ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.subsequentMessage, ASN1_INTEGER, 1),
ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.dhMAC, ASN1_BIT_STRING, 2),
ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.agreeMAC, OSSL_CRMF_PKMACVALUE, 3),
- /*
- * TODO: This is not ASN1_NULL but CMS_ENVELOPEDDATA which should be somehow
- * taken from crypto/cms which exists now - this is not used anywhere so far
- */
ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.encryptedKey, ASN1_NULL, 4),
} ASN1_CHOICE_END(OSSL_CRMF_POPOPRIVKEY)
IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPOPRIVKEY)
return 0;
}
if (ps->poposkInput != NULL) {
- /* TODO: support cases 1+2 defined in RFC 4211, section 4.1 */
+ /* We do not support cases 1+2 defined in RFC 4211, section 4.1 */
ERR_raise(ERR_LIB_CRMF, CRMF_R_POPOSKINPUT_NOT_SUPPORTED);
return 0;
}
ERR_raise(ERR_LIB_CRMF, CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY);
return 0;
}
- /*
- * TODO check the contents of the authInfo sub-field,
- * see RFC 4211 https://tools.ietf.org/html/rfc4211#section-4.1
- */
it = ASN1_ITEM_rptr(OSSL_CRMF_POPOSIGNINGKEYINPUT);
asn = sig->poposkInput;
} else {
return 0;
break;
case OSSL_CRMF_POPO_KEYENC:
- /*
- * TODO: when OSSL_CMP_certrep_new() supports encrypted certs,
- * return 1 if the type of req->popo->value.keyEncipherment
- * is OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE and
- * its value.subsequentMessage == OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT
- */
case OSSL_CRMF_POPO_KEYAGREE:
default:
ERR_raise(ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_POPO_METHOD);
ASN1_INTEGER *subsequentMessage; /* 1 */
ASN1_BIT_STRING *dhMAC; /* 2 */ /* Deprecated */
OSSL_CRMF_PKMACVALUE *agreeMAC; /* 3 */
- /*
- * TODO: This is not ASN1_NULL but CMS_ENVELOPEDDATA which should be
- * somehow taken from crypto/cms which exists now
- * - this is not used anywhere so far
- */
ASN1_NULL *encryptedKey; /* 4 */
} value;
} OSSL_CRMF_POPOPRIVKEY;
struct ossl_crmf_certrequest_st {
ASN1_INTEGER *certReqId;
OSSL_CRMF_CERTTEMPLATE *certTemplate;
- /* TODO: make OSSL_CRMF_CONTROLS out of that - but only cosmetical */
STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *controls;
} /* OSSL_CRMF_CERTREQUEST */;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTREQUEST)
DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTREQUEST)
-/* TODO: isn't there a better way to have this for ANY type? */
struct ossl_crmf_attributetypeandvalue_st {
ASN1_OBJECT *type;
union {
* |outlen| if not NULL, will set variable to the length of the mac on success
* returns 1 on success, 0 on error
*/
-/* TODO try to combine with other MAC calculations in the libray */
int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq,
const OSSL_CRMF_PBMPARAMETER *pbmp,
const unsigned char *msg, size_t msglen,
ERR_raise(ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_ALGORITHM);
goto err;
}
- /* TODO generalize to non-HMAC: */
if (EVP_Q_mac(libctx, "HMAC", propq, hmac_mdname, NULL, basekey, bklen,
msg, msglen, mac_res, EVP_MAX_MD_SIZE, &maclen) == NULL)
goto err;