36 #include <openssl/asn1.h> 37 #include <openssl/asn1t.h> 38 #include <openssl/bio.h> 44 #define ASN1_APP_IMP(stname, field, type, tag) ASN1_EX_TYPE(ASN1_TFLG_IMPTAG|ASN1_TFLG_APPLICATION, tag, stname, field, type) 46 #ifndef ASN1_APP_IMP_OPT 48 #define ASN1_APP_IMP_OPT(stname, field, type, tag) ASN1_EX_TYPE(ASN1_TFLG_IMPTAG|ASN1_TFLG_APPLICATION|ASN1_TFLG_OPTIONAL, tag, stname, field, type) 50 #ifndef ASN1_APP_EXP_OPT 52 #define ASN1_APP_EXP_OPT(stname, field, type, tag) ASN1_EX_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION|ASN1_TFLG_OPTIONAL, tag, stname, field, type) 54 #ifndef ASN1_APP_IMP_SEQUENCE_OF_OPT 55 #define ASN1_APP_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \ 56 ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_IMPTAG|ASN1_TFLG_APPLICATION|ASN1_TFLG_OPTIONAL, tag, stname, field, type) 73 #define EAC_AT_CHAT_BYTES 5 74 #define EAC_AT_CHAT_BITS 38 75 #define EAC_IS_CHAT_BYTES 1 76 #define EAC_IS_CHAT_BITS 6 77 #define EAC_ST_CHAT_BYTES 1 78 #define EAC_ST_CHAT_BITS 6 92 DECLARE_ASN1_FUNCTIONS(CVC_CHAT)
121 DECLARE_ASN1_FUNCTIONS(CVC_PUBKEY)
122 DECLARE_ASN1_ITEM(CVC_PUBKEY)
142 DECLARE_ASN1_FUNCTIONS(CVC_DISCRETIONARY_DATA_TEMPLATE)
143 DECLARE_ASN1_ITEM(CVC_DISCRETIONARY_DATA_TEMPLATE)
180 STACK_OF(CVC_DISCRETIONARY_DATA_TEMPLATE) *certificate_extensions;
184 DECLARE_ASN1_FUNCTIONS(CVC_CERT_BODY)
185 DECLARE_ASN1_ITEM(CVC_CERT_BODY)
203 STACK_OF(ASN1_OCTET_STRING) *values;
231 #ifdef HAVE_PATCHED_OPENSSL 233 ASN1_UTF8STRING *plainTerms;
235 ASN1_IA5STRING *htmlTerms;
237 ASN1_OCTET_STRING *pdfTerms;
279 STACK_OF(CVC_DISCRETIONARY_DATA_TEMPLATE) *certificate_extensions;
283 DECLARE_ASN1_FUNCTIONS(CVC_CERT_REQUEST_BODY)
297 DECLARE_ASN1_FUNCTIONS(CVC_CERT_REQUEST)
315 DECLARE_ASN1_FUNCTIONS(CVC_CERT_AUTHENTICATION_REQUEST)
330 CVC_CERT *
CVC_d2i_CVC_CERT(CVC_CERT **cert,
const unsigned char **in,
long len);
350 #define CVC_CERT_dup(x) ASN1_dup_of(CVC_CERT, i2d_CVC_CERT, CVC_d2i_CVC_CERT, x) 359 #define CVC_PUBKEY_dup(x) ASN1_dup_of(CVC_PUBKEY, i2d_CVC_PUBKEY, d2i_CVC_PUBKEY, x) 368 #define CVC_CHAT_dup(x) ASN1_dup_of(CVC_CHAT, i2d_CVC_CHAT, d2i_CVC_CHAT, x) 411 CVC_pkey2pubkey(
int all_parameters,
int protocol, EVP_PKEY *key,
412 BN_CTX *bn_ctx, CVC_PUBKEY *out);
469 CVC_print(BIO *bio,
const CVC_CERT *cv,
int indent);
481 const CVC_CERT_REQUEST *request,
int indent);
493 const CVC_CERT_AUTHENTICATION_REQUEST *authentication,
int indent);
613 const CVC_CERT_AUTHENTICATION_REQUEST *authentication);
628 const unsigned int cert_desc_in_len);
640 const unsigned char *cert_desc,
size_t cert_desc_len);
EVP_PKEY * CVC_pubkey2pkey(const CVC_CERT *cert, BN_CTX *bn_ctx, EVP_PKEY *out)
Extract the public key from a CV certificate. Since EC domain parameters are only included in CVCA ce...
ASN1_OCTET_STRING * cont5
Public value (DH)/order of the base point (EC)
int i2d_CVC_CERT(CVC_CERT *a, unsigned char **out)
Convert a CV certificate description to its ASN1 representation.
Country Verifying Certificate Authority.
int CVC_print(BIO *bio, const CVC_CERT *cv, int indent)
Print CV certificate in human readable form.
