xref: /openssl/crypto/ocsp/ocsp_local.h (revision e6c2f964)
1 /*
2  * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include "crypto/x509.h" /* for ossl_x509_add_cert_new() */
11 
12 /*-  CertID ::= SEQUENCE {
13  *       hashAlgorithm            AlgorithmIdentifier,
14  *       issuerNameHash     OCTET STRING, -- Hash of Issuer's DN
15  *       issuerKeyHash      OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields)
16  *       serialNumber       CertificateSerialNumber }
17  */
18 struct ocsp_cert_id_st {
19     X509_ALGOR hashAlgorithm;
20     ASN1_OCTET_STRING issuerNameHash;
21     ASN1_OCTET_STRING issuerKeyHash;
22     ASN1_INTEGER serialNumber;
23 };
24 
25 /*-  Request ::=     SEQUENCE {
26  *       reqCert                    CertID,
27  *       singleRequestExtensions    [0] EXPLICIT Extensions OPTIONAL }
28  */
29 struct ocsp_one_request_st {
30     OCSP_CERTID *reqCert;
31     STACK_OF(X509_EXTENSION) *singleRequestExtensions;
32 };
33 
34 /*-  TBSRequest      ::=     SEQUENCE {
35  *       version             [0] EXPLICIT Version DEFAULT v1,
36  *       requestorName       [1] EXPLICIT GeneralName OPTIONAL,
37  *       requestList             SEQUENCE OF Request,
38  *       requestExtensions   [2] EXPLICIT Extensions OPTIONAL }
39  */
40 struct ocsp_req_info_st {
41     ASN1_INTEGER *version;
42     GENERAL_NAME *requestorName;
43     STACK_OF(OCSP_ONEREQ) *requestList;
44     STACK_OF(X509_EXTENSION) *requestExtensions;
45 };
46 
47 /*-  Signature       ::=     SEQUENCE {
48  *       signatureAlgorithm   AlgorithmIdentifier,
49  *       signature            BIT STRING,
50  *       certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
51  */
52 struct ocsp_signature_st {
53     X509_ALGOR signatureAlgorithm;
54     ASN1_BIT_STRING *signature;
55     STACK_OF(X509) *certs;
56 };
57 
58 /*-  OCSPRequest     ::=     SEQUENCE {
59  *       tbsRequest                  TBSRequest,
60  *       optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
61  */
62 struct ocsp_request_st {
63     OCSP_REQINFO tbsRequest;
64     OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */
65 };
66 
67 /*-  OCSPResponseStatus ::= ENUMERATED {
68  *       successful            (0),      --Response has valid confirmations
69  *       malformedRequest      (1),      --Illegal confirmation request
70  *       internalError         (2),      --Internal error in issuer
71  *       tryLater              (3),      --Try again later
72  *                                       --(4) is not used
73  *       sigRequired           (5),      --Must sign the request
74  *       unauthorized          (6)       --Request unauthorized
75  *   }
76  */
77 
78 /*-  ResponseBytes ::=       SEQUENCE {
79  *       responseType   OBJECT IDENTIFIER,
80  *       response       OCTET STRING }
81  */
82 struct ocsp_resp_bytes_st {
83     ASN1_OBJECT *responseType;
84     ASN1_OCTET_STRING *response;
85 };
86 
87 /*-  OCSPResponse ::= SEQUENCE {
88  *      responseStatus         OCSPResponseStatus,
89  *      responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
90  */
91 struct ocsp_response_st {
92     ASN1_ENUMERATED *responseStatus;
93     OCSP_RESPBYTES *responseBytes;
94 };
95 
96 /*-  ResponderID ::= CHOICE {
97  *      byName   [1] Name,
98  *      byKey    [2] KeyHash }
99  */
100 struct ocsp_responder_id_st {
101     int type;
102     union {
103         X509_NAME *byName;
104         ASN1_OCTET_STRING *byKey;
105     } value;
106 };
107 
108 /*-  KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
109  *                            --(excluding the tag and length fields)
110  */
111 
112 /*-  RevokedInfo ::= SEQUENCE {
113  *       revocationTime              GeneralizedTime,
114  *       revocationReason    [0]     EXPLICIT CRLReason OPTIONAL }
115  */
116 struct ocsp_revoked_info_st {
117     ASN1_GENERALIZEDTIME *revocationTime;
118     ASN1_ENUMERATED *revocationReason;
119 };
120 
121 /*-  CertStatus ::= CHOICE {
122  *       good                [0]     IMPLICIT NULL,
123  *       revoked             [1]     IMPLICIT RevokedInfo,
124  *       unknown             [2]     IMPLICIT UnknownInfo }
125  */
126 struct ocsp_cert_status_st {
127     int type;
128     union {
129         ASN1_NULL *good;
130         OCSP_REVOKEDINFO *revoked;
131         ASN1_NULL *unknown;
132     } value;
133 };
134 
135 /*-  SingleResponse ::= SEQUENCE {
136  *      certID                       CertID,
137  *      certStatus                   CertStatus,
138  *      thisUpdate                   GeneralizedTime,
139  *      nextUpdate           [0]     EXPLICIT GeneralizedTime OPTIONAL,
140  *      singleExtensions     [1]     EXPLICIT Extensions OPTIONAL }
