Download raw body.
rpki-client: move ASN1 types into dedicated header file
For upcoming work the type definitions need to be accessible by multiple
translation units. The order of rpki-asn1.h is alphabetical. While
there, update references.
OK?
Index: aspa.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/aspa.c,v
diff -u -p -r1.37 aspa.c
--- aspa.c 1 Aug 2025 14:57:15 -0000 1.37
+++ aspa.c 19 Aug 2025 10:05:16 -0000
@@ -33,25 +33,19 @@
#include "extern.h"
/*
- * Types and templates for ASPA eContent draft-ietf-sidrops-aspa-profile-15
+ * ASPA eContent definition in draft-ietf-sidrops-aspa-profile-20.
*/
ASN1_ITEM_EXP ASProviderAttestation_it;
-typedef struct {
- ASN1_INTEGER *version;
- ASN1_INTEGER *customerASID;
- STACK_OF(ASN1_INTEGER) *providers;
-} ASProviderAttestation;
-
ASN1_SEQUENCE(ASProviderAttestation) = {
ASN1_EXP_OPT(ASProviderAttestation, version, ASN1_INTEGER, 0),
ASN1_SIMPLE(ASProviderAttestation, customerASID, ASN1_INTEGER),
ASN1_SEQUENCE_OF(ASProviderAttestation, providers, ASN1_INTEGER),
} ASN1_SEQUENCE_END(ASProviderAttestation);
-DECLARE_ASN1_FUNCTIONS(ASProviderAttestation);
IMPLEMENT_ASN1_FUNCTIONS(ASProviderAttestation);
+
/*
* Parse the ProviderASSet sequence.
Index: extern.h
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/extern.h,v
diff -u -p -r1.257 extern.h
--- extern.h 14 Aug 2025 15:12:00 -0000 1.257
+++ extern.h 19 Aug 2025 10:05:16 -0000
@@ -24,6 +24,8 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include "rpki-asn1.h"
+
#define CTASSERT(x) extern char _ctassert[(x) ? 1 : -1 ] \
__attribute__((__unused__))
Index: mft.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/mft.c,v
diff -u -p -r1.127 mft.c
--- mft.c 1 Aug 2025 14:57:15 -0000 1.127
+++ mft.c 19 Aug 2025 10:05:16 -0000
@@ -35,38 +35,12 @@
#include "extern.h"
/*
- * Types and templates for the Manifest eContent, RFC 6486, section 4.2.
+ * Manifest eContent definition in RFC 9286, section 4.2.
*/
ASN1_ITEM_EXP FileAndHash_it;
ASN1_ITEM_EXP Manifest_it;
-typedef struct {
- ASN1_IA5STRING *file;
- ASN1_BIT_STRING *hash;
-} FileAndHash;
-
-DECLARE_STACK_OF(FileAndHash);
-
-#ifndef DEFINE_STACK_OF
-#define sk_FileAndHash_dup(sk) SKM_sk_dup(FileAndHash, (sk))
-#define sk_FileAndHash_free(sk) SKM_sk_free(FileAndHash, (sk))
-#define sk_FileAndHash_num(sk) SKM_sk_num(FileAndHash, (sk))
-#define sk_FileAndHash_value(sk, i) SKM_sk_value(FileAndHash, (sk), (i))
-#define sk_FileAndHash_sort(sk) SKM_sk_sort(FileAndHash, (sk))
-#define sk_FileAndHash_set_cmp_func(sk, cmp) \
- SKM_sk_set_cmp_func(FileAndHash, (sk), (cmp))
-#endif
-
-typedef struct {
- ASN1_INTEGER *version;
- ASN1_INTEGER *manifestNumber;
- ASN1_GENERALIZEDTIME *thisUpdate;
- ASN1_GENERALIZEDTIME *nextUpdate;
- ASN1_OBJECT *fileHashAlg;
- STACK_OF(FileAndHash) *fileList;
-} Manifest;
-
ASN1_SEQUENCE(FileAndHash) = {
ASN1_SIMPLE(FileAndHash, file, ASN1_IA5STRING),
ASN1_SIMPLE(FileAndHash, hash, ASN1_BIT_STRING),
@@ -81,8 +55,8 @@ ASN1_SEQUENCE(Manifest) = {
ASN1_SEQUENCE_OF(Manifest, fileList, FileAndHash),
} ASN1_SEQUENCE_END(Manifest);
-DECLARE_ASN1_FUNCTIONS(Manifest);
IMPLEMENT_ASN1_FUNCTIONS(Manifest);
+
#define GENTIME_LENGTH 15
Index: roa.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/roa.c,v
diff -u -p -r1.84 roa.c
--- roa.c 1 Aug 2025 14:57:15 -0000 1.84
+++ roa.c 19 Aug 2025 10:05:16 -0000
@@ -32,42 +32,13 @@
#include "extern.h"
/*
- * Types and templates for the ROA eContent, RFC 6482, section 3.
