117f01e99SJung-uk Kim /* 2*b077aed3SPierre Pronchery * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. 317f01e99SJung-uk Kim * 4*b077aed3SPierre Pronchery * Licensed under the Apache License 2.0 (the "License"). You may not use 517f01e99SJung-uk Kim * this file except in compliance with the License. You can obtain a copy 617f01e99SJung-uk Kim * in the file LICENSE in the source distribution or at 717f01e99SJung-uk Kim * https://www.openssl.org/source/license.html 817f01e99SJung-uk Kim */ 917f01e99SJung-uk Kim 10*b077aed3SPierre Pronchery #include "crypto/x509.h" /* for ossl_x509_add_cert_new() */ 11*b077aed3SPierre Pronchery 1217f01e99SJung-uk Kim /*- CertID ::= SEQUENCE { 1317f01e99SJung-uk Kim * hashAlgorithm AlgorithmIdentifier, 1417f01e99SJung-uk Kim * issuerNameHash OCTET STRING, -- Hash of Issuer's DN 1517f01e99SJung-uk Kim * issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields) 1617f01e99SJung-uk Kim * serialNumber CertificateSerialNumber } 1717f01e99SJung-uk Kim */ 1817f01e99SJung-uk Kim struct ocsp_cert_id_st { 1917f01e99SJung-uk Kim X509_ALGOR hashAlgorithm; 2017f01e99SJung-uk Kim ASN1_OCTET_STRING issuerNameHash; 2117f01e99SJung-uk Kim ASN1_OCTET_STRING issuerKeyHash; 2217f01e99SJung-uk Kim ASN1_INTEGER serialNumber; 2317f01e99SJung-uk Kim }; 2417f01e99SJung-uk Kim 2517f01e99SJung-uk Kim /*- Request ::= SEQUENCE { 2617f01e99SJung-uk Kim * reqCert CertID, 2717f01e99SJung-uk Kim * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } 2817f01e99SJung-uk Kim */ 2917f01e99SJung-uk Kim struct ocsp_one_request_st { 3017f01e99SJung-uk Kim OCSP_CERTID *reqCert; 3117f01e99SJung-uk Kim STACK_OF(X509_EXTENSION) *singleRequestExtensions; 3217f01e99SJung-uk Kim }; 3317f01e99SJung-uk Kim 3417f01e99SJung-uk Kim /*- TBSRequest ::= SEQUENCE { 3517f01e99SJung-uk Kim * version [0] EXPLICIT Version DEFAULT v1, 3617f01e99SJung-uk Kim * requestorName [1] EXPLICIT GeneralName OPTIONAL, 3717f01e99SJung-uk Kim * requestList SEQUENCE OF Request, 3817f01e99SJung-uk Kim * requestExtensions [2] EXPLICIT Extensions OPTIONAL } 3917f01e99SJung-uk Kim */ 4017f01e99SJung-uk Kim struct ocsp_req_info_st { 4117f01e99SJung-uk Kim ASN1_INTEGER *version; 4217f01e99SJung-uk Kim GENERAL_NAME *requestorName; 4317f01e99SJung-uk Kim STACK_OF(OCSP_ONEREQ) *requestList; 4417f01e99SJung-uk Kim STACK_OF(X509_EXTENSION) *requestExtensions; 4517f01e99SJung-uk Kim }; 4617f01e99SJung-uk Kim 4717f01e99SJung-uk Kim /*- Signature ::= SEQUENCE { 4817f01e99SJung-uk Kim * signatureAlgorithm AlgorithmIdentifier, 4917f01e99SJung-uk Kim * signature BIT STRING, 5017f01e99SJung-uk Kim * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } 5117f01e99SJung-uk Kim */ 5217f01e99SJung-uk Kim struct ocsp_signature_st { 5317f01e99SJung-uk Kim X509_ALGOR signatureAlgorithm; 5417f01e99SJung-uk Kim ASN1_BIT_STRING *signature; 5517f01e99SJung-uk Kim STACK_OF(X509) *certs; 5617f01e99SJung-uk Kim }; 5717f01e99SJung-uk Kim 5817f01e99SJung-uk Kim /*- OCSPRequest ::= SEQUENCE { 5917f01e99SJung-uk Kim * tbsRequest TBSRequest, 6017f01e99SJung-uk Kim * optionalSignature [0] EXPLICIT Signature OPTIONAL } 6117f01e99SJung-uk Kim */ 6217f01e99SJung-uk Kim struct ocsp_request_st { 6317f01e99SJung-uk Kim OCSP_REQINFO tbsRequest; 6417f01e99SJung-uk Kim OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */ 6517f01e99SJung-uk Kim }; 6617f01e99SJung-uk Kim 6717f01e99SJung-uk Kim /*- OCSPResponseStatus ::= ENUMERATED { 6817f01e99SJung-uk Kim * successful (0), --Response has valid confirmations 6917f01e99SJung-uk Kim * malformedRequest (1), --Illegal confirmation request 7017f01e99SJung-uk Kim * internalError (2), --Internal error in issuer 7117f01e99SJung-uk Kim * tryLater (3), --Try again later 7217f01e99SJung-uk Kim * --(4) is not used 7317f01e99SJung-uk Kim * sigRequired (5), --Must sign the request 7417f01e99SJung-uk Kim * unauthorized (6) --Request unauthorized 7517f01e99SJung-uk Kim * } 7617f01e99SJung-uk Kim */ 7717f01e99SJung-uk Kim 7817f01e99SJung-uk Kim /*- ResponseBytes ::= SEQUENCE { 7917f01e99SJung-uk Kim * responseType OBJECT IDENTIFIER, 8017f01e99SJung-uk Kim * response OCTET STRING } 8117f01e99SJung-uk Kim */ 8217f01e99SJung-uk Kim struct ocsp_resp_bytes_st { 8317f01e99SJung-uk Kim ASN1_OBJECT *responseType; 8417f01e99SJung-uk Kim ASN1_OCTET_STRING *response; 8517f01e99SJung-uk Kim }; 8617f01e99SJung-uk Kim 8717f01e99SJung-uk Kim /*- OCSPResponse ::= SEQUENCE { 8817f01e99SJung-uk Kim * responseStatus OCSPResponseStatus, 8917f01e99SJung-uk Kim * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } 9017f01e99SJung-uk Kim */ 9117f01e99SJung-uk Kim struct ocsp_response_st { 9217f01e99SJung-uk Kim ASN1_ENUMERATED *responseStatus; 9317f01e99SJung-uk Kim OCSP_RESPBYTES *responseBytes; 9417f01e99SJung-uk Kim }; 9517f01e99SJung-uk Kim 9617f01e99SJung-uk Kim /*- ResponderID ::= CHOICE { 9717f01e99SJung-uk Kim * byName [1] Name, 9817f01e99SJung-uk Kim * byKey [2] KeyHash } 9917f01e99SJung-uk Kim */ 10017f01e99SJung-uk Kim struct ocsp_responder_id_st { 10117f01e99SJung-uk Kim int type; 10217f01e99SJung-uk Kim union { 10317f01e99SJung-uk Kim X509_NAME *byName; 10417f01e99SJung-uk Kim ASN1_OCTET_STRING *byKey; 10517f01e99SJung-uk Kim } value; 10617f01e99SJung-uk Kim }; 10717f01e99SJung-uk Kim 10817f01e99SJung-uk Kim /*- KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key 10917f01e99SJung-uk Kim * --(excluding the tag and length fields) 11017f01e99SJung-uk Kim */ 11117f01e99SJung-uk Kim 11217f01e99SJung-uk Kim /*- RevokedInfo ::= SEQUENCE { 11317f01e99SJung-uk Kim * revocationTime GeneralizedTime, 11417f01e99SJung-uk Kim * revocationReason [0] EXPLICIT CRLReason OPTIONAL } 11517f01e99SJung-uk Kim */ 11617f01e99SJung-uk Kim struct ocsp_revoked_info_st { 11717f01e99SJung-uk Kim ASN1_GENERALIZEDTIME *revocationTime; 11817f01e99SJung-uk Kim ASN1_ENUMERATED *revocationReason; 11917f01e99SJung-uk Kim }; 12017f01e99SJung-uk Kim 12117f01e99SJung-uk Kim /*- CertStatus ::= CHOICE { 12217f01e99SJung-uk Kim * good [0] IMPLICIT NULL, 12317f01e99SJung-uk Kim * revoked [1] IMPLICIT RevokedInfo, 12417f01e99SJung-uk Kim * unknown [2] IMPLICIT UnknownInfo } 12517f01e99SJung-uk Kim */ 12617f01e99SJung-uk Kim struct ocsp_cert_status_st { 12717f01e99SJung-uk Kim int type; 12817f01e99SJung-uk Kim union { 12917f01e99SJung-uk Kim ASN1_NULL *good; 13017f01e99SJung-uk Kim OCSP_REVOKEDINFO *revoked; 13117f01e99SJung-uk Kim ASN1_NULL *unknown; 13217f01e99SJung-uk Kim } value; 13317f01e99SJung-uk Kim }; 13417f01e99SJung-uk Kim 13517f01e99SJung-uk Kim /*- SingleResponse ::= SEQUENCE { 13617f01e99SJung-uk Kim * certID CertID, 13717f01e99SJung-uk Kim * certStatus CertStatus, 13817f01e99SJung-uk Kim * thisUpdate GeneralizedTime, 13917f01e99SJung-uk Kim * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL, 14017f01e99SJung-uk Kim * singleExtensions [1] EXPLICIT Extensions OPTIONAL } 14117f01e99SJung-uk Kim */ 14217f01e99SJung-uk Kim struct ocsp_single_response_st { 14317f01e99SJung-uk Kim OCSP_CERTID *certId; 14417f01e99SJung-uk Kim OCSP_CERTSTATUS *certStatus; 14517f01e99SJung-uk Kim ASN1_GENERALIZEDTIME *thisUpdate; 14617f01e99SJung-uk Kim ASN1_GENERALIZEDTIME *nextUpdate; 14717f01e99SJung-uk Kim STACK_OF(X509_EXTENSION) *singleExtensions; 14817f01e99SJung-uk Kim }; 14917f01e99SJung-uk Kim 15017f01e99SJung-uk Kim /*- ResponseData ::= SEQUENCE { 15117f01e99SJung-uk Kim * version [0] EXPLICIT Version DEFAULT v1, 15217f01e99SJung-uk Kim * responderID ResponderID, 15317f01e99SJung-uk Kim * producedAt GeneralizedTime, 15417f01e99SJung-uk Kim * responses SEQUENCE OF SingleResponse, 15517f01e99SJung-uk Kim * responseExtensions [1] EXPLICIT Extensions OPTIONAL } 15617f01e99SJung-uk Kim */ 15717f01e99SJung-uk Kim struct ocsp_response_data_st { 15817f01e99SJung-uk Kim ASN1_INTEGER *version; 15917f01e99SJung-uk Kim OCSP_RESPID responderId; 16017f01e99SJung-uk Kim ASN1_GENERALIZEDTIME *producedAt; 16117f01e99SJung-uk Kim STACK_OF(OCSP_SINGLERESP) *responses; 16217f01e99SJung-uk Kim STACK_OF(X509_EXTENSION) *responseExtensions; 16317f01e99SJung-uk Kim }; 16417f01e99SJung-uk Kim 16517f01e99SJung-uk Kim /*- BasicOCSPResponse ::= SEQUENCE { 16617f01e99SJung-uk Kim * tbsResponseData ResponseData, 16717f01e99SJung-uk Kim * signatureAlgorithm AlgorithmIdentifier, 16817f01e99SJung-uk Kim * signature BIT STRING, 16917f01e99SJung-uk Kim * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } 17017f01e99SJung-uk Kim */ 17117f01e99SJung-uk Kim /* 17217f01e99SJung-uk Kim * Note 1: The value for "signature" is specified in the OCSP rfc2560 as 17317f01e99SJung-uk Kim * follows: "The value for the signature SHALL be computed on the hash of 17417f01e99SJung-uk Kim * the DER encoding ResponseData." This means that you must hash the 17517f01e99SJung-uk Kim * DER-encoded tbsResponseData, and then run it through a crypto-signing 17617f01e99SJung-uk Kim * function, which will (at least w/RSA) do a hash-'n'-private-encrypt 17717f01e99SJung-uk Kim * operation. This seems a bit odd, but that's the spec. Also note that 17817f01e99SJung-uk Kim * the data structures do not leave anywhere to independently specify the 17917f01e99SJung-uk Kim * algorithm used for the initial hash. So, we look at the 18017f01e99SJung-uk Kim * signature-specification algorithm, and try to do something intelligent. 18117f01e99SJung-uk Kim * -- Kathy Weinhold, CertCo 18217f01e99SJung-uk Kim */ 18317f01e99SJung-uk Kim /* 18417f01e99SJung-uk Kim * Note 2: It seems that the mentioned passage from RFC 2560 (section 18517f01e99SJung-uk Kim * 4.2.1) is open for interpretation. I've done tests against another 18617f01e99SJung-uk Kim * responder, and found that it doesn't do the double hashing that the RFC 18717f01e99SJung-uk Kim * seems to say one should. Therefore, all relevant functions take a flag 18817f01e99SJung-uk Kim * saying