← Back to branch summary

~ubuntu-branches/ubuntu/feisty/firefox/feisty-updates

« back to all changes in this revision

Viewing changes to security/nss-fips/lib/smime/cmsasn1.c

  • Committer: Bazaar Package Importer
  • Author(s): Alexander Sack, Alexander Sack
  • Date: 2008-06-23 15:08:12 UTC
  • mfrom: (1.1.24 upstream)
  • Revision ID: james.westby@ubuntu.com-20080623150812-sxdwhn3dz9pmapvf
Tags: 2.0.0.15+0nobinonly-0ubuntu0.7.4
[ Alexander Sack ]
* New security/stability upstream release (v2.0.0.15)
  - see USN-619-1

Show diffs side-by-side

added added

removed removed

Lines of Context:
security/nss-fips/lib/smime/cmsasn1.c
 
1
/* ***** BEGIN LICENSE BLOCK *****
 
2
 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
 
3
 *
 
4
 * The contents of this file are subject to the Mozilla Public License Version
 
5
 * 1.1 (the "License"); you may not use this file except in compliance with
 
6
 * the License. You may obtain a copy of the License at
 
7
 * http://www.mozilla.org/MPL/
 
8
 *
 
9
 * Software distributed under the License is distributed on an "AS IS" basis,
 
10
 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 
11
 * for the specific language governing rights and limitations under the
 
12
 * License.
 
13
 *
 
14
 * The Original Code is the Netscape security libraries.
 
15
 *
 
16
 * The Initial Developer of the Original Code is
 
17
 * Netscape Communications Corporation.
 
18
 * Portions created by the Initial Developer are Copyright (C) 1994-2000
 
19
 * the Initial Developer. All Rights Reserved.
 
20
 *
 
21
 * Contributor(s):
 
22
 *
 
23
 * Alternatively, the contents of this file may be used under the terms of
 
24
 * either the GNU General Public License Version 2 or later (the "GPL"), or
 
25
 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 
26
 * in which case the provisions of the GPL or the LGPL are applicable instead
 
27
 * of those above. If you wish to allow use of your version of this file only
 
28
 * under the terms of either the GPL or the LGPL, and not to allow others to
 
29
 * use your version of this file under the terms of the MPL, indicate your
 
30
 * decision by deleting the provisions above and replace them with the notice
 
31
 * and other provisions required by the GPL or the LGPL. If you do not delete
 
32
 * the provisions above, a recipient may use your version of this file under
 
33
 * the terms of any one of the MPL, the GPL or the LGPL.
 
34
 *
 
35
 * ***** END LICENSE BLOCK ***** */
 
36
 
 
37
/*
 
38
 * CMS ASN.1 templates
 
39
 *
 
40
 * $Id: cmsasn1.c,v 1.6 2004/04/25 15:03:15 gerv%gerv.net Exp $
 
41
 */
 
42
 
 
43
#include "cmslocal.h"
 
44
 
 
45
#include "cert.h"
 
46
#include "key.h"
 
47
#include "secasn1.h"
 
48
#include "secitem.h"
 
49
#include "secoid.h"
 
50
#include "prtime.h"
 
51
#include "secerr.h"
 
52
 
 
53
 
 
54
extern const SEC_ASN1Template nss_cms_set_of_attribute_template[];
 
55
 
 
56
SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
 
57
SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
 
58
SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
 
59
SEC_ASN1_MKSUB(SEC_BitStringTemplate)
 
60
SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
 
61
SEC_ASN1_MKSUB(SEC_PointerToOctetStringTemplate)
 
62
SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
 
63
 
 
64
/* -----------------------------------------------------------------------------
 
65
 * MESSAGE
 
66
 * (uses NSSCMSContentInfo)
 
67
 */
 
68
 
 
69
/* forward declaration */
 
70
static const SEC_ASN1Template *
 
71
nss_cms_choose_content_template(void *src_or_dest, PRBool encoding);
 
72
 
 
73
static const SEC_ASN1TemplateChooserPtr nss_cms_chooser
 
74
        = nss_cms_choose_content_template;
 
