1 /* $OpenBSD: ts_asn1.c,v 1.13 2022/07/24 08:16:47 tb Exp $ */ 2 /* Written by Nils Larsch for the OpenSSL project 2004. 3 */ 4 /* ==================================================================== 5 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in 16 * the documentation and/or other materials provided with the 17 * distribution. 18 * 19 * 3. All advertising materials mentioning features or use of this 20 * software must display the following acknowledgment: 21 * "This product includes software developed by the OpenSSL Project 22 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 23 * 24 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 25 * endorse or promote products derived from this software without 26 * prior written permission. For written permission, please contact 27 * licensing@OpenSSL.org. 28 * 29 * 5. Products derived from this software may not be called "OpenSSL" 30 * nor may "OpenSSL" appear in their names without prior written 31 * permission of the OpenSSL Project. 32 * 33 * 6. Redistributions of any form whatsoever must retain the following 34 * acknowledgment: 35 * "This product includes software developed by the OpenSSL Project 36 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 37 * 38 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 39 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 41 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 42 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 43 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 45 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 49 * OF THE POSSIBILITY OF SUCH DAMAGE. 50 * ==================================================================== 51 * 52 * This product includes cryptographic software written by Eric Young 53 * (eay@cryptsoft.com). This product includes software written by Tim 54 * Hudson (tjh@cryptsoft.com). 55 * 56 */ 57 58 #include <openssl/opensslconf.h> 59 60 #include <openssl/ts.h> 61 #include <openssl/err.h> 62 #include <openssl/asn1t.h> 63 64 #include "ts_local.h" 65 66 static const ASN1_TEMPLATE TS_MSG_IMPRINT_seq_tt[] = { 67 { 68 .flags = 0, 69 .tag = 0, 70 .offset = offsetof(TS_MSG_IMPRINT, hash_algo), 71 .field_name = "hash_algo", 72 .item = &X509_ALGOR_it, 73 }, 74 { 75 .flags = 0, 76 .tag = 0, 77 .offset = offsetof(TS_MSG_IMPRINT, hashed_msg), 78 .field_name = "hashed_msg", 79 .item = &ASN1_OCTET_STRING_it, 80 }, 81 }; 82 83 const ASN1_ITEM TS_MSG_IMPRINT_it = { 84 .itype = ASN1_ITYPE_SEQUENCE, 85 .utype = V_ASN1_SEQUENCE, 86 .templates = TS_MSG_IMPRINT_seq_tt, 87 .tcount = sizeof(TS_MSG_IMPRINT_seq_tt) / sizeof(ASN1_TEMPLATE), 88 .funcs = NULL, 89 .size = sizeof(TS_MSG_IMPRINT), 90 .sname = "TS_MSG_IMPRINT", 91 }; 92 93 94 TS_MSG_IMPRINT * 95 d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a, const unsigned char **in, long len) 96 { 97 return (TS_MSG_IMPRINT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 98 &TS_MSG_IMPRINT_it); 99 } 100 101 int 102 i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **out) 103 { 104 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_MSG_IMPRINT_it); 105 } 106 107 TS_MSG_IMPRINT * 108 TS_MSG_IMPRINT_new(void) 109 { 110 return (TS_MSG_IMPRINT *)ASN1_item_new(&TS_MSG_IMPRINT_it); 111 } 112 113 void 114 TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a) 115 { 116 ASN1_item_free((ASN1_VALUE *)a, &TS_MSG_IMPRINT_it); 117 } 118 119 TS_MSG_IMPRINT * 120 TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *x) 121 { 122 return ASN1_item_dup(&TS_MSG_IMPRINT_it, x); 123 } 124 125 #ifndef OPENSSL_NO_BIO 126 TS_MSG_IMPRINT * 127 d2i_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT **a) 128 { 129 return ASN1_item_d2i_bio(&TS_MSG_IMPRINT_it, bp, a); 130 } 131 132 int 133 i2d_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT *a) 134 { 135 return ASN1_item_i2d_bio(&TS_MSG_IMPRINT_it, bp, a); 136 } 137 #endif 138 139 TS_MSG_IMPRINT * 140 d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a) 141 { 142 return ASN1_item_d2i_fp(&TS_MSG_IMPRINT_it, fp, a); 143 } 144 145 int 146 i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a) 147 { 148 return ASN1_item_i2d_fp(&TS_MSG_IMPRINT_it, fp, a); 149 } 150 151 static const ASN1_TEMPLATE TS_REQ_seq_tt[] = { 152 { 153 .flags = 0, 154 .tag = 0, 155 .offset = offsetof(TS_REQ, version), 156 .field_name = "version", 157 .item = &ASN1_INTEGER_it, 158 }, 159 { 160 .flags = 0, 161 .tag = 0, 162 .offset = offsetof(TS_REQ, msg_imprint), 163 .field_name = "msg_imprint", 164 .item = &TS_MSG_IMPRINT_it, 165 }, 166 { 167 .flags = ASN1_TFLG_OPTIONAL, 168 .tag = 0, 169 .offset = offsetof(TS_REQ, policy_id), 170 .field_name = "policy_id", 171 .item = &ASN1_OBJECT_it, 172 }, 173 { 174 .flags = ASN1_TFLG_OPTIONAL, 175 .tag = 0, 176 .offset = offsetof(TS_REQ, nonce), 177 .field_name = "nonce", 178 .item = &ASN1_INTEGER_it, 179 }, 180 { 181 .flags = ASN1_TFLG_OPTIONAL, 182 .tag = 0, 183 .offset = offsetof(TS_REQ, cert_req), 184 .field_name = "cert_req", 185 .item = &ASN1_FBOOLEAN_it, 186 }, 187 { 188 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, 189 .tag = 0, 190 .offset = offsetof(TS_REQ, extensions), 191 .field_name = "extensions", 192 .item = &X509_EXTENSION_it, 193 }, 194 }; 195 196 const ASN1_ITEM TS_REQ_it = { 197 .itype = ASN1_ITYPE_SEQUENCE, 198 .utype = V_ASN1_SEQUENCE, 199 .templates = TS_REQ_seq_tt, 200 .tcount = sizeof(TS_REQ_seq_tt) / sizeof(ASN1_TEMPLATE), 201 .funcs = NULL, 202 .size = sizeof(TS_REQ), 203 .sname = "TS_REQ", 204 }; 205 206 207 TS_REQ * 208 d2i_TS_REQ(TS_REQ **a, const unsigned char **in, long len) 209 { 210 return (TS_REQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 211 &TS_REQ_it); 212 } 213 214 int 215 i2d_TS_REQ(const TS_REQ *a, unsigned char **out) 216 { 217 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_REQ_it); 218 } 219 220 TS_REQ * 221 TS_REQ_new(void) 222 { 223 return (TS_REQ *)ASN1_item_new(&TS_REQ_it); 224 } 225 226 void 227 TS_REQ_free(TS_REQ *a) 228 { 229 ASN1_item_free((ASN1_VALUE *)a, &TS_REQ_it); 230 } 231 232 TS_REQ * 233 TS_REQ_dup(TS_REQ *x) 234 { 235 return ASN1_item_dup(&TS_REQ_it, x); 236 } 237 238 #ifndef OPENSSL_NO_BIO 239 TS_REQ * 240 d2i_TS_REQ_bio(BIO *bp, TS_REQ **a) 241 { 242 return ASN1_item_d2i_bio(&TS_REQ_it, bp, a); 243 } 244 245 int 246 i2d_TS_REQ_bio(BIO *bp, TS_REQ *a) 247 { 248 return ASN1_item_i2d_bio(&TS_REQ_it, bp, a); 249 } 250 #endif 251 252 TS_REQ * 253 d2i_TS_REQ_fp(FILE *fp, TS_REQ **a) 254 { 255 return ASN1_item_d2i_fp(&TS_REQ_it, fp, a); 256 } 257 258 int 259 i2d_TS_REQ_fp(FILE *fp, TS_REQ *a) 260 { 261 return ASN1_item_i2d_fp(&TS_REQ_it, fp, a); 262 } 263 264 static const ASN1_TEMPLATE TS_ACCURACY_seq_tt[] = { 265 { 266 .flags = ASN1_TFLG_OPTIONAL, 267 .tag = 0, 268 .offset = offsetof(TS_ACCURACY, seconds), 269 .field_name = "seconds", 270 .item = &ASN1_INTEGER_it, 271 }, 272 { 273 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, 274 .tag = 0, 275 .offset = offsetof(TS_ACCURACY, millis), 276 .field_name = "millis", 277 .item = &ASN1_INTEGER_it, 278 }, 279 { 280 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, 281 .tag = 1, 282 .offset = offsetof(TS_ACCURACY, micros), 283 .field_name = "micros", 284 .item = &ASN1_INTEGER_it, 285 }, 286 }; 287 288 const ASN1_ITEM TS_ACCURACY_it = { 289 .itype = ASN1_ITYPE_SEQUENCE, 290 .utype = V_ASN1_SEQUENCE, 291 .templates = TS_ACCURACY_seq_tt, 292 .tcount = sizeof(TS_ACCURACY_seq_tt) / sizeof(ASN1_TEMPLATE), 293 .funcs = NULL, 294 .size = sizeof(TS_ACCURACY), 295 .sname = "TS_ACCURACY", 296 }; 297 298 299 TS_ACCURACY * 300 d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **in, long len) 301 { 302 return (TS_ACCURACY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 303 &TS_ACCURACY_it); 304 } 305 306 int 307 i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **out) 308 { 309 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_ACCURACY_it); 310 } 311 312 TS_ACCURACY * 313 TS_ACCURACY_new(void) 314 { 315 return (TS_ACCURACY *)ASN1_item_new(&TS_ACCURACY_it); 316 } 317 318 void 319 TS_ACCURACY_free(TS_ACCURACY *a) 320 { 321 ASN1_item_free((ASN1_VALUE *)a, &TS_ACCURACY_it); 322 } 323 324 TS_ACCURACY * 325 TS_ACCURACY_dup(TS_ACCURACY *x) 326 { 327 return ASN1_item_dup(&TS_ACCURACY_it, x); 328 } 329 330 static const ASN1_TEMPLATE TS_TST_INFO_seq_tt[] = { 331 { 332 .flags = 0, 333 .tag = 0, 334 .offset = offsetof(TS_TST_INFO, version), 335 .field_name = "version", 336 .item = &ASN1_INTEGER_it, 337 }, 338 { 339 .flags = 0, 340 .tag = 0, 341 .offset = offsetof(TS_TST_INFO, policy_id), 342 .field_name = "policy_id", 343 .item = &ASN1_OBJECT_it, 344 }, 345 { 346 .flags = 0, 347 .tag = 0, 348 .offset = offsetof(TS_TST_INFO, msg_imprint), 349 .field_name = "msg_imprint", 350 .item = &TS_MSG_IMPRINT_it, 351 }, 352 { 353 .flags = 0, 354 .tag = 0, 355 .offset = offsetof(TS_TST_INFO, serial), 356 .field_name = "serial", 357 .item = &ASN1_INTEGER_it, 358 }, 359 { 360 .flags = 0, 361 .tag = 0, 362 .offset = offsetof(TS_TST_INFO, time), 363 .field_name = "time", 364 .item = &ASN1_GENERALIZEDTIME_it, 365 }, 366 { 367 .flags = ASN1_TFLG_OPTIONAL, 368 .tag = 0, 369 .offset = offsetof(TS_TST_INFO, accuracy), 370 .field_name = "accuracy", 371 .item = &TS_ACCURACY_it, 372 }, 373 { 374 .flags = ASN1_TFLG_OPTIONAL, 375 .tag = 0, 376 .offset = offsetof(TS_TST_INFO, ordering), 377 .field_name = "ordering", 378 .item = &ASN1_FBOOLEAN_it, 379 }, 380 { 381 .flags = ASN1_TFLG_OPTIONAL, 382 .tag = 0, 383 .offset = offsetof(TS_TST_INFO, nonce), 384 .field_name = "nonce", 385 .item = &ASN1_INTEGER_it, 386 }, 387 { 388 