which variant should be used. -- Richard Levitte, OpenSSL team 18917f01e99SJung-uk Kim * and CeloCom 19017f01e99SJung-uk Kim */ 19117f01e99SJung-uk Kim struct ocsp_basic_response_st { 19217f01e99SJung-uk Kim OCSP_RESPDATA tbsResponseData; 19317f01e99SJung-uk Kim X509_ALGOR signatureAlgorithm; 19417f01e99SJung-uk Kim ASN1_BIT_STRING *signature; 19517f01e99SJung-uk Kim STACK_OF(X509) *certs; 19617f01e99SJung-uk Kim }; 19717f01e99SJung-uk Kim 19817f01e99SJung-uk Kim /*- 19917f01e99SJung-uk Kim * CrlID ::= SEQUENCE { 20017f01e99SJung-uk Kim * crlUrl [0] EXPLICIT IA5String OPTIONAL, 20117f01e99SJung-uk Kim * crlNum [1] EXPLICIT INTEGER OPTIONAL, 20217f01e99SJung-uk Kim * crlTime [2] EXPLICIT GeneralizedTime OPTIONAL } 20317f01e99SJung-uk Kim */ 20417f01e99SJung-uk Kim struct ocsp_crl_id_st { 20517f01e99SJung-uk Kim ASN1_IA5STRING *crlUrl; 20617f01e99SJung-uk Kim ASN1_INTEGER *crlNum; 20717f01e99SJung-uk Kim ASN1_GENERALIZEDTIME *crlTime; 20817f01e99SJung-uk Kim }; 20917f01e99SJung-uk Kim 21017f01e99SJung-uk Kim /*- 21117f01e99SJung-uk Kim * ServiceLocator ::= SEQUENCE { 21217f01e99SJung-uk Kim * issuer Name, 21317f01e99SJung-uk Kim * locator AuthorityInfoAccessSyntax OPTIONAL } 21417f01e99SJung-uk Kim */ 21517f01e99SJung-uk Kim struct ocsp_service_locator_st { 21617f01e99SJung-uk Kim X509_NAME *issuer; 21717f01e99SJung-uk Kim STACK_OF(ACCESS_DESCRIPTION) *locator; 21817f01e99SJung-uk Kim }; 21917f01e99SJung-uk Kim 220*b077aed3SPierre Pronchery # define OCSP_REQUEST_sign(o, pkey, md, libctx, propq)\ 221*b077aed3SPierre Pronchery ASN1_item_sign_ex(ASN1_ITEM_rptr(OCSP_REQINFO),\ 22217f01e99SJung-uk Kim &(o)->optionalSignature->signatureAlgorithm, NULL,\ 223*b077aed3SPierre Pronchery (o)->optionalSignature->signature, &(o)->tbsRequest,\ 224*b077aed3SPierre Pronchery NULL, pkey, md, libctx, propq) 22517f01e99SJung-uk Kim 226*b077aed3SPierre Pronchery # define OCSP_BASICRESP_sign(o, pkey, md, d, libctx, propq)\ 227*b077aed3SPierre Pronchery ASN1_item_sign_ex(ASN1_ITEM_rptr(OCSP_RESPDATA),\ 228*b077aed3SPierre Pronchery &(o)->signatureAlgorithm, NULL,\ 229*b077aed3SPierre Pronchery (o)->signature, &(o)->tbsResponseData,\ 230*b077aed3SPierre Pronchery NULL, pkey, md, libctx, propq) 23117f01e99SJung-uk Kim 23217f01e99SJung-uk Kim # define OCSP_BASICRESP_sign_ctx(o, ctx, d)\ 233*b077aed3SPierre Pronchery ASN1_item_sign_ctx(ASN1_ITEM_rptr(OCSP_RESPDATA),\ 234*b077aed3SPierre Pronchery &(o)->signatureAlgorithm, NULL,\ 235*b077aed3SPierre Pronchery (o)->signature, &(o)->tbsResponseData, ctx) 23617f01e99SJung-uk Kim 237*b077aed3SPierre Pronchery # define OCSP_REQUEST_verify(a, r, libctx, propq)\ 238*b077aed3SPierre Pronchery ASN1_item_verify_ex(ASN1_ITEM_rptr(OCSP_REQINFO),\ 23917f01e99SJung-uk Kim &(a)->optionalSignature->signatureAlgorithm,\ 240*b077aed3SPierre Pronchery (a)->optionalSignature->signature, &(a)->tbsRequest,\ 241*b077aed3SPierre Pronchery NULL, r, libctx, propq) 24217f01e99SJung-uk Kim 243*b077aed3SPierre Pronchery # define OCSP_BASICRESP_verify(a, r, libctx, propq)\ 244*b077aed3SPierre Pronchery ASN1_item_verify_ex(ASN1_ITEM_rptr(OCSP_RESPDATA),\ 245*b077aed3SPierre Pronchery &(a)->signatureAlgorithm, (a)->signature,\ 246*b077aed3SPierre Pronchery &(a)->tbsResponseData, NULL, r, libctx, propq) 247