]> git.saurik.com Git - apple/security.git/blob - Security/libsecurity_smime/lib/cmsasn1.c
Security-57031.1.35.tar.gz
[apple/security.git] / Security / libsecurity_smime / lib / cmsasn1.c
1 /*
2 * The contents of this file are subject to the Mozilla Public
3 * License Version 1.1 (the "License"); you may not use this file
4 * except in compliance with the License. You may obtain a copy of
5 * the License at http://www.mozilla.org/MPL/
6 *
7 * Software distributed under the License is distributed on an "AS
8 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9 * implied. See the License for the specific language governing
10 * rights and limitations under the License.
11 *
12 * The Original Code is the Netscape security libraries.
13 *
14 * The Initial Developer of the Original Code is Netscape
15 * Communications Corporation. Portions created by Netscape are
16 * Copyright (C) 1994-2000 Netscape Communications Corporation. All
17 * Rights Reserved.
18 *
19 * Contributor(s):
20 *
21 * Alternatively, the contents of this file may be used under the
22 * terms of the GNU General Public License Version 2 or later (the
23 * "GPL"), in which case the provisions of the GPL are applicable
24 * instead of those above. If you wish to allow use of your
25 * version of this file only under the terms of the GPL and not to
26 * allow others to use your version of this file under the MPL,
27 * indicate your decision by deleting the provisions above and
28 * replace them with the notice and other provisions required by
29 * the GPL. If you do not delete the provisions above, a recipient
30 * may use your version of this file under either the MPL or the
31 * GPL.
32 */
33
34 /*
35 * CMS ASN.1 templates
36 */
37
38 #include <Security/SecCmsContentInfo.h>
39
40 #include "cmslocal.h"
41
42 #include "secoid.h"
43 #include <security_asn1/secasn1.h>
44 #include <security_asn1/secerr.h>
45
46
47 extern const SecAsn1Template nss_cms_set_of_attribute_template[];
48
49 //SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
50 //SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
51 SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
52 SEC_ASN1_MKSUB(kSecAsn1BitStringTemplate)
53 SEC_ASN1_MKSUB(kSecAsn1OctetStringTemplate)
54 SEC_ASN1_MKSUB(kSecAsn1PointerToOctetStringTemplate)
55 SEC_ASN1_MKSUB(kSecAsn1SetOfAnyTemplate)
56
57 /* -----------------------------------------------------------------------------
58 * MESSAGE
59 * (uses SecCmsContentInfo)
60 */
61
62 /* forward declaration */
63 static const SecAsn1Template *
64 nss_cms_choose_content_template(void *src_or_dest, Boolean encoding, const char *buf, void *dest);
65
66 static const SecAsn1TemplateChooserPtr nss_cms_chooser
67 = nss_cms_choose_content_template;
68
69 const SecAsn1Template SecCmsMessageTemplate[] = {
70 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
71 0, NULL, sizeof(SecCmsMessage) },
72 { SEC_ASN1_OBJECT_ID,
73 offsetof(SecCmsMessage,contentInfo.contentType) },
74 { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
75 | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
76 offsetof(SecCmsMessage,contentInfo.content),
77 &nss_cms_chooser },
78 { 0 }
79 };
80
81 #if 0
82 static const SecAsn1Template NSS_PointerToCMSMessageTemplate[] = {
83 { SEC_ASN1_POINTER, 0, SecCmsMessageTemplate }
84 };
85 #endif
86
87 /* -----------------------------------------------------------------------------
88 * ENCAPSULATED & ENCRYPTED CONTENTINFO
89 * (both use a SecCmsContentInfo)
90 */
91 static const SecAsn1Template SecCmsEncapsulatedContentInfoTemplate[] = {
92 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
93 0, NULL, sizeof(SecCmsContentInfo) },
94 { SEC_ASN1_OBJECT_ID,
95 offsetof(SecCmsContentInfo,contentType) },
96 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_MAY_STREAM |
97 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
98 offsetof(SecCmsContentInfo,rawContent),
99 SEC_ASN1_SUB(kSecAsn1PointerToOctetStringTemplate) },
100 { 0 }
101 };
102
103 static const SecAsn1Template SecCmsEncryptedContentInfoTemplate[] = {
104 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
105 0, NULL, sizeof(SecCmsContentInfo) },
106 { SEC_ASN1_OBJECT_ID,
107 offsetof(SecCmsContentInfo,contentType) },
108 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
109 offsetof(SecCmsContentInfo,contentEncAlg),
110 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
111 { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM |
112 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
113 offsetof(SecCmsContentInfo,rawContent),
114 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) },
115 { 0 }
116 };
117
118 /* -----------------------------------------------------------------------------
119 * SIGNED DATA
120 */
121
122 const SecAsn1Template SecCmsSignerInfoTemplate[];
123
124
125 const SecAsn1Template SecCmsSignedDataTemplate[] = {
126 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
127 0, NULL, sizeof(SecCmsSignedData) },
128 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
129 offsetof(SecCmsSignedData,version) },
130 { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
131 offsetof(SecCmsSignedData,digestAlgorithms),
132 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
133 { SEC_ASN1_INLINE,
134 offsetof(SecCmsSignedData,contentInfo),
135 SecCmsEncapsulatedContentInfoTemplate },
136 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
137 SEC_ASN1_XTRN | 0,
138 offsetof(SecCmsSignedData,rawCerts),
139 SEC_ASN1_SUB(kSecAsn1SetOfAnyTemplate) },
140 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
141 SEC_ASN1_XTRN | 1,
142 offsetof(SecCmsSignedData,rawCrls),
143 SEC_ASN1_SUB(kSecAsn1SetOfAnyTemplate) },
144 { SEC_ASN1_SET_OF,
145 offsetof(SecCmsSignedData,signerInfos),
146 SecCmsSignerInfoTemplate },
147 { 0 }
148 };
149
150 const SecAsn1Template NSS_PointerToCMSSignedDataTemplate[] = {
151 { SEC_ASN1_POINTER, 0, SecCmsSignedDataTemplate }
152 };
153
154 /* -----------------------------------------------------------------------------
155 * signeridentifier
156 */
157
158 static const SecAsn1Template SecCmsSignerIdentifierTemplate[] = {
159 { SEC_ASN1_CHOICE,
160 offsetof(SecCmsSignerIdentifier,identifierType), NULL,
161 sizeof(SecCmsSignerIdentifier) },
162 { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
163 offsetof(SecCmsSignerIdentifier,id.subjectKeyID),
164 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) ,
165 SecCmsRecipientIDSubjectKeyID },
166 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
167 offsetof(SecCmsSignerIdentifier,id.issuerAndSN),
168 SEC_ASN1_SUB(SecCmsIssuerAndSNTemplate),
169 SecCmsRecipientIDIssuerSN },
170 { 0 }
171 };
172
173 /* -----------------------------------------------------------------------------
174 * signerinfo
175 */
176
177 const SecAsn1Template SecCmsSignerInfoTemplate[] = {
178 { SEC_ASN1_SEQUENCE,
179 0, NULL, sizeof(SecCmsSignerInfo) },
180 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
181 offsetof(SecCmsSignerInfo,version) },
182 { SEC_ASN1_INLINE,
183 offsetof(SecCmsSignerInfo,signerIdentifier),
184 SecCmsSignerIdentifierTemplate },
185 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
186 offsetof(SecCmsSignerInfo,digestAlg),
187 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
188 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
189 offsetof(SecCmsSignerInfo,authAttr),
190 nss_cms_set_of_attribute_template },
191 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
192 offsetof(SecCmsSignerInfo,digestEncAlg),
193 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
194 { SEC_ASN1_OCTET_STRING,
195 offsetof(SecCmsSignerInfo,encDigest) },
196 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
197 offsetof(SecCmsSignerInfo,unAuthAttr),
198 nss_cms_set_of_attribute_template },
199 { 0 }
200 };
201
202 /* -----------------------------------------------------------------------------
203 * ENVELOPED DATA
204 */
205
206 static const SecAsn1Template SecCmsOriginatorInfoTemplate[] = {
207 { SEC_ASN1_SEQUENCE,
208 0, NULL, sizeof(SecCmsOriginatorInfo) },
209 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
210 SEC_ASN1_XTRN | 0,
211 offsetof(SecCmsOriginatorInfo,rawCerts),
212 SEC_ASN1_SUB(kSecAsn1SetOfAnyTemplate) },
213 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
214 SEC_ASN1_XTRN | 1,
215 offsetof(SecCmsOriginatorInfo,rawCrls),
216 SEC_ASN1_SUB(kSecAsn1SetOfAnyTemplate) },
217 { 0 }
218 };
219
220 const SecAsn1Template SecCmsRecipientInfoTemplate[];
221
222 const SecAsn1Template SecCmsEnvelopedDataTemplate[] = {
223 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
224 0, NULL, sizeof(SecCmsEnvelopedData) },
225 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
226 offsetof(SecCmsEnvelopedData,version) },
227 { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
228 offsetof(SecCmsEnvelopedData,originatorInfo),
229 SecCmsOriginatorInfoTemplate },
230 { SEC_ASN1_SET_OF,
231 offsetof(SecCmsEnvelopedData,recipientInfos),
232 SecCmsRecipientInfoTemplate },
233 { SEC_ASN1_INLINE,
234 offsetof(SecCmsEnvelopedData,contentInfo),
235 SecCmsEncryptedContentInfoTemplate },
236 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
237 offsetof(SecCmsEnvelopedData,unprotectedAttr),
238 nss_cms_set_of_attribute_template },
239 { 0 }
240 };
241
242 const SecAsn1Template NSS_PointerToCMSEnvelopedDataTemplate[] = {
243 { SEC_ASN1_POINTER, 0, SecCmsEnvelopedDataTemplate }
244 };
245
246 /* here come the 15 gazillion templates for all the v3 varieties of RecipientInfo */
247
248 /* -----------------------------------------------------------------------------
249 * key transport recipient info
250 */
251
252 static const SecAsn1Template SecCmsRecipientIdentifierTemplate[] = {
253 { SEC_ASN1_CHOICE,
254 offsetof(SecCmsRecipientIdentifier,identifierType), NULL,
255 sizeof(SecCmsRecipientIdentifier) },
256 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
257 SEC_ASN1_XTRN | 0,
258 offsetof(SecCmsRecipientIdentifier,id.subjectKeyID),
259 SEC_ASN1_SUB(kSecAsn1PointerToOctetStringTemplate) ,
260 SecCmsRecipientIDSubjectKeyID },
261 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
262 offsetof(SecCmsRecipientIdentifier,id.issuerAndSN),
263 SEC_ASN1_SUB(SecCmsIssuerAndSNTemplate),
264 SecCmsRecipientIDIssuerSN },
265 { 0 }
266 };
267
268
269 static const SecAsn1Template SecCmsKeyTransRecipientInfoTemplate[] = {
270 { SEC_ASN1_SEQUENCE,
271 0, NULL, sizeof(SecCmsKeyTransRecipientInfo) },
272 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
273 offsetof(SecCmsKeyTransRecipientInfo,version) },
274 { SEC_ASN1_INLINE,
275 offsetof(SecCmsKeyTransRecipientInfo,recipientIdentifier),
276 SecCmsRecipientIdentifierTemplate },
277 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
278 offsetof(SecCmsKeyTransRecipientInfo,keyEncAlg),
279 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
280 { SEC_ASN1_OCTET_STRING,
281 offsetof(SecCmsKeyTransRecipientInfo,encKey) },
282 { 0 }
283 };
284
285 /* -----------------------------------------------------------------------------
286 * key agreement recipient info
287 */
288
289 static const SecAsn1Template SecCmsOriginatorPublicKeyTemplate[] = {
290 { SEC_ASN1_SEQUENCE,
291 0, NULL, sizeof(SecCmsOriginatorPublicKey) },
292 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
293 offsetof(SecCmsOriginatorPublicKey,algorithmIdentifier),
