2 * Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright Nokia 2007-2019
4 * Copyright Siemens AG 2015-2019
6 * Licensed under the Apache License 2.0 (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
12 #include <openssl/asn1t.h>
14 #include "cmp_local.h"
16 /* explicit #includes not strictly needed since implied by the above: */
17 #include <openssl/cmp.h>
18 #include <openssl/crmf.h>
20 /* ASN.1 declarations from RFC4210 */
21 ASN1_SEQUENCE(OSSL_CMP_REVANNCONTENT
) = {
22 /* OSSL_CMP_PKISTATUS is effectively ASN1_INTEGER so it is used directly */
23 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, status
, ASN1_INTEGER
),
24 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, certId
, OSSL_CRMF_CERTID
),
25 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, willBeRevokedAt
, ASN1_GENERALIZEDTIME
),
26 ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT
, badSinceDate
, ASN1_GENERALIZEDTIME
),
27 ASN1_OPT(OSSL_CMP_REVANNCONTENT
, crlDetails
, X509_EXTENSIONS
)
28 } ASN1_SEQUENCE_END(OSSL_CMP_REVANNCONTENT
)
29 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVANNCONTENT
)
32 ASN1_SEQUENCE(OSSL_CMP_CHALLENGE
) = {
33 ASN1_OPT(OSSL_CMP_CHALLENGE
, owf
, X509_ALGOR
),
34 ASN1_SIMPLE(OSSL_CMP_CHALLENGE
, witness
, ASN1_OCTET_STRING
),
35 ASN1_SIMPLE(OSSL_CMP_CHALLENGE
, challenge
, ASN1_OCTET_STRING
)
36 } ASN1_SEQUENCE_END(OSSL_CMP_CHALLENGE
)
37 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CHALLENGE
)
40 ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYCHALLCONTENT
) =
41 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
42 OSSL_CMP_POPODECKEYCHALLCONTENT
, OSSL_CMP_CHALLENGE
)
43 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYCHALLCONTENT
)
46 ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYRESPCONTENT
) =
47 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
48 OSSL_CMP_POPODECKEYRESPCONTENT
, ASN1_INTEGER
)
49 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYRESPCONTENT
)
52 ASN1_SEQUENCE(OSSL_CMP_CAKEYUPDANNCONTENT
) = {
53 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
54 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT
, oldWithNew
, X509
),
55 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
56 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT
, newWithOld
, X509
),
57 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
58 ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT
, newWithNew
, X509
)
59 } ASN1_SEQUENCE_END(OSSL_CMP_CAKEYUPDANNCONTENT
)
60 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CAKEYUPDANNCONTENT
)
63 ASN1_SEQUENCE(OSSL_CMP_ERRORMSGCONTENT
) = {
64 ASN1_SIMPLE(OSSL_CMP_ERRORMSGCONTENT
, pKIStatusInfo
, OSSL_CMP_PKISI
),
65 ASN1_OPT(OSSL_CMP_ERRORMSGCONTENT
, errorCode
, ASN1_INTEGER
),
67 * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
68 * so it is used directly
71 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ERRORMSGCONTENT
, errorDetails
, ASN1_UTF8STRING
)
72 } ASN1_SEQUENCE_END(OSSL_CMP_ERRORMSGCONTENT
)
73 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ERRORMSGCONTENT
)
75 ASN1_ADB_TEMPLATE(infotypeandvalue_default
) = ASN1_OPT(OSSL_CMP_ITAV
,
78 /* ITAV means InfoTypeAndValue */
79 ASN1_ADB(OSSL_CMP_ITAV
) = {
80 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
81 ADB_ENTRY(NID_id_it_caProtEncCert
, ASN1_OPT(OSSL_CMP_ITAV
,
82 infoValue
.caProtEncCert
, X509
)),
83 ADB_ENTRY(NID_id_it_signKeyPairTypes
,
84 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
,
85 infoValue
.signKeyPairTypes
, X509_ALGOR
)),
