2 * Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright Nokia 2007-2019
4 * Copyright Siemens AG 2015-2019
6 * Licensed under the Apache License 2.0 (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
11 * CMP implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb.
14 #include <openssl/asn1t.h>
18 /* explicit #includes not strictly needed since implied by the above: */
19 #include <openssl/cmp.h>
20 #include <openssl/crmf.h>
22 /* ASN.1 declarations from RFC4210 */
23 ASN1_SEQUENCE(OSSL_CMP_REVANNCONTENT
) = {
24 /* OSSL_CMP_PKISTATUS is effectively ASN1_INTEGER so it is used directly */
25 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, status
, ASN1_INTEGER
),
26 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, certId
, OSSL_CRMF_CERTID
),
27 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, willBeRevokedAt
, ASN1_GENERALIZEDTIME
),
28 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, badSinceDate
, ASN1_GENERALIZEDTIME
),
29 ASN1_OPT(OSSL_CMP_REVANNCONTENT
, crlDetails
, X509_EXTENSIONS
)
30 } ASN1_SEQUENCE_END(OSSL_CMP_REVANNCONTENT
)
31 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVANNCONTENT
)
34 ASN1_SEQUENCE(OSSL_CMP_CHALLENGE
) = {
35 ASN1_OPT(OSSL_CMP_CHALLENGE
, owf
, X509_ALGOR
),
36 ASN1_SIMPLE(OSSL_CMP_CHALLENGE
, witness
, ASN1_OCTET_STRING
),
37 ASN1_SIMPLE(OSSL_CMP_CHALLENGE
, challenge
, ASN1_OCTET_STRING
)
38 } ASN1_SEQUENCE_END(OSSL_CMP_CHALLENGE
)
39 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CHALLENGE
)
42 ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYCHALLCONTENT
) =
43 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
44 OSSL_CMP_POPODECKEYCHALLCONTENT
, OSSL_CMP_CHALLENGE
)
45 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYCHALLCONTENT
)
48 ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYRESPCONTENT
) =
49 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
50 OSSL_CMP_POPODECKEYRESPCONTENT
, ASN1_INTEGER
)
51 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYRESPCONTENT
)
54 ASN1_SEQUENCE(OSSL_CMP_CAKEYUPDANNCONTENT
) = {
55 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
56 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT
, oldWithNew
, X509
),
57 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
58 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT
, newWithOld
, X509
),
59 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
60 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT
, newWithNew
, X509
)
61 } ASN1_SEQUENCE_END(OSSL_CMP_CAKEYUPDANNCONTENT
)
62 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CAKEYUPDANNCONTENT
)
65 ASN1_SEQUENCE(OSSL_CMP_ERRORMSGCONTENT
) = {
66 ASN1_SIMPLE(OSSL_CMP_ERRORMSGCONTENT
, pKIStatusInfo
, OSSL_CMP_PKISI
),
67 ASN1_OPT(OSSL_CMP_ERRORMSGCONTENT
, errorCode
, ASN1_INTEGER
),
69 * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
70 * so it is used directly
73 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ERRORMSGCONTENT
, errorDetails
, ASN1_UTF8STRING
)
74 } ASN1_SEQUENCE_END(OSSL_CMP_ERRORMSGCONTENT
)
75 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ERRORMSGCONTENT
)
77 ASN1_ADB_TEMPLATE(infotypeandvalue_default
) = ASN1_OPT(OSSL_CMP_ITAV
,
78 infoValue
.other
, ASN1_ANY
);
79 /* ITAV means InfoTypeAndValue */
80 ASN1_ADB(OSSL_CMP_ITAV
) = {
81 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
82 ADB_ENTRY(NID_id_it_caProtEncCert
, ASN1_OPT(OSSL_CMP_ITAV
,
83 infoValue
.caProtEncCert
, X509
)),
84 ADB_ENTRY(NID_id_it_signKeyPairTypes
,
