]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_smime/lib/cmsasn1.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-58286.251.4.tar.gz
[apple/security.git] / OSX / libsecurity_smime / lib / cmsasn1.c
1 /*
2 * The contents of this file are subject to the Mozilla Public
3 * License Version 1.1 (the "License"); you may not use this file
4 * except in compliance with the License. You may obtain a copy of
5 * the License at http://www.mozilla.org/MPL/
6 *
7 * Software distributed under the License is distributed on an "AS
8 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9 * implied. See the License for the specific language governing
10 * rights and limitations under the License.
11 *
12 * The Original Code is the Netscape security libraries.
13 *
14 * The Initial Developer of the Original Code is Netscape
15 * Communications Corporation. Portions created by Netscape are
16 * Copyright (C) 1994-2000 Netscape Communications Corporation. All
17 * Rights Reserved.
18 *
19 * Contributor(s):
20 *
21 * Alternatively, the contents of this file may be used under the
22 * terms of the GNU General Public License Version 2 or later (the
23 * "GPL"), in which case the provisions of the GPL are applicable
24 * instead of those above. If you wish to allow use of your
25 * version of this file only under the terms of the GPL and not to
26 * allow others to use your version of this file under the MPL,
27 * indicate your decision by deleting the provisions above and
28 * replace them with the notice and other provisions required by
29 * the GPL. If you do not delete the provisions above, a recipient
30 * may use your version of this file under either the MPL or the
31 * GPL.
32 */
33
34 /*
35 * CMS ASN.1 templates
36 */
37
38 #include <Security/SecCmsContentInfo.h>
39
40 #include "cmslocal.h"
41
42 #include "secoid.h"
43 #include <security_asn1/secasn1.h>
44 #include <security_asn1/secerr.h>
45
46
47 extern const SecAsn1Template nss_cms_set_of_attribute_template[];
48
49 //SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
50 //SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
51 SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
52 SEC_ASN1_MKSUB(kSecAsn1BitStringTemplate)
53 SEC_ASN1_MKSUB(kSecAsn1OctetStringTemplate)
54 SEC_ASN1_MKSUB(kSecAsn1PointerToOctetStringTemplate)
55 SEC_ASN1_MKSUB(kSecAsn1SetOfAnyTemplate)
56
57 /* -----------------------------------------------------------------------------
58 * MESSAGE
59 * (uses SecCmsContentInfo)
60 */
61
62 /* forward declaration */
63 static const SecAsn1Template *
64 nss_cms_choose_content_template(void *src_or_dest, Boolean encoding, const char *buf, size_t len, void *dest);
65
66 static const SecAsn1TemplateChooserPtr nss_cms_chooser
67 = nss_cms_choose_content_template;
68
69 const SecAsn1Template SecCmsMessageTemplate[] = {
70 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
71 0, NULL, sizeof(SecCmsMessage) },
72 { SEC_ASN1_OBJECT_ID,
73 offsetof(SecCmsMessage,contentInfo.contentType) },
74 { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
75 | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
76 offsetof(SecCmsMessage,contentInfo.content),
77 &nss_cms_chooser },
78 { 0 }
79 };
80
81 #if 0
82 static const SecAsn1Template NSS_PointerToCMSMessageTemplate[] = {
83 { SEC_ASN1_POINTER, 0, SecCmsMessageTemplate }
84 };
85 #endif
86
87 /* -----------------------------------------------------------------------------
88 * ENCAPSULATED & ENCRYPTED CONTENTINFO
89 * (both use a SecCmsContentInfo)
90 */
91 static const SecAsn1Template SecCmsEncapsulatedContentInfoTemplate[] = {
92 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
93 0, NULL, sizeof(SecCmsContentInfo) },
94 { SEC_ASN1_OBJECT_ID,
95 offsetof(SecCmsContentInfo,contentType) },
96 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_MAY_STREAM |
