1*de0e0e4dSAntonio Huete Jimenez /* $OpenBSD: ts_local.h,v 1.2 2022/09/11 17:31:19 tb Exp $ */ 2*de0e0e4dSAntonio Huete Jimenez /* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL 3*de0e0e4dSAntonio Huete Jimenez * project 2002, 2003, 2004. 4*de0e0e4dSAntonio Huete Jimenez */ 5*de0e0e4dSAntonio Huete Jimenez /* ==================================================================== 6*de0e0e4dSAntonio Huete Jimenez * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 7*de0e0e4dSAntonio Huete Jimenez * 8*de0e0e4dSAntonio Huete Jimenez * Redistribution and use in source and binary forms, with or without 9*de0e0e4dSAntonio Huete Jimenez * modification, are permitted provided that the following conditions 10*de0e0e4dSAntonio Huete Jimenez * are met: 11*de0e0e4dSAntonio Huete Jimenez * 12*de0e0e4dSAntonio Huete Jimenez * 1. Redistributions of source code must retain the above copyright 13*de0e0e4dSAntonio Huete Jimenez * notice, this list of conditions and the following disclaimer. 14*de0e0e4dSAntonio Huete Jimenez * 15*de0e0e4dSAntonio Huete Jimenez * 2. Redistributions in binary form must reproduce the above copyright 16*de0e0e4dSAntonio Huete Jimenez * notice, this list of conditions and the following disclaimer in 17*de0e0e4dSAntonio Huete Jimenez * the documentation and/or other materials provided with the 18*de0e0e4dSAntonio Huete Jimenez * distribution. 19*de0e0e4dSAntonio Huete Jimenez * 20*de0e0e4dSAntonio Huete Jimenez * 3. All advertising materials mentioning features or use of this 21*de0e0e4dSAntonio Huete Jimenez * software must display the following acknowledgment: 22*de0e0e4dSAntonio Huete Jimenez * "This product includes software developed by the OpenSSL Project 23*de0e0e4dSAntonio Huete Jimenez * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24*de0e0e4dSAntonio Huete Jimenez * 25*de0e0e4dSAntonio Huete Jimenez * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26*de0e0e4dSAntonio Huete Jimenez * endorse or promote products derived from this software without 27*de0e0e4dSAntonio Huete Jimenez * prior written permission. For written permission, please contact 28*de0e0e4dSAntonio Huete Jimenez * licensing@OpenSSL.org. 29*de0e0e4dSAntonio Huete Jimenez * 30*de0e0e4dSAntonio Huete Jimenez * 5. Products derived from this software may not be called "OpenSSL" 31*de0e0e4dSAntonio Huete Jimenez * nor may "OpenSSL" appear in their names without prior written 32*de0e0e4dSAntonio Huete Jimenez * permission of the OpenSSL Project. 