Back to index

lightning-sunbird  0.9+nobinonly
cmsasn1.c
Go to the documentation of this file.
00001 /* ***** BEGIN LICENSE BLOCK *****
00002  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
00003  *
00004  * The contents of this file are subject to the Mozilla Public License Version
00005  * 1.1 (the "License"); you may not use this file except in compliance with
00006  * the License. You may obtain a copy of the License at
00007  * http://www.mozilla.org/MPL/
00008  *
00009  * Software distributed under the License is distributed on an "AS IS" basis,
00010  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
00011  * for the specific language governing rights and limitations under the
00012  * License.
00013  *
00014  * The Original Code is the Netscape security libraries.
00015  *
00016  * The Initial Developer of the Original Code is
00017  * Netscape Communications Corporation.
00018  * Portions created by the Initial Developer are Copyright (C) 1994-2000
00019  * the Initial Developer. All Rights Reserved.
00020  *
00021  * Contributor(s):
00022  *
00023  * Alternatively, the contents of this file may be used under the terms of
00024  * either the GNU General Public License Version 2 or later (the "GPL"), or
00025  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
00026  * in which case the provisions of the GPL or the LGPL are applicable instead
00027  * of those above. If you wish to allow use of your version of this file only
00028  * under the terms of either the GPL or the LGPL, and not to allow others to
00029  * use your version of this file under the terms of the MPL, indicate your
00030  * decision by deleting the provisions above and replace them with the notice
00031  * and other provisions required by the GPL or the LGPL. If you do not delete
00032  * the provisions above, a recipient may use your version of this file under
00033  * the terms of any one of the MPL, the GPL or the LGPL.
00034  *
00035  * ***** END LICENSE BLOCK ***** */
00036 
00037 /*
00038  * CMS ASN.1 templates
00039  *
00040  * $Id: cmsasn1.c,v 1.6 2004/04/25 15:03:15 gerv%gerv.net Exp $
00041  */
00042 
00043 #include "cmslocal.h"
00044 
00045 #include "cert.h"
00046 #include "key.h"
00047 #include "secasn1.h"
00048 #include "secitem.h"
00049 #include "secoid.h"
00050 #include "prtime.h"
00051 #include "secerr.h"
00052 
00053 
00054 extern const SEC_ASN1Template nss_cms_set_of_attribute_template[];
00055 
00056 SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
00057 SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
00058 SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
00059 SEC_ASN1_MKSUB(SEC_BitStringTemplate)
00060 SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
00061 SEC_ASN1_MKSUB(SEC_PointerToOctetStringTemplate)
00062 SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
00063 
00064 /* -----------------------------------------------------------------------------
00065  * MESSAGE
00066  * (uses NSSCMSContentInfo)
00067  */
00068 
00069 /* forward declaration */
00070 static const SEC_ASN1Template *
00071 nss_cms_choose_content_template(void *src_or_dest, PRBool encoding);
00072 
00073 static const SEC_ASN1TemplateChooserPtr nss_cms_chooser
00074        = nss_cms_choose_content_template;
00075 
00076 const SEC_ASN1Template NSSCMSMessageTemplate[] = {
00077     { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
00078          0, NULL, sizeof(NSSCMSMessage) },
00079     { SEC_ASN1_OBJECT_ID,
00080          offsetof(NSSCMSMessage,contentInfo.contentType) },
00081     { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
00082      | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
00083          offsetof(NSSCMSMessage,contentInfo.content),
00084          &nss_cms_chooser },
00085     { 0 }
00086 };
00087 
00088 static const SEC_ASN1Template NSS_PointerToCMSMessageTemplate[] = {
00089     { SEC_ASN1_POINTER, 0, NSSCMSMessageTemplate }
00090 };
00091 
00092 /* -----------------------------------------------------------------------------
00093  * ENCAPSULATED & ENCRYPTED CONTENTINFO
00094  * (both use a NSSCMSContentInfo)
00095  */
00096 static const SEC_ASN1Template NSSCMSEncapsulatedContentInfoTemplate[] = {
00097     { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