97 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
98 offsetof(SecCmsContentInfo,rawContent),
99 SEC_ASN1_SUB(kSecAsn1PointerToOctetStringTemplate) },
100 { 0 }
101 };
102
103 static const SecAsn1Template SecCmsEncryptedContentInfoTemplate[] = {
104 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
105 0, NULL, sizeof(SecCmsContentInfo) },
106 { SEC_ASN1_OBJECT_ID,
107 offsetof(SecCmsContentInfo,contentType) },
108 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
109 offsetof(SecCmsContentInfo,contentEncAlg),
110 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
111 { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM |
112 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
113 offsetof(SecCmsContentInfo,rawContent),
114 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) },
115 { 0 }
116 };
117
118 /* -----------------------------------------------------------------------------
119 * SIGNED DATA
120 */
121
122 const SecAsn1Template SecCmsSignerInfoTemplate[];
123
124
125 const SecAsn1Template SecCmsSignedDataTemplate[] = {
126 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
127 0, NULL, sizeof(SecCmsSignedData) },
128 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
129 offsetof(SecCmsSignedData,version) },
130 { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
131 offsetof(SecCmsSignedData,digestAlgorithms),
132 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
133 { SEC_ASN1_INLINE,
134 offsetof(SecCmsSignedData,contentInfo),
135 SecCmsEncapsulatedContentInfoTemplate },
136 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
137 SEC_ASN1_XTRN | 0,
138 offsetof(SecCmsSignedData,rawCerts),
139 SEC_ASN1_SUB(kSecAsn1SetOfAnyTemplate) },
140 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
141 SEC_ASN1_XTRN | 1,
142 offsetof(SecCmsSignedData,rawCrls),
143 SEC_ASN1_SUB(kSecAsn1SetOfAnyTemplate) },
144 { SEC_ASN1_SET_OF,
145 offsetof(SecCmsSignedData,signerInfos),
146 SecCmsSignerInfoTemplate },
147 { 0 }
148 };
149
150 const SecAsn1Template NSS_PointerToCMSSignedDataTemplate[] = {
151 { SEC_ASN1_POINTER, 0, SecCmsSignedDataTemplate }
152 };
153
154 /* -----------------------------------------------------------------------------
155 * signeridentifier
156 */
157
158 static const SecAsn1Template SecCmsSignerIdentifierTemplate[] = {
159 { SEC_ASN1_CHOICE,
160 offsetof(SecCmsSignerIdentifier,identifierType), NULL,
161 sizeof(SecCmsSignerIdentifier) },
162 { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
163 offsetof(SecCmsSignerIdentifier,id.subjectKeyID),
164 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) ,
165 SecCmsRecipientIDSubjectKeyID },
166 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
167 offsetof(SecCmsSignerIdentifier,id.issuerAndSN),
168 SEC_ASN1_SUB(SecCmsIssuerAndSNTemplate),
169 SecCmsRecipientIDIssuerSN },
170 { 0 }
171 };
172
173 /* -----------------------------------------------------------------------------
174 * signerinfo
175 */
176
177 const SecAsn1Template SecCmsSignerInfoTemplate[] = {
178 { SEC_ASN1_SEQUENCE,
179 0, NULL, sizeof(SecCmsSignerInfo) },
180 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
181 offsetof(SecCmsSignerInfo,version) },
182 { SEC_ASN1_INLINE,
183 offsetof(SecCmsSignerInfo,signerIdentifier),
184 SecCmsSignerIdentifierTemplate },
185 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
186 offsetof(SecCmsSignerInfo,digestAlg),
187 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
188 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
189 offsetof(SecCmsSignerInfo,authAttr),
190 nss_cms_set_of_attribute_template },
191 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
192 offsetof(SecCmsSignerInfo,digestEncAlg),
193 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
194 { SEC_ASN1_OCTET_STRING,