33*de0e0e4dSAntonio Huete Jimenez * 34*de0e0e4dSAntonio Huete Jimenez * 6. Redistributions of any form whatsoever must retain the following 35*de0e0e4dSAntonio Huete Jimenez * acknowledgment: 36*de0e0e4dSAntonio Huete Jimenez * "This product includes software developed by the OpenSSL Project 37*de0e0e4dSAntonio Huete Jimenez * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38*de0e0e4dSAntonio Huete Jimenez * 39*de0e0e4dSAntonio Huete Jimenez * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40*de0e0e4dSAntonio Huete Jimenez * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41*de0e0e4dSAntonio Huete Jimenez * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42*de0e0e4dSAntonio Huete Jimenez * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43*de0e0e4dSAntonio Huete Jimenez * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44*de0e0e4dSAntonio Huete Jimenez * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45*de0e0e4dSAntonio Huete Jimenez * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46*de0e0e4dSAntonio Huete Jimenez * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47*de0e0e4dSAntonio Huete Jimenez * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48*de0e0e4dSAntonio Huete Jimenez * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49*de0e0e4dSAntonio Huete Jimenez * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50*de0e0e4dSAntonio Huete Jimenez * OF THE POSSIBILITY OF SUCH DAMAGE. 51*de0e0e4dSAntonio Huete Jimenez * ==================================================================== 52*de0e0e4dSAntonio Huete Jimenez * 53*de0e0e4dSAntonio Huete Jimenez * This product includes cryptographic software written by Eric Young 54*de0e0e4dSAntonio Huete Jimenez * (eay@cryptsoft.com). This product includes software written by Tim 55*de0e0e4dSAntonio Huete Jimenez * Hudson (tjh@cryptsoft.com). 56*de0e0e4dSAntonio Huete Jimenez * 57*de0e0e4dSAntonio Huete Jimenez */ 58*de0e0e4dSAntonio Huete Jimenez 59*de0e0e4dSAntonio Huete Jimenez #ifndef HEADER_TS_LOCAL_H 60*de0e0e4dSAntonio Huete Jimenez #define HEADER_TS_LOCAL_H 61*de0e0e4dSAntonio Huete Jimenez 62*de0e0e4dSAntonio Huete Jimenez __BEGIN_HIDDEN_DECLS 63*de0e0e4dSAntonio Huete Jimenez 64*de0e0e4dSAntonio Huete Jimenez /* 65*de0e0e4dSAntonio Huete Jimenez * MessageImprint ::= SEQUENCE { 66*de0e0e4dSAntonio Huete Jimenez * hashAlgorithm AlgorithmIdentifier, 67*de0e0e4dSAntonio Huete Jimenez * hashedMessage OCTET STRING } 68*de0e0e4dSAntonio Huete Jimenez */ 69*de0e0e4dSAntonio Huete Jimenez 70*de0e0e4dSAntonio Huete Jimenez struct TS_msg_imprint_st { 71*de0e0e4dSAntonio Huete Jimenez X509_ALGOR *hash_algo; 72*de0e0e4dSAntonio Huete Jimenez ASN1_OCTET_STRING *hashed_msg; 73*de0e0e4dSAntonio Huete Jimenez }; 74*de0e0e4dSAntonio Huete Jimenez 75*de0e0e4dSAntonio Huete Jimenez /* 76*de0e0e4dSAntonio Huete Jimenez * TimeStampReq ::= SEQUENCE { 77*de0e0e4dSAntonio Huete Jimenez * version INTEGER { v1(1) }, 78*de0e0e4dSAntonio Huete Jimenez * messageImprint MessageImprint, 79*de0e0e4dSAntonio Huete Jimenez * --a hash algorithm OID and the hash value of the data to be 80*de0e0e4dSAntonio Huete Jimenez * --time-stamped 81*de0e0e4dSAntonio Huete Jimenez * reqPolicy