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, 389 .tag = 0, 390 .offset = offsetof(TS_TST_INFO, tsa), 391 .field_name = "tsa", 392 .item = &GENERAL_NAME_it, 393 }, 394 { 395 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, 396 .tag = 1, 397 .offset = offsetof(TS_TST_INFO, extensions), 398 .field_name = "extensions", 399 .item = &X509_EXTENSION_it, 400 }, 401 }; 402 403 const ASN1_ITEM TS_TST_INFO_it = { 404 .itype = ASN1_ITYPE_SEQUENCE, 405 .utype = V_ASN1_SEQUENCE, 406 .templates = TS_TST_INFO_seq_tt, 407 .tcount = sizeof(TS_TST_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), 408 .funcs = NULL, 409 .size = sizeof(TS_TST_INFO), 410 .sname = "TS_TST_INFO", 411 }; 412 413 414 TS_TST_INFO * 415 d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **in, long len) 416 { 417 return (TS_TST_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 418 &TS_TST_INFO_it); 419 } 420 421 int 422 i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **out) 423 { 424 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_TST_INFO_it); 425 } 426 427 TS_TST_INFO * 428 TS_TST_INFO_new(void) 429 { 430 return (TS_TST_INFO *)ASN1_item_new(&TS_TST_INFO_it); 431 } 432 433 void 434 TS_TST_INFO_free(TS_TST_INFO *a) 435 { 436 ASN1_item_free((ASN1_VALUE *)a, &TS_TST_INFO_it); 437 } 438 439 TS_TST_INFO * 440 TS_TST_INFO_dup(TS_TST_INFO *x) 441 { 442 return ASN1_item_dup(&TS_TST_INFO_it, x); 443 } 444 445 #ifndef OPENSSL_NO_BIO 446 TS_TST_INFO * 447 d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a) 448 { 449 return ASN1_item_d2i_bio(&TS_TST_INFO_it, bp, a); 450 } 451 452 int 453 i2d_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO *a) 454 { 455 return ASN1_item_i2d_bio(&TS_TST_INFO_it, bp, a); 456 } 457 #endif 458 459 TS_TST_INFO * 460 d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a) 461 { 462 return ASN1_item_d2i_fp(&TS_TST_INFO_it, fp, a); 463 } 464 465 int 466 i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a) 467 { 468 return ASN1_item_i2d_fp(&TS_TST_INFO_it, fp, a); 469 } 470 471 static const ASN1_TEMPLATE TS_STATUS_INFO_seq_tt[] = { 472 { 473 .flags = 0, 474 .tag = 0, 475 .offset = offsetof(TS_STATUS_INFO, status), 476 .field_name = "status", 477 .item = &ASN1_INTEGER_it, 478 }, 479 { 480 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, 481 .tag = 0, 482 .offset = offsetof(TS_STATUS_INFO, text), 483 .field_name = "text", 484 .item = &ASN1_UTF8STRING_it, 485 }, 486 { 487 .flags = ASN1_TFLG_OPTIONAL, 488 .tag = 0, 489 .offset = offsetof(TS_STATUS_INFO, failure_info), 490 .field_name = "failure_info", 491 .item = &ASN1_BIT_STRING_it, 492 }, 493 }; 494 495 const ASN1_ITEM TS_STATUS_INFO_it = { 496 .itype = ASN1_ITYPE_SEQUENCE, 497 .utype = V_ASN1_SEQUENCE, 498 .templates = TS_STATUS_INFO_seq_tt, 499 .tcount = sizeof(TS_STATUS_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), 500 .funcs = NULL, 501 .size = sizeof(TS_STATUS_INFO), 502 .sname = "TS_STATUS_INFO", 503 }; 504 505 506 TS_STATUS_INFO * 507 d2i_TS_STATUS_INFO(TS_STATUS_INFO **a, const unsigned char **in, long len) 508 { 509 return (TS_STATUS_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 510 &TS_STATUS_INFO_it); 511 } 512 513 int 514 i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **out) 515 { 516 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_STATUS_INFO_it); 517 } 518 519 TS_STATUS_INFO * 520 TS_STATUS_INFO_new(void) 521 { 522 return (TS_STATUS_INFO *)ASN1_item_new(&TS_STATUS_INFO_it); 523 } 524 525 void 526 TS_STATUS_INFO_free(TS_STATUS_INFO *a) 527 { 528 ASN1_item_free((ASN1_VALUE *)a, &TS_STATUS_INFO_it); 529 } 530 531 TS_STATUS_INFO * 532 TS_STATUS_INFO_dup(TS_STATUS_INFO *x) 533 { 534 return ASN1_item_dup(&TS_STATUS_INFO_it, x); 535 } 536 537 static int 538 ts_resp_set_tst_info(TS_RESP *a) 539 { 540 long status; 541 542 status = ASN1_INTEGER_get(a->status_info->status); 543 544 if (a->token) { 545 if (status != 0 && status != 1) { 546 TSerror(TS_R_TOKEN_PRESENT); 547 return 0; 548 } 549 if (a->tst_info != NULL) 550 TS_TST_INFO_free(a->tst_info); 551 a->tst_info = PKCS7_to_TS_TST_INFO(a->token); 552 if (!a->tst_info) { 553 TSerror(TS_R_PKCS7_TO_TS_TST_INFO_FAILED); 554 return 0; 555 } 556 } else if (status == 0 || status == 1) { 557 TSerror(TS_R_TOKEN_NOT_PRESENT); 558 return 0; 559 } 560 561 return 1; 562 } 563 564 static int 565 ts_resp_cb(int op, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) 566 { 567 TS_RESP *ts_resp = (TS_RESP *)*pval; 568 569 if (op == ASN1_OP_NEW_POST) { 570 ts_resp->tst_info = NULL; 571 } else if (op == ASN1_OP_FREE_POST) { 572 if (ts_resp->tst_info != NULL) 573 TS_TST_INFO_free(ts_resp->tst_info); 574 } else if (op == ASN1_OP_D2I_POST) { 575 if (ts_resp_set_tst_info(ts_resp) == 0) 576 return 0; 577 } 578 return 1; 579 } 580 581 static const ASN1_AUX TS_RESP_aux = { 582 .app_data = NULL, 583 .flags = 0, 584 .ref_offset = 0, 585 .ref_lock = 0, 586 .asn1_cb = ts_resp_cb, 587 .enc_offset = 0, 588 }; 589 static const ASN1_TEMPLATE TS_RESP_seq_tt[] = { 590 { 591 .flags = 0, 592 .tag = 0, 593 .offset = offsetof(TS_RESP, status_info), 594 .field_name = "status_info", 595 .item = &TS_STATUS_INFO_it, 596 }, 597 { 598 .flags = ASN1_TFLG_OPTIONAL, 599 .tag = 0, 600 .offset = offsetof(TS_RESP, token), 601 .field_name = "token", 602 .item = &PKCS7_it, 603 }, 604 }; 605 606 const ASN1_ITEM TS_RESP_it = { 607 .itype = ASN1_ITYPE_SEQUENCE, 608 .utype = V_ASN1_SEQUENCE, 609 .templates = TS_RESP_seq_tt, 610 .tcount = sizeof(TS_RESP_seq_tt) / sizeof(ASN1_TEMPLATE), 611 .funcs = &TS_RESP_aux, 612 .size = sizeof(TS_RESP), 613 .sname = "TS_RESP", 614 }; 615 616 617 TS_RESP * 618 d2i_TS_RESP(TS_RESP **a, const unsigned char **in, long len) 619 { 620 return (TS_RESP *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 621 &TS_RESP_it); 622 } 623 624 int 625 i2d_TS_RESP(const TS_RESP *a, unsigned char **out) 626 { 627 return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_RESP_it); 628 } 629 630 TS_RESP * 631 TS_RESP_new(void) 632 { 633 return (TS_RESP *)ASN1_item_new(&TS_RESP_it); 634 } 635 636 void 637 TS_RESP_free(TS_RESP *a) 638 { 639 ASN1_item_free((ASN1_VALUE *)a, &TS_RESP_it); 640 } 641 642 TS_RESP * 643 TS_RESP_dup(TS_RESP *x) 644 { 645 return ASN1_item_dup(&TS_RESP_it, x); 646 } 647 648 #ifndef OPENSSL_NO_BIO 649 TS_RESP * 650 d2i_TS_RESP_bio(BIO *bp, TS_RESP **a) 651 { 652 return ASN1_item_d2i_bio(&TS_RESP_it, bp, a); 653 } 654 655 int 656 i2d_TS_RESP_bio(BIO *bp, TS_RESP *a) 657 { 658 return ASN1_item_i2d_bio(&TS_RESP_it, bp, a); 659 } 660 #endif 661 662 TS_RESP * 663 d2i_TS_RESP_fp(FILE *fp, TS_RESP **a) 664 { 665 return ASN1_item_d2i_fp(&TS_RESP_it, fp, a); 666 } 667 668 int 669 i2d_TS_RESP_fp(FILE *fp, TS_RESP *a) 670 { 671 return ASN1_item_i2d_fp(&TS_RESP_it, fp, a); 672 } 673 674 static const ASN1_TEMPLATE ESS_ISSUER_SERIAL_seq_tt[] = { 675 { 676 .flags = ASN1_TFLG_SEQUENCE_OF, 677 .tag = 0, 678 .offset = offsetof(ESS_ISSUER_SERIAL, issuer), 679 .field_name = "issuer", 680 .item = &GENERAL_NAME_it, 681 }, 682 { 683 .flags = 0, 684 .tag = 0, 685 .offset = offsetof(ESS_ISSUER_SERIAL, serial), 686 .field_name = "serial", 687 .item = &ASN1_INTEGER_it, 688 }, 689 }; 690 691 const ASN1_ITEM ESS_ISSUER_SERIAL_it = { 692 .itype = ASN1_ITYPE_SEQUENCE, 693 .utype = V_ASN1_SEQUENCE, 694 .templates = ESS_ISSUER_SERIAL_seq_tt, 695 .tcount = sizeof(ESS_ISSUER_SERIAL_seq_tt) / sizeof(ASN1_TEMPLATE), 696 .funcs = NULL, 697 .size = sizeof(ESS_ISSUER_SERIAL), 698 .sname = "ESS_ISSUER_SERIAL", 699 }; 700 701 702 ESS_ISSUER_SERIAL * 703 d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a, const unsigned char **in, long len) 704 { 705 return (ESS_ISSUER_SERIAL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 706 &ESS_ISSUER_SERIAL_it); 707 } 708 709 int 710 i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **out) 711 { 712 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_ISSUER_SERIAL_it); 713 } 714 715 ESS_ISSUER_SERIAL * 716 ESS_ISSUER_SERIAL_new(void) 717 { 718 return (ESS_ISSUER_SERIAL *)ASN1_item_new(&ESS_ISSUER_SERIAL_it); 719 } 720 721 void 722 ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a) 723 { 724 ASN1_item_free((ASN1_VALUE *)a, &ESS_ISSUER_SERIAL_it); 725 } 726 727 ESS_ISSUER_SERIAL * 728 ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *x) 729 { 730 return ASN1_item_dup(&ESS_ISSUER_SERIAL_it, x); 731 } 732 733 static const ASN1_TEMPLATE ESS_CERT_ID_seq_tt[] = { 734 { 735 .flags = 0, 736 .tag = 0, 737 .offset = offsetof(ESS_CERT_ID, hash), 738 .field_name = "hash", 739 .item = &ASN1_OCTET_STRING_it, 740 }, 741 { 742 .flags = ASN1_TFLG_OPTIONAL, 743 .tag = 0, 744 .offset = offsetof(ESS_CERT_ID, issuer_serial), 745 .field_name = "issuer_serial", 746 .item = &ESS_ISSUER_SERIAL_it, 747 }, 748 }; 749 750 const ASN1_ITEM ESS_CERT_ID_it = { 751 .itype = ASN1_ITYPE_SEQUENCE, 752 .utype = V_ASN1_SEQUENCE, 753 .templates = ESS_CERT_ID_seq_tt, 754 .tcount = sizeof(ESS_CERT_ID_seq_tt) / sizeof(ASN1_TEMPLATE), 755 .funcs = NULL, 756 .size = sizeof(ESS_CERT_ID), 757 .sname = "ESS_CERT_ID", 758 }; 759 760 761 ESS_CERT_ID * 762 d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **in, long len) 763 { 764 return (ESS_CERT_ID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 765 &ESS_CERT_ID_it); 766 } 767 768 int 769 i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **out) 770 { 771 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_CERT_ID_it); 772 } 773 774 ESS_CERT_ID * 775 ESS_CERT_ID_new(void) 776 { 777 return (ESS_CERT_ID *)ASN1_item_new(&ESS_CERT_ID_it); 778 } 779 780 void 781 ESS_CERT_ID_free(ESS_CERT_ID *a) 782 { 783 ASN1_item_free((ASN1_VALUE *)a, &ESS_CERT_ID_it); 784 } 785 786 ESS_CERT_ID * 787 ESS_CERT_ID_dup(ESS_CERT_ID *x) 788 { 789 return ASN1_item_dup(&ESS_CERT_ID_it, x); 790 } 791 792 static const ASN1_TEMPLATE ESS_SIGNING_CERT_seq_tt[] = { 793 { 794 .flags = ASN1_TFLG_SEQUENCE_OF, 795 .tag = 0, 796 .offset = offsetof(ESS_SIGNING_CERT, cert_ids), 797 .field_name = "cert_ids", 798 .item = &ESS_CERT_ID_it, 799 }, 800 { 801 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, 802 .tag = 0, 803 .offset = offsetof(ESS_SIGNING_CERT, policy_info), 804 .field_name = "policy_info", 805 .item = &POLICYINFO_it, 806 }, 807 }; 808 809 const ASN1_ITEM ESS_SIGNING_CERT_it = { 810 .itype = ASN1_ITYPE_SEQUENCE, 811 .utype = V_ASN1_SEQUENCE, 812 .templates = ESS_SIGNING_CERT_seq_tt, 813 .tcount = sizeof(ESS_SIGNING_CERT_seq_tt) / sizeof(ASN1_TEMPLATE), 814 .funcs = NULL, 815 .size = sizeof(ESS_SIGNING_CERT), 816 .sname = "ESS_SIGNING_CERT", 817 }; 818 819 820 ESS_SIGNING_CERT * 821 d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a, const unsigned char **in, long len) 822 { 823 return (ESS_SIGNING_CERT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 824 &ESS_SIGNING_CERT_it); 825 } 826 827 int 828 i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **out) 829 { 830 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_SIGNING_CERT_it); 831 } 832 833 ESS_SIGNING_CERT * 834 ESS_SIGNING_CERT_new(void) 835 { 836 return (ESS_SIGNING_CERT *)ASN1_item_new(&ESS_SIGNING_CERT_it); 837 } 838 839 void 840 ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a) 841 { 842 ASN1_item_free((ASN1_VALUE *)a, &ESS_SIGNING_CERT_it); 843 } 844 845 ESS_SIGNING_CERT * 846 ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *x) 847 { 848 return ASN1_item_dup(&ESS_SIGNING_CERT_it, x); 849 } 850 851 static const ASN1_TEMPLATE ESS_CERT_ID_V2_seq_tt[] = { 852 { 853 .flags = ASN1_TFLG_OPTIONAL, 854 .tag = 0, 855 .offset = offsetof(ESS_CERT_ID_V2, hash_alg), 856 .field_name = "hash_alg", 857 .item = &X509_ALGOR_it, 858 }, 859 { 860 .flags = 0, 861 .tag = 0, 862 .offset = offsetof(ESS_CERT_ID_V2, hash), 863 .field_name = "hash", 864 .item = &ASN1_OCTET_STRING_it, 865 }, 866 { 867 .flags = ASN1_TFLG_OPTIONAL, 868 .tag = 0, 869 .offset = offsetof(ESS_CERT_ID_V2, issuer_serial), 870 .field_name = "issuer_serial", 871 .item = &ESS_ISSUER_SERIAL_it, 872 }, 873 }; 874 875 static const ASN1_ITEM ESS_CERT_ID_V2_it = { 876 .itype = ASN1_ITYPE_SEQUENCE, 877 .utype = V_ASN1_SEQUENCE, 878 .templates = ESS_CERT_ID_V2_seq_tt, 879 .tcount = sizeof(ESS_CERT_ID_V2_seq_tt) / sizeof(ASN1_TEMPLATE), 880 .funcs = NULL, 881 .size = sizeof(ESS_CERT_ID_V2), 882 .sname = "ESS_CERT_ID_V2", 883 }; 884 885 ESS_CERT_ID_V2 * 886 d2i_ESS_CERT_ID_V2(ESS_CERT_ID_V2 **a, const unsigned char **in, long len) 887 { 888 return (ESS_CERT_ID_V2 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 889 &ESS_CERT_ID_V2_it); 890 } 891 892 int 893 i2d_ESS_CERT_ID_V2(const ESS_CERT_ID_V2 *a, unsigned char **out) 894 { 895 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_CERT_ID_V2_it); 896 } 897 898 ESS_CERT_ID_V2 * 899 ESS_CERT_ID_V2_new(void) 900 { 901 return (ESS_CERT_ID_V2 *)ASN1_item_new(&ESS_CERT_ID_V2_it); 