2 * Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright Nokia 2007-2019
4 * Copyright Siemens AG 2015-2019
6 * Licensed under the Apache License 2.0 (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
12 #include <openssl/asn1t.h>
14 #include "cmp_local.h"
16 /* explicit #includes not strictly needed since implied by the above: */
17 #include <openssl/cmp.h>
18 #include <openssl/crmf.h>
20 /* ASN.1 declarations from RFC4210 */
21 ASN1_SEQUENCE(OSSL_CMP_REVANNCONTENT
) = {
22 /* OSSL_CMP_PKISTATUS is effectively ASN1_INTEGER so it is used directly */
23 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, status
, ASN1_INTEGER
),
24 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, certId
, OSSL_CRMF_CERTID
),
25 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, willBeRevokedAt
, ASN1_GENERALIZEDTIME
),
26 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, badSinceDate
, ASN1_GENERALIZEDTIME
),
27 ASN1_OPT(OSSL_CMP_REVANNCONTENT
, crlDetails
, X509_EXTENSIONS
)
28 } ASN1_SEQUENCE_END(OSSL_CMP_REVANNCONTENT
)
29 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVANNCONTENT
)
32 ASN1_SEQUENCE(OSSL_CMP_CHALLENGE
) = {
33 ASN1_OPT(OSSL_CMP_CHALLENGE
, owf
, X509_ALGOR
),
34 ASN1_SIMPLE(OSSL_CMP_CHALLENGE
, witness
, ASN1_OCTET_STRING
),
35 ASN1_SIMPLE(OSSL_CMP_CHALLENGE
, challenge
, ASN1_OCTET_STRING
)
36 } ASN1_SEQUENCE_END(OSSL_CMP_CHALLENGE
)
37 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CHALLENGE
)
40 ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYCHALLCONTENT
) =
41 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
42 OSSL_CMP_POPODECKEYCHALLCONTENT
, OSSL_CMP_CHALLENGE
)
43 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYCHALLCONTENT
)
46 ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYRESPCONTENT
) =
47 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
48 OSSL_CMP_POPODECKEYRESPCONTENT
, ASN1_INTEGER
)
49 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYRESPCONTENT
)
52 ASN1_SEQUENCE(OSSL_CMP_CAKEYUPDANNCONTENT
) = {
53 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
54 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT
, oldWithNew
, X509
),
55 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
56 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT
, newWithOld
, X509
),
57 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
58 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT
, newWithNew
, X509
)
59 } ASN1_SEQUENCE_END(OSSL_CMP_CAKEYUPDANNCONTENT
)
60 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CAKEYUPDANNCONTENT
)
63 ASN1_SEQUENCE(OSSL_CMP_ERRORMSGCONTENT
) = {
64 ASN1_SIMPLE(OSSL_CMP_ERRORMSGCONTENT
, pKIStatusInfo
, OSSL_CMP_PKISI
),
65 ASN1_OPT(OSSL_CMP_ERRORMSGCONTENT
, errorCode
, ASN1_INTEGER
),
67 * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
68 * so it is used directly
71 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ERRORMSGCONTENT
, errorDetails
, ASN1_UTF8STRING
)
72 } ASN1_SEQUENCE_END(OSSL_CMP_ERRORMSGCONTENT
)
73 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ERRORMSGCONTENT
)
75 ASN1_ADB_TEMPLATE(infotypeandvalue_default
) = ASN1_OPT(OSSL_CMP_ITAV
,
76 infoValue
.other
, ASN1_ANY
);
77 /* ITAV means InfoTypeAndValue */
78 ASN1_ADB(OSSL_CMP_ITAV
) = {
79 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
80 ADB_ENTRY(NID_id_it_caProtEncCert
, ASN1_OPT(OSSL_CMP_ITAV
,
81 infoValue
.caProtEncCert
, X509
)),
82 ADB_ENTRY(NID_id_it_signKeyPairTypes
,
83 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
,
84 infoValue
.signKeyPairTypes
, X509_ALGOR
)),
