764 return (ESS_CERT_ID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
765 &ESS_CERT_ID_it);
766 }
767
768 int
i2d_ESS_CERT_ID(const ESS_CERT_ID * a,unsigned char ** out)769 i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **out)
770 {
771 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_CERT_ID_it);
772 }
773
774 ESS_CERT_ID *
ESS_CERT_ID_new(void)775 ESS_CERT_ID_new(void)
776 {
777 return (ESS_CERT_ID *)ASN1_item_new(&ESS_CERT_ID_it);
778 }
779
780 void
ESS_CERT_ID_free(ESS_CERT_ID * a)781 ESS_CERT_ID_free(ESS_CERT_ID *a)
782 {
783 ASN1_item_free((ASN1_VALUE *)a, &ESS_CERT_ID_it);
784 }
785
786 ESS_CERT_ID *
ESS_CERT_ID_dup(ESS_CERT_ID * x)787 ESS_CERT_ID_dup(ESS_CERT_ID *x)
788 {
789 return ASN1_item_dup(&ESS_CERT_ID_it, x);
790 }
791
792 static const ASN1_TEMPLATE ESS_SIGNING_CERT_seq_tt[] = {
793 {
794 .flags = ASN1_TFLG_SEQUENCE_OF,
795 .tag = 0,
796 .offset = offsetof(ESS_SIGNING_CERT, cert_ids),
797 .field_name = "cert_ids",
798 .item = &ESS_CERT_ID_it,
799 },
800 {
801 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
802 .tag = 0,
803 .offset = offsetof(ESS_SIGNING_CERT, policy_info),
804 .field_name = "policy_info",
805 .item = &POLICYINFO_it,
806 },
807 };
808
809 const ASN1_ITEM ESS_SIGNING_CERT_it = {
810 .itype = ASN1_ITYPE_SEQUENCE,
811 .utype = V_ASN1_SEQUENCE,
812 .templates = ESS_SIGNING_CERT_seq_tt,
813 .tcount = sizeof(ESS_SIGNING_CERT_seq_tt) / sizeof(ASN1_TEMPLATE),
814 .funcs = NULL,
815 .size = sizeof(ESS_SIGNING_CERT),
816 .sname = "ESS_SIGNING_CERT",
817 };
818
819
820 ESS_SIGNING_CERT *
d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT ** a,const unsigned char ** in,long len)821 d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a, const unsigned char **in, long len)
822 {
823 return (ESS_SIGNING_CERT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
824 &ESS_SIGNING_CERT_it);
825 }
826
827 int
i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT * a,unsigned char ** out)828 i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **out)
829 {
830 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_SIGNING_CERT_it);
831 }
832
833 ESS_SIGNING_CERT *
ESS_SIGNING_CERT_new(void)834 ESS_SIGNING_CERT_new(void)
835 {
836 return (ESS_SIGNING_CERT *)ASN1_item_new(&ESS_SIGNING_CERT_it);
837 }
838
839 void
ESS_SIGNING_CERT_free(ESS_SIGNING_CERT * a)840 ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a)
841 {
842 ASN1_item_free((ASN1_VALUE *)a, &ESS_SIGNING_CERT_it);
843 }
844
845 ESS_SIGNING_CERT *
ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT * x)846 ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *x)
847 {
848 return ASN1_item_dup(&ESS_SIGNING_CERT_it, x);
849 }
850
851 static const ASN1_TEMPLATE ESS_CERT_ID_V2_seq_tt[] = {
852 {
853 .flags = ASN1_TFLG_OPTIONAL,
854 .tag = 0,
855 .offset = offsetof(ESS_CERT_ID_V2, hash_alg),
856 .field_name = "hash_alg",
857 .item = &X509_ALGOR_it,
858 },
859 {
860 .flags = 0,
861 .tag = 0,
862 .offset = offsetof(ESS_CERT_ID_V2, hash),
863 .field_name = "hash",
864 .item = &ASN1_OCTET_STRING_it,
865 },
866 {
867 .flags = ASN1_TFLG_OPTIONAL,
868 .tag = 0,
869 .offset = offsetof(ESS_CERT_ID_V2, issuer_serial),
870 .field_name = "issuer_serial",
871 .item = &ESS_ISSUER_SERIAL_it,
872 },
873 };
874
875 static const ASN1_ITEM ESS_CERT_ID_V2_it = {
876 .itype = ASN1_ITYPE_SEQUENCE,
877 .utype = V_ASN1_SEQUENCE,
878 .templates = ESS_CERT_ID_V2_seq_tt,
879 .tcount = sizeof(ESS_CERT_ID_V2_seq_tt) / sizeof(ASN1_TEMPLATE),
880 .funcs = NULL,
881 .size = sizeof(ESS_CERT_ID_V2),
882 .sname = "ESS_CERT_ID_V2",
883 };
884
885 ESS_CERT_ID_V2 *
d2i_ESS_CERT_ID_V2(ESS_CERT_ID_V2 ** a,const unsigned char ** in,long len)886 d2i_ESS_CERT_ID_V2(ESS_CERT_ID_V2 **a, const unsigned char **in, long len)
887 {
888 return (ESS_CERT_ID_V2 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
889 &ESS_CERT_ID_V2_it);
890 }
891
892 int
