diff --git a/include/KEP.hrl b/include/KEP.hrl index d1e4595..0ef634c 100644 --- a/include/KEP.hrl +++ b/include/KEP.hrl @@ -1,4 +1,4 @@ -%% Generated by the Erlang ASN.1 compiler. Version: 5.2.1 +%% Generated by the Erlang ASN.1 compiler. Version: 5.2.2 %% Purpose: Erlang record definitions for each named and unnamed %% SEQUENCE and SET, and macro definitions for each value %% definition in module KEP. diff --git a/lib/encryption/cms.ex b/lib/encryption/cms.ex index 432ca4a..564b1dd 100644 --- a/lib/encryption/cms.ex +++ b/lib/encryption/cms.ex @@ -151,10 +151,37 @@ defmodule CA.CMS do parseSignData(bin) end + def parseSignerInfo(si) do + {:SignerInfo, :v1, {_,{_,issuer,_}}, {_,keyAlg,_}, signedAttrs, {_,signatureAlg,_}, sign, attrs} = si + signedAttributes = :lists.map(fn {:Attribute,code,[{:asn1_OPENTYPE,b}],_} -> + CA.CRT.oid(code, b) + end, signedAttrs) + attributes = :lists.map(fn {:Attribute,code,[{:asn1_OPENTYPE,b}],_} -> + CA.CRT.oid(code, b) + end, attrs) + [ + resourceType: :SignerInfo, + issuer: CA.CRT.rdn(issuer), + keyAlg: :erlang.element(1,CA.ALG.lookup(keyAlg)), + signatureAlg: :erlang.element(1,CA.ALG.lookup(signatureAlg)), + signedAttrs: signedAttributes, + attrs: attributes, + ] + end + + def parseSignerInfos(sis) do :lists.map(fn si -> CA.CMS.parseSignerInfo(si) end, sis) end + def parseSignData(bin) do {_, {:ContentInfo, oid, ci}} = :KEP.decode(:ContentInfo, bin) - {:ok, {:SignedData, a, alg, x, c, x1, si}} = :KEP.decode(:SignedData, ci) - {:SignedData, a, alg, x, parseSignDataCert({alg,oid,x,c,x1,si}), x1, si} + {:ok, {:SignedData, ver, alg, x, c, x1, sis}} = :KEP.decode(:SignedData, ci) + {:EncapsulatedContentInfo, contentOid, data} = x + [ + resourceType: :SignedData, + version: ver, + cert: parseSignDataCert({alg,oid,x,c,x1,sis}), + signerInfo: parseSignerInfos(sis), + signedContent: data, + ] end def parseSignDataCert({_,_,_,:asn1_NOVALUE,_,_}), do: [] diff --git a/lib/oid/alg.ex b/lib/oid/alg.ex index 44f8bcb..7d3cef3 100644 --- a/lib/oid/alg.ex +++ b/lib/oid/alg.ex @@ -1,33 +1,35 @@ defmodule CA.ALG do @moduledoc "CA algorithms definitions." - def oid(x) do {_,v} = :lists.keyfind(x, 1, algorithms()) ; v end + def oid(x) do case :lists.keyfind(x, 2, algorithms()) do {v,_} -> v ; false -> x end end def lookup(oid), do: :lists.keyfind(oid, 2, algorithms()) def algorithms() do [ - {:iitStoreOID, {1,3,6,1,4,1,19398,1,1,1,2}}, - {:dstu4145Curve, {1,3,6,1,4,1,19398,1,1,2,2}}, - {:dstu4145Key, {1,3,6,1,4,1,19398,1,1,2,3}}, - {"iit", {1,3,6,1,4,1,19398,1,1,4,1}}, - {:pbes1, {1,3,6,1,4,1,42,2,19,1}}, - {:keyProtector, {1,3,6,1,4,1,42,2,17,1,1}}, - {:'id-PasswordBasedMac', {1,2,840,113533,7,66,13}}, - {:'id-DHBasedMac', {1,2,840,113533,7,66,30}}, - {:'id-gost28147-ofb', {1,2,804,2,1,1,1,1,1,1,2}}, - {:'id-gost28