CVC_CERT_REQUEST_SEQ CVC_CERT_REQUEST
Short name for CVC_CERT_REQUEST_SEQ.
The body of the CV certificate (without signature)
CVC_CERT_SEQ CVC_CERT
Short name for CVC_CERT_SEQ.
ASN1_OCTET_STRING * discretionary_data3
holds descretionary data
ASN1_INTEGER * certificate_profile_identifier
Certificate Profile of this certificate (must be 0).
ASN1_UTF8STRING * certificate_holder_reference
Reference to the holder of this certificate (in Latin1)
ASN1_OCTET_STRING * cont6
Public point (EC)
ASN1_OCTET_STRING * discretionary_data2
holds descretionary data
ASN1_OBJECT * type
OID which specifies the type of the extension.
ASN1_OCTET_STRING * unused
just a placeholder
CVC_CERT_REQUEST * request
certificate request
struct cvc_discretionary_data_template_seq_st CVC_DISCRETIONARY_DATA_TEMPLATE_SEQ
Discretionary data template, used to encode certificate extensions.
ASN1_UTF8STRING * certificate_holder_reference
Reference to the holder of this certificate request (in Latin1)
char * CVC_get_car(const CVC_CERT *cert)
Return the CAR of a CV certificate as a string.
ASN1_OCTET_STRING * outer_signature
Signature calculated over the hash of the certificate request.
int cvc_chat_print(BIO *bio, const CVC_CHAT *chat, int indent)
Print CHAT in human readable form.
ASN1_OCTET_STRING * certificate_expiration_date
Date until which the certicate is valid (YYMMDD, BCD encoded)
CVC_CERT * CVC_CERT_new(void)
Allocate memory for a CV certificate.
The actual certifcate request, consisting of the body and inner signature.
ASN1_OCTET_STRING * relative_authorization
Access rights of the terminal to which this certificate belongs.
This structure holds further information about a card verifiable certificate in human readable form...
char * CVC_get_expiration_date(const CVC_CERT *cert)
Convert the expiration date of a certificate to a string.
CVC_CERT_AUTHENTICATION_REQUEST_SEQ CVC_CERT_AUTHENTICATION_REQUEST
Short name for CVC_CERT_AUTHENTICATION_REQUEST_SEQ.
int CVC_verify_authentication_request_signatures(struct eac_ctx *ctx, const CVC_CERT_AUTHENTICATION_REQUEST *authentication)
Verify the inner and outer signature of a CV certificate request.
struct cvc_cert_request_body_seq_st CVC_CERT_REQUEST_BODY_SEQ
The body of the CV certificate request (without signature)
ASN1_PRINTABLESTRING * issuerURL
Optional URL that points to informations about the issuer of this certificate.
int CVC_verify_request_signature(const CVC_CERT_REQUEST *request)
Verify the inner signature of a CV certificate request.
Certificate Holder Authentication Template.
ASN1_PRINTABLESTRING * redirectURL
Not used.
ASN1_OCTET_STRING * cont3
Order of the subgroup (DH)/second coefficient (EC)
struct cvc_certificate_description_st CVC_CERTIFICATE_DESCRIPTION
This structure holds further information about a card verifiable certificate in human readable form...
CVC_CERT_BODY * body
Body of the certificate.
ASN1_INTEGER * certificate_profile_identifier
Certificate Profile of this certificate request (must be 0).
enum cvc_terminal_role CVC_get_role(const CVC_CHAT *chat)
Extract the terminal-type (terminal, DV, CVCA) from the CHAT.
ASN1_OCTET_STRING * cont2
Public exponent (RSA)/order of the Subgroup (DH)/first coefficient (EC)
CVC_CERT * CVC_d2i_CVC_CERT(CVC_CERT **cert, const unsigned char **in, long len)
Convert ASN1 formatted CV certificate to the internal structure.
CVC_CERT * d2i_CVC_CERT_bio(BIO *bp, CVC_CERT **cvc)
Load a CV certificate from a BIO object.
ASN1_OCTET_STRING * signature
Signature calculated over the hash of the certificate body.
ASN1_OCTET_STRING * cont4
Generator (DH)/base point (EC)
CVC_DISCRETIONARY_DATA_TEMPLATE_SEQ CVC_DISCRETIONARY_DATA_TEMPLATE
Short name for CVC_CERT_BODY_SEQ.
struct cvc_pubkey_st CVC_PUBKEY_BODY
Public key data object which may contain domain parameters.
ASN1_UTF8STRING * certificate_authority_reference
Reference to certificate authority that issued this certificate (in Latin1)
CVC_CHAT * chat
Certificate Holder Authorisation Template.
ASN1_OBJECT * oid
Object Identifier which specifies the exact protocol to be used during TA.
