2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #ifndef OSSL_CRYPTO_ESS_H
11 # define OSSL_CRYPTO_ESS_H
14 /* internal ESS related stuff */
16 ESS_SIGNING_CERT *ossl_ess_signing_cert_get(PKCS7_SIGNER_INFO *si);
17 int ossl_ess_signing_cert_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);
19 ESS_SIGNING_CERT *ossl_ess_signing_cert_new_init(X509 *signcert,
20 STACK_OF(X509) *certs,
23 ESS_SIGNING_CERT_V2 *ossl_ess_signing_cert_v2_get(PKCS7_SIGNER_INFO *si);
24 int ossl_ess_signing_cert_v2_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT_V2 *sc);
26 ESS_SIGNING_CERT_V2 *ossl_ess_signing_cert_v2_new_init(const EVP_MD *hash_alg,
28 STACK_OF(X509) *certs,
31 /* Returns < 0 if certificate is not found, certificate index otherwise. */
32 int ossl_ess_find_cert_v2(const STACK_OF(ESS_CERT_ID_V2) *cert_ids,
34 int ossl_ess_find_cert(const STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
37 * IssuerSerial ::= SEQUENCE {
38 * issuer GeneralNames,
39 * serialNumber CertificateSerialNumber
43 struct ESS_issuer_serial {
44 STACK_OF(GENERAL_NAME) *issuer;
49 * ESSCertID ::= SEQUENCE {
51 * issuerSerial IssuerSerial OPTIONAL
56 ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */
57 ESS_ISSUER_SERIAL *issuer_serial;
61 * SigningCertificate ::= SEQUENCE {
62 * certs SEQUENCE OF ESSCertID,
63 * policies SEQUENCE OF PolicyInformation OPTIONAL
67 struct ESS_signing_cert {
68 STACK_OF(ESS_CERT_ID) *cert_ids;
69 STACK_OF(POLICYINFO) *policy_info;
73 * ESSCertIDv2 ::= SEQUENCE {
74 * hashAlgorithm AlgorithmIdentifier DEFAULT id-sha256,
76 * issuerSerial IssuerSerial OPTIONAL
80 struct ESS_cert_id_v2_st {
81 X509_ALGOR *hash_alg; /* Default: SHA-256 */
82 ASN1_OCTET_STRING *hash;
83 ESS_ISSUER_SERIAL *issuer_serial;
87 * SigningCertificateV2 ::= SEQUENCE {
88 * certs SEQUENCE OF ESSCertIDv2,
89 * policies SEQUENCE OF PolicyInformation OPTIONAL
93 struct ESS_signing_cert_v2_st {
94 STACK_OF(ESS_CERT_ID_V2) *cert_ids;
95 STACK_OF(POLICYINFO) *policy_info;
98 #endif /* OSSL_CRYPTO_ESS_H */