asn1: Make CSRs nicely printable

For now we just add new types that can auto-decode through open types in CSRs, but we leave the originals as they were to avoid having to update lib/hx509/req.c for now.
2021-03-01 15:27:45 -06:00
parent a712d4157a
commit 7ada3d5d48
1 changed files with 43 additions and 3 deletions
--- a/lib/asn1/pkcs10.asn1
+++ b/lib/asn1/pkcs10.asn1
@@ -4,11 +4,14 @@ PKCS10 DEFINITIONS ::=
 BEGIN

 IMPORTS
-	Name, SubjectPublicKeyInfo, Attribute, AlgorithmIdentifier
-	FROM rfc2459;
+	Name, SubjectPublicKeyInfo, AlgorithmIdentifier, Attribute, Extensions
+	FROM rfc2459
+        HEIM_ANY FROM heim;
+
+PKCS10-Version ::= INTEGER { pkcs10-v1(0) }

 CertificationRequestInfo ::= SEQUENCE {
-    version       INTEGER { pkcs10-v1(0) },
+    version       PKCS10-Version,
    subject       Name,
    subjectPKInfo SubjectPublicKeyInfo,
    attributes    [0] IMPLICIT SET OF Attribute OPTIONAL 
@@ -20,5 +23,42 @@ CertificationRequest ::= SEQUENCE {
    signature                BIT STRING
 }

+IOSCertificationRequestInfo ::= SEQUENCE {
+    version       PKCS10-Version,
+    subject       Name,
+    subjectPKInfo SubjectPublicKeyInfo,
+    attributes    [0] IMPLICIT SET OF CRIAttributeSet OPTIONAL 
+}
+
+IOSCertificationRequest ::= SEQUENCE {
+    certificationRequestInfo CertificationRequestInfo,
+    signatureAlgorithm	     AlgorithmIdentifier,
+    signature                BIT STRING
+}
+
+-- Copied from rfc2459.asn1 because we can't IMPORT classes and parameterized
+-- types yet.
+_ATTRIBUTE ::= CLASS {
+    &id             OBJECT IDENTIFIER UNIQUE,
+    &Type           OPTIONAL,
+    &minCount       INTEGER DEFAULT 1,
+    &maxCount       INTEGER OPTIONAL
+}
+
+id-pkcs9-extReq-copy OBJECT IDENTIFIER ::= {
+ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 14
+}
+
+-- Workaround compiler limitation:
+CRIExtensions ::= Extensions
+
+at-extReq _ATTRIBUTE ::= { &Type CRIExtensions, &id id-pkcs9-extReq-copy }
+CRIAttributes _ATTRIBUTE ::= { at-extReq }
+CRIAttributeSet{_ATTRIBUTE:AttrSet} ::= SEQUENCE {
+    type      _ATTRIBUTE.&id({AttrSet}),
+    values    SET --SIZE (1..MAX)-- OF _ATTRIBUTE.&Type({AttrSet}{@type})
+}
+CRIAttributeSet ::= CRIAttributeSet{CRIAttributes}
+
 END