]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/cmp/cmp_asn.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL
[thirdparty/openssl.git] / crypto / cmp / cmp_asn.c
1 /*
2 * Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright Nokia 2007-2019
4 * Copyright Siemens AG 2015-2019
5 *
6 * Licensed under the Apache License 2.0 (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
10 *
11 * CMP implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb.
12 */
13
14 #include <openssl/asn1t.h>
15
16 #include "cmp_int.h"
17
18 /* explicit #includes not strictly needed since implied by the above: */
19 #include <openssl/cmp.h>
20 #include <openssl/crmf.h>
21
22 /* ASN.1 declarations from RFC4210 */
23 ASN1_SEQUENCE(OSSL_CMP_REVANNCONTENT) = {
24 /* OSSL_CMP_PKISTATUS is effectively ASN1_INTEGER so it is used directly */
25 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT, status, ASN1_INTEGER),
26 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT, certId, OSSL_CRMF_CERTID),
27 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT, willBeRevokedAt, ASN1_GENERALIZEDTIME),
28 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT, badSinceDate, ASN1_GENERALIZEDTIME),
29 ASN1_OPT(OSSL_CMP_REVANNCONTENT, crlDetails, X509_EXTENSIONS)
30 } ASN1_SEQUENCE_END(OSSL_CMP_REVANNCONTENT)
31 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVANNCONTENT)
32
33
34 ASN1_SEQUENCE(OSSL_CMP_CHALLENGE) = {
35 ASN1_OPT(OSSL_CMP_CHALLENGE, owf, X509_ALGOR),
36 ASN1_SIMPLE(OSSL_CMP_CHALLENGE, witness, ASN1_OCTET_STRING),
37 ASN1_SIMPLE(OSSL_CMP_CHALLENGE, challenge, ASN1_OCTET_STRING)
38 } ASN1_SEQUENCE_END(OSSL_CMP_CHALLENGE)
39 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CHALLENGE)
40
41
42 ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYCHALLCONTENT) =
43 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
44 OSSL_CMP_POPODECKEYCHALLCONTENT, OSSL_CMP_CHALLENGE)
45 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYCHALLCONTENT)
46
47
48 ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYRESPCONTENT) =
49 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
50 OSSL_CMP_POPODECKEYRESPCONTENT, ASN1_INTEGER)
51 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYRESPCONTENT)
52
53
54 ASN1_SEQUENCE(OSSL_CMP_CAKEYUPDANNCONTENT) = {
55 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
56 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT, oldWithNew, X509),
57 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
58 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT, newWithOld, X509),
59 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
60 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT, newWithNew, X509)
61 } ASN1_SEQUENCE_END(OSSL_CMP_CAKEYUPDANNCONTENT)
62 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CAKEYUPDANNCONTENT)
63
64
65 ASN1_SEQUENCE(OSSL_CMP_ERRORMSGCONTENT) = {
66 ASN1_SIMPLE(OSSL_CMP_ERRORMSGCONTENT, pKIStatusInfo, OSSL_CMP_PKISI),
67 ASN1_OPT(OSSL_CMP_ERRORMSGCONTENT, errorCode, ASN1_INTEGER),
68 /*
69 * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
70 * so it is used directly
71 *
72 */
73 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ERRORMSGCONTENT, errorDetails, ASN1_UTF8STRING)
74 } ASN1_SEQUENCE_END(OSSL_CMP_ERRORMSGCONTENT)
75 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ERRORMSGCONTENT)
76
77 ASN1_ADB_TEMPLATE(infotypeandvalue_default) = ASN1_OPT(OSSL_CMP_ITAV,
78 infoValue.other, ASN1_ANY);
79 /* ITAV means InfoTypeAndValue */
80 ASN1_ADB(OSSL_CMP_ITAV) = {
81 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
82 ADB_ENTRY(NID_id_it_caProtEncCert, ASN1_OPT(OSSL_CMP_ITAV,
83 infoValue.caProtEncCert, X509)),
84 ADB_ENTRY(NID_id_it_signKeyPairTypes,
85 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV,
86 infoValue.signKeyPairTypes, X509_ALGOR)),
87 ADB_ENTRY(NID_id_it_encKeyPairTypes,
88 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV,
89 infoValue.encKeyPairTypes, X509_ALGOR)),
90 ADB_ENTRY(NID_id_it_preferredSymmAlg,
91 ASN1_OPT(OSSL_CMP_ITAV, infoValue.preferredSymmAlg,
92 X509_ALGOR)),
93 ADB_ENTRY(NID_id_it_caKeyUpdateInfo,
94 ASN1_OPT(OSSL_CMP_ITAV, infoValue.caKeyUpdateInfo,
95 OSSL_CMP_CAKEYUPDANNCONTENT)),
96 ADB_ENTRY(NID_id_it_currentCRL,
97 ASN1_OPT(OSSL_CMP_ITAV, infoValue.currentCRL, X509_CRL)),
98 ADB_ENTRY(NID_id_it_unsupportedOIDs,
99 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV,
100 infoValue.unsupportedOIDs, ASN1_OBJECT)),
101 ADB_ENTRY(NID_id_it_keyPairParamReq,
102 ASN1_OPT(OSSL_CMP_ITAV, infoValue.keyPairParamReq,
103 ASN1_OBJECT)),
104 ADB_ENTRY(NID_id_it_keyPairParamRep,
105 ASN1_OPT(OSSL_CMP_ITAV, infoValue.keyPairParamRep,
106 X509_ALGOR)),
107 ADB_ENTRY(NID_id_it_revPassphrase,
108 ASN1_OPT(OSSL_CMP_ITAV, infoValue.revPassphrase,
109 OSSL_CRMF_ENCRYPTEDVALUE)),
110 ADB_ENTRY(NID_id_it_implicitConfirm,
111 ASN1_OPT(OSSL_CMP_ITAV, infoValue.implicitConfirm,
112 ASN1_NULL)),
113 ADB_ENTRY(NID_id_it_confirmWaitTime,
114 ASN1_OPT(OSSL_CMP_ITAV, infoValue.confirmWaitTime,
115 ASN1_GENERALIZEDTIME)),
116 ADB_ENTRY(NID_id_it_origPKIMessage,
117 ASN1_OPT(OSSL_CMP_ITAV, infoValue.origPKIMessage,
118 OSSL_CMP_MSGS)),
119 ADB_ENTRY(NID_id_it_suppLangTags,
120 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV, infoValue.suppLangTagsValue,
121 ASN1_UTF8STRING)),
122 } ASN1_ADB_END(OSSL_CMP_ITAV, 0, infoType, 0,
123 &infotypeandvalue_default_tt, NULL);
124
125
126 ASN1_SEQUENCE(OSSL_CMP_ITAV) = {
127 ASN1_SIMPLE(OSSL_CMP_ITAV, infoType, ASN1_OBJECT),
128 ASN1_ADB_OBJECT(OSSL_CMP_ITAV)
129 } ASN1_SEQUENCE_END(OSSL_CMP_ITAV)
130 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ITAV)
131 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV)
132
133 OSSL_CMP_ITAV *OSSL_CMP_ITAV_create(ASN1_OBJECT *type, ASN1_TYPE *value)
134 {
135 OSSL_CMP_ITAV *itav;
136
137 if (type == NULL || (itav = OSSL_CMP_ITAV_new()) == NULL)
138 return NULL;
139 OSSL_CMP_ITAV_set0(itav, type, value);
140 return itav;
141 }
142
143 void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV *itav, ASN1_OBJECT *type,
144 ASN1_TYPE *value)
145 {
146 itav->infoType = type;
147 itav->infoValue.other = value;
148 }
149
150 ASN1_OBJECT *OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV *itav)
151 {
152 if (itav == NULL)
153 return NULL;
154 return itav->infoType;
155 }
156
157 ASN1_TYPE *OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV *itav)
158 {
159 if (itav == NULL)
160 return NULL;
161 return itav->infoValue.other;
162 }
163
164 int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **itav_sk_p,
165 OSSL_CMP_ITAV *itav)
166 {
167 int created = 0;
168
169 if (itav_sk_p == NULL)
170 goto err;
171
172 if (*itav_sk_p == NULL) {
173 if ((*itav_sk_p = sk_OSSL_CMP_ITAV_new_null()) == NULL)
174 goto err;
175 created = 1;
176 }
177 if (itav != NULL) {
178 if (!sk_OSSL_CMP_ITAV_push(*itav_sk_p, itav))
179 goto err;
180 }
181 return 1;
182 err:
183 if (created != 0) {
184 sk_OSSL_CMP_ITAV_free(*itav_sk_p);
185 *itav_sk_p = NULL;
186 }
187 return 0;
188 }
189
190 ASN1_CHOICE(OSSL_CMP_CERTORENCCERT) = {
