The Tor Browser / annotate

security/nss/lib/smime/cmsasn1.c@7e26c7da4463 (annotated)

security/nss/lib/smime/cmsasn1.c

Wed, 31 Dec 2014 06:55:50 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:55:50 +0100
changeset 2
7e26c7da4463
permissions
-rw-r--r--

Added tag UPSTREAM_283F7C6 for changeset ca08bd8f51b2

michael@0 1 /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 4
michael@0 5 /*
michael@0 6 * CMS ASN.1 templates
michael@0 7 */
michael@0 8
michael@0 9 #include "cmslocal.h"
michael@0 10
michael@0 11 #include "cert.h"
michael@0 12 #include "key.h"
michael@0 13 #include "secasn1.h"
michael@0 14 #include "secitem.h"
michael@0 15 #include "secoid.h"
michael@0 16 #include "prtime.h"
michael@0 17 #include "secerr.h"
michael@0 18
michael@0 19
michael@0 20 extern const SEC_ASN1Template nss_cms_set_of_attribute_template[];
michael@0 21
michael@0 22 SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
michael@0 23 SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
michael@0 24 SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
michael@0 25 SEC_ASN1_MKSUB(SEC_BitStringTemplate)
michael@0 26 SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
michael@0 27 SEC_ASN1_MKSUB(SEC_PointerToOctetStringTemplate)
michael@0 28 SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
michael@0 29
michael@0 30 /* -----------------------------------------------------------------------------
michael@0 31 * MESSAGE
michael@0 32 * (uses NSSCMSContentInfo)
michael@0 33 */
michael@0 34
michael@0 35 /* forward declaration */
michael@0 36 static const SEC_ASN1Template *
michael@0 37 nss_cms_choose_content_template(void *src_or_dest, PRBool encoding);
michael@0 38
michael@0 39 static const SEC_ASN1TemplateChooserPtr nss_cms_chooser
michael@0 40 = nss_cms_choose_content_template;
michael@0 41
michael@0 42 const SEC_ASN1Template NSSCMSMessageTemplate[] = {
michael@0 43 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
michael@0 44 0, NULL, sizeof(NSSCMSMessage) },
michael@0 45 { SEC_ASN1_OBJECT_ID,
michael@0 46 offsetof(NSSCMSMessage,contentInfo.contentType) },
michael@0 47 { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
michael@0 48 | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
michael@0 49 offsetof(NSSCMSMessage,contentInfo.content),
michael@0 50 &nss_cms_chooser },
michael@0 51 { 0 }
michael@0 52 };
michael@0 53
michael@0 54 static const SEC_ASN1Template NSS_PointerToCMSMessageTemplate[] = {
michael@0 55 { SEC_ASN1_POINTER, 0, NSSCMSMessageTemplate }
michael@0 56 };
michael@0 57
michael@0 58 /* -----------------------------------------------------------------------------
michael@0 59 * ENCAPSULATED & ENCRYPTED CONTENTINFO
michael@0 60 * (both use a NSSCMSContentInfo)
michael@0 61 */
michael@0 62 static const SEC_ASN1Template NSSCMSEncapsulatedContentInfoTemplate[] = {
michael@0 63 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
michael@0 64 0, NULL, sizeof(NSSCMSContentInfo) },
michael@0 65 { SEC_ASN1_OBJECT_ID,
michael@0 66 offsetof(NSSCMSContentInfo,contentType) },
michael@0 67 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_MAY_STREAM |
michael@0 68 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
michael@0 69 offsetof(NSSCMSContentInfo,rawContent),
michael@0 70 SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) },
michael@0 71 { 0 }
michael@0 72 };
michael@0 73