195 offsetof(SecCmsSignerInfo,encDigest) },
196 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
197 offsetof(SecCmsSignerInfo,unAuthAttr),
198 nss_cms_set_of_attribute_template },
199 { 0 }
200 };
201
202 /* -----------------------------------------------------------------------------
203 * ENVELOPED DATA
204 */
205
206 static const SecAsn1Template SecCmsOriginatorInfoTemplate[] = {
207 { SEC_ASN1_SEQUENCE,
208 0, NULL, sizeof(SecCmsOriginatorInfo) },
209 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
210 SEC_ASN1_XTRN | 0,
211 offsetof(SecCmsOriginatorInfo,rawCerts),
212 SEC_ASN1_SUB(kSecAsn1SetOfAnyTemplate) },
213 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
214 SEC_ASN1_XTRN | 1,
215 offsetof(SecCmsOriginatorInfo,rawCrls),
216 SEC_ASN1_SUB(kSecAsn1SetOfAnyTemplate) },
217 { 0 }
218 };
219
220 const SecAsn1Template SecCmsRecipientInfoTemplate[];
221
222 const SecAsn1Template SecCmsEnvelopedDataTemplate[] = {
223 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
224 0, NULL, sizeof(SecCmsEnvelopedData) },
225 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
226 offsetof(SecCmsEnvelopedData,version) },
227 { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
228 offsetof(SecCmsEnvelopedData,originatorInfo),
229 SecCmsOriginatorInfoTemplate },
230 { SEC_ASN1_SET_OF,
231 offsetof(SecCmsEnvelopedData,recipientInfos),
232 SecCmsRecipientInfoTemplate },
233 { SEC_ASN1_INLINE,
234 offsetof(SecCmsEnvelopedData,contentInfo),
235 SecCmsEncryptedContentInfoTemplate },
236 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
237 offsetof(SecCmsEnvelopedData,unprotectedAttr),
238 nss_cms_set_of_attribute_template },
239 { 0 }
240 };
241
242 const SecAsn1Template NSS_PointerToCMSEnvelopedDataTemplate[] = {
243 { SEC_ASN1_POINTER, 0, SecCmsEnvelopedDataTemplate }
244 };
245
246 /* here come the 15 gazillion templates for all the v3 varieties of RecipientInfo */
247
248 /* -----------------------------------------------------------------------------
249 * key transport recipient info
250 */
251
252 static const SecAsn1Template SecCmsRecipientIdentifierTemplate[] = {
253 { SEC_ASN1_CHOICE,
254 offsetof(SecCmsRecipientIdentifier,identifierType), NULL,
255 sizeof(SecCmsRecipientIdentifier) },
256 { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
257 offsetof(SecCmsRecipientIdentifier,id.subjectKeyID),
258 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) ,
259 SecCmsRecipientIDSubjectKeyID },
260 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
261 offsetof(SecCmsRecipientIdentifier,id.issuerAndSN),
262 SEC_ASN1_SUB(SecCmsIssuerAndSNTemplate),
263 SecCmsRecipientIDIssuerSN },
264 { 0 }
265 };
266
267
268 static const SecAsn1Template SecCmsKeyTransRecipientInfoTemplate[] = {
269 { SEC_ASN1_SEQUENCE,
270 0, NULL, sizeof(SecCmsKeyTransRecipientInfo) },
271 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
272 offsetof(SecCmsKeyTransRecipientInfo,version) },
273 { SEC_ASN1_INLINE,
274 offsetof(SecCmsKeyTransRecipientInfo,recipientIdentifier),
275 SecCmsRecipientIdentifierTemplate },
276 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
277 offsetof(SecCmsKeyTransRecipientInfo,keyEncAlg),
278 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
279 { SEC_ASN1_OCTET_STRING,
280 offsetof(SecCmsKeyTransRecipientInfo,encKey) },
281 { 0 }
282 };
283
284 /* -----------------------------------------------------------------------------
285 * key agreement recipient info
286 */
287
288 static const SecAsn1Template SecCmsOriginatorPublicKeyTemplate[] = {
289 { SEC_ASN1_SEQUENCE,
290 0, NULL, sizeof(SecCmsOriginatorPublicKey) },
291 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
292 offsetof(SecCmsOriginatorPublicKey,algorithmIdentifier),
293 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
294 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