191 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
192 ASN1_EXP(OSSL_CMP_CERTORENCCERT, value.certificate, X509, 0),
193 ASN1_EXP(OSSL_CMP_CERTORENCCERT, value.encryptedCert,
194 OSSL_CRMF_ENCRYPTEDVALUE, 1),
195 } ASN1_CHOICE_END(OSSL_CMP_CERTORENCCERT)
196 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTORENCCERT)
197
198
199 ASN1_SEQUENCE(OSSL_CMP_CERTIFIEDKEYPAIR) = {
200 ASN1_SIMPLE(OSSL_CMP_CERTIFIEDKEYPAIR, certOrEncCert,
201 OSSL_CMP_CERTORENCCERT),
202 ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR, privateKey,
203 OSSL_CRMF_ENCRYPTEDVALUE, 0),
204 ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR, publicationInfo,
205 OSSL_CRMF_PKIPUBLICATIONINFO, 1)
206 } ASN1_SEQUENCE_END(OSSL_CMP_CERTIFIEDKEYPAIR)
207 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTIFIEDKEYPAIR)
208
209
210 ASN1_SEQUENCE(OSSL_CMP_REVDETAILS) = {
211 ASN1_SIMPLE(OSSL_CMP_REVDETAILS, certDetails, OSSL_CRMF_CERTTEMPLATE),
212 ASN1_OPT(OSSL_CMP_REVDETAILS, crlEntryDetails, X509_EXTENSIONS)
213 } ASN1_SEQUENCE_END(OSSL_CMP_REVDETAILS)
214 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVDETAILS)
215
216
217 ASN1_ITEM_TEMPLATE(OSSL_CMP_REVREQCONTENT) =
218 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_REVREQCONTENT,
219 OSSL_CMP_REVDETAILS)
220 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_REVREQCONTENT)
221
222
223 ASN1_SEQUENCE(OSSL_CMP_REVREPCONTENT) = {
224 ASN1_SEQUENCE_OF(OSSL_CMP_REVREPCONTENT, status, OSSL_CMP_PKISI),
225 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT, revCerts, OSSL_CRMF_CERTID,
226 0),
227 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT, crls, X509_CRL, 1)
228 } ASN1_SEQUENCE_END(OSSL_CMP_REVREPCONTENT)
229 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVREPCONTENT)
230
231
232 ASN1_SEQUENCE(OSSL_CMP_KEYRECREPCONTENT) = {
233 ASN1_SIMPLE(OSSL_CMP_KEYRECREPCONTENT, status, OSSL_CMP_PKISI),
234 ASN1_EXP_OPT(OSSL_CMP_KEYRECREPCONTENT, newSigCert, X509, 0),
235 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT, caCerts, X509, 1),
236 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT, keyPairHist,
237 OSSL_CMP_CERTIFIEDKEYPAIR, 2)
238 } ASN1_SEQUENCE_END(OSSL_CMP_KEYRECREPCONTENT)
239 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_KEYRECREPCONTENT)
240
241
242 ASN1_ITEM_TEMPLATE(OSSL_CMP_PKISTATUS) =
243 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_UNIVERSAL, 0, status, ASN1_INTEGER)
244 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_PKISTATUS)
245
246 ASN1_SEQUENCE(OSSL_CMP_PKISI) = {
247 ASN1_SIMPLE(OSSL_CMP_PKISI, status, OSSL_CMP_PKISTATUS),
248 /*
249 * CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
250 * so it is used directly
251 */
252 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_PKISI, statusString, ASN1_UTF8STRING),
253 /*
254 * OSSL_CMP_PKIFAILUREINFO is effectively ASN1_BIT_STRING so used directly
255 */
256 ASN1_OPT(OSSL_CMP_PKISI, failInfo, ASN1_BIT_STRING)
257 } ASN1_SEQUENCE_END(OSSL_CMP_PKISI)
258 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKISI)
259 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_PKISI)
260
261 ASN1_SEQUENCE(OSSL_CMP_CERTSTATUS) = {
262 ASN1_SIMPLE(OSSL_CMP_CERTSTATUS, certHash, ASN1_OCTET_STRING),
263 ASN1_SIMPLE(OSSL_CMP_CERTSTATUS, certReqId, ASN1_INTEGER),
264 ASN1_OPT(OSSL_CMP_CERTSTATUS, statusInfo, OSSL_CMP_PKISI)
265 } ASN1_SEQUENCE_END(OSSL_CMP_CERTSTATUS)
266 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTSTATUS)
267
268 ASN1_ITEM_TEMPLATE(OSSL_CMP_CERTCONFIRMCONTENT) =