85 ADB_ENTRY(NID_id_it_encKeyPairTypes
,
86 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
,
87 infoValue
.encKeyPairTypes
, X509_ALGOR
)),
88 ADB_ENTRY(NID_id_it_preferredSymmAlg
,
89 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.preferredSymmAlg
,
91 ADB_ENTRY(NID_id_it_caKeyUpdateInfo
,
92 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.caKeyUpdateInfo
,
93 OSSL_CMP_CAKEYUPDANNCONTENT
)),
94 ADB_ENTRY(NID_id_it_currentCRL
,
95 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.currentCRL
, X509_CRL
)),
96 ADB_ENTRY(NID_id_it_unsupportedOIDs
,
97 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
,
98 infoValue
.unsupportedOIDs
, ASN1_OBJECT
)),
99 ADB_ENTRY(NID_id_it_keyPairParamReq
,
100 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.keyPairParamReq
,
102 ADB_ENTRY(NID_id_it_keyPairParamRep
,
103 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.keyPairParamRep
,
105 ADB_ENTRY(NID_id_it_revPassphrase
,
106 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.revPassphrase
,
107 OSSL_CRMF_ENCRYPTEDVALUE
)),
108 ADB_ENTRY(NID_id_it_implicitConfirm
,
109 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.implicitConfirm
,
111 ADB_ENTRY(NID_id_it_confirmWaitTime
,
112 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.confirmWaitTime
,
113 ASN1_GENERALIZEDTIME
)),
114 ADB_ENTRY(NID_id_it_origPKIMessage
,
115 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.origPKIMessage
,
117 ADB_ENTRY(NID_id_it_suppLangTags
,
118 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
, infoValue
.suppLangTagsValue
,
120 } ASN1_ADB_END(OSSL_CMP_ITAV
, 0, infoType
, 0,
121 &infotypeandvalue_default_tt
, NULL
);
124 ASN1_SEQUENCE(OSSL_CMP_ITAV
) = {
125 ASN1_SIMPLE(OSSL_CMP_ITAV
, infoType
, ASN1_OBJECT
),
126 ASN1_ADB_OBJECT(OSSL_CMP_ITAV
)
127 } ASN1_SEQUENCE_END(OSSL_CMP_ITAV
)
128 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ITAV
)
129 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV
)
131 OSSL_CMP_ITAV
*OSSL_CMP_ITAV_create(ASN1_OBJECT
*type
, ASN1_TYPE
*value
)
135 if (type
== NULL
|| (itav
= OSSL_CMP_ITAV_new()) == NULL
)
137 OSSL_CMP_ITAV_set0(itav
, type
, value
);
141 void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV
*itav
, ASN1_OBJECT
*type
,
144 itav
->infoType
= type
;
145 itav
->infoValue
.other
= value
;
148 ASN1_OBJECT
*OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV
*itav
)
152 return itav
->infoType
;
155 ASN1_TYPE
*OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV
*itav
)
159 return itav
->infoValue
.other
;
162 int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV
) **itav_sk_p
,
167 if (itav_sk_p
== NULL
|| itav
== NULL
) {
168 CMPerr(0, CMP_R_NULL_ARGUMENT
);
172 if (*itav_sk_p
== NULL
) {
173 if ((*itav_sk_p
= sk_OSSL_CMP_ITAV_new_null()) == NULL
)
177 if (!sk_OSSL_CMP_ITAV_push(*itav_sk_p
, itav
))
183 sk_OSSL_CMP_ITAV_free(*itav_sk_p
);
189 /* get ASN.1 encoded integer, return -1 on error */
190 int ossl_cmp_asn1_get_int(const ASN1_INTEGER
*a
)
194 if (!ASN1_INTEGER_get_int64(&res
, a
)) {
195 CMPerr(0, ASN1_R_INVALID_NUMBER
);
199 CMPerr(0, ASN1_R_TOO_SMALL
);
203 CMPerr(0, ASN1_R_TOO_LARGE
);
209 ASN1_CHOICE(OSSL_CMP_CERTORENCCERT
) = {
210 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
211 ASN1_EXP(OSSL_CMP_CERTORENCCERT
, value
.certificate
, X509
, 0),
212 ASN1_EXP(OSSL_CMP_CERTORENCCERT
, value
.encryptedCert
,
213 OSSL_CRMF_ENCRYPTEDVALUE
, 1),
214 } ASN1_CHOICE_END(OSSL_CMP_CERTORENCCERT
)
215 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTORENCCERT
)
218 ASN1_SEQUENCE(OSSL_CMP_CERTIFIEDKEYPAIR
