#include <openssl_grpc/x509.h> #include <assert.h> #include <openssl_grpc/asn1.h> #include <openssl_grpc/asn1t.h> #include <openssl_grpc/bio.h> #include <openssl_grpc/evp.h> #include <openssl_grpc/err.h> #include <openssl_grpc/obj.h> #include "internal.h" ASN1_SEQUENCE(RSA_PSS_PARAMS) = { ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0), ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1), ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2), ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3), } ASN1_SEQUENCE_END(RSA_PSS_PARAMS) IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS) /* Given an MGF1 Algorithm ID decode to an Algorithm Identifier */ static X509_ALGOR *rsa_mgf1_decode(X509_ALGOR *alg) { if (alg == NULL || alg->parameter == NULL || OBJ_obj2nid(alg->algorithm) != NID_mgf1 || alg->parameter->type != V_ASN1_SEQUENCE) { return NULL; }
ASN1_SIMPLE(OCSP_CERTID, issuerNameHash, ASN1_OCTET_STRING), ASN1_SIMPLE(OCSP_CERTID, issuerKeyHash, ASN1_OCTET_STRING), ASN1_SIMPLE(OCSP_CERTID, serialNumber, ASN1_INTEGER) } ASN1_SEQUENCE_END(OCSP_CERTID) IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTID) ASN1_SEQUENCE(OCSP_ONEREQ) = { ASN1_SIMPLE(OCSP_ONEREQ, reqCert, OCSP_CERTID), ASN1_EXP_SEQUENCE_OF_OPT(OCSP_ONEREQ, singleRequestExtensions, X509_EXTENSION, 0) } ASN1_SEQUENCE_END(OCSP_ONEREQ) IMPLEMENT_ASN1_FUNCTIONS(OCSP_ONEREQ) ASN1_SEQUENCE(OCSP_REQINFO) = { ASN1_EXP_OPT(OCSP_REQINFO, version, ASN1_INTEGER, 0), ASN1_EXP_OPT(OCSP_REQINFO, requestorName, GENERAL_NAME, 1), ASN1_SEQUENCE_OF(OCSP_REQINFO, requestList, OCSP_ONEREQ), ASN1_EXP_SEQUENCE_OF_OPT(OCSP_REQINFO, requestExtensions, X509_EXTENSION, 2) } ASN1_SEQUENCE_END(OCSP_REQINFO) IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQINFO) ASN1_SEQUENCE(OCSP_REQUEST) = { ASN1_SIMPLE(OCSP_REQUEST, tbsRequest, OCSP_REQINFO), ASN1_EXP_OPT(OCSP_REQUEST, optionalSignature, OCSP_SIGNATURE, 0) } ASN1_SEQUENCE_END(OCSP_REQUEST) IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQUEST) /* OCSP_RESPONSE templates */
ASN1_SEQUENCE(CMS_OriginatorPublicKey) = { ASN1_SIMPLE(CMS_OriginatorPublicKey, algorithm, X509_ALGOR), ASN1_SIMPLE(CMS_OriginatorPublicKey, publicKey, ASN1_BIT_STRING) } ASN1_SEQUENCE_END(CMS_OriginatorPublicKey) ASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = { ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber), ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0), ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1) } ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey) ASN1_SEQUENCE(CMS_KeyAgreeRecipientInfo) = { ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, version, LONG), ASN1_EXP(CMS_KeyAgreeRecipientInfo, originator, CMS_OriginatorIdentifierOrKey, 0), ASN1_EXP_OPT(CMS_KeyAgreeRecipientInfo, ukm, ASN1_OCTET_STRING, 1), ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), ASN1_SEQUENCE_OF(CMS_KeyAgreeRecipientInfo, recipientEncryptedKeys, CMS_RecipientEncryptedKey) } ASN1_SEQUENCE_END(CMS_KeyAgreeRecipientInfo) ASN1_SEQUENCE(CMS_KEKIdentifier) = { ASN1_SIMPLE(CMS_KEKIdentifier, keyIdentifier, ASN1_OCTET_STRING), ASN1_OPT(CMS_KEKIdentifier, date, ASN1_GENERALIZEDTIME), ASN1_OPT(CMS_KEKIdentifier, other, CMS_OtherKeyAttribute) } ASN1_SEQUENCE_END(CMS_KEKIdentifier) ASN1_SEQUENCE(CMS_KEKRecipientInfo) = { ASN1_SIMPLE(CMS_KEKRecipientInfo, version, LONG), ASN1_SIMPLE(CMS_KEKRecipientInfo, kekid, CMS_KEKIdentifier), ASN1_SIMPLE(CMS_KEKRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), ASN1_SIMPLE(CMS_KEKRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
