1/* 2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10#ifndef OSSL_CRYPTO_ESS_H 11# define OSSL_CRYPTO_ESS_H 12# pragma once 13 14/*- 15 * IssuerSerial ::= SEQUENCE { 16 * issuer GeneralNames, 17 * serialNumber CertificateSerialNumber 18 * } 19 */ 20 21struct ESS_issuer_serial { 22 STACK_OF(GENERAL_NAME) *issuer; 23 ASN1_INTEGER *serial; 24}; 25 26/*- 27 * ESSCertID ::= SEQUENCE { 28 * certHash Hash, 29 * issuerSerial IssuerSerial OPTIONAL 30 * } 31 */ 32 33struct ESS_cert_id { 34 ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */ 35 ESS_ISSUER_SERIAL *issuer_serial; 36}; 37 38/*- 39 * SigningCertificate ::= SEQUENCE { 40 * certs SEQUENCE OF ESSCertID, 41 * policies SEQUENCE OF PolicyInformation OPTIONAL 42 * } 43 */ 44 45struct ESS_signing_cert { 46 STACK_OF(ESS_CERT_ID) *cert_ids; 47 STACK_OF(POLICYINFO) *policy_info; 48}; 49 50/*- 51 * ESSCertIDv2 ::= SEQUENCE { 52 * hashAlgorithm AlgorithmIdentifier DEFAULT id-sha256, 53 * certHash Hash, 54 * issuerSerial IssuerSerial OPTIONAL 55 * } 56 */ 57 58struct ESS_cert_id_v2_st { 59 X509_ALGOR *hash_alg; /* Default: SHA-256 */ 60 ASN1_OCTET_STRING *hash; 61 ESS_ISSUER_SERIAL *issuer_serial; 62}; 63 64/*- 65 * SigningCertificateV2 ::= SEQUENCE { 66 * certs SEQUENCE OF ESSCertIDv2, 67 * policies SEQUENCE OF PolicyInformation OPTIONAL 68 * } 69 */ 70 71struct ESS_signing_cert_v2_st { 72 STACK_OF(ESS_CERT_ID_V2) *cert_ids; 73 STACK_OF(POLICYINFO) *policy_info; 74}; 75 76#endif /* OSSL_CRYPTO_ESS_H */ 77