85 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
,
86 infoValue
.signKeyPairTypes
, X509_ALGOR
)),
87 ADB_ENTRY(NID_id_it_encKeyPairTypes
,
88 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
,
89 infoValue
.encKeyPairTypes
, X509_ALGOR
)),
90 ADB_ENTRY(NID_id_it_preferredSymmAlg
,
91 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.preferredSymmAlg
,
93 ADB_ENTRY(NID_id_it_caKeyUpdateInfo
,
94 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.caKeyUpdateInfo
,
95 OSSL_CMP_CAKEYUPDANNCONTENT
)),
96 ADB_ENTRY(NID_id_it_currentCRL
,
97 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.currentCRL
, X509_CRL
)),
98 ADB_ENTRY(NID_id_it_unsupportedOIDs
,
99 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
,
100 infoValue
.unsupportedOIDs
, ASN1_OBJECT
)),
101 ADB_ENTRY(NID_id_it_keyPairParamReq
,
102 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.keyPairParamReq
,
104 ADB_ENTRY(NID_id_it_keyPairParamRep
,
105 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.keyPairParamRep
,
107 ADB_ENTRY(NID_id_it_revPassphrase
,
108 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.revPassphrase
,
109 OSSL_CRMF_ENCRYPTEDVALUE
)),
110 ADB_ENTRY(NID_id_it_implicitConfirm
,
111 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.implicitConfirm
,
113 ADB_ENTRY(NID_id_it_confirmWaitTime
,
114 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.confirmWaitTime
,
115 ASN1_GENERALIZEDTIME
)),
116 ADB_ENTRY(NID_id_it_origPKIMessage
,
117 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.origPKIMessage
,
119 ADB_ENTRY(NID_id_it_suppLangTags
,
120 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
, infoValue
.suppLangTagsValue
,
122 } ASN1_ADB_END(OSSL_CMP_ITAV
, 0, infoType
, 0,
123 &infotypeandvalue_default_tt
, NULL
);
126 ASN1_SEQUENCE(OSSL_CMP_ITAV
) = {
127 ASN1_SIMPLE(OSSL_CMP_ITAV
, infoType
, ASN1_OBJECT
),
128 ASN1_ADB_OBJECT(OSSL_CMP_ITAV
)
129 } ASN1_SEQUENCE_END(OSSL_CMP_ITAV
)
130 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ITAV
)
131 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV
)
133 OSSL_CMP_ITAV
*OSSL_CMP_ITAV_create(ASN1_OBJECT
*type
, ASN1_TYPE
*value
)
137 if (type
== NULL
|| (itav
= OSSL_CMP_ITAV_new()) == NULL
)
139 OSSL_CMP_ITAV_set0(itav
, type
, value
);
143 void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV
*itav
, ASN1_OBJECT
*type
,
146 itav
->infoType
= type
;
147 itav
->infoValue
.other
= value
;
150 ASN1_OBJECT
*OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV
*itav
)
154 return itav
->infoType
;
157 ASN1_TYPE
*OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV
*itav
)
161 return itav
->infoValue
.other
;
164 int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV
) **itav_sk_p
,
169 if (itav_sk_p
== NULL
)
172 if (*itav_sk_p
== NULL
) {
173 if ((*itav_sk_p
= sk_OSSL_CMP_ITAV_new_null()) == NULL
)
178 if (!sk_OSSL_CMP_ITAV_push(*itav_sk_p
, itav
))
184 sk_OSSL_CMP_ITAV_free(*itav_sk_p
);
190 ASN1_CHOICE(OSSL_CMP_CERTORENCCERT
) = {
191 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
192 ASN1_EXP(OSSL_CMP_CERTORENCCERT
, value
.certificate
, X509
, 0),
193 ASN1_EXP(OSSL_CMP_CERTORENCCERT
, value
.encryptedCert
,
194 OSSL_CRMF_ENCRYPTEDVALUE
, 1),
195 } ASN1_CHOICE_END(OSSL_CMP_CERTORENCCERT
)
196 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTORENCCERT
)
199 ASN1_SEQUENCE(OSSL_CMP_CERTIFIEDKEYPAIR
) = {
200 ASN1_SIMPLE(OSSL_CMP_CERTIFIEDKEYPAIR
, certOrEncCert
,
201 OSSL_CMP_CERTORENCCERT
),
202 ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR
, privateKey
,
203 OSSL_CRMF_ENCRYPTEDVALUE
, 0),
204 ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR
, publicationInfo
,
205 OSSL_CRMF_PKIPUBLICATIONINFO
, 1)
206 } ASN1_SEQUENCE_END(OSSL_CMP_CERTIFIEDKEYPAIR
)
207 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTIFIEDKEYPAIR
)
210 ASN1_SEQUENCE(OSSL_CMP_REVDETAILS
) = {
211 ASN1_SIMPLE(OSSL_CMP_REVDETAILS
, certDetails
, OSSL_CRMF_CERTTEMPLATE
),
212 ASN1_OPT(OSSL_CMP_REVDETAILS
, crlEntryDetails
, X509_EXTENSIONS
)
213 } ASN1_SEQUENCE_END(OSSL_CMP_REVDETAILS
)
214 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVDETAILS
)
217 ASN1_ITEM_TEMPLATE(OSSL_CMP_REVREQCONTENT
) =
218 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_REVREQCONTENT
,
220 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_REVREQCONTENT
)
223 ASN1_SEQUENCE(OSSL_CMP_REVREPCONTENT
) = {
224 ASN1_SEQUENCE_OF(OSSL_CMP_REVREPCONTENT
, status
, OSSL_CMP_PKISI
),
225 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT
, revCerts
, OSSL_CRMF_CERTID
,
227 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT
, crls
, X509_CRL
, 1)
228 } ASN1_SEQUENCE_END(OSSL_CMP_REVREPCONTENT
)
229 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVREPCONTENT
)
232 ASN1_SEQUENCE(OSSL_CMP_KEYRECREPCONTENT
) = {
233 ASN1_SIMPLE(OSSL_CMP_KEYRECREPCONTENT
, status
, OSSL_CMP_PKISI
),
234 ASN1_EXP_OPT(OSSL_CMP_KEYRECREPCONTENT
, newSigCert
, X509
, 0),
235 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT
, caCerts
, X509
, 1),
236 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT
, keyPairHist
,
237 OSSL_CMP_CERTIFIEDKEYPAIR
, 2)
238 } ASN1_SEQUENCE_END(OSSL_CMP_KEYRECREPCONTENT
)
239 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_KEYRECREPCONTENT
)
242 ASN1_ITEM_TEMPLATE(OSSL_CMP_PKISTATUS
) =
243 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_UNIVERSAL
, 0, status
, ASN1_INTEGER
)
244 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_PKISTATUS
)
246 ASN1_SEQUENCE(OSSL_CMP_PKISI
) = {
247 ASN1_SIMPLE(OSSL_CMP_PKISI
, status
, OSSL_CMP_PKISTATUS
),
249 * CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
250 * so it is used directly
252 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_PKISI
, statusString
, ASN1_UTF8STRING
),
254 * OSSL_CMP_PKIFAILUREINFO is effectively ASN1_BIT_STRING so used directly
256 ASN1_OPT(OSSL_CMP_PKISI
, failInfo
, ASN1_BIT_STRING
)
257 } ASN1_SEQUENCE_END(OSSL_CMP_PKISI
)
258 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKISI
)
259 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_PKISI
)
261 ASN1_SEQUENCE(OSSL_CMP_CERTSTATUS
) = {
262 ASN1_SIMPLE(OSSL_CMP_CERTSTATUS
, certHash
, ASN1_OCTET_STRING
),
263 ASN1_SIMPLE(OSSL_CMP_CERTSTATUS
, certReqId
, ASN1_INTEGER
),
264 ASN1_OPT(OSSL_CMP_CERTSTATUS
, statusInfo
, OSSL_CMP_PKISI
)
265 } ASN1_SEQUENCE_END(OSSL_CMP_CERTSTATUS
)
266 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTSTATUS
)
268 ASN1_ITEM_TEMPLATE(OSSL_CMP_CERTCONFIRMCONTENT
) =
269 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_CERTCONFIRMCONTENT
,
271 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CERTCONFIRMCONTENT
)
273 ASN1_SEQUENCE(OSSL_CMP_CERTRESPONSE
) = {
274 ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE
, certReqId
, ASN1_INTEGER
),
275 ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE
, status
, OSSL_CMP_PKISI
),
276 ASN1_OPT(OSSL_CMP_CERTRESPONSE
, certifiedKeyPair
,
277 OSSL_CMP_CERTIFIEDKEYPAIR
),
278 ASN1_OPT(OSSL_CMP_CERTRESPONSE
, rspInfo
, ASN1_OCTET_STRING
)
