| 1 | /* |
|---|---|
| 2 | * Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved. |
| 3 | * Copyright Nokia 2007-2019 |
| 4 | * Copyright Siemens AG 2015-2019 |
| 5 | * |
| 6 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
| 7 | * this file except in compliance with the License. You can obtain a copy |
| 8 | * in the file LICENSE in the source distribution or at |
| 9 | * https://www.openssl.org/source/license.html |
| 10 | */ |
| 11 | |
| 12 | #include <openssl/asn1t.h> |
| 13 | |
| 14 | #include "cmp_local.h" |
| 15 | |
| 16 | /* explicit #includes not strictly needed since implied by the above: */ |
| 17 | #include <openssl/cmp.h> |
| 18 | #include <openssl/crmf.h> |
| 19 | |
| 20 | /* ASN.1 declarations from RFC4210 */ |
| 21 | ASN1_SEQUENCE(OSSL_CMP_REVANNCONTENT) = { |
| 22 | /* OSSL_CMP_PKISTATUS is effectively ASN1_INTEGER so it is used directly */ |
| 23 | ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT, status, ASN1_INTEGER), |
| 24 | ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT, certId, OSSL_CRMF_CERTID), |
| 25 | ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT, willBeRevokedAt, ASN1_GENERALIZEDTIME), |
| 26 | ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT, badSinceDate, ASN1_GENERALIZEDTIME), |
| 27 | ASN1_OPT(OSSL_CMP_REVANNCONTENT, crlDetails, X509_EXTENSIONS) |
| 28 | } ASN1_SEQUENCE_END(OSSL_CMP_REVANNCONTENT) |
| 29 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVANNCONTENT) |
| 30 | |
| 31 | |
| 32 | ASN1_SEQUENCE(OSSL_CMP_CHALLENGE) = { |
| 33 | ASN1_OPT(OSSL_CMP_CHALLENGE, owf, X509_ALGOR), |
| 34 | ASN1_SIMPLE(OSSL_CMP_CHALLENGE, witness, ASN1_OCTET_STRING), |
| 35 | ASN1_SIMPLE(OSSL_CMP_CHALLENGE, challenge, ASN1_OCTET_STRING) |
| 36 | } ASN1_SEQUENCE_END(OSSL_CMP_CHALLENGE) |
| 37 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CHALLENGE) |
| 38 | |
| 39 | |
| 40 | ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYCHALLCONTENT) = |
| 41 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, |
| 42 | OSSL_CMP_POPODECKEYCHALLCONTENT, OSSL_CMP_CHALLENGE) |
| 43 | ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYCHALLCONTENT) |
| 44 | |
| 45 | |
| 46 | ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYRESPCONTENT) = |
| 47 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, |
| 48 | OSSL_CMP_POPODECKEYRESPCONTENT, ASN1_INTEGER) |
| 49 | ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYRESPCONTENT) |
| 50 | |
| 51 | |
| 52 | ASN1_SEQUENCE(OSSL_CMP_CAKEYUPDANNCONTENT) = { |
| 53 | /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */ |
| 54 | ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT, oldWithNew, X509), |
| 55 | /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */ |
| 56 | ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT, newWithOld, X509), |
| 57 | /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */ |
| 58 | ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT, newWithNew, X509) |
