Add signed receipt ASN1 structures. Initial GENERAL_NAME utility functions.

be86c7fc · Dr. Stephen Henson · 62051713 · be86c7fc · be86c7fc · be86c7fc
6 changed file
--- a/crypto/cms/cms.h
+++ b/crypto/cms/cms.h
@@ -71,6 +71,8 @@ typedef struct CMS_SignerInfo_st CMS_SignerInfo;
 typedef struct CMS_CertificateChoices CMS_CertificateChoices;
 typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
 typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
+typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
+typedef struct CMS_Receipt_st CMS_Receipt;

 DECLARE_STACK_OF(CMS_SignerInfo)
 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)

--- a/crypto/cms/cms_asn1.c
+++ b/crypto/cms/cms_asn1.c
@@ -53,6 +53,7 @@

 #include <openssl/asn1t.h>
 #include <openssl/pem.h>
+#include <openssl/x509v3.h>
 #include "cms.h"
 #include "cms_lcl.h"

@@ -357,3 +358,15 @@ ASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) =
 				V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE)
 ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify)

+
+
+ASN1_CHOICE(CMS_ReceiptsFrom) = {
+  ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0),
+  ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAME, 1)
+} ASN1_CHOICE_END(CMS_ReceiptsFrom)
+
+ASN1_SEQUENCE(CMS_ReceiptRequest) = {
+  ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING),
+  ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom)
+} ASN1_SEQUENCE_END(CMS_ReceiptRequest)
+
--- a/crypto/cms/cms_lcl.h
+++ b/crypto/cms/cms_lcl.h
@@ -91,6 +91,7 @@ typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
 typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
 typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
 typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
+typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;

 struct CMS_ContentInfo_st
 	{
@@ -374,6 +375,37 @@ struct CMS_OtherKeyAttribute_st
 	ASN1_TYPE *keyAttr;
 	};

+/* ESS structures */
+
+#ifdef HEADER_X509V3_H
+
+struct CMS_ReceiptRequest_st
+	{
+	ASN1_OCTET_STRING *signedContentIdentifier;
+	CMS_ReceiptsFrom *receiptsFrom;
+	GENERAL_NAMES *receiptsTo;
+	};
+
+
+struct CMS_ReceiptsFrom_st
+	{
+	int type;
+	union
+		{
+		long allOrFirstTier;
+		GENERAL_NAMES *receiptList;
+		} d;
+	};
+#endif
+
+struct CMS_Receipt_st
+	{
+	long version;
+	ASN1_OBJECT *contentType;
+	ASN1_OCTET_STRING *signedContentIdentifier;
+	ASN1_OCTET_STRING *originatorSignatureValue;
+	};
+
 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
 DECLARE_ASN1_ITEM(CMS_SignerInfo)
 DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)

--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -414,22 +414,16 @@ GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 	return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0);
 	}

-GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
 				X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-						 CONF_VALUE *cnf, int is_nc)
+				int gen_type, char *value, int is_nc)
 	{
 	char is_string = 0;
-	int type;
 	GENERAL_NAME *gen = NULL;

-	char *name, *value;
-
-	name = cnf->name;
-	value = cnf->value;
-
 	if(!value)
 		{
-		X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE);
+		X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_MISSING_VALUE);
 		return NULL;
 		}

@@ -440,74 +434,60 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
 		gen = GENERAL_NAME_new();
 		if(gen == NULL)
 			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE);
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
 			return NULL;
 			}
 		}

-	if(!name_cmp(name, "email"))
-		{
-		is_string = 1;
-		type = GEN_EMAIL;
-		}
-	else if(!name_cmp(name, "URI"))
-		{
-		is_string = 1;
-		type = GEN_URI;
-		}
-	else if(!name_cmp(name, "DNS"))
+	switch (gen_type)
 		{
+		case GEN_URI:
+		case GEN_EMAIL:
+		case GEN_DNS:
 		is_string = 1;
-		type = GEN_DNS;
-		}
-	else if(!name_cmp(name, "RID"))
+		break;
+		
+		case GEN_RID:
 		{
 		ASN1_OBJECT *obj;
 		if(!(obj = OBJ_txt2obj(value,0)))
 			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_OBJECT);
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_OBJECT);
 			ERR_add_error_data(2, "value=", value);
 			goto err;
 			}
 		gen->d.rid = obj;
-		type = GEN_RID;
 		}
-	else if(!name_cmp(name, "IP"))
-		{
+
+		case GEN_IPADD:
 		if (is_nc)
 			gen->d.ip = a2i_IPADDRESS_NC(value);
 		else
 			gen->d.ip = a2i_IPADDRESS(value);
 		if(gen->d.ip == NULL)
 			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_BAD_IP_ADDRESS);
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS);
 			ERR_add_error_data(2, "value=", value);
 			goto err;
 			}
-		type = GEN_IPADD;
-		}
-	else if(!name_cmp(name, "dirName"))
-		{
-		type = GEN_DIRNAME;
+		break;
+
+		case GEN_DIRNAME:
 		if (!do_dirname(gen, value, ctx))
 			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_DIRNAME_ERROR);
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_DIRNAME_ERROR);
 			goto err;
 			}
-		}
-	else if(!name_cmp(name, "otherName"))
-		{
+		break;
+
+		case GEN_OTHERNAME:
 		if (!do_othername(gen, value, ctx))
 			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_OTHERNAME_ERROR);
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_OTHERNAME_ERROR);
 			goto err;
 			}
-		type = GEN_OTHERNAME;
-		}
-	else
-		{
-		X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION);
-		ERR_add_error_data(2, "name=", name);
+		default:
+		X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_TYPE);
 		goto err;
 		}

