Add signed receipt ASN1 structures. Initial GENERAL_NAME utility functions.
authorDr. Stephen Henson <steve@openssl.org>
Mon, 24 Mar 2008 22:14:02 +0000 (22:14 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 24 Mar 2008 22:14:02 +0000 (22:14 +0000)
crypto/cms/cms.h
crypto/cms/cms_asn1.c
crypto/cms/cms_lcl.h
crypto/x509v3/v3_alt.c
crypto/x509v3/v3err.c
crypto/x509v3/x509v3.h

index 1a316d7..797f86b 100644 (file)
@@ -71,6 +71,8 @@ typedef struct CMS_SignerInfo_st CMS_SignerInfo;
 typedef struct CMS_CertificateChoices CMS_CertificateChoices;
 typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
 typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
+typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
+typedef struct CMS_Receipt_st CMS_Receipt;
 
 DECLARE_STACK_OF(CMS_SignerInfo)
 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
index e5af9a0..bef043a 100644 (file)
@@ -53,6 +53,7 @@
 
 #include <openssl/asn1t.h>
 #include <openssl/pem.h>
+#include <openssl/x509v3.h>
 #include "cms.h"
 #include "cms_lcl.h"
 
@@ -357,3 +358,15 @@ ASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) =
                                V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE)
 ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify)
 
+
+
+ASN1_CHOICE(CMS_ReceiptsFrom) = {
+  ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0),
+  ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAME, 1)
+} ASN1_CHOICE_END(CMS_ReceiptsFrom)
+
+ASN1_SEQUENCE(CMS_ReceiptRequest) = {
+  ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING),
+  ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom)
+} ASN1_SEQUENCE_END(CMS_ReceiptRequest)
+
index f23d096..0956721 100644 (file)
@@ -91,6 +91,7 @@ typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
 typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
 typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
 typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
+typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;
 
 struct CMS_ContentInfo_st
        {
@@ -374,6 +375,37 @@ struct CMS_OtherKeyAttribute_st
        ASN1_TYPE *keyAttr;
        };
 
+/* ESS structures */
+
+#ifdef HEADER_X509V3_H
+
+struct CMS_ReceiptRequest_st
+       {
+       ASN1_OCTET_STRING *signedContentIdentifier;
+       CMS_ReceiptsFrom *receiptsFrom;
+       GENERAL_NAMES *receiptsTo;
+       };
+
+
+struct CMS_ReceiptsFrom_st
+       {
+       int type;
+       union
+               {
+               long allOrFirstTier;
+               GENERAL_NAMES *receiptList;
+               } d;
+       };
+#endif
+
+struct CMS_Receipt_st
+       {
+       long version;
+       ASN1_OBJECT *contentType;
+       ASN1_OCTET_STRING *signedContentIdentifier;
+       ASN1_OCTET_STRING *originatorSignatureValue;
+       };
+
 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
 DECLARE_ASN1_ITEM(CMS_SignerInfo)
 DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
index bb2f5bc..8e00168 100644 (file)
@@ -414,22 +414,16 @@ GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
        return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0);
        }
 
-GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
                                X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-                                                CONF_VALUE *cnf, int is_nc)
+                               int gen_type, char *value, int is_nc)
        {
        char is_string = 0;
-       int type;
        GENERAL_NAME *gen = NULL;
 
-       char *name, *value;
-
-       name = cnf->name;
-       value = cnf->value;
-
        if(!value)
                {
-               X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE);
+               X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_MISSING_VALUE);
                return NULL;
                }
 
@@ -440,74 +434,60 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
                gen = GENERAL_NAME_new();
                if(gen == NULL)
                        {
-                       X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE);
+                       X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
                        return NULL;
                        }
                }
 
