2 * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright Nokia 2007-2019
4 * Copyright Siemens AG 2015-2019
6 * Licensed under the Apache License 2.0 (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
12 #include <openssl/asn1t.h>
14 #include "cmp_local.h"
16 /* explicit #includes not strictly needed since implied by the above: */
17 #include <openssl/cmp.h>
18 #include <openssl/crmf.h>
20 /* ASN.1 declarations from RFC4210 */
21 ASN1_SEQUENCE(OSSL_CMP_REVANNCONTENT
) = {
22 /* OSSL_CMP_PKISTATUS is effectively ASN1_INTEGER so it is used directly */
23 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, status
, ASN1_INTEGER
),
24 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, certId
, OSSL_CRMF_CERTID
),
25 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, willBeRevokedAt
, ASN1_GENERALIZEDTIME
),
26 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, badSinceDate
, ASN1_GENERALIZEDTIME
),
27 ASN1_OPT(OSSL_CMP_REVANNCONTENT
, crlDetails
, X509_EXTENSIONS
)
28 } ASN1_SEQUENCE_END(OSSL_CMP_REVANNCONTENT
)
29 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVANNCONTENT
)
32 ASN1_SEQUENCE(OSSL_CMP_CHALLENGE
) = {
33 ASN1_OPT(OSSL_CMP_CHALLENGE
, owf
, X509_ALGOR
),
34 ASN1_SIMPLE(OSSL_CMP_CHALLENGE
, witness
, ASN1_OCTET_STRING
),
35 ASN1_SIMPLE(OSSL_CMP_CHALLENGE
, challenge
, ASN1_OCTET_STRING
)
36 } ASN1_SEQUENCE_END(OSSL_CMP_CHALLENGE
)
37 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CHALLENGE
)
40 ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYCHALLCONTENT
) =
41 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
42 OSSL_CMP_POPODECKEYCHALLCONTENT
, OSSL_CMP_CHALLENGE
)
43 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYCHALLCONTENT
)
46 ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYRESPCONTENT
) =
47 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
48 OSSL_CMP_POPODECKEYRESPCONTENT
, ASN1_INTEGER
)
49 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYRESPCONTENT
)
52 ASN1_SEQUENCE(OSSL_CMP_CAKEYUPDANNCONTENT
) = {
53 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
54 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT
, oldWithNew
, X509
),
55 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
56 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT
, newWithOld
, X509
),
57 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
58 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT
, newWithNew
, X509
)
59 } ASN1_SEQUENCE_END(OSSL_CMP_CAKEYUPDANNCONTENT
)
60 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CAKEYUPDANNCONTENT
)
63 ASN1_SEQUENCE(OSSL_CMP_ERRORMSGCONTENT
) = {
64 ASN1_SIMPLE(OSSL_CMP_ERRORMSGCONTENT
, pKIStatusInfo
, OSSL_CMP_PKISI
),
65 ASN1_OPT(OSSL_CMP_ERRORMSGCONTENT
, errorCode
, ASN1_INTEGER
),
67 * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
68 * so it is used directly
71 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ERRORMSGCONTENT
, errorDetails
,
73 } ASN1_SEQUENCE_END(OSSL_CMP_ERRORMSGCONTENT
)
74 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ERRORMSGCONTENT
)
76 ASN1_ADB_TEMPLATE(infotypeandvalue_default
) = ASN1_OPT(OSSL_CMP_ITAV
,
79 /* ITAV means InfoTypeAndValue */
80 ASN1_ADB(OSSL_CMP_ITAV
) = {
81 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
82 ADB_ENTRY(NID_id_it_caProtEncCert
, ASN1_OPT(OSSL_CMP_ITAV
,
83 infoValue
.caProtEncCert
, X509
)),
84 ADB_ENTRY(NID_id_it_signKeyPairTypes
,
85 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
,
86 infoValue
.signKeyPairTypes
, X509_ALGOR
)),
87 ADB_ENTRY(NID_id_it_encKeyPairTypes
,