+ * ROA eContent definition in RFC 9582, section 4.
*/
ASN1_ITEM_EXP ROAIPAddress_it;
ASN1_ITEM_EXP ROAIPAddressFamily_it;
ASN1_ITEM_EXP RouteOriginAttestation_it;
-typedef struct {
- ASN1_BIT_STRING *address;
- ASN1_INTEGER *maxLength;
-} ROAIPAddress;
-
-DECLARE_STACK_OF(ROAIPAddress);
-
-typedef struct {
- ASN1_OCTET_STRING *addressFamily;
- STACK_OF(ROAIPAddress) *addresses;
-} ROAIPAddressFamily;
-
-DECLARE_STACK_OF(ROAIPAddressFamily);
-
-#ifndef DEFINE_STACK_OF
-#define sk_ROAIPAddress_num(st) SKM_sk_num(ROAIPAddress, (st))
-#define sk_ROAIPAddress_value(st, i) SKM_sk_value(ROAIPAddress, (st), (i))
-
-#define sk_ROAIPAddressFamily_num(st) SKM_sk_num(ROAIPAddressFamily, (st))
-#define sk_ROAIPAddressFamily_value(st, i) \
- SKM_sk_value(ROAIPAddressFamily, (st), (i))
-#endif
-
-typedef struct {
- ASN1_INTEGER *version;
- ASN1_INTEGER *asid;
- STACK_OF(ROAIPAddressFamily) *ipAddrBlocks;
-} RouteOriginAttestation;
-
ASN1_SEQUENCE(ROAIPAddress) = {
ASN1_SIMPLE(ROAIPAddress, address, ASN1_BIT_STRING),
ASN1_OPT(ROAIPAddress, maxLength, ASN1_INTEGER),
@@ -85,8 +56,8 @@ ASN1_SEQUENCE(RouteOriginAttestation) =
ROAIPAddressFamily),
} ASN1_SEQUENCE_END(RouteOriginAttestation);
-DECLARE_ASN1_FUNCTIONS(RouteOriginAttestation);
IMPLEMENT_ASN1_FUNCTIONS(RouteOriginAttestation);
+
/*
* Parses the eContent section of an ROA file, RFC 6482, section 3.
Index: rpki-asn1.h
===================================================================
RCS file: rpki-asn1.h
diff -N rpki-asn1.h
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ rpki-asn1.h 19 Aug 2025 10:05:16 -0000
@@ -0,0 +1,238 @@
+/* $OpenBSD$ */
+/*
+ * Copyright (c) 2025 Job Snijders <job@openbsd.org>
+ * Copyright (c) 2025 Theo Buehler <tb@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef RPKI_ASN1_H
+#define RPKI_ASN1_H
+
+#include <unistd.h>
+
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+
+/*
+ * Autonomous System Provider Authorization (ASPA)
+ */
+
+extern ASN1_ITEM_EXP ASProviderAttestation_it;
+
+typedef struct {
+ ASN1_INTEGER *version;
+ ASN1_INTEGER *customerASID;
+ STACK_OF(ASN1_INTEGER) *providers;
+} ASProviderAttestation;
+
+DECLARE_ASN1_FUNCTIONS(ASProviderAttestation);
+
+
+/*
+ * RPKI Manifest
+ */
+
+extern ASN1_ITEM_EXP FileAndHash_it;
+extern ASN1_ITEM_EXP Manifest_it;
+
+typedef struct {
+ ASN1_IA5STRING *file;
+ ASN1_BIT_STRING *hash;
+} FileAndHash;
+
+DECLARE_STACK_OF(FileAndHash);
+
+#ifndef DEFINE_STACK_OF
+#define sk_FileAndHash_dup(sk) SKM_sk_dup(FileAndHash, (sk))
