1 /* 2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /*- CertID ::= SEQUENCE { 11 * hashAlgorithm AlgorithmIdentifier, 12 * issuerNameHash OCTET STRING, -- Hash of Issuer's DN 13 * issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields) 14 * serialNumber CertificateSerialNumber } 15 */ 16 struct ocsp_cert_id_st { 17 X509_ALGOR hashAlgorithm; 18 ASN1_OCTET_STRING issuerNameHash; 19 ASN1_OCTET_STRING issuerKeyHash; 20 ASN1_INTEGER serialNumber; 21 }; 22 23 /*- Request ::= SEQUENCE { 24 * reqCert CertID, 25 * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } 26 */ 27 struct ocsp_one_request_st { 28 OCSP_CERTID *reqCert; 29 STACK_OF(X509_EXTENSION) *singleRequestExtensions; 30 }; 31 32 /*- TBSRequest ::= SEQUENCE { 33 * version [0] EXPLICIT Version DEFAULT v1, 34 * requestorName [1] EXPLICIT GeneralName OPTIONAL, 35 * requestList SEQUENCE OF Request, 36 * requestExtensions [2] EXPLICIT Extensions OPTIONAL } 37 */ 38 struct ocsp_req_info_st { 39 ASN1_INTEGER *version; 40 GENERAL_NAME *requestorName; 41 STACK_OF(OCSP_ONEREQ) *requestList; 42 STACK_OF(X509_EXTENSION) *requestExtensions; 43 }; 44 45 /*- Signature ::= SEQUENCE { 46 * signatureAlgorithm AlgorithmIdentifier, 47 * signature BIT STRING, 48 * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } 49 */ 50 struct ocsp_signature_st { 51 X509_ALGOR signatureAlgorithm; 52 ASN1_BIT_STRING *signature; 53 STACK_OF(X509) *certs; 54 }; 55 56 /*- OCSPRequest ::= SEQUENCE { 57 * tbsRequest TBSRequest, 58 * optionalSignature [0] EXPLICIT Signature OPTIONAL } 59 */ 60 struct ocsp_request_st { 61 OCSP_REQINFO tbsRequest; 62 OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */ 63 }; 64 65 /*- OCSPResponseStatus ::= ENUMERATED { 66 * successful (0), --Response has valid confirmations 67 * malformedRequest (1), --Illegal confirmation request 68 * internalError (2), --Internal error in issuer 69 * tryLater (3), --Try again later 70 * --(4) is not used 71 * sigRequired (5), --Must sign the request 72 * unauthorized (6) --Request unauthorized 73 * } 74 */ 75 76 /*- ResponseBytes ::= SEQUENCE { 77 * responseType OBJECT IDENTIFIER, 78 * response OCTET STRING } 79 */ 80 struct ocsp_resp_bytes_st { 81 ASN1_OBJECT *responseType; 82 ASN1_OCTET_STRING *response; 83 }; 84 85 /*- OCSPResponse ::= SEQUENCE { 86 * responseStatus OCSPResponseStatus, 87 * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } 88 */ 89 struct ocsp_response_st { 90 ASN1_ENUMERATED *responseStatus; 91 OCSP_RESPBYTES *responseBytes; 92 }; 93 94 /*- ResponderID ::= CHOICE { 95 * byName [1] Name, 96 * byKey [2] KeyHash } 97 */ 98 struct ocsp_responder_id_st { 99 int type; 100 union { 101 X509_NAME *byName; 102 ASN1_OCTET_STRING *byKey; 103 } value; 104 }; 105 106 /*- KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key 107 * --(excluding the tag and length fields) 108 */ 109 110 /*- RevokedInfo ::= SEQUENCE { 111 * revocationTime GeneralizedTime, 112 * revocationReason [0] EXPLICIT CRLReason OPTIONAL } 113 */ 114 struct ocsp_revoked_info_st { 115 ASN1_GENERALIZEDTIME *revocationTime; 116 ASN1_ENUMERATED *revocationReason; 117 }; 118 119 /*- CertStatus ::= CHOICE { 120 * good [0] IMPLICIT NULL, 121 * revoked [1] IMPLICIT RevokedInfo, 122 * unknown [2] IMPLICIT UnknownInfo } 123 */ 124 struct ocsp_cert_status_st { 125 int type; 126 union { 127 ASN1_NULL *good; 128 OCSP_REVOKEDINFO *revoked; 129 ASN1_NULL *unknown; 130 } value; 131 }; 132 133 /*- SingleResponse ::= SEQUENCE { 134 * certID CertID, 135 * certStatus CertStatus, 136 * thisUpdate GeneralizedTime, 137 * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL, 138 * singleExtensions [1] EXPLICIT Extensions OPTIONAL } 139 */ 140 struct