147-cfb', {1,2,804,2,1,1,1,1,1,1,3}}, - {:'id-gost28147-wrap', {1,2,804,2,1,1,1,1,1,1,5}}, - {:'id-Dstu7624cfb-x256', {1,2,804,2,1,1,1,1,1,3,3,2}}, - {:'id-Dstu7624ofb-x256', {1,2,804,2,1,1,1,1,1,3,6,2}}, - {:'dstu4145WithGost34311-pb', {1,2,804,2,1,1,1,1,3,1,1}}, - {:'dstu4145WithGost34311onb', {1,2,804,2,1,1,1,1,3,1,2}}, - {:'gost34310WithGost34311', {1,2,804,2,1,1,1,1,3,2}}, - {:'dh-ua', {1,2,804,2,1,1,1,1,3,3}}, + {:iitStoreOID, {1,3,6,1,4,1,19398,1,1,1,2}}, + {:dstu4145Curve, {1,3,6,1,4,1,19398,1,1,2,2}}, + {:dstu4145Key, {1,3,6,1,4,1,19398,1,1,2,3}}, + {"iit", {1,3,6,1,4,1,19398,1,1,4,1}}, + {:pbes1, {1,3,6,1,4,1,42,2,19,1}}, + {:keyProtector, {1,3,6,1,4,1,42,2,17,1,1}}, + {:'id-PasswordBasedMac', {1,2,840,113533,7,66,13}}, + {:'id-DHBasedMac', {1,2,840,113533,7,66,30}}, + {:'id-gost28147-ofb', {1,2,804,2,1,1,1,1,1,1,2}}, + {:'id-gost28147-cfb', {1,2,804,2,1,1,1,1,1,1,3}}, + {:'id-gost28147-wrap', {1,2,804,2,1,1,1,1,1,1,5}}, + {:'id-Dstu7624cfb-x256', {1,2,804,2,1,1,1,1,1,3,3,2}}, + {:'id-Dstu7624ofb-x256', {1,2,804,2,1,1,1,1,1,3,6,2}}, + {:gost34311, {1,2,804,2,1,1,1,1,2,1}}, + {:dstu7564, {1,2,804,2,1,1,1,1,2,2}}, + {:'dstu4145WithGost34311-pb', {1,2,804,2,1,1,1,1,3,1,1}}, + {:'dstu4145WithGost34311onb', {1,2,804,2,1,1,1,1,3,1,2}}, + {:'gost34310WithGost34311', {1,2,804,2,1,1,1,1,3,2}}, + {:'dh-ua', {1,2,804,2,1,1,1,1,3,3}}, {:'dhSinglePass-cofactorDH-gost34311kdf', {1,2,804,2,1,1,1,1,3,4}}, {:'dhSinglePass-stdDH-gost34311kdf', {1,2,804,2,1,1,1,1,3,5}}, - {:dstu4145WithDstu7564, {1,2,804,2,1,1,1,1,3,6}}, - {:"dstu4145WithDstu7564-256", {1,2,804,2,1,1,1,1,3,6,1}}, - {:"dstu4145WithDstu7564-384", {1,2,804,2,1,1,1,1,3,6,2}}, - {:"dstu4145WithDstu7564-512", {1,2,804,2,1,1,1,1,3,6,3}}, + {:dstu4145WithDstu7564, {1,2,804,2,1,1,1,1,3,6}}, + {:"dstu4145WithDstu7564-256", {1,2,804,2,1,1,1,1,3,6,1}}, + {:"dstu4145WithDstu7564-384", {1,2,804,2,1,1,1,1,3,6,2}}, + {:"dstu4145WithDstu7564-512", {1,2,804,2,1,1,1,1,3,6,3}}, {:'id-ecPublicKey', {1,2,840,10045,2,1}}, {:secp192r1, {1,2,840,10045,3,1,1}}, diff --git a/lib/oid/at.ex b/lib/oid/at.ex index 29cbe87..4172ffc 100644 --- a/lib/oid/at.ex +++ b/lib/oid/at.ex @@ -1,22 +1,44 @@ defmodule CA.AT do @moduledoc "CA CSR Attributes OIDs." - def oid(:"id-at-rsaEncryption"), do: {1, 2, 840, 113549, 1, 1, 1} - def oid(:"id-at-sha1WithRSAEncryption"), do: {1, 2, 840, 113549, 1, 1, 5} - def oid(:"id-at-sha512-256WithRSAEncryption"), do: {1, 2, 840, 113549, 1, 1, 16} - def oid(:"id-at-dhKeyAgreement"), do: {1, 2, 840, 113549, 1, 3, 1} - def oid(:"id-at-emailAddress"), do: {1, 2, 840, 113549, 1, 9, 1} - def oid(:"id-at-unstructuredName"), do: {1, 2, 840, 113549, 1, 9, 2} - def oid(:"id-at-contentType"), do: {1, 2, 840, 113549, 1, 9, 3} - def oid(:"id-at-messageDigest"), do: {1, 2, 840, 113549, 