00098          0, NULL, sizeof(NSSCMSContentInfo) },
00099     { SEC_ASN1_OBJECT_ID,
00100          offsetof(NSSCMSContentInfo,contentType) },
00101     { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_MAY_STREAM |
00102        SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
00103          offsetof(NSSCMSContentInfo,rawContent),
00104          SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) },
00105     { 0 }
00106 };
00107 
00108 static const SEC_ASN1Template NSSCMSEncryptedContentInfoTemplate[] = {
00109     { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
00110          0, NULL, sizeof(NSSCMSContentInfo) },
00111     { SEC_ASN1_OBJECT_ID,
00112          offsetof(NSSCMSContentInfo,contentType) },
00113     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
00114          offsetof(NSSCMSContentInfo,contentEncAlg),
00115          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
00116     { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM | 
00117       SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
00118          offsetof(NSSCMSContentInfo,rawContent),
00119          SEC_ASN1_SUB(SEC_OctetStringTemplate) },
00120     { 0 }
00121 };
00122 
00123 /* -----------------------------------------------------------------------------
00124  * SIGNED DATA
00125  */
00126 
00127 const SEC_ASN1Template NSSCMSSignerInfoTemplate[];
00128 
00129 const SEC_ASN1Template NSSCMSSignedDataTemplate[] = {
00130     { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
00131          0, NULL, sizeof(NSSCMSSignedData) },
00132     { SEC_ASN1_INTEGER,
00133          offsetof(NSSCMSSignedData,version) },
00134     { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
00135          offsetof(NSSCMSSignedData,digestAlgorithms),
00136          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
00137     { SEC_ASN1_INLINE,
00138          offsetof(NSSCMSSignedData,contentInfo),
00139          NSSCMSEncapsulatedContentInfoTemplate },
00140     { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
00141       SEC_ASN1_XTRN | 0,
00142          offsetof(NSSCMSSignedData,rawCerts),
00143          SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
00144     { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
00145       SEC_ASN1_XTRN | 1,
00146          offsetof(NSSCMSSignedData,crls),
00147          SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
00148     { SEC_ASN1_SET_OF,
00149          offsetof(NSSCMSSignedData,signerInfos),
00150          NSSCMSSignerInfoTemplate },
00151     { 0 }
00152 };
00153 
00154 const SEC_ASN1Template NSS_PointerToCMSSignedDataTemplate[] = {
00155     { SEC_ASN1_POINTER, 0, NSSCMSSignedDataTemplate }
00156 };
00157 
00158 /* -----------------------------------------------------------------------------
00159  * signeridentifier
00160  */
00161 
00162 static const SEC_ASN1Template NSSCMSSignerIdentifierTemplate[] = {
00163     { SEC_ASN1_CHOICE,
00164          offsetof(NSSCMSSignerIdentifier,identifierType), NULL,
00165          sizeof(NSSCMSSignerIdentifier) },
00166     { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
00167          offsetof(NSSCMSSignerIdentifier,id.subjectKeyID),
00168          SEC_ASN1_SUB(SEC_OctetStringTemplate) ,
00169          NSSCMSRecipientID_SubjectKeyID },
00170     { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
00171          offsetof(NSSCMSSignerIdentifier,id.issuerAndSN),
00172          SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
00173          NSSCMSRecipientID_IssuerSN },
00174     { 0 }
00175 };
00176 
00177 /* -----------------------------------------------------------------------------
00178  * signerinfo
00179  */
00180 
00181 const SEC_ASN1Template NSSCMSSignerInfoTemplate[] = {
00182     { SEC_ASN1_SEQUENCE,
00183          0, NULL, sizeof(NSSCMSSignerInfo) },
00184     { SEC_ASN1_INTEGER,
00185          offsetof(NSSCMSSignerInfo,version) },
00186     { SEC_ASN1_INLINE,
00187          offsetof(NSSCMSSignerInfo,signerIdentifier),
00188          NSSCMSSignerIdentifierTemplate },
00189     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
00190          offsetof(NSSCMSSignerInfo,digestAlg),
00191          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
00192     { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