TSAPolicyId OPTIONAL, 82*de0e0e4dSAntonio Huete Jimenez * nonce INTEGER OPTIONAL, 83*de0e0e4dSAntonio Huete Jimenez * certReq BOOLEAN DEFAULT FALSE, 84*de0e0e4dSAntonio Huete Jimenez * extensions [0] IMPLICIT Extensions OPTIONAL } 85*de0e0e4dSAntonio Huete Jimenez */ 86*de0e0e4dSAntonio Huete Jimenez 87*de0e0e4dSAntonio Huete Jimenez struct TS_req_st { 88*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *version; 89*de0e0e4dSAntonio Huete Jimenez TS_MSG_IMPRINT *msg_imprint; 90*de0e0e4dSAntonio Huete Jimenez ASN1_OBJECT *policy_id; /* OPTIONAL */ 91*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *nonce; /* OPTIONAL */ 92*de0e0e4dSAntonio Huete Jimenez ASN1_BOOLEAN cert_req; /* DEFAULT FALSE */ 93*de0e0e4dSAntonio Huete Jimenez STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */ 94*de0e0e4dSAntonio Huete Jimenez }; 95*de0e0e4dSAntonio Huete Jimenez 96*de0e0e4dSAntonio Huete Jimenez /* 97*de0e0e4dSAntonio Huete Jimenez * Accuracy ::= SEQUENCE { 98*de0e0e4dSAntonio Huete Jimenez * seconds INTEGER OPTIONAL, 99*de0e0e4dSAntonio Huete Jimenez * millis [0] INTEGER (1..999) OPTIONAL, 100*de0e0e4dSAntonio Huete Jimenez * micros [1] INTEGER (1..999) OPTIONAL } 101*de0e0e4dSAntonio Huete Jimenez */ 102*de0e0e4dSAntonio Huete Jimenez 103*de0e0e4dSAntonio Huete Jimenez struct TS_accuracy_st { 104*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *seconds; 105*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *millis; 106*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *micros; 107*de0e0e4dSAntonio Huete Jimenez }; 108*de0e0e4dSAntonio Huete Jimenez 109*de0e0e4dSAntonio Huete Jimenez /* 110*de0e0e4dSAntonio Huete Jimenez * TSTInfo ::= SEQUENCE { 111*de0e0e4dSAntonio Huete Jimenez * version INTEGER { v1(1) }, 112*de0e0e4dSAntonio Huete Jimenez * policy TSAPolicyId, 113*de0e0e4dSAntonio Huete Jimenez * messageImprint MessageImprint, 114*de0e0e4dSAntonio Huete Jimenez * -- MUST have the same value as the similar field in 115*de0e0e4dSAntonio Huete Jimenez * -- TimeStampReq 116*de0e0e4dSAntonio Huete Jimenez * serialNumber INTEGER, 117*de0e0e4dSAntonio Huete Jimenez * -- Time-Stamping users MUST be ready to accommodate integers 118*de0e0e4dSAntonio Huete Jimenez * -- up to 160 bits. 119*de0e0e4dSAntonio Huete Jimenez * genTime GeneralizedTime, 120*de0e0e4dSAntonio Huete Jimenez * accuracy Accuracy OPTIONAL, 121*de0e0e4dSAntonio Huete Jimenez * ordering BOOLEAN DEFAULT FALSE, 122*de0e0e4dSAntonio Huete Jimenez * nonce INTEGER OPTIONAL, 123*de0e0e4dSAntonio Huete Jimenez * -- MUST be present if the similar field was present 124*de0e0e4dSAntonio Huete Jimenez * -- in TimeStampReq. In that case it MUST have the same value. 