i2d_ESS_CERT_ID_V2(const ESS_CERT_ID_V2 * a,unsigned char ** out)893 i2d_ESS_CERT_ID_V2(const ESS_CERT_ID_V2 *a, unsigned char **out)
894 {
895 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_CERT_ID_V2_it);
896 }
897
898 ESS_CERT_ID_V2 *
ESS_CERT_ID_V2_new(void)899 ESS_CERT_ID_V2_new(void)
900 {
901 return (ESS_CERT_ID_V2 *)ASN1_item_new(&ESS_CERT_ID_V2_it);
902 }
903
904 void
ESS_CERT_ID_V2_free(ESS_CERT_ID_V2 * a)905 ESS_CERT_ID_V2_free(ESS_CERT_ID_V2 *a)
906 {
907 ASN1_item_free((ASN1_VALUE *)a, &ESS_CERT_ID_V2_it);
908 }
909
910 ESS_CERT_ID_V2 *
ESS_CERT_ID_V2_dup(ESS_CERT_ID_V2 * x)911 ESS_CERT_ID_V2_dup(ESS_CERT_ID_V2 *x)
912 {
913 return ASN1_item_dup(&ESS_CERT_ID_V2_it, x);
914 }
915
916 static const ASN1_TEMPLATE ESS_SIGNING_CERT_V2_seq_tt[] = {
917 {
918 .flags = ASN1_TFLG_SEQUENCE_OF,
919 .tag = 0,
920 .offset = offsetof(ESS_SIGNING_CERT_V2, cert_ids),
921 .field_name = "cert_ids",
922 .item = &ESS_CERT_ID_V2_it,
923 },
924 {
925 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
926 .tag = 0,
927 .offset = offsetof(ESS_SIGNING_CERT_V2, policy_info),
928 .field_name = "policy_info",
929 .item = &POLICYINFO_it,
930 },
931 };
932
933 static const ASN1_ITEM ESS_SIGNING_CERT_V2_it = {
934 .itype = ASN1_ITYPE_SEQUENCE,
935 .utype = V_ASN1_SEQUENCE,
936 .templates = ESS_SIGNING_CERT_V2_seq_tt,
937 .tcount = sizeof(ESS_SIGNING_CERT_V2_seq_tt) / sizeof(ASN1_TEMPLATE),
938 .funcs = NULL,
939 .size = sizeof(ESS_SIGNING_CERT_V2),
940 .sname = "ESS_SIGNING_CERT_V2",
941 };
942
943 ESS_SIGNING_CERT_V2 *
d2i_ESS_SIGNING_CERT_V2(ESS_SIGNING_CERT_V2 ** a,const unsigned char ** in,long len)944 d2i_ESS_SIGNING_CERT_V2(ESS_SIGNING_CERT_V2 **a, const unsigned char **in, long len)
945 {
946 return (ESS_SIGNING_CERT_V2 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
947 &ESS_SIGNING_CERT_V2_it);
948 }
949
950 int
i2d_ESS_SIGNING_CERT_V2(const ESS_SIGNING_CERT_V2 * a,unsigned char ** out)951 i2d_ESS_SIGNING_CERT_V2(const ESS_SIGNING_CERT_V2 *a, unsigned char **out)
952 {
953 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_SIGNING_CERT_V2_it);
954 }
955
956 ESS_SIGNING_CERT_V2 *
ESS_SIGNING_CERT_V2_new(void)957 ESS_SIGNING_CERT_V2_new(void)
958 {
959 return (ESS_SIGNING_CERT_V2 *)ASN1_item_new(&ESS_SIGNING_CERT_V2_it);
960 }
961
962 void
ESS_SIGNING_CERT_V2_free(ESS_SIGNING_CERT_V2 * a)963 ESS_SIGNING_CERT_V2_free(ESS_SIGNING_CERT_V2 *a)
964 {
965 ASN1_item_free((ASN1_VALUE *)a, &ESS_SIGNING_CERT_V2_it);
966 }
967
968 ESS_SIGNING_CERT_V2 *
ESS_SIGNING_CERT_V2_dup(ESS_SIGNING_CERT_V2 * x)969 ESS_SIGNING_CERT_V2_dup(ESS_SIGNING_CERT_V2 *x)
970 {
971 return ASN1_item_dup(&ESS_SIGNING_CERT_V2_it, x);
972 }
973
974 /* Getting encapsulated TS_TST_INFO object from PKCS7. */
975 TS_TST_INFO *
PKCS7_to_TS_TST_INFO(PKCS7 * token)976 PKCS7_to_TS_TST_INFO(PKCS7 *token)
977 {
978 PKCS7_SIGNED *pkcs7_signed;
979 PKCS7 *enveloped;
980 ASN1_TYPE *tst_info_wrapper;
981 ASN1_OCTET_STRING *tst_info_der;
982 const unsigned char *p;
983
984 if (!PKCS7_type_is_signed(token)) {
985 TSerror(TS_R_BAD_PKCS7_TYPE);
986 return NULL;
987 }
988
989 /* Content must be present. */
990 if (PKCS7_get_detached(token)) {
991 TSerror(TS_R_DETACHED_CONTENT);
992 return NULL;
993 }
994
995 /* We have a signed data with content. */
996 pkcs7_signed = token->d.sign;
997 enveloped = pkcs7_signed->contents;
998 if (OBJ_obj2nid(enveloped->type) != NID_id_smime_ct_TSTInfo) {
999 TSerror(TS_R_BAD_PKCS7_TYPE);
1000 return NULL;
1001 }
1002
1003 /* We have a DER encoded TST_INFO as the signed data. */
1004 tst_info_wrapper = enveloped->d.other;
1005 if (tst_info_wrapper->type != V_ASN1_OCTET_STRING) {
1006 TSerror(TS_R_BAD_TYPE);
1007 return NULL;
1008 }
1009
1010 /* We have the correct ASN1_OCTET_STRING type. */
1011 tst_info_der = tst_info_wrapper->value.octet_string;
1012 /* At last, decode the TST_INFO. */
1013 p = tst_info_der->data;
1014 return d2i_TS_TST_INFO(NULL, &p, tst_info_der->length);
1015 }
1016