michael@0: /* -*- Mode: C; tab-width: 8 -*- */ michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: #include "crmf.h" michael@0: #include "crmfi.h" michael@0: #include "secoid.h" michael@0: #include "secasn1.h" michael@0: michael@0: SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) michael@0: SEC_ASN1_MKSUB(SEC_AnyTemplate) michael@0: SEC_ASN1_MKSUB(SEC_NullTemplate) michael@0: SEC_ASN1_MKSUB(SEC_BitStringTemplate) michael@0: SEC_ASN1_MKSUB(SEC_IntegerTemplate) michael@0: SEC_ASN1_MKSUB(SEC_OctetStringTemplate) michael@0: SEC_ASN1_MKSUB(CERT_TimeChoiceTemplate) michael@0: SEC_ASN1_MKSUB(CERT_SubjectPublicKeyInfoTemplate) michael@0: SEC_ASN1_MKSUB(CERT_NameTemplate) michael@0: michael@0: /* michael@0: * It's all implicit tagging. michael@0: */ michael@0: michael@0: const SEC_ASN1Template CRMFControlTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFControl)}, michael@0: { SEC_ASN1_OBJECT_ID, offsetof(CRMFControl, derTag)}, michael@0: { SEC_ASN1_ANY, offsetof(CRMFControl, derValue) }, michael@0: { 0 } michael@0: }; michael@0: michael@0: static const SEC_ASN1Template CRMFCertExtensionTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE, michael@0: 0, NULL, sizeof(CRMFCertExtension) }, michael@0: { SEC_ASN1_OBJECT_ID, michael@0: offsetof(CRMFCertExtension,id) }, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, michael@0: offsetof(CRMFCertExtension,critical) }, michael@0: { SEC_ASN1_OCTET_STRING, michael@0: offsetof(CRMFCertExtension,value) }, michael@0: { 0, } michael@0: }; michael@0: michael@0: static const SEC_ASN1Template CRMFSequenceOfCertExtensionTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE_OF, 0, CRMFCertExtensionTemplate } michael@0: }; michael@0: michael@0: static const SEC_ASN1Template CRMFOptionalValidityTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFOptionalValidity) }, michael@0: { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM | michael@0: SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 0, michael@0: offsetof (CRMFOptionalValidity, notBefore), michael@0: SEC_ASN1_SUB(CERT_TimeChoiceTemplate) }, michael@0: { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM | michael@0: SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1, michael@0: offsetof (CRMFOptionalValidity, notAfter), michael@0: SEC_ASN1_SUB(CERT_TimeChoiceTemplate) }, michael@0: { 0 } michael@0: }; michael@0: michael@0: static const SEC_ASN1Template crmfPointerToNameTemplate[] = { michael@0: { SEC_ASN1_POINTER | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(CERT_NameTemplate)}, michael@0: { 0 } michael@0: }; michael@0: michael@0: static const SEC_ASN1Template CRMFCertTemplateTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertTemplate) }, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, michael@0: offsetof(CRMFCertTemplate, version), michael@0: SEC_ASN1_SUB(SEC_IntegerTemplate) }, michael@0: { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1 , michael@0: offsetof (CRMFCertTemplate, serialNumber), michael@0: SEC_ASN1_SUB(SEC_IntegerTemplate) }, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | michael@0: SEC_ASN1_XTRN | 2, michael@0: offsetof (CRMFCertTemplate, signingAlg), michael@0: SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | michael@0: SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 3, michael@0: offsetof (CRMFCertTemplate, issuer), crmfPointerToNameTemplate }, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 4, michael@0: offsetof (CRMFCertTemplate, validity), michael@0: CRMFOptionalValidityTemplate }, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | michael@0: SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 5, michael@0: offsetof (CRMFCertTemplate, subject), crmfPointerToNameTemplate }, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | michael@0: SEC_ASN1_XTRN | 6, michael@0: offsetof (CRMFCertTemplate, publicKey), michael@0: SEC_ASN1_SUB(CERT_SubjectPublicKeyInfoTemplate) }, michael@0: { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | michael@0: SEC_ASN1_XTRN | 7, michael@0: offsetof (CRMFCertTemplate, issuerUID), michael@0: SEC_ASN1_SUB(SEC_BitStringTemplate) }, michael@0: { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | michael@0: SEC_ASN1_XTRN | 8, michael@0: offsetof (CRMFCertTemplate, subjectUID), michael@0: SEC_ASN1_SUB(SEC_BitStringTemplate) }, michael@0: { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | michael@0: SEC_ASN1_CONTEXT_SPECIFIC | 9, michael@0: offsetof (CRMFCertTemplate, extensions), michael@0: CRMFSequenceOfCertExtensionTemplate }, michael@0: { 0 } michael@0: }; michael@0: michael@0: static const SEC_ASN1Template CRMFAttributeTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFAttribute)}, michael@0: { SEC_ASN1_OBJECT_ID, offsetof(CRMFAttribute, derTag)}, michael@0: { SEC_ASN1_ANY, offsetof(CRMFAttribute, derValue) }, michael@0: { 0 } michael@0: }; michael@0: michael@0: const SEC_ASN1Template CRMFCertRequestTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFCertRequest) }, michael@0: { SEC_ASN1_INTEGER, offsetof(CRMFCertRequest, certReqId)}, michael@0: { SEC_ASN1_INLINE, offsetof(CRMFCertRequest, certTemplate), michael@0: CRMFCertTemplateTemplate}, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF, michael@0: offsetof(CRMFCertRequest,controls), michael@0: CRMFControlTemplate}, /* SEQUENCE SIZE (1...MAX)*/ michael@0: { 0 } michael@0: }; michael@0: michael@0: const SEC_ASN1Template CRMFCertReqMsgTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertReqMsg) }, michael@0: { SEC_ASN1_POINTER, offsetof(CRMFCertReqMsg, certReq), michael@0: CRMFCertRequestTemplate }, michael@0: { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL, michael@0: offsetof(CRMFCertReqMsg, derPOP) }, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF, michael@0: offsetof(CRMFCertReqMsg, regInfo), michael@0: CRMFAttributeTemplate}, /* SEQUENCE SIZE (1...MAX)*/ michael@0: { 0 } michael@0: }; michael@0: michael@0: const SEC_ASN1Template CRMFCertReqMessagesTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE_OF, offsetof(CRMFCertReqMessages, messages), michael@0: CRMFCertReqMsgTemplate, sizeof (CRMFCertReqMessages)} michael@0: }; michael@0: michael@0: static const SEC_ASN1Template CRMFPOPOSigningKeyInputTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE, 0, NULL,sizeof(CRMFPOPOSigningKeyInput) }, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | michael@0: SEC_ASN1_CONTEXT_SPECIFIC | 0, michael@0: offsetof(CRMFPOPOSigningKeyInput, authInfo.sender) }, michael@0: { SEC_ASN1_BIT_STRING | SEC_ASN1_OPTIONAL | 1, michael@0: offsetof (CRMFPOPOSigningKeyInput, authInfo.publicKeyMAC) }, michael@0: { SEC_ASN1_INLINE | SEC_ASN1_XTRN, michael@0: offsetof(CRMFPOPOSigningKeyInput, publicKey), michael@0: SEC_ASN1_SUB(CERT_SubjectPublicKeyInfoTemplate) }, michael@0: { 0 } michael@0: }; michael@0: michael@0: const SEC_ASN1Template CRMFRAVerifiedTemplate[] = { michael@0: { SEC_ASN1_CONTEXT_SPECIFIC | 0 | SEC_ASN1_XTRN, michael@0: 0, michael@0: SEC_ASN1_SUB(SEC_NullTemplate) }, michael@0: { 0 } michael@0: }; michael@0: michael@0: michael@0: /* This template will need to add POPOSigningKeyInput eventually, maybe*/ michael@0: static const SEC_ASN1Template crmfPOPOSigningKeyTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPOPOSigningKey) }, michael@0: { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | michael@0: SEC_ASN1_XTRN | 0, michael@0: offsetof(CRMFPOPOSigningKey, derInput), michael@0: SEC_ASN1_SUB(SEC_AnyTemplate) }, michael@0: { SEC_ASN1_POINTER | SEC_ASN1_XTRN, michael@0: offsetof(CRMFPOPOSigningKey, algorithmIdentifier), michael@0: SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, michael@0: { SEC_ASN1_BIT_STRING | SEC_ASN1_XTRN, michael@0: offsetof(CRMFPOPOSigningKey, signature), michael@0: SEC_ASN1_SUB(SEC_BitStringTemplate) }, michael@0: { 0 } michael@0: }; michael@0: michael@0: const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[] = { michael@0: { SEC_ASN1_CONTEXT_SPECIFIC | 1, michael@0: 0, michael@0: crmfPOPOSigningKeyTemplate}, michael@0: { 0 } michael@0: }; michael@0: michael@0: const SEC_ASN1Template CRMFThisMessageTemplate[] = { michael@0: { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, michael@0: 0, michael@0: SEC_ASN1_SUB(SEC_BitStringTemplate) }, michael@0: { 0 } michael@0: }; michael@0: michael@0: const SEC_ASN1Template CRMFSubsequentMessageTemplate[] = { michael@0: { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1, michael@0: 0, michael@0: SEC_ASN1_SUB(SEC_IntegerTemplate) }, michael@0: { 0 } michael@0: }; michael@0: michael@0: const SEC_ASN1Template CRMFDHMACTemplate[] = { michael@0: { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2, michael@0: 0, michael@0: SEC_ASN1_SUB(SEC_BitStringTemplate) }, michael@0: { 0 } michael@0: }; michael@0: michael@0: const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[] = { michael@0: { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | michael@0: SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2, michael@0: 0, michael@0: SEC_ASN1_SUB(SEC_AnyTemplate) }, michael@0: { 0 } michael@0: }; michael@0: michael@0: const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[] = { michael@0: { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | michael@0: SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 3, michael@0: 0, michael@0: SEC_ASN1_SUB(SEC_AnyTemplate)}, michael@0: { 0 } michael@0: }; michael@0: michael@0: const SEC_ASN1Template CRMFEncryptedValueTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFEncryptedValue)}, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | michael@0: SEC_ASN1_XTRN | 0, michael@0: offsetof(CRMFEncryptedValue, intendedAlg), michael@0: SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | michael@0: SEC_ASN1_XTRN | 1, michael@0: offsetof (CRMFEncryptedValue, symmAlg), michael@0: SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, michael@0: { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | michael@0: SEC_ASN1_XTRN | 2, michael@0: offsetof(CRMFEncryptedValue, encSymmKey), michael@0: SEC_ASN1_SUB(SEC_BitStringTemplate) }, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | michael@0: SEC_ASN1_XTRN | 3, michael@0: offsetof(CRMFEncryptedValue, keyAlg), michael@0: SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, michael@0: { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | michael@0: SEC_ASN1_XTRN | 4, michael@0: offsetof(CRMFEncryptedValue, valueHint), michael@0: SEC_ASN1_SUB(SEC_OctetStringTemplate) }, michael@0: { SEC_ASN1_BIT_STRING, offsetof(CRMFEncryptedValue, encValue) }, michael@0: { 0 } michael@0: }; michael@0: michael@0: const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate [] = { michael@0: { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | michael@0: SEC_ASN1_CONTEXT_SPECIFIC | 0, michael@0: 0, michael@0: CRMFEncryptedValueTemplate}, michael@0: { 0 } michael@0: }; michael@0: michael@0: static const SEC_ASN1Template CRMFSinglePubInfoTemplate[] = { michael@0: { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFSinglePubInfo)}, michael@0: { SEC_ASN1_INTEGER, offsetof(CRMFSinglePubInfo, pubMethod) }, michael@0: { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC, michael@0: offsetof(CRMFSinglePubInfo, pubLocation) }, michael@0: { 0 } michael@0: }; michael@0: michael@0: static const SEC_ASN1Template CRMFPublicationInfoTemplate[] ={ michael@0: { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPKIPublicationInfo) }, michael@0: { SEC_ASN1_INTEGER, offsetof(CRMFPKIPublicationInfo, action) }, michael@0: { SEC_ASN1_POINTER, offsetof(CRMFPKIPublicationInfo, pubInfos), michael@0: CRMFSinglePubInfoTemplate}, michael@0: { 0 } michael@0: };