1/*
2 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 *
23 * SecNetscapeTemplates.h - Structs and templates for DER encoding and
24 *						 decoding of Netscape-style certificate requests
25 *						 and certificate sequences.
26 */
27
28#ifndef	_SEC_IMPORT_EXPORT_NETSCAPE_TEMPLATES_H_
29#define _SEC_IMPORT_EXPORT_NETSCAPE_TEMPLATES_H_
30
31#include <Security/secasn1t.h>
32#include <Security/cssmtype.h>
33#include <Security/X509Templates.h>
34#include <Security/keyTemplates.h>
35
36#ifdef __cplusplus
37extern "C" {
38#endif
39
40/*
41 * Netscape Certifiate Sequence is defined by Netscape as a PKCS7
42 * ContentInfo with a contentType of netscape-cert-sequence and a content
43 * consisting of a sequence of certificates.
44 *
45 * For simplicity - i.e., to avoid the general purpose ContentInfo
46 * polymorphism - we'll just hard-code this particular type right here.
47 *
48 * Inside the ContentInfo is an array of standard X509 certificates.
49 * We don't need to parse the certs themselves so they remain as
50 * opaque data blobs.
51 */
52typedef struct {
53	CSSM_OID		contentType;		// netscape-cert-sequence
54	CSSM_DATA		**certs;
55} NetscapeCertSequence;
56
57extern const SecAsn1Template NetscapeCertSequenceTemplate[];
58
59/*
60 * Public key/challenge, to send to CA.
61 *
62 * PublicKeyAndChallenge ::= SEQUENCE {
63 *
64 *   	spki SubjectPublicKeyInfo,
65 *   	challenge IA5STRING
66 * }
67 *
68 * SignedPublicKeyAndChallenge ::= SEQUENCE {
69 * 		publicKeyAndChallenge PublicKeyAndChallenge,
70 *		signatureAlgorithm AlgorithmIdentifier,
71 *		signature BIT STRING
72 * }
73 */
74typedef struct {
75	CSSM_X509_SUBJECT_PUBLIC_KEY_INFO	spki;
76	CSSM_DATA							challenge;	// ASCII
77} PublicKeyAndChallenge;
78
79typedef struct {
80	PublicKeyAndChallenge				pubKeyAndChallenge;
81	CSSM_X509_ALGORITHM_IDENTIFIER		algId;
82	CSSM_DATA							signature; // length in BITS
83} SignedPublicKeyAndChallenge;
84
85extern const SecAsn1Template PublicKeyAndChallengeTemplate[];
86extern const SecAsn1Template SignedPublicKeyAndChallengeTemplate[];
87
88#ifdef __cplusplus
89}
90#endif
91
92#endif	/* _SEC_IMPORT_EXPORT_NETSCAPE_TEMPLATES_H_ */
93
94