| 59 | } ASN1_SEQUENCE_END(OSSL_CMP_CAKEYUPDANNCONTENT) |
| 60 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CAKEYUPDANNCONTENT) |
| 61 | |
| 62 | |
| 63 | ASN1_SEQUENCE(OSSL_CMP_ERRORMSGCONTENT) = { |
| 64 | ASN1_SIMPLE(OSSL_CMP_ERRORMSGCONTENT, pKIStatusInfo, OSSL_CMP_PKISI), |
| 65 | ASN1_OPT(OSSL_CMP_ERRORMSGCONTENT, errorCode, ASN1_INTEGER), |
| 66 | /* |
| 67 | * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING |
| 68 | * so it is used directly |
| 69 | * |
| 70 | */ |
| 71 | ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ERRORMSGCONTENT, errorDetails, ASN1_UTF8STRING) |
| 72 | } ASN1_SEQUENCE_END(OSSL_CMP_ERRORMSGCONTENT) |
| 73 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ERRORMSGCONTENT) |
| 74 | |
| 75 | ASN1_ADB_TEMPLATE(infotypeandvalue_default) = ASN1_OPT(OSSL_CMP_ITAV, |
| 76 | infoValue.other, ASN1_ANY); |
| 77 | /* ITAV means InfoTypeAndValue */ |
| 78 | ASN1_ADB(OSSL_CMP_ITAV) = { |
| 79 | /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */ |
| 80 | ADB_ENTRY(NID_id_it_caProtEncCert, ASN1_OPT(OSSL_CMP_ITAV, |
| 81 | infoValue.caProtEncCert, X509)), |
| 82 | ADB_ENTRY(NID_id_it_signKeyPairTypes, |
| 83 | ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV, |
| 84 | infoValue.signKeyPairTypes, X509_ALGOR)), |
| 85 | ADB_ENTRY(NID_id_it_encKeyPairTypes, |
| 86 | ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV, |
| 87 | infoValue.encKeyPairTypes, X509_ALGOR)), |
| 88 | ADB_ENTRY(NID_id_it_preferredSymmAlg, |
| 89 | ASN1_OPT(OSSL_CMP_ITAV, infoValue.preferredSymmAlg, |
| 90 | X509_ALGOR)), |
| 91 | ADB_ENTRY(NID_id_it_caKeyUpdateInfo, |
| 92 | ASN1_OPT(OSSL_CMP_ITAV, infoValue.caKeyUpdateInfo, |
| 93 | OSSL_CMP_CAKEYUPDANNCONTENT)), |
| 94 | ADB_ENTRY(NID_id_it_currentCRL, |
| 95 | ASN1_OPT(OSSL_CMP_ITAV, infoValue.currentCRL, X509_CRL)), |
| 96 | ADB_ENTRY(NID_id_it_unsupportedOIDs, |
| 97 | ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV, |
| 98 | infoValue.unsupportedOIDs, ASN1_OBJECT)), |
| 99 | ADB_ENTRY(NID_id_it_keyPairParamReq, |
| 100 | ASN1_OPT(OSSL_CMP_ITAV, infoValue.keyPairParamReq, |
| 101 | ASN1_OBJECT)), |
| 102 | ADB_ENTRY(NID_id_it_keyPairParamRep, |
| 103 | ASN1_OPT(OSSL_CMP_ITAV, infoValue.keyPairParamRep, |
| 104 | X509_ALGOR)), |
| 105 | ADB_ENTRY(NID_id_it_revPassphrase, |
| 106 | ASN1_OPT(OSSL_CMP_ITAV, infoValue.revPassphrase, |
| 107 | OSSL_CRMF_ENCRYPTEDVALUE)), |
| 108 | ADB_ENTRY(NID_id_it_implicitConfirm, |
| 109 | ASN1_OPT(OSSL_CMP_ITAV, infoValue.implicitConfirm, |
| 110 | ASN1_NULL)), |
| 111 | ADB_ENTRY(NID_id_it_confirmWaitTime, |
| 112 | ASN1_OPT(OSSL_CMP_ITAV, infoValue.confirmWaitTime, |
| 113 | ASN1_GENERALIZEDTIME)), |
| 114 | ADB_ENTRY(NID_id_it_origPKIMessage, |
| 115 | ASN1_OPT(OSSL_CMP_ITAV, infoValue.origPKIMessage, |
| 116 | OSSL_CMP_MSGS)), |
| 117 | ADB_ENTRY(NID_id_it_suppLangTags, |
| 118 | ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV, infoValue.suppLangTagsValue, |