) = {
219 ASN1_SIMPLE(OSSL_CMP_CERTIFIEDKEYPAIR
, certOrEncCert
,
220 OSSL_CMP_CERTORENCCERT
),
221 ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR
, privateKey
,
222 OSSL_CRMF_ENCRYPTEDVALUE
, 0),
223 ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR
, publicationInfo
,
224 OSSL_CRMF_PKIPUBLICATIONINFO
, 1)
225 } ASN1_SEQUENCE_END(OSSL_CMP_CERTIFIEDKEYPAIR
)
226 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTIFIEDKEYPAIR
)
229 ASN1_SEQUENCE(OSSL_CMP_REVDETAILS
) = {
230 ASN1_SIMPLE(OSSL_CMP_REVDETAILS
, certDetails
, OSSL_CRMF_CERTTEMPLATE
),
231 ASN1_OPT(OSSL_CMP_REVDETAILS
, crlEntryDetails
, X509_EXTENSIONS
)
232 } ASN1_SEQUENCE_END(OSSL_CMP_REVDETAILS
)
233 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVDETAILS
)
236 ASN1_ITEM_TEMPLATE(OSSL_CMP_REVREQCONTENT
) =
237 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_REVREQCONTENT
,
239 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_REVREQCONTENT
)
242 ASN1_SEQUENCE(OSSL_CMP_REVREPCONTENT
) = {
243 ASN1_SEQUENCE_OF(OSSL_CMP_REVREPCONTENT
, status
, OSSL_CMP_PKISI
),
244 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT
, revCerts
, OSSL_CRMF_CERTID
,
246 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT
, crls
, X509_CRL
, 1)
247 } ASN1_SEQUENCE_END(OSSL_CMP_REVREPCONTENT
)
248 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVREPCONTENT
)
251 ASN1_SEQUENCE(OSSL_CMP_KEYRECREPCONTENT
) = {
252 ASN1_SIMPLE(OSSL_CMP_KEYRECREPCONTENT
, status
, OSSL_CMP_PKISI
),
253 ASN1_EXP_OPT(OSSL_CMP_KEYRECREPCONTENT
, newSigCert
, X509
, 0),
254 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT
, caCerts
, X509
, 1),
255 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT
, keyPairHist
,
256 OSSL_CMP_CERTIFIEDKEYPAIR
, 2)
257 } ASN1_SEQUENCE_END(OSSL_CMP_KEYRECREPCONTENT
)
258 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_KEYRECREPCONTENT
)
261 ASN1_ITEM_TEMPLATE(OSSL_CMP_PKISTATUS
) =
262 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_UNIVERSAL
, 0, status
, ASN1_INTEGER
)
263 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_PKISTATUS
)
265 ASN1_SEQUENCE(OSSL_CMP_PKISI
) = {
266 ASN1_SIMPLE(OSSL_CMP_PKISI
, status
, OSSL_CMP_PKISTATUS
),
268 * CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
269 * so it is used directly
271 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_PKISI
, statusString
, ASN1_UTF8STRING
),
273 * OSSL_CMP_PKIFAILUREINFO is effectively ASN1_BIT_STRING so used directly
275 ASN1_OPT(OSSL_CMP_PKISI
, failInfo
, ASN1_BIT_STRING
)
276 } ASN1_SEQUENCE_END(OSSL_CMP_PKISI
)
277 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKISI
)
278 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_PKISI
)
280 ASN1_SEQUENCE(OSSL_CMP_CERTSTATUS
) = {
281 ASN1_SIMPLE(OSSL_CMP_CERTSTATUS
, certHash
, ASN1_OCTET_STRING
),
282 ASN1_SIMPLE(OSSL_CMP_CERTSTATUS
, certReqId
, ASN1_INTEGER
),
283 ASN1_OPT(OSSL_CMP_CERTSTATUS
, statusInfo
, OSSL_CMP_PKISI
)
284 } ASN1_SEQUENCE_END(OSSL_CMP_CERTSTATUS
)
285 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTSTATUS
)
287 ASN1_ITEM_TEMPLATE(OSSL_CMP_CERTCONFIRMCONTENT
) =
288 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_CERTCONFIRMCONTENT
,
290 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CERTCONFIRMCONTENT
)
292 ASN1_SEQUENCE(OSSL_CMP_CERTRESPONSE
) = {
293 ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE
, certReqId
, ASN1_INTEGER
),
294 ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE
, status
, OSSL_CMP_PKISI
),
295 ASN1_OPT(OSSL_CMP_CERTRESPONSE
, certifiedKeyPair
,
296 OSSL_CMP_CERTIFIEDKEYPAIR
),
297 ASN1_OPT(OSSL_CMP_CERTRESPONSE
, rspInfo
, ASN1_OCTET_STRING
)
298 } ASN1_SEQUENCE_END(OSSL_CMP_CERTRESPONSE
)
299 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTRESPONSE
)
301 ASN1_SEQUENCE(OSSL_CMP_POLLREQ
) = {
302 ASN1_SIMPLE(OSSL_CMP_POLLREQ
, certReqId
, ASN1_INTEGER
)
303 } ASN1_SEQUENCE_END(OSSL_CMP_POLLREQ
)
304 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREQ
)
306 ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREQCONTENT
) =
307 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_POLLREQCONTENT
,
309 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREQCONTENT
)
311 ASN1_SEQUENCE(OSSL_CMP_POLLREP
) = {
312 ASN1_SIMPLE(OSSL_CMP_POLLREP
, certReqId
, ASN1_INTEGER
),
313 ASN1_SIMPLE(OSSL_CMP_POLLREP
, checkAfter
, ASN1_INTEGER
),
314 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_POLLREP
, reason
, ASN1_UTF8STRING
),
315 } ASN1_SEQUENCE_END(OSSL_CMP_POLLREP
)
316 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREP
)
318 ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREPCONTENT
) =
319 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
320 OSSL_CMP_POLLREPCONTENT
,
322 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREPCONTENT
)
324 ASN1_SEQUENCE(OSSL_CMP_CERTREPMESSAGE
) = {
325 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
326 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_CERTREPMESSAGE
, caPubs
, X509
, 1),
327 ASN1_SEQUENCE_OF(OSSL_CMP_CERTREPMESSAGE
, response
, OSSL_CMP_CERTRESPONSE
)
328 } ASN1_SEQUENCE_END(OSSL_CMP_CERTREPMESSAGE
)
329 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTREPMESSAGE
)
331 ASN1_ITEM_TEMPLATE(OSSL_CMP_GENMSGCONTENT
) =
332 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_GENMSGCONTENT
,
334 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENMSGCONTENT
)
336 ASN1_ITEM_TEMPLATE(OSSL_CMP_GENREPCONTENT
) =
337 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_GENREPCONTENT
,
339 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENREPCONTENT
)
341 ASN1_ITEM_TEMPLATE(OSSL_CMP_CRLANNCONTENT
) =
342 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
343 OSSL_CMP_CRLANNCONTENT
, X509_CRL
)
344 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CRLANNCONTENT
)
346 ASN1_CHOICE(OSSL_CMP_PKIBODY
) = {
347 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ir
, OSSL_CRMF_MSGS
, 0),
348 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ip
, OSSL_CMP_CERTREPMESSAGE
, 1),
349 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.cr
, OSSL_CRMF_MSGS
, 2),
350 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.cp
, OSSL_CMP_CERTREPMESSAGE
, 3),
351 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.p10cr
, X509_REQ
, 4),
352 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.popdecc
, OSSL_CMP_POPODECKEYCHALLCONTENT
, 5),
353 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.popdecr
, OSSL_CMP_POPODECKEYRESPCONTENT
, 6),
354 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.kur
, OSSL_CRMF_MSGS
, 7),
355 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.kup
, OSSL_CMP_CERTREPMESSAGE
, 8),
356 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.krr
, OSSL_CRMF_MSGS
, 9),
357 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.krp
, OSSL_CMP_KEYRECREPCONTENT
, 10),
358 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.rr
, OSSL_CMP_REVREQCONTENT
, 11),
359 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.rp
, OSSL_CMP_REVREPCONTENT
, 12),
360 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ccr
, OSSL_CRMF_MSGS
, 13),
361 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ccp
, OSSL_CMP_CERTREPMESSAGE
, 14),
362 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ckuann
, OSSL_CMP_CAKEYUPDANNCONTENT
, 15),
363 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.cann
, X509
, 16),
364 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.rann
, OSSL_CMP_REVANNCONTENT
, 17),
365 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.crlann
, OSSL_CMP_CRLANNCONTENT
, 18),
366 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.pkiconf
, ASN1_ANY
, 19),
367 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.nested
, OSSL_CMP_MSGS
, 20),
368 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.genm
, OSSL_CMP_GENMSGCONTENT
, 21),
369 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.genp
, OSSL_CMP_GENREPCONTENT
, 22),
370 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.error
, OSSL_CMP_ERRORMSGCONTENT
, 23),
371 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.certConf
, OSSL_CMP_CERTCONFIRMCONTENT
, 24),
372 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.pollReq
, OSSL_CMP_POLLREQCONTENT
, 25),
373 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.pollRep
, OSSL_CMP_POLLREPCONTENT
, 26),
374 } ASN1_CHOICE_END(OSSL_CMP_PKIBODY
)
375 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIBODY
)
377 ASN1_SEQUENCE(OSSL_CMP_PKIHEADER
) = {
378 ASN1_SIMPLE(OSSL_CMP_PKIHEADER
, pvno
, ASN1_INTEGER
),
379 ASN1_SIMPLE(OSSL_CMP_PKIHEADER
, sender
, GENERAL_NAME
),
380 ASN1_SIMPLE(OSSL_CMP_PKIHEADER
, recipient
, GENERAL_NAME
),
381 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, messageTime
, ASN1_GENERALIZEDTIME
, 0),
382 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, protectionAlg
, X509_ALGOR
, 1),
383 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, senderKID
, ASN1_OCTET_STRING
, 2),
384 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, recipKID
, ASN1_OCTET_STRING
, 3),
385 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, transactionID
, ASN1_OCTET_STRING
, 4),
386 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, senderNonce
, ASN1_OCTET_STRING
, 5),
387 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, recipNonce
, ASN1_OCTET_STRING
, 6),
389 * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
390 * so it is used directly
392 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER
, freeText
, ASN1_UTF8STRING
, 7),
393 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER
, generalInfo
,
395 } ASN1_SEQUENCE_END(OSSL_CMP_PKIHEADER
)
396 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIHEADER
)
398 ASN1_SEQUENCE(CMP_PROTECTEDPART
) = {
399 ASN1_SIMPLE(OSSL_CMP_MSG
, header
, OSSL_CMP_PKIHEADER
),
400 ASN1_SIMPLE(OSSL_CMP_MSG
, body
, OSSL_CMP_PKIBODY
)
401 } ASN1_SEQUENCE_END(CMP_PROTECTEDPART
)
402 IMPLEMENT_ASN1_FUNCTIONS(CMP_PROTECTEDPART
)
404 ASN1_SEQUENCE(OSSL_CMP_MSG
) = {
405 ASN1_SIMPLE(OSSL_CMP_MSG
, header
, OSSL_CMP_PKIHEADER
),
406 ASN1_SIMPLE(OSSL_CMP_MSG
, body
, OSSL_CMP_PKIBODY
),
407 ASN1_EXP_OPT(OSSL_CMP_MSG
, protection
, ASN1_BIT_STRING
, 0),
408 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
409 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_MSG
, extraCerts
, X509
, 1)
410 } ASN1_SEQUENCE_END(OSSL_CMP_MSG
)
411 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_MSG
)
412 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_MSG
)
414 ASN1_ITEM_TEMPLATE(OSSL_CMP_MSGS
) =
415 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_MSGS
,
417 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_MSGS
)