+#define sk_FileAndHash_free(sk) SKM_sk_free(FileAndHash, (sk))
+#define sk_FileAndHash_num(sk) SKM_sk_num(FileAndHash, (sk))
+#define sk_FileAndHash_value(sk, i) SKM_sk_value(FileAndHash, (sk), (i))
+#define sk_FileAndHash_sort(sk) SKM_sk_sort(FileAndHash, (sk))
+#define sk_FileAndHash_set_cmp_func(sk, cmp) \
+ SKM_sk_set_cmp_func(FileAndHash, (sk), (cmp))
+#endif
+
+typedef struct {
+ ASN1_INTEGER *version;
+ ASN1_INTEGER *manifestNumber;
+ ASN1_GENERALIZEDTIME *thisUpdate;
+ ASN1_GENERALIZEDTIME *nextUpdate;
+ ASN1_OBJECT *fileHashAlg;
+ STACK_OF(FileAndHash) *fileList;
+} Manifest;
+
+DECLARE_ASN1_FUNCTIONS(Manifest);
+
+
+/*
+ * Route Origin Authorization (ROA)
+ */
+
+extern ASN1_ITEM_EXP ROAIPAddress_it;
+extern ASN1_ITEM_EXP ROAIPAddressFamily_it;
+extern ASN1_ITEM_EXP RouteOriginAttestation_it;
+
+typedef struct {
+ ASN1_BIT_STRING *address;
+ ASN1_INTEGER *maxLength;
+} ROAIPAddress;
+
+DECLARE_STACK_OF(ROAIPAddress);
+
+typedef struct {
+ ASN1_OCTET_STRING *addressFamily;
+ STACK_OF(ROAIPAddress) *addresses;
+} ROAIPAddressFamily;
+
+DECLARE_STACK_OF(ROAIPAddressFamily);
+
+#ifndef DEFINE_STACK_OF
+#define sk_ROAIPAddress_num(st) SKM_sk_num(ROAIPAddress, (st))
+#define sk_ROAIPAddress_value(st, i) SKM_sk_value(ROAIPAddress, (st), (i))
+
+#define sk_ROAIPAddressFamily_num(st) SKM_sk_num(ROAIPAddressFamily, (st))
+#define sk_ROAIPAddressFamily_value(st, i) \
+ SKM_sk_value(ROAIPAddressFamily, (st), (i))
+#endif
+
+typedef struct {
+ ASN1_INTEGER *version;
+ ASN1_INTEGER *asid;
+ STACK_OF(ROAIPAddressFamily) *ipAddrBlocks;
+} RouteOriginAttestation;
+
+DECLARE_ASN1_FUNCTIONS(RouteOriginAttestation);
+
+
+/*
+ * RPKI Signed Checklist (RSC)
+ */
+
+extern ASN1_ITEM_EXP ConstrainedASIdentifiers_it;
+extern ASN1_ITEM_EXP ConstrainedIPAddressFamily_it;
+extern ASN1_ITEM_EXP ConstrainedIPAddrBlocks_it;
+extern ASN1_ITEM_EXP FileNameAndHash_it;
+extern ASN1_ITEM_EXP ResourceBlock_it;
+extern ASN1_ITEM_EXP RpkiSignedChecklist_it;
+
+typedef struct {
+ ASIdOrRanges *asnum;
+} ConstrainedASIdentifiers;
+
+typedef struct {
+ ASN1_OCTET_STRING *addressFamily;
+ STACK_OF(IPAddressOrRange) *addressesOrRanges;
+} ConstrainedIPAddressFamily;
+
+typedef STACK_OF(ConstrainedIPAddressFamily) ConstrainedIPAddrBlocks;
+DECLARE_STACK_OF(ConstrainedIPAddressFamily);
+
+typedef struct {
+ ConstrainedASIdentifiers *asID;
+ ConstrainedIPAddrBlocks *ipAddrBlocks;
+} ResourceBlock;
+
+typedef struct {
+ ASN1_IA5STRING *fileName;
+ ASN1_OCTET_STRING *hash;
+} FileNameAndHash;
+