125*de0e0e4dSAntonio Huete Jimenez * tsa [0] GeneralName OPTIONAL, 126*de0e0e4dSAntonio Huete Jimenez * extensions [1] IMPLICIT Extensions OPTIONAL } 127*de0e0e4dSAntonio Huete Jimenez */ 128*de0e0e4dSAntonio Huete Jimenez 129*de0e0e4dSAntonio Huete Jimenez struct TS_tst_info_st { 130*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *version; 131*de0e0e4dSAntonio Huete Jimenez ASN1_OBJECT *policy_id; 132*de0e0e4dSAntonio Huete Jimenez TS_MSG_IMPRINT *msg_imprint; 133*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *serial; 134*de0e0e4dSAntonio Huete Jimenez ASN1_GENERALIZEDTIME *time; 135*de0e0e4dSAntonio Huete Jimenez TS_ACCURACY *accuracy; 136*de0e0e4dSAntonio Huete Jimenez ASN1_BOOLEAN ordering; 137*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *nonce; 138*de0e0e4dSAntonio Huete Jimenez GENERAL_NAME *tsa; 139*de0e0e4dSAntonio Huete Jimenez STACK_OF(X509_EXTENSION) *extensions; 140*de0e0e4dSAntonio Huete Jimenez }; 141*de0e0e4dSAntonio Huete Jimenez 142*de0e0e4dSAntonio Huete Jimenez /* 143*de0e0e4dSAntonio Huete Jimenez * PKIStatusInfo ::= SEQUENCE { 144*de0e0e4dSAntonio Huete Jimenez * status PKIStatus, 145*de0e0e4dSAntonio Huete Jimenez * statusString PKIFreeText OPTIONAL, 146*de0e0e4dSAntonio Huete Jimenez * failInfo PKIFailureInfo OPTIONAL } 147*de0e0e4dSAntonio Huete Jimenez * 148*de0e0e4dSAntonio Huete Jimenez * From RFC 1510 - section 3.1.1: 149*de0e0e4dSAntonio Huete Jimenez * PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String 150*de0e0e4dSAntonio Huete Jimenez * -- text encoded as UTF-8 String (note: each UTF8String SHOULD 151*de0e0e4dSAntonio Huete Jimenez * -- include an RFC 1766 language tag to indicate the language 152*de0e0e4dSAntonio Huete Jimenez * -- of the contained text) 153*de0e0e4dSAntonio Huete Jimenez */ 154*de0e0e4dSAntonio Huete Jimenez 155*de0e0e4dSAntonio Huete Jimenez struct TS_status_info_st { 156*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *status; 157*de0e0e4dSAntonio Huete Jimenez STACK_OF(ASN1_UTF8STRING) *text; 158*de0e0e4dSAntonio Huete Jimenez ASN1_BIT_STRING *failure_info; 159*de0e0e4dSAntonio Huete Jimenez }; 160*de0e0e4dSAntonio Huete Jimenez 161*de0e0e4dSAntonio Huete Jimenez /* 162*de0e0e4dSAntonio Huete Jimenez * TimeStampResp ::= SEQUENCE { 163*de0e0e4dSAntonio Huete Jimenez * status PKIStatusInfo, 164*de0e0e4dSAntonio Huete Jimenez * timeStampToken TimeStampToken OPTIONAL } 165*de0e0e4dSAntonio Huete Jimenez */ 166*de0e0e4dSAntonio Huete Jimenez 167*de0e0e4dSAntonio Huete Jimenez struct TS_resp_st { 168*de0e0e4dSAntonio Huete Jimenez TS_STATUS_INFO *status_info; 169*de0e0e4dSAntonio Huete Jimenez PKCS7 *token; 170*de0e0e4dSAntonio Huete Jimenez TS_TST_INFO *tst_info; 171*de0e0e4dSAntonio Huete Jimenez }; 172*de0e0e4dSAntonio Huete Jimenez 173*de0e0e4dSAntonio Huete Jimenez /* The structure below would belong to the ESS component. */ 174*de0e0e4dSAntonio Huete Jimenez 175*de0e0e4dSAntonio Huete Jimenez /* 176*de0e0e4dSAntonio Huete Jimenez * IssuerSerial ::= SEQUENCE { 177*de0e0e4dSAntonio