⟦a6ced6f37⟧

TextFile

-- af-enc.py - manually-augmented AuthenticationFramework module

-- $Header: /f/osi/dsap/x500as/RCS/af-enc.py,v 7.0 89/11/23 21:50:03 mrose Rel $
--
--
-- $Log:	af-enc.py,v $
-- Revision 7.0  89/11/23  21:50:03  mrose
-- Release 6.0
-- 

--
--				  NOTICE
--
--    Acquisition, use, and distribution of this module and related
--    materials are subject to the restrictions of a license agreement.
--    Consult the Preface in the User's Manual for the full terms of
--    this agreement.
--
--


AF
	{
	joint-iso-ccitt
	ds(5)
	modules(1)
	authenticationFramework(7)
	}

DEFINITIONS ::=

%{
#include <stdio.h>
#include "quipu/util.h"
#include "quipu/name.h"
#include "quipu/bind.h"

#define encode_UNIV_UTCTime build_UNIV_UTCTime

extern  LLog    * log_dsap;
%}

PREFIXES encode decode print

BEGIN

-- EXPORTS
-- 	AlgorithmIdentifier ,
-- 	Certificate ,
-- 	Certificates ,
-- 	CertificationPath;

IMPORTS
	Name
		FROM IF
			{
			joint-iso-ccitt
			ds(5)
			modules(1)
			informationFramework(1)
			};

ENCODER encode

Version [[P int *]]
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode Version (AF)"));
        %}
	INTEGER [[i *parm]]
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode Version (AF)"));
        %}

CertificateSerialNumber [[P int *]]
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode CertificateSerialNumber (AF)"));
        %}
	INTEGER [[i *parm]]
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode CertificateSerialNumber (AF)"));
        %}

Validity [[P struct validity *]]
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode Validity (AF)"));
        %}
	SEQUENCE
	{
	notBefore
		UTCTime [[s parm->not_before]],
	notAfter
		UTCTime [[s parm->not_after]]
	}
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode Validity (AF)"));
        %}

AlgorithmIdentifier [[P struct alg_id *]]
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode AlgorithmIdentifier (AF)"));
	if (parm->p_type == ALG_PARM_ABSENT)
		parm->asn = NULLPE;
	else if (parm->asn == NULLPE)
		if (parm -> p_type = ALG_PARM_NUMERIC)
			parm->asn = int2prim(parm->un.numeric);

        %}
	SEQUENCE
	{
	algorithm
		OBJECT IDENTIFIER [[O parm->algorithm]],
	parameters
		ANY [[a parm->asn]]
		    OPTIONAL <<parm->asn>>
	}
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode AlgorithmIdentifier (AF)"));
        %}

SubjectPublicKeyInfo [[P struct key_info *]]
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode SubjectPublicKeyInfo (AF)"));
        %}
	SEQUENCE
	{
	algorithm
		AlgorithmIdentifier [[p &(parm->alg)]],
	subjectPublicKey
		BIT STRING [[x parm->value $ parm->n_bits]]
	}
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode SubjectPublicKeyInfo (AF)"));
        %}

CertificateToSign [[P struct certificate *]]
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode CertificateToSign (AF)"));
        %}
	SEQUENCE
	{
	version
		[0] Version [[p &(parm->version)]]
		    -- DEFAULT v1988 ,
		    OPTIONAL <<parm -> version>>,
	serialNumber
		CertificateSerialNumber [[p &(parm->serial)]] ,
	signature
		AlgorithmIdentifier [[p &(parm -> alg)]],
	issuer
		Name [[p parm->issuer]] ,
	validity
		Validity [[p &(parm->valid)]],
	subject
		Name [[p parm->subject]] ,
	subjectPublicKeyInfo
		SubjectPublicKeyInfo [[p &(parm -> key)]]
	}
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode CertificateToSign (AF)"));
        %}

Certificate [[P struct certificate *]]
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode Certificate (AF)"));
        %}
	SEQUENCE
	{
		CertificateToSign [[p parm]],
		AlgorithmIdentifier [[p &(parm->sig.alg)]],
		BIT STRING [[x parm->sig.encrypted $ parm->sig.n_bits]]
	}
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode Certificate (AF)"));
        %}

CrossCertificates [[P struct certificate_list *]]
%{
struct certificate_list *tmp;
%}
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode CrossCertificates (AF)"));
        %}
	SET OF
	<<tmp=parm;tmp;tmp=tmp->next>>
		Certificate [[p tmp->cert]]
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode CrossCertificates (AF)"));
        %}