| 119 | ASN1_UTF8STRING)), |
| 120 | } ASN1_ADB_END(OSSL_CMP_ITAV, 0, infoType, 0, |
| 121 | &infotypeandvalue_default_tt, NULL); |
| 122 | |
| 123 | |
| 124 | ASN1_SEQUENCE(OSSL_CMP_ITAV) = { |
| 125 | ASN1_SIMPLE(OSSL_CMP_ITAV, infoType, ASN1_OBJECT), |
| 126 | ASN1_ADB_OBJECT(OSSL_CMP_ITAV) |
| 127 | } ASN1_SEQUENCE_END(OSSL_CMP_ITAV) |
| 128 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ITAV) |
| 129 | IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV) |
| 130 | |
| 131 | OSSL_CMP_ITAV *OSSL_CMP_ITAV_create(ASN1_OBJECT *type, ASN1_TYPE *value) |
| 132 | { |
| 133 | OSSL_CMP_ITAV *itav; |
| 134 | |
| 135 | if (type == NULL || (itav = OSSL_CMP_ITAV_new()) == NULL) |
| 136 | return NULL; |
| 137 | OSSL_CMP_ITAV_set0(itav, type, value); |
| 138 | return itav; |
| 139 | } |
| 140 | |
| 141 | void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV *itav, ASN1_OBJECT *type, |
| 142 | ASN1_TYPE *value) |
| 143 | { |
| 144 | itav->infoType = type; |
| 145 | itav->infoValue.other = value; |
| 146 | } |
| 147 | |
| 148 | ASN1_OBJECT *OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV *itav) |
| 149 | { |
| 150 | if (itav == NULL) |
| 151 | return NULL; |
| 152 | return itav->infoType; |
| 153 | } |
| 154 | |
| 155 | ASN1_TYPE *OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV *itav) |
| 156 | { |
| 157 | if (itav == NULL) |
| 158 | return NULL; |
| 159 | return itav->infoValue.other; |
| 160 | } |
| 161 | |
| 162 | int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **itav_sk_p, |
| 163 | OSSL_CMP_ITAV *itav) |
| 164 | { |
| 165 | int created = 0; |
| 166 | |
| 167 | if (itav_sk_p == NULL || itav == NULL) { |
| 168 | CMPerr(0, CMP_R_NULL_ARGUMENT); |
| 169 | goto err; |
| 170 | } |
| 171 | |
| 172 | if (*itav_sk_p == NULL) { |
| 173 | if ((*itav_sk_p = sk_OSSL_CMP_ITAV_new_null()) == NULL) |
| 174 | goto err; |
| 175 | created = 1; |
| 176 | } |
| 177 | if (!sk_OSSL_CMP_ITAV_push(*itav_sk_p, itav)) |
| 178 | goto err; |
| 179 | return 1; |
| 180 | |
| 181 | err: |
| 182 | if (created != 0) { |
| 183 | sk_OSSL_CMP_ITAV_free(*itav_sk_p); |
| 184 | *itav_sk_p = NULL; |
| 185 | } |
| 186 | return 0; |
| 187 | } |
| 188 | |
| 189 | /* get ASN.1 encoded integer, return -1 on error */ |
| 190 | int ossl_cmp_asn1_get_int(const ASN1_INTEGER *a) |
| 191 | { |
| 192 | int64_t res; |
| 193 | |
| 194 | if (!ASN1_INTEGER_get_int64(&res, a)) { |
| 195 | CMPerr(0, ASN1_R_INVALID_NUMBER); |
| 196 | return -1; |
| 197 | } |
| 198 | if (res < INT_MIN) { |
| 199 | CMPerr(0, ASN1_R_TOO_SMALL); |
| 200 | return -1; |
| 201 | } |
| 202 | if (res > INT_MAX) { |
| 203 | CMPerr(0, ASN1_R_TOO_LARGE); |
| 204 | return -1; |
| 205 | } |
| 206 | return (int)res; |
| 207 | } |
| 208 | |
| 209 | ASN1_CHOICE(OSSL_CMP_CERTORENCCERT) = { |
| 210 | /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */ |
| 211 | ASN1_EXP(OSSL_CMP_CERTORENCCERT, value.certificate, X509, 0), |