-       if(!name_cmp(name, "email"))
-               {
-               is_string = 1;
-               type = GEN_EMAIL;
-               }
-       else if(!name_cmp(name, "URI"))
-               {
-               is_string = 1;
-               type = GEN_URI;
-               }
-       else if(!name_cmp(name, "DNS"))
+       switch (gen_type)
                {
+               case GEN_URI:
+               case GEN_EMAIL:
+               case GEN_DNS:
                is_string = 1;
-               type = GEN_DNS;
-               }
-       else if(!name_cmp(name, "RID"))
+               break;
+               
+               case GEN_RID:
                {
                ASN1_OBJECT *obj;
                if(!(obj = OBJ_txt2obj(value,0)))
                        {
-                       X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_OBJECT);
+                       X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_OBJECT);
                        ERR_add_error_data(2, "value=", value);
                        goto err;
                        }
                gen->d.rid = obj;
-               type = GEN_RID;
                }
-       else if(!name_cmp(name, "IP"))
-               {
+
+               case GEN_IPADD:
                if (is_nc)
                        gen->d.ip = a2i_IPADDRESS_NC(value);
                else
                        gen->d.ip = a2i_IPADDRESS(value);
                if(gen->d.ip == NULL)
                        {
-                       X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_IP_ADDRESS);
+                       X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS);
                        ERR_add_error_data(2, "value=", value);
                        goto err;
                        }
-               type = GEN_IPADD;
-               }
-       else if(!name_cmp(name, "dirName"))
-               {
-               type = GEN_DIRNAME;
+               break;
+
+               case GEN_DIRNAME:
                if (!do_dirname(gen, value, ctx))
                        {
-                       X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_DIRNAME_ERROR);
+                       X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_DIRNAME_ERROR);
                        goto err;
                        }
-               }
-       else if(!name_cmp(name, "otherName"))
-               {
+               break;
+
+               case GEN_OTHERNAME:
                if (!do_othername(gen, value, ctx))
                        {
-                       X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_OTHERNAME_ERROR);
+                       X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_OTHERNAME_ERROR);
                        goto err;
                        }
-               type = GEN_OTHERNAME;
-               }
-       else
-               {
-               X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION);
-               ERR_add_error_data(2, "name=", name);
+               default:
+               X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_TYPE);
                goto err;
                }
 
@@ -517,12 +497,12 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
                              !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
                                               strlen(value)))
                        {
-                       X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE);
+                       X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
                        goto err;
                        }
                }
 
-       gen->type = type;
+       gen->type = gen_type;
 
        return gen;
 
@@ -531,6 +511,48 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
        return NULL;
        }
 
+GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+                               X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+                                                CONF_VALUE *cnf, int is_nc)
+       {
+       int type;
+
+       char *name, *value;
+
+       name = cnf->name;
+       value = cnf->value;
+
+       if(!value)
+               {
+               X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE);
+               return NULL;
+               }
+
+       if(!name_cmp(name, "email"))
+               type = GEN_EMAIL;
+       else if(!name_cmp(name, "URI"))
+               type = GEN_URI;
+       else if(!name_cmp(name, "DNS"))
+               type = GEN_DNS;
+       else if(!name_cmp(name, "RID"))
+               type = GEN_RID;
+       else if(!name_cmp(name, "IP"))
+               type = GEN_IPADD;
+       else if(!name_cmp(name, "dirName"))
+               type = GEN_DIRNAME;
+       else if(!name_cmp(name, "otherName"))
+               type = GEN_OTHERNAME;
+       else
+               {
+               X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION);
+               ERR_add_error_data(2, "name=", name);
+               return NULL;
+               }
+
+       return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc);
+
+       }
+
 static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
        {
        char *objtmp = NULL, *p;
index c50266b..86efc4b 100644 (file)
@@ -1,6 +1,6 @@
 /* crypto/x509v3/v3err.c */
 /* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -70,6 +70,7 @@
 
 static ERR_STRING_DATA X509V3_str_functs[]=
        {
+{ERR_FUNC(X509V3_F_A2I_GENERAL_NAME),  "A2I_GENERAL_NAME"},
 {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE),       "ASIDENTIFIERCHOICE_CANONIZE"},
 {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL),   "ASIDENTIFIERCHOICE_IS_CANONICAL"},
 {ERR_FUNC(X509V3_F_COPY_EMAIL),        "COPY_EMAIL"},
@@ -205,6 +206,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
 {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME),"unknown extension name"},
 {ERR_REASON(X509V3_R_UNKNOWN_OPTION)     ,"unknown option"},
 {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) ,"unsupported option"},
+{ERR_REASON(X509V3_R_UNSUPPORTED_TYPE)   ,"unsupported type"},
 {ERR_REASON(X509V3_R_USER_TOO_LONG)      ,"user too long"},
 {0,NULL}
        };
index be0c97a..76e1a54 100644 (file)
@@ -553,6 +553,10 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
 DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
 DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
 
+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
+                               X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+                               int gen_type, char *value, int is_nc);
+
 #ifdef HEADER_CONF_H
 GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
                                                        CONF_VALUE *cnf);
@@ -818,6 +822,7 @@ void ERR_load_X509V3_strings(void);
 /* Error codes for the X509V3 functions. */
 
 /* Function codes. */
+#define X509V3_F_A2I_GENERAL_NAME                       164
 #define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE            161
 #define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL        162
 #define X509V3_F_COPY_EMAIL                             122
@@ -950,6 +955,7 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_R_UNKNOWN_EXTENSION_NAME                         130
 #define X509V3_R_UNKNOWN_OPTION                                 120
 #define X509V3_R_UNSUPPORTED_OPTION                     117
+#define X509V3_R_UNSUPPORTED_TYPE                       167
 #define X509V3_R_USER_TOO_LONG                          132
 
 #ifdef  __cplusplus