00193          offsetof(NSSCMSSignerInfo,authAttr),
00194          nss_cms_set_of_attribute_template },
00195     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
00196          offsetof(NSSCMSSignerInfo,digestEncAlg),
00197          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
00198     { SEC_ASN1_OCTET_STRING,
00199          offsetof(NSSCMSSignerInfo,encDigest) },
00200     { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
00201          offsetof(NSSCMSSignerInfo,unAuthAttr),
00202          nss_cms_set_of_attribute_template },
00203     { 0 }
00204 };
00205 
00206 /* -----------------------------------------------------------------------------
00207  * ENVELOPED DATA
00208  */
00209 
00210 static const SEC_ASN1Template NSSCMSOriginatorInfoTemplate[] = {
00211     { SEC_ASN1_SEQUENCE,
00212          0, NULL, sizeof(NSSCMSOriginatorInfo) },
00213     { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
00214       SEC_ASN1_XTRN | 0,
00215          offsetof(NSSCMSOriginatorInfo,rawCerts),
00216          SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
00217     { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
00218       SEC_ASN1_XTRN | 1,
00219          offsetof(NSSCMSOriginatorInfo,crls),
00220          SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
00221     { 0 }
00222 };
00223 
00224 const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
00225 
00226 const SEC_ASN1Template NSSCMSEnvelopedDataTemplate[] = {
00227     { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
00228          0, NULL, sizeof(NSSCMSEnvelopedData) },
00229     { SEC_ASN1_INTEGER,
00230          offsetof(NSSCMSEnvelopedData,version) },
00231     { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
00232          offsetof(NSSCMSEnvelopedData,originatorInfo),
00233          NSSCMSOriginatorInfoTemplate },
00234     { SEC_ASN1_SET_OF,
00235          offsetof(NSSCMSEnvelopedData,recipientInfos),
00236          NSSCMSRecipientInfoTemplate },
00237     { SEC_ASN1_INLINE,
00238          offsetof(NSSCMSEnvelopedData,contentInfo),
00239          NSSCMSEncryptedContentInfoTemplate },
00240     { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
00241          offsetof(NSSCMSEnvelopedData,unprotectedAttr),
00242          nss_cms_set_of_attribute_template },
00243     { 0 }
00244 };
00245 
00246 const SEC_ASN1Template NSS_PointerToCMSEnvelopedDataTemplate[] = {
00247     { SEC_ASN1_POINTER, 0, NSSCMSEnvelopedDataTemplate }
00248 };
00249 
00250 /* here come the 15 gazillion templates for all the v3 varieties of RecipientInfo */
00251 
00252 /* -----------------------------------------------------------------------------
00253  * key transport recipient info
00254  */
00255 
00256 static const SEC_ASN1Template NSSCMSRecipientIdentifierTemplate[] = {
00257     { SEC_ASN1_CHOICE,
00258          offsetof(NSSCMSRecipientIdentifier,identifierType), NULL,
00259          sizeof(NSSCMSRecipientIdentifier) },
00260     { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
00261       SEC_ASN1_XTRN | 0,
00262          offsetof(NSSCMSRecipientIdentifier,id.subjectKeyID),
00263          SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) ,
00264          NSSCMSRecipientID_SubjectKeyID },
00265     { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
00266          offsetof(NSSCMSRecipientIdentifier,id.issuerAndSN),
00267          SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
00268          NSSCMSRecipientID_IssuerSN },
00269     { 0 }
00270 };
00271 
00272 
00273 static const SEC_ASN1Template NSSCMSKeyTransRecipientInfoTemplate[] = {
00274     { SEC_ASN1_SEQUENCE,
00275          0, NULL, sizeof(NSSCMSKeyTransRecipientInfo) },
00276     { SEC_ASN1_INTEGER,
00277          offsetof(NSSCMSKeyTransRecipientInfo,version) },
00278     { SEC_ASN1_INLINE,
00279          offsetof(NSSCMSKeyTransRecipientInfo,recipientIdentifier),
00280          NSSCMSRecipientIdentifierTemplate },
00281     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
00282          offsetof(NSSCMSKeyTransRecipientInfo,keyEncAlg),
00283          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
00284     { SEC_ASN1_OCTET_STRING,
00285          offsetof(NSSCMSKeyTransRecipientInfo,encKey) },
00286     { 0 }
00287 };
00288 
