ASN.1 templates for manifests

svn path=/rcynic/rcynic.c; revision=1894

1 files changed, 36 insertions, 0 deletions

diff --git a/rcynic/rcynic.c b/rcynic/rcynic.c
index 63888e88..e7babe81 100644
--- a/rcynic/rcynic.c
+++ b/rcynic/rcynic.c
@@ -51,6 +51,7 @@
 #include <openssl/safestack.h>
 #include <openssl/conf.h>
 #include <openssl/rand.h>
+#include <openssl/asn1t.h>
 
 #ifndef FILENAME_MAX
 #define	FILENAME_MAX	1024
@@ -237,6 +238,41 @@ static const char svn_id[] = "$Id$";
 
 
 /*
+ * ASN.1 templates for signed manifests.  Not sure that ASN1_EXP_OPT()
+ * is the right macro for "version", but it's what the examples for
+ * this construction use.  Probably doesn't matter since this program
+ * only decodes manifests, never encodes them.
+ */
+
+typedef struct FileAndHash_st {
+  ASN1_IA5STRING *file;
+  ASN1_BIT_STRING *hash;
+} FileAndHash;
+
+ASN1_SEQUENCE(FileAndHash) = {
+  ASN1_SIMPLE(FileAndHash, file, ASN1_IA5STRING),
+  ASN1_SIMPLE(FileAndHash, hash, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(FileAndHash)
+
+typedef struct Manifest_st {
+  ASN1_INTEGER *version, *manifestNumber;
+  ASN1_GENERALIZEDTIME *thisUpdate, *nextUpdate;
+  ASN1_OBJECT *fileHashAlg;
+  FileAndHash *fileList;
+} Manifest;
+
+ASN1_SEQUENCE(Manifest) = {
+  ASN1_EXP_OPT(Manifest, version, ASN1_INTEGER, 0),
+  ASN1_SIMPLE(Manifest, manifestNumber, ASN1_INTEGER),
+  ASN1_SIMPLE(Manifest, thisUpdate, ASN1_GENERALIZEDTIME),
+  ASN1_SIMPLE(Manifest, nextUpdate, ASN1_GENERALIZEDTIME),
+  ASN1_SIMPLE(Manifest, fileHashAlg, ASN1_OBJECT),
+  ASN1_SEQUENCE_OF(Manifest, fileList, FileAndHash)
+} ASN1_SEQUENCE_END(Manifest)
+
+
+
+/*
  * Logging.
  */
 static void logmsg(const rcynic_ctx_t *rc,