1, 9, 4} - def oid(:"id-at-signingTime"), do: {1, 2, 840, 113549, 1, 9, 5} - def oid(:"id-at-counterSignature"), do: {1, 2, 840, 113549, 1, 9, 6} - def oid(:"id-at-challengePassword"), do: {1, 2, 840, 113549, 1, 9, 7} - def oid(:"id-at-unstructuredAddress"), do: {1, 2, 840, 113549, 1, 9, 8} - def oid(:"id-at-extendedCertificateAttributes"), do: {1, 2, 840, 113549, 1, 9, 9} - def oid(:"id-at-issuerAndSerialNumber"), do: {1, 2, 840, 113549, 1, 9, 10} - def oid(:"id-at-passwordCheck"), do: {1, 2, 840, 113549, 1, 9, 11} - def oid(:"id-at-publicKey"), do: {1, 2, 840, 113549, 1, 9, 12} - def oid(:"id-at-signingDescription"), do: {1, 2, 840, 113549, 1, 9, 13} - def oid(:"id-at-extensionRequest"), do: {1, 2, 840, 113549, 1, 9, 14} - def oid(:"id-at-smimeCapabilities"), do: {1, 2, 840, 113549, 1, 9, 15} + def oid(x) do + case :lists.keyfind(x, 2, algorithms()) do + {val,_} -> val + false -> CA.ALG.oid(x) + end + end + def algorithms() do + [ + {:"id-at-rsaEncryption", {1, 2, 840, 113549, 1, 1, 1}}, + {:"id-at-sha1WithRSAEncryption", {1, 2, 840, 113549, 1, 1, 5}}, + {:"id-at-sha512-256WithRSAEncryption", {1, 2, 840, 113549, 1, 1, 16}}, + {:"id-at-dhKeyAgreement", {1, 2, 840, 113549, 1, 3, 1}}, + {:"id-at-emailAddress", {1, 2, 840, 113549, 1, 9, 1}}, + {:"id-at-unstructuredName", {1, 2, 840, 113549, 1, 9, 2}}, + {:"id-at-contentType", {1, 2, 840, 113549, 1, 9, 3}}, + {:"id-at-messageDigest", {1, 2, 840, 113549, 1, 9, 4}}, + {:"id-at-signingTime", {1, 2, 840, 113549, 1, 9, 5}}, + {:"id-at-counterSignature", {1, 2, 840, 113549, 1, 9, 6}}, + {:"id-at-challengePassword", {1, 2, 840, 113549, 1, 9, 7}}, + {:"id-at-unstructuredAddress", {1, 2, 840, 113549, 1, 9, 8}}, + {:"id-at-extendedCertificateAttributes", {1, 2, 840, 113549, 1, 9, 9}}, + {:"id-at-issuerAndSerialNumber", {1, 2, 840, 113549, 1, 9, 10}}, + {:"id-at-passwordCheck", {1, 2, 840, 113549, 1, 9, 11}}, + {:"id-at-publicKey", {1, 2, 840, 113549, 1, 9, 12}}, + {:"id-at-signingDescription", {1, 2, 840, 113549, 1, 9, 13}}, + {:"id-at-extensionRequest", {1, 2, 840, 113549, 1, 9, 14}}, + {:"id-at-smimeCapabilities", {1, 2, 840, 113549, 1, 9, 15}}, + {:"id-at-smime", {1, 2, 840, 113549, 1, 9, 16}}, + {:"id-aa", {1, 2, 840, 113549, 1, 9, 16, 2}}, + {:"id-aa-timeStampToken", {1, 2, 840, 113549, 1, 9, 16, 2, 14}}, + {:"id-aa-ets-signerAttr", {1, 2, 840, 113549, 1, 9, 16, 2, 18}}, + {:"id-aa-ets-otherSigCert", {1, 2, 840, 113549, 1, 9, 16, 2, 19}}, + {:"id-aa-20", {1, 2, 840, 113549, 1, 9, 16, 2, 20}}, + {:"id-aa-ets-CertificateRefs", {1, 2, 840, 113549, 1, 9, 16, 2, 21}}, + {:"id-aa-ets-revocationRefs", {1, 2, 840, 113549, 1, 9, 16, 2, 22}}, + {:"id-aa-ets-certValues", {1, 2, 840, 113549, 1, 9, 16, 2, 23}}, + {:"id-aa-ets-revocationValues", {1, 2, 840, 113549, 1, 9, 16, 2, 