902 } 903 904 void 905 ESS_CERT_ID_V2_free(ESS_CERT_ID_V2 *a) 906 { 907 ASN1_item_free((ASN1_VALUE *)a, &ESS_CERT_ID_V2_it); 908 } 909 910 ESS_CERT_ID_V2 * 911 ESS_CERT_ID_V2_dup(ESS_CERT_ID_V2 *x) 912 { 913 return ASN1_item_dup(&ESS_CERT_ID_V2_it, x); 914 } 915 916 static const ASN1_TEMPLATE ESS_SIGNING_CERT_V2_seq_tt[] = { 917 { 918 .flags = ASN1_TFLG_SEQUENCE_OF, 919 .tag = 0, 920 .offset = offsetof(ESS_SIGNING_CERT_V2, cert_ids), 921 .field_name = "cert_ids", 922 .item = &ESS_CERT_ID_V2_it, 923 }, 924 { 925 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, 926 .tag = 0, 927 .offset = offsetof(ESS_SIGNING_CERT_V2, policy_info), 928 .field_name = "policy_info", 929 .item = &POLICYINFO_it, 930 }, 931 }; 932 933 static const ASN1_ITEM ESS_SIGNING_CERT_V2_it = { 934 .itype = ASN1_ITYPE_SEQUENCE, 935 .utype = V_ASN1_SEQUENCE, 936 .templates = ESS_SIGNING_CERT_V2_seq_tt, 937 .tcount = sizeof(ESS_SIGNING_CERT_V2_seq_tt) / sizeof(ASN1_TEMPLATE), 938 .funcs = NULL, 939 .size = sizeof(ESS_SIGNING_CERT_V2), 940 .sname = "ESS_SIGNING_CERT_V2", 941 }; 942 943 ESS_SIGNING_CERT_V2 * 944 d2i_ESS_SIGNING_CERT_V2(ESS_SIGNING_CERT_V2 **a, const unsigned char **in, long len) 945 { 946 return (ESS_SIGNING_CERT_V2 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, 947 &ESS_SIGNING_CERT_V2_it); 948 } 949 950 int 951 i2d_ESS_SIGNING_CERT_V2(const ESS_SIGNING_CERT_V2 *a, unsigned char **out) 952 { 953 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_SIGNING_CERT_V2_it); 954 } 955 956 ESS_SIGNING_CERT_V2 * 957 ESS_SIGNING_CERT_V2_new(void) 958 { 959 return (ESS_SIGNING_CERT_V2 *)ASN1_item_new(&ESS_SIGNING_CERT_V2_it); 960 } 961 962 void 963 ESS_SIGNING_CERT_V2_free(ESS_SIGNING_CERT_V2 *a) 964 { 965 ASN1_item_free((ASN1_VALUE *)a, &ESS_SIGNING_CERT_V2_it); 966 } 967 968 ESS_SIGNING_CERT_V2 * 969 ESS_SIGNING_CERT_V2_dup(ESS_SIGNING_CERT_V2 *x) 970 { 971 return ASN1_item_dup(&ESS_SIGNING_CERT_V2_it, x); 972 } 973 974 /* Getting encapsulated TS_TST_INFO object from PKCS7. */ 975 TS_TST_INFO * 976 PKCS7_to_TS_TST_INFO(PKCS7 *token) 977 { 978 PKCS7_SIGNED *pkcs7_signed; 979 PKCS7 *enveloped; 980 ASN1_TYPE *tst_info_wrapper; 981 ASN1_OCTET_STRING *tst_info_der; 982 const unsigned char *p; 983 984 if (!PKCS7_type_is_signed(token)) { 985 TSerror(TS_R_BAD_PKCS7_TYPE); 986 return NULL; 987 } 988 989 /* Content must be present. */ 990 if (PKCS7_get_detached(token)) { 991 TSerror(TS_R_DETACHED_CONTENT); 992 return NULL; 993 } 994 995 /* We have a signed data with content. */ 996 pkcs7_signed = token->d.sign; 997 enveloped = pkcs7_signed->contents; 998 if (OBJ_obj2nid(enveloped->type) != NID_id_smime_ct_TSTInfo) { 999 TSerror(TS_R_BAD_PKCS7_TYPE); 1000 return NULL; 1001 } 1002 1003 /* We have a DER encoded TST_INFO as the signed data. */ 1004 tst_info_wrapper = enveloped->d.other; 1005 if (tst_info_wrapper->type != V_ASN1_OCTET_STRING) { 1006 TSerror(TS_R_BAD_TYPE); 1007 return NULL; 1008 } 1009 1010 /* We have the correct ASN1_OCTET_STRING type. */ 1011 tst_info_der = tst_info_wrapper->value.octet_string; 1012 /* At last, decode the TST_INFO. */ 1013 p = tst_info_der->data; 1014 return d2i_TS_TST_INFO(NULL, &p, tst_info_der->length); 1015 } 1016