#include <openssl_grpc/x509.h>
#include <assert.h>
#include <openssl_grpc/asn1.h>
#include <openssl_grpc/asn1t.h>
#include <openssl_grpc/bio.h>
#include <openssl_grpc/evp.h>
#include <openssl_grpc/err.h>
#include <openssl_grpc/obj.h>
#include "internal.h"
ASN1_SEQUENCE(RSA_PSS_PARAMS) = {
ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3),
} ASN1_SEQUENCE_END(RSA_PSS_PARAMS)
IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
/* Given an MGF1 Algorithm ID decode to an Algorithm Identifier */
static X509_ALGOR *rsa_mgf1_decode(X509_ALGOR *alg) {
if (alg == NULL || alg->parameter == NULL ||
OBJ_obj2nid(alg->algorithm) != NID_mgf1 ||
alg->parameter->type != V_ASN1_SEQUENCE) {
return NULL;
}
ASN1_SIMPLE(OCSP_CERTID, issuerNameHash, ASN1_OCTET_STRING),
ASN1_SIMPLE(OCSP_CERTID, issuerKeyHash, ASN1_OCTET_STRING),
ASN1_SIMPLE(OCSP_CERTID, serialNumber, ASN1_INTEGER)
} ASN1_SEQUENCE_END(OCSP_CERTID)
IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTID)
ASN1_SEQUENCE(OCSP_ONEREQ) = {
ASN1_SIMPLE(OCSP_ONEREQ, reqCert, OCSP_CERTID),
ASN1_EXP_SEQUENCE_OF_OPT(OCSP_ONEREQ, singleRequestExtensions, X509_EXTENSION, 0)
} ASN1_SEQUENCE_END(OCSP_ONEREQ)
IMPLEMENT_ASN1_FUNCTIONS(OCSP_ONEREQ)
ASN1_SEQUENCE(OCSP_REQINFO) = {
ASN1_EXP_OPT(OCSP_REQINFO, version, ASN1_INTEGER, 0),
ASN1_EXP_OPT(OCSP_REQINFO, requestorName, GENERAL_NAME, 1),
ASN1_SEQUENCE_OF(OCSP_REQINFO, requestList, OCSP_ONEREQ),
ASN1_EXP_SEQUENCE_OF_OPT(OCSP_REQINFO, requestExtensions, X509_EXTENSION, 2)
} ASN1_SEQUENCE_END(OCSP_REQINFO)
IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQINFO)
ASN1_SEQUENCE(OCSP_REQUEST) = {
ASN1_SIMPLE(OCSP_REQUEST, tbsRequest, OCSP_REQINFO),
ASN1_EXP_OPT(OCSP_REQUEST, optionalSignature, OCSP_SIGNATURE, 0)
} ASN1_SEQUENCE_END(OCSP_REQUEST)
IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQUEST)
/* OCSP_RESPONSE templates */
ASN1_SEQUENCE(CMS_OriginatorPublicKey) = {
ASN1_SIMPLE(CMS_OriginatorPublicKey, algorithm, X509_ALGOR),
ASN1_SIMPLE(CMS_OriginatorPublicKey, publicKey, ASN1_BIT_STRING)
} ASN1_SEQUENCE_END(CMS_OriginatorPublicKey)
ASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = {
ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0),
ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1)
} ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey)
ASN1_SEQUENCE(CMS_KeyAgreeRecipientInfo) = {
ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, version, LONG),
ASN1_EXP(CMS_KeyAgreeRecipientInfo, originator, CMS_OriginatorIdentifierOrKey, 0),
ASN1_EXP_OPT(CMS_KeyAgreeRecipientInfo, ukm, ASN1_OCTET_STRING, 1),
ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
ASN1_SEQUENCE_OF(CMS_KeyAgreeRecipientInfo, recipientEncryptedKeys, CMS_RecipientEncryptedKey)
} ASN1_SEQUENCE_END(CMS_KeyAgreeRecipientInfo)
ASN1_SEQUENCE(CMS_KEKIdentifier) = {
ASN1_SIMPLE(CMS_KEKIdentifier, keyIdentifier, ASN1_OCTET_STRING),
ASN1_OPT(CMS_KEKIdentifier, date, ASN1_GENERALIZEDTIME),
ASN1_OPT(CMS_KEKIdentifier, other, CMS_OtherKeyAttribute)