Huete Jimenez * issuer GeneralNames, 178*de0e0e4dSAntonio Huete Jimenez * serialNumber CertificateSerialNumber 179*de0e0e4dSAntonio Huete Jimenez * } 180*de0e0e4dSAntonio Huete Jimenez */ 181*de0e0e4dSAntonio Huete Jimenez 182*de0e0e4dSAntonio Huete Jimenez struct ESS_issuer_serial { 183*de0e0e4dSAntonio Huete Jimenez STACK_OF(GENERAL_NAME) *issuer; 184*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *serial; 185*de0e0e4dSAntonio Huete Jimenez }; 186*de0e0e4dSAntonio Huete Jimenez 187*de0e0e4dSAntonio Huete Jimenez /* 188*de0e0e4dSAntonio Huete Jimenez * ESSCertID ::= SEQUENCE { 189*de0e0e4dSAntonio Huete Jimenez * certHash Hash, 190*de0e0e4dSAntonio Huete Jimenez * issuerSerial IssuerSerial OPTIONAL 191*de0e0e4dSAntonio Huete Jimenez * } 192*de0e0e4dSAntonio Huete Jimenez */ 193*de0e0e4dSAntonio Huete Jimenez 194*de0e0e4dSAntonio Huete Jimenez struct ESS_cert_id { 195*de0e0e4dSAntonio Huete Jimenez ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */ 196*de0e0e4dSAntonio Huete Jimenez ESS_ISSUER_SERIAL *issuer_serial; 197*de0e0e4dSAntonio Huete Jimenez }; 198*de0e0e4dSAntonio Huete Jimenez 199*de0e0e4dSAntonio Huete Jimenez /* 200*de0e0e4dSAntonio Huete Jimenez * SigningCertificate ::= SEQUENCE { 201*de0e0e4dSAntonio Huete Jimenez * certs SEQUENCE OF ESSCertID, 202*de0e0e4dSAntonio Huete Jimenez * policies SEQUENCE OF PolicyInformation OPTIONAL 203*de0e0e4dSAntonio Huete Jimenez * } 204*de0e0e4dSAntonio Huete Jimenez */ 205*de0e0e4dSAntonio Huete Jimenez 206*de0e0e4dSAntonio Huete Jimenez struct ESS_signing_cert { 207*de0e0e4dSAntonio Huete Jimenez STACK_OF(ESS_CERT_ID) *cert_ids; 208*de0e0e4dSAntonio Huete Jimenez STACK_OF(POLICYINFO) *policy_info; 209*de0e0e4dSAntonio Huete Jimenez }; 210*de0e0e4dSAntonio Huete Jimenez 211*de0e0e4dSAntonio Huete Jimenez /* 212*de0e0e4dSAntonio Huete Jimenez * ESSCertIDv2 ::= SEQUENCE { 213*de0e0e4dSAntonio Huete Jimenez * hashAlgorithm AlgorithmIdentifier 214*de0e0e4dSAntonio Huete Jimenez * DEFAULT {algorithm id-sha256}, 215*de0e0e4dSAntonio Huete Jimenez * certHash Hash, 216*de0e0e4dSAntonio Huete Jimenez * issuerSerial IssuerSerial OPTIONAL } 217*de0e0e4dSAntonio Huete Jimenez */ 218*de0e0e4dSAntonio Huete Jimenez 219*de0e0e4dSAntonio Huete Jimenez struct ESS_cert_id_v2 { 220*de0e0e4dSAntonio Huete Jimenez X509_ALGOR *hash_alg; /* Default SHA-256. */ 221*de0e0e4dSAntonio Huete Jimenez ASN1_OCTET_STRING *hash; 222*de0e0e4dSAntonio Huete Jimenez ESS_ISSUER_SERIAL *issuer_serial; 223*de0e0e4dSAntonio Huete Jimenez }; 224*de0e0e4dSAntonio Huete Jimenez 225*de0e0e4dSAntonio Huete Jimenez /* 226*de0e0e4dSAntonio Huete Jimenez * SigningCertificateV2 ::= SEQUENCE { 227*de0e0e4dSAntonio Huete Jimenez * certs SEQUENCE OF ESSCertIDv2, 228*de0e0e4dSAntonio Huete Jimenez * policies SEQUENCE OF PolicyInformation OPTIONAL } 229*de0e0e4dSAntonio Huete Jimenez */ 