75
 
 
76
const SEC_ASN1Template NSSCMSMessageTemplate[] = {
 
77
    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
 
78
          0, NULL, sizeof(NSSCMSMessage) },
 
79
    { SEC_ASN1_OBJECT_ID,
 
80
          offsetof(NSSCMSMessage,contentInfo.contentType) },
 
81
    { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
 
82
     | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
 
83
          offsetof(NSSCMSMessage,contentInfo.content),
 
84
          &nss_cms_chooser },
 
85
    { 0 }
 
86
};
 
87
 
 
88
static const SEC_ASN1Template NSS_PointerToCMSMessageTemplate[] = {
 
89
    { SEC_ASN1_POINTER, 0, NSSCMSMessageTemplate }
 
90
};
 
91
 
 
92
/* -----------------------------------------------------------------------------
 
93
 * ENCAPSULATED & ENCRYPTED CONTENTINFO
 
94
 * (both use a NSSCMSContentInfo)
 
95
 */
 
96
static const SEC_ASN1Template NSSCMSEncapsulatedContentInfoTemplate[] = {
 
97
    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
 
98
          0, NULL, sizeof(NSSCMSContentInfo) },
 
99
    { SEC_ASN1_OBJECT_ID,
 
100
          offsetof(NSSCMSContentInfo,contentType) },
 
101
    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_MAY_STREAM |
 
102
        SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
 
103
          offsetof(NSSCMSContentInfo,rawContent),
 
104
          SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) },
 
105
    { 0 }
 
106
};
 
107
 
 
108
static const SEC_ASN1Template NSSCMSEncryptedContentInfoTemplate[] = {
 
109
    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
 
110
          0, NULL, sizeof(NSSCMSContentInfo) },
 
111
    { SEC_ASN1_OBJECT_ID,
 
112
          offsetof(NSSCMSContentInfo,contentType) },
 
113
    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 
114
          offsetof(NSSCMSContentInfo,contentEncAlg),
 
115
          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
 
116
    { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM | 
 
117
      SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
 
118
          offsetof(NSSCMSContentInfo,rawContent),
 
119
          SEC_ASN1_SUB(SEC_OctetStringTemplate) },
 
120
    { 0 }
 
121
};
 
122
 
 
123
/* -----------------------------------------------------------------------------
 
124
 * SIGNED DATA
 
125
 */
 
126
 
 
127
const SEC_ASN1Template NSSCMSSignerInfoTemplate[];
 
128
 
 
129
const SEC_ASN1Template NSSCMSSignedDataTemplate[] = {
 
130
    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
 
131
          0, NULL, sizeof(NSSCMSSignedData) },
 
132
    { SEC_ASN1_INTEGER,
 
133
          offsetof(NSSCMSSignedData,version) },
 
134
    { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
 
135
          offsetof(NSSCMSSignedData,digestAlgorithms),
 
136
          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
 
137
    { SEC_ASN1_INLINE,
 
138
          offsetof(NSSCMSSignedData,contentInfo),
 
139
          NSSCMSEncapsulatedContentInfoTemplate },
 
140
    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
 
141
      SEC_ASN1_XTRN | 0,
 
142
          offsetof(NSSCMSSignedData,rawCerts),
 
143
          SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
 
144
    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
 
145
      SEC_ASN1_XTRN | 1,
 
146
          offsetof(NSSCMSSignedData,crls),
 
147
          SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
 
148
    { SEC_ASN1_SET_OF,
 
149
          offsetof(NSSCMSSignedData,signerInfos),
 
150
          NSSCMSSignerInfoTemplate },
 
151
    { 0 }
 
152
};
 
153
 
 
154
const SEC_ASN1Template NSS_PointerToCMSSignedDataTemplate[] = {
 
155
    { SEC_ASN1_POINTER, 0, NSSCMSSignedDataTemplate }
 
156
};
 
157
 
 
158
/* -----------------------------------------------------------------------------
 
