From: Job Snijders Subject: rpki-client: move ASN1 types into dedicated header file To: tech@openbsd.org Date: Tue, 19 Aug 2025 10:08:53 +0000 For upcoming work the type definitions need to be accessible by multiple translation units. The order of rpki-asn1.h is alphabetical. While there, update references. OK? Index: aspa.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/aspa.c,v diff -u -p -r1.37 aspa.c --- aspa.c 1 Aug 2025 14:57:15 -0000 1.37 +++ aspa.c 19 Aug 2025 10:05:16 -0000 @@ -33,25 +33,19 @@ #include "extern.h" /* - * Types and templates for ASPA eContent draft-ietf-sidrops-aspa-profile-15 + * ASPA eContent definition in draft-ietf-sidrops-aspa-profile-20. */ ASN1_ITEM_EXP ASProviderAttestation_it; -typedef struct { - ASN1_INTEGER *version; - ASN1_INTEGER *customerASID; - STACK_OF(ASN1_INTEGER) *providers; -} ASProviderAttestation; - ASN1_SEQUENCE(ASProviderAttestation) = { ASN1_EXP_OPT(ASProviderAttestation, version, ASN1_INTEGER, 0), ASN1_SIMPLE(ASProviderAttestation, customerASID, ASN1_INTEGER), ASN1_SEQUENCE_OF(ASProviderAttestation, providers, ASN1_INTEGER), } ASN1_SEQUENCE_END(ASProviderAttestation); -DECLARE_ASN1_FUNCTIONS(ASProviderAttestation); IMPLEMENT_ASN1_FUNCTIONS(ASProviderAttestation); + /* * Parse the ProviderASSet sequence. Index: extern.h =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/extern.h,v diff -u -p -r1.257 extern.h --- extern.h 14 Aug 2025 15:12:00 -0000 1.257 +++ extern.h 19 Aug 2025 10:05:16 -0000 @@ -24,6 +24,8 @@ #include #include +#include "rpki-asn1.h" + #define CTASSERT(x) extern char _ctassert[(x) ? 1 : -1 ] \ __attribute__((__unused__)) Index: mft.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/mft.c,v diff -u -p -r1.127 mft.c --- mft.c 1 Aug 2025 14:57:15 -0000 1.127 +++ mft.c 19 Aug 2025 10:05:16 -0000 @@ -35,38 +35,12 @@ #include "extern.h" /* - * Types and templates for the Manifest eContent, RFC 6486, section 4.2. + * Manifest eContent definition in RFC 9286, section 4.2. */ ASN1_ITEM_EXP FileAndHash_it; ASN1_ITEM_EXP Manifest_it; -typedef struct { - ASN1_IA5STRING *file; - ASN1_BIT_STRING *hash; -} FileAndHash; - -DECLARE_STACK_OF(FileAndHash); - -#ifndef DEFINE_STACK_OF -#define sk_FileAndHash_dup(sk) SKM_sk_dup(FileAndHash, (sk)) -#define sk_FileAndHash_free(sk) SKM_sk_free(FileAndHash, (sk)) -#define sk_FileAndHash_num(sk) SKM_sk_num(FileAndHash, (sk)) -#define sk_FileAndHash_value(sk, i) SKM_sk_value(FileAndHash, (sk), (i)) -#define sk_FileAndHash_sort(sk) SKM_sk_sort(FileAndHash, (sk)) -#define sk_FileAndHash_set_cmp_func(sk, cmp) \ - SKM_sk_set_cmp_func(FileAndHash, (sk), (cmp)) -#endif - -typedef struct { - ASN1_INTEGER *version; - ASN1_INTEGER *manifestNumber; - ASN1_GENERALIZEDTIME *thisUpdate; - ASN1_GENERALIZEDTIME *nextUpdate; - ASN1_OBJECT *fileHashAlg; - STACK_OF(FileAndHash) *fileList; -} Manifest; - ASN1_SEQUENCE(FileAndHash) = { ASN1_SIMPLE(FileAndHash, file, ASN1_IA5STRING), ASN1_SIMPLE(FileAndHash, hash, ASN1_BIT_STRING), @@ -81,8 +55,8 @@ ASN1_SEQUENCE(Manifest) = { ASN1_SEQUENCE_OF(Manifest, fileList, FileAndHash), } ASN1_SEQUENCE_END(Manifest); -DECLARE_ASN1_FUNCTIONS(Manifest); IMPLEMENT_ASN1_FUNCTIONS(Manifest); + #define GENTIME_LENGTH 15 Index: roa.