00289 /* -----------------------------------------------------------------------------
00290  * key agreement recipient info
00291  */
00292 
00293 static const SEC_ASN1Template NSSCMSOriginatorPublicKeyTemplate[] = {
00294     { SEC_ASN1_SEQUENCE,
00295          0, NULL, sizeof(NSSCMSOriginatorPublicKey) },
00296     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
00297          offsetof(NSSCMSOriginatorPublicKey,algorithmIdentifier),
00298          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
00299     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
00300          offsetof(NSSCMSOriginatorPublicKey,publicKey),
00301          SEC_ASN1_SUB(SEC_BitStringTemplate) },
00302     { 0 }
00303 };
00304 
00305 
00306 static const SEC_ASN1Template NSSCMSOriginatorIdentifierOrKeyTemplate[] = {
00307     { SEC_ASN1_CHOICE,
00308          offsetof(NSSCMSOriginatorIdentifierOrKey,identifierType), NULL,
00309          sizeof(NSSCMSOriginatorIdentifierOrKey) },
00310     { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
00311          offsetof(NSSCMSOriginatorIdentifierOrKey,id.issuerAndSN),
00312          SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
00313          NSSCMSOriginatorIDOrKey_IssuerSN },
00314     { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
00315       SEC_ASN1_XTRN | 1,
00316          offsetof(NSSCMSOriginatorIdentifierOrKey,id.subjectKeyID),
00317          SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) ,
00318          NSSCMSOriginatorIDOrKey_SubjectKeyID },
00319     { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
00320          offsetof(NSSCMSOriginatorIdentifierOrKey,id.originatorPublicKey),
00321          NSSCMSOriginatorPublicKeyTemplate,
00322          NSSCMSOriginatorIDOrKey_OriginatorPublicKey },
00323     { 0 }
00324 };
00325 
00326 const SEC_ASN1Template NSSCMSRecipientKeyIdentifierTemplate[] = {
00327     { SEC_ASN1_SEQUENCE,
00328          0, NULL, sizeof(NSSCMSRecipientKeyIdentifier) },
00329     { SEC_ASN1_OCTET_STRING,
00330          offsetof(NSSCMSRecipientKeyIdentifier,subjectKeyIdentifier) },
00331     { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
00332          offsetof(NSSCMSRecipientKeyIdentifier,date) },
00333     { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
00334          offsetof(NSSCMSRecipientKeyIdentifier,other) },
00335     { 0 }
00336 };
00337 
00338 
00339 static const SEC_ASN1Template NSSCMSKeyAgreeRecipientIdentifierTemplate[] = {
00340     { SEC_ASN1_CHOICE,
00341          offsetof(NSSCMSKeyAgreeRecipientIdentifier,identifierType), NULL,
00342          sizeof(NSSCMSKeyAgreeRecipientIdentifier) },
00343     { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
00344          offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.issuerAndSN),
00345          SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
00346          NSSCMSKeyAgreeRecipientID_IssuerSN },
00347     { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
00348          offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.recipientKeyIdentifier),
00349          NSSCMSRecipientKeyIdentifierTemplate,
00350          NSSCMSKeyAgreeRecipientID_RKeyID },
00351     { 0 }
00352 };
00353 
00354 static const SEC_ASN1Template NSSCMSRecipientEncryptedKeyTemplate[] = {
00355     { SEC_ASN1_SEQUENCE,
00356          0, NULL, sizeof(NSSCMSRecipientEncryptedKey) },
00357     { SEC_ASN1_INLINE,
00358          offsetof(NSSCMSRecipientEncryptedKey,recipientIdentifier),
00359          NSSCMSKeyAgreeRecipientIdentifierTemplate },
00360     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
00361          offsetof(NSSCMSRecipientEncryptedKey,encKey),
00362          SEC_ASN1_SUB(SEC_BitStringTemplate) },
00363     { 0 }
00364 };
00365 
00366 static const SEC_ASN1Template NSSCMSKeyAgreeRecipientInfoTemplate[] = {
00367     { SEC_ASN1_SEQUENCE,
00368          0, NULL, sizeof(NSSCMSKeyAgreeRecipientInfo) },
00369     { SEC_ASN1_INTEGER,
00370          offsetof(NSSCMSKeyAgreeRecipientInfo,version) },
00371     { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
00372          offsetof(NSSCMSKeyAgreeRecipientInfo,originatorIdentifierOrKey),
00373          NSSCMSOriginatorIdentifierOrKeyTemplate },
00374     { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
00375       SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
