blob: c5c4b96e9070a9e043b004262b38789867be749f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
|
/* -*- Mode: C; tab-width: 8 -*-*/
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef _CRMFIT_H_
#define _CRMFIT_H_
struct CRMFCertReqMessagesStr {
CRMFCertReqMsg **messages;
PLArenaPool *poolp;
};
struct CRMFCertExtensionStr {
SECItem id;
SECItem critical;
SECItem value;
};
struct CRMFOptionalValidityStr {
SECItem notBefore;
SECItem notAfter;
};
struct CRMFCertTemplateStr {
SECItem version;
SECItem serialNumber;
SECAlgorithmID *signingAlg;
CERTName *issuer;
CRMFOptionalValidity *validity;
CERTName *subject;
CERTSubjectPublicKeyInfo *publicKey;
SECItem issuerUID;
SECItem subjectUID;
CRMFCertExtension **extensions;
int numExtensions;
};
struct CRMFCertIDStr {
SECItem issuer; /* General Name */
SECItem serialNumber; /*INTEGER*/
};
struct CRMFEncryptedValueStr {
SECAlgorithmID *intendedAlg;
SECAlgorithmID *symmAlg;
SECItem encSymmKey; /*BIT STRING */
SECAlgorithmID *keyAlg;
SECItem valueHint; /*OCTET STRING */
SECItem encValue; /*BIT STRING */
};
/*
* The field derValue will contain the actual der
* to include in the encoding or that was read in
* from a der blob.
*/
struct CRMFEncryptedKeyStr {
union {
SEC_PKCS7ContentInfo *envelopedData;
CRMFEncryptedValue encryptedValue;
} value;
CRMFEncryptedKeyChoice encKeyChoice;
SECItem derValue;
};
/* ASN1 must only have one of the following 3 options. */
struct CRMFPKIArchiveOptionsStr {
union {
CRMFEncryptedKey encryptedKey;
SECItem keyGenParameters;
SECItem archiveRemGenPrivKey; /* BOOLEAN */
} option;
CRMFPKIArchiveOptionsType archOption;
};
struct CRMFPKIPublicationInfoStr {
SECItem action; /* Possible values */
/* dontPublish (0), pleasePublish (1) */
CRMFSinglePubInfo **pubInfos;
};
struct CRMFControlStr {
SECOidTag tag;
SECItem derTag;
SECItem derValue;
/* These will be C structures used to represent the various
* options. Values that can't be stored as der right away.
* After creating these structures, we'll place their der
* encoding in derValue so the encoder knows how to get to
* it.
*/
union {
CRMFCertID oldCertId;
CRMFPKIArchiveOptions archiveOptions;
CRMFPKIPublicationInfo pubInfo;
CRMFProtocolEncrKey protEncrKey;
} value;
};
struct CRMFCertRequestStr {
SECItem certReqId;
CRMFCertTemplate certTemplate;
CRMFControl **controls;
/* The following members are used by the internal implementation, but
* are not part of the encoding.
*/
PLArenaPool *poolp;
PRUint32 requestID; /* This is the value that will be encoded into
* the certReqId field.
*/
};
struct CRMFAttributeStr {
SECItem derTag;
SECItem derValue;
};
struct CRMFCertReqMsgStr {
CRMFCertRequest *certReq;
CRMFProofOfPossession *pop;
CRMFAttribute **regInfo;
SECItem derPOP;
/* This arena will be used for allocating memory when decoding.
*/
PLArenaPool *poolp;
PRBool isDecoded;
};
struct CRMFPOPOSigningKeyInputStr {
/* ASN1 must have only one of the next 2 options */
union {
SECItem sender; /*General Name*/
CRMFPKMACValue *publicKeyMAC;
} authInfo;
CERTSubjectPublicKeyInfo publicKey;
};
struct CRMFPOPOSigningKeyStr {
SECItem derInput; /*If in the future we support
*POPOSigningKeyInput, this will
*a C structure representation
*instead.
*/
SECAlgorithmID *algorithmIdentifier;
SECItem signature; /* This is a BIT STRING. Remember */
}; /* that when interpreting. */
/* ASN1 must only choose one of these members */
struct CRMFPOPOPrivKeyStr {
union {
SECItem thisMessage; /* BIT STRING */
SECItem subsequentMessage; /*INTEGER*/
SECItem dhMAC; /*BIT STRING*/
} message;
CRMFPOPOPrivKeyChoice messageChoice;
};
/* ASN1 must only have one of these options. */
struct CRMFProofOfPossessionStr {
union {
SECItem raVerified;
CRMFPOPOSigningKey signature;
CRMFPOPOPrivKey keyEncipherment;
CRMFPOPOPrivKey keyAgreement;
} popChoice;
CRMFPOPChoice popUsed; /*Not part of encoding*/
};
struct CRMFPKMACValueStr {
SECAlgorithmID algID;
SECItem value; /*BIT STRING*/
};
struct CRMFSinglePubInfoStr {
SECItem pubMethod; /* Possible Values:
* dontCare (0)
* x500 (1)
* web (2)
* ldap (3)
*/
CERTGeneralName *pubLocation; /* General Name */
};
#endif /* _CRMFIT_H_ */
|