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/roa.c,v diff -u -p -r1.84 roa.c --- roa.c 1 Aug 2025 14:57:15 -0000 1.84 +++ roa.c 19 Aug 2025 10:05:16 -0000 @@ -32,42 +32,13 @@ #include "extern.h" /* - * Types and templates for the ROA eContent, RFC 6482, section 3. + * ROA eContent definition in RFC 9582, section 4. */ ASN1_ITEM_EXP ROAIPAddress_it; ASN1_ITEM_EXP ROAIPAddressFamily_it; ASN1_ITEM_EXP RouteOriginAttestation_it; -typedef struct { - ASN1_BIT_STRING *address; - ASN1_INTEGER *maxLength; -} ROAIPAddress; - -DECLARE_STACK_OF(ROAIPAddress); - -typedef struct { - ASN1_OCTET_STRING *addressFamily; - STACK_OF(ROAIPAddress) *addresses; -} ROAIPAddressFamily; - -DECLARE_STACK_OF(ROAIPAddressFamily); - -#ifndef DEFINE_STACK_OF -#define sk_ROAIPAddress_num(st) SKM_sk_num(ROAIPAddress, (st)) -#define sk_ROAIPAddress_value(st, i) SKM_sk_value(ROAIPAddress, (st), (i)) - -#define sk_ROAIPAddressFamily_num(st) SKM_sk_num(ROAIPAddressFamily, (st)) -#define sk_ROAIPAddressFamily_value(st, i) \ - SKM_sk_value(ROAIPAddressFamily, (st), (i)) -#endif - -typedef struct { - ASN1_INTEGER *version; - ASN1_INTEGER *asid; - STACK_OF(ROAIPAddressFamily) *ipAddrBlocks; -} RouteOriginAttestation; - ASN1_SEQUENCE(ROAIPAddress) = { ASN1_SIMPLE(ROAIPAddress, address, ASN1_BIT_STRING), ASN1_OPT(ROAIPAddress, maxLength, ASN1_INTEGER), @@ -85,8 +56,8 @@ ASN1_SEQUENCE(RouteOriginAttestation) = ROAIPAddressFamily), } ASN1_SEQUENCE_END(RouteOriginAttestation); -DECLARE_ASN1_FUNCTIONS(RouteOriginAttestation); IMPLEMENT_ASN1_FUNCTIONS(RouteOriginAttestation); + /* * Parses the eContent section of an ROA file, RFC 6482, section 3. Index: rpki-asn1.h =================================================================== RCS file: rpki-asn1.h diff -N rpki-asn1.h --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ rpki-asn1.h 19 Aug 2025 10:05:16 -0000 @@ -0,0 +1,238 @@ +/* $OpenBSD$ */ +/* + * Copyright (c) 2025 Job Snijders + * Copyright (c) 2025 Theo Buehler + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef RPKI_ASN1_H +#define RPKI_ASN1_H + +#include + +#include +#include + +/* + * Autonomous System Provider Authorization (ASPA) + */ + +extern ASN1_ITEM_EXP ASProviderAttestation_it; + +typedef struct { + ASN1_INTEGER *version; + ASN1_INTEGER *customerASID; + STACK_OF(ASN1_INTEGER) *providers; +} ASProviderAttestation; + +DECLARE_ASN1_FUNCTIONS(ASProviderAttestation); + + +/* + * RPKI Manifest + */ + +extern ASN1_ITEM_EXP FileAndHash_it; +extern ASN1_ITEM_EXP Manifest_it; + +typedef struct { + ASN1_IA5STRING *file; + ASN1_BIT_STRING *hash; +} FileAndHash; + +DECLARE_STACK_OF(FileAndHash); + +#ifndef DEFINE_STACK_OF +#define sk_FileAndHash_dup(sk) SKM_sk_dup(FileAndHash, (sk)) +#define sk_FileAndHash_free(sk) SKM_sk_free(FileAndHash, (sk)) +#define sk_FileAndHash_num(sk) SKM_sk_num(FileAndHash, (sk)) +#define sk_FileAndHash_value(sk, i) SKM_sk_value(FileAndHash, (sk), (i)) +#define sk_FileAndHash_sort(sk) SKM_sk_sort(FileAndHash, (sk)) +#define sk_FileAndHash_set_cmp_func(sk, cmp) \ + SKM_sk_set_cmp_func(FileAndHash, (sk), (cmp)) +#endif + +typedef struct { + ASN1_INTEGER *version; + ASN1_INTEGER *manifestNumber; + ASN1_GENERALIZEDTIME *thisUpdate; + ASN1_GENERALIZEDTIME *nextUpdate; + ASN1_OBJECT *fileHashAlg; + STACK_OF(FileAndHash) *fileList; +} Manifest; + +DECLARE_ASN1_FUNCTIONS(Manifest); + + +/* + * Route Origin Authorization (ROA) + */ + +extern ASN1_ITEM_EXP ROAIPAddress_it; +extern ASN1_ITEM_EXP ROAIPAddressFamily_it; +extern ASN1_ITEM_EXP RouteOriginAttestation_it; + +typedef struct { + ASN1_BIT_STRING *address; + ASN1_INTEGER *maxLength; +} ROAIPAddress; + +DECLARE_STACK_OF(ROAIPAddress); + +typedef struct { + ASN1_OCTET_STRING *addressFamily; + STACK_OF(ROAIPAddress) *addresses; +} ROAIPAddressFamily; + +DECLARE_STACK_OF(ROAIPAddressFamily); + +#ifndef DEFINE_STACK_OF +#define sk_ROAIPAddress_num(st) SKM_sk_num(ROAIPAddress, (st)) +#define sk_ROAIPAddress_value(st, i) SKM_sk_value(ROAIPAddress, (st), (i)) + +#define sk_ROAIPAddressFamily_num(st) SKM_sk_num(ROAIPAddressFamily, (st)) +#define sk_ROAIPAddressFamily_value(st, i) \ + SKM_sk_value(ROAIPAddressFamily, (st), (i)) +#endif + +typedef struct { + ASN1_INTEGER *version; + ASN1_INTEGER *asid; + STACK_OF(ROAIPAddressFamily) *ipAddrBlocks; +} RouteOriginAttestation; + +DECLARE_ASN1_FUNCTIONS(RouteOriginAttestation); + + +/* + * RPKI Signed Checklist (RSC) + */ + +extern ASN1_ITEM_EXP ConstrainedASIdentifiers_it; +extern ASN1_ITEM_EXP ConstrainedIPAddressFamily_it; +extern ASN1_ITEM_EXP ConstrainedIPAddrBlocks_it; +extern ASN1_ITEM_EXP FileNameAndHash_it; +extern ASN1_ITEM_EXP ResourceBlock_it; +extern ASN1_ITEM_EXP RpkiSignedChecklist_it; + +typedef struct { + ASIdOrRanges *asnum; +} ConstrainedASIdentifiers; + +typedef struct { + ASN1_OCTET_STRING *addressFamily; + STACK_OF(IPAddressOrRange) *addressesOrRanges; +} ConstrainedIPAddressFamily; + +typedef STACK_OF(ConstrainedIPAddressFamily) ConstrainedIPAddrBlocks; +DECLARE_STACK_OF(ConstrainedIPAddressFamily); + +typedef struct { + ConstrainedASIdentifiers *asID; + ConstrainedIPAddrBlocks *ipAddrBlocks; +} ResourceBlock; + +typedef struct { + ASN1_IA5STRING *fileName; + ASN1_OCTET_STRING *hash; +} FileNameAndHash; + +DECLARE_STACK_OF(FileNameAndHash); + +#ifndef DEFINE_STACK_OF +#define sk_ConstrainedIPAddressFamily_num(sk) \ + SKM_sk_num(ConstrainedIPAddressFamily, (sk)) +#define sk_ConstrainedIPAddressFamily_value(sk, i) \ + SKM_sk_value(ConstrainedIPAddressFamily, (sk), (i)) + +#define sk_FileNameAndHash_num(sk) SKM_sk_num(FileNameAndHash, (sk)) +#define sk_FileNameAndHash_value(sk, i) SKM_sk_value(FileNameAndHash, (sk), (i)) +#endif + +typedef struct { + ASN1_INTEGER *version; + ResourceBlock *resources; + X509_ALGOR *digestAlgorithm; + STACK_OF(FileNameAndHash) *checkList; +} RpkiSignedChecklist; + +DECLARE_ASN1_FUNCTIONS(RpkiSignedChecklist); + + +/* + * Signed Prefix List (SPL) + */ + +extern ASN1_ITEM_EXP AddressFamilyPrefixes_it; +extern ASN1_ITEM_EXP SignedPrefixList_it; + +DECLARE_STACK_OF(ASN1_BIT_STRING); + +typedef struct { + ASN1_OCTET_STRING *addressFamily; + STACK_OF(ASN1_BIT_STRING) *addressPrefixes; +} AddressFamilyPrefixes; + +DECLARE_STACK_OF(AddressFamilyPrefixes); + +#ifndef DEFINE_STACK_OF +#define sk_ASN1_BIT_STRING_num(st) SKM_sk_num(ASN1_BIT_STRING, (st)) +#define sk_ASN1_BIT_STRING_value(st, i) SKM_sk_value(ASN1_BIT_STRING, (st), (i)) + +#define sk_AddressFamilyPrefixes_num(st) \ + SKM_sk_num(AddressFamilyPrefixes, (st)) +#define sk_AddressFamilyPrefixes_value(st, i) \ + SKM_sk_value(AddressFamilyPrefixes, (st), (i)) +#endif + +typedef struct { + ASN1_INTEGER *version; + ASN1_INTEGER *asid; + STACK_OF(AddressFamilyPrefixes) *prefixBlocks; +} SignedPrefixList; + +DECLARE_ASN1_FUNCTIONS(SignedPrefixList); + + +/* + * Trust Anchor Key (TAK) + */ + +extern ASN1_ITEM_EXP TAKey_it; +extern ASN1_ITEM_EXP TAK_it; + +DECLARE_STACK_OF(ASN1_IA5STRING); + +#ifndef DEFINE_STACK_OF +#define sk_ASN1_IA5STRING_num(st) SKM_sk_num(ASN1_IA5STRING, (st)) +#define sk_ASN1_IA5STRING_value(st, i) SKM_sk_value(ASN1_IA5STRING, (st), (i)) +#endif + +typedef struct { + STACK_OF(ASN1_UTF8STRING) *comments; + STACK_OF(ASN1_IA5STRING) *certificateURIs; + X509_PUBKEY *subjectPublicKeyInfo; +} TAKey; + +typedef struct { + ASN1_INTEGER *version; + TAKey *current; + TAKey *predecessor; + TAKey *successor; +} TAK; + +DECLARE_ASN1_FUNCTIONS(TAK); + + +#endif /* ! RPKI_ASN1_H */ Index: rsc.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/rsc.c,v diff -u -p -r1.40 rsc.c --- rsc.c 1 Aug 2025 14:57:15 -0000 1.40 +++ rsc.c 19 Aug 2025 10:05:16 -0000 @@ -33,7 +33,7 @@ #include "extern.h" /* - * Types and templates for RSC eContent - RFC 9323 + * RSC eContent definition in RFC 9323 section 4. */ ASN1_ITEM_EXP ConstrainedASIdentifiers_it; @@ -43,19 +43,10 @@ ASN1_ITEM_EXP FileNameAndHash_it; ASN1_ITEM_EXP ResourceBlock_it; ASN1_ITEM_EXP RpkiSignedChecklist_it; -typedef struct { - ASIdOrRanges *asnum; -} ConstrainedASIdentifiers; - ASN1_SEQUENCE(ConstrainedASIdentifiers) = { ASN1_EXP_SEQUENCE_OF(ConstrainedASIdentifiers, asnum, ASIdOrRange, 0), } ASN1_SEQUENCE_END(ConstrainedASIdentifiers); -typedef struct { - ASN1_OCTET_STRING *addressFamily; - STACK_OF(IPAddressOrRange) *addressesOrRanges; -} ConstrainedIPAddressFamily; - ASN1_SEQUENCE(ConstrainedIPAddressFamily) = { ASN1_SIMPLE(ConstrainedIPAddressFamily, addressFamily, ASN1_OCTET_STRING), @@ -63,54 +54,22 @@ ASN1_SEQUENCE(ConstrainedIPAddressFamily IPAddressOrRange), } ASN1_SEQUENCE_END(ConstrainedIPAddressFamily); -typedef STACK_OF(ConstrainedIPAddressFamily) ConstrainedIPAddrBlocks; -DECLARE_STACK_OF(ConstrainedIPAddressFamily); - ASN1_ITEM_TEMPLATE(ConstrainedIPAddrBlocks) = ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, ConstrainedIPAddrBlocks, ConstrainedIPAddressFamily) ASN1_ITEM_TEMPLATE_END(ConstrainedIPAddrBlocks); -typedef struct { - ConstrainedASIdentifiers *asID; - ConstrainedIPAddrBlocks *ipAddrBlocks; -} ResourceBlock; - ASN1_SEQUENCE(ResourceBlock) = { ASN1_EXP_OPT(ResourceBlock, asID, ConstrainedASIdentifiers, 0), ASN1_EXP_SEQUENCE_OF_OPT(ResourceBlock, ipAddrBlocks, ConstrainedIPAddressFamily, 1) } ASN1_SEQUENCE_END(ResourceBlock); -typedef struct { - ASN1_IA5STRING *fileName; - ASN1_OCTET_STRING *hash; -} FileNameAndHash; - -DECLARE_STACK_OF(FileNameAndHash); - -#ifndef DEFINE_STACK_OF -#define sk_ConstrainedIPAddressFamily_num(sk) \ - SKM_sk_num(ConstrainedIPAddressFamily, (sk)) -#define sk_ConstrainedIPAddressFamily_value(sk, i) \ - SKM_sk_value(ConstrainedIPAddressFamily, (sk), (i)) - -#define sk_FileNameAndHash_num(sk) SKM_sk_num(FileNameAndHash, (sk)) -#define sk_FileNameAndHash_value(sk, i) SKM_sk_value(FileNameAndHash, (sk), (i)) -#endif - ASN1_SEQUENCE(FileNameAndHash) = { ASN1_OPT(FileNameAndHash, fileName, ASN1_IA5STRING), ASN1_SIMPLE(FileNameAndHash, hash, ASN1_OCTET_STRING), } ASN1_SEQUENCE_END(FileNameAndHash); -typedef struct { - ASN1_INTEGER *version; - ResourceBlock *resources; - X509_ALGOR *digestAlgorithm; - STACK_OF(FileNameAndHash) *checkList; -} RpkiSignedChecklist; - ASN1_SEQUENCE(RpkiSignedChecklist) = { ASN1_EXP_OPT(RpkiSignedChecklist, version, ASN1_INTEGER, 0), ASN1_SIMPLE(RpkiSignedChecklist, resources, ResourceBlock), @@ -118,8 +77,8 @@ ASN1_SEQUENCE(RpkiSignedChecklist) = { ASN1_SEQUENCE_OF(RpkiSignedChecklist, checkList, FileNameAndHash), } ASN1_SEQUENCE_END(RpkiSignedChecklist); -DECLARE_ASN1_FUNCTIONS(RpkiSignedChecklist); IMPLEMENT_ASN1_FUNCTIONS(RpkiSignedChecklist); + /* * Parse asID (inside ResourceBlock) Index: spl.