230*de0e0e4dSAntonio Huete Jimenez 231*de0e0e4dSAntonio Huete Jimenez struct ESS_signing_cert_v2 { 232*de0e0e4dSAntonio Huete Jimenez STACK_OF(ESS_CERT_ID_V2) *cert_ids; 233*de0e0e4dSAntonio Huete Jimenez STACK_OF(POLICYINFO) *policy_info; 234*de0e0e4dSAntonio Huete Jimenez }; 235*de0e0e4dSAntonio Huete Jimenez 236*de0e0e4dSAntonio Huete Jimenez struct TS_resp_ctx { 237*de0e0e4dSAntonio Huete Jimenez X509 *signer_cert; 238*de0e0e4dSAntonio Huete Jimenez EVP_PKEY *signer_key; 239*de0e0e4dSAntonio Huete Jimenez STACK_OF(X509) *certs; /* Certs to include in signed data. */ 240*de0e0e4dSAntonio Huete Jimenez STACK_OF(ASN1_OBJECT) *policies; /* Acceptable policies. */ 241*de0e0e4dSAntonio Huete Jimenez ASN1_OBJECT *default_policy; /* It may appear in policies, too. */ 242*de0e0e4dSAntonio Huete Jimenez STACK_OF(EVP_MD) *mds; /* Acceptable message digests. */ 243*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *seconds; /* accuracy, 0 means not specified. */ 244*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *millis; /* accuracy, 0 means not specified. */ 245*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *micros; /* accuracy, 0 means not specified. */ 246*de0e0e4dSAntonio Huete Jimenez unsigned clock_precision_digits; /* fraction of seconds in 247*de0e0e4dSAntonio Huete Jimenez time stamp token. */ 248*de0e0e4dSAntonio Huete Jimenez unsigned flags; /* Optional info, see values above. */ 249*de0e0e4dSAntonio Huete Jimenez 250*de0e0e4dSAntonio Huete Jimenez /* Callback functions. */ 251*de0e0e4dSAntonio Huete Jimenez TS_serial_cb serial_cb; 252*de0e0e4dSAntonio Huete Jimenez void *serial_cb_data; /* User data for serial_cb. */ 253*de0e0e4dSAntonio Huete Jimenez 254*de0e0e4dSAntonio Huete Jimenez TS_time_cb time_cb; 255*de0e0e4dSAntonio Huete Jimenez void *time_cb_data; /* User data for time_cb. */ 256*de0e0e4dSAntonio Huete Jimenez 257*de0e0e4dSAntonio Huete Jimenez TS_extension_cb extension_cb; 258*de0e0e4dSAntonio Huete Jimenez void *extension_cb_data; /* User data for extension_cb. */ 259*de0e0e4dSAntonio Huete Jimenez 260*de0e0e4dSAntonio Huete Jimenez /* These members are used only while creating the response. */ 261*de0e0e4dSAntonio Huete Jimenez TS_REQ *request; 262*de0e0e4dSAntonio Huete Jimenez TS_RESP *response; 263*de0e0e4dSAntonio Huete Jimenez TS_TST_INFO *tst_info; 264*de0e0e4dSAntonio Huete Jimenez }; 265*de0e0e4dSAntonio Huete Jimenez 266*de0e0e4dSAntonio Huete Jimenez /* Context structure for the generic verify method. */ 267*de0e0e4dSAntonio Huete Jimenez 268*de0e0e4dSAntonio Huete Jimenez struct TS_verify_ctx { 269*de0e0e4dSAntonio Huete Jimenez /* Set this to the union of TS_VFY_... flags you want to carry out. */ 270*de0e0e4dSAntonio Huete Jimenez unsigned flags; 271*de0e0e4dSAntonio Huete Jimenez 272*de0e0e4dSAntonio Huete Jimenez /* Must be set only with TS_VFY_SIGNATURE. certs