} ASN1_SEQUENCE_END(CMS_KEKIdentifier)
ASN1_SEQUENCE(CMS_KEKRecipientInfo) = {
ASN1_SIMPLE(CMS_KEKRecipientInfo, version, LONG),
ASN1_SIMPLE(CMS_KEKRecipientInfo, kekid, CMS_KEKIdentifier),
ASN1_SIMPLE(CMS_KEKRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
ASN1_SIMPLE(CMS_KEKRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
* responseStatus OCSPResponseStatus,
* responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
*/
typedef struct {
ASN1_ENUMERATED *responseStatus;
ResponseBytes *responseBytes;
} OCSPResponse;
ASN1_SEQUENCE(ResponseBytes) = {
ASN1_SIMPLE(ResponseBytes, responseType, ASN1_OBJECT),
ASN1_SIMPLE(ResponseBytes, response, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(ResponseBytes);
ASN1_SEQUENCE(OCSPResponse) = {
ASN1_SIMPLE(OCSPResponse, responseStatus, ASN1_ENUMERATED),
ASN1_EXP_OPT(OCSPResponse, responseBytes, ResponseBytes, 0)
} ASN1_SEQUENCE_END(OCSPResponse);
IMPLEMENT_ASN1_FUNCTIONS(OCSPResponse);
/*
* ResponderID ::= CHOICE {
* byName [1] Name,
* byKey [2] KeyHash }
*/
typedef struct {
int type;
union {
X509_NAME *byName;
ASN1_OCTET_STRING *byKey;
} value;
if (!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null()))
goto err;
return sk_ASN1_OBJECT_push(aux->reject, objtmp);
err:
ASN1_OBJECT_free(objtmp);
return 0;
}
void X509_trust_clear(X509 *x)
{
if (x->aux && x->aux->trust) {
sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
x->aux->trust = NULL;
}
}
void X509_reject_clear(X509 *x)
{
if (x->aux && x->aux->reject) {
sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
x->aux->reject = NULL;
}
}
ASN1_SEQUENCE(X509_CERT_PAIR) = {
ASN1_EXP_OPT(X509_CERT_PAIR, forward, X509, 0),
ASN1_EXP_OPT(X509_CERT_PAIR, reverse, X509, 1)
} ASN1_SEQUENCE_END(X509_CERT_PAIR)
IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_PAIR)
ASN1_IMP_OPT(TS_ACCURACY, micros, ASN1_INTEGER, 1)
} ASN1_SEQUENCE_END(TS_ACCURACY)
IMPLEMENT_ASN1_FUNCTIONS_const(TS_ACCURACY)
IMPLEMENT_ASN1_DUP_FUNCTION(TS_ACCURACY)
ASN1_SEQUENCE(TS_TST_INFO) = {
ASN1_SIMPLE(TS_TST_INFO, version, ASN1_INTEGER),
ASN1_SIMPLE(TS_TST_INFO, policy_id, ASN1_OBJECT),
ASN1_SIMPLE(TS_TST_INFO, msg_imprint, TS_MSG_IMPRINT),
ASN1_SIMPLE(TS_TST_INFO, serial, ASN1_INTEGER),
ASN1_SIMPLE(TS_TST_INFO, time, ASN1_GENERALIZEDTIME),
ASN1_OPT(TS_TST_INFO, accuracy, TS_ACCURACY),
ASN1_OPT(TS_TST_INFO, ordering, ASN1_FBOOLEAN),
ASN1_OPT(TS_TST_INFO, nonce, ASN1_INTEGER),
ASN1_EXP_OPT(TS_TST_INFO, tsa, GENERAL_NAME, 0),
ASN1_IMP_SEQUENCE_OF_OPT(TS_TST_INFO, extensions, X509_EXTENSION, 1)
} ASN1_SEQUENCE_END(TS_TST_INFO)
IMPLEMENT_ASN1_FUNCTIONS_const(TS_TST_INFO)
IMPLEMENT_ASN1_DUP_FUNCTION(TS_TST_INFO)
#ifndef OPENSSL_NO_BIO
TS_TST_INFO *
d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a)
{
return ASN1_d2i_bio_of(TS_TST_INFO, TS_TST_INFO_new, d2i_TS_TST_INFO,
bp, a);
}
int
ASN1_SIMPLE(ASRange, min, ASN1_INTEGER),
ASN1_SIMPLE(ASRange, max, ASN1_INTEGER)
} ASN1_SEQUENCE_END(ASRange)
ASN1_CHOICE(ASIdOrRange) = {