michael@0 74 static const SEC_ASN1Template NSSCMSEncryptedContentInfoTemplate[] = {
michael@0 75 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
michael@0 76 0, NULL, sizeof(NSSCMSContentInfo) },
michael@0 77 { SEC_ASN1_OBJECT_ID,
michael@0 78 offsetof(NSSCMSContentInfo,contentType) },
michael@0 79 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
michael@0 80 offsetof(NSSCMSContentInfo,contentEncAlg),
michael@0 81 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
michael@0 82 { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM |
michael@0 83 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
michael@0 84 offsetof(NSSCMSContentInfo,rawContent),
michael@0 85 SEC_ASN1_SUB(SEC_OctetStringTemplate) },
michael@0 86 { 0 }
michael@0 87 };
michael@0 88
michael@0 89 /* -----------------------------------------------------------------------------
michael@0 90 * SIGNED DATA
michael@0 91 */
michael@0 92
michael@0 93 const SEC_ASN1Template NSSCMSSignerInfoTemplate[];
michael@0 94
michael@0 95 const SEC_ASN1Template NSSCMSSignedDataTemplate[] = {
michael@0 96 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
michael@0 97 0, NULL, sizeof(NSSCMSSignedData) },
michael@0 98 { SEC_ASN1_INTEGER,
michael@0 99 offsetof(NSSCMSSignedData,version) },
michael@0 100 { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
michael@0 101 offsetof(NSSCMSSignedData,digestAlgorithms),
michael@0 102 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
michael@0 103 { SEC_ASN1_INLINE,
michael@0 104 offsetof(NSSCMSSignedData,contentInfo),
michael@0 105 NSSCMSEncapsulatedContentInfoTemplate },
michael@0 106 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
michael@0 107 SEC_ASN1_XTRN | 0,
michael@0 108 offsetof(NSSCMSSignedData,rawCerts),
michael@0 109 SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
michael@0 110 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
michael@0 111 SEC_ASN1_XTRN | 1,
michael@0 112 offsetof(NSSCMSSignedData,crls),
michael@0 113 SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
michael@0 114 { SEC_ASN1_SET_OF,
michael@0 115 offsetof(NSSCMSSignedData,signerInfos),
michael@0 116 NSSCMSSignerInfoTemplate },
michael@0 117 { 0 }
michael@0 118 };
michael@0 119
michael@0 120 const SEC_ASN1Template NSS_PointerToCMSSignedDataTemplate[] = {
michael@0 121 { SEC_ASN1_POINTER, 0, NSSCMSSignedDataTemplate }
michael@0 122 };
michael@0 123
michael@0 124 /* -----------------------------------------------------------------------------
michael@0 125 * signeridentifier
michael@0 126 */
michael@0 127
michael@0 128 static const SEC_ASN1Template NSSCMSSignerIdentifierTemplate[] = {
michael@0 129 { SEC_ASN1_CHOICE,
michael@0 130 offsetof(NSSCMSSignerIdentifier,identifierType), NULL,
michael@0 131 sizeof(NSSCMSSignerIdentifier) },
michael@0 132 { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
michael@0 133 offsetof(NSSCMSSignerIdentifier,id.subjectKeyID),
michael@0 134 SEC_ASN1_SUB(SEC_OctetStringTemplate) ,
michael@0 135 NSSCMSRecipientID_SubjectKeyID },
michael@0 136 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
michael@0 137 offsetof(NSSCMSSignerIdentifier,id.issuerAndSN),
michael@0 138 SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
michael@0 139 NSSCMSRecipientID_IssuerSN },
michael@0 140 { 0 }
michael@0 141 };
michael@0 142
michael@0 143 /* -----------------------------------------------------------------------------
michael@0 144 * signerinfo
