Add signed receipt ASN1 structures. Initial GENERAL_NAME utility functions.

2025-04-06 20:20:50 +08:00 · 2008-03-24 22:14:02 +00:00 · 2008-03-24 22:14:02 +00:00 · be86c7fc87
commit be86c7fc87
parent 6205171362
6 changed files with 155 additions and 78 deletions
--- a/crypto/cms/cms.h
+++ b/crypto/cms/cms.h
@ -71,6 +71,8 @@ typedef struct CMS_SignerInfo_st CMS_SignerInfo;
 typedef struct CMS_CertificateChoices CMS_CertificateChoices;
 typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
 typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
+typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
+typedef struct CMS_Receipt_st CMS_Receipt;

 DECLARE_STACK_OF(CMS_SignerInfo)
 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
--- a/crypto/cms/cms_asn1.c
+++ b/crypto/cms/cms_asn1.c
@ -53,6 +53,7 @@

 #include <openssl/asn1t.h>
 #include <openssl/pem.h>
+#include <openssl/x509v3.h>
 #include "cms.h"
 #include "cms_lcl.h"

@ -357,3 +358,15 @@ ASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) =
 				V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE)
 ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify)

+
+
+ASN1_CHOICE(CMS_ReceiptsFrom) = {
+  ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0),
+  ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAME, 1)
+} ASN1_CHOICE_END(CMS_ReceiptsFrom)
+
+ASN1_SEQUENCE(CMS_ReceiptRequest) = {
+  ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING),
+  ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom)
+} ASN1_SEQUENCE_END(CMS_ReceiptRequest)
+
--- a/crypto/cms/cms_lcl.h
+++ b/crypto/cms/cms_lcl.h
@ -91,6 +91,7 @@ typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
 typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
 typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
 typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
+typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;

 struct CMS_ContentInfo_st
 	{
@ -374,6 +375,37 @@ struct CMS_OtherKeyAttribute_st
 	ASN1_TYPE *keyAttr;
 	};

+/* ESS structures */
+
+#ifdef HEADER_X509V3_H
+
+struct CMS_ReceiptRequest_st
+	{
+	ASN1_OCTET_STRING *signedContentIdentifier;
+	CMS_ReceiptsFrom *receiptsFrom;
+	GENERAL_NAMES *receiptsTo;
+	};
+
+
+struct CMS_ReceiptsFrom_st
+	{
+	int type;
+	union
+		{
+		long allOrFirstTier;
+		GENERAL_NAMES *receiptList;
+		} d;
+	};
+#endif
+
+struct CMS_Receipt_st
+	{
+	long version;
+	ASN1_OBJECT *contentType;
+	ASN1_OCTET_STRING *signedContentIdentifier;
+	ASN1_OCTET_STRING *originatorSignatureValue;
+	};
+
 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
 DECLARE_ASN1_ITEM(CMS_SignerInfo)
 DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@ -414,13 +414,108 @@ GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 	return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0);
 	}

+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
+				X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+				int gen_type, char *value, int is_nc)
+	{
+	char is_string = 0;
+	GENERAL_NAME *gen = NULL;
+
+	if(!value)
+		{
+		X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_MISSING_VALUE);
+		return NULL;
+		}
+
+	if (out)
+		gen = out;
+	else
+		{
+		gen = GENERAL_NAME_new();
+		if(gen == NULL)
+			{
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
+			return NULL;
+			}
+		}
+
+	switch (gen_type)
+		{
+		case GEN_URI:
+		case GEN_EMAIL:
+		case GEN_DNS:
+		is_string = 1;
+		break;
+		
+		case GEN_RID:
+		{
+		ASN1_OBJECT *obj;
+		if(!(obj = OBJ_txt2obj(value,0)))
+			{
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_OBJECT);
+			ERR_add_error_data(2, "value=", value);
+			goto err;
+			}
+		gen->d.rid = obj;
+		}
+
+		case GEN_IPADD:
+		if (is_nc)
+			gen->d.ip = a2i_IPADDRESS_NC(value);
+		else
+			gen->d.ip = a2i_IPADDRESS(value);
+		if(gen->d.ip == NULL)
+			{
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS);
+			ERR_add_error_data(2, "value=", value);
+			goto err;
+			}
+		break;
+
+		case GEN_DIRNAME:
+		if (!do_dirname(gen, value, ctx))
+			{
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_DIRNAME_ERROR);
+			goto err;
+			}
+		break;
+
+		case GEN_OTHERNAME:
+		if (!do_othername(gen, value, ctx))
+			{
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_OTHERNAME_ERROR);
+			goto err;
+			}
+		default:
+		X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_TYPE);
+		goto err;
+		}
+
+	if(is_string)
+		{
+		if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) ||
+			      !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
+					       strlen(value)))
+			{
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		}
+
+	gen->type = gen_type;
+
+	return gen;
+
+	err:
+	GENERAL_NAME_free(gen);
+	return NULL;
+	}
+
 GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
 				X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 						 CONF_VALUE *cnf, int is_nc)
 	{
-	char is_string = 0;
 	int type;
-	GENERAL_NAME *gen = NULL;

 	char *name, *value;