ASN1_SIMPLE(ASIdOrRange, u.id, ASN1_INTEGER),
ASN1_SIMPLE(ASIdOrRange, u.range, ASRange)
} ASN1_CHOICE_END(ASIdOrRange)
ASN1_CHOICE(ASIdentifierChoice) = {
ASN1_SIMPLE(ASIdentifierChoice, u.inherit, ASN1_NULL),
ASN1_SEQUENCE_OF(ASIdentifierChoice, u.asIdsOrRanges, ASIdOrRange)
} ASN1_CHOICE_END(ASIdentifierChoice)
ASN1_SEQUENCE(ASIdentifiers) = {
ASN1_EXP_OPT(ASIdentifiers, asnum, ASIdentifierChoice, 0),
ASN1_EXP_OPT(ASIdentifiers, rdi, ASIdentifierChoice, 1)
} ASN1_SEQUENCE_END(ASIdentifiers)
IMPLEMENT_ASN1_FUNCTIONS(ASRange)
IMPLEMENT_ASN1_FUNCTIONS(ASIdOrRange)
IMPLEMENT_ASN1_FUNCTIONS(ASIdentifierChoice)
IMPLEMENT_ASN1_FUNCTIONS(ASIdentifiers)
/*
* i2r method for an ASIdentifierChoice.
*/
static int i2r_ASIdentifierChoice(BIO *out,
ASIdentifierChoice *choice,
int indent, const char *msg)
{
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/evp.h>
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
ASN1_SEQUENCE(X509_CINF) = {
ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
} ASN1_SEQUENCE_END(X509_CINF)
IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
/* X509 top level structure needs a bit of customisation */
extern void policy_cache_free(X509_POLICY_CACHE *cache);
#include <openssl/x509v3.h>
#include <openssl/safestack.h>
#include "v3_admis.h"
#include "ext_dat.h"
ASN1_SEQUENCE(NAMING_AUTHORITY) = {
ASN1_OPT(NAMING_AUTHORITY, namingAuthorityId, ASN1_OBJECT),
ASN1_OPT(NAMING_AUTHORITY, namingAuthorityUrl, ASN1_IA5STRING),
ASN1_OPT(NAMING_AUTHORITY, namingAuthorityText, DIRECTORYSTRING),
} ASN1_SEQUENCE_END(NAMING_AUTHORITY)
ASN1_SEQUENCE(PROFESSION_INFO) = {
ASN1_EXP_OPT(PROFESSION_INFO, namingAuthority, NAMING_AUTHORITY, 0),
ASN1_SEQUENCE_OF(PROFESSION_INFO, professionItems, DIRECTORYSTRING),
ASN1_SEQUENCE_OF_OPT(PROFESSION_INFO, professionOIDs, ASN1_OBJECT),
ASN1_OPT(PROFESSION_INFO, registrationNumber, ASN1_PRINTABLESTRING),
ASN1_OPT(PROFESSION_INFO, addProfessionInfo, ASN1_OCTET_STRING),
} ASN1_SEQUENCE_END(PROFESSION_INFO)
ASN1_SEQUENCE(ADMISSIONS) = {
ASN1_EXP_OPT(ADMISSIONS, admissionAuthority, GENERAL_NAME, 0),
ASN1_EXP_OPT(ADMISSIONS, namingAuthority, NAMING_AUTHORITY, 1),
ASN1_SEQUENCE_OF(ADMISSIONS, professionInfos, PROFESSION_INFO),
} ASN1_SEQUENCE_END(ADMISSIONS)
ASN1_SEQUENCE(ADMISSION_SYNTAX) = {
ASN1_OPT(ADMISSION_SYNTAX, admissionAuthority, GENERAL_NAME),
ASN1_SEQUENCE_OF(ADMISSION_SYNTAX, contentsOfAdmissions, ADMISSIONS),
ASN1_CHOICE(BIGN_DOMAINPARAMS) =
{
ASN1_SIMPLE(BIGN_DOMAINPARAMS, value.named, ASN1_OBJECT),
ASN1_SIMPLE(BIGN_DOMAINPARAMS, value.specified, BIGN_ECPARAMS),
ASN1_SIMPLE(BIGN_DOMAINPARAMS, value.implicit, ASN1_NULL)
} ASN1_CHOICE_END(BIGN_DOMAINPARAMS)
DECLARE_ASN1_FUNCTIONS_const(BIGN_DOMAINPARAMS)
DECLARE_ASN1_ENCODE_FUNCTIONS_const(BIGN_DOMAINPARAMS, BIGN_DOMAINPARAMS)
IMPLEMENT_ASN1_FUNCTIONS_const(BIGN_DOMAINPARAMS)
ASN1_SEQUENCE(BIGN_PRIVATEKEY) = {
ASN1_SIMPLE(BIGN_PRIVATEKEY, version, LONG),
ASN1_SIMPLE(BIGN_PRIVATEKEY, privateKey, ASN1_OCTET_STRING),