294 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
295 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
296 offsetof(SecCmsOriginatorPublicKey,publicKey),
297 SEC_ASN1_SUB(kSecAsn1BitStringTemplate) },
298 { 0 }
299 };
300
301
302 static const SecAsn1Template SecCmsOriginatorIdentifierOrKeyTemplate[] = {
303 { SEC_ASN1_CHOICE,
304 offsetof(SecCmsOriginatorIdentifierOrKey,identifierType), NULL,
305 sizeof(SecCmsOriginatorIdentifierOrKey) },
306 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
307 offsetof(SecCmsOriginatorIdentifierOrKey,id.issuerAndSN),
308 SEC_ASN1_SUB(SecCmsIssuerAndSNTemplate),
309 SecCmsOriginatorIDOrKeyIssuerSN },
310 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
311 /* this was tag 1 here, 2 for the next; RFC 3852 says they are 0 and 1 */
312 SEC_ASN1_XTRN | 0,
313 offsetof(SecCmsOriginatorIdentifierOrKey,id.subjectKeyID),
314 kSecAsn1OctetStringTemplate,
315 SecCmsOriginatorIDOrKeySubjectKeyID },
316 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
317 offsetof(SecCmsOriginatorIdentifierOrKey,id.originatorPublicKey),
318 SecCmsOriginatorPublicKeyTemplate,
319 SecCmsOriginatorIDOrKeyOriginatorPublicKey },
320 { 0 }
321 };
322
323 const SecAsn1Template SecCmsRecipientKeyIdentifierTemplate[] = {
324 { SEC_ASN1_SEQUENCE,
325 0, NULL, sizeof(SecCmsRecipientKeyIdentifier) },
326 { SEC_ASN1_OCTET_STRING,
327 offsetof(SecCmsRecipientKeyIdentifier,subjectKeyIdentifier) },
328 { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
329 offsetof(SecCmsRecipientKeyIdentifier,date) },
330 { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
331 offsetof(SecCmsRecipientKeyIdentifier,other) },
332 { 0 }
333 };
334
335
336 static const SecAsn1Template SecCmsKeyAgreeRecipientIdentifierTemplate[] = {
337 { SEC_ASN1_CHOICE,
338 offsetof(SecCmsKeyAgreeRecipientIdentifier,identifierType), NULL,
339 sizeof(SecCmsKeyAgreeRecipientIdentifier) },
340 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
341 offsetof(SecCmsKeyAgreeRecipientIdentifier,id.issuerAndSN),
342 SEC_ASN1_SUB(SecCmsIssuerAndSNTemplate),
343 SecCmsKeyAgreeRecipientIDIssuerSN },
344 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
345 offsetof(SecCmsKeyAgreeRecipientIdentifier,id.recipientKeyIdentifier),
346 SecCmsRecipientKeyIdentifierTemplate,
347 SecCmsKeyAgreeRecipientIDRKeyID },
348 { 0 }
349 };
350
351 static const SecAsn1Template SecCmsRecipientEncryptedKeyTemplate[] = {
352 { SEC_ASN1_SEQUENCE,
353 0, NULL, sizeof(SecCmsRecipientEncryptedKey) },
354 { SEC_ASN1_INLINE,
355 offsetof(SecCmsRecipientEncryptedKey,recipientIdentifier),
356 SecCmsKeyAgreeRecipientIdentifierTemplate },
357 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
358 offsetof(SecCmsRecipientEncryptedKey,encKey),
359 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) },
360 { 0 }
361 };
362
363 static const SecAsn1Template SecCmsKeyAgreeRecipientInfoTemplate[] = {
364 { SEC_ASN1_SEQUENCE,
365 0, NULL, sizeof(SecCmsKeyAgreeRecipientInfo) },
366 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
367 offsetof(SecCmsKeyAgreeRecipientInfo,version) },
368 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
369 offsetof(SecCmsKeyAgreeRecipientInfo,originatorIdentifierOrKey),
370 SecCmsOriginatorIdentifierOrKeyTemplate },
371 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
372 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
373 offsetof(SecCmsKeyAgreeRecipientInfo,ukm),
374 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) },
375 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
376 offsetof(SecCmsKeyAgreeRecipientInfo,keyEncAlg),
377 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
378 { SEC_ASN1_SEQUENCE_OF,
379 offsetof(SecCmsKeyAgreeRecipientInfo,recipientEncryptedKeys),
380 SecCmsRecipientEncryptedKeyTemplate },
381 { 0 }
382 };
383