michael@0 145 */
michael@0 146
michael@0 147 const SEC_ASN1Template NSSCMSSignerInfoTemplate[] = {
michael@0 148 { SEC_ASN1_SEQUENCE,
michael@0 149 0, NULL, sizeof(NSSCMSSignerInfo) },
michael@0 150 { SEC_ASN1_INTEGER,
michael@0 151 offsetof(NSSCMSSignerInfo,version) },
michael@0 152 { SEC_ASN1_INLINE,
michael@0 153 offsetof(NSSCMSSignerInfo,signerIdentifier),
michael@0 154 NSSCMSSignerIdentifierTemplate },
michael@0 155 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
michael@0 156 offsetof(NSSCMSSignerInfo,digestAlg),
michael@0 157 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
michael@0 158 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
michael@0 159 offsetof(NSSCMSSignerInfo,authAttr),
michael@0 160 nss_cms_set_of_attribute_template },
michael@0 161 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
michael@0 162 offsetof(NSSCMSSignerInfo,digestEncAlg),
michael@0 163 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
michael@0 164 { SEC_ASN1_OCTET_STRING,
michael@0 165 offsetof(NSSCMSSignerInfo,encDigest) },
michael@0 166 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
michael@0 167 offsetof(NSSCMSSignerInfo,unAuthAttr),
michael@0 168 nss_cms_set_of_attribute_template },
michael@0 169 { 0 }
michael@0 170 };
michael@0 171
michael@0 172 /* -----------------------------------------------------------------------------
michael@0 173 * ENVELOPED DATA
michael@0 174 */
michael@0 175
michael@0 176 static const SEC_ASN1Template NSSCMSOriginatorInfoTemplate[] = {
michael@0 177 { SEC_ASN1_SEQUENCE,
michael@0 178 0, NULL, sizeof(NSSCMSOriginatorInfo) },
michael@0 179 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
michael@0 180 SEC_ASN1_XTRN | 0,
michael@0 181 offsetof(NSSCMSOriginatorInfo,rawCerts),
michael@0 182 SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
michael@0 183 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
michael@0 184 SEC_ASN1_XTRN | 1,
michael@0 185 offsetof(NSSCMSOriginatorInfo,crls),
michael@0 186 SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
michael@0 187 { 0 }
michael@0 188 };
michael@0 189
michael@0 190 const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
michael@0 191
michael@0 192 const SEC_ASN1Template NSSCMSEnvelopedDataTemplate[] = {
michael@0 193 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
michael@0 194 0, NULL, sizeof(NSSCMSEnvelopedData) },
michael@0 195 { SEC_ASN1_INTEGER,
michael@0 196 offsetof(NSSCMSEnvelopedData,version) },
michael@0 197 { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
michael@0 198 offsetof(NSSCMSEnvelopedData,originatorInfo),
michael@0 199 NSSCMSOriginatorInfoTemplate },
michael@0 200 { SEC_ASN1_SET_OF,
michael@0 201 offsetof(NSSCMSEnvelopedData,recipientInfos),
michael@0 202 NSSCMSRecipientInfoTemplate },
michael@0 203 { SEC_ASN1_INLINE,
michael@0 204 offsetof(NSSCMSEnvelopedData,contentInfo),
michael@0 205 NSSCMSEncryptedContentInfoTemplate },
michael@0 206 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
michael@0 207 offsetof(NSSCMSEnvelopedData,unprotectedAttr),
michael@0 208 nss_cms_set_of_attribute_template },
michael@0 209 { 0 }
michael@0 210 };
michael@0 211
michael@0 212 const SEC_ASN1Template NSS_PointerToCMSEnvelopedDataTemplate[] = {
michael@0 213 { SEC_ASN1_POINTER, 0, NSSCMSEnvelopedDataTemplate }
michael@0 214 };
michael@0 215
michael@0 216 /* here come the 15 gazillion templates for all the v3 varieties of RecipientInfo */
michael@0 217
michael@0 218 /* -----------------------------------------------------------------------------
michael@0 219 * key transport recipient info
michael@0 220 */
michael@0 221
michael@0 222 static const SEC_ASN1Template NSSCMSRecipientIdentifierTemplate[] = {
michael@0 223 { SEC_ASN1_CHOICE,
michael@0 224 offsetof(NSSCMSRecipientIdentifier,identifierType), NULL,
michael@0 225 sizeof(NSSCMSRecipientIdentifier) },
michael@0 226 { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
michael@0 227 offsetof(NSSCMSRecipientIdentifier,id.subjectKeyID),
michael@0 228 SEC_ASN1_SUB(SEC_OctetStringTemplate) ,
michael@0 229 NSSCMSRecipientID_SubjectKeyID },
michael@0 230 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
michael@0 231 offsetof(NSSCMSRecipientIdentifier,id.issuerAndSN),
michael@0 232 SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
michael@0 233 NSSCMSRecipientID_IssuerSN },
michael@0 234 { 0 }
michael@0 235 };
michael@0 236
michael@0 237
michael@0 238 static const SEC_ASN1Template NSSCMSKeyTransRecipientInfoTemplate[] = {
michael@0 239 { SEC_ASN1_SEQUENCE,
michael@0 240 0, NULL, sizeof(NSSCMSKeyTransRecipientInfo) },
michael@0 241 { SEC_ASN1_INTEGER,
michael@0 242 offsetof(NSSCMSKeyTransRecipientInfo,version) },
michael@0 243 { SEC_ASN1_INLINE,
michael@0 244 offsetof(NSSCMSKeyTransRecipientInfo,recipientIdentifier),
michael@0 245 NSSCMSRecipientIdentifierTemplate },
michael@0 246 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
michael@0 247 offsetof(NSSCMSKeyTransRecipientInfo,keyEncAlg),
michael@0 248 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
michael@0 249 { SEC_ASN1_OCTET_STRING,
michael@0 250 offsetof(NSSCMSKeyTransRecipientInfo,encKey) },
michael@0 251 { 0 }
michael@0 252 };
michael@0 253
michael@0 254 /* -----------------------------------------------------------------------------
michael@0 255 * key agreement recipient info
michael@0 256 */
michael@0 257
michael@0 258 static const SEC_ASN1Template NSSCMSOriginatorPublicKeyTemplate[] = {
michael@0 259 { SEC_ASN1_SEQUENCE,
michael@0 260 0, NULL, sizeof(NSSCMSOriginatorPublicKey) },
michael@0 261 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
michael@0 262 offsetof(NSSCMSOriginatorPublicKey,algorithmIdentifier),
michael@0 263 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
michael@0 264 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
michael@0 265 offsetof(NSSCMSOriginatorPublicKey,publicKey),
michael@0 266 SEC_ASN1_SUB(SEC_BitStringTemplate) },
michael@0 267 { 0 }
michael@0 268 };
michael@0 269
michael@0 270
michael@0 271 static const SEC_ASN1Template NSSCMSOriginatorIdentifierOrKeyTemplate[] = {
michael@0 272 { SEC_ASN1_CHOICE,
michael@0 273 offsetof(NSSCMSOriginatorIdentifierOrKey,identifierType), NULL,
michael@0 274 sizeof(NSSCMSOriginatorIdentifierOrKey) },
michael@0 275 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
michael@0 276 offsetof(NSSCMSOriginatorIdentifierOrKey,id.issuerAndSN),
michael@0 277 SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
michael@0 278 NSSCMSOriginatorIDOrKey_IssuerSN },
michael@0 279 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
michael@0 280 SEC_ASN1_XTRN | 1,
michael@0 281 offsetof(NSSCMSOriginatorIdentifierOrKey,id.subjectKeyID),
michael@0 282 SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) ,
michael@0 283 NSSCMSOriginatorIDOrKey_SubjectKeyID },
michael@0 284 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
michael@0 285 offsetof(NSSCMSOriginatorIdentifierOrKey,id.originatorPublicKey),
michael@0 286 NSSCMSOriginatorPublicKeyTemplate,
michael@0 287 NSSCMSOriginatorIDOrKey_OriginatorPublicKey },
michael@0 288 { 0 }
michael@0 289 };
michael@0 290
michael@0 291 const SEC_ASN1Template NSSCMSRecipientKeyIdentifierTemplate[] = {
michael@0 292 { SEC_ASN1_SEQUENCE,
michael@0 293 0, NULL, sizeof(NSSCMSRecipientKeyIdentifier) },
michael@0 294 { SEC_ASN1_OCTET_STRING,
michael@0 295 offsetof(NSSCMSRecipientKeyIdentifier,subjectKeyIdentifier) },
michael@0 296 { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
michael@0 297 offsetof(NSSCMSRecipientKeyIdentifier,date) },
michael@0 298 { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
michael@0 299 offsetof(NSSCMSRecipientKeyIdentifier,other) },
michael@0 300 { 0 }
michael@0 301 };
michael@0 302
michael@0 303
michael@0 304 static const SEC_ASN1Template NSSCMSKeyAgreeRecipientIdentifierTemplate[] = {
michael@0 305 { SEC_ASN1_CHOICE,
michael@0 306 offsetof(NSSCMSKeyAgreeRecipientIdentifier,identifierType), NULL,
michael@0 307 sizeof(NSSCMSKeyAgreeRecipientIdentifier) },
michael@0 308 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
michael@0 309 offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.issuerAndSN),
michael@0 310 SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
michael@0 311 NSSCMSKeyAgreeRecipientID_IssuerSN },
michael@0 312 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
michael@0 313 offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.recipientKeyIdentifier),
michael@0 314 NSSCMSRecipientKeyIdentifierTemplate,
michael@0 315 NSSCMSKeyAgreeRecipientID_RKeyID },
michael@0 316 { 0 }
michael@0 317 };
michael@0 318
michael@0 319 static const SEC_ASN1Template NSSCMSRecipientEncryptedKeyTemplate[] = {
michael@0 320 { SEC_ASN1_SEQUENCE,
michael@0 321 0, NULL, sizeof(NSSCMSRecipientEncryptedKey) },
michael@0 322 { SEC_ASN1_INLINE,
michael@0 323 offsetof(NSSCMSRecipientEncryptedKey,recipientIdentifier),
michael@0 324 NSSCMSKeyAgreeRecipientIdentifierTemplate },
michael@0 325 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
michael@0 326 offsetof(NSSCMSRecipientEncryptedKey,encKey),
michael@0 327 SEC_ASN1_SUB(SEC_BitStringTemplate) },
michael@0 328 { 0 }
michael@0 329 };
michael@0 330
michael@0 331 static const SEC_ASN1Template NSSCMSKeyAgreeRecipientInfoTemplate[] = {
michael@0 332 { SEC_ASN1_SEQUENCE,
michael@0 333 0, NULL, sizeof(NSSCMSKeyAgreeRecipientInfo) },
michael@0 334 { SEC_ASN1_INTEGER,
michael@0 335 offsetof(NSSCMSKeyAgreeRecipientInfo,version) },
michael@0 336 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
michael@0 337 offsetof(NSSCMSKeyAgreeRecipientInfo,originatorIdentifierOrKey),
michael@0 338 NSSCMSOriginatorIdentifierOrKeyTemplate },
michael@0 339 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
michael@0 340 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
michael@0 341 offsetof(NSSCMSKeyAgreeRecipientInfo,ukm),
michael@0 342 SEC_ASN1_SUB(SEC_OctetStringTemplate) },
michael@0 343 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
michael@0 344 offsetof(NSSCMSKeyAgreeRecipientInfo,keyEncAlg),
michael@0 345 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
michael@0 346 { SEC_ASN1_SEQUENCE_OF,
michael@0 347 offsetof(NSSCMSKeyAgreeRecipientInfo,recipientEncryptedKeys),
michael@0 348 NSSCMSRecipientEncryptedKeyTemplate },
michael@0 349 { 0 }
michael@0 350 };
michael@0 351
michael@0 352 /* -----------------------------------------------------------------------------
michael@0 353 * KEK recipient info
michael@0 354 */
michael@0 355
michael@0 356 static const SEC_ASN1Template NSSCMSKEKIdentifierTemplate[] = {
michael@0 357 { SEC_ASN1_SEQUENCE,
michael@0 358 0, NULL, sizeof(NSSCMSKEKIdentifier) },
michael@0 359 { SEC_ASN1_OCTET_STRING,
michael@0 360 offsetof(NSSCMSKEKIdentifier,keyIdentifier) },
michael@0 361 { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
michael@0 362 offsetof(NSSCMSKEKIdentifier,date) },
michael@0 363 { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
michael@0 364 offsetof(NSSCMSKEKIdentifier,other) },
michael@0 365 { 0 }
michael@0 366 };
michael@0 367
michael@0 368 static const SEC_ASN1Template NSSCMSKEKRecipientInfoTemplate[] = {
michael@0 369 { SEC_ASN1_SEQUENCE,
michael@0 370 0, NULL, sizeof(NSSCMSKEKRecipientInfo) },
michael@0 371 { SEC_ASN1_INTEGER,
michael@0 372 offsetof(NSSCMSKEKRecipientInfo,version) },
michael@0 373 { SEC_ASN1_INLINE,
michael@0 374 offsetof(NSSCMSKEKRecipientInfo,kekIdentifier),
michael@0 375 NSSCMSKEKIdentifierTemplate },
michael@0 376 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
michael@0 377 offsetof(NSSCMSKEKRecipientInfo,keyEncAlg),
michael@0 378 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
michael@0 379 { SEC_ASN1_OCTET_STRING,
michael@0 380 offsetof(NSSCMSKEKRecipientInfo,encKey) },
michael@0 381 { 0 }
michael@0 382 };
michael@0 383
michael@0 384 /* -----------------------------------------------------------------------------
michael@0 385 * recipient info
michael@0 386 */
michael@0 387 const SEC_ASN1Template NSSCMSRecipientInfoTemplate[] = {
michael@0 388 { SEC_ASN1_CHOICE,
michael@0 389 offsetof(NSSCMSRecipientInfo,recipientInfoType), NULL,
michael@0 390 sizeof(NSSCMSRecipientInfo) },
michael@0 391 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
michael@0 392 offsetof(NSSCMSRecipientInfo,ri.keyAgreeRecipientInfo),
michael@0 393 NSSCMSKeyAgreeRecipientInfoTemplate,
michael@0 394 NSSCMSRecipientInfoID_KeyAgree },
michael@0 395 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
michael@0 396 offsetof(NSSCMSRecipientInfo,ri.kekRecipientInfo),
michael@0 397 NSSCMSKEKRecipientInfoTemplate,
michael@0 398 NSSCMSRecipientInfoID_KEK },
michael@0 399 { SEC_ASN1_INLINE,
michael@0 400 offsetof(NSSCMSRecipientInfo,ri.keyTransRecipientInfo),
michael@0 401 NSSCMSKeyTransRecipientInfoTemplate,
michael@0 402 NSSCMSRecipientInfoID_KeyTrans },
michael@0 403 { 0 }
michael@0 404 };
michael@0 405
michael@0 406 /* -----------------------------------------------------------------------------
michael@0 407 *
michael@0 408 */
michael@0 409
michael@0 410 const SEC_ASN1Template NSSCMSDigestedDataTemplate[] = {
michael@0 411 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
michael@0 412 0, NULL, sizeof(NSSCMSDigestedData) },
michael@0 413 { SEC_ASN1_INTEGER,
michael@0 414 offsetof(NSSCMSDigestedData,version) },
michael@0 415 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
michael@0 416 offsetof(NSSCMSDigestedData,digestAlg),
michael@0 417 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
michael@0 418 { SEC_ASN1_INLINE,
michael@0 419 offsetof(NSSCMSDigestedData,contentInfo),
michael@0 420 NSSCMSEncapsulatedContentInfoTemplate },
michael@0 421 { SEC_ASN1_OCTET_STRING,
michael@0 422 offsetof(NSSCMSDigestedData,digest) },
michael@0 423 { 0 }
michael@0 424 };
michael@0 425
michael@0 426 const SEC_ASN1Template NSS_PointerToCMSDigestedDataTemplate[] = {
michael@0 427 { SEC_ASN1_POINTER, 0, NSSCMSDigestedDataTemplate }
michael@0 428 };
michael@0 429
michael@0 430 const SEC_ASN1Template NSSCMSEncryptedDataTemplate[] = {
michael@0 431 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
michael@0 432 0, NULL, sizeof(NSSCMSEncryptedData) },
michael@0 433 { SEC_ASN1_INTEGER,
michael@0 434 offsetof(NSSCMSEncryptedData,version) },
michael@0 435 { SEC_ASN1_INLINE,
michael@0 436 offsetof(NSSCMSEncryptedData,contentInfo),
michael@0 437 NSSCMSEncryptedContentInfoTemplate },
michael@0 438 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
michael@0 439 offsetof(NSSCMSEncryptedData,unprotectedAttr),
michael@0 440 nss_cms_set_of_attribute_template },
michael@0 441 { 0 }
michael@0 442 };
michael@0 443
michael@0 444 const SEC_ASN1Template NSS_PointerToCMSEncryptedDataTemplate[] = {
michael@0 445 { SEC_ASN1_POINTER, 0, NSSCMSEncryptedDataTemplate }
michael@0 446 };
michael@0 447
michael@0 448 const SEC_ASN1Template NSSCMSGenericWrapperDataTemplate[] = {
michael@0 449 { SEC_ASN1_INLINE,
michael@0 450 offsetof(NSSCMSGenericWrapperData,contentInfo),
michael@0 451 NSSCMSEncapsulatedContentInfoTemplate },
michael@0 452 };
michael@0 453
michael@0 454 SEC_ASN1_CHOOSER_IMPLEMENT(NSSCMSGenericWrapperDataTemplate)
michael@0 455
michael@0 456 const SEC_ASN1Template NSS_PointerToCMSGenericWrapperDataTemplate[] = {
michael@0 457 { SEC_ASN1_POINTER, 0, NSSCMSGenericWrapperDataTemplate }
michael@0 458 };
michael@0 459
michael@0 460 SEC_ASN1_CHOOSER_IMPLEMENT(NSS_PointerToCMSGenericWrapperDataTemplate)
michael@0 461
michael@0 462 /* -----------------------------------------------------------------------------
michael@0 463 *
michael@0 464 */
michael@0 465 static const SEC_ASN1Template *
michael@0 466 nss_cms_choose_content_template(void *src_or_dest, PRBool encoding)
michael@0 467 {
michael@0 468 const SEC_ASN1Template *theTemplate;
michael@0 469 NSSCMSContentInfo *cinfo;
michael@0 470 SECOidTag type;
michael@0 471
michael@0 472 PORT_Assert (src_or_dest != NULL);
michael@0 473 if (src_or_dest == NULL)
michael@0 474 return NULL;
michael@0 475
michael@0 476 cinfo = (NSSCMSContentInfo *)src_or_dest;
michael@0 477 type = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
michael@0 478 switch (type) {
michael@0 479 default:
michael@0 480 theTemplate = NSS_CMSType_GetTemplate(type);
michael@0 481 break;
michael@0 482 case SEC_OID_PKCS7_DATA:
michael@0 483 theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
michael@0 484 break;
michael@0 485 case SEC_OID_PKCS7_SIGNED_DATA:
michael@0 486 theTemplate = NSS_PointerToCMSSignedDataTemplate;
michael@0 487 break;
michael@0 488 case SEC_OID_PKCS7_ENVELOPED_DATA:
michael@0 489 theTemplate = NSS_PointerToCMSEnvelopedDataTemplate;
michael@0 490 break;
michael@0 491 case SEC_OID_PKCS7_DIGESTED_DATA:
michael@0 492 theTemplate = NSS_PointerToCMSDigestedDataTemplate;
michael@0 493 break;
michael@0 494 case SEC_OID_PKCS7_ENCRYPTED_DATA:
michael@0 495 theTemplate = NSS_PointerToCMSEncryptedDataTemplate;
michael@0 496 break;
michael@0 497 }
michael@0 498 return theTemplate;
michael@0 499 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial