Commit a61b7f2f authored by David von Oheimb's avatar David von Oheimb Committed by Matt Caswell
Browse files

2nd chunk: CRMF code (crypto/crmf/, ) and its integration 


in INSTALL, Configure, crypto/build.info, include/openssl/crmferr.h,
crypto/err/, include/openssl/err.h, and (to be updated:) util/libcrypto.num

Reviewed-by: default avatarBernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7646)
parent 2a3b52ea

Configure

+1 −0
Original line number Diff line number Diff line
@@ -349,6 +349,7 @@ my @disablables = ( 
    "cmac",

    "cms",

    "comp",

    "crmf",

    "crypto-mdebug",

    "crypto-mdebug-backtrace",

    "ct",

crypto/build.info

+1 −1
Original line number Diff line number Diff line
@@ -5,7 +5,7 @@ SUBDIRS=objects buffer bio stack lhash rand evp asn1 pem x509 x509v3 conf \ 
        md2 md4 md5 sha mdc2 gmac hmac ripemd whrlpool poly1305 blake2 \

        siphash sm3 des aes rc2 rc4 rc5 idea aria bf cast camellia \

        seed sm4 chacha modes bn ec rsa dsa dh sm2 dso engine \

        err comp ocsp cms ts srp cmac ct async kmac ess

        err comp ocsp cms ts srp cmac ct async kmac ess crmf



LIBS=../libcrypto

# The Core

crypto/crmf/build.info

0 → 100644
+2 −0
Original line number Diff line number Diff line 
LIBS=../../libcrypto

SOURCE[../../libcrypto]=crmf_asn.c crmf_err.c crmf_lib.c crmf_pbm.c

crypto/crmf/crmf_asn.c

0 → 100644
+240 −0
Original line number Diff line number Diff line 
/*-

 * Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.

 * Copyright Nokia 2007-2018

 * Copyright Siemens AG 2015-2018

 *

 * Licensed under the OpenSSL license (the "License").  You may not use

 * this file except in compliance with the License.  You can obtain a copy

 * in the file LICENSE in the source distribution or at

 * https://www.openssl.org/source/license.html

 *

 * CRMF implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb.

 */



#include <openssl/asn1t.h>



#include "crmf_int.h"



/* explicit #includes not strictly needed since implied by the above: */

#include <openssl/crmf.h>



ASN1_SEQUENCE(OSSL_CRMF_PRIVATEKEYINFO) = {

    ASN1_SIMPLE(OSSL_CRMF_PRIVATEKEYINFO, version, ASN1_INTEGER),

    ASN1_SIMPLE(OSSL_CRMF_PRIVATEKEYINFO, privateKeyAlgorithm, X509_ALGOR),

    ASN1_SIMPLE(OSSL_CRMF_PRIVATEKEYINFO, privateKey, ASN1_OCTET_STRING),

    ASN1_IMP_SET_OF_OPT(OSSL_CRMF_PRIVATEKEYINFO, attributes, X509_ATTRIBUTE, 0)

} ASN1_SEQUENCE_END(OSSL_CRMF_PRIVATEKEYINFO)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_PRIVATEKEYINFO)





ASN1_CHOICE(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER) = {

    ASN1_SIMPLE(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER, value.string, ASN1_UTF8STRING),

    ASN1_SIMPLE(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER, value.generalName, GENERAL_NAME)

} ASN1_CHOICE_END(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER)





ASN1_SEQUENCE(OSSL_CRMF_ENCKEYWITHID) = {

    ASN1_SIMPLE(OSSL_CRMF_ENCKEYWITHID, privateKey, OSSL_CRMF_PRIVATEKEYINFO),

    ASN1_OPT(OSSL_CRMF_ENCKEYWITHID, identifier,

             OSSL_CRMF_ENCKEYWITHID_IDENTIFIER)

} ASN1_SEQUENCE_END(OSSL_CRMF_ENCKEYWITHID)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_ENCKEYWITHID)





ASN1_SEQUENCE(OSSL_CRMF_CERTID) = {

    ASN1_SIMPLE(OSSL_CRMF_CERTID, issuer, GENERAL_NAME),

    ASN1_SIMPLE(OSSL_CRMF_CERTID, serialNumber, ASN1_INTEGER)

} ASN1_SEQUENCE_END(OSSL_CRMF_CERTID)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_CERTID)

IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTID)





ASN1_SEQUENCE(OSSL_CRMF_ENCRYPTEDVALUE) = {

    ASN1_IMP_OPT(OSSL_CRMF_ENCRYPTEDVALUE, intendedAlg, X509_ALGOR, 0),

    ASN1_IMP_OPT(OSSL_CRMF_ENCRYPTEDVALUE, symmAlg, X509_ALGOR, 1),

    ASN1_IMP_OPT(OSSL_CRMF_ENCRYPTEDVALUE, encSymmKey, ASN1_BIT_STRING, 2),

    ASN1_IMP_OPT(OSSL_CRMF_ENCRYPTEDVALUE, keyAlg, X509_ALGOR, 3),

    ASN1_IMP_OPT(OSSL_CRMF_ENCRYPTEDVALUE, valueHint, ASN1_OCTET_STRING, 4),

    ASN1_SIMPLE(OSSL_CRMF_ENCRYPTEDVALUE, encValue, ASN1_BIT_STRING)

} ASN1_SEQUENCE_END(OSSL_CRMF_ENCRYPTEDVALUE)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDVALUE)



ASN1_SEQUENCE(OSSL_CRMF_SINGLEPUBINFO) = {

    ASN1_SIMPLE(OSSL_CRMF_SINGLEPUBINFO, pubMethod, ASN1_INTEGER),

    ASN1_SIMPLE(OSSL_CRMF_SINGLEPUBINFO, pubLocation, GENERAL_NAME)

} ASN1_SEQUENCE_END(OSSL_CRMF_SINGLEPUBINFO)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_SINGLEPUBINFO)





ASN1_SEQUENCE(OSSL_CRMF_PKIPUBLICATIONINFO) = {

    ASN1_SIMPLE(OSSL_CRMF_PKIPUBLICATIONINFO, action, ASN1_INTEGER),

    ASN1_SEQUENCE_OF_OPT(OSSL_CRMF_PKIPUBLICATIONINFO, pubInfos,

                         OSSL_CRMF_SINGLEPUBINFO)

} ASN1_SEQUENCE_END(OSSL_CRMF_PKIPUBLICATIONINFO)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_PKIPUBLICATIONINFO)

IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CRMF_PKIPUBLICATIONINFO)





ASN1_SEQUENCE(OSSL_CRMF_PKMACVALUE) = {

    ASN1_SIMPLE(OSSL_CRMF_PKMACVALUE, algId, X509_ALGOR),

    ASN1_SIMPLE(OSSL_CRMF_PKMACVALUE, value, ASN1_BIT_STRING)

} ASN1_SEQUENCE_END(OSSL_CRMF_PKMACVALUE)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_PKMACVALUE)





ASN1_CHOICE(OSSL_CRMF_POPOPRIVKEY) = {

    ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.thisMessage, ASN1_BIT_STRING, 0),

    ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.subsequentMessage, ASN1_INTEGER, 1),

    ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.dhMAC, ASN1_BIT_STRING, 2),

    ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.agreeMAC, OSSL_CRMF_PKMACVALUE, 3),

    /*

     * TODO: This is not ASN1_NULL but CMS_ENVELOPEDDATA which should be somehow

     * taken from crypto/cms which exists now - this is not used anywhere so far

     */

    ASN1_IMP(OSSL_CRMF_POPOPRIVKEY, value.encryptedKey, ASN1_NULL, 4),

} ASN1_CHOICE_END(OSSL_CRMF_POPOPRIVKEY)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPOPRIVKEY)





ASN1_SEQUENCE(OSSL_CRMF_PBMPARAMETER) = {

    ASN1_SIMPLE(OSSL_CRMF_PBMPARAMETER, salt, ASN1_OCTET_STRING),

    ASN1_SIMPLE(OSSL_CRMF_PBMPARAMETER, owf, X509_ALGOR),

    ASN1_SIMPLE(OSSL_CRMF_PBMPARAMETER, iterationCount, ASN1_INTEGER),

    ASN1_SIMPLE(OSSL_CRMF_PBMPARAMETER, mac, X509_ALGOR)

} ASN1_SEQUENCE_END(OSSL_CRMF_PBMPARAMETER)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_PBMPARAMETER)