ForwardCertificationPath [[P struct certificate_list *]]
%{
struct certificate_list *tmp;
%}
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode ForwardCertificationPath (AF)"));
        %}
	SEQUENCE OF
	<<tmp=parm;tmp;tmp=tmp->superior>>
		CrossCertificates [[p tmp]]
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode ForwardCertificationPath (AF)"));
        %}

Certificates [[P struct certificate_list *]]
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode Certificates (AF)"));
        %}
	SEQUENCE
	{
	certificate 
		Certificate [[p parm->cert]],
	certificationPath
		ForwardCertificationPath [[p parm->superior]]
		    OPTIONAL <<parm->superior>>
	}
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode Certificates (AF)"));
        %}

CertificatePair [[P struct certificate_list *]]
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode CertificatePair (AF)"));
        %}
	SEQUENCE
	{
	forward
		[0] Certificate [[p parm->cert]]
		    OPTIONAL <<parm->cert>>,
	reverse
		[1] Certificate [[p parm->reverse]]
		    OPTIONAL <<parm->reverse>>
	}
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode CertificatePair (AF)"));
        %}

CertificationPath [[P struct certificate_list *]]
%{
struct certificate_list *tmp;
%}
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Abou to encode CertificationPath (AF)"));
        %}
	SEQUENCE
	{
	userCertificate
		Certificate [[p parm->cert]],
	theCACertificates
		SEQUENCE OF
		<<tmp = parm->superior; tmp; tmp = tmp->superior>>
			CertificatePair [[p tmp]]
		    OPTIONAL <<parm->superior>>
	}
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode CertificationPath (AF)"));
        %}

RevokedCertificateToSign [[P struct revoked_certificate *]]
	::=
	%{
	DLOG(log_dsap, LLOG_TRACE, ("About to encode RevokedCertificateToSign (AF)"));
	%}
	SEQUENCE
	{
	signature
		AlgorithmIdentifier [[p &(parm->alg)]],
	issuer
		Name [[p parm->subject]] ,
	subject
		CertificateSerialNumber [[p &(parm->serial)]],
	revokationDate
		UTCTime [[s parm->revocation_date]]
	} 
	%{
	DLOG(log_dsap, LLOG_TRACE, ("Done encode RevokedCertificateToSign (AF)"));
	%}

RevokedCertificates [[P struct revocation_list *]]
%{
struct revoked_certificate *tmp;
%}
	::=
	%{
	DLOG(log_dsap, LLOG_TRACE, ("About to encode RevokedCertificates (AF)"));
	%}
	SEQUENCE
	{
	SEQUENCE OF <<tmp = parm->revoked; tmp; tmp=tmp->next>>
		RevokedCertificateToSign [[p tmp]],
	AlgorithmIdentifier [[p &(parm->sig2.alg)]],
	BIT STRING [[x parm->sig2.encrypted $ parm->sig2.n_bits]]
	}
	%{
	DLOG(log_dsap, LLOG_TRACE, ("Done encode RevokedCertificates (AF)"));
	%}
	
CertificateListToSign [[P struct revocation_list *]]
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode CertificateListToSign (AF)"));
        %}
	SEQUENCE
	{
	signature
		AlgorithmIdentifier [[p &(parm->alg)]],
	issuer
		Name [[p parm->issuer]] ,
	lastUpdate
		UTCTime [[s parm->last_update]],
	revokedCertificates
		RevokedCertificates [[p parm]]
		    OPTIONAL <<parm->revoked>>
	}
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode CertificateListToSign (AF)"));
        %}

CertificateList [[P struct revocation_list *]]
	::=
        %{
        DLOG(log_dsap, LLOG_TRACE, ("About to encode CertificateList (AF)"));
        %}
	SEQUENCE
	{
		CertificateListToSign [[p parm]],
		AlgorithmIdentifier [[p &(parm->sig.alg)]],
		BIT STRING [[x parm->sig.encrypted $ parm->sig.n_bits]]
	}
        %{
        DLOG(log_dsap, LLOG_TRACE, ("Done encode CertificateList (AF)"));
        %}

END
DataMuseum.dk

DKUUG/EUUG Conference tapes

⟦a6ced6f37⟧ TextFile

Derivation

TextFile