159
 * signeridentifier
 
160
 */
 
161
 
 
162
static const SEC_ASN1Template NSSCMSSignerIdentifierTemplate[] = {
 
163
    { SEC_ASN1_CHOICE,
 
164
          offsetof(NSSCMSSignerIdentifier,identifierType), NULL,
 
165
          sizeof(NSSCMSSignerIdentifier) },
 
166
    { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
 
167
          offsetof(NSSCMSSignerIdentifier,id.subjectKeyID),
 
168
          SEC_ASN1_SUB(SEC_OctetStringTemplate) ,
 
169
          NSSCMSRecipientID_SubjectKeyID },
 
170
    { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
 
171
          offsetof(NSSCMSSignerIdentifier,id.issuerAndSN),
 
172
          SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
 
173
          NSSCMSRecipientID_IssuerSN },
 
174
    { 0 }
 
175
};
 
176
 
 
177
/* -----------------------------------------------------------------------------
 
178
 * signerinfo
 
179
 */
 
180
 
 
181
const SEC_ASN1Template NSSCMSSignerInfoTemplate[] = {
 
182
    { SEC_ASN1_SEQUENCE,
 
183
          0, NULL, sizeof(NSSCMSSignerInfo) },
 
184
    { SEC_ASN1_INTEGER,
 
185
          offsetof(NSSCMSSignerInfo,version) },
 
186
    { SEC_ASN1_INLINE,
 
187
          offsetof(NSSCMSSignerInfo,signerIdentifier),
 
188
          NSSCMSSignerIdentifierTemplate },
 
189
    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 
190
          offsetof(NSSCMSSignerInfo,digestAlg),
 
191
          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
 
192
    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
 
193
          offsetof(NSSCMSSignerInfo,authAttr),
 
194
          nss_cms_set_of_attribute_template },
 
195
    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 
196
          offsetof(NSSCMSSignerInfo,digestEncAlg),
 
197
          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
 
198
    { SEC_ASN1_OCTET_STRING,
 
199
          offsetof(NSSCMSSignerInfo,encDigest) },
 
200
    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
 
201
          offsetof(NSSCMSSignerInfo,unAuthAttr),
 
202
          nss_cms_set_of_attribute_template },
 
203
    { 0 }
 
204
};
 
205
 
 
206
/* -----------------------------------------------------------------------------
 
207
 * ENVELOPED DATA
 
208
 */
 
209
 
 
210
static const SEC_ASN1Template NSSCMSOriginatorInfoTemplate[] = {
 
211
    { SEC_ASN1_SEQUENCE,
 
212
          0, NULL, sizeof(NSSCMSOriginatorInfo) },
 
213
    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
 
214
      SEC_ASN1_XTRN | 0,
 
215
          offsetof(NSSCMSOriginatorInfo,rawCerts),
 
216
          SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
 
217
    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
 
218
      SEC_ASN1_XTRN | 1,
 
219
          offsetof(NSSCMSOriginatorInfo,crls),
 
220
          SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
 
221
    { 0 }
 
222
};
 
223
 
 
224
const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
 
225
 
 
226
const SEC_ASN1Template NSSCMSEnvelopedDataTemplate[] = {
 
227
    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
 
228
          0, NULL, sizeof(NSSCMSEnvelopedData) },
 
229
    { SEC_ASN1_INTEGER,
 
230
          offsetof(NSSCMSEnvelopedData,version) },
 
231
    { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
 
232
          offsetof(NSSCMSEnvelopedData,originatorInfo),
 
233
          NSSCMSOriginatorInfoTemplate },
 
234
    { SEC_ASN1_SET_OF,
 
235
          offsetof(NSSCMSEnvelopedData,recipientInfos),
 
236
          NSSCMSRecipientInfoTemplate },
 
237
    { SEC_ASN1_INLINE,
 
238
          offsetof(NSSCMSEnvelopedData,contentInfo),
 
239
          NSSCMSEncryptedContentInfoTemplate },
 
240
    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
 
241
          offsetof(NSSCMSEnvelopedData,unprotectedAttr),
 
242
          nss_cms_set_of_attribute_template },
 
243
    { 0 }
 
244
};
 
245
 
 
246
const SEC_ASN1Template NSS_PointerToCMSEnvelopedDataTemplate[] = {
 
247
    { SEC_ASN1_POINTER, 0, NSSCMSEnvelopedDataTemplate }
 
248
};
 
249
 
 
250
/* here come the 15 gazillion templates for all the v3 varieties of RecipientInfo */
 
251
 
 
252
/* -----------------------------------------------------------------------------
 