@ -433,102 +528,29 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
 		return NULL;
 		}

-	if (out)
-		gen = out;
-	else
-		{
-		gen = GENERAL_NAME_new();
-		if(gen == NULL)
-			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE);
-			return NULL;
-			}
-		}
-
 	if(!name_cmp(name, "email"))
-		{
-		is_string = 1;
 		type = GEN_EMAIL;
-		}
 	else if(!name_cmp(name, "URI"))
-		{
-		is_string = 1;
 		type = GEN_URI;
-		}
 	else if(!name_cmp(name, "DNS"))
-		{
-		is_string = 1;
 		type = GEN_DNS;
-		}
 	else if(!name_cmp(name, "RID"))
-		{
-		ASN1_OBJECT *obj;
-		if(!(obj = OBJ_txt2obj(value,0)))
-			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_OBJECT);
-			ERR_add_error_data(2, "value=", value);
-			goto err;
-			}
-		gen->d.rid = obj;
 		type = GEN_RID;
-		}
 	else if(!name_cmp(name, "IP"))
-		{
-		if (is_nc)
-			gen->d.ip = a2i_IPADDRESS_NC(value);
-		else
-			gen->d.ip = a2i_IPADDRESS(value);
-		if(gen->d.ip == NULL)
-			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_IP_ADDRESS);
-			ERR_add_error_data(2, "value=", value);
-			goto err;
-			}
 		type = GEN_IPADD;
-		}
 	else if(!name_cmp(name, "dirName"))
-		{
 		type = GEN_DIRNAME;
-		if (!do_dirname(gen, value, ctx))
-			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_DIRNAME_ERROR);
-			goto err;
-			}
-		}
 	else if(!name_cmp(name, "otherName"))
-		{
-		if (!do_othername(gen, value, ctx))
-			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_OTHERNAME_ERROR);
-			goto err;
-			}
 		type = GEN_OTHERNAME;
-		}
 	else
 		{
 		X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION);
 		ERR_add_error_data(2, "name=", name);
-		goto err;
+		return NULL;
 		}

-	if(is_string)
-		{
-		if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) ||
-			      !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
-					       strlen(value)))
-			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		}
+	return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc);

-	gen->type = type;
-
-	return gen;
-
-	err:
-	GENERAL_NAME_free(gen);
-	return NULL;
 	}

 static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
--- a/crypto/x509v3/v3err.c
+++ b/crypto/x509v3/v3err.c
@ -1,6 +1,6 @@
 /* crypto/x509v3/v3err.c */
 /* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@ -70,6 +70,7 @@

 static ERR_STRING_DATA X509V3_str_functs[]=
 	{
+{ERR_FUNC(X509V3_F_A2I_GENERAL_NAME),	"A2I_GENERAL_NAME"},
 {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE),	"ASIDENTIFIERCHOICE_CANONIZE"},
 {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL),	"ASIDENTIFIERCHOICE_IS_CANONICAL"},
 {ERR_FUNC(X509V3_F_COPY_EMAIL),	"COPY_EMAIL"},
@ -205,6 +206,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
 {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME),"unknown extension name"},
 {ERR_REASON(X509V3_R_UNKNOWN_OPTION)     ,"unknown option"},
 {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) ,"unsupported option"},
+{ERR_REASON(X509V3_R_UNSUPPORTED_TYPE)   ,"unsupported type"},
 {ERR_REASON(X509V3_R_USER_TOO_LONG)      ,"user too long"},
 {0,NULL}
 	};
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@ -553,6 +553,10 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
 DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
 DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)

+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
+				X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+				int gen_type, char *value, int is_nc);
+
 #ifdef HEADER_CONF_H
 GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 							CONF_VALUE *cnf);
@ -818,6 +822,7 @@ void ERR_load_X509V3_strings(void);
 /* Error codes for the X509V3 functions. */

 /* Function codes. */
+#define X509V3_F_A2I_GENERAL_NAME			 164
 #define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE		 161
 #define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL	 162
 #define X509V3_F_COPY_EMAIL				 122
@ -950,6 +955,7 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_R_UNKNOWN_EXTENSION_NAME			 130
 #define X509V3_R_UNKNOWN_OPTION				 120
 #define X509V3_R_UNSUPPORTED_OPTION			 117
+#define X509V3_R_UNSUPPORTED_TYPE			 167
 #define X509V3_R_USER_TOO_LONG				 132

 #ifdef  __cplusplus