is optional. */ 273*de0e0e4dSAntonio Huete Jimenez X509_STORE *store; 274*de0e0e4dSAntonio Huete Jimenez STACK_OF(X509) *certs; 275*de0e0e4dSAntonio Huete Jimenez 276*de0e0e4dSAntonio Huete Jimenez /* Must be set only with TS_VFY_POLICY. */ 277*de0e0e4dSAntonio Huete Jimenez ASN1_OBJECT *policy; 278*de0e0e4dSAntonio Huete Jimenez 279*de0e0e4dSAntonio Huete Jimenez /* Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, 280*de0e0e4dSAntonio Huete Jimenez the algorithm from the response is used. */ 281*de0e0e4dSAntonio Huete Jimenez X509_ALGOR *md_alg; 282*de0e0e4dSAntonio Huete Jimenez unsigned char *imprint; 283*de0e0e4dSAntonio Huete Jimenez unsigned imprint_len; 284*de0e0e4dSAntonio Huete Jimenez 285*de0e0e4dSAntonio Huete Jimenez /* Must be set only with TS_VFY_DATA. */ 286*de0e0e4dSAntonio Huete Jimenez BIO *data; 287*de0e0e4dSAntonio Huete Jimenez 288*de0e0e4dSAntonio Huete Jimenez /* Must be set only with TS_VFY_TSA_NAME. */ 289*de0e0e4dSAntonio Huete Jimenez ASN1_INTEGER *nonce; 290*de0e0e4dSAntonio Huete Jimenez 291*de0e0e4dSAntonio Huete Jimenez /* Must be set only with TS_VFY_TSA_NAME. */ 292*de0e0e4dSAntonio Huete Jimenez GENERAL_NAME *tsa_name; 293*de0e0e4dSAntonio Huete Jimenez }; 294*de0e0e4dSAntonio Huete Jimenez 295*de0e0e4dSAntonio Huete Jimenez /* 296*de0e0e4dSAntonio Huete Jimenez * Public OpenSSL API that we do not currently want to expose. 297*de0e0e4dSAntonio Huete Jimenez */ 298*de0e0e4dSAntonio Huete Jimenez 299*de0e0e4dSAntonio Huete Jimenez ESS_CERT_ID_V2 *ESS_CERT_ID_V2_new(void); 300*de0e0e4dSAntonio Huete Jimenez void ESS_CERT_ID_V2_free(ESS_CERT_ID_V2 *a); 301*de0e0e4dSAntonio Huete Jimenez int i2d_ESS_CERT_ID_V2(const ESS_CERT_ID_V2 *a, unsigned char **pp); 302*de0e0e4dSAntonio Huete Jimenez ESS_CERT_ID_V2 *d2i_ESS_CERT_ID_V2(ESS_CERT_ID_V2 **a, const unsigned char **pp, 303*de0e0e4dSAntonio Huete Jimenez long length); 304*de0e0e4dSAntonio Huete Jimenez ESS_CERT_ID_V2 *ESS_CERT_ID_V2_dup(ESS_CERT_ID_V2 *a); 305*de0e0e4dSAntonio Huete Jimenez 306*de0e0e4dSAntonio Huete Jimenez ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new(void); 307*de0e0e4dSAntonio Huete Jimenez void ESS_SIGNING_CERT_V2_free(ESS_SIGNING_CERT_V2 *a); 308*de0e0e4dSAntonio Huete Jimenez int i2d_ESS_SIGNING_CERT_V2(const ESS_SIGNING_CERT_V2 *a, 309*de0e0e4dSAntonio Huete Jimenez unsigned char **pp); 310*de0e0e4dSAntonio Huete Jimenez ESS_SIGNING_CERT_V2 *d2i_ESS_SIGNING_CERT_V2(ESS_SIGNING_CERT_V2 **a, 311*de0e0e4dSAntonio Huete Jimenez const unsigned char **pp, long length); 312*de0e0e4dSAntonio Huete Jimenez ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_dup(ESS_SIGNING_CERT_V2 *a); 313*de0e0e4dSAntonio Huete Jimenez 314*de0e0e4dSAntonio Huete Jimenez __END_HIDDEN_DECLS 315*de0e0e4dSAntonio Huete Jimenez 316*de0e0e4dSAntonio Huete Jimenez #endif /* HEADER_TS_LOCAL_H */ 317