* responseStatus OCSPResponseStatus, * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } */ typedef struct { ASN1_ENUMERATED *responseStatus; ResponseBytes *responseBytes; } OCSPResponse; ASN1_SEQUENCE(ResponseBytes) = { ASN1_SIMPLE(ResponseBytes, responseType, ASN1_OBJECT), ASN1_SIMPLE(ResponseBytes, response, ASN1_OCTET_STRING) } ASN1_SEQUENCE_END(ResponseBytes); ASN1_SEQUENCE(OCSPResponse) = { ASN1_SIMPLE(OCSPResponse, responseStatus, ASN1_ENUMERATED), ASN1_EXP_OPT(OCSPResponse, responseBytes, ResponseBytes, 0) } ASN1_SEQUENCE_END(OCSPResponse); IMPLEMENT_ASN1_FUNCTIONS(OCSPResponse); /* * ResponderID ::= CHOICE { * byName [1] Name, * byKey [2] KeyHash } */ typedef struct { int type; union { X509_NAME *byName; ASN1_OCTET_STRING *byKey; } value;
if (!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null())) goto err; return sk_ASN1_OBJECT_push(aux->reject, objtmp); err: ASN1_OBJECT_free(objtmp); return 0; } void X509_trust_clear(X509 *x) { if (x->aux && x->aux->trust) { sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free); x->aux->trust = NULL; } } void X509_reject_clear(X509 *x) { if (x->aux && x->aux->reject) { sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free); x->aux->reject = NULL; } } ASN1_SEQUENCE(X509_CERT_PAIR) = { ASN1_EXP_OPT(X509_CERT_PAIR, forward, X509, 0), ASN1_EXP_OPT(X509_CERT_PAIR, reverse, X509, 1) } ASN1_SEQUENCE_END(X509_CERT_PAIR) IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_PAIR)
ASN1_IMP_OPT(TS_ACCURACY, micros, ASN1_INTEGER, 1) } ASN1_SEQUENCE_END(TS_ACCURACY) IMPLEMENT_ASN1_FUNCTIONS_const(TS_ACCURACY) IMPLEMENT_ASN1_DUP_FUNCTION(TS_ACCURACY) ASN1_SEQUENCE(TS_TST_INFO) = { ASN1_SIMPLE(TS_TST_INFO, version, ASN1_INTEGER), ASN1_SIMPLE(TS_TST_INFO, policy_id, ASN1_OBJECT), ASN1_SIMPLE(TS_TST_INFO, msg_imprint, TS_MSG_IMPRINT), ASN1_SIMPLE(TS_TST_INFO, serial, ASN1_INTEGER), ASN1_SIMPLE(TS_TST_INFO, time, ASN1_GENERALIZEDTIME), ASN1_OPT(TS_TST_INFO, accuracy, TS_ACCURACY), ASN1_OPT(TS_TST_INFO, ordering, ASN1_FBOOLEAN), ASN1_OPT(TS_TST_INFO, nonce, ASN1_INTEGER), ASN1_EXP_OPT(TS_TST_INFO, tsa, GENERAL_NAME, 0), ASN1_IMP_SEQUENCE_OF_OPT(TS_TST_INFO, extensions, X509_EXTENSION, 1) } ASN1_SEQUENCE_END(TS_TST_INFO) IMPLEMENT_ASN1_FUNCTIONS_const(TS_TST_INFO) IMPLEMENT_ASN1_DUP_FUNCTION(TS_TST_INFO) #ifndef OPENSSL_NO_BIO TS_TST_INFO * d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a) { return ASN1_d2i_bio_of(TS_TST_INFO, TS_TST_INFO_new, d2i_TS_TST_INFO, bp, a); } int