141  */
142 struct ocsp_single_response_st {
143     OCSP_CERTID *certId;
144     OCSP_CERTSTATUS *certStatus;
145     ASN1_GENERALIZEDTIME *thisUpdate;
146     ASN1_GENERALIZEDTIME *nextUpdate;
147     STACK_OF(X509_EXTENSION) *singleExtensions;
148 };
149 
150 /*-  ResponseData ::= SEQUENCE {
151  *      version              [0] EXPLICIT Version DEFAULT v1,
152  *      responderID              ResponderID,
153  *      producedAt               GeneralizedTime,
154  *      responses                SEQUENCE OF SingleResponse,
155  *      responseExtensions   [1] EXPLICIT Extensions OPTIONAL }
156  */
157 struct ocsp_response_data_st {
158     ASN1_INTEGER *version;
159     OCSP_RESPID responderId;
160     ASN1_GENERALIZEDTIME *producedAt;
161     STACK_OF(OCSP_SINGLERESP) *responses;
162     STACK_OF(X509_EXTENSION) *responseExtensions;
163 };
164 
165 /*-  BasicOCSPResponse       ::= SEQUENCE {
166  *      tbsResponseData      ResponseData,
167  *      signatureAlgorithm   AlgorithmIdentifier,
168  *      signature            BIT STRING,
169  *      certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
170  */
171   /*
172    * Note 1: The value for "signature" is specified in the OCSP rfc2560 as
173    * follows: "The value for the signature SHALL be computed on the hash of
174    * the DER encoding ResponseData." This means that you must hash the
175    * DER-encoded tbsResponseData, and then run it through a crypto-signing
176    * function, which will (at least w/RSA) do a hash-'n'-private-encrypt
177    * operation.  This seems a bit odd, but that's the spec.  Also note that
178    * the data structures do not leave anywhere to independently specify the
179    * algorithm used for the initial hash. So, we look at the
180    * signature-specification algorithm, and try to do something intelligent.
181    * -- Kathy Weinhold, CertCo
182    */
183   /*
184    * Note 2: It seems that the mentioned passage from RFC 2560 (section
185    * 4.2.1) is open for interpretation.  I've done tests against another
186    * responder, and found that it doesn't do the double hashing that the RFC
187    * seems to say one should.  Therefore, all relevant functions take a flag
188    * saying which variant should be used.  -- Richard Levitte, OpenSSL team
189    * and CeloCom
190    */
191 struct ocsp_basic_response_st {
192     OCSP_RESPDATA tbsResponseData;
193     X509_ALGOR signatureAlgorithm;
194     ASN1_BIT_STRING *signature;
195     STACK_OF(X509) *certs;
196 };
197 
198 /*-
199  * CrlID ::= SEQUENCE {
200  *     crlUrl               [0]     EXPLICIT IA5String OPTIONAL,
201  *     crlNum               [1]     EXPLICIT INTEGER OPTIONAL,
202  *     crlTime              [2]     EXPLICIT GeneralizedTime OPTIONAL }
203  */
204 struct ocsp_crl_id_st {
205     ASN1_IA5STRING *crlUrl;
206     ASN1_INTEGER *crlNum;
207     ASN1_GENERALIZEDTIME *crlTime;
208 };
209 
210 /*-
211  * ServiceLocator ::= SEQUENCE {
212  *      issuer    Name,
213  *      locator   AuthorityInfoAccessSyntax OPTIONAL }
214  */
215 struct ocsp_service_locator_st {
216     X509_NAME *issuer;
217     STACK_OF(ACCESS_DESCRIPTION) *locator;
218 };
219 
220 #  define OCSP_REQUEST_sign(o, pkey, md, libctx, propq)\
221         ASN1_item_sign_ex(ASN1_ITEM_rptr(OCSP_REQINFO),\
222                           &(o)->optionalSignature->signatureAlgorithm, NULL,\
223                          (o)->optionalSignature->signature, &(o)->tbsRequest,\
224                          NULL, pkey, md, libctx, propq)
225 
226 #  define OCSP_BASICRESP_sign(o, pkey, md, d, libctx, propq)\
227         ASN1_item_sign_ex(ASN1_ITEM_rptr(OCSP_RESPDATA),\
228                           &(o)->signatureAlgorithm, NULL,\
229                           (o)->signature, &(o)->tbsResponseData,\
230                           NULL, pkey, md, libctx, propq)
231 
232 #  define OCSP_BASICRESP_sign_ctx(o, ctx, d)\
233         ASN1_item_sign_ctx(ASN1_ITEM_rptr(OCSP_RESPDATA),\
234                            &(o)->signatureAlgorithm, NULL,\
235                            (o)->signature, &(o)->tbsResponseData, ctx)
236 
237 #  define OCSP_REQUEST_verify(a, r, libctx, propq)\
238         ASN1_item_verify_ex(ASN1_ITEM_rptr(OCSP_REQINFO),\
239                             &(a)->optionalSignature->signatureAlgorithm,\
240                             (a)->optionalSignature->signature, &(a)->tbsRequest,\
241                             NULL, r, libctx, propq)
242 
243 #  define OCSP_BASICRESP_verify(a, r, libctx, propq)\
244         ASN1_item_verify_ex(ASN1_ITEM_rptr(OCSP_RESPDATA),\
245                             &(a)->signatureAlgorithm, (a)->signature,\
246                             &(a)->tbsResponseData, NULL, r, libctx, propq)
247