/*
- * WebNewKeyGeneration.cpp
+ * WebNewKeyGeneration.c
* WebKit
*
* Created by Chris Blumenberg on Mon Aug 23 2004.
#ifdef USE_NEW_KEY_GENERATION
+#import <Security/asn1Templates.h>
+#import <Security/SecAsn1Coder.h>
+#import <Security/secasn1t.h>
+#import <Security/Security.h>
+
+/*
+ * Netscape Certifiate Sequence is defined by Netscape as a PKCS7
+ * ContentInfo with a contentType of netscape-cert-sequence and a content
+ * consisting of a sequence of certificates.
+ *
+ * For simplicity - i.e., to avoid the general purpose ContentInfo
+ * polymorphism - we'll just hard-code this particular type right here.
+ *
+ * Inside the ContentInfo is an array of standard X509 certificates.
+ * We don't need to parse the certs themselves so they remain as
+ * opaque data blobs.
+ */
+typedef struct {
+ CSSM_OID contentType; // netscape-cert-sequence
+ CSSM_DATA **certs;
+} NetscapeCertSequence;
+
+extern const SecAsn1Template NetscapeCertSequenceTemplate[];
+
+/*
+ * Public key/challenge, to send to CA.
+ *
+ * PublicKeyAndChallenge ::= SEQUENCE {
+ *
+ * ???\200? spki SubjectPublicKeyInfo,
+ * challenge IA5STRING
+ * }
+ *
+ * SignedPublicKeyAndChallenge ::= SEQUENCE {
+ * publicKeyAndChallenge PublicKeyAndChallenge,
+ * signatureAlgorithm AlgorithmIdentifier,
+ * signature BIT STRING
+ * }
+ */
+typedef struct {
+ CSSM_X509_SUBJECT_PUBLIC_KEY_INFO spki;
+ CSSM_DATA challenge; // ASCII
+} PublicKeyAndChallenge;
+
+typedef struct {
+ PublicKeyAndChallenge pubKeyAndChallenge;
+ CSSM_X509_ALGORITHM_IDENTIFIER algId;
+ CSSM_DATA signature; // length in BITS
+} SignedPublicKeyAndChallenge;
+
+extern const SecAsn1Template PublicKeyAndChallengeTemplate[];
+extern const SecAsn1Template SignedPublicKeyAndChallengeTemplate[];
+
+
#import <WebKit/WebAssertions.h>
#import <Security/keyTemplates.h>
git://git.webkit.org / WebKit-https.git / blobdiff