253
 * key transport recipient info
 
254
 */
 
255
 
 
256
static const SEC_ASN1Template NSSCMSRecipientIdentifierTemplate[] = {
 
257
    { SEC_ASN1_CHOICE,
 
258
          offsetof(NSSCMSRecipientIdentifier,identifierType), NULL,
 
259
          sizeof(NSSCMSRecipientIdentifier) },
 
260
    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
 
261
      SEC_ASN1_XTRN | 0,
 
262
          offsetof(NSSCMSRecipientIdentifier,id.subjectKeyID),
 
263
          SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) ,
 
264
          NSSCMSRecipientID_SubjectKeyID },
 
265
    { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
 
266
          offsetof(NSSCMSRecipientIdentifier,id.issuerAndSN),
 
267
          SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
 
268
          NSSCMSRecipientID_IssuerSN },
 
269
    { 0 }
 
270
};
 
271
 
 
272
 
 
273
static const SEC_ASN1Template NSSCMSKeyTransRecipientInfoTemplate[] = {
 
274
    { SEC_ASN1_SEQUENCE,
 
275
          0, NULL, sizeof(NSSCMSKeyTransRecipientInfo) },
 
276
    { SEC_ASN1_INTEGER,
 
277
          offsetof(NSSCMSKeyTransRecipientInfo,version) },
 
278
    { SEC_ASN1_INLINE,
 
279
          offsetof(NSSCMSKeyTransRecipientInfo,recipientIdentifier),
 
280
          NSSCMSRecipientIdentifierTemplate },
 
281
    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 
282
          offsetof(NSSCMSKeyTransRecipientInfo,keyEncAlg),
 
283
          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
 
284
    { SEC_ASN1_OCTET_STRING,
 
285
          offsetof(NSSCMSKeyTransRecipientInfo,encKey) },
 
286
    { 0 }
 
287
};
 
288
 
 
289
/* -----------------------------------------------------------------------------
 
290
 * key agreement recipient info
 
291
 */
 
292
 
 
293
static const SEC_ASN1Template NSSCMSOriginatorPublicKeyTemplate[] = {
 
294
    { SEC_ASN1_SEQUENCE,
 
295
          0, NULL, sizeof(NSSCMSOriginatorPublicKey) },
 
296
    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 
297
          offsetof(NSSCMSOriginatorPublicKey,algorithmIdentifier),
 
298
          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
 
299
    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 
300
          offsetof(NSSCMSOriginatorPublicKey,publicKey),
 
301
          SEC_ASN1_SUB(SEC_BitStringTemplate) },
 
302
    { 0 }
 
303
};
 
304
 
 
305
 
 
306
static const SEC_ASN1Template NSSCMSOriginatorIdentifierOrKeyTemplate[] = {
 
307
    { SEC_ASN1_CHOICE,
 
308
          offsetof(NSSCMSOriginatorIdentifierOrKey,identifierType), NULL,
 
309
          sizeof(NSSCMSOriginatorIdentifierOrKey) },
 
310
    { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
 
311
          offsetof(NSSCMSOriginatorIdentifierOrKey,id.issuerAndSN),
 
312
          SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
 
313
          NSSCMSOriginatorIDOrKey_IssuerSN },
 
314
    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
 
315
      SEC_ASN1_XTRN | 1,
 
316
          offsetof(NSSCMSOriginatorIdentifierOrKey,id.subjectKeyID),
 
317
          SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) ,
 
318
          NSSCMSOriginatorIDOrKey_SubjectKeyID },
 
319
    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
 
320
          offsetof(NSSCMSOriginatorIdentifierOrKey,id.originatorPublicKey),
 
321
          NSSCMSOriginatorPublicKeyTemplate,
 
322
          NSSCMSOriginatorIDOrKey_OriginatorPublicKey },
 
323
    { 0 }
 
324
};
 
325
 
 
326
const SEC_ASN1Template NSSCMSRecipientKeyIdentifierTemplate[] = {
 
327
    { SEC_ASN1_SEQUENCE,
 
328
          0, NULL, sizeof(NSSCMSRecipientKeyIdentifier) },
 
329
    { SEC_ASN1_OCTET_STRING,
 
330
          offsetof(NSSCMSRecipientKeyIdentifier,subjectKeyIdentifier) },
 
331
    { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
 
332
          offsetof(NSSCMSRecipientKeyIdentifier,date) },
 
333
    { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
 
334
          offsetof(NSSCMSRecipientKeyIdentifier,other) },
 
335
    { 0 }
 
336
};
 
337
 
 
338
 
 
339
static const SEC_ASN1Template NSSCMSKeyAgreeRecipientIdentifierTemplate[] = {
 
340
    { SEC_ASN1_CHOICE,
 
341
          offsetof(NSSCMSKeyAgreeRecipientIdentifier,identifierType), NULL,
 
342
          sizeof(NSSCMSKeyAgreeRecipientIdentifier) },
 
343
    { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
 
344
          offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.issuerAndSN),
 
345
          SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
 
346
          NSSCMSKeyAgreeRecipientID_IssuerSN },
 
347
    { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
 
348
          offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.recipientKeyIdentifier),
 
349
          NSSCMSRecipientKeyIdentifierTemplate,
 
350
          NSSCMSKeyAgreeRecipientID_RKeyID },
 
351
    { 0 }
 
352
};
 
353
 
 
354
static const SEC_ASN1Template NSSCMSRecipientEncryptedKeyTemplate[] = {
 
355
    { SEC_ASN1_SEQUENCE,
 
356
          0, NULL, sizeof(NSSCMSRecipientEncryptedKey) },
 
357
    { SEC_ASN1_INLINE,
 
358
          offsetof(NSSCMSRecipientEncryptedKey,recipientIdentifier),
 
359
          NSSCMSKeyAgreeRecipientIdentifierTemplate },
 
360
    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 
361
          offsetof(NSSCMSRecipientEncryptedKey,encKey),
 
362
          SEC_ASN1_SUB(SEC_BitStringTemplate) },
 
363
    { 0 }
 
364
};
 
365
 
 
366
static const SEC_ASN1Template NSSCMSKeyAgreeRecipientInfoTemplate[] = {
 
367
    { SEC_ASN1_SEQUENCE,
 
368
          0, NULL, sizeof(NSSCMSKeyAgreeRecipientInfo) },
 
369
    { SEC_ASN1_INTEGER,
 
370
          offsetof(NSSCMSKeyAgreeRecipientInfo,version) },
 
371
    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
 
372
          offsetof(NSSCMSKeyAgreeRecipientInfo,originatorIdentifierOrKey),
 
373
          NSSCMSOriginatorIdentifierOrKeyTemplate },
 
374
    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
 
375
      SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
 
376
          offsetof(NSSCMSKeyAgreeRecipientInfo,ukm),
 
377
          SEC_ASN1_SUB(SEC_OctetStringTemplate) },
 
378
    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 
379
          offsetof(NSSCMSKeyAgreeRecipientInfo,keyEncAlg),
 
380
          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
 
381
    { SEC_ASN1_SEQUENCE_OF,
 
382
          offsetof(NSSCMSKeyAgreeRecipientInfo,recipientEncryptedKeys),
 
383
          NSSCMSRecipientEncryptedKeyTemplate },
 
384
    { 0 }
 
385
};
 
386
 
 
387
/* -----------------------------------------------------------------------------
 
388
 * KEK recipient info
 
389
 */
 
390
 
 
391
static const SEC_ASN1Template NSSCMSKEKIdentifierTemplate[] = {
 
392
    { SEC_ASN1_SEQUENCE,
 
393
          0, NULL, sizeof(NSSCMSKEKIdentifier) },
 
394
    { SEC_ASN1_OCTET_STRING,
 
395
          offsetof(NSSCMSKEKIdentifier,keyIdentifier) },
 
396
    { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
 
397
          offsetof(NSSCMSKEKIdentifier,date) },
 
398
    { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
 
399
          offsetof(NSSCMSKEKIdentifier,other) },
 
400
    { 0 }
 
401
};
 