00376          offsetof(NSSCMSKeyAgreeRecipientInfo,ukm),
00377          SEC_ASN1_SUB(SEC_OctetStringTemplate) },
00378     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
00379          offsetof(NSSCMSKeyAgreeRecipientInfo,keyEncAlg),
00380          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
00381     { SEC_ASN1_SEQUENCE_OF,
00382          offsetof(NSSCMSKeyAgreeRecipientInfo,recipientEncryptedKeys),
00383          NSSCMSRecipientEncryptedKeyTemplate },
00384     { 0 }
00385 };
00386 
00387 /* -----------------------------------------------------------------------------
00388  * KEK recipient info
00389  */
00390 
00391 static const SEC_ASN1Template NSSCMSKEKIdentifierTemplate[] = {
00392     { SEC_ASN1_SEQUENCE,
00393          0, NULL, sizeof(NSSCMSKEKIdentifier) },
00394     { SEC_ASN1_OCTET_STRING,
00395          offsetof(NSSCMSKEKIdentifier,keyIdentifier) },
00396     { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
00397          offsetof(NSSCMSKEKIdentifier,date) },
00398     { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
00399          offsetof(NSSCMSKEKIdentifier,other) },
00400     { 0 }
00401 };
00402 
00403 static const SEC_ASN1Template NSSCMSKEKRecipientInfoTemplate[] = {
00404     { SEC_ASN1_SEQUENCE,
00405          0, NULL, sizeof(NSSCMSKEKRecipientInfo) },
00406     { SEC_ASN1_INTEGER,
00407          offsetof(NSSCMSKEKRecipientInfo,version) },
00408     { SEC_ASN1_INLINE,
00409          offsetof(NSSCMSKEKRecipientInfo,kekIdentifier),
00410          NSSCMSKEKIdentifierTemplate },
00411     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
00412          offsetof(NSSCMSKEKRecipientInfo,keyEncAlg),
00413          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
00414     { SEC_ASN1_OCTET_STRING,
00415          offsetof(NSSCMSKEKRecipientInfo,encKey) },
00416     { 0 }
00417 };
00418 
00419 /* -----------------------------------------------------------------------------
00420  * recipient info
00421  */
00422 const SEC_ASN1Template NSSCMSRecipientInfoTemplate[] = {
00423     { SEC_ASN1_CHOICE,
00424          offsetof(NSSCMSRecipientInfo,recipientInfoType), NULL,
00425          sizeof(NSSCMSRecipientInfo) },
00426     { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
00427          offsetof(NSSCMSRecipientInfo,ri.keyAgreeRecipientInfo),
00428          NSSCMSKeyAgreeRecipientInfoTemplate,
00429          NSSCMSRecipientInfoID_KeyAgree },
00430     { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
00431          offsetof(NSSCMSRecipientInfo,ri.kekRecipientInfo),
00432          NSSCMSKEKRecipientInfoTemplate,
00433          NSSCMSRecipientInfoID_KEK },
00434     { SEC_ASN1_INLINE,
00435          offsetof(NSSCMSRecipientInfo,ri.keyTransRecipientInfo),
00436          NSSCMSKeyTransRecipientInfoTemplate,
00437          NSSCMSRecipientInfoID_KeyTrans },
00438     { 0 }
00439 };
00440 
00441 /* -----------------------------------------------------------------------------
00442  *
00443  */
00444 
00445 const SEC_ASN1Template NSSCMSDigestedDataTemplate[] = {
00446     { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
00447          0, NULL, sizeof(NSSCMSDigestedData) },
00448     { SEC_ASN1_INTEGER,
00449          offsetof(NSSCMSDigestedData,version) },
00450     { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
00451          offsetof(NSSCMSDigestedData,digestAlg),
00452          SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
00453     { SEC_ASN1_INLINE,
00454          offsetof(NSSCMSDigestedData,contentInfo),
00455          NSSCMSEncapsulatedContentInfoTemplate },
00456     { SEC_ASN1_OCTET_STRING,
00457          offsetof(NSSCMSDigestedData,digest) },
00458     { 0 }
00459 };
00460 
00461 const SEC_ASN1Template NSS_PointerToCMSDigestedDataTemplate[] = {
00462     { SEC_ASN1_POINTER, 0, NSSCMSDigestedDataTemplate }
00463 };
00464 
00465 const SEC_ASN1Template NSSCMSEncryptedDataTemplate[] = {
00466     { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
00467          0, NULL, sizeof(NSSCMSEncryptedData) },
00468     { SEC_ASN1_INTEGER,
00469          offsetof(NSSCMSEncryptedData,version) },
00470     { SEC_ASN1_INLINE,
00471          offsetof(NSSCMSEncryptedData,contentInfo),
00472          NSSCMSEncryptedContentInfoTemplate },
