static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
const char *policy, int no_nonce, int cert)
{
int ret = 0;
TS_REQ *ts_req = NULL;
int len;
TS_MSG_IMPRINT *msg_imprint = NULL;
X509_ALGOR *algo = NULL;
unsigned char *data = NULL;
ASN1_OBJECT *policy_obj = NULL;
ASN1_INTEGER *nonce_asn1 = NULL;
if (md == NULL && (md = EVP_get_digestbyname("sha1")) == NULL)
goto err;
if ((ts_req = TS_REQ_new()) == NULL)
goto err;
if (!TS_REQ_set_version(ts_req, 1))
goto err;
if ((msg_imprint = TS_MSG_IMPRINT_new()) == NULL)
goto err;
if ((algo = X509_ALGOR_new()) == NULL)
goto err;
if ((algo->algorithm = OBJ_nid2obj(EVP_MD_type(md))) == NULL)
goto err;
if ((algo->parameter = ASN1_TYPE_new()) == NULL)
goto err;
algo->parameter->type = V_ASN1_NULL;
if (!TS_MSG_IMPRINT_set_algo(msg_imprint, algo))
goto err;
if ((len = create_digest(data_bio, digest, md, &data)) == 0)
goto err;
if (!TS_MSG_IMPRINT_set_msg(msg_imprint, data, len))
goto err;
if (!TS_REQ_set_msg_imprint(ts_req, msg_imprint))
goto err;
if (policy && (policy_obj = txt2obj(policy)) == NULL)
goto err;
if (policy_obj && !TS_REQ_set_policy_id(ts_req, policy_obj))
goto err;
/* Setting nonce if requested. */
if (!no_nonce && (nonce_asn1 = create_nonce(NONCE_LENGTH)) == NULL)
goto err;
if (nonce_asn1 && !TS_REQ_set_nonce(ts_req, nonce_asn1))
goto err;
if (!TS_REQ_set_cert_req(ts_req, cert))
goto err;
ret = 1;
err:
if (!ret) {
TS_REQ_free(ts_req);
ts_req = NULL;
BIO_printf(bio_err, "could not create query\n");
ERR_print_errors(bio_err);
}
TS_MSG_IMPRINT_free(msg_imprint);
X509_ALGOR_free(algo);
OPENSSL_free(data);
ASN1_OBJECT_free(policy_obj);
ASN1_INTEGER_free(nonce_asn1);
return ts_req;
}
static int openssl_ts_req_nonce(lua_State*L)
{
TS_REQ* req = CHECK_OBJECT(1, TS_REQ, "openssl.ts_req");
if (lua_isnone(L, 2))
{
const ASN1_INTEGER* ai = TS_REQ_get_nonce(req);
BIGNUM *bn;
PUSH_ASN1_INTEGER(L, ai);
bn = ASN1_INTEGER_to_BN(ai, NULL);
PUSH_OBJECT(bn, "openssl.bn");
return 2;
}
else
{
BIGNUM *bn = BN_get(L, 2);
ASN1_INTEGER *ai = BN_to_ASN1_INTEGER(bn, NULL);
int ret = TS_REQ_set_nonce(req, ai);
ASN1_INTEGER_free(ai);
BN_free(bn);
return openssl_pushresult(L, ret);
}
}
TS_REQ* get_timestamp_request(char* hash, int hash_size, ASN1_INTEGER *nonce_asn1)
{
int ret = 0;
TS_REQ *ts_req = NULL;
TS_MSG_IMPRINT *msg_imprint = NULL;
X509_ALGOR *algo = NULL;
unsigned char *data = NULL;
ASN1_OBJECT *policy_obj = NULL;
const EVP_MD* md = NULL;
/* Setting default message digest. */
if ((md = EVP_get_digestbyname("sha256")) == NULL)
{
goto err;
}
/* Creating request object. */
if ((ts_req = TS_REQ_new()) == NULL)
{
goto err;
}
/* Setting version. */
if (!TS_REQ_set_version(ts_req, 1)) goto err;
/* Creating and adding MSG_IMPRINT object. */
if ((msg_imprint = TS_MSG_IMPRINT_new()) == NULL)
{
goto err;
}
/* Adding algorithm. */
if ((algo = X509_ALGOR_new()) == NULL)
{
goto err;
}
if ((algo->algorithm = OBJ_nid2obj(EVP_MD_type(md))) == NULL)
{
goto err;
}
if ((algo->parameter = ASN1_TYPE_new()) == NULL)
{
goto err;
}
algo->parameter->type = V_ASN1_NULL;
if (!TS_MSG_IMPRINT_set_algo(msg_imprint, algo)) goto err;
/* Adding message digest. */
if (!TS_MSG_IMPRINT_set_msg(msg_imprint, (unsigned char*)hash, hash_size)) goto err;
if (!TS_REQ_set_msg_imprint(ts_req, msg_imprint)) goto err;
/* Setting policy if requested. */
if ((policy_obj = OBJ_txt2obj("1.1.3", 0)) == NULL)
{
goto err;
}
if (policy_obj && !TS_REQ_set_policy_id(ts_req, policy_obj)) goto err;
/* Setting nonce if requested. */
if (nonce_asn1 && !TS_REQ_set_nonce(ts_req, nonce_asn1)) goto err;
/* Setting certificate request flag if requested. */
if (!TS_REQ_set_cert_req(ts_req, 1)) goto err;
ret = 1;
err:
if (!ret)
{
TS_REQ_free(ts_req);
ts_req = NULL;
}
TS_MSG_IMPRINT_free(msg_imprint);
X509_ALGOR_free(algo);
OPENSSL_free(data);
ASN1_OBJECT_free(policy_obj);
return ts_req;
}