CVC_CERT_BODY_SEQ CVC_CERT_BODY
Short name for CVC_CERT_BODY_SEQ.
struct cvc_chat_seq_st CVC_CHAT_SEQ
Certificate Holder Authentication Template.
ASN1_OCTET_STRING * cont7
Cofactor (EC)
void CVC_CERT_free(CVC_CERT *a)
Free a CV certificate.
struct cvc_cert_request_seq_st CVC_CERT_REQUEST_SEQ
The actual certifcate request, consisting of the body and inner signature.
struct cvc_cert_seq_st CVC_CERT_SEQ
The actual certifcate, consisting of the body and a signature.
ASN1_OBJECT * terminal_type
Role of terminal to which this certificate belongs (Inspection System, Authentication Terminal or Sig...
ASN1_OCTET_STRING * inner_signature
Signature calculated over the hash of the certificate request body.
Discretionary data template, used to encode certificate extensions.
int certificate_request_print(BIO *bio, const CVC_CERT_REQUEST *request, int indent)
Print CV certificate request in human readable form.
CVC_CERT_REQUEST_BODY_SEQ CVC_CERT_REQUEST_BODY
Short name for CVC_CERT_REQUEST_BODY_SEQ.
int certificate_authentication_request_print(BIO *bio, const CVC_CERT_AUTHENTICATION_REQUEST *authentication, int indent)
Print CV certificate authentication request in human readable form.
Document Verifier (official domestic)
The actual certifcate, consisting of the body and a signature.
ASN1_OBJECT * descriptionType
Format of the description (Plain Text, PDF or HTML)
Context for the Extended Access Control protocol.
int CVC_verify_signature(const CVC_CERT *cert, int protocol, EVP_PKEY *key)
Verify the signature of a CV certificate using the public key of the certificate issuer.
ASN1_UTF8STRING * issuerName
Human readable name of the issuer of this certificate.
CVC_CHAT_SEQ CVC_CHAT
Short name for CVC_CHAT_SEQ.
int certificate_description_print(BIO *bio, const CVC_CERTIFICATE_DESCRIPTION *desc, int indent)
Print CV certificate description in human readable form.
cvc_terminal_role
Effective role of the certificate holder.
CVC_CERT_REQUEST_BODY * body
Body of the certificate request.
ASN1_TYPE * other
Otherwise formatted Terms of Usage (not specified)
ASN1_PRINTABLESTRING * subjectURL
Optional URL that points to informations about the holder of this certificate.
ASN1_OCTET_STRING * certificate_effective_date
Date the certificate was issued (YYMMDD, BCD encoded)
short CVC_get_profile_identifier(const CVC_CERT *cert)
Return the profile identifier of a CV certificate as an integer.
int CVC_check_description(const CVC_CERT *cv, const unsigned char *cert_desc_in, const unsigned int cert_desc_in_len)
Check whether or not the certificate contains the correct hash of the CV certificate description...
ASN1_UTF8STRING * certificate_authority_reference
Reference to certificate authority that issued this certificate request (in Latin1) ...
Definitions of object identifiers.
struct cvc_cert_body_seq_st CVC_CERT_BODY_SEQ
The body of the CV certificate (without signature)
CVC_PUBKEY * public_key
Public key associated with this certificate.
int cvc_chat_print_authorizations(BIO *bio, const CVC_CHAT *chat, int indent)
Print the relative authorization contained in a CHAT in human readable form.
ASN1_OCTET_STRING * discretionary_data1
holds descretionary data
const CVC_CHAT * cvc_get_chat(const CVC_CERT *cvc)
Get the CHAT contained in a CV certifcate.
The authentication request, consisting of the certificate request, certificate authority reference an...
char * CVC_get_effective_date(const CVC_CERT *cert)
Convert the effective date and expiration date, of a certificate to a string.
char * CVC_get_chr(const CVC_CERT *cert)
Return the CAR of a CV certificate as a string.
CVC_PUBKEY * public_key
Public key associated with this certificate request.
Public key data object which may contain domain parameters.
CVC_COMMCERT_SEQ * commCertificates
Contains hash values of admissible X.509 certificates of the remote terminal (optional) ...
ASN1_UTF8STRING * subjectName
Human readable name of the holder of this certificate.
Terminal (inspection system/authentication terminal/signature terminal)
Document Verifier (non-official/foreign)
The body of the CV certificate request (without signature)
struct cvc_cert_authentication_request_seq_st CVC_CERT_AUTHENTICATION_REQUEST_SEQ
The authentication request, consisting of the certificate request, certificate authority reference an...
ASN1_UTF8STRING * certificate_authority_reference
Reference to certificate authority that issued this authentication request (in Latin1) ...
BUF_MEM * CVC_hash_description(const CVC_CERT *cv, const unsigned char *cert_desc, size_t cert_desc_len)
Create a hash over a certificate's description.
ASN1_OCTET_STRING * cont1
Composite modulus (RSA)/prime modulus (DH, EC)