00473     { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
00474          offsetof(NSSCMSEncryptedData,unprotectedAttr),
00475          nss_cms_set_of_attribute_template },
00476     { 0 }
00477 };
00478 
00479 const SEC_ASN1Template NSS_PointerToCMSEncryptedDataTemplate[] = {
00480     { SEC_ASN1_POINTER, 0, NSSCMSEncryptedDataTemplate }
00481 };
00482 
00483 /* -----------------------------------------------------------------------------
00484  * FORTEZZA KEA
00485  */
00486 const SEC_ASN1Template NSS_SMIMEKEAParamTemplateSkipjack[] = {
00487        { SEC_ASN1_SEQUENCE,
00488          0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
00489        { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
00490          offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
00491        { SEC_ASN1_OCTET_STRING,
00492          offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
00493        { 0 }
00494 };
00495 
00496 const SEC_ASN1Template NSS_SMIMEKEAParamTemplateNoSkipjack[] = {
00497        { SEC_ASN1_SEQUENCE,
00498          0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
00499        { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
00500          offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
00501        { SEC_ASN1_OCTET_STRING,
00502          offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
00503        { SEC_ASN1_OCTET_STRING  | SEC_ASN1_OPTIONAL ,
00504          offsetof(NSSCMSSMIMEKEAParameters,nonSkipjackIV) },
00505        { 0 }
00506 };
00507 
00508 const SEC_ASN1Template NSS_SMIMEKEAParamTemplateAllParams[] = {
00509        { SEC_ASN1_SEQUENCE,
00510          0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
00511        { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
00512          offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
00513        { SEC_ASN1_OCTET_STRING,
00514          offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
00515        { SEC_ASN1_OCTET_STRING  | SEC_ASN1_OPTIONAL ,
00516          offsetof(NSSCMSSMIMEKEAParameters,nonSkipjackIV) },
00517        { SEC_ASN1_OCTET_STRING  | SEC_ASN1_OPTIONAL ,
00518          offsetof(NSSCMSSMIMEKEAParameters,bulkKeySize) },
00519        { 0 }
00520 };
00521 
00522 const SEC_ASN1Template *
00523 nss_cms_get_kea_template(NSSCMSKEATemplateSelector whichTemplate)
00524 {
00525        const SEC_ASN1Template *returnVal = NULL;
00526 
00527        switch(whichTemplate)
00528        {
00529        case NSSCMSKEAUsesNonSkipjack:
00530               returnVal = NSS_SMIMEKEAParamTemplateNoSkipjack;
00531               break;
00532        case NSSCMSKEAUsesSkipjack:
00533               returnVal = NSS_SMIMEKEAParamTemplateSkipjack;
00534               break;
00535        case NSSCMSKEAUsesNonSkipjackWithPaddedEncKey:
00536        default:
00537               returnVal = NSS_SMIMEKEAParamTemplateAllParams;
00538               break;
00539        }
00540        return returnVal;
00541 }
00542 
00543 /* -----------------------------------------------------------------------------
00544  *
00545  */
00546 static const SEC_ASN1Template *
00547 nss_cms_choose_content_template(void *src_or_dest, PRBool encoding)
00548 {
00549     const SEC_ASN1Template *theTemplate;
00550     NSSCMSContentInfo *cinfo;
00551 
00552     PORT_Assert (src_or_dest != NULL);
00553     if (src_or_dest == NULL)
00554        return NULL;
00555 
00556     cinfo = (NSSCMSContentInfo *)src_or_dest;
00557     switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
00558     default:
00559        theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
00560        break;
00561     case SEC_OID_PKCS7_DATA:
00562        theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
00563        break;
00564     case SEC_OID_PKCS7_SIGNED_DATA:
00565        theTemplate = NSS_PointerToCMSSignedDataTemplate;
00566        break;
00567     case SEC_OID_PKCS7_ENVELOPED_DATA:
00568        theTemplate = NSS_PointerToCMSEnvelopedDataTemplate;
00569        break;
00570     case SEC_OID_PKCS7_DIGESTED_DATA:
00571        theTemplate = NSS_PointerToCMSDigestedDataTemplate;
00572        break;
00573     case SEC_OID_PKCS7_ENCRYPTED_DATA:
00574        theTemplate = NSS_PointerToCMSEncryptedDataTemplate;
00575        break;
00576     }
00577     return theTemplate;
00578 }