+++ /dev/null
-/*
- * Copyright (c) 2003-2004,2011,2013-2014 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-/*
- * pkcs12Templates.cpp
- */
-
-#include "pkcs12Templates.h"
-#include "pkcs12Utils.h"
-#include <security_asn1/nssUtils.h>
-#include <Security/SecAsn1Templates.h>
-#include <Security/oidsattr.h>
-
-#pragma clang diagnostic push
-#pragma clang diagnostic ignored "-Wunused-const-variable"
-
-
-const SecAsn1Template NSS_P12_MacDataTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSS_P12_MacData) },
- { SEC_ASN1_INLINE,
- offsetof(NSS_P12_MacData,mac),
- NSS_P7_DigestInfoTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSS_P12_MacData,macSalt) },
- /* iterations is unsigned - right? */
- { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL,
- offsetof(NSS_P12_MacData,iterations) },
- { 0, }
-};
-
-const SecAsn1Template pointerToMacDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSS_P12_MacDataTemplate }
-};
-
-/* raw PFX with unprocessed authSafe */
-const SecAsn1Template NSS_P12_RawPFXTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSS_P12_RawPFX) },
- { SEC_ASN1_INTEGER,
- offsetof(NSS_P12_RawPFX,version) },
- { SEC_ASN1_INLINE,
- offsetof(NSS_P12_RawPFX, authSafe),
- NSS_P7_RawContentInfoTemplate },
- { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL,
- offsetof(NSS_P12_RawPFX, macData),
- NSS_P12_MacDataTemplate },
- { 0, }
-};
-
-/* PFX with decoded authSafe */
-extern const SecAsn1Template NSS_P12_DecodedPFXTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSS_P12_DecodedPFX) },
- { SEC_ASN1_INTEGER,
- offsetof(NSS_P12_DecodedPFX,version) },
- { SEC_ASN1_INLINE,
- offsetof(NSS_P12_DecodedPFX, authSafe),
- NSS_P7_DecodedContentInfoTemplate },
- { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL,
- offsetof(NSS_P12_DecodedPFX, macData),
- NSS_P12_MacDataTemplate },
- { 0, }
-};
-
-/* AuthenticatedSafe */
-const SecAsn1Template NSS_P12_AuthenticatedSafeTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(NSS_P12_AuthenticatedSafe, info),
- NSS_P7_DecodedContentInfoTemplate,
- sizeof(NSS_P12_AuthenticatedSafe) }
-};
-
-/*
- * Individual SafeBag type-specific templates here when we write 'em
- */
-const SecAsn1Template NSS_P12_PtrToShroudedKeyBagTemplate[] = {
- { SEC_ASN1_POINTER, 0, kSecAsn1EncryptedPrivateKeyInfoTemplate }
-};
-
-/*
- * CertBag via SEC_ASN1_DYNAMIC
- */
-static const SecAsn1Template * NSS_P12_CertBagChooser(
- void *arg, // --> NSS_P12_CertBag
- Boolean enc,
- const char *buf, // on decode, tag byte
- void *dest) // --> NSS_P12_CertBag.bagValue
-{
- NSS_P12_CertBag *bag = (NSS_P12_CertBag *)arg;
- const SecAsn1Template *templ = NULL;
- NSS_P12_CertBagType type = CT_Unknown;
- CSSM_OID *oid = &bag->bagType;
-
- if(nssCompareCssmData(oid, &CSSMOID_PKCS9_X509Certificate)) {
- templ = kSecAsn1OctetStringTemplate;
- type = CT_X509;
- }
- else if(nssCompareCssmData(oid, &CSSMOID_PKCS9_SdsiCertificate)) {
- templ = kSecAsn1IA5StringTemplate;
- type = CT_SDSI;
- }
- else {
- /* punt */
- templ = kSecAsn1AnyTemplate;
- }
- if(!enc) {
- bag->type = type;
- }
- return templ;
-}
-
-static const SecAsn1TemplateChooserPtr NSS_P12_CertBagChooserPtr =
- NSS_P12_CertBagChooser;
-
-const SecAsn1Template NSS_P12_CertBagTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSS_P12_CertBag) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSS_P12_CertBag,bagType) },
- /* these come in with a tag of 0xA0, context/constructed,
- * though I don't know why they are flagged as constructed */
- { SEC_ASN1_DYNAMIC | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 0,
- offsetof(NSS_P12_CertBag, certValue),
- &NSS_P12_CertBagChooserPtr },
- { 0, }
-};
-
-const SecAsn1Template NSS_P12_PtrToCertBagTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSS_P12_CertBagTemplate }
-};
-
-/*
- * CrlBag via SEC_ASN1_DYNAMIC
- */
-static const SecAsn1Template * NSS_P12_CrlBagChooser(
- void *arg, // --> NSS_P12_CrlBag