279 } ASN1_SEQUENCE_END(OSSL_CMP_CERTRESPONSE
)
280 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTRESPONSE
)
282 ASN1_SEQUENCE(OSSL_CMP_POLLREQ
) = {
283 ASN1_SIMPLE(OSSL_CMP_POLLREQ
, certReqId
, ASN1_INTEGER
)
284 } ASN1_SEQUENCE_END(OSSL_CMP_POLLREQ
)
285 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREQ
)
287 ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREQCONTENT
) =
288 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_POLLREQCONTENT
,
290 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREQCONTENT
)
292 ASN1_SEQUENCE(OSSL_CMP_POLLREP
) = {
293 ASN1_SIMPLE(OSSL_CMP_POLLREP
, certReqId
, ASN1_INTEGER
),
294 ASN1_SIMPLE(OSSL_CMP_POLLREP
, checkAfter
, ASN1_INTEGER
),
295 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_POLLREP
, reason
, ASN1_UTF8STRING
),
296 } ASN1_SEQUENCE_END(OSSL_CMP_POLLREP
)
297 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREP
)
299 ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREPCONTENT
) =
300 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
301 OSSL_CMP_POLLREPCONTENT
,
303 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREPCONTENT
)
305 ASN1_SEQUENCE(OSSL_CMP_CERTREPMESSAGE
) = {
306 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
307 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_CERTREPMESSAGE
, caPubs
, X509
, 1),
308 ASN1_SEQUENCE_OF(OSSL_CMP_CERTREPMESSAGE
, response
, OSSL_CMP_CERTRESPONSE
)
309 } ASN1_SEQUENCE_END(OSSL_CMP_CERTREPMESSAGE
)
310 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTREPMESSAGE
)
312 ASN1_ITEM_TEMPLATE(OSSL_CMP_GENMSGCONTENT
) =
313 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_GENMSGCONTENT
,
315 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENMSGCONTENT
)
317 ASN1_ITEM_TEMPLATE(OSSL_CMP_GENREPCONTENT
) =
318 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_GENREPCONTENT
,
320 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENREPCONTENT
)
322 ASN1_ITEM_TEMPLATE(OSSL_CMP_CRLANNCONTENT
) =
323 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
324 OSSL_CMP_CRLANNCONTENT
, X509_CRL
)
325 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CRLANNCONTENT
)
327 ASN1_CHOICE(OSSL_CMP_PKIBODY
) = {
328 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ir
, OSSL_CRMF_MSGS
, 0),
329 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ip
, OSSL_CMP_CERTREPMESSAGE
, 1),
330 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.cr
, OSSL_CRMF_MSGS
, 2),
331 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.cp
, OSSL_CMP_CERTREPMESSAGE
, 3),
332 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.p10cr
, X509_REQ
, 4),
333 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.popdecc
, OSSL_CMP_POPODECKEYCHALLCONTENT
, 5),
334 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.popdecr
, OSSL_CMP_POPODECKEYRESPCONTENT
, 6),
335 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.kur
, OSSL_CRMF_MSGS
, 7),
336 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.kup
, OSSL_CMP_CERTREPMESSAGE
, 8),
337 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.krr
, OSSL_CRMF_MSGS
, 9),
338 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.krp
, OSSL_CMP_KEYRECREPCONTENT
, 10),
339 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.rr
, OSSL_CMP_REVREQCONTENT
, 11),
340 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.rp
, OSSL_CMP_REVREPCONTENT
, 12),
341 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ccr
, OSSL_CRMF_MSGS
, 13),
342 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ccp
