1/* 2 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 * 23 * SecNetscapeTemplates.h - Structs and templates for DER encoding and 24 * decoding of Netscape-style certificate requests 25 * and certificate sequences. 26 */ 27 28#ifndef _SEC_IMPORT_EXPORT_NETSCAPE_TEMPLATES_H_ 29#define _SEC_IMPORT_EXPORT_NETSCAPE_TEMPLATES_H_ 30 31#include <Security/secasn1t.h> 32#include <Security/cssmtype.h> 33#include <Security/X509Templates.h> 34#include <Security/keyTemplates.h> 35 36#ifdef __cplusplus 37extern "C" { 38#endif 39 40/* 41 * Netscape Certifiate Sequence is defined by Netscape as a PKCS7 42 * ContentInfo with a contentType of netscape-cert-sequence and a content 43 * consisting of a sequence of certificates. 44 * 45 * For simplicity - i.e., to avoid the general purpose ContentInfo 46 * polymorphism - we'll just hard-code this particular type right here. 47 * 48 * Inside the ContentInfo is an array of standard X509 certificates. 49 * We don't need to parse the certs themselves so they remain as 50 * opaque data blobs. 51 */ 52typedef struct { 53 CSSM_OID contentType; // netscape-cert-sequence 54 CSSM_DATA **certs; 55} NetscapeCertSequence; 56 57extern const SecAsn1Template NetscapeCertSequenceTemplate[]; 58 59/* 60 * Public key/challenge, to send to CA. 61 * 62 * PublicKeyAndChallenge ::= SEQUENCE { 63 * 64 * spki SubjectPublicKeyInfo, 65 * challenge IA5STRING 66 * } 67 * 68 * SignedPublicKeyAndChallenge ::= SEQUENCE { 69 * publicKeyAndChallenge PublicKeyAndChallenge, 70 * signatureAlgorithm AlgorithmIdentifier, 71 * signature BIT STRING 72 * } 73 */ 74typedef struct { 75 CSSM_X509_SUBJECT_PUBLIC_KEY_INFO spki; 76 CSSM_DATA challenge; // ASCII 77} PublicKeyAndChallenge; 78 79typedef struct { 80 PublicKeyAndChallenge pubKeyAndChallenge; 81 CSSM_X509_ALGORITHM_IDENTIFIER algId; 82 CSSM_DATA signature; // length in BITS 83} SignedPublicKeyAndChallenge; 84 85extern const SecAsn1Template PublicKeyAndChallengeTemplate[]; 86extern const SecAsn1Template SignedPublicKeyAndChallengeTemplate[]; 87 88#ifdef __cplusplus 89} 90#endif 91 92#endif /* _SEC_IMPORT_EXPORT_NETSCAPE_TEMPLATES_H_ */ 93 94