- Boolean enc,
- const char *buf, // on decode, tag byte
- void *dest) // --> NSS_P12_CertBag.bagValue
-{
- NSS_P12_CrlBag *bag = (NSS_P12_CrlBag *)arg;
- const SecAsn1Template *templ = NULL;
- NSS_P12_CrlBagType type = CRT_Unknown;
- CSSM_OID *oid = &bag->bagType;
-
- if(nssCompareCssmData(oid, &CSSMOID_PKCS9_X509Crl)) {
- templ = kSecAsn1OctetStringTemplate;
- type = CRT_X509;
- }
- else {
- /* punt */
- templ = kSecAsn1AnyTemplate;
- }
- if(!enc) {
- bag->type = type;
- }
- return templ;
-}
-
-static const SecAsn1TemplateChooserPtr NSS_P12_CrlBagChooserPtr =
- NSS_P12_CrlBagChooser;
-
-const SecAsn1Template NSS_P12_CrlBagTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSS_P12_CrlBag) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSS_P12_CrlBag,bagType) },
- /* these come in with a tag of 0xA0, context/constructed,
- * though I don't know why they are flagged as constructed */
- { SEC_ASN1_DYNAMIC | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 0,
- offsetof(NSS_P12_CrlBag, crlValue),
- &NSS_P12_CrlBagChooserPtr },
- { 0, }
-};
-
-const SecAsn1Template NSS_P12_PtrToCrlBagTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSS_P12_CrlBagTemplate }
-};
-
-
-/* the stub templates for unimplemented BagTypes */
-#define NSS_P12_PtrToKeyBagTemplate kSecAsn1PointerToAnyTemplate
-#define NSS_P12_PtrToSecretBagTemplate kSecAsn1PointerToAnyTemplate
-#define NSS_P12_PtrToSafeContentsBagTemplate kSecAsn1PointerToAnyTemplate
-
-
-/*
- * SafeBag via SEC_ASN1_DYNAMIC
- */
-static const SecAsn1Template * NSS_P12_SafeBagChooser(
- void *arg, // --> NSS_P12_SafeBag
- Boolean enc,
- const char *buf, // on decode, tag byte
- void *dest) // --> NSS_P12_SafeBag.bagValue
-{
- NSS_P12_SafeBag *bag = (NSS_P12_SafeBag *)arg;
- const SecAsn1Template *templ = NULL;
- NSS_P12_SB_Type type = BT_None;
- CSSM_OID *oid = &bag->bagId;
-
- if(nssCompareCssmData(oid, &CSSMOID_PKCS12_keyBag)) {
- templ = NSS_P12_PtrToKeyBagTemplate;
- type = BT_KeyBag;
- }
- else if(nssCompareCssmData(oid, &CSSMOID_PKCS12_shroudedKeyBag)) {
- templ = NSS_P12_PtrToShroudedKeyBagTemplate;
- type = BT_ShroudedKeyBag;
- }
- else if(nssCompareCssmData(oid, &CSSMOID_PKCS12_certBag)) {
- templ = NSS_P12_PtrToCertBagTemplate;
- type = BT_CertBag;
- }
- else if(nssCompareCssmData(oid, &CSSMOID_PKCS12_crlBag)) {
- templ = NSS_P12_PtrToCrlBagTemplate;
- type = BT_CrlBag;
- }
- else if(nssCompareCssmData(oid, &CSSMOID_PKCS12_secretBag)) {
- templ = NSS_P12_PtrToSecretBagTemplate;
- type = BT_SecretBag;
- }
- else if(nssCompareCssmData(oid, &CSSMOID_PKCS12_safeContentsBag)) {
- templ = NSS_P12_PtrToSafeContentsBagTemplate;
- type = BT_SafeContentsBag;
- }
- /* add more here when we implement them */
- else {
- templ = kSecAsn1PointerToAnyTemplate;
- }
- if(!enc) {
- bag->type = type;
- }
- return templ;
-}
-
-static const SecAsn1TemplateChooserPtr NSS_P12_SafeBagChooserPtr =
- NSS_P12_SafeBagChooser;
-
-const SecAsn1Template NSS_P12_SafeBagTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSS_P12_SafeBag) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSS_P12_SafeBag,bagId) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(NSS_P12_SafeBag,bagValue),
- &NSS_P12_SafeBagChooserPtr },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SET_OF,
- offsetof(NSS_P12_SafeBag,bagAttrs),
- kSecAsn1AttributeTemplate },
- { 0 }
-};
-
-const SecAsn1Template NSS_P12_SafeContentsTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(NSS_P12_SafeContents, bags),
- NSS_P12_SafeBagTemplate,
- sizeof(NSS_P12_SafeContents) }
-};
-
-const SecAsn1Template NSS_P12_PBE_ParamsTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSS_P12_PBE_Params) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSS_P12_PBE_Params,salt) },
- /* iterations is unsigned - right? */
- { SEC_ASN1_INTEGER,
- offsetof(NSS_P12_PBE_Params,iterations) },
- { 0 }
-};
-
-#pragma clang diagnostic pop
projects / apple / security.git / blobdiff