, OSSL_CMP_CERTREPMESSAGE
, 14),
343 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ckuann
, OSSL_CMP_CAKEYUPDANNCONTENT
, 15),
344 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.cann
, X509
, 16),
345 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.rann
, OSSL_CMP_REVANNCONTENT
, 17),
346 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.crlann
, OSSL_CMP_CRLANNCONTENT
, 18),
347 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.pkiconf
, ASN1_ANY
, 19),
348 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.nested
, OSSL_CMP_MSGS
, 20),
349 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.genm
, OSSL_CMP_GENMSGCONTENT
, 21),
350 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.genp
, OSSL_CMP_GENREPCONTENT
, 22),
351 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.error
, OSSL_CMP_ERRORMSGCONTENT
, 23),
352 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.certConf
, OSSL_CMP_CERTCONFIRMCONTENT
, 24),
353 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.pollReq
, OSSL_CMP_POLLREQCONTENT
, 25),
354 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.pollRep
, OSSL_CMP_POLLREPCONTENT
, 26),
355 } ASN1_CHOICE_END(OSSL_CMP_PKIBODY
)
356 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIBODY
)
358 ASN1_SEQUENCE(OSSL_CMP_PKIHEADER
) = {
359 ASN1_SIMPLE(OSSL_CMP_PKIHEADER
, pvno
, ASN1_INTEGER
),
360 ASN1_SIMPLE(OSSL_CMP_PKIHEADER
, sender
, GENERAL_NAME
),
361 ASN1_SIMPLE(OSSL_CMP_PKIHEADER
, recipient
, GENERAL_NAME
),
362 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, messageTime
, ASN1_GENERALIZEDTIME
, 0),
363 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, protectionAlg
, X509_ALGOR
, 1),
364 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, senderKID
, ASN1_OCTET_STRING
, 2),
365 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, recipKID
, ASN1_OCTET_STRING
, 3),
366 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, transactionID
, ASN1_OCTET_STRING
, 4),
367 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, senderNonce
, ASN1_OCTET_STRING
, 5),
368 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, recipNonce
, ASN1_OCTET_STRING
, 6),
370 * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
371 * so it is used directly
373 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER
, freeText
, ASN1_UTF8STRING
, 7),
374 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER
, generalInfo
,
376 } ASN1_SEQUENCE_END(OSSL_CMP_PKIHEADER
)
377 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIHEADER
)
379 ASN1_SEQUENCE(CMP_PROTECTEDPART
) = {
380 ASN1_SIMPLE(OSSL_CMP_MSG
, header
, OSSL_CMP_PKIHEADER
),
381 ASN1_SIMPLE(OSSL_CMP_MSG
, body
, OSSL_CMP_PKIBODY
)
382 } ASN1_SEQUENCE_END(CMP_PROTECTEDPART
)
383 IMPLEMENT_ASN1_FUNCTIONS(CMP_PROTECTEDPART
)
385 ASN1_SEQUENCE(OSSL_CMP_MSG
) = {
386 ASN1_SIMPLE(OSSL_CMP_MSG
, header
, OSSL_CMP_PKIHEADER
),
387 ASN1_SIMPLE(OSSL_CMP_MSG
, body
, OSSL_CMP_PKIBODY
),
388 ASN1_EXP_OPT(OSSL_CMP_MSG
, protection
, ASN1_BIT_STRING
, 0),
389 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
390 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_MSG
, extraCerts
, X509
, 1)
391 } ASN1_SEQUENCE_END(OSSL_CMP_MSG
)
392 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_MSG
)
393 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_MSG
)
395 ASN1_ITEM_TEMPLATE(OSSL_CMP_MSGS
) =
396 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_MSGS
,
398 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_MSGS
)