88 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
,
89 infoValue
.encKeyPairTypes
, X509_ALGOR
)),
90 ADB_ENTRY(NID_id_it_preferredSymmAlg
,
91 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.preferredSymmAlg
,
93 ADB_ENTRY(NID_id_it_caKeyUpdateInfo
,
94 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.caKeyUpdateInfo
,
95 OSSL_CMP_CAKEYUPDANNCONTENT
)),
96 ADB_ENTRY(NID_id_it_currentCRL
,
97 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.currentCRL
, X509_CRL
)),
98 ADB_ENTRY(NID_id_it_unsupportedOIDs
,
99 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
,
100 infoValue
.unsupportedOIDs
, ASN1_OBJECT
)),
101 ADB_ENTRY(NID_id_it_keyPairParamReq
,
102 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.keyPairParamReq
,
104 ADB_ENTRY(NID_id_it_keyPairParamRep
,
105 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.keyPairParamRep
,
107 ADB_ENTRY(NID_id_it_revPassphrase
,
108 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.revPassphrase
,
109 OSSL_CRMF_ENCRYPTEDVALUE
)),
110 ADB_ENTRY(NID_id_it_implicitConfirm
,
111 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.implicitConfirm
,
113 ADB_ENTRY(NID_id_it_confirmWaitTime
,
114 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.confirmWaitTime
,
115 ASN1_GENERALIZEDTIME
)),
116 ADB_ENTRY(NID_id_it_origPKIMessage
,
117 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.origPKIMessage
,
119 ADB_ENTRY(NID_id_it_suppLangTags
,
120 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
, infoValue
.suppLangTagsValue
,
122 } ASN1_ADB_END(OSSL_CMP_ITAV
, 0, infoType
, 0,
123 &infotypeandvalue_default_tt
, NULL
);
126 ASN1_SEQUENCE(OSSL_CMP_ITAV
) = {
127 ASN1_SIMPLE(OSSL_CMP_ITAV
, infoType
, ASN1_OBJECT
),
128 ASN1_ADB_OBJECT(OSSL_CMP_ITAV
)
129 } ASN1_SEQUENCE_END(OSSL_CMP_ITAV
)
130 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ITAV
)
131 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV
)
133 OSSL_CMP_ITAV
*OSSL_CMP_ITAV_create(ASN1_OBJECT
*type
, ASN1_TYPE
*value
)
137 if (type
== NULL
|| (itav
= OSSL_CMP_ITAV_new()) == NULL
)
139 OSSL_CMP_ITAV_set0(itav
, type
, value
);
143 void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV
*itav
, ASN1_OBJECT
*type
,
146 itav
->infoType
= type
;
147 itav
->infoValue
.other
= value
;
150 ASN1_OBJECT
*OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV
*itav
)
154 return itav
->infoType
;
157 ASN1_TYPE
*OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV
*itav
)
161 return itav
->infoValue
.other
;
164 int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV
) **itav_sk_p
,
169 if (itav_sk_p
== NULL
|| itav
== NULL
) {
170 CMPerr(0, CMP_R_NULL_ARGUMENT
);
174 if (*itav_sk_p
== NULL
) {
175 if ((*itav_sk_p
= sk_OSSL_CMP_ITAV_new_null()) == NULL
)
179 if (!sk_OSSL_CMP_ITAV_push(*itav_sk_p
, itav
))
185 sk_OSSL_CMP_ITAV_free(*itav_sk_p
);
191 /* get ASN.1 encoded integer, return -1 on error */
192 int ossl_cmp_asn1_get_int(const ASN1_INTEGER
*a
)
196 if (!ASN1_INTEGER_get_int64(&res
, a
)) {
197 CMPerr(0, ASN1_R_INVALID_NUMBER
);
201 CMPerr(0, ASN1_R_TOO_SMALL
);
205 CMPerr(0, ASN1_R_TOO_LARGE
);
211 ASN1_CHOICE(OSSL_CMP_CERTORENCCERT
) = {
212 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
213 ASN1_EXP(OSSL_CMP_CERTORENCCERT
, value
.certificate
, X509
, 0),
214 ASN1_EXP(OSSL_CMP_CERTORENCCERT
, value
.encryptedCert
,
215 OSSL_CRMF_ENCRYPTEDVALUE
, 1),
216 } ASN1_CHOICE_END(OSSL_CMP_CERTORENCCERT
)
217 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTORENCCERT
)
220 ASN1_SEQUENCE(OSSL_CMP_CERTIFIEDKEYPAIR
) = {
221 ASN1_SIMPLE(OSSL_CMP_CERTIFIEDKEYPAIR