| 212 | ASN1_EXP(OSSL_CMP_CERTORENCCERT, value.encryptedCert, |
| 213 | OSSL_CRMF_ENCRYPTEDVALUE, 1), |
| 214 | } ASN1_CHOICE_END(OSSL_CMP_CERTORENCCERT) |
| 215 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTORENCCERT) |
| 216 | |
| 217 | |
| 218 | ASN1_SEQUENCE(OSSL_CMP_CERTIFIEDKEYPAIR) = { |
| 219 | ASN1_SIMPLE(OSSL_CMP_CERTIFIEDKEYPAIR, certOrEncCert, |
| 220 | OSSL_CMP_CERTORENCCERT), |
| 221 | ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR, privateKey, |
| 222 | OSSL_CRMF_ENCRYPTEDVALUE, 0), |
| 223 | ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR, publicationInfo, |
| 224 | OSSL_CRMF_PKIPUBLICATIONINFO, 1) |
| 225 | } ASN1_SEQUENCE_END(OSSL_CMP_CERTIFIEDKEYPAIR) |
| 226 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTIFIEDKEYPAIR) |
| 227 | |
| 228 | |
| 229 | ASN1_SEQUENCE(OSSL_CMP_REVDETAILS) = { |
| 230 | ASN1_SIMPLE(OSSL_CMP_REVDETAILS, certDetails, OSSL_CRMF_CERTTEMPLATE), |
| 231 | ASN1_OPT(OSSL_CMP_REVDETAILS, crlEntryDetails, X509_EXTENSIONS) |
| 232 | } ASN1_SEQUENCE_END(OSSL_CMP_REVDETAILS) |
| 233 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVDETAILS) |
| 234 | |
| 235 | |
| 236 | ASN1_ITEM_TEMPLATE(OSSL_CMP_REVREQCONTENT) = |
| 237 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_REVREQCONTENT, |
| 238 | OSSL_CMP_REVDETAILS) |
| 239 | ASN1_ITEM_TEMPLATE_END(OSSL_CMP_REVREQCONTENT) |
| 240 | |
| 241 | |
| 242 | ASN1_SEQUENCE(OSSL_CMP_REVREPCONTENT) = { |
| 243 | ASN1_SEQUENCE_OF(OSSL_CMP_REVREPCONTENT, status, OSSL_CMP_PKISI), |
| 244 | ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT, revCerts, OSSL_CRMF_CERTID, |
| 245 | 0), |
| 246 | ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT, crls, X509_CRL, 1) |
| 247 | } ASN1_SEQUENCE_END(OSSL_CMP_REVREPCONTENT) |
| 248 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVREPCONTENT) |
| 249 | |
| 250 | |
| 251 | ASN1_SEQUENCE(OSSL_CMP_KEYRECREPCONTENT) = { |
| 252 | ASN1_SIMPLE(OSSL_CMP_KEYRECREPCONTENT, status, OSSL_CMP_PKISI), |
| 253 | ASN1_EXP_OPT(OSSL_CMP_KEYRECREPCONTENT, newSigCert, X509, 0), |
| 254 | ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT, caCerts, X509, 1), |
| 255 | ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT, keyPairHist, |
| 256 | OSSL_CMP_CERTIFIEDKEYPAIR, 2) |
| 257 | } ASN1_SEQUENCE_END(OSSL_CMP_KEYRECREPCONTENT) |
| 258 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_KEYRECREPCONTENT) |
| 259 | |
| 260 | |
| 261 | ASN1_ITEM_TEMPLATE(OSSL_CMP_PKISTATUS) = |
| 262 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_UNIVERSAL, 0, status, ASN1_INTEGER) |
| 263 | ASN1_ITEM_TEMPLATE_END(OSSL_CMP_PKISTATUS) |
| 264 | |
| 265 | ASN1_SEQUENCE(OSSL_CMP_PKISI) = { |
| 266 | ASN1_SIMPLE(OSSL_CMP_PKISI, status, OSSL_CMP_PKISTATUS), |
| 267 | /* |
| 268 | * CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING |
| 269 | * so it is used directly |
| 270 | */ |
| 271 | ASN1_SEQUENCE_OF_OPT(OSSL_CMP_PKISI, statusString, ASN1_UTF8STRING), |
| 272 | /* |
| 273 | * OSSL_CMP_PKIFAILUREINFO is effectively ASN1_BIT_STRING so used directly |
| 274 | */ |
| 275 | ASN1_OPT(OSSL_CMP_PKISI, failInfo, ASN1_BIT_STRING) |
| 276 | } ASN1_SEQUENCE_END(OSSL_CMP_PKISI) |
| 277 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKISI) |
| 278 | IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_PKISI) |
| 279 | |
| 280 | ASN1_SEQUENCE(OSSL_CMP_CERTSTATUS) = { |
| 281 | ASN1_SIMPLE(OSSL_CMP_CERTSTATUS, certHash, ASN1_OCTET_STRING), |
| 282 | ASN1_SIMPLE(OSSL_CMP_CERTSTATUS, certReqId, ASN1_INTEGER), |
| 283 | ASN1_OPT(OSSL_CMP_CERTSTATUS, statusInfo, OSSL_CMP_PKISI) |
| 284 | } ASN1_SEQUENCE_END(OSSL_CMP_CERTSTATUS) |
| 285 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTSTATUS) |
| 286 | |
| 287 | ASN1_ITEM_TEMPLATE(OSSL_CMP_CERTCONFIRMCONTENT) = |
| 288 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_CERTCONFIRMCONTENT, |
| 289 | OSSL_CMP_CERTSTATUS) |
| 290 | ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CERTCONFIRMCONTENT) |
| 291 | |
| 292 | ASN1_SEQUENCE(OSSL_CMP_CERTRESPONSE) = { |
| 293 | ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE, certReqId, ASN1_INTEGER), |
| 294 | ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE, status, OSSL_CMP_PKISI), |
| 295 | ASN1_OPT(OSSL_CMP_CERTRESPONSE, certifiedKeyPair, |
| 296 | OSSL_CMP_CERTIFIEDKEYPAIR), |
| 297 | ASN1_OPT(OSSL_CMP_CERTRESPONSE, rspInfo, ASN1_OCTET_STRING) |
| 298 | } ASN1_SEQUENCE_END(OSSL_CMP_CERTRESPONSE) |
| 299 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTRESPONSE) |
| 300 | |
| 301 | ASN1_SEQUENCE(OSSL_CMP_POLLREQ) = { |
| 302 | ASN1_SIMPLE(OSSL_CMP_POLLREQ, certReqId, ASN1_INTEGER) |
| 303 | } ASN1_SEQUENCE_END(OSSL_CMP_POLLREQ) |
| 304 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREQ) |
| 305 | |
| 306 | ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREQCONTENT) = |
| 307 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_POLLREQCONTENT, |
| 308 | OSSL_CMP_POLLREQ) |
| 309 | ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREQCONTENT) |
| 310 | |
| 311 | ASN1_SEQUENCE(OSSL_CMP_POLLREP) = { |
| 312 | ASN1_SIMPLE(OSSL_CMP_POLLREP, certReqId, ASN1_INTEGER), |
| 313 | ASN1_SIMPLE(OSSL_CMP_POLLREP, checkAfter, ASN1_INTEGER), |
| 314 | ASN1_SEQUENCE_OF_OPT(OSSL_CMP_POLLREP, reason, ASN1_UTF8STRING), |
| 315 | } ASN1_SEQUENCE_END(OSSL_CMP_POLLREP) |
| 316 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREP) |
| 317 | |
| 318 | ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREPCONTENT) = |
| 319 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, |
| 320 | OSSL_CMP_POLLREPCONTENT, |
| 321 | OSSL_CMP_POLLREP) |
| 322 | ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREPCONTENT) |
| 323 | |
| 324 | ASN1_SEQUENCE(OSSL_CMP_CERTREPMESSAGE) = { |
| 325 | /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */ |
| 326 | ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_CERTREPMESSAGE, caPubs, X509, 1), |
| 327 | ASN1_SEQUENCE_OF(OSSL_CMP_CERTREPMESSAGE, response, OSSL_CMP_CERTRESPONSE) |
| 328 | } ASN1_SEQUENCE_END(OSSL_CMP_CERTREPMESSAGE) |
| 329 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTREPMESSAGE) |
| 330 | |
| 331 | ASN1_ITEM_TEMPLATE(OSSL_CMP_GENMSGCONTENT) = |
| 332 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_GENMSGCONTENT, |
| 333 | OSSL_CMP_ITAV) |
| 334 | ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENMSGCONTENT) |
| 335 | |
| 336 | ASN1_ITEM_TEMPLATE(OSSL_CMP_GENREPCONTENT) = |
| 337 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_GENREPCONTENT, |
| 338 | OSSL_CMP_ITAV) |
| 339 | ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENREPCONTENT) |
| 340 | |
| 341 | ASN1_ITEM_TEMPLATE(OSSL_CMP_CRLANNCONTENT) = |
| 342 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, |
| 343 | OSSL_CMP_CRLANNCONTENT, X509_CRL) |
| 344 | ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CRLANNCONTENT) |
| 345 | |
| 346 | ASN1_CHOICE(OSSL_CMP_PKIBODY) = { |
| 347 | ASN1_EXP(OSSL_CMP_PKIBODY, value.ir, OSSL_CRMF_MSGS, 0), |
| 348 | ASN1_EXP(OSSL_CMP_PKIBODY, value.ip, OSSL_CMP_CERTREPMESSAGE, 1), |
| 349 | ASN1_EXP(OSSL_CMP_PKIBODY, value.cr, OSSL_CRMF_MSGS, 2), |
| 350 | ASN1_EXP(OSSL_CMP_PKIBODY, value.cp, OSSL_CMP_CERTREPMESSAGE, 3), |
| 351 | ASN1_EXP(OSSL_CMP_PKIBODY, value.p10cr, X509_REQ, 4), |
| 352 | ASN1_EXP(OSSL_CMP_PKIBODY, value.popdecc, OSSL_CMP_POPODECKEYCHALLCONTENT, 5), |
| 353 | ASN1_EXP(OSSL_CMP_PKIBODY, value.popdecr, OSSL_CMP_POPODECKEYRESPCONTENT, 6), |
| 354 | ASN1_EXP(OSSL_CMP_PKIBODY, value.kur, OSSL_CRMF_MSGS, 7), |
| 355 | ASN1_EXP(OSSL_CMP_PKIBODY, value.kup, OSSL_CMP_CERTREPMESSAGE, 8), |
| 356 | ASN1_EXP(OSSL_CMP_PKIBODY, value.krr, OSSL_CRMF_MSGS, 9), |
| 357 | ASN1_EXP(OSSL_CMP_PKIBODY, value.krp, OSSL_CMP_KEYRECREPCONTENT, 10), |
| 358 | ASN1_EXP(OSSL_CMP_PKIBODY, value.rr, OSSL_CMP_REVREQCONTENT, 11), |
| 359 | ASN1_EXP(OSSL_CMP_PKIBODY, value.rp, OSSL_CMP_REVREPCONTENT, 12), |
| 360 | ASN1_EXP(OSSL_CMP_PKIBODY, value.ccr, OSSL_CRMF_MSGS, 13), |
| 361 | ASN1_EXP(OSSL_CMP_PKIBODY, value.ccp, OSSL_CMP_CERTREPMESSAGE, 14), |
| 362 | ASN1_EXP(OSSL_CMP_PKIBODY, value.ckuann, OSSL_CMP_CAKEYUPDANNCONTENT, 15), |
| 363 | ASN1_EXP(OSSL_CMP_PKIBODY, value.cann, X509, 16), |
| 364 | ASN1_EXP(OSSL_CMP_PKIBODY, value.rann, OSSL_CMP_REVANNCONTENT, 17), |
| 365 | ASN1_EXP(OSSL_CMP_PKIBODY, value.crlann, OSSL_CMP_CRLANNCONTENT, 18), |
| 366 | ASN1_EXP(OSSL_CMP_PKIBODY, value.pkiconf, ASN1_ANY, 19), |
| 367 | ASN1_EXP(OSSL_CMP_PKIBODY, value.nested, OSSL_CMP_MSGS, 20), |
| 368 | ASN1_EXP(OSSL_CMP_PKIBODY, value.genm, OSSL_CMP_GENMSGCONTENT, 21), |
| 369 | ASN1_EXP(OSSL_CMP_PKIBODY, value.genp, OSSL_CMP_GENREPCONTENT, 22), |
| 370 | ASN1_EXP(OSSL_CMP_PKIBODY, value.error, OSSL_CMP_ERRORMSGCONTENT, 23), |
| 371 | ASN1_EXP(OSSL_CMP_PKIBODY, value.certConf, OSSL_CMP_CERTCONFIRMCONTENT, 24), |
| 372 | ASN1_EXP(OSSL_CMP_PKIBODY, value.pollReq, OSSL_CMP_POLLREQCONTENT, 25), |
| 373 | ASN1_EXP(OSSL_CMP_PKIBODY, value.pollRep, OSSL_CMP_POLLREPCONTENT, 26), |
| 374 | } ASN1_CHOICE_END(OSSL_CMP_PKIBODY) |
| 375 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIBODY) |
| 376 | |
| 377 | ASN1_SEQUENCE(OSSL_CMP_PKIHEADER) = { |
| 378 | ASN1_SIMPLE(OSSL_CMP_PKIHEADER, pvno, ASN1_INTEGER), |
| 379 | ASN1_SIMPLE(OSSL_CMP_PKIHEADER, sender, GENERAL_NAME), |
| 380 | ASN1_SIMPLE(OSSL_CMP_PKIHEADER, recipient, GENERAL_NAME), |
| 381 | ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, messageTime, ASN1_GENERALIZEDTIME, 0), |
| 382 | ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, protectionAlg, X509_ALGOR, 1), |
| 383 | ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, senderKID, ASN1_OCTET_STRING, 2), |
| 384 | ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, recipKID, ASN1_OCTET_STRING, 3), |
| 385 | ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, transactionID, ASN1_OCTET_STRING, 4), |
| 386 | ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, senderNonce, ASN1_OCTET_STRING, 5), |
| 387 | ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, recipNonce, ASN1_OCTET_STRING, 6), |
| 388 | /* |
| 389 | * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING |
| 390 | * so it is used directly |
| 391 | */ |
| 392 | ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER, freeText, ASN1_UTF8STRING, 7), |
| 393 | ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER, generalInfo, |
| 394 | OSSL_CMP_ITAV, 8) |
| 395 | } ASN1_SEQUENCE_END(OSSL_CMP_PKIHEADER) |
| 396 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIHEADER) |
| 397 | |
| 398 | ASN1_SEQUENCE(CMP_PROTECTEDPART) = { |
| 399 | ASN1_SIMPLE(OSSL_CMP_MSG, header, OSSL_CMP_PKIHEADER), |
| 400 | ASN1_SIMPLE(OSSL_CMP_MSG, body, OSSL_CMP_PKIBODY) |
| 401 | } ASN1_SEQUENCE_END(CMP_PROTECTEDPART) |
| 402 | IMPLEMENT_ASN1_FUNCTIONS(CMP_PROTECTEDPART) |
| 403 | |
| 404 | ASN1_SEQUENCE(OSSL_CMP_MSG) = { |
| 405 | ASN1_SIMPLE(OSSL_CMP_MSG, header, OSSL_CMP_PKIHEADER), |
| 406 | ASN1_SIMPLE(OSSL_CMP_MSG, body, OSSL_CMP_PKIBODY), |
| 407 | ASN1_EXP_OPT(OSSL_CMP_MSG, protection, ASN1_BIT_STRING, 0), |
| 408 | /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */ |
| 409 | ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_MSG, extraCerts, X509, 1) |
| 410 | } ASN1_SEQUENCE_END(OSSL_CMP_MSG) |
| 411 | IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_MSG) |
| 412 | IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_MSG) |
| 413 | |
| 414 | ASN1_ITEM_TEMPLATE(OSSL_CMP_MSGS) = |
| 415 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_MSGS, |
| 416 | OSSL_CMP_MSG) |
| 417 | ASN1_ITEM_TEMPLATE_END(OSSL_CMP_MSGS) |
| 418 |
Generated on 2020-Jan-04 from project ClickHouse revision 19.17.6
Powered by 
Code Browser 2.1
Generator usage only permitted with license.