24}}, + {:"id-aa-signingCertificateV2", {1, 2, 840, 113549, 1, 9, 16, 2, 47}}, + {:"id-at-pgpKeyID", {1, 2, 840, 113549, 1, 9, 17}}, + ] + end end \ No newline at end of file diff --git a/lib/services/crt.ex b/lib/services/crt.ex index ac07de8..a728201 100644 --- a/lib/services/crt.ex +++ b/lib/services/crt.ex @@ -73,16 +73,44 @@ defmodule CA.CRT do def oid({1,2,840,113549,1,9,3},v), do: {:contentType, hd(mapOidsDecode([v]))} def oid({1,2,840,113549,1,9,4},v), do: {:messageDigest, :base64.encode(:erlang.element(2,:KEP.decode(:MessageDigest, v)))} def oid({1,2,840,113549,1,9,5},v), do: {:signingTime, :erlang.element(2,:erlang.element(1,:asn1rt_nif.decode_ber_tlv(v)))} - def oid({1,2,840,113549,1,9,16,2,47},v) do - {:SigningCertificateV2,[{:ESSCertIDv2, _, _, {_,_,serial}}],_} = :erlang.element(2,:KEP.decode(:SigningCertificateV2, v)) - {:signingCertificateV2, serial} - end - def oid({1,2,840,113549,1,9,16,2,20},v) do - {:ContentInfo, oid, value} = :erlang.element(2,:KEP.decode(:ContentInfo,v)) + + def oid({1, 2, 840, 113549, 1, 9, 16, 2}, v) do {:"id-aa", v} end + def oid({1, 2, 840, 113549, 1, 9, 16, 2, 14}, v) do {:"id-aa-timeStampToken", v} + {:ok, {:ContentInfo, oid, value}} = :KEP.decode(:ContentInfo,v) + {:ok, {:SignedData, _, _alg, {_,_,x}, _c, _x1, _si}} = :KEP.decode(:SignedData, value) + {:ok, {:TSTInfo, _vsn, _oid, {:MessageImprint, _, x}, serial, ts, _,_,_,_}} = :KEP.decode(:TSTInfo, x) + {:timeStampToken, {hd(mapOids([oid])), serial, :erlang.iolist_to_binary(ts), :base64.encode(x)}} + end + def oid({1, 2, 840, 113549, 1, 9, 16, 2, 18}, v) do {:"id-aa-ets-signerAttr", v} end + def oid({1, 2, 840, 113549, 1, 9, 16, 2, 19}, v) do {:"id-aa-ets-otherSigCert", v} end + def oid({1, 2, 840, 113549, 1, 9, 16, 2, 20}, v) do + {:ok, {:ContentInfo, oid, value}} = :KEP.decode(:ContentInfo,v) {:ok, {:SignedData, _, _alg, {_,_,x}, _c, _x1, _si}} = :KEP.decode(:SignedData, value) {:ok, {:TSTInfo, _vsn, _oid, {:MessageImprint, _, x}, serial, ts, _,_,_,_}} = :KEP.decode(:TSTInfo, x) {:contentTimestamp, {hd(mapOids([oid])), serial, :erlang.iolist_to_binary(ts), :base64.encode(x)}} end + def oid({1, 2, 840, 113549, 1, 9, 16, 2, 21}, v) do + {:ok, x} = :KEP.decode(:CertificateList, v) + {:"id-aa-ets-CertificateRefs", v} + end + def oid({1, 2, 840, 113549, 1, 9, 16, 2, 22}, v) do +# {:ok, x} = :KEP.decode(:CrlOcspRef, v) + {:"id-aa-ets-revocationRefs", v} + end + def oid({1, 2, 840, 113549, 1, 9, 16, 2, 23}, v) do +# {:ok, x} = :KEP.decode(:CertificateList, v) + {:"id-aa-ets-certValues", v} + end + def oid({1, 2, 840, 113549, 1, 9, 16, 2, 24}, v) do +# {:ok, x} = :KEP.decode(:CertificateList, v) + {:"id-aa-ets-revocationValues", v} + end + + def oid({1, 2, 840, 113549, 1, 9, 16, 2, 47}, v) do + {:ok, {:SigningCertificateV2,[{:ESSCertIDv2, _, _, {_,_,serial}}],_}} = :KEP.decode(:SigningCertificateV2, v) + {:"id-aa-signingCertificateV2", serial} + end + def oid(x,v) when is_binary(x), do: {:oid.decode(x),pair(v,[])} def oid(x,v), do: {x,v} @@ -91,17 +119,30 @@ defmodule CA.CRT do def flat(code,k,acc) when is_list(k), do: [:lists.map(fn x -> flat(code,x,acc) end, k)|acc] def flat(_code,k,acc) when is_binary(k), do: [k|acc] - def rdn({2, 5, 4, 3}), do: "cn" - def rdn({2, 5, 4, 4}), do: "surname" - def rdn({2, 5, 4, 5}), do: "sn" - def rdn({2, 5, 4, 6}), do: "c" - def rdn({2, 5, 4, 7}), do: "l" - def rdn({2, 5, 4, 10}), do: "o" - def rdn({2, 5, 4, 11}), do: "ou" - def rdn({2, 5, 4, 12}), do: "t" + def rdn({2, 5, 4, 3}), do: "cn" # commonName + def rdn({2, 5, 4, 4}), do: "sn" # sureName + def rdn({2, 5, 4, 5}), do: "serialNumber" + def rdn({2, 5, 4, 6}), do: "c" # country + def rdn({2, 5, 4, 7}), do: "l" # localityName + def rdn({0,9,2342,19200300,100,1,25}), do: "dc" + def rdn({2, 5, 4, 10}), do: "o" # organization + def rdn({2, 5, 4, 11}), do: "ou" # organizationalUnit + def rdn({2, 5, 4, 12}), do: "title" + def rdn({2, 5, 4, 13}), do: "description" + def rdn({2, 5, 4, 14}), do: "device" + def rdn({2, 5, 4, 15}), do: "businessCategory" def rdn({2, 5, 4, 42}), do: "givenName" + def rdn({2, 5, 4, 97}), do: "organizationIdentifier" + def rdn({2, 5, 6, 3}), do: "locality" + def rdn({2, 5, 6, 4}), do: "organization" + def rdn({2, 5, 6, 5}), do: "organizationalUnit" + def rdn({2, 5, 6, 6}), do: "person" + def rdn({2, 5, 6, 7}), do: "organizationalPerson" + def rdn({2, 5, 6, 8}), do: "organizationalRole" + def rdn({2, 5, 6, 9}), do: "groupOfNames" def rdn({:rdnSequence, list}) do - Enum.join :lists.map(fn {_,oid,{_,list}} -> "#{rdn(oid)}=#{list}" + Enum.join :lists.map(fn [{_,oid,{_,list}}] -> "#{rdn(oid)}=#{list}" + {_,oid,{_,list}} -> "#{rdn(oid)}=#{list}" {_,oid,list} -> "#{rdn(oid)}=#{list}" end, list), "/" end @@ -125,8 +166,8 @@ defmodule CA.CRT do extensions = :lists.map(fn {:Extension,code,_x,b} -> oid(code, :lists.flatten(flat(code,:asn1rt_nif.decode_ber_tlv(b),[]))) end, exts) - :io.format '~p', [oid] - [ version: ver, + [ resourceType: :Certificate, + version: ver, signatureAlgorithm: :erlang.element(1,CA.ALG.lookup(alg)), subject: rdn(unsubj(issuee)), issuer: rdn(unsubj(issuer)), diff --git a/priv/csr/KEP.asn1 b/priv/csr/KEP.asn1 index f96b250..c446731 100644 --- a/priv/csr/KEP.asn1 +++ b/priv/csr/KEP.asn1 @@ -17,7 +17,7 @@ BEGIN IMPORTS Attribute, Name FROM InformationFramework {joint-iso-itu-t ds(5) module(1) informationFramework(1) 3} - AlgorithmIdentifier, AttributeCertificate, Certificate, CertificateList, + AlgorithmIdentifier, AttributeCertificate, Certificate, CertificateSerialNumber, HASH{}, SIGNED{}, Extensions, Version FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1) authenticationFramework(7) 