269 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_CERTCONFIRMCONTENT,
270 OSSL_CMP_CERTSTATUS)
271 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CERTCONFIRMCONTENT)
272
273 ASN1_SEQUENCE(OSSL_CMP_CERTRESPONSE) = {
274 ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE, certReqId, ASN1_INTEGER),
275 ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE, status, OSSL_CMP_PKISI),
276 ASN1_OPT(OSSL_CMP_CERTRESPONSE, certifiedKeyPair,
277 OSSL_CMP_CERTIFIEDKEYPAIR),
278 ASN1_OPT(OSSL_CMP_CERTRESPONSE, rspInfo, ASN1_OCTET_STRING)
279 } ASN1_SEQUENCE_END(OSSL_CMP_CERTRESPONSE)
280 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTRESPONSE)
281
282 ASN1_SEQUENCE(OSSL_CMP_POLLREQ) = {
283 ASN1_SIMPLE(OSSL_CMP_POLLREQ, certReqId, ASN1_INTEGER)
284 } ASN1_SEQUENCE_END(OSSL_CMP_POLLREQ)
285 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREQ)
286
287 ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREQCONTENT) =
288 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_POLLREQCONTENT,
289 OSSL_CMP_POLLREQ)
290 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREQCONTENT)
291
292 ASN1_SEQUENCE(OSSL_CMP_POLLREP) = {
293 ASN1_SIMPLE(OSSL_CMP_POLLREP, certReqId, ASN1_INTEGER),
294 ASN1_SIMPLE(OSSL_CMP_POLLREP, checkAfter, ASN1_INTEGER),
295 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_POLLREP, reason, ASN1_UTF8STRING),
296 } ASN1_SEQUENCE_END(OSSL_CMP_POLLREP)
297 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREP)
298
299 ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREPCONTENT) =
300 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
301 OSSL_CMP_POLLREPCONTENT,
302 OSSL_CMP_POLLREP)
303 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREPCONTENT)
304
305 ASN1_SEQUENCE(OSSL_CMP_CERTREPMESSAGE) = {
306 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
307 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_CERTREPMESSAGE, caPubs, X509, 1),
308 ASN1_SEQUENCE_OF(OSSL_CMP_CERTREPMESSAGE, response, OSSL_CMP_CERTRESPONSE)
309 } ASN1_SEQUENCE_END(OSSL_CMP_CERTREPMESSAGE)
310 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTREPMESSAGE)
311
312 ASN1_ITEM_TEMPLATE(OSSL_CMP_GENMSGCONTENT) =
313 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_GENMSGCONTENT,
314 OSSL_CMP_ITAV)
315 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENMSGCONTENT)
316
317 ASN1_ITEM_TEMPLATE(OSSL_CMP_GENREPCONTENT) =
318 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_GENREPCONTENT,
319 OSSL_CMP_ITAV)
320 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENREPCONTENT)
321
322 ASN1_ITEM_TEMPLATE(OSSL_CMP_CRLANNCONTENT) =
323 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
324 OSSL_CMP_CRLANNCONTENT, X509_CRL)
325 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CRLANNCONTENT)
326
327 ASN1_CHOICE(OSSL_CMP_PKIBODY) = {
328 ASN1_EXP(OSSL_CMP_PKIBODY, value.ir, OSSL_CRMF_MSGS, 0),
329 ASN1_EXP(OSSL_CMP_PKIBODY, value.ip, OSSL_CMP_CERTREPMESSAGE, 1),
330 ASN1_EXP(OSSL_CMP_PKIBODY, value.cr, OSSL_CRMF_MSGS, 2),
331 ASN1_EXP(OSSL_CMP_PKIBODY, value.cp, OSSL_CMP_CERTREPMESSAGE, 3),
332 ASN1_EXP(OSSL_CMP_PKIBODY, value.p10cr, X509_REQ, 4),
333 ASN1_EXP(OSSL_CMP_PKIBODY, value.popdecc, OSSL_CMP_POPODECKEYCHALLCONTENT, 5),
334 ASN1_EXP(OSSL_CMP_PKIBODY, value.popdecr, OSSL_CMP_POPODECKEYRESPCONTENT, 6),
335 ASN1_EXP(OSSL_CMP_PKIBODY, value.kur, OSSL_CRMF_MSGS, 7),
336 ASN1_EXP(OSSL_CMP_PKIBODY, value.kup, OSSL_CMP_CERTREPMESSAGE, 8),
337 ASN1_EXP(OSSL_CMP_PKIBODY, value.krr, OSSL_CRMF_MSGS, 9),
338 ASN1_EXP(OSSL_CMP_PKIBODY, value.krp, OSSL_CMP_KEYRECREPCONTENT, 10),