@@ -517,12 +497,12 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
 			      !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
 					       strlen(value)))
 			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,ERR_R_MALLOC_FAILURE);
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
 			goto err;
 			}
 		}

-	gen->type = type;
+	gen->type = gen_type;

 	return gen;

@@ -531,6 +511,48 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
 	return NULL;
 	}

+GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+				X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+						 CONF_VALUE *cnf, int is_nc)
+	{
+	int type;
+
+	char *name, *value;
+
+	name = cnf->name;
+	value = cnf->value;
+
+	if(!value)
+		{
+		X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE);
+		return NULL;
+		}
+
+	if(!name_cmp(name, "email"))
+		type = GEN_EMAIL;
+	else if(!name_cmp(name, "URI"))
+		type = GEN_URI;
+	else if(!name_cmp(name, "DNS"))
+		type = GEN_DNS;
+	else if(!name_cmp(name, "RID"))
+		type = GEN_RID;
+	else if(!name_cmp(name, "IP"))
+		type = GEN_IPADD;
+	else if(!name_cmp(name, "dirName"))
+		type = GEN_DIRNAME;
+	else if(!name_cmp(name, "otherName"))
+		type = GEN_OTHERNAME;
+	else
+		{
+		X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION);
+		ERR_add_error_data(2, "name=", name);
+		return NULL;
+		}
+
+	return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc);
+
+	}
+
 static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
 	{
 	char *objtmp = NULL, *p;

--- a/crypto/x509v3/v3err.c
+++ b/crypto/x509v3/v3err.c
 /* crypto/x509v3/v3err.c */
 /* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -70,6 +70,7 @@

 static ERR_STRING_DATA X509V3_str_functs[]=
 	{
+{ERR_FUNC(X509V3_F_A2I_GENERAL_NAME),	"A2I_GENERAL_NAME"},
 {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE),	"ASIDENTIFIERCHOICE_CANONIZE"},
 {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL),	"ASIDENTIFIERCHOICE_IS_CANONICAL"},
 {ERR_FUNC(X509V3_F_COPY_EMAIL),	"COPY_EMAIL"},
@@ -205,6 +206,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
 {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME),"unknown extension name"},
 {ERR_REASON(X509V3_R_UNKNOWN_OPTION)     ,"unknown option"},
 {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) ,"unsupported option"},
+{ERR_REASON(X509V3_R_UNSUPPORTED_TYPE)   ,"unsupported type"},
 {ERR_REASON(X509V3_R_USER_TOO_LONG)      ,"user too long"},
 {0,NULL}
 	};

--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -553,6 +553,10 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
 DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
 DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)

+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
+				X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+				int gen_type, char *value, int is_nc);
+
 #ifdef HEADER_CONF_H
 GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 							CONF_VALUE *cnf);
@@ -818,6 +822,7 @@ void ERR_load_X509V3_strings(void);
 /* Error codes for the X509V3 functions. */

 /* Function codes. */
+#define X509V3_F_A2I_GENERAL_NAME			 164
 #define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE		 161
 #define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL	 162
 #define X509V3_F_COPY_EMAIL				 122
@@ -950,6 +955,7 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_R_UNKNOWN_EXTENSION_NAME			 130
 #define X509V3_R_UNKNOWN_OPTION				 120
 #define X509V3_R_UNSUPPORTED_OPTION			 117
+#define X509V3_R_UNSUPPORTED_TYPE			 167
 #define X509V3_R_USER_TOO_LONG				 132

 #ifdef  __cplusplus