+DECLARE_STACK_OF(FileNameAndHash);
+
+#ifndef DEFINE_STACK_OF
+#define sk_ConstrainedIPAddressFamily_num(sk) \
+ SKM_sk_num(ConstrainedIPAddressFamily, (sk))
+#define sk_ConstrainedIPAddressFamily_value(sk, i) \
+ SKM_sk_value(ConstrainedIPAddressFamily, (sk), (i))
+
+#define sk_FileNameAndHash_num(sk) SKM_sk_num(FileNameAndHash, (sk))
+#define sk_FileNameAndHash_value(sk, i) SKM_sk_value(FileNameAndHash, (sk), (i))
+#endif
+
+typedef struct {
+ ASN1_INTEGER *version;
+ ResourceBlock *resources;
+ X509_ALGOR *digestAlgorithm;
+ STACK_OF(FileNameAndHash) *checkList;
+} RpkiSignedChecklist;
+
+DECLARE_ASN1_FUNCTIONS(RpkiSignedChecklist);
+
+
+/*
+ * Signed Prefix List (SPL)
+ */
+
+extern ASN1_ITEM_EXP AddressFamilyPrefixes_it;
+extern ASN1_ITEM_EXP SignedPrefixList_it;
+
+DECLARE_STACK_OF(ASN1_BIT_STRING);
+
+typedef struct {
+ ASN1_OCTET_STRING *addressFamily;
+ STACK_OF(ASN1_BIT_STRING) *addressPrefixes;
+} AddressFamilyPrefixes;
+
+DECLARE_STACK_OF(AddressFamilyPrefixes);
+
+#ifndef DEFINE_STACK_OF
+#define sk_ASN1_BIT_STRING_num(st) SKM_sk_num(ASN1_BIT_STRING, (st))
+#define sk_ASN1_BIT_STRING_value(st, i) SKM_sk_value(ASN1_BIT_STRING, (st), (i))
+
+#define sk_AddressFamilyPrefixes_num(st) \
+ SKM_sk_num(AddressFamilyPrefixes, (st))
+#define sk_AddressFamilyPrefixes_value(st, i) \
+ SKM_sk_value(AddressFamilyPrefixes, (st), (i))
+#endif
+
+typedef struct {
+ ASN1_INTEGER *version;
+ ASN1_INTEGER *asid;
+ STACK_OF(AddressFamilyPrefixes) *prefixBlocks;
+} SignedPrefixList;
+
+DECLARE_ASN1_FUNCTIONS(SignedPrefixList);
+
+
+/*
+ * Trust Anchor Key (TAK)
+ */
+
+extern ASN1_ITEM_EXP TAKey_it;
+extern ASN1_ITEM_EXP TAK_it;
+
+DECLARE_STACK_OF(ASN1_IA5STRING);
+
+#ifndef DEFINE_STACK_OF
+#define sk_ASN1_IA5STRING_num(st) SKM_sk_num(ASN1_IA5STRING, (st))
+#define sk_ASN1_IA5STRING_value(st, i) SKM_sk_value(ASN1_IA5STRING, (st), (i))
+#endif
+
+typedef struct {
+ STACK_OF(ASN1_UTF8STRING) *comments;
+ STACK_OF(ASN1_IA5STRING) *certificateURIs;
+ X509_PUBKEY *subjectPublicKeyInfo;
+} TAKey;
+
+typedef struct {
+ ASN1_INTEGER *version;
+ TAKey *current;
+ TAKey *predecessor;
+ TAKey *successor;
+} TAK;
+
+DECLARE_ASN1_FUNCTIONS(TAK);
+
+
+#endif /* ! RPKI_ASN1_H */
Index: rsc.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/rsc.c,v
diff -u -p -r1.40 rsc.c
--- rsc.c 1 Aug 2025 14:57:15 -0000 1.40
+++ rsc.c 19 Aug 2025 10:05:16 -0000
@@ -33,7 +33,7 @@
#include "extern.h"
/*
- * Types and templates for RSC eContent - RFC 9323
+ * RSC eContent definition in RFC 9323 section 4.