ASN1_SIMPLE(ASRange, min, ASN1_INTEGER), ASN1_SIMPLE(ASRange, max, ASN1_INTEGER) } ASN1_SEQUENCE_END(ASRange) ASN1_CHOICE(ASIdOrRange) = { ASN1_SIMPLE(ASIdOrRange, u.id, ASN1_INTEGER), ASN1_SIMPLE(ASIdOrRange, u.range, ASRange) } ASN1_CHOICE_END(ASIdOrRange) ASN1_CHOICE(ASIdentifierChoice) = { ASN1_SIMPLE(ASIdentifierChoice, u.inherit, ASN1_NULL), ASN1_SEQUENCE_OF(ASIdentifierChoice, u.asIdsOrRanges, ASIdOrRange) } ASN1_CHOICE_END(ASIdentifierChoice) ASN1_SEQUENCE(ASIdentifiers) = { ASN1_EXP_OPT(ASIdentifiers, asnum, ASIdentifierChoice, 0), ASN1_EXP_OPT(ASIdentifiers, rdi, ASIdentifierChoice, 1) } ASN1_SEQUENCE_END(ASIdentifiers) IMPLEMENT_ASN1_FUNCTIONS(ASRange) IMPLEMENT_ASN1_FUNCTIONS(ASIdOrRange) IMPLEMENT_ASN1_FUNCTIONS(ASIdentifierChoice) IMPLEMENT_ASN1_FUNCTIONS(ASIdentifiers) /* * i2r method for an ASIdentifierChoice. */ static int i2r_ASIdentifierChoice(BIO *out, ASIdentifierChoice *choice, int indent, const char *msg) {
* * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ #include <stdio.h> #include "cryptlib.h" #include <openssl/evp.h> #include <openssl/asn1t.h> #include <openssl/x509.h> #include <openssl/x509v3.h> ASN1_SEQUENCE(X509_CINF) = { ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0), ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER), ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR), ASN1_SIMPLE(X509_CINF, issuer, X509_NAME), ASN1_SIMPLE(X509_CINF, validity, X509_VAL), ASN1_SIMPLE(X509_CINF, subject, X509_NAME), ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY), ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1), ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2), ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3) } ASN1_SEQUENCE_END(X509_CINF) IMPLEMENT_ASN1_FUNCTIONS(X509_CINF) /* X509 top level structure needs a bit of customisation */ extern void policy_cache_free(X509_POLICY_CACHE *cache);
#include <openssl/x509v3.h> #include <openssl/safestack.h> #include "v3_admis.h" #include "ext_dat.h" ASN1_SEQUENCE(NAMING_AUTHORITY) = { ASN1_OPT(NAMING_AUTHORITY, namingAuthorityId, ASN1_OBJECT), ASN1_OPT(NAMING_AUTHORITY, namingAuthorityUrl, ASN1_IA5STRING), ASN1_OPT(NAMING_AUTHORITY, namingAuthorityText, DIRECTORYSTRING), } ASN1_SEQUENCE_END(NAMING_AUTHORITY) ASN1_SEQUENCE(PROFESSION_INFO) = { ASN1_EXP_OPT(PROFESSION_INFO, namingAuthority, NAMING_AUTHORITY, 0), ASN1_SEQUENCE_OF(PROFESSION_INFO, professionItems, DIRECTORYSTRING), ASN1_SEQUENCE_OF_OPT(PROFESSION_INFO, professionOIDs, ASN1_OBJECT), ASN1_OPT(PROFESSION_INFO, registrationNumber, ASN1_PRINTABLESTRING), ASN1_OPT(PROFESSION_INFO, addProfessionInfo, ASN1_OCTET_STRING), } ASN1_SEQUENCE_END(PROFESSION_INFO) ASN1_SEQUENCE(ADMISSIONS) = { ASN1_EXP_OPT(ADMISSIONS, admissionAuthority, GENERAL_NAME, 0), ASN1_EXP_OPT(ADMISSIONS, namingAuthority, NAMING_AUTHORITY, 1), ASN1_SEQUENCE_OF(ADMISSIONS, professionInfos, PROFESSION_INFO), } ASN1_SEQUENCE_END(ADMISSIONS) ASN1_SEQUENCE(ADMISSION_SYNTAX) = { ASN1_OPT(ADMISSION_SYNTAX, admissionAuthority, GENERAL_NAME), ASN1_SEQUENCE_OF(ADMISSION_SYNTAX, contentsOfAdmissions, ADMISSIONS),
ASN1_CHOICE(BIGN_DOMAINPARAMS) = { ASN1_SIMPLE(BIGN_DOMAINPARAMS, value.named, ASN1_OBJECT), ASN1_SIMPLE(BIGN_DOMAINPARAMS, value.specified, BIGN_ECPARAMS), ASN1_SIMPLE(BIGN_DOMAINPARAMS, value.implicit, ASN1_NULL) } ASN1_CHOICE_END(BIGN_DOMAINPARAMS) DECLARE_ASN1_FUNCTIONS_const(BIGN_DOMAINPARAMS) DECLARE_ASN1_ENCODE_FUNCTIONS_const(BIGN_DOMAINPARAMS, BIGN_DOMAINPARAMS) IMPLEMENT_ASN1_FUNCTIONS_const(BIGN_DOMAINPARAMS) ASN1_SEQUENCE(BIGN_PRIVATEKEY) = { ASN1_SIMPLE(BIGN_PRIVATEKEY, version, LONG), ASN1_SIMPLE(BIGN_PRIVATEKEY, privateKey, ASN1_OCTET_STRING), ASN1_EXP_OPT(BIGN_PRIVATEKEY, parameters, BIGN_DOMAINPARAMS, 