ASN1_EXP_OPT(BIGN_PRIVATEKEY, parameters, BIGN_DOMAINPARAMS, 0),
ASN1_EXP_OPT(BIGN_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1)
} ASN1_SEQUENCE_END(BIGN_PRIVATEKEY)
DECLARE_ASN1_FUNCTIONS_const(BIGN_PRIVATEKEY)
DECLARE_ASN1_ENCODE_FUNCTIONS_const(BIGN_PRIVATEKEY, BIGN_PRIVATEKEY)
IMPLEMENT_ASN1_FUNCTIONS_const(BIGN_PRIVATEKEY)
/*
*******************************************************************************
���������� ������ bee2/bign
\pre ��������� ������� bign_cmp_params() ���������. ������� ����� ����������
������ ������ (p, a, b) [��� ��������� ���� ������������ �� ���� ������].
*******************************************************************************
*/
ENCDEC_DATA(0, ASN1_LONG_UNDEF)
#if !OPENSSL_API_3
/***** LONG ******************************************************************/
typedef struct {
/* If decoding is expected to succeed, set this to 1, otherwise 0 */
ASN1_BOOLEAN success;
long test_long;
long test_zlong;
} ASN1_LONG_DATA;
ASN1_SEQUENCE(ASN1_LONG_DATA) = {
ASN1_SIMPLE(ASN1_LONG_DATA, success, ASN1_FBOOLEAN),
ASN1_SIMPLE(ASN1_LONG_DATA, test_long, LONG),
ASN1_EXP_OPT(ASN1_LONG_DATA, test_zlong, ZLONG, 0)
} static_ASN1_SEQUENCE_END(ASN1_LONG_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_LONG_DATA)
IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_LONG_DATA)
static ASN1_LONG_DATA long_expected_32bit[] = {
/* The following should fail on the second because it's the default */
{ 0xff, 0, 1 }, { 0, 0, 0 }, /* t_zero */
{ 0, 0, 0 }, { 0xff, 1, 0x7fffffff }, /* t_longundef */
CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_1 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_2 */
int i2d_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET *master) {
return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CPK_MASTER_SECRET), bp, master);
}
CPK_PUBLIC_PARAMS *d2i_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS **params) {
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params);
}
int i2d_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS *params) {
return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params);
}
/* This is the ANY DEFINED BY table for the top level PKCS#7 structure */
ASN1_ADB_TEMPLATE(cpkcmsdefault) = ASN1_EXP_OPT(CPK_CMS, d.other, ASN1_ANY, 0);
ASN1_ADB(CPK_CMS) = {
ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP_OPT(CPK_CMS, d.data, ASN1_OCTET_STRING_NDEF, 0)),
ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP_OPT(CPK_CMS, d.sign, CPK_SIGNED, 0)),
ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP_OPT(CPK_CMS, d.enveloped, CPK_ENVELOPE, 0)),
ADB_ENTRY(NID_pkcs7_signedAndEnveloped,
ASN1_NDEF_EXP_OPT(CPK_CMS, d.signed_and_enveloped, CPK_SIGN_ENVELOPE, 0)),
} ASN1_ADB_END(CPK_CMS, 0, type, 0, &cpkcmsdefault_tt, NULL);
ASN1_NDEF_SEQUENCE(CPK_CMS) = {
ASN1_SIMPLE(CPK_CMS, type, ASN1_OBJECT),
ASN1_ADB_OBJECT(CPK_CMS)
}ASN1_NDEF_SEQUENCE_END(CPK_CMS)
IMPLEMENT_ASN1_FUNCTIONS(CPK_CMS)