86 ADB_ENTRY(NID_id_it_encKeyPairTypes
,
87 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
,
88 infoValue
.encKeyPairTypes
, X509_ALGOR
)),
89 ADB_ENTRY(NID_id_it_preferredSymmAlg
,
90 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.preferredSymmAlg
,
92 ADB_ENTRY(NID_id_it_caKeyUpdateInfo
,
93 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.caKeyUpdateInfo
,
94 OSSL_CMP_CAKEYUPDANNCONTENT
)),
95 ADB_ENTRY(NID_id_it_currentCRL
,
96 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.currentCRL
, X509_CRL
)),
97 ADB_ENTRY(NID_id_it_unsupportedOIDs
,
98 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
,
99 infoValue
.unsupportedOIDs
, ASN1_OBJECT
)),
100 ADB_ENTRY(NID_id_it_keyPairParamReq
,
101 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.keyPairParamReq
,
103 ADB_ENTRY(NID_id_it_keyPairParamRep
,
104 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.keyPairParamRep
,
106 ADB_ENTRY(NID_id_it_revPassphrase
,
107 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.revPassphrase
,
108 OSSL_CRMF_ENCRYPTEDVALUE
)),
109 ADB_ENTRY(NID_id_it_implicitConfirm
,
110 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.implicitConfirm
,
112 ADB_ENTRY(NID_id_it_confirmWaitTime
,
113 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.confirmWaitTime
,
114 ASN1_GENERALIZEDTIME
)),
115 ADB_ENTRY(NID_id_it_origPKIMessage
,
116 ASN1_OPT(OSSL_CMP_ITAV
, infoValue
.origPKIMessage
,
118 ADB_ENTRY(NID_id_it_suppLangTags
,
119 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV
, infoValue
.suppLangTagsValue
,
121 } ASN1_ADB_END(OSSL_CMP_ITAV
, 0, infoType
, 0,
122 &infotypeandvalue_default_tt
, NULL
);
125 ASN1_SEQUENCE(OSSL_CMP_ITAV
) = {
126 ASN1_SIMPLE(OSSL_CMP_ITAV
, infoType
, ASN1_OBJECT
),
127 ASN1_ADB_OBJECT(OSSL_CMP_ITAV
)
128 } ASN1_SEQUENCE_END(OSSL_CMP_ITAV
)
129 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ITAV
)
130 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV
)
132 OSSL_CMP_ITAV
*OSSL_CMP_ITAV_create(ASN1_OBJECT
*type
, ASN1_TYPE
*value
)
136 if (type
== NULL
|| (itav
= OSSL_CMP_ITAV_new()) == NULL
)
138 OSSL_CMP_ITAV_set0(itav
, type
, value
);
142 void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV
*itav
, ASN1_OBJECT
*type
,
145 itav
->infoType
= type
;
146 itav
->infoValue
.other
= value
;
149 ASN1_OBJECT
*OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV
*itav
)
153 return itav
->infoType
;
156 ASN1_TYPE
*OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV
*itav
)
160 return itav
->infoValue
.other
;
163 int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV
) **itav_sk_p
,
168 if (itav_sk_p
== NULL
|| itav
== NULL
) {
169 CMPerr(0, CMP_R_NULL_ARGUMENT
);
173 if (*itav_sk_p
== NULL
) {
174 if ((*itav_sk_p
= sk_OSSL_CMP_ITAV_new_null()) == NULL
)
178 if (!sk_OSSL_CMP_ITAV_push(*itav_sk_p
, itav
))
184 sk_OSSL_CMP_ITAV_free(*itav_sk_p
);
190 /* get ASN.1 encoded integer, return -1 on error */
191 int ossl_cmp_asn1_get_int(const ASN1_INTEGER
*a
)
195 if (!ASN1_INTEGER_get_int64(&res
, a
)) {
196 CMPerr(0, ASN1_R_INVALID_NUMBER
);
200 CMPerr(0, ASN1_R_TOO_SMALL
);
204 CMPerr(0, ASN1_R_TOO_LARGE
);
210 ASN1_CHOICE(OSSL_CMP_CERTORENCCERT
) = {
211 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
212 ASN1_EXP(OSSL_CMP_CERTORENCCERT
, value
.certificate
, X509
, 0),
213 ASN1_EXP(OSSL_CMP_CERTORENCCERT
, value
.encryptedCert
,
214 OSSL_CRMF_ENCRYPTEDVALUE
, 1),
215 } ASN1_CHOICE_END(OSSL_CMP_CERTORENCCERT
)
216 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTORENCCERT
)
219 ASN1_SEQUENCE(OSSL_CMP_CERTIFIEDKEYPAIR