ocsp_single_response_st { 141 OCSP_CERTID *certId; 142 OCSP_CERTSTATUS *certStatus; 143 ASN1_GENERALIZEDTIME *thisUpdate; 144 ASN1_GENERALIZEDTIME *nextUpdate; 145 STACK_OF(X509_EXTENSION) *singleExtensions; 146 }; 147 148 /*- ResponseData ::= SEQUENCE { 149 * version [0] EXPLICIT Version DEFAULT v1, 150 * responderID ResponderID, 151 * producedAt GeneralizedTime, 152 * responses SEQUENCE OF SingleResponse, 153 * responseExtensions [1] EXPLICIT Extensions OPTIONAL } 154 */ 155 struct ocsp_response_data_st { 156 ASN1_INTEGER *version; 157 OCSP_RESPID responderId; 158 ASN1_GENERALIZEDTIME *producedAt; 159 STACK_OF(OCSP_SINGLERESP) *responses; 160 STACK_OF(X509_EXTENSION) *responseExtensions; 161 }; 162 163 /*- BasicOCSPResponse ::= SEQUENCE { 164 * tbsResponseData ResponseData, 165 * signatureAlgorithm AlgorithmIdentifier, 166 * signature BIT STRING, 167 * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } 168 */ 169 /* 170 * Note 1: The value for "signature" is specified in the OCSP rfc2560 as 171 * follows: "The value for the signature SHALL be computed on the hash of 172 * the DER encoding ResponseData." This means that you must hash the 173 * DER-encoded tbsResponseData, and then run it through a crypto-signing 174 * function, which will (at least w/RSA) do a hash-'n'-private-encrypt 175 * operation. This seems a bit odd, but that's the spec. Also note that 176 * the data structures do not leave anywhere to independently specify the 177 * algorithm used for the initial hash. So, we look at the 178 * signature-specification algorithm, and try to do something intelligent. 179 * -- Kathy Weinhold, CertCo 180 */ 181 /* 182 * Note 2: It seems that the mentioned passage from RFC 2560 (section 183 * 4.2.1) is open for interpretation. I've done tests against another 184 * responder, and found that it doesn't do the double hashing that the RFC 185 * seems to say one should. Therefore, all relevant functions take a flag 186 * saying which variant should be used. -- Richard Levitte, OpenSSL team 187 * and CeloCom 188 */ 189 struct ocsp_basic_response_st { 190 OCSP_RESPDATA tbsResponseData; 191 X509_ALGOR signatureAlgorithm; 192 ASN1_BIT_STRING *signature; 193 STACK_OF(X509) *certs; 194 }; 195 196 /*- 197 * CrlID ::= SEQUENCE { 198 * crlUrl [0] EXPLICIT IA5String OPTIONAL, 199 * crlNum [1] EXPLICIT INTEGER OPTIONAL, 200 * crlTime [2] EXPLICIT GeneralizedTime OPTIONAL } 201 */ 202 struct ocsp_crl_id_st { 203 ASN1_IA5STRING *crlUrl; 204 ASN1_INTEGER *crlNum; 205 ASN1_GENERALIZEDTIME *crlTime; 206 }; 207 208 /*- 209 * ServiceLocator ::= SEQUENCE { 210 * issuer Name, 211 * locator AuthorityInfoAccessSyntax OPTIONAL } 212 */ 213 struct ocsp_service_locator_st { 214 X509_NAME *issuer; 215 STACK_OF(ACCESS_DESCRIPTION) *locator; 216 }; 217 218 # define OCSP_REQUEST_sign(o,pkey,md) \ 219 ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\ 220 &(o)->optionalSignature->signatureAlgorithm,NULL,\ 221 (o)->optionalSignature->signature,&(o)->tbsRequest,pkey,md) 222 223 # define OCSP_BASICRESP_sign(o,pkey,md,d) \ 224 ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),&(o)->signatureAlgorithm,\ 225 NULL,(o)->signature,&(o)->tbsResponseData,pkey,md) 226 227 # define OCSP_BASICRESP_sign_ctx(o,ctx,d) \ 228 ASN1_item_sign_ctx(ASN1_ITEM_rptr(OCSP_RESPDATA),&(o)->signatureAlgorithm,\ 229 NULL,(o)->signature,&(o)->tbsResponseData,ctx) 230 231 # define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\ 232 &(a)->optionalSignature->signatureAlgorithm,\ 233 (a)->optionalSignature->signature,&(a)->tbsRequest,r) 234 235 # define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\ 236 &(a)->signatureAlgorithm,(a)->signature,&(a)->tbsResponseData,r) 237