cmpv2 0.2.0

Pure Rust implementation of the Certificate Management Protocol (CMP) as described in RFC 4210
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

//! Certificate key pair-related types

use alloc::{boxed::Box, vec::Vec};
use der::{Choice, Sequence};

use crmf::controls::{EncryptedValue, PkiPublicationInfo};

use crate::header::CmpCertificate;
use crate::status::PkiStatusInfo;

/// The `CertifiedKeyPair` type is defined in [RFC 4210 Section 5.3.4]
///
/// ```text
///  CertifiedKeyPair ::= SEQUENCE {
///      certOrEncCert       CertOrEncCert,
///      privateKey      [0] EncryptedValue      OPTIONAL,
///      publicationInfo [1] PKIPublicationInfo  OPTIONAL }
/// ```
///
/// [RFC 4210 Section 5.3.4]: https://www.rfc-editor.org/rfc/rfc4210#section-5.3.4
#[derive(Clone, Debug, Eq, PartialEq, Sequence)]
#[allow(missing_docs)]
pub struct CertifiedKeyPair {
    pub cert_or_enc_cert: CertOrEncCert,
    #[asn1(
        context_specific = "0",
        tag_mode = "EXPLICIT",
        constructed = "true",
        optional = "true"
    )]
    pub priv_key: Option<EncryptedValue>,
    #[asn1(
        context_specific = "1",
        tag_mode = "EXPLICIT",
        constructed = "true",
        optional = "true"
    )]
    pub publication_info: Option<PkiPublicationInfo>,
}

/// The `CertOrEncCert` type is defined in [RFC 4210 Section 5.3.4]
///
/// ```text
///  CertOrEncCert ::= CHOICE {
///      certificate     [0] CMPCertificate,
///      encryptedCert   [1] EncryptedValue }
/// ```
///
/// [RFC 4210 Section 5.3.4]: https://www.rfc-editor.org/rfc/rfc4210#section-5.3.4
#[derive(Clone, Debug, Eq, PartialEq, Choice)]
#[allow(missing_docs)]
pub enum CertOrEncCert {
    #[asn1(context_specific = "0", tag_mode = "EXPLICIT", constructed = "true")]
    Certificate(Box<CmpCertificate>),

    #[asn1(context_specific = "1", tag_mode = "EXPLICIT", constructed = "true")]
    EncryptedCert(Box<EncryptedValue>),
}

/// The `KeyRecRepContent` type is defined in [RFC 4210 Section 5.3.8]
///
/// ```text
///  KeyRecRepContent ::= SEQUENCE {
///      status                  PKIStatusInfo,
///      newSigCert          [0] CMPCertificate OPTIONAL,
///      caCerts             [1] SEQUENCE SIZE (1..MAX) OF
///                                       CMPCertificate OPTIONAL,
///      keyPairHist         [2] SEQUENCE SIZE (1..MAX) OF
///                                       CertifiedKeyPair OPTIONAL }
/// ```
///
/// [RFC 4210 Section 5.3.8]: https://www.rfc-editor.org/rfc/rfc4210#section-5.3.8
#[derive(Clone, Debug, Eq, PartialEq, Sequence)]
#[allow(missing_docs)]
pub struct KeyRecRepContent<'a> {
    pub status: PkiStatusInfo<'a>,
    #[asn1(
        context_specific = "0",
        tag_mode = "EXPLICIT",
        constructed = "true",
        optional = "true"
    )]
    pub new_sig_cert: Option<CmpCertificate>,
    #[asn1(
        context_specific = "1",
        tag_mode = "EXPLICIT",
        constructed = "true",
        optional = "true"
    )]
    pub ca_certs: Option<Vec<CmpCertificate>>,
    #[asn1(
        context_specific = "2",
        tag_mode = "EXPLICIT",
        constructed = "true",
        optional = "true"
    )]
    pub key_pair_hist: Option<Vec<CertifiedKeyPair>>,
}