) = {
220 ASN1_SIMPLE(OSSL_CMP_CERTIFIEDKEYPAIR
, certOrEncCert
,
221 OSSL_CMP_CERTORENCCERT
),
222 ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR
, privateKey
,
223 OSSL_CRMF_ENCRYPTEDVALUE
, 0),
224 ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR
, publicationInfo
,
225 OSSL_CRMF_PKIPUBLICATIONINFO
, 1)
226 } ASN1_SEQUENCE_END(OSSL_CMP_CERTIFIEDKEYPAIR
)
227 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTIFIEDKEYPAIR
)
230 ASN1_SEQUENCE(OSSL_CMP_REVDETAILS
) = {
231 ASN1_SIMPLE(OSSL_CMP_REVDETAILS
, certDetails
, OSSL_CRMF_CERTTEMPLATE
),
232 ASN1_OPT(OSSL_CMP_REVDETAILS
, crlEntryDetails
, X509_EXTENSIONS
)
233 } ASN1_SEQUENCE_END(OSSL_CMP_REVDETAILS
)
234 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVDETAILS
)
237 ASN1_ITEM_TEMPLATE(OSSL_CMP_REVREQCONTENT
) =
238 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_REVREQCONTENT
,
240 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_REVREQCONTENT
)
243 ASN1_SEQUENCE(OSSL_CMP_REVREPCONTENT
) = {
244 ASN1_SEQUENCE_OF(OSSL_CMP_REVREPCONTENT
, status
, OSSL_CMP_PKISI
),
245 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT
, revCerts
, OSSL_CRMF_CERTID
,
247 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT
, crls
, X509_CRL
, 1)
248 } ASN1_SEQUENCE_END(OSSL_CMP_REVREPCONTENT
)
249 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVREPCONTENT
)
252 ASN1_SEQUENCE(OSSL_CMP_KEYRECREPCONTENT
) = {
253 ASN1_SIMPLE(OSSL_CMP_KEYRECREPCONTENT
, status
, OSSL_CMP_PKISI
),
254 ASN1_EXP_OPT(OSSL_CMP_KEYRECREPCONTENT
, newSigCert
, X509
, 0),
255 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT
, caCerts
, X509
, 1),
256 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT
, keyPairHist
,
257 OSSL_CMP_CERTIFIEDKEYPAIR
, 2)
258 } ASN1_SEQUENCE_END(OSSL_CMP_KEYRECREPCONTENT
)
259 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_KEYRECREPCONTENT
)
262 ASN1_ITEM_TEMPLATE(OSSL_CMP_PKISTATUS
) =
263 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_UNIVERSAL
, 0, status
, ASN1_INTEGER
)
264 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_PKISTATUS
)
266 ASN1_SEQUENCE(OSSL_CMP_PKISI
) = {
267 ASN1_SIMPLE(OSSL_CMP_PKISI
, status
, OSSL_CMP_PKISTATUS
),
269 * CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
270 * so it is used directly
272 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_PKISI
, statusString
, ASN1_UTF8STRING
),
274 * OSSL_CMP_PKIFAILUREINFO is effectively ASN1_BIT_STRING so used directly
276 ASN1_OPT(OSSL_CMP_PKISI
, failInfo
, ASN1_BIT_STRING
)
277 } ASN1_SEQUENCE_END(OSSL_CMP_PKISI
)
278 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKISI
)
279 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_PKISI
)
281 ASN1_SEQUENCE(OSSL_CMP_CERTSTATUS
) = {
282 ASN1_SIMPLE(OSSL_CMP_CERTSTATUS
, certHash
, ASN1_OCTET_STRING
),
283 ASN1_SIMPLE(OSSL_CMP_CERTSTATUS
, certReqId
, ASN1_INTEGER
),
284 ASN1_OPT(OSSL_CMP_CERTSTATUS
, statusInfo
, OSSL_CMP_PKISI
)
285 } ASN1_SEQUENCE_END(OSSL_CMP_CERTSTATUS
)
286 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTSTATUS
)
288 ASN1_ITEM_TEMPLATE(OSSL_CMP_CERTCONFIRMCONTENT
) =
289 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_CERTCONFIRMCONTENT
,
291 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CERTCONFIRMCONTENT
)
293 ASN1_SEQUENCE(OSSL_CMP_CERTRESPONSE
) = {
294 ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE
, certReqId
, ASN1_INTEGER
),
295 ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE
, status
, OSSL_CMP_PKISI
),
296 ASN1_OPT(OSSL_CMP_CERTRESPONSE
, certifiedKeyPair