3} PolicyInformation, CRLReason @@ -59,7 +59,6 @@ OcspIdentifier ::= SEQUENCE { producedAt GeneralizedTime } - CMSVersion ::= INTEGER {v0(0), v1(1), v2(2), v3(3), v4(4), v5(5)} gost34311 OBJECT IDENTIFIER ::= {iso(1) member-body(2) ua(804) @@ -84,6 +83,7 @@ SubjectKeyIdentifier ::= KeyIdentifier RevocationInfoChoices ::= SET OF CertificateList SignerInfos ::= SET OF SignerInfo CertificateSet ::= SET OF Certificate +CertificateList ::= SET OF Certificate SignedData ::= SEQUENCE { version CMSVersion, digestAlgorithms DigestAlgorithmIdentifiers, diff --git a/src/KEP.erl b/src/KEP.erl index 02c5280..4087979 100644 --- a/src/KEP.erl +++ b/src/KEP.erl @@ -1,4 +1,4 @@ -%% Generated by the Erlang ASN.1 BER compiler. Version: 5.2.1 +%% Generated by the Erlang ASN.1 BER compiler. Version: 5.2.2 %% Purpose: Encoding and decoding of the types in KEP. -module('KEP'). @@ -6,13 +6,13 @@ -dialyzer(no_improper_lists). -dialyzer(no_match). -include_lib("ca/include/KEP.hrl"). --asn1_info([{vsn,'5.2.1'}, +-asn1_info([{vsn,'5.2.2'}, {module,'KEP'}, {options,[warnings,ber,errors, - {cwd,"/Users/maxim/depot/synrc/ca/priv/kep"}, - {outdir,"/Users/maxim/depot/synrc/ca/priv/kep"}, + {cwd,"/Users/5ht/depot/arvo-computer/ca/priv/csr"}, + {outdir,"/Users/5ht/depot/arvo-computer/ca/priv/csr"}, {i,"."}, - {i,"/Users/maxim/depot/synrc/ca/priv/kep"}]}]). + {i,"/Users/5ht/depot/arvo-computer/ca/priv/csr"}]}]). -export([encoding_rule/0,maps/0,bit_string_format/0, legacy_erlang_types/0]). @@ -37,6 +37,7 @@ enc_SubjectKeyIdentifier/2, enc_RevocationInfoChoices/2, enc_SignerInfos/2, enc_CertificateSet/2, +enc_CertificateList/2, enc_SignedData/2, enc_EncapsulatedContentInfo/2, enc_SignerInfo/2, @@ -110,6 +111,7 @@ dec_SubjectKeyIdentifier/2, dec_RevocationInfoChoices/2, dec_SignerInfos/2, dec_CertificateSet/2, +dec_CertificateList/2, dec_SignedData/2, dec_EncapsulatedContentInfo/2, dec_SignerInfo/2, @@ -246,6 +248,7 @@ encode_disp('SubjectKeyIdentifier', Data) -> enc_SubjectKeyIdentifier(Data); encode_disp('RevocationInfoChoices', Data) -> enc_RevocationInfoChoices(Data); encode_disp('SignerInfos', Data) -> enc_SignerInfos(Data); encode_disp('CertificateSet', Data) -> enc_CertificateSet(Data); +encode_disp('CertificateList', Data) -> enc_CertificateList(Data); encode_disp('SignedData', Data) -> enc_SignedData(Data); encode_disp('EncapsulatedContentInfo', Data) -> enc_EncapsulatedContentInfo(Data); encode_disp('SignerInfo', Data) -> enc_SignerInfo(Data); @@ -318,6 +321,7 @@ decode_disp('SubjectKeyIdentifier', Data) -> dec_SubjectKeyIdentifier(Data); decode_disp('RevocationInfoChoices', Data) -> dec_RevocationInfoChoices(Data); decode_disp('SignerInfos', Data) -> dec_SignerInfos(Data); decode_disp('CertificateSet', Data) -> dec_CertificateSet(Data); +decode_disp('CertificateList', Data) -> dec_CertificateList(Data); decode_disp('SignedData', Data) -> dec_SignedData(Data); decode_disp('EncapsulatedContentInfo', Data) -> dec_EncapsulatedContentInfo(Data); decode_disp('SignerInfo', Data) -> dec_SignerInfo(Data); @@ -1038,7 +1042,7 @@ enc_RevocationInfoChoices(Val, TagIn) -> {lists:reverse(AccBytes),AccLen}; 'enc_RevocationInfoChoices_components'([H|T],AccBytes, AccLen) -> - {EncBytes,EncLen} = 'AuthenticationFramework':'enc_CertificateList'(H, [<<48>>]), + {EncBytes,EncLen} = 'enc_CertificateList'(H, [<<49>>]), 'enc_RevocationInfoChoices_components'(T,[EncBytes|AccBytes], AccLen + EncLen). @@ -1051,7 +1055,7 @@ dec_RevocationInfoChoices(Tlv, TagIn) -> %% decode tag and length %%------------------------------------------------- Tlv1 = match_tags(Tlv, TagIn), -['AuthenticationFramework':'dec_CertificateList'(V1, [16]) || V1 <- Tlv1]. +['dec_CertificateList'(V1, [17]) || V1 <- Tlv1]. @@ -1120,6 +1124,38 @@ Tlv1 = match_tags(Tlv, TagIn), +%%================================ +%% CertificateList +%%================================ +enc_CertificateList(Val) -> + enc_CertificateList(Val, [<<49>>]). + +enc_CertificateList(Val, TagIn) -> + {EncBytes,EncLen} = 'enc_CertificateList_components'(Val,[],0), + encode_tags(TagIn, EncBytes, EncLen). + +'enc_CertificateList_components'([], AccBytes, AccLen) -> + {lists:reverse(AccBytes),AccLen}; + +'enc_CertificateList_components'([H|T],AccBytes, AccLen) -> + {EncBytes,EncLen} = 'AuthenticationFramework':'enc_Certificate'(H, [<<48>>]), + 'enc_CertificateList_components'(T,[EncBytes|AccBytes], AccLen + EncLen). + + + +dec_CertificateList(Tlv) -> + dec_CertificateList(Tlv, [17]). + +dec_CertificateList(Tlv, TagIn) -> + %%------------------------------------------------- + %% decode tag and length + %%------------------------------------------------- +Tlv1 = match_tags(Tlv, TagIn), +['AuthenticationFramework':'dec_Certificate'(V1, [16]) || V1 <- Tlv1]. + + + + %%================================ %% SignedData %%================================ @@ -3216,7 +3252,7 @@ enc_RevocationValues_crlVals(Val, TagIn) -> {lists:reverse(AccBytes),AccLen}; 'enc_RevocationValues_crlVals_components'([H|T],AccBytes, AccLen) -> - {EncBytes,EncLen} = 'AuthenticationFramework':'enc_CertificateList'(H, [<<48>>]), + {EncBytes,EncLen} = 'enc_CertificateList'(H, [<<49>>]), 'enc_RevocationValues_crlVals_components'(T,[EncBytes|AccBytes], AccLen + EncLen). @@ -3287,7 +3323,7 @@ Res1. %% decode tag and length %%------------------------------------------------- Tlv1 = match_tags(Tlv, TagIn), -['AuthenticationFramework':'dec_CertificateList'(V1, [16]) || V1 <- Tlv1]. +['dec_CertificateList'(V1, [17]) || V1 <- Tlv1]. 'dec_RevocationValues_ocspVals'(Tlv, TagIn) ->