*/
ASN1_ITEM_EXP ConstrainedASIdentifiers_it;
@@ -43,19 +43,10 @@ ASN1_ITEM_EXP FileNameAndHash_it;
ASN1_ITEM_EXP ResourceBlock_it;
ASN1_ITEM_EXP RpkiSignedChecklist_it;
-typedef struct {
- ASIdOrRanges *asnum;
-} ConstrainedASIdentifiers;
-
ASN1_SEQUENCE(ConstrainedASIdentifiers) = {
ASN1_EXP_SEQUENCE_OF(ConstrainedASIdentifiers, asnum, ASIdOrRange, 0),
} ASN1_SEQUENCE_END(ConstrainedASIdentifiers);
-typedef struct {
- ASN1_OCTET_STRING *addressFamily;
- STACK_OF(IPAddressOrRange) *addressesOrRanges;
-} ConstrainedIPAddressFamily;
-
ASN1_SEQUENCE(ConstrainedIPAddressFamily) = {
ASN1_SIMPLE(ConstrainedIPAddressFamily, addressFamily,
ASN1_OCTET_STRING),
@@ -63,54 +54,22 @@ ASN1_SEQUENCE(ConstrainedIPAddressFamily
IPAddressOrRange),
} ASN1_SEQUENCE_END(ConstrainedIPAddressFamily);
-typedef STACK_OF(ConstrainedIPAddressFamily) ConstrainedIPAddrBlocks;
-DECLARE_STACK_OF(ConstrainedIPAddressFamily);
-
ASN1_ITEM_TEMPLATE(ConstrainedIPAddrBlocks) =
ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, ConstrainedIPAddrBlocks,
ConstrainedIPAddressFamily)
ASN1_ITEM_TEMPLATE_END(ConstrainedIPAddrBlocks);
-typedef struct {
- ConstrainedASIdentifiers *asID;
- ConstrainedIPAddrBlocks *ipAddrBlocks;
-} ResourceBlock;
-
ASN1_SEQUENCE(ResourceBlock) = {
ASN1_EXP_OPT(ResourceBlock, asID, ConstrainedASIdentifiers, 0),
ASN1_EXP_SEQUENCE_OF_OPT(ResourceBlock, ipAddrBlocks,
ConstrainedIPAddressFamily, 1)
} ASN1_SEQUENCE_END(ResourceBlock);
-typedef struct {
- ASN1_IA5STRING *fileName;
- ASN1_OCTET_STRING *hash;
-} FileNameAndHash;
-
-DECLARE_STACK_OF(FileNameAndHash);
-
-#ifndef DEFINE_STACK_OF
-#define sk_ConstrainedIPAddressFamily_num(sk) \
- SKM_sk_num(ConstrainedIPAddressFamily, (sk))
-#define sk_ConstrainedIPAddressFamily_value(sk, i) \
- SKM_sk_value(ConstrainedIPAddressFamily, (sk), (i))
-
-#define sk_FileNameAndHash_num(sk) SKM_sk_num(FileNameAndHash, (sk))
-#define sk_FileNameAndHash_value(sk, i) SKM_sk_value(FileNameAndHash, (sk), (i))
-#endif
-
ASN1_SEQUENCE(FileNameAndHash) = {
ASN1_OPT(FileNameAndHash, fileName, ASN1_IA5STRING),
ASN1_SIMPLE(FileNameAndHash, hash, ASN1_OCTET_STRING),
} ASN1_SEQUENCE_END(FileNameAndHash);
-typedef struct {
- ASN1_INTEGER *version;
- ResourceBlock *resources;
- X509_ALGOR *digestAlgorithm;
- STACK_OF(FileNameAndHash) *checkList;
-} RpkiSignedChecklist;
-
ASN1_SEQUENCE(RpkiSignedChecklist) = {
ASN1_EXP_OPT(RpkiSignedChecklist, version, ASN1_INTEGER, 0),
ASN1_SIMPLE(RpkiSignedChecklist, resources, ResourceBlock),
@@ -118,8 +77,8 @@ ASN1_SEQUENCE(RpkiSignedChecklist) = {
ASN1_SEQUENCE_OF(RpkiSignedChecklist, checkList, FileNameAndHash),
} ASN1_SEQUENCE_END(RpkiSignedChecklist);
-DECLARE_ASN1_FUNCTIONS(RpkiSignedChecklist);
IMPLEMENT_ASN1_FUNCTIONS(RpkiSignedChecklist);
+
/*
* Parse asID (inside ResourceBlock)
Index: spl.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/spl.c,v
diff -u -p -r1.13 spl.c
--- spl.c 1 Aug 2025 14:57:15 -0000 1.13
+++ spl.c 19 Aug 2025 10:05:16 -0000
@@ -34,51 +34,26 @@
#include "extern.h"
/*
- * Types and templates for the SPL eContent.
+ * SPL eContent definition in draft-ietf-sidrops-rpki-prefixlist-04 section 3.