,
297 OSSL_CMP_CERTIFIEDKEYPAIR
),
298 ASN1_OPT(OSSL_CMP_CERTRESPONSE
, rspInfo
, ASN1_OCTET_STRING
)
299 } ASN1_SEQUENCE_END(OSSL_CMP_CERTRESPONSE
)
300 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTRESPONSE
)
302 ASN1_SEQUENCE(OSSL_CMP_POLLREQ
) = {
303 ASN1_SIMPLE(OSSL_CMP_POLLREQ
, certReqId
, ASN1_INTEGER
)
304 } ASN1_SEQUENCE_END(OSSL_CMP_POLLREQ
)
305 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREQ
)
307 ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREQCONTENT
) =
308 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_POLLREQCONTENT
,
310 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREQCONTENT
)
312 ASN1_SEQUENCE(OSSL_CMP_POLLREP
) = {
313 ASN1_SIMPLE(OSSL_CMP_POLLREP
, certReqId
, ASN1_INTEGER
),
314 ASN1_SIMPLE(OSSL_CMP_POLLREP
, checkAfter
, ASN1_INTEGER
),
315 ASN1_SEQUENCE_OF_OPT(OSSL_CMP_POLLREP
, reason
, ASN1_UTF8STRING
),
316 } ASN1_SEQUENCE_END(OSSL_CMP_POLLREP
)
317 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREP
)
319 ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREPCONTENT
) =
320 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
321 OSSL_CMP_POLLREPCONTENT
,
323 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREPCONTENT
)
325 ASN1_SEQUENCE(OSSL_CMP_CERTREPMESSAGE
) = {
326 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
327 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_CERTREPMESSAGE
, caPubs
, X509
, 1),
328 ASN1_SEQUENCE_OF(OSSL_CMP_CERTREPMESSAGE
, response
, OSSL_CMP_CERTRESPONSE
)
329 } ASN1_SEQUENCE_END(OSSL_CMP_CERTREPMESSAGE
)
330 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTREPMESSAGE
)
332 ASN1_ITEM_TEMPLATE(OSSL_CMP_GENMSGCONTENT
) =
333 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_GENMSGCONTENT
,
335 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENMSGCONTENT
)
337 ASN1_ITEM_TEMPLATE(OSSL_CMP_GENREPCONTENT
) =
338 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_GENREPCONTENT
,
340 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENREPCONTENT
)
342 ASN1_ITEM_TEMPLATE(OSSL_CMP_CRLANNCONTENT
) =
343 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0,
344 OSSL_CMP_CRLANNCONTENT
, X509_CRL
)
345 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CRLANNCONTENT
)
347 ASN1_CHOICE(OSSL_CMP_PKIBODY
) = {
348 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ir
, OSSL_CRMF_MSGS
, 0),
349 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ip
, OSSL_CMP_CERTREPMESSAGE
, 1),
350 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.cr
, OSSL_CRMF_MSGS
, 2),
351 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.cp
, OSSL_CMP_CERTREPMESSAGE
, 3),
352 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.p10cr
, X509_REQ
, 4),
353 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.popdecc
, OSSL_CMP_POPODECKEYCHALLCONTENT
, 5),
354 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.popdecr
, OSSL_CMP_POPODECKEYRESPCONTENT
, 6),
355 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.kur
, OSSL_CRMF_MSGS
, 7),
356 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.kup
, OSSL_CMP_CERTREPMESSAGE
, 8),
357 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.krr
, OSSL_CRMF_MSGS
, 9),
358 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.krp
, OSSL_CMP_KEYRECREPCONTENT
, 10),
359 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.rr
, OSSL_CMP_REVREQCONTENT
, 11),
360 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.rp
, OSSL_CMP_REVREPCONTENT
, 12),
361 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ccr