384 /* -----------------------------------------------------------------------------
385 * KEK recipient info
386 */
387
388 static const SecAsn1Template SecCmsKEKIdentifierTemplate[] = {
389 { SEC_ASN1_SEQUENCE,
390 0, NULL, sizeof(SecCmsKEKIdentifier) },
391 { SEC_ASN1_OCTET_STRING,
392 offsetof(SecCmsKEKIdentifier,keyIdentifier) },
393 { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
394 offsetof(SecCmsKEKIdentifier,date) },
395 { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
396 offsetof(SecCmsKEKIdentifier,other) },
397 { 0 }
398 };
399
400 static const SecAsn1Template SecCmsKEKRecipientInfoTemplate[] = {
401 { SEC_ASN1_SEQUENCE,
402 0, NULL, sizeof(SecCmsKEKRecipientInfo) },
403 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
404 offsetof(SecCmsKEKRecipientInfo,version) },
405 { SEC_ASN1_INLINE,
406 offsetof(SecCmsKEKRecipientInfo,kekIdentifier),
407 SecCmsKEKIdentifierTemplate },
408 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
409 offsetof(SecCmsKEKRecipientInfo,keyEncAlg),
410 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
411 { SEC_ASN1_OCTET_STRING,
412 offsetof(SecCmsKEKRecipientInfo,encKey) },
413 { 0 }
414 };
415
416 /* -----------------------------------------------------------------------------
417 * recipient info
418 */
419 const SecAsn1Template SecCmsRecipientInfoTemplate[] = {
420 { SEC_ASN1_CHOICE,
421 offsetof(SecCmsRecipientInfo,recipientInfoType), NULL,
422 sizeof(SecCmsRecipientInfo) },
423 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
424 offsetof(SecCmsRecipientInfo,ri.keyAgreeRecipientInfo),
425 SecCmsKeyAgreeRecipientInfoTemplate,
426 SecCmsRecipientInfoIDKeyAgree },
427 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
428 offsetof(SecCmsRecipientInfo,ri.kekRecipientInfo),
429 SecCmsKEKRecipientInfoTemplate,
430 SecCmsRecipientInfoIDKEK },
431 { SEC_ASN1_INLINE,
432 offsetof(SecCmsRecipientInfo,ri.keyTransRecipientInfo),
433 SecCmsKeyTransRecipientInfoTemplate,
434 SecCmsRecipientInfoIDKeyTrans },
435 { 0 }
436 };
437
438 /* -----------------------------------------------------------------------------
439 *
440 */
441
442 const SecAsn1Template SecCmsDigestedDataTemplate[] = {
443 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
444 0, NULL, sizeof(SecCmsDigestedData) },
445 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
446 offsetof(SecCmsDigestedData,version) },
447 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
448 offsetof(SecCmsDigestedData,digestAlg),
449 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
450 { SEC_ASN1_INLINE,
451 offsetof(SecCmsDigestedData,contentInfo),
452 SecCmsEncapsulatedContentInfoTemplate },
453 { SEC_ASN1_OCTET_STRING,
454 offsetof(SecCmsDigestedData,digest) },
455 { 0 }
456 };
457
458 const SecAsn1Template NSS_PointerToCMSDigestedDataTemplate[] = {
459 { SEC_ASN1_POINTER, 0, SecCmsDigestedDataTemplate }
460 };
461
462 const SecAsn1Template SecCmsEncryptedDataTemplate[] = {
463 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
464 0, NULL, sizeof(SecCmsEncryptedData) },
465 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
466 offsetof(SecCmsEncryptedData,version) },
467 { SEC_ASN1_INLINE,
468 offsetof(SecCmsEncryptedData,contentInfo),
469 SecCmsEncryptedContentInfoTemplate },
470 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
471 offsetof(SecCmsEncryptedData,unprotectedAttr),
472 nss_cms_set_of_attribute_template },
473 { 0 }
474 };
475
476 const SecAsn1Template NSS_PointerToCMSEncryptedDataTemplate[] = {
477 { SEC_ASN1_POINTER, 0, SecCmsEncryptedDataTemplate }
478 };
479
480 /* -----------------------------------------------------------------------------
481 * SetOfSignedCrlTemplate
482 */
483 const SecAsn1Template SecCmsIssuerAndSNTemplate[] = {
484 { SEC_ASN1_SEQUENCE,