402
 
 
403
static const SEC_ASN1Template NSSCMSKEKRecipientInfoTemplate[] = {
 
404
    { SEC_ASN1_SEQUENCE,
 
405
          0, NULL, sizeof(NSSCMSKEKRecipientInfo) },
 
406
    { SEC_ASN1_INTEGER,
 
407
          offsetof(NSSCMSKEKRecipientInfo,version) },
 
408
    { SEC_ASN1_INLINE,
 
409
          offsetof(NSSCMSKEKRecipientInfo,kekIdentifier),
 
410
          NSSCMSKEKIdentifierTemplate },
 
411
    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 
412
          offsetof(NSSCMSKEKRecipientInfo,keyEncAlg),
 
413
          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
 
414
    { SEC_ASN1_OCTET_STRING,
 
415
          offsetof(NSSCMSKEKRecipientInfo,encKey) },
 
416
    { 0 }
 
417
};
 
418
 
 
419
/* -----------------------------------------------------------------------------
 
420
 * recipient info
 
421
 */
 
422
const SEC_ASN1Template NSSCMSRecipientInfoTemplate[] = {
 
423
    { SEC_ASN1_CHOICE,
 
424
          offsetof(NSSCMSRecipientInfo,recipientInfoType), NULL,
 
425
          sizeof(NSSCMSRecipientInfo) },
 
426
    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
 
427
          offsetof(NSSCMSRecipientInfo,ri.keyAgreeRecipientInfo),
 
428
          NSSCMSKeyAgreeRecipientInfoTemplate,
 
429
          NSSCMSRecipientInfoID_KeyAgree },
 
430
    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
 
431
          offsetof(NSSCMSRecipientInfo,ri.kekRecipientInfo),
 
432
          NSSCMSKEKRecipientInfoTemplate,
 
433
          NSSCMSRecipientInfoID_KEK },
 
434
    { SEC_ASN1_INLINE,
 
435
          offsetof(NSSCMSRecipientInfo,ri.keyTransRecipientInfo),
 
436
          NSSCMSKeyTransRecipientInfoTemplate,
 
437
          NSSCMSRecipientInfoID_KeyTrans },
 
438
    { 0 }
 
439
};
 
440
 
 
441
/* -----------------------------------------------------------------------------
 
442
 *
 
443
 */
 
444
 
 
445
const SEC_ASN1Template NSSCMSDigestedDataTemplate[] = {
 
446
    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
 
447
          0, NULL, sizeof(NSSCMSDigestedData) },
 
448
    { SEC_ASN1_INTEGER,
 
449
          offsetof(NSSCMSDigestedData,version) },
 
450
    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
 
451
          offsetof(NSSCMSDigestedData,digestAlg),
 
452
          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
 
453
    { SEC_ASN1_INLINE,
 
454
          offsetof(NSSCMSDigestedData,contentInfo),
 
455
          NSSCMSEncapsulatedContentInfoTemplate },
 
456
    { SEC_ASN1_OCTET_STRING,
 
457
          offsetof(NSSCMSDigestedData,digest) },
 
458
    { 0 }
 
459
};
 
460
 
 
461
const SEC_ASN1Template NSS_PointerToCMSDigestedDataTemplate[] = {
 
462
    { SEC_ASN1_POINTER, 0, NSSCMSDigestedDataTemplate }
 
463
};
 
464
 
 
465
const SEC_ASN1Template NSSCMSEncryptedDataTemplate[] = {
 
466
    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
 
467
          0, NULL, sizeof(NSSCMSEncryptedData) },
 
468
    { SEC_ASN1_INTEGER,
 
469
          offsetof(NSSCMSEncryptedData,version) },
 
470
    { SEC_ASN1_INLINE,
 
471
          offsetof(NSSCMSEncryptedData,contentInfo),
 
472
          NSSCMSEncryptedContentInfoTemplate },
 
473
    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
 
474
          offsetof(NSSCMSEncryptedData,unprotectedAttr),
 
475
          nss_cms_set_of_attribute_template },
 
476
    { 0 }
 
477
};
 
478
 
 
479
const SEC_ASN1Template NSS_PointerToCMSEncryptedDataTemplate[] = {
 
480
    { SEC_ASN1_POINTER, 0, NSSCMSEncryptedDataTemplate }
 
481
};
 
482
 
 
483
/* -----------------------------------------------------------------------------
 