295 offsetof(SecCmsOriginatorPublicKey,publicKey),
296 SEC_ASN1_SUB(kSecAsn1BitStringTemplate) },
297 { 0 }
298 };
299
300
301 static const SecAsn1Template SecCmsOriginatorIdentifierOrKeyTemplate[] = {
302 { SEC_ASN1_CHOICE,
303 offsetof(SecCmsOriginatorIdentifierOrKey,identifierType), NULL,
304 sizeof(SecCmsOriginatorIdentifierOrKey) },
305 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
306 offsetof(SecCmsOriginatorIdentifierOrKey,id.issuerAndSN),
307 SEC_ASN1_SUB(SecCmsIssuerAndSNTemplate),
308 SecCmsOriginatorIDOrKeyIssuerSN },
309 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
310 /* this was tag 1 here, 2 for the next; RFC 3852 says they are 0 and 1 */
311 SEC_ASN1_XTRN | 0,
312 offsetof(SecCmsOriginatorIdentifierOrKey,id.subjectKeyID),
313 kSecAsn1OctetStringTemplate,
314 SecCmsOriginatorIDOrKeySubjectKeyID },
315 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
316 offsetof(SecCmsOriginatorIdentifierOrKey,id.originatorPublicKey),
317 SecCmsOriginatorPublicKeyTemplate,
318 SecCmsOriginatorIDOrKeyOriginatorPublicKey },
319 { 0 }
320 };
321
322 const SecAsn1Template SecCmsRecipientKeyIdentifierTemplate[] = {
323 { SEC_ASN1_SEQUENCE,
324 0, NULL, sizeof(SecCmsRecipientKeyIdentifier) },
325 { SEC_ASN1_INLINE | SEC_ASN1_OCTET_STRING,
326 offsetof(SecCmsRecipientKeyIdentifier,subjectKeyIdentifier),
327 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) },
328 { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL | SEC_ASN1_GENERALIZED_TIME,
329 offsetof(SecCmsRecipientKeyIdentifier,date),
330 SEC_ASN1_SUB(kSecAsn1GeneralizedTimeTemplate) },
331 { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
332 offsetof(SecCmsRecipientKeyIdentifier,other) },
333 { 0 }
334 };
335
336
337 static const SecAsn1Template SecCmsKeyAgreeRecipientIdentifierTemplate[] = {
338 { SEC_ASN1_CHOICE,
339 offsetof(SecCmsKeyAgreeRecipientIdentifier,identifierType), NULL,
340 sizeof(SecCmsKeyAgreeRecipientIdentifier) },
341 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
342 offsetof(SecCmsKeyAgreeRecipientIdentifier,id.issuerAndSN),
343 SEC_ASN1_SUB(SecCmsIssuerAndSNTemplate),
344 SecCmsKeyAgreeRecipientIDIssuerSN },
345 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
346 offsetof(SecCmsKeyAgreeRecipientIdentifier,id.recipientKeyIdentifier),
347 SecCmsRecipientKeyIdentifierTemplate,
348 SecCmsKeyAgreeRecipientIDRKeyID },
349 { 0 }
350 };
351
352 static const SecAsn1Template SecCmsRecipientEncryptedKeyTemplate[] = {
353 { SEC_ASN1_SEQUENCE,
354 0, NULL, sizeof(SecCmsRecipientEncryptedKey) },
355 { SEC_ASN1_INLINE,
356 offsetof(SecCmsRecipientEncryptedKey,recipientIdentifier),
357 SecCmsKeyAgreeRecipientIdentifierTemplate },
358 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
359 offsetof(SecCmsRecipientEncryptedKey,encKey),
360 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) },
361 { 0 }
362 };
363
364 static const SecAsn1Template SecCmsKeyAgreeRecipientInfoTemplate[] = {
365 { SEC_ASN1_SEQUENCE,
366 0, NULL, sizeof(SecCmsKeyAgreeRecipientInfo) },
367 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
368 offsetof(SecCmsKeyAgreeRecipientInfo,version) },
369 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
370 offsetof(SecCmsKeyAgreeRecipientInfo,originatorIdentifierOrKey),
371 SecCmsOriginatorIdentifierOrKeyTemplate },
372 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
373 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
374 offsetof(SecCmsKeyAgreeRecipientInfo,ukm),
375 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) },
376 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
377 offsetof(SecCmsKeyAgreeRecipientInfo,keyEncAlg),
378 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
379 { SEC_ASN1_SEQUENCE_OF,
380 offsetof(SecCmsKeyAgreeRecipientInfo,recipientEncryptedKeys),
381 SecCmsRecipientEncryptedKeyTemplate },
382 { 0 }
383 };
384
385 /* -----------------------------------------------------------------------------
386 * KEK recipient info
387 */
388
389 static const SecAsn1Template SecCmsKEKIdentifierTemplate[] = {
390 { SEC_ASN1_SEQUENCE,
391 0, NULL, sizeof(SecCmsKEKIdentifier) },
392 { SEC_ASN1_OCTET_STRING,
393 offsetof(SecCmsKEKIdentifier,keyIdentifier) },
394 { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
395 offsetof(SecCmsKEKIdentifier,date) },
396 { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
397 offsetof(SecCmsKEKIdentifier,other) },
398 { 0 }
399 };
400
401 static const SecAsn1Template SecCmsKEKRecipientInfoTemplate[] = {
402 { SEC_ASN1_SEQUENCE,
403 0, NULL, sizeof(SecCmsKEKRecipientInfo) },
404 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
405 offsetof(SecCmsKEKRecipientInfo,version) },
406 { SEC_ASN1_INLINE,
407 offsetof(SecCmsKEKRecipientInfo,kekIdentifier),
408 SecCmsKEKIdentifierTemplate },
409 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
410 offsetof(SecCmsKEKRecipientInfo,keyEncAlg),
411 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
412 { SEC_ASN1_OCTET_STRING,
413 offsetof(SecCmsKEKRecipientInfo,encKey) },
414 { 0 }
415 };
416
417 /* -----------------------------------------------------------------------------
418 * recipient info
419 */
420 const SecAsn1Template SecCmsRecipientInfoTemplate[] = {
421 { SEC_ASN1_CHOICE,
422 offsetof(SecCmsRecipientInfo,recipientInfoType), NULL,
423 sizeof(SecCmsRecipientInfo) },
424 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
425 offsetof(SecCmsRecipientInfo,ri.keyAgreeRecipientInfo),
426 SecCmsKeyAgreeRecipientInfoTemplate,
427 SecCmsRecipientInfoIDKeyAgree },
428 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
429 offsetof(SecCmsRecipientInfo,ri.kekRecipientInfo),
430 SecCmsKEKRecipientInfoTemplate,
431 SecCmsRecipientInfoIDKEK },
432 { SEC_ASN1_INLINE,
433 offsetof(SecCmsRecipientInfo,ri.keyTransRecipientInfo),
434 SecCmsKeyTransRecipientInfoTemplate,
435 SecCmsRecipientInfoIDKeyTrans },
436 { 0 }
437 };
438
439 /* -----------------------------------------------------------------------------
440 *
441 */
442
443 const SecAsn1Template SecCmsDigestedDataTemplate[] = {
444 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
445 0, NULL, sizeof(SecCmsDigestedData) },
446 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
447 offsetof(SecCmsDigestedData,version) },
448 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
449 offsetof(SecCmsDigestedData,digestAlg),
450 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
451 { SEC_ASN1_INLINE,
452 offsetof(SecCmsDigestedData,contentInfo),
453 SecCmsEncapsulatedContentInfoTemplate },
454 { SEC_ASN1_OCTET_STRING,
455 offsetof(SecCmsDigestedData,digest) },
456 { 0 }
457 };
458
459 const SecAsn1Template NSS_PointerToCMSDigestedDataTemplate[] = {
460 { SEC_ASN1_POINTER, 0, SecCmsDigestedDataTemplate }
461 };
462
463 const SecAsn1Template SecCmsEncryptedDataTemplate[] = {
464 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
465 0, NULL, sizeof(SecCmsEncryptedData) },
466 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
467 offsetof(SecCmsEncryptedData,version) },
468 { SEC_ASN1_INLINE,
469 offsetof(SecCmsEncryptedData,contentInfo),
470 SecCmsEncryptedContentInfoTemplate },
471 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
472 offsetof(SecCmsEncryptedData,unprotectedAttr),
473 nss_cms_set_of_attribute_template },
474 { 0 }
475 };
476
477 const SecAsn1Template NSS_PointerToCMSEncryptedDataTemplate[] = {
478 { SEC_ASN1_POINTER, 0, SecCmsEncryptedDataTemplate }
479 };
480
481 /* -----------------------------------------------------------------------------
482 * SetOfSignedCrlTemplate
483 */
484 const SecAsn1Template SecCmsIssuerAndSNTemplate[] = {
485 { SEC_ASN1_SEQUENCE,
486 0, NULL, sizeof(SecCmsIssuerAndSN) },
487 #if 1 // @@@ Switch to using NSS_NameTemplate
488 { SEC_ASN1_ANY,
489 offsetof(SecCmsIssuerAndSN,derIssuer) },
490 #else
491 { SEC_ASN1_INLINE,
492 offsetof(SecCmsIssuerAndSN,issuer),
493 NSS_NameTemplate },
494 #endif
495 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
496 offsetof(SecCmsIssuerAndSN,serialNumber) },
497 { 0 }
498 };
499
500
501 /* -----------------------------------------------------------------------------
502 * FORTEZZA KEA
503 */
504 const SecAsn1Template NSS_SMIMEKEAParamTemplateSkipjack[] = {
505 { SEC_ASN1_SEQUENCE,
506 0, NULL, sizeof(SecCmsSMIMEKEAParameters) },
507 { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
508 offsetof(SecCmsSMIMEKEAParameters,originatorKEAKey) },
509 { SEC_ASN1_OCTET_STRING,
510 offsetof(SecCmsSMIMEKEAParameters,originatorRA) },
511 { 0 }
512 };
513
514 const SecAsn1Template NSS_SMIMEKEAParamTemplateNoSkipjack[] = {
515 { SEC_ASN1_SEQUENCE,
516 0, NULL, sizeof(SecCmsSMIMEKEAParameters) },
517 { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
518 offsetof(SecCmsSMIMEKEAParameters,originatorKEAKey) },
519 { SEC_ASN1_OCTET_STRING,
520 offsetof(SecCmsSMIMEKEAParameters,originatorRA) },
521 { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
522 offsetof(SecCmsSMIMEKEAParameters,nonSkipjackIV) },
523 { 0 }
524 };
525
526 const SecAsn1Template NSS_SMIMEKEAParamTemplateAllParams[] = {
527 { SEC_ASN1_SEQUENCE,
528 0, NULL, sizeof(SecCmsSMIMEKEAParameters) },
529 { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
530 offsetof(SecCmsSMIMEKEAParameters,originatorKEAKey) },
531 { SEC_ASN1_OCTET_STRING,
532 offsetof(SecCmsSMIMEKEAParameters,originatorRA) },
533 { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
534 offsetof(SecCmsSMIMEKEAParameters,nonSkipjackIV) },
535 { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
536 offsetof(SecCmsSMIMEKEAParameters,bulkKeySize) },
537 { 0 }
538 };
539
540 /*TODO: this should be in some header */
541 const SecAsn1Template *
542 nss_cms_get_kea_template(SecCmsKEATemplateSelector whichTemplate);
543 const SecAsn1Template *
544 nss_cms_get_kea_template(SecCmsKEATemplateSelector whichTemplate)
545 {
546 const SecAsn1Template *returnVal = NULL;
547
548 switch(whichTemplate)
549 {
550 case SecCmsKEAUsesNonSkipjack:
551 returnVal = NSS_SMIMEKEAParamTemplateNoSkipjack;
552 break;
553 case SecCmsKEAUsesSkipjack:
554 returnVal = NSS_SMIMEKEAParamTemplateSkipjack;
555 break;
556 case SecCmsKEAUsesNonSkipjackWithPaddedEncKey:
557 default:
558 returnVal = NSS_SMIMEKEAParamTemplateAllParams;
559 break;
560 }
561 return returnVal;
562 }
563
564 /* -----------------------------------------------------------------------------
565 *
566 */
567 static const SecAsn1Template *
568 nss_cms_choose_content_template(void *src_or_dest, Boolean encoding, const char *buf, size_t len, void *dest)
569 {
570 const SecAsn1Template *theTemplate;
571 SecCmsContentInfoRef cinfo;
572
573 PORT_Assert (src_or_dest != NULL);
574 if (src_or_dest == NULL)
575 return NULL;
576
577 cinfo = (SecCmsContentInfoRef)src_or_dest;
578 switch (SecCmsContentInfoGetContentTypeTag(cinfo)) {
579 default:
580 theTemplate = SEC_ASN1_GET(kSecAsn1PointerToAnyTemplate);
581 break;
582 case SEC_OID_PKCS7_DATA:
583 case SEC_OID_OTHER:
584 theTemplate = SEC_ASN1_GET(kSecAsn1PointerToOctetStringTemplate);
585 break;
586 case SEC_OID_PKCS7_SIGNED_DATA:
587 theTemplate = NSS_PointerToCMSSignedDataTemplate;
588 break;
589 case SEC_OID_PKCS7_ENVELOPED_DATA:
590 theTemplate = NSS_PointerToCMSEnvelopedDataTemplate;
591 break;
592 case SEC_OID_PKCS7_DIGESTED_DATA:
593 theTemplate = NSS_PointerToCMSDigestedDataTemplate;
594 break;
595 case SEC_OID_PKCS7_ENCRYPTED_DATA:
596 theTemplate = NSS_PointerToCMSEncryptedDataTemplate;
597 break;
598 }
599 return theTemplate;
600 }
mirror of Security