, certOrEncCert
,
222 OSSL_CMP_CERTORENCCERT
),
223 ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR
, privateKey
,
224 OSSL_CRMF_ENCRYPTEDVALUE
, 0),
225 ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR
, publicationInfo
,
226 OSSL_CRMF_PKIPUBLICATIONINFO
, 1)
227 } ASN1_SEQUENCE_END(OSSL_CMP_CERTIFIEDKEYPAIR
)
228 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTIFIEDKEYPAIR
)
231 ASN1_SEQUENCE(OSSL_CMP_REVDETAILS
) = {
232 ASN1_SIMPLE(OSSL_CMP_REVDETAILS
, certDetails
, OSSL_CRMF_CERTTEMPLATE
),
233 ASN1_OPT(OSSL_CMP_REVDETAILS
, crlEntryDetails
, X509_EXTENSIONS
)
234 } ASN1_SEQUENCE_END(OSSL_CMP_REVDETAILS
)
235 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVDETAILS
)
238 ASN1_ITEM_TEMPLATE(OSSL_CMP_REVREQCONTENT
) =
239 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_REVREQCONTENT
,
241 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_REVREQCONTENT
)
244 ASN1_SEQUENCE(OSSL_CMP_REVREPCONTENT
) = {
245 ASN1_SEQUENCE_OF(OSSL_CMP_REVREPCONTENT
, status
, OSSL_CMP_PKISI
),
246 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT
, revCerts
, OSSL_CRMF_CERTID
,
248 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT
, crls
, X509_CRL
, 1)
249 } ASN1_SEQUENCE_END(OSSL_CMP_REVREPCONTENT
)
250 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVREPCONTENT
)
253 ASN1_SEQUENCE(OSSL_CMP_KEYRECREPCONTENT
) = {
254 ASN1_SIMPLE(OSSL_CMP_KEYRECREPCONTENT
, status
, OSSL_CMP_PKISI
),
255 ASN1_EXP_OPT(OSSL_CMP_KEYRECREPCONTENT
, newSigCert
, X509
, 0),
256 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT
, caCerts
, X509
, 1),
257 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT
, keyPairHist
,
258 OSSL_CMP_CERTIFIEDKEYPAIR
, 2)
259 } ASN1_SEQUENCE_END(OSSL_CMP_KEYRECREPCONTENT
)
260 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_KEYRECREPCONTENT
)
263 ASN1_ITEM_TEMPLATE(OSSL_CMP_PKISTATUS
) =
264 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_UNIVERSAL
, 0, status
, ASN1_INTEGER
)
265 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_PKISTATUS
)
267 ASN1_SEQUENCE(OSSL_CMP_PKISI
) = {
268 ASN1_SIMPLE(OSSL_CMP_PKISI
, status
, OSSL_CMP_PKISTATUS
),
270 * CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
271 * so it is used directly
273 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_PKISI
, statusString
, ASN1_UTF8STRING
),
275 * OSSL_CMP_PKIFAILUREINFO is effectively ASN1_BIT_STRING so used directly
277 ASN1_OPT(OSSL_CMP_PKISI
, failInfo
, ASN1_BIT_STRING
)
278 } ASN1_SEQUENCE_END(OSSL_CMP_PKISI
)
279 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKISI
)
280 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_PKISI
)
282 ASN1_SEQUENCE(OSSL_CMP_CERTSTATUS
) = {
283 ASN1_SIMPLE(OSSL_CMP_CERTSTATUS
, certHash
, ASN1_OCTET_STRING
),
284 ASN1_SIMPLE(OSSL_CMP_CERTSTATUS
, certReqId
, ASN1_INTEGER
),
285 ASN1_OPT(OSSL_CMP_CERTSTATUS
, statusInfo
, OSSL_CMP_PKISI
)
286 } ASN1_SEQUENCE_END(OSSL_CMP_CERTSTATUS
)
287 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTSTATUS
)
289 ASN1_ITEM_TEMPLATE(OSSL_CMP_CERTCONFIRMCONTENT
) =
290 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_CERTCONFIRMCONTENT
,
292 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CERTCONFIRMCONTENT
)
294 ASN1_SEQUENCE(OSSL_CMP_CERTRESPONSE
) = {
295 ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE
, certReqId
, ASN1_INTEGER
),
296 ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE
, status
, OSSL_CMP_PKISI
),
297 ASN1_OPT(OSSL_CMP_CERTRESPONSE
, certifiedKeyPair
,
298 OSSL_CMP_CERTIFIEDKEYPAIR
),
299 ASN1_OPT(OSSL_CMP_CERTRESPONSE
