/** * Parse OCSP response data * * @v ocsp OCSP check * @v raw ASN.1 cursor * @ret rc Return status code */ static int ocsp_parse_tbs_response_data ( struct ocsp_check *ocsp, const struct asn1_cursor *raw ) { struct ocsp_response *response = &ocsp->response; struct asn1_cursor cursor; int rc; /* Record raw tbsResponseData */ memcpy ( &cursor, raw, sizeof ( cursor ) ); asn1_shrink_any ( &cursor ); memcpy ( &response->tbs, &cursor, sizeof ( response->tbs ) ); /* Enter tbsResponseData */ asn1_enter ( &cursor, ASN1_SEQUENCE ); /* Skip version, if present */ asn1_skip_if_exists ( &cursor, ASN1_EXPLICIT_TAG ( 0 ) ); /* Parse responderID */ if ( ( rc = ocsp_parse_responder_id ( ocsp, &cursor ) ) != 0 ) return rc; asn1_skip_any ( &cursor ); /* Skip producedAt */ asn1_skip_any ( &cursor ); /* Parse responses */ if ( ( rc = ocsp_parse_responses ( ocsp, &cursor ) ) != 0 ) return rc; return 0; }
/** * Identify X.509 certificate public key * * @v certificate Certificate * @v algorithm Public key algorithm to fill in * @v pubkey Public key value to fill in * @ret rc Return status code */ static int x509_public_key ( const struct asn1_cursor *certificate, struct asn1_cursor *algorithm, struct asn1_cursor *pubkey ) { struct asn1_cursor cursor; int rc; /* Locate subjectPublicKeyInfo */ memcpy ( &cursor, certificate, sizeof ( cursor ) ); rc = ( asn1_enter ( &cursor, ASN1_SEQUENCE ), /* Certificate */ asn1_enter ( &cursor, ASN1_SEQUENCE ), /* tbsCertificate */ asn1_skip_if_exists ( &cursor, ASN1_EXPLICIT_TAG ), /* version */ asn1_skip ( &cursor, ASN1_INTEGER ), /* serialNumber */ asn1_skip ( &cursor, ASN1_SEQUENCE ), /* signature */ asn1_skip ( &cursor, ASN1_SEQUENCE ), /* issuer */ asn1_skip ( &cursor, ASN1_SEQUENCE ), /* validity */ asn1_skip ( &cursor, ASN1_SEQUENCE ), /* name */ asn1_enter ( &cursor, ASN1_SEQUENCE )/* subjectPublicKeyInfo*/); if ( rc != 0 ) { DBG ( "Cannot locate subjectPublicKeyInfo in:\n" ); DBG_HDA ( 0, certificate->data, certificate->len ); return rc; } /* Locate algorithm */ memcpy ( algorithm, &cursor, sizeof ( *algorithm ) ); rc = ( asn1_enter ( algorithm, ASN1_SEQUENCE ) /* algorithm */ ); if ( rc != 0 ) { DBG ( "Cannot locate algorithm in:\n" ); DBG_HDA ( 0, certificate->data, certificate->len ); return rc; } /* Locate subjectPublicKey */ memcpy ( pubkey, &cursor, sizeof ( *pubkey ) ); rc = ( asn1_skip ( pubkey, ASN1_SEQUENCE ), /* algorithm */ asn1_enter ( pubkey, ASN1_BIT_STRING ) /* subjectPublicKey*/ ); if ( rc != 0 ) { DBG ( "Cannot locate subjectPublicKey in:\n" ); DBG_HDA ( 0, certificate->data, certificate->len ); return rc; } return 0; }