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/spl.c,v diff -u -p -r1.13 spl.c --- spl.c 1 Aug 2025 14:57:15 -0000 1.13 +++ spl.c 19 Aug 2025 10:05:16 -0000 @@ -34,51 +34,26 @@ #include "extern.h" /* - * Types and templates for the SPL eContent. + * SPL eContent definition in draft-ietf-sidrops-rpki-prefixlist-04 section 3. */ ASN1_ITEM_EXP AddressFamilyPrefixes_it; ASN1_ITEM_EXP SignedPrefixList_it; -DECLARE_STACK_OF(ASN1_BIT_STRING); - -typedef struct { - ASN1_OCTET_STRING *addressFamily; - STACK_OF(ASN1_BIT_STRING) *addressPrefixes; -} AddressFamilyPrefixes; - -DECLARE_STACK_OF(AddressFamilyPrefixes); - ASN1_SEQUENCE(AddressFamilyPrefixes) = { ASN1_SIMPLE(AddressFamilyPrefixes, addressFamily, ASN1_OCTET_STRING), ASN1_SEQUENCE_OF(AddressFamilyPrefixes, addressPrefixes, ASN1_BIT_STRING), } ASN1_SEQUENCE_END(AddressFamilyPrefixes); -#ifndef DEFINE_STACK_OF -#define sk_ASN1_BIT_STRING_num(st) SKM_sk_num(ASN1_BIT_STRING, (st)) -#define sk_ASN1_BIT_STRING_value(st, i) SKM_sk_value(ASN1_BIT_STRING, (st), (i)) - -#define sk_AddressFamilyPrefixes_num(st) \ - SKM_sk_num(AddressFamilyPrefixes, (st)) -#define sk_AddressFamilyPrefixes_value(st, i) \ - SKM_sk_value(AddressFamilyPrefixes, (st), (i)) -#endif - -typedef struct { - ASN1_INTEGER *version; - ASN1_INTEGER *asid; - STACK_OF(AddressFamilyPrefixes) *prefixBlocks; -} SignedPrefixList; - ASN1_SEQUENCE(SignedPrefixList) = { ASN1_EXP_OPT(SignedPrefixList, version, ASN1_INTEGER, 0), ASN1_SIMPLE(SignedPrefixList, asid, ASN1_INTEGER), ASN1_SEQUENCE_OF(SignedPrefixList, prefixBlocks, AddressFamilyPrefixes) } ASN1_SEQUENCE_END(SignedPrefixList); -DECLARE_ASN1_FUNCTIONS(SignedPrefixList); IMPLEMENT_ASN1_FUNCTIONS(SignedPrefixList); + /* * Comparator to help sorting elements in SPL prefixBlocks and VSPs. Index: tak.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/tak.c,v diff -u -p -r1.26 tak.c --- tak.c 1 Aug 2025 14:57:15 -0000 1.26 +++ tak.c 19 Aug 2025 10:05:16 -0000 @@ -34,32 +34,12 @@ #include "extern.h" /* - * ASN.1 templates for Trust Anchor Keys (RFC 9691) + * TAK eContent definition in RFC 9691 section 2. */ ASN1_ITEM_EXP TAKey_it; ASN1_ITEM_EXP TAK_it; -DECLARE_STACK_OF(ASN1_IA5STRING); - -#ifndef DEFINE_STACK_OF -#define sk_ASN1_IA5STRING_num(st) SKM_sk_num(ASN1_IA5STRING, (st)) -#define sk_ASN1_IA5STRING_value(st, i) SKM_sk_value(ASN1_IA5STRING, (st), (i)) -#endif - -typedef struct { - STACK_OF(ASN1_UTF8STRING) *comments; - STACK_OF(ASN1_IA5STRING) *certificateURIs; - X509_PUBKEY *subjectPublicKeyInfo; -} TAKey; - -typedef struct { - ASN1_INTEGER *version; - TAKey *current; - TAKey *predecessor; - TAKey *successor; -} TAK; - ASN1_SEQUENCE(TAKey) = { ASN1_SEQUENCE_OF(TAKey, comments, ASN1_UTF8STRING), ASN1_SEQUENCE_OF(TAKey, certificateURIs, ASN1_IA5STRING), @@ -73,8 +53,8 @@ ASN1_SEQUENCE(TAK) = { ASN1_EXP_OPT(TAK, successor, TAKey, 1), } ASN1_SEQUENCE_END(TAK); -DECLARE_ASN1_FUNCTIONS(TAK); IMPLEMENT_ASN1_FUNCTIONS(TAK); + /* * On success return pointer to allocated & valid takey structure,