Add ESSCertIDv2 ASN.1 boilerplate

Guard the new code under LIBRESSL_INTERNAL to defer symbol addition and minor library bump (thanks tb). ts/ts.h bits from RFC 5035 Enhanced Security Services (ESS) Update: Adding CertID Algorithm Agility ts/ts_asn1.c bits expanded from ASN1_SEQUENCE(ESS_CERT_ID_V2) = { ASN1_OPT(ESS_CERT_ID_V2, hash_alg, X509_ALGOR), ASN1_SIMPLE(ESS_CERT_ID_V2, hash, ASN1_OCTET_STRING), ASN1_OPT(ESS_CERT_ID_V2, issuer_serial, ESS_ISSUER_SERIAL) } static_ASN1_SEQUENCE_END(ESS_CERT_ID_V2) IMPLEMENT_ASN1_FUNCTIONS_const(ESS_CERT_ID_V2) IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID_V2) ASN1_SEQUENCE(ESS_SIGNING_CERT_V2) = { ASN1_SEQUENCE_OF(ESS_SIGNING_CERT_V2, cert_ids, ESS_CERT_ID_V2), ASN1_SEQUENCE_OF_OPT(ESS_SIGNING_CERT_V2, policy_info, POLICYINFO) } static_ASN1_SEQUENCE_END(ESS_SIGNING_CERT_V2) IMPLEMENT_ASN1_FUNCTIONS_const(ESS_SIGNING_CERT_V2) IMPLEMENT_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT_V2) Feedback OK tb
author: kn <> 2022-07-16 18:36:36 +0000
committer: kn <> 2022-07-16 18:36:36 +0000
commit: 7b039faaa567c8a6e44ba9855d7cbe094e491e4d (patch)
tree: 5fba541b9e26fb4b3428ec48f9eef4b804130d4c /src/lib/libcrypto/ts/ts.h
parent: b06e85f2d9817f2e6e0ae80132f1718c07eff7cd (diff)
download: openbsd-7b039faaa567c8a6e44ba9855d7cbe094e491e4d.tar.gz
openbsd-7b039faaa567c8a6e44ba9855d7cbe094e491e4d.tar.bz2
openbsd-7b039faaa567c8a6e44ba9855d7cbe094e491e4d.zip
1 files changed, 46 insertions, 1 deletions
diff --git a/src/lib/libcrypto/ts/ts.h b/src/lib/libcrypto/ts/ts.h
index b2fe32bf77..6d4b2dd3a6 100644
--- a/src/lib/libcrypto/ts/ts.h
+++ b/src/lib/libcrypto/ts/ts.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts.h,v 1.12 2022/07/16 15:02:29 kn Exp $ */
+/* $OpenBSD: ts.h,v 1.13 2022/07/16 18:36:36 kn Exp $ */
 /* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL
 * project 2002, 2003, 2004.
 */
@@ -264,6 +264,34 @@ typedef struct ESS_signing_cert {
        STACK_OF(POLICYINFO) *policy_info;
 } ESS_SIGNING_CERT;
+#ifdef LIBRESSL_INTERNAL
+/*
+ * ESSCertIDv2 ::=  SEQUENCE {
+ *     hashAlgorithm           AlgorithmIdentifier
+ *            DEFAULT {algorithm id-sha256},
+ *     certHash                 Hash,
+ *     issuerSerial             IssuerSerial OPTIONAL }
+ */
+typedef struct ESS_cert_id_v2 {
+        X509_ALGOR *hash_alg;   /* Default SHA-256. */
+        ASN1_OCTET_STRING *hash;
+        ESS_ISSUER_SERIAL *issuer_serial;
+} ESS_CERT_ID_V2;
+DECLARE_STACK_OF(ESS_CERT_ID_V2)
+/*
+ * SigningCertificateV2 ::=  SEQUENCE {
+ *     certs        SEQUENCE OF ESSCertIDv2,
+ *     policies     SEQUENCE OF PolicyInformation OPTIONAL }
+ */
+typedef struct ESS_signing_cert_v2 {
+        STACK_OF(ESS_CERT_ID_V2) *cert_ids;
+        STACK_OF(POLICYINFO) *policy_info;
+} ESS_SIGNING_CERT_V2;
+#endif /* LIBRESSL_INTERNAL */
 TS_REQ  *TS_REQ_new(void);
 void    TS_REQ_free(TS_REQ *a);
@@ -351,6 +379,23 @@ ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a,
                    const unsigned char **pp, long length);
 ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a);
+#ifdef LIBRESSL_INTERNAL
+ESS_CERT_ID_V2 *ESS_CERT_ID_V2_new(void);
+void ESS_CERT_ID_V2_free(ESS_CERT_ID_V2 *a);
+int i2d_ESS_CERT_ID_V2(const ESS_CERT_ID_V2 *a, unsigned char **pp);
+ESS_CERT_ID_V2 *d2i_ESS_CERT_ID_V2(ESS_CERT_ID_V2 **a, const unsigned char **pp,
+    long length);
+ESS_CERT_ID_V2 *ESS_CERT_ID_V2_dup(ESS_CERT_ID_V2 *a);
+ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new(void);
+void ESS_SIGNING_CERT_V2_free(ESS_SIGNING_CERT_V2 *a);
+int i2d_ESS_SIGNING_CERT_V2(const ESS_SIGNING_CERT_V2 *a,
+    unsigned char **pp);
+ESS_SIGNING_CERT_V2 *d2i_ESS_SIGNING_CERT_V2(ESS_SIGNING_CERT_V2 **a,
+    const unsigned char **pp, long length);
+ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_dup(ESS_SIGNING_CERT_V2 *a);
+#endif /* LIBRESSL_INTERNAL */
 int TS_REQ_set_version(TS_REQ *a, long version);
 long TS_REQ_get_version(const TS_REQ *a);
author	kn <>	2022-07-16 18:36:36 +0000
committer	kn <>	2022-07-16 18:36:36 +0000
commit	7b039faaa567c8a6e44ba9855d7cbe094e491e4d (patch)
tree	5fba541b9e26fb4b3428ec48f9eef4b804130d4c /src/lib/libcrypto/ts/ts.h
parent	b06e85f2d9817f2e6e0ae80132f1718c07eff7cd (diff)
download	openbsd-7b039faaa567c8a6e44ba9855d7cbe094e491e4d.tar.gz openbsd-7b039faaa567c8a6e44ba9855d7cbe094e491e4d.tar.bz2 openbsd-7b039faaa567c8a6e44ba9855d7cbe094e491e4d.zip

diff --git a/src/lib/libcrypto/ts/ts.h b/src/lib/libcrypto/ts/ts.h index b2fe32bf77..6d4b2dd3a6 100644 --- a/src/lib/libcrypto/ts/ts.h +++ b/src/lib/libcrypto/ts/ts.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ts.h,v 1.12 2022/07/16 15:02:29 kn Exp $ */	1	/* $OpenBSD: ts.h,v 1.13 2022/07/16 18:36:36 kn Exp $ */
2	/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL	2	/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL
3	* project 2002, 2003, 2004.	3	* project 2002, 2003, 2004.
4	*/	4	*/
@@ -264,6 +264,34 @@ typedef struct ESS_signing_cert {
264	STACK_OF(POLICYINFO) *policy_info;	264	STACK_OF(POLICYINFO) *policy_info;
265	} ESS_SIGNING_CERT;	265	} ESS_SIGNING_CERT;
266		266
		267	#ifdef LIBRESSL_INTERNAL
		268	/*
		269	* ESSCertIDv2 ::= SEQUENCE {
		270	* hashAlgorithm AlgorithmIdentifier
		271	* DEFAULT {algorithm id-sha256},
		272	* certHash Hash,
		273	* issuerSerial IssuerSerial OPTIONAL }
		274	*/
		275
		276	typedef struct ESS_cert_id_v2 {
		277	X509_ALGOR hash_alg; / Default SHA-256. */
		278	ASN1_OCTET_STRING *hash;
		279	ESS_ISSUER_SERIAL *issuer_serial;
		280	} ESS_CERT_ID_V2;
		281
		282	DECLARE_STACK_OF(ESS_CERT_ID_V2)
		283
		284	/*
		285	* SigningCertificateV2 ::= SEQUENCE {
		286	* certs SEQUENCE OF ESSCertIDv2,
		287	* policies SEQUENCE OF PolicyInformation OPTIONAL }
		288	*/
		289
		290	typedef struct ESS_signing_cert_v2 {
		291	STACK_OF(ESS_CERT_ID_V2) *cert_ids;
		292	STACK_OF(POLICYINFO) *policy_info;
		293	} ESS_SIGNING_CERT_V2;
		294	#endif /* LIBRESSL_INTERNAL */
267		295
268	TS_REQ *TS_REQ_new(void);	296	TS_REQ *TS_REQ_new(void);
269	void TS_REQ_free(TS_REQ *a);	297	void TS_REQ_free(TS_REQ *a);
@@ -351,6 +379,23 @@ ESS_SIGNING_CERT d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT *a,
351	const unsigned char **pp, long length);	379	const unsigned char **pp, long length);
352	ESS_SIGNING_CERT ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT a);	380	ESS_SIGNING_CERT ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT a);
353		381
		382	#ifdef LIBRESSL_INTERNAL
		383	ESS_CERT_ID_V2 *ESS_CERT_ID_V2_new(void);
		384	void ESS_CERT_ID_V2_free(ESS_CERT_ID_V2 *a);
		385	int i2d_ESS_CERT_ID_V2(const ESS_CERT_ID_V2 a, unsigned char *pp);
		386	ESS_CERT_ID_V2 d2i_ESS_CERT_ID_V2(ESS_CERT_ID_V2 a, const unsigned char *pp,
		387	long length);
		388	ESS_CERT_ID_V2 ESS_CERT_ID_V2_dup(ESS_CERT_ID_V2 a);
		389
		390	ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new(void);
		391	void ESS_SIGNING_CERT_V2_free(ESS_SIGNING_CERT_V2 *a);
		392	int i2d_ESS_SIGNING_CERT_V2(const ESS_SIGNING_CERT_V2 *a,
		393	unsigned char **pp);
		394	ESS_SIGNING_CERT_V2 d2i_ESS_SIGNING_CERT_V2(ESS_SIGNING_CERT_V2 *a,
		395	const unsigned char **pp, long length);
		396	ESS_SIGNING_CERT_V2 ESS_SIGNING_CERT_V2_dup(ESS_SIGNING_CERT_V2 a);
		397	#endif /* LIBRESSL_INTERNAL */
		398
354	int TS_REQ_set_version(TS_REQ *a, long version);	399	int TS_REQ_set_version(TS_REQ *a, long version);
355	long TS_REQ_get_version(const TS_REQ *a);	400	long TS_REQ_get_version(const TS_REQ *a);
356		401