485 0, NULL, sizeof(SecCmsIssuerAndSN) },
486 #if 1 // @@@ Switch to using NSS_NameTemplate
487 { SEC_ASN1_ANY,
488 offsetof(SecCmsIssuerAndSN,derIssuer) },
489 #else
490 { SEC_ASN1_INLINE,
491 offsetof(SecCmsIssuerAndSN,issuer),
492 NSS_NameTemplate },
493 #endif
494 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
495 offsetof(SecCmsIssuerAndSN,serialNumber) },
496 { 0 }
497 };
498
499
500 /* -----------------------------------------------------------------------------
501 * FORTEZZA KEA
502 */
503 const SecAsn1Template NSS_SMIMEKEAParamTemplateSkipjack[] = {
504 { SEC_ASN1_SEQUENCE,
505 0, NULL, sizeof(SecCmsSMIMEKEAParameters) },
506 { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
507 offsetof(SecCmsSMIMEKEAParameters,originatorKEAKey) },
508 { SEC_ASN1_OCTET_STRING,
509 offsetof(SecCmsSMIMEKEAParameters,originatorRA) },
510 { 0 }
511 };
512
513 const SecAsn1Template NSS_SMIMEKEAParamTemplateNoSkipjack[] = {
514 { SEC_ASN1_SEQUENCE,
515 0, NULL, sizeof(SecCmsSMIMEKEAParameters) },
516 { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
517 offsetof(SecCmsSMIMEKEAParameters,originatorKEAKey) },
518 { SEC_ASN1_OCTET_STRING,
519 offsetof(SecCmsSMIMEKEAParameters,originatorRA) },
520 { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
521 offsetof(SecCmsSMIMEKEAParameters,nonSkipjackIV) },
522 { 0 }
523 };
524
525 const SecAsn1Template NSS_SMIMEKEAParamTemplateAllParams[] = {
526 { SEC_ASN1_SEQUENCE,
527 0, NULL, sizeof(SecCmsSMIMEKEAParameters) },
528 { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
529 offsetof(SecCmsSMIMEKEAParameters,originatorKEAKey) },
530 { SEC_ASN1_OCTET_STRING,
531 offsetof(SecCmsSMIMEKEAParameters,originatorRA) },
532 { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
533 offsetof(SecCmsSMIMEKEAParameters,nonSkipjackIV) },
534 { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
535 offsetof(SecCmsSMIMEKEAParameters,bulkKeySize) },
536 { 0 }
537 };
538
539 /*TODO: this should be in some header */
540 const SecAsn1Template *
541 nss_cms_get_kea_template(SecCmsKEATemplateSelector whichTemplate);
542 const SecAsn1Template *
543 nss_cms_get_kea_template(SecCmsKEATemplateSelector whichTemplate)
544 {
545 const SecAsn1Template *returnVal = NULL;
546
547 switch(whichTemplate)
548 {
549 case SecCmsKEAUsesNonSkipjack:
550 returnVal = NSS_SMIMEKEAParamTemplateNoSkipjack;
551 break;
552 case SecCmsKEAUsesSkipjack:
553 returnVal = NSS_SMIMEKEAParamTemplateSkipjack;
554 break;
555 case SecCmsKEAUsesNonSkipjackWithPaddedEncKey:
556 default:
557 returnVal = NSS_SMIMEKEAParamTemplateAllParams;
558 break;
559 }
560 return returnVal;
561 }
562
563 /* -----------------------------------------------------------------------------
564 *
565 */
566 static const SecAsn1Template *
567 nss_cms_choose_content_template(void *src_or_dest, Boolean encoding, const char *buf, void *dest)
568 {
569 const SecAsn1Template *theTemplate;
570 SecCmsContentInfoRef cinfo;
571
572 PORT_Assert (src_or_dest != NULL);
573 if (src_or_dest == NULL)
574 return NULL;
575
576 cinfo = (SecCmsContentInfoRef)src_or_dest;
577 switch (SecCmsContentInfoGetContentTypeTag(cinfo)) {
578 default:
579 theTemplate = SEC_ASN1_GET(kSecAsn1PointerToAnyTemplate);
580 break;
581 case SEC_OID_PKCS7_DATA:
582 case SEC_OID_OTHER:
583 theTemplate = SEC_ASN1_GET(kSecAsn1PointerToOctetStringTemplate);
584 break;
585 case SEC_OID_PKCS7_SIGNED_DATA:
586 theTemplate = NSS_PointerToCMSSignedDataTemplate;
587 break;
588 case SEC_OID_PKCS7_ENVELOPED_DATA:
589 theTemplate = NSS_PointerToCMSEnvelopedDataTemplate;
590 break;
591 case SEC_OID_PKCS7_DIGESTED_DATA:
592 theTemplate = NSS_PointerToCMSDigestedDataTemplate;
593 break;
594 case SEC_OID_PKCS7_ENCRYPTED_DATA:
595 theTemplate = NSS_PointerToCMSEncryptedDataTemplate;
596 break;
597 }
598 return theTemplate;
599 }