, rspInfo
, ASN1_OCTET_STRING
)
300 } ASN1_SEQUENCE_END(OSSL_CMP_CERTRESPONSE
)
301 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTRESPONSE
)
303 ASN1_SEQUENCE(OSSL_CMP_POLLREQ
) = {
304 ASN1_SIMPLE(OSSL_CMP_POLLREQ
, certReqId
, ASN1_INTEGER
)
305 } ASN1_SEQUENCE_END(OSSL_CMP_POLLREQ
)
306 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREQ
)
308 ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREQCONTENT
) =
309 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_POLLREQCONTENT
,
311 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREQCONTENT
)
313 ASN1_SEQUENCE(OSSL_CMP_POLLREP
) = {
314 ASN1_SIMPLE(OSSL_CMP_POLLREP
, certReqId
, ASN1_INTEGER
),
315 ASN1_SIMPLE(OSSL_CMP_POLLREP
, checkAfter
, ASN1_INTEGER
),
316 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_POLLREP
, reason
, ASN1_UTF8STRING
),
317 } ASN1_SEQUENCE_END(OSSL_CMP_POLLREP
)
318 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREP
)
320 ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREPCONTENT
) =
321 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
322 OSSL_CMP_POLLREPCONTENT
,
324 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREPCONTENT
)
326 ASN1_SEQUENCE(OSSL_CMP_CERTREPMESSAGE
) = {
327 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
328 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_CERTREPMESSAGE
, caPubs
, X509
, 1),
329 ASN1_SEQUENCE_OF(OSSL_CMP_CERTREPMESSAGE
, response
, OSSL_CMP_CERTRESPONSE
)
330 } ASN1_SEQUENCE_END(OSSL_CMP_CERTREPMESSAGE
)
331 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTREPMESSAGE
)
333 ASN1_ITEM_TEMPLATE(OSSL_CMP_GENMSGCONTENT
) =
334 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_GENMSGCONTENT
,
336 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENMSGCONTENT
)
338 ASN1_ITEM_TEMPLATE(OSSL_CMP_GENREPCONTENT
) =
339 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_GENREPCONTENT
,
341 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENREPCONTENT
)
343 ASN1_ITEM_TEMPLATE(OSSL_CMP_CRLANNCONTENT
) =
344 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
345 OSSL_CMP_CRLANNCONTENT
, X509_CRL
)
346 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CRLANNCONTENT
)
348 ASN1_CHOICE(OSSL_CMP_PKIBODY
) = {
349 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ir
, OSSL_CRMF_MSGS
, 0),
350 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ip
, OSSL_CMP_CERTREPMESSAGE
, 1),
351 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.cr
, OSSL_CRMF_MSGS
, 2),
352 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.cp
, OSSL_CMP_CERTREPMESSAGE
, 3),
353 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.p10cr
, X509_REQ
, 4),
354 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.popdecc
,
355 OSSL_CMP_POPODECKEYCHALLCONTENT
, 5),
356 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.popdecr
,
357 OSSL_CMP_POPODECKEYRESPCONTENT
, 6),
358 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.kur
, OSSL_CRMF_MSGS
, 7),
359 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.kup
, OSSL_CMP_CERTREPMESSAGE
, 8),
360 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.krr
, OSSL_CRMF_MSGS
, 9),
361 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.krp
, OSSL_CMP_KEYRECREPCONTENT
, 10),
362 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.rr
, OSSL_CMP_REVREQCONTENT
, 11),
363 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.rp
, OSSL_CMP_REVREPCONTENT
, 12),
364 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ccr
, OSSL_CRMF_MSGS
, 13),
365 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ccp