484
 * FORTEZZA KEA
 
485
 */
 
486
const SEC_ASN1Template NSS_SMIMEKEAParamTemplateSkipjack[] = {
 
487
        { SEC_ASN1_SEQUENCE,
 
488
          0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
 
489
        { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
 
490
          offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
 
491
        { SEC_ASN1_OCTET_STRING,
 
492
          offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
 
493
        { 0 }
 
494
};
 
495
 
 
496
const SEC_ASN1Template NSS_SMIMEKEAParamTemplateNoSkipjack[] = {
 
497
        { SEC_ASN1_SEQUENCE,
 
498
          0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
 
499
        { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
 
500
          offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
 
501
        { SEC_ASN1_OCTET_STRING,
 
502
          offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
 
503
        { SEC_ASN1_OCTET_STRING  | SEC_ASN1_OPTIONAL ,
 
504
          offsetof(NSSCMSSMIMEKEAParameters,nonSkipjackIV) },
 
505
        { 0 }
 
506
};
 
507
 
 
508
const SEC_ASN1Template NSS_SMIMEKEAParamTemplateAllParams[] = {
 
509
        { SEC_ASN1_SEQUENCE,
 
510
          0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
 
511
        { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
 
512
          offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
 
513
        { SEC_ASN1_OCTET_STRING,
 
514
          offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
 
515
        { SEC_ASN1_OCTET_STRING  | SEC_ASN1_OPTIONAL ,
 
516
          offsetof(NSSCMSSMIMEKEAParameters,nonSkipjackIV) },
 
517
        { SEC_ASN1_OCTET_STRING  | SEC_ASN1_OPTIONAL ,
 
518
          offsetof(NSSCMSSMIMEKEAParameters,bulkKeySize) },
 
519
        { 0 }
 
520
};
 
521
 
 
522
const SEC_ASN1Template *
 
523
nss_cms_get_kea_template(NSSCMSKEATemplateSelector whichTemplate)
 
524
{
 
525
        const SEC_ASN1Template *returnVal = NULL;
 
526
 
 
527
        switch(whichTemplate)
 
528
        {
 
529
        case NSSCMSKEAUsesNonSkipjack:
 
530
                returnVal = NSS_SMIMEKEAParamTemplateNoSkipjack;
 
531
                break;
 
532
        case NSSCMSKEAUsesSkipjack:
 
533
                returnVal = NSS_SMIMEKEAParamTemplateSkipjack;
 
534
                break;
 
535
        case NSSCMSKEAUsesNonSkipjackWithPaddedEncKey:
 
536
        default:
 
537
                returnVal = NSS_SMIMEKEAParamTemplateAllParams;
 
538
                break;
 
539
        }
 
540
        return returnVal;
 
541
}
 
542
 
 
543
/* -----------------------------------------------------------------------------
 
544
 *
 
545
 */
 
546
static const SEC_ASN1Template *
 
547
nss_cms_choose_content_template(void *src_or_dest, PRBool encoding)
 
548
{
 
549
    const SEC_ASN1Template *theTemplate;
 
550
    NSSCMSContentInfo *cinfo;
 
551
 
 
552
    PORT_Assert (src_or_dest != NULL);
 
553
    if (src_or_dest == NULL)
 
554
        return NULL;
 
555
 
 
556
    cinfo = (NSSCMSContentInfo *)src_or_dest;
 
557
    switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
 
558
    default:
 
559
        theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
 
560
        break;
 
561
    case SEC_OID_PKCS7_DATA:
 
562
        theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
 
563
        break;
 
564
    case SEC_OID_PKCS7_SIGNED_DATA:
 
565
        theTemplate = NSS_PointerToCMSSignedDataTemplate;
 
566
        break;
 
567
    case SEC_OID_PKCS7_ENVELOPED_DATA:
 
568
        theTemplate = NSS_PointerToCMSEnvelopedDataTemplate;
 
569
        break;
 
570
    case SEC_OID_PKCS7_DIGESTED_DATA:
 
571
        theTemplate = NSS_PointerToCMSDigestedDataTemplate;
 
572
        break;
 
573
    case SEC_OID_PKCS7_ENCRYPTED_DATA:
 
574
        theTemplate = NSS_PointerToCMSEncryptedDataTemplate;
 
575
        break;
 
576
    }
 
577
    return theTemplate;
 
578
}