339 ASN1_EXP(OSSL_CMP_PKIBODY, value.rr, OSSL_CMP_REVREQCONTENT, 11),
340 ASN1_EXP(OSSL_CMP_PKIBODY, value.rp, OSSL_CMP_REVREPCONTENT, 12),
341 ASN1_EXP(OSSL_CMP_PKIBODY, value.ccr, OSSL_CRMF_MSGS, 13),
342 ASN1_EXP(OSSL_CMP_PKIBODY, value.ccp, OSSL_CMP_CERTREPMESSAGE, 14),
343 ASN1_EXP(OSSL_CMP_PKIBODY, value.ckuann, OSSL_CMP_CAKEYUPDANNCONTENT, 15),
344 ASN1_EXP(OSSL_CMP_PKIBODY, value.cann, X509, 16),
345 ASN1_EXP(OSSL_CMP_PKIBODY, value.rann, OSSL_CMP_REVANNCONTENT, 17),
346 ASN1_EXP(OSSL_CMP_PKIBODY, value.crlann, OSSL_CMP_CRLANNCONTENT, 18),
347 ASN1_EXP(OSSL_CMP_PKIBODY, value.pkiconf, ASN1_ANY, 19),
348 ASN1_EXP(OSSL_CMP_PKIBODY, value.nested, OSSL_CMP_MSGS, 20),
349 ASN1_EXP(OSSL_CMP_PKIBODY, value.genm, OSSL_CMP_GENMSGCONTENT, 21),
350 ASN1_EXP(OSSL_CMP_PKIBODY, value.genp, OSSL_CMP_GENREPCONTENT, 22),
351 ASN1_EXP(OSSL_CMP_PKIBODY, value.error, OSSL_CMP_ERRORMSGCONTENT, 23),
352 ASN1_EXP(OSSL_CMP_PKIBODY, value.certConf, OSSL_CMP_CERTCONFIRMCONTENT, 24),
353 ASN1_EXP(OSSL_CMP_PKIBODY, value.pollReq, OSSL_CMP_POLLREQCONTENT, 25),
354 ASN1_EXP(OSSL_CMP_PKIBODY, value.pollRep, OSSL_CMP_POLLREPCONTENT, 26),
355 } ASN1_CHOICE_END(OSSL_CMP_PKIBODY)
356 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIBODY)
357
358 ASN1_SEQUENCE(OSSL_CMP_PKIHEADER) = {
359 ASN1_SIMPLE(OSSL_CMP_PKIHEADER, pvno, ASN1_INTEGER),
360 ASN1_SIMPLE(OSSL_CMP_PKIHEADER, sender, GENERAL_NAME),
361 ASN1_SIMPLE(OSSL_CMP_PKIHEADER, recipient, GENERAL_NAME),
362 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, messageTime, ASN1_GENERALIZEDTIME, 0),
363 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, protectionAlg, X509_ALGOR, 1),
364 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, senderKID, ASN1_OCTET_STRING, 2),
365 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, recipKID, ASN1_OCTET_STRING, 3),
366 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, transactionID, ASN1_OCTET_STRING, 4),
367 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, senderNonce, ASN1_OCTET_STRING, 5),
368 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, recipNonce, ASN1_OCTET_STRING, 6),
369 /*
370 * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
371 * so it is used directly
372 */
373 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER, freeText, ASN1_UTF8STRING, 7),
374 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER, generalInfo,
375 OSSL_CMP_ITAV, 8)
376 } ASN1_SEQUENCE_END(OSSL_CMP_PKIHEADER)
377 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIHEADER)
378
379 ASN1_SEQUENCE(CMP_PROTECTEDPART) = {
380 ASN1_SIMPLE(OSSL_CMP_MSG, header, OSSL_CMP_PKIHEADER),
381 ASN1_SIMPLE(OSSL_CMP_MSG, body, OSSL_CMP_PKIBODY)
382 } ASN1_SEQUENCE_END(CMP_PROTECTEDPART)
383 IMPLEMENT_ASN1_FUNCTIONS(CMP_PROTECTEDPART)
384
385 ASN1_SEQUENCE(OSSL_CMP_MSG) = {
386 ASN1_SIMPLE(OSSL_CMP_MSG, header, OSSL_CMP_PKIHEADER),
387 ASN1_SIMPLE(OSSL_CMP_MSG, body, OSSL_CMP_PKIBODY),
388 ASN1_EXP_OPT(OSSL_CMP_MSG, protection, ASN1_BIT_STRING, 0),
389 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
390 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_MSG, extraCerts, X509, 1)
391 } ASN1_SEQUENCE_END(OSSL_CMP_MSG)
392 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_MSG)
393 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_MSG)
394
395 ASN1_ITEM_TEMPLATE(OSSL_CMP_MSGS) =
396 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_MSGS,
397 OSSL_CMP_MSG)
398 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_MSGS)
A mirror of the official openssl repository