, OSSL_CMP_CERTREPMESSAGE
, 14),
366 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ckuann
, OSSL_CMP_CAKEYUPDANNCONTENT
, 15),
367 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.cann
, X509
, 16),
368 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.rann
, OSSL_CMP_REVANNCONTENT
, 17),
369 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.crlann
, OSSL_CMP_CRLANNCONTENT
, 18),
370 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.pkiconf
, ASN1_ANY
, 19),
371 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.nested
, OSSL_CMP_MSGS
, 20),
372 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.genm
, OSSL_CMP_GENMSGCONTENT
, 21),
373 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.genp
, OSSL_CMP_GENREPCONTENT
, 22),
374 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.error
, OSSL_CMP_ERRORMSGCONTENT
, 23),
375 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.certConf
, OSSL_CMP_CERTCONFIRMCONTENT
, 24),
376 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.pollReq
, OSSL_CMP_POLLREQCONTENT
, 25),
377 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.pollRep
, OSSL_CMP_POLLREPCONTENT
, 26),
378 } ASN1_CHOICE_END(OSSL_CMP_PKIBODY
)
379 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIBODY
)
381 ASN1_SEQUENCE(OSSL_CMP_PKIHEADER
) = {
382 ASN1_SIMPLE(OSSL_CMP_PKIHEADER
, pvno
, ASN1_INTEGER
),
383 ASN1_SIMPLE(OSSL_CMP_PKIHEADER
, sender
, GENERAL_NAME
),
384 ASN1_SIMPLE(OSSL_CMP_PKIHEADER
, recipient
, GENERAL_NAME
),
385 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, messageTime
, ASN1_GENERALIZEDTIME
, 0),
386 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, protectionAlg
, X509_ALGOR
, 1),
387 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, senderKID
, ASN1_OCTET_STRING
, 2),
388 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, recipKID
, ASN1_OCTET_STRING
, 3),
389 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, transactionID
, ASN1_OCTET_STRING
, 4),
390 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, senderNonce
, ASN1_OCTET_STRING
, 5),
391 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, recipNonce
, ASN1_OCTET_STRING
, 6),
393 * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
394 * so it is used directly
396 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER
, freeText
, ASN1_UTF8STRING
, 7),
397 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER
, generalInfo
,
399 } ASN1_SEQUENCE_END(OSSL_CMP_PKIHEADER
)
400 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIHEADER
)
402 ASN1_SEQUENCE(OSSL_CMP_PROTECTEDPART
) = {
403 ASN1_SIMPLE(OSSL_CMP_MSG
, header
, OSSL_CMP_PKIHEADER
),
404 ASN1_SIMPLE(OSSL_CMP_MSG
, body
, OSSL_CMP_PKIBODY
)
405 } ASN1_SEQUENCE_END(OSSL_CMP_PROTECTEDPART
)
406 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PROTECTEDPART
)
408 ASN1_SEQUENCE(OSSL_CMP_MSG
) = {
409 ASN1_SIMPLE(OSSL_CMP_MSG
, header
, OSSL_CMP_PKIHEADER
),
410 ASN1_SIMPLE(OSSL_CMP_MSG
, body
, OSSL_CMP_PKIBODY
),
411 ASN1_EXP_OPT(OSSL_CMP_MSG
, protection
, ASN1_BIT_STRING
, 0),
412 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
413 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_MSG
, extraCerts
, X509
, 1)
414 } ASN1_SEQUENCE_END(OSSL_CMP_MSG
)
415 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_MSG
)
416 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_MSG
)
418 ASN1_ITEM_TEMPLATE(OSSL_CMP_MSGS
) =
419 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_MSGS
,
421 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_MSGS
)