*/
ASN1_ITEM_EXP AddressFamilyPrefixes_it;
ASN1_ITEM_EXP SignedPrefixList_it;
-DECLARE_STACK_OF(ASN1_BIT_STRING);
-
-typedef struct {
- ASN1_OCTET_STRING *addressFamily;
- STACK_OF(ASN1_BIT_STRING) *addressPrefixes;
-} AddressFamilyPrefixes;
-
-DECLARE_STACK_OF(AddressFamilyPrefixes);
-
ASN1_SEQUENCE(AddressFamilyPrefixes) = {
ASN1_SIMPLE(AddressFamilyPrefixes, addressFamily, ASN1_OCTET_STRING),
ASN1_SEQUENCE_OF(AddressFamilyPrefixes, addressPrefixes,
ASN1_BIT_STRING),
} ASN1_SEQUENCE_END(AddressFamilyPrefixes);
-#ifndef DEFINE_STACK_OF
-#define sk_ASN1_BIT_STRING_num(st) SKM_sk_num(ASN1_BIT_STRING, (st))
-#define sk_ASN1_BIT_STRING_value(st, i) SKM_sk_value(ASN1_BIT_STRING, (st), (i))
-
-#define sk_AddressFamilyPrefixes_num(st) \
- SKM_sk_num(AddressFamilyPrefixes, (st))
-#define sk_AddressFamilyPrefixes_value(st, i) \
- SKM_sk_value(AddressFamilyPrefixes, (st), (i))
-#endif
-
-typedef struct {
- ASN1_INTEGER *version;
- ASN1_INTEGER *asid;
- STACK_OF(AddressFamilyPrefixes) *prefixBlocks;
-} SignedPrefixList;
-
ASN1_SEQUENCE(SignedPrefixList) = {
ASN1_EXP_OPT(SignedPrefixList, version, ASN1_INTEGER, 0),
ASN1_SIMPLE(SignedPrefixList, asid, ASN1_INTEGER),
ASN1_SEQUENCE_OF(SignedPrefixList, prefixBlocks, AddressFamilyPrefixes)
} ASN1_SEQUENCE_END(SignedPrefixList);
-DECLARE_ASN1_FUNCTIONS(SignedPrefixList);
IMPLEMENT_ASN1_FUNCTIONS(SignedPrefixList);
+
/*
* Comparator to help sorting elements in SPL prefixBlocks and VSPs.
Index: tak.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/tak.c,v
diff -u -p -r1.26 tak.c
--- tak.c 1 Aug 2025 14:57:15 -0000 1.26
+++ tak.c 19 Aug 2025 10:05:16 -0000
@@ -34,32 +34,12 @@
#include "extern.h"
/*
- * ASN.1 templates for Trust Anchor Keys (RFC 9691)
+ * TAK eContent definition in RFC 9691 section 2.
*/
ASN1_ITEM_EXP TAKey_it;
ASN1_ITEM_EXP TAK_it;
-DECLARE_STACK_OF(ASN1_IA5STRING);
-
-#ifndef DEFINE_STACK_OF
-#define sk_ASN1_IA5STRING_num(st) SKM_sk_num(ASN1_IA5STRING, (st))
-#define sk_ASN1_IA5STRING_value(st, i) SKM_sk_value(ASN1_IA5STRING, (st), (i))
-#endif
-
-typedef struct {
- STACK_OF(ASN1_UTF8STRING) *comments;
- STACK_OF(ASN1_IA5STRING) *certificateURIs;
- X509_PUBKEY *subjectPublicKeyInfo;
-} TAKey;
-
-typedef struct {
- ASN1_INTEGER *version;
- TAKey *current;
- TAKey *predecessor;
- TAKey *successor;
-} TAK;
-
ASN1_SEQUENCE(TAKey) = {
ASN1_SEQUENCE_OF(TAKey, comments, ASN1_UTF8STRING),
ASN1_SEQUENCE_OF(TAKey, certificateURIs, ASN1_IA5STRING),
@@ -73,8 +53,8 @@ ASN1_SEQUENCE(TAK) = {
ASN1_EXP_OPT(TAK, successor, TAKey, 1),
} ASN1_SEQUENCE_END(TAK);
-DECLARE_ASN1_FUNCTIONS(TAK);
IMPLEMENT_ASN1_FUNCTIONS(TAK);
+
/*
* On success return pointer to allocated & valid takey structure,
rpki-client: move ASN1 types into dedicated header file