1 /* -*- Mode: C; tab-width: 8 -*- */ 2 /* This Source Code Form is subject to the terms of the Mozilla Public 3 * License, v. 2.0. If a copy of the MPL was not distributed with this 4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 5 6 #include "crmf.h" 7 #include "crmfi.h" 8 #include "secoid.h" 9 #include "secasn1.h" 10 11 SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) 12 SEC_ASN1_MKSUB(SEC_AnyTemplate) 13 SEC_ASN1_MKSUB(SEC_NullTemplate) 14 SEC_ASN1_MKSUB(SEC_BitStringTemplate) 15 SEC_ASN1_MKSUB(SEC_IntegerTemplate) 16 SEC_ASN1_MKSUB(SEC_OctetStringTemplate) 17 SEC_ASN1_MKSUB(CERT_TimeChoiceTemplate) 18 SEC_ASN1_MKSUB(CERT_SubjectPublicKeyInfoTemplate) 19 SEC_ASN1_MKSUB(CERT_NameTemplate) 20 21 /* 22 * It's all implicit tagging. 23 */ 24 25 const SEC_ASN1Template CRMFControlTemplate[] = { 26 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFControl) }, 27 { SEC_ASN1_OBJECT_ID, offsetof(CRMFControl, derTag) }, 28 { SEC_ASN1_ANY, offsetof(CRMFControl, derValue) }, 29 { 0 } 30 }; 31 32 static const SEC_ASN1Template CRMFCertExtensionTemplate[] = { 33 { SEC_ASN1_SEQUENCE, 34 0, NULL, sizeof(CRMFCertExtension) }, 35 { SEC_ASN1_OBJECT_ID, 36 offsetof(CRMFCertExtension, id) }, 37 { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, 38 offsetof(CRMFCertExtension, critical) }, 39 { SEC_ASN1_OCTET_STRING, 40 offsetof(CRMFCertExtension, value) }, 41 { 0 } 42 }; 43 44 static const SEC_ASN1Template CRMFSequenceOfCertExtensionTemplate[] = { 45 { SEC_ASN1_SEQUENCE_OF, 0, CRMFCertExtensionTemplate } 46 }; 47 48 static const SEC_ASN1Template CRMFOptionalValidityTemplate[] = { 49 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFOptionalValidity) }, 50 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM | 51 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 0, 52 offsetof(CRMFOptionalValidity, notBefore), 53 SEC_ASN1_SUB(CERT_TimeChoiceTemplate) }, 54 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM | 55 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1, 56 offsetof(CRMFOptionalValidity, notAfter), 57 SEC_ASN1_SUB(CERT_TimeChoiceTemplate) }, 58 { 0 } 59 }; 60 61 static const SEC_ASN1Template crmfPointerToNameTemplate[] = { 62 { SEC_ASN1_POINTER | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(CERT_NameTemplate) }, 63 { 0 } 64 }; 65 66 static const SEC_ASN1Template CRMFCertTemplateTemplate[] = { 67 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertTemplate) }, 68 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, 69 offsetof(CRMFCertTemplate, version), 70 SEC_ASN1_SUB(SEC_IntegerTemplate) }, 71 { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1, 72 offsetof(CRMFCertTemplate, serialNumber), 73 SEC_ASN1_SUB(SEC_IntegerTemplate) }, 74 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 75 SEC_ASN1_XTRN | 2, 76 offsetof(CRMFCertTemplate, signingAlg), 77 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, 78 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 79 SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 3, 80 offsetof(CRMFCertTemplate, issuer), crmfPointerToNameTemplate }, 81 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 4, 82 offsetof(CRMFCertTemplate, validity), 83 CRMFOptionalValidityTemplate }, 84 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 85 SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 5, 86 offsetof(CRMFCertTemplate, subject), crmfPointerToNameTemplate }, 87 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 88 SEC_ASN1_XTRN | 6, 89 offsetof(CRMFCertTemplate, publicKey), 90 SEC_ASN1_SUB(CERT_SubjectPublicKeyInfoTemplate) }, 91 { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | 92 SEC_ASN1_XTRN | 7, 93 offsetof(CRMFCertTemplate, issuerUID), 94 SEC_ASN1_SUB(SEC_BitStringTemplate) }, 95 { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | 96 SEC_ASN1_XTRN | 8, 97 offsetof(CRMFCertTemplate, subjectUID), 98 SEC_ASN1_SUB(SEC_BitStringTemplate) }, 99 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | 100 SEC_ASN1_CONTEXT_SPECIFIC | 9, 101 offsetof(CRMFCertTemplate, extensions), 102 CRMFSequenceOfCertExtensionTemplate }, 103 { 0 } 104 }; 105 106 static const SEC_ASN1Template CRMFAttributeTemplate[] = { 107 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFAttribute) }, 108 { SEC_ASN1_OBJECT_ID, offsetof(CRMFAttribute, derTag) }, 109 { SEC_ASN1_ANY, offsetof(CRMFAttribute, derValue) }, 110 { 0 } 111 }; 112 113 const SEC_ASN1Template CRMFCertRequestTemplate[] = { 114 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertRequest) }, 115 { SEC_ASN1_INTEGER, offsetof(CRMFCertRequest, certReqId) }, 116 { SEC_ASN1_INLINE, offsetof(CRMFCertRequest, certTemplate), 117 CRMFCertTemplateTemplate }, 118 { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF, 119 offsetof(CRMFCertRequest, controls), 120 CRMFControlTemplate }, /* SEQUENCE SIZE (1...MAX)*/ 121 { 0 } 122 }; 123 124 const SEC_ASN1Template CRMFCertReqMsgTemplate[] = { 125 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertReqMsg) }, 126 { SEC_ASN1_POINTER, offsetof(CRMFCertReqMsg, certReq), 127 CRMFCertRequestTemplate }, 128 { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL, 129 offsetof(CRMFCertReqMsg, derPOP) }, 130 { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF, 131 offsetof(CRMFCertReqMsg, regInfo), 132 CRMFAttributeTemplate }, /* SEQUENCE SIZE (1...MAX)*/ 133 { 0 } 134 }; 135 136 const SEC_ASN1Template CRMFCertReqMessagesTemplate[] = { 137 { SEC_ASN1_SEQUENCE_OF, offsetof(CRMFCertReqMessages, messages), 138 CRMFCertReqMsgTemplate, sizeof(CRMFCertReqMessages) } 139 }; 140 141 const SEC_ASN1Template CRMFRAVerifiedTemplate[] = { 142 { SEC_ASN1_CONTEXT_SPECIFIC | 0 | SEC_ASN1_XTRN, 143 0, 144 SEC_ASN1_SUB(SEC_NullTemplate) }, 145 { 0 } 146 }; 147 148 /* This template will need to add POPOSigningKeyInput eventually, maybe*/ 149 static const SEC_ASN1Template crmfPOPOSigningKeyTemplate[] = { 150 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPOPOSigningKey) }, 151 { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 152 SEC_ASN1_XTRN | 0, 153 offsetof(CRMFPOPOSigningKey, derInput), 154 SEC_ASN1_SUB(SEC_AnyTemplate) }, 155 { SEC_ASN1_POINTER | SEC_ASN1_XTRN, 156 offsetof(CRMFPOPOSigningKey, algorithmIdentifier), 157 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, 158 { SEC_ASN1_BIT_STRING | SEC_ASN1_XTRN, 159 offsetof(CRMFPOPOSigningKey, signature), 160 SEC_ASN1_SUB(SEC_BitStringTemplate) }, 161 { 0 } 162 }; 163 164 const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[] = { 165 { SEC_ASN1_CONTEXT_SPECIFIC | 1, 166 0, 167 crmfPOPOSigningKeyTemplate }, 168 { 0 } 169 }; 170 171 const SEC_ASN1Template CRMFThisMessageTemplate[] = { 172 { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, 173 0, 174 SEC_ASN1_SUB(SEC_BitStringTemplate) }, 175 { 0 } 176 }; 177 178 const SEC_ASN1Template CRMFSubsequentMessageTemplate[] = { 179 { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1, 180 0, 181 SEC_ASN1_SUB(SEC_IntegerTemplate) }, 182 { 0 } 183 }; 184 185 const SEC_ASN1Template CRMFDHMACTemplate[] = { 186 { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2, 187 0, 188 SEC_ASN1_SUB(SEC_BitStringTemplate) }, 189 { 0 } 190 }; 191 192 const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[] = { 193 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 194 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2, 195 0, 196 SEC_ASN1_SUB(SEC_AnyTemplate) }, 197 { 0 } 198 }; 199 200 const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[] = { 201 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 202 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 3, 203 0, 204 SEC_ASN1_SUB(SEC_AnyTemplate) }, 205 { 0 } 206 }; 207 208 const SEC_ASN1Template CRMFEncryptedValueTemplate[] = { 209 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFEncryptedValue) }, 210 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 211 SEC_ASN1_XTRN | 0, 212 offsetof(CRMFEncryptedValue, intendedAlg), 213 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, 214 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 215 SEC_ASN1_XTRN | 1, 216 offsetof(CRMFEncryptedValue, symmAlg), 217 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, 218 { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | 219 SEC_ASN1_XTRN | 2, 220 offsetof(CRMFEncryptedValue, encSymmKey), 221 SEC_ASN1_SUB(SEC_BitStringTemplate) }, 222 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 223 SEC_ASN1_XTRN | 3, 224 offsetof(CRMFEncryptedValue, keyAlg), 225 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, 226 { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 227 SEC_ASN1_XTRN | 4, 228 offsetof(CRMFEncryptedValue, valueHint), 229 SEC_ASN1_SUB(SEC_OctetStringTemplate) }, 230 { SEC_ASN1_BIT_STRING, offsetof(CRMFEncryptedValue, encValue) }, 231 { 0 } 232 }; 233 234 const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate[] = { 235 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 236 SEC_ASN1_CONTEXT_SPECIFIC | 0, 237 0, 238 CRMFEncryptedValueTemplate }, 239 { 0 } 240 }; 241