, OSSL_CRMF_MSGS
, 13),
362 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ccp
, OSSL_CMP_CERTREPMESSAGE
, 14),
363 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.ckuann
, OSSL_CMP_CAKEYUPDANNCONTENT
, 15),
364 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.cann
, X509
, 16),
365 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.rann
, OSSL_CMP_REVANNCONTENT
, 17),
366 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.crlann
, OSSL_CMP_CRLANNCONTENT
, 18),
367 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.pkiconf
, ASN1_ANY
, 19),
368 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.nested
, OSSL_CMP_MSGS
, 20),
369 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.genm
, OSSL_CMP_GENMSGCONTENT
, 21),
370 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.genp
, OSSL_CMP_GENREPCONTENT
, 22),
371 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.error
, OSSL_CMP_ERRORMSGCONTENT
, 23),
372 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.certConf
, OSSL_CMP_CERTCONFIRMCONTENT
, 24),
373 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.pollReq
, OSSL_CMP_POLLREQCONTENT
, 25),
374 ASN1_EXP(OSSL_CMP_PKIBODY
, value
.pollRep
, OSSL_CMP_POLLREPCONTENT
, 26),
375 } ASN1_CHOICE_END(OSSL_CMP_PKIBODY
)
376 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIBODY
)
378 ASN1_SEQUENCE(OSSL_CMP_PKIHEADER
) = {
379 ASN1_SIMPLE(OSSL_CMP_PKIHEADER
, pvno
, ASN1_INTEGER
),
380 ASN1_SIMPLE(OSSL_CMP_PKIHEADER
, sender
, GENERAL_NAME
),
381 ASN1_SIMPLE(OSSL_CMP_PKIHEADER
, recipient
, GENERAL_NAME
),
382 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, messageTime
, ASN1_GENERALIZEDTIME
, 0),
383 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, protectionAlg
, X509_ALGOR
, 1),
384 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, senderKID
, ASN1_OCTET_STRING
, 2),
385 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, recipKID
, ASN1_OCTET_STRING
, 3),
386 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, transactionID
, ASN1_OCTET_STRING
, 4),
387 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, senderNonce
, ASN1_OCTET_STRING
, 5),
388 ASN1_EXP_OPT(OSSL_CMP_PKIHEADER
, recipNonce
, ASN1_OCTET_STRING
, 6),
390 * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
391 * so it is used directly
393 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER
, freeText
, ASN1_UTF8STRING
, 7),
394 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER
, generalInfo
,
396 } ASN1_SEQUENCE_END(OSSL_CMP_PKIHEADER
)
397 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIHEADER
)
399 ASN1_SEQUENCE(CMP_PROTECTEDPART
) = {
400 ASN1_SIMPLE(OSSL_CMP_MSG
, header
, OSSL_CMP_PKIHEADER
),
401 ASN1_SIMPLE(OSSL_CMP_MSG
, body
, OSSL_CMP_PKIBODY
)
402 } ASN1_SEQUENCE_END(CMP_PROTECTEDPART
)
403 IMPLEMENT_ASN1_FUNCTIONS(CMP_PROTECTEDPART
)
405 ASN1_SEQUENCE(OSSL_CMP_MSG
) = {
406 ASN1_SIMPLE(OSSL_CMP_MSG
, header
, OSSL_CMP_PKIHEADER
),
407 ASN1_SIMPLE(OSSL_CMP_MSG
, body
, OSSL_CMP_PKIBODY
),
408 ASN1_EXP_OPT(OSSL_CMP_MSG
, protection
, ASN1_BIT_STRING
, 0),
409 /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
410 ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_MSG
, extraCerts
, X509
, 1)
411 } ASN1_SEQUENCE_END(OSSL_CMP_MSG
)
412 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_MSG
)
413 IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_MSG
)
415 ASN1_ITEM_TEMPLATE(OSSL_CMP_MSGS
) =
416 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF
, 0, OSSL_CMP_MSGS
,
418 ASN1_ITEM_TEMPLATE_END(OSSL_CMP_MSGS
)