0), ASN1_EXP_OPT(BIGN_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1) } ASN1_SEQUENCE_END(BIGN_PRIVATEKEY) DECLARE_ASN1_FUNCTIONS_const(BIGN_PRIVATEKEY) DECLARE_ASN1_ENCODE_FUNCTIONS_const(BIGN_PRIVATEKEY, BIGN_PRIVATEKEY) IMPLEMENT_ASN1_FUNCTIONS_const(BIGN_PRIVATEKEY) /* ******************************************************************************* ���������� ������ bee2/bign \pre ��������� ������� bign_cmp_params() ���������. ������� ����� ���������� ������ ������ (p, a, b) [��� ��������� ���� ������������ �� ���� ������]. ******************************************************************************* */
ENCDEC_DATA(0, ASN1_LONG_UNDEF) #if !OPENSSL_API_3 /***** LONG ******************************************************************/ typedef struct { /* If decoding is expected to succeed, set this to 1, otherwise 0 */ ASN1_BOOLEAN success; long test_long; long test_zlong; } ASN1_LONG_DATA; ASN1_SEQUENCE(ASN1_LONG_DATA) = { ASN1_SIMPLE(ASN1_LONG_DATA, success, ASN1_FBOOLEAN), ASN1_SIMPLE(ASN1_LONG_DATA, test_long, LONG), ASN1_EXP_OPT(ASN1_LONG_DATA, test_zlong, ZLONG, 0) } static_ASN1_SEQUENCE_END(ASN1_LONG_DATA) IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_LONG_DATA) IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_LONG_DATA) static ASN1_LONG_DATA long_expected_32bit[] = { /* The following should fail on the second because it's the default */ { 0xff, 0, 1 }, { 0, 0, 0 }, /* t_zero */ { 0, 0, 0 }, { 0xff, 1, 0x7fffffff }, /* t_longundef */ CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */ CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */ CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */ CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */ CUSTOM_EXPECTED_FAILURE, /* t_8bytes_1 */ CUSTOM_EXPECTED_FAILURE, /* t_8bytes_2 */
int i2d_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET *master) { return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CPK_MASTER_SECRET), bp, master); } CPK_PUBLIC_PARAMS *d2i_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS **params) { return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params); } int i2d_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS *params) { return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params); } /* This is the ANY DEFINED BY table for the top level PKCS#7 structure */ ASN1_ADB_TEMPLATE(cpkcmsdefault) = ASN1_EXP_OPT(CPK_CMS, d.other, ASN1_ANY, 0); ASN1_ADB(CPK_CMS) = { ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP_OPT(CPK_CMS, d.data, ASN1_OCTET_STRING_NDEF, 0)), ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP_OPT(CPK_CMS, d.sign, CPK_SIGNED, 0)), ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP_OPT(CPK_CMS, d.enveloped, CPK_ENVELOPE, 0)), ADB_ENTRY(NID_pkcs7_signedAndEnveloped, ASN1_NDEF_EXP_OPT(CPK_CMS, d.signed_and_enveloped, CPK_SIGN_ENVELOPE, 0)), } ASN1_ADB_END(CPK_CMS, 0, type, 0, &cpkcmsdefault_tt, NULL); ASN1_NDEF_SEQUENCE(CPK_CMS) = { ASN1_SIMPLE(CPK_CMS, type, ASN1_OBJECT), ASN1_ADB_OBJECT(CPK_CMS) }ASN1_NDEF_SEQUENCE_END(CPK_CMS) IMPLEMENT_ASN1_FUNCTIONS(CPK_CMS)