ASN1_CHOICE(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO) = {

    ASN1_EXP(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO, value.sender,

             GENERAL_NAME, 0),

    ASN1_SIMPLE(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO, value.publicKeyMAC,

                OSSL_CRMF_PKMACVALUE)

} ASN1_CHOICE_END(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO)





ASN1_SEQUENCE(OSSL_CRMF_POPOSIGNINGKEYINPUT) = {

    ASN1_SIMPLE(OSSL_CRMF_POPOSIGNINGKEYINPUT, authInfo,

                OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO),

    ASN1_SIMPLE(OSSL_CRMF_POPOSIGNINGKEYINPUT, publicKey, X509_PUBKEY)

} ASN1_SEQUENCE_END(OSSL_CRMF_POPOSIGNINGKEYINPUT)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEYINPUT)





ASN1_SEQUENCE(OSSL_CRMF_POPOSIGNINGKEY) = {

    ASN1_IMP_OPT(OSSL_CRMF_POPOSIGNINGKEY, poposkInput,

                 OSSL_CRMF_POPOSIGNINGKEYINPUT, 0),

    ASN1_SIMPLE(OSSL_CRMF_POPOSIGNINGKEY, algorithmIdentifier, X509_ALGOR),

    ASN1_SIMPLE(OSSL_CRMF_POPOSIGNINGKEY, signature, ASN1_BIT_STRING)

} ASN1_SEQUENCE_END(OSSL_CRMF_POPOSIGNINGKEY)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEY)





ASN1_CHOICE(OSSL_CRMF_POPO) = {

    ASN1_IMP(OSSL_CRMF_POPO, value.raVerified, ASN1_NULL, 0),

    ASN1_IMP(OSSL_CRMF_POPO, value.signature, OSSL_CRMF_POPOSIGNINGKEY, 1),

    ASN1_EXP(OSSL_CRMF_POPO, value.keyEncipherment, OSSL_CRMF_POPOPRIVKEY, 2),

    ASN1_EXP(OSSL_CRMF_POPO, value.keyAgreement, OSSL_CRMF_POPOPRIVKEY, 3)

} ASN1_CHOICE_END(OSSL_CRMF_POPO)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPO)





ASN1_ADB_TEMPLATE(attributetypeandvalue_default) = ASN1_OPT(

        OSSL_CRMF_ATTRIBUTETYPEANDVALUE, value.other, ASN1_ANY);

ASN1_ADB(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) = {

    ADB_ENTRY(NID_id_regCtrl_regToken,

              ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE,

                          value.regToken, ASN1_UTF8STRING)),

    ADB_ENTRY(NID_id_regCtrl_authenticator,

              ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE,

                          value.authenticator, ASN1_UTF8STRING)),

    ADB_ENTRY(NID_id_regCtrl_pkiPublicationInfo,

              ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE,

                          value.pkiPublicationInfo,

                          OSSL_CRMF_PKIPUBLICATIONINFO)),

    ADB_ENTRY(NID_id_regCtrl_oldCertID,

              ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE,

                          value.oldCertID, OSSL_CRMF_CERTID)),

    ADB_ENTRY(NID_id_regCtrl_protocolEncrKey,

              ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE,

                          value.protocolEncrKey, X509_PUBKEY)),

    ADB_ENTRY(NID_id_regInfo_utf8Pairs,

              ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE,

                          value.utf8Pairs, ASN1_UTF8STRING)),

    ADB_ENTRY(NID_id_regInfo_certReq,

              ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE,

                          value.certReq, OSSL_CRMF_CERTREQUEST)),

} ASN1_ADB_END(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, 0, type, 0,

               &attributetypeandvalue_default_tt, NULL);





ASN1_SEQUENCE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) = {

    ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, type, ASN1_OBJECT),

    ASN1_ADB_OBJECT(OSSL_CRMF_ATTRIBUTETYPEANDVALUE)

} ASN1_SEQUENCE_END(OSSL_CRMF_ATTRIBUTETYPEANDVALUE)



IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_ATTRIBUTETYPEANDVALUE)

IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CRMF_ATTRIBUTETYPEANDVALUE)





ASN1_SEQUENCE(OSSL_CRMF_OPTIONALVALIDITY) = {

    ASN1_EXