1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/lib/crmf/crmftmpl.c Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,270 @@
1.4 +/* -*- Mode: C; tab-width: 8 -*- */
1.5 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.6 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.7 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.8 +
1.9 +#include "crmf.h"
1.10 +#include "crmfi.h"
1.11 +#include "secoid.h"
1.12 +#include "secasn1.h"
1.13 +
1.14 +SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
1.15 +SEC_ASN1_MKSUB(SEC_AnyTemplate)
1.16 +SEC_ASN1_MKSUB(SEC_NullTemplate)
1.17 +SEC_ASN1_MKSUB(SEC_BitStringTemplate)
1.18 +SEC_ASN1_MKSUB(SEC_IntegerTemplate)
1.19 +SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
1.20 +SEC_ASN1_MKSUB(CERT_TimeChoiceTemplate)
1.21 +SEC_ASN1_MKSUB(CERT_SubjectPublicKeyInfoTemplate)
1.22 +SEC_ASN1_MKSUB(CERT_NameTemplate)
1.23 +
1.24 +/*
1.25 + * It's all implicit tagging.
1.26 + */
1.27 +
1.28 +const SEC_ASN1Template CRMFControlTemplate[] = {
1.29 + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFControl)},
1.30 + { SEC_ASN1_OBJECT_ID, offsetof(CRMFControl, derTag)},
1.31 + { SEC_ASN1_ANY, offsetof(CRMFControl, derValue) },
1.32 + { 0 }
1.33 +};
1.34 +
1.35 +static const SEC_ASN1Template CRMFCertExtensionTemplate[] = {
1.36 + { SEC_ASN1_SEQUENCE,
1.37 + 0, NULL, sizeof(CRMFCertExtension) },
1.38 + { SEC_ASN1_OBJECT_ID,
1.39 + offsetof(CRMFCertExtension,id) },
1.40 + { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,
1.41 + offsetof(CRMFCertExtension,critical) },
1.42 + { SEC_ASN1_OCTET_STRING,
1.43 + offsetof(CRMFCertExtension,value) },
1.44 + { 0, }
1.45 +};
1.46 +
1.47 +static const SEC_ASN1Template CRMFSequenceOfCertExtensionTemplate[] = {
1.48 + { SEC_ASN1_SEQUENCE_OF, 0, CRMFCertExtensionTemplate }
1.49 +};
1.50 +
1.51 +static const SEC_ASN1Template CRMFOptionalValidityTemplate[] = {
1.52 + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFOptionalValidity) },
1.53 + { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM |
1.54 + SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 0,
1.55 + offsetof (CRMFOptionalValidity, notBefore),
1.56 + SEC_ASN1_SUB(CERT_TimeChoiceTemplate) },
1.57 + { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM |
1.58 + SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1,
1.59 + offsetof (CRMFOptionalValidity, notAfter),
1.60 + SEC_ASN1_SUB(CERT_TimeChoiceTemplate) },
1.61 + { 0 }
1.62 +};
1.63 +
1.64 +static const SEC_ASN1Template crmfPointerToNameTemplate[] = {
1.65 + { SEC_ASN1_POINTER | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(CERT_NameTemplate)},
1.66 + { 0 }
1.67 +};
1.68 +
1.69 +static const SEC_ASN1Template CRMFCertTemplateTemplate[] = {
1.70 + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertTemplate) },
1.71 + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
1.72 + offsetof(CRMFCertTemplate, version),
1.73 + SEC_ASN1_SUB(SEC_IntegerTemplate) },
1.74 + { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1 ,
1.75 + offsetof (CRMFCertTemplate, serialNumber),
1.76 + SEC_ASN1_SUB(SEC_IntegerTemplate) },
1.77 + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
1.78 + SEC_ASN1_XTRN | 2,
1.79 + offsetof (CRMFCertTemplate, signingAlg),
1.80 + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
1.81 + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
1.82 + SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 3,
1.83 + offsetof (CRMFCertTemplate, issuer), crmfPointerToNameTemplate },
1.84 + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 4,
1.85 + offsetof (CRMFCertTemplate, validity),
1.86 + CRMFOptionalValidityTemplate },
1.87 + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
1.88 + SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 5,
1.89 + offsetof (CRMFCertTemplate, subject), crmfPointerToNameTemplate },
1.90 + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
1.91 + SEC_ASN1_XTRN | 6,
1.92 + offsetof (CRMFCertTemplate, publicKey),
1.93 + SEC_ASN1_SUB(CERT_SubjectPublicKeyInfoTemplate) },
1.94 + { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
1.95 + SEC_ASN1_XTRN | 7,
1.96 + offsetof (CRMFCertTemplate, issuerUID),
1.97 + SEC_ASN1_SUB(SEC_BitStringTemplate) },
1.98 + { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
1.99 + SEC_ASN1_XTRN | 8,
1.100 + offsetof (CRMFCertTemplate, subjectUID),
1.101 + SEC_ASN1_SUB(SEC_BitStringTemplate) },
1.102 + { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL |
1.103 + SEC_ASN1_CONTEXT_SPECIFIC | 9,
1.104 + offsetof (CRMFCertTemplate, extensions),
1.105 + CRMFSequenceOfCertExtensionTemplate },
1.106 + { 0 }
1.107 +};
1.108 +
1.109 +static const SEC_ASN1Template CRMFAttributeTemplate[] = {
1.110 + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFAttribute)},
1.111 + { SEC_ASN1_OBJECT_ID, offsetof(CRMFAttribute, derTag)},
1.112 + { SEC_ASN1_ANY, offsetof(CRMFAttribute, derValue) },
1.113 + { 0 }
1.114 +};
1.115 +
1.116 +const SEC_ASN1Template CRMFCertRequestTemplate[] = {
1.117 + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFCertRequest) },
1.118 + { SEC_ASN1_INTEGER, offsetof(CRMFCertRequest, certReqId)},
1.119 + { SEC_ASN1_INLINE, offsetof(CRMFCertRequest, certTemplate),
1.120 + CRMFCertTemplateTemplate},
1.121 + { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
1.122 + offsetof(CRMFCertRequest,controls),
1.123 + CRMFControlTemplate}, /* SEQUENCE SIZE (1...MAX)*/
1.124 + { 0 }
1.125 +};
1.126 +
1.127 +const SEC_ASN1Template CRMFCertReqMsgTemplate[] = {
1.128 + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertReqMsg) },
1.129 + { SEC_ASN1_POINTER, offsetof(CRMFCertReqMsg, certReq),
1.130 + CRMFCertRequestTemplate },
1.131 + { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
1.132 + offsetof(CRMFCertReqMsg, derPOP) },
1.133 + { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
1.134 + offsetof(CRMFCertReqMsg, regInfo),
1.135 + CRMFAttributeTemplate}, /* SEQUENCE SIZE (1...MAX)*/
1.136 + { 0 }
1.137 +};
1.138 +
1.139 +const SEC_ASN1Template CRMFCertReqMessagesTemplate[] = {
1.140 + { SEC_ASN1_SEQUENCE_OF, offsetof(CRMFCertReqMessages, messages),
1.141 + CRMFCertReqMsgTemplate, sizeof (CRMFCertReqMessages)}
1.142 +};
1.143 +
1.144 +static const SEC_ASN1Template CRMFPOPOSigningKeyInputTemplate[] = {
1.145 + { SEC_ASN1_SEQUENCE, 0, NULL,sizeof(CRMFPOPOSigningKeyInput) },
1.146 + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
1.147 + SEC_ASN1_CONTEXT_SPECIFIC | 0,
1.148 + offsetof(CRMFPOPOSigningKeyInput, authInfo.sender) },
1.149 + { SEC_ASN1_BIT_STRING | SEC_ASN1_OPTIONAL | 1,
1.150 + offsetof (CRMFPOPOSigningKeyInput, authInfo.publicKeyMAC) },
1.151 + { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
1.152 + offsetof(CRMFPOPOSigningKeyInput, publicKey),
1.153 + SEC_ASN1_SUB(CERT_SubjectPublicKeyInfoTemplate) },
1.154 + { 0 }
1.155 +};
1.156 +
1.157 +const SEC_ASN1Template CRMFRAVerifiedTemplate[] = {
1.158 + { SEC_ASN1_CONTEXT_SPECIFIC | 0 | SEC_ASN1_XTRN,
1.159 + 0,
1.160 + SEC_ASN1_SUB(SEC_NullTemplate) },
1.161 + { 0 }
1.162 +};
1.163 +
1.164 +
1.165 +/* This template will need to add POPOSigningKeyInput eventually, maybe*/
1.166 +static const SEC_ASN1Template crmfPOPOSigningKeyTemplate[] = {
1.167 + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPOPOSigningKey) },
1.168 + { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
1.169 + SEC_ASN1_XTRN | 0,
1.170 + offsetof(CRMFPOPOSigningKey, derInput),
1.171 + SEC_ASN1_SUB(SEC_AnyTemplate) },
1.172 + { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
1.173 + offsetof(CRMFPOPOSigningKey, algorithmIdentifier),
1.174 + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
1.175 + { SEC_ASN1_BIT_STRING | SEC_ASN1_XTRN,
1.176 + offsetof(CRMFPOPOSigningKey, signature),
1.177 + SEC_ASN1_SUB(SEC_BitStringTemplate) },
1.178 + { 0 }
1.179 +};
1.180 +
1.181 +const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[] = {
1.182 + { SEC_ASN1_CONTEXT_SPECIFIC | 1,
1.183 + 0,
1.184 + crmfPOPOSigningKeyTemplate},
1.185 + { 0 }
1.186 +};
1.187 +
1.188 +const SEC_ASN1Template CRMFThisMessageTemplate[] = {
1.189 + { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
1.190 + 0,
1.191 + SEC_ASN1_SUB(SEC_BitStringTemplate) },
1.192 + { 0 }
1.193 +};
1.194 +
1.195 +const SEC_ASN1Template CRMFSubsequentMessageTemplate[] = {
1.196 + { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
1.197 + 0,
1.198 + SEC_ASN1_SUB(SEC_IntegerTemplate) },
1.199 + { 0 }
1.200 +};
1.201 +
1.202 +const SEC_ASN1Template CRMFDHMACTemplate[] = {
1.203 + { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
1.204 + 0,
1.205 + SEC_ASN1_SUB(SEC_BitStringTemplate) },
1.206 + { 0 }
1.207 +};
1.208 +
1.209 +const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[] = {
1.210 + { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
1.211 + SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
1.212 + 0,
1.213 + SEC_ASN1_SUB(SEC_AnyTemplate) },
1.214 + { 0 }
1.215 +};
1.216 +
1.217 +const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[] = {
1.218 + { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
1.219 + SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 3,
1.220 + 0,
1.221 + SEC_ASN1_SUB(SEC_AnyTemplate)},
1.222 + { 0 }
1.223 +};
1.224 +
1.225 +const SEC_ASN1Template CRMFEncryptedValueTemplate[] = {
1.226 + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFEncryptedValue)},
1.227 + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
1.228 + SEC_ASN1_XTRN | 0,
1.229 + offsetof(CRMFEncryptedValue, intendedAlg),
1.230 + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
1.231 + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
1.232 + SEC_ASN1_XTRN | 1,
1.233 + offsetof (CRMFEncryptedValue, symmAlg),
1.234 + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
1.235 + { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
1.236 + SEC_ASN1_XTRN | 2,
1.237 + offsetof(CRMFEncryptedValue, encSymmKey),
1.238 + SEC_ASN1_SUB(SEC_BitStringTemplate) },
1.239 + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
1.240 + SEC_ASN1_XTRN | 3,
1.241 + offsetof(CRMFEncryptedValue, keyAlg),
1.242 + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
1.243 + { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
1.244 + SEC_ASN1_XTRN | 4,
1.245 + offsetof(CRMFEncryptedValue, valueHint),
1.246 + SEC_ASN1_SUB(SEC_OctetStringTemplate) },
1.247 + { SEC_ASN1_BIT_STRING, offsetof(CRMFEncryptedValue, encValue) },
1.248 + { 0 }
1.249 +};
1.250 +
1.251 +const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate [] = {
1.252 + { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
1.253 + SEC_ASN1_CONTEXT_SPECIFIC | 0,
1.254 + 0,
1.255 + CRMFEncryptedValueTemplate},
1.256 + { 0 }
1.257 +};
1.258 +
1.259 +static const SEC_ASN1Template CRMFSinglePubInfoTemplate[] = {
1.260 + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFSinglePubInfo)},
1.261 + { SEC_ASN1_INTEGER, offsetof(CRMFSinglePubInfo, pubMethod) },
1.262 + { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC,
1.263 + offsetof(CRMFSinglePubInfo, pubLocation) },
1.264 + { 0 }
1.265 +};
1.266 +
1.267 +static const SEC_ASN1Template CRMFPublicationInfoTemplate[] ={
1.268 + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPKIPublicationInfo) },
1.269 + { SEC_ASN1_INTEGER, offsetof(CRMFPKIPublicationInfo, action) },
1.270 + { SEC_ASN1_POINTER, offsetof(CRMFPKIPublicationInfo, pubInfos),
1.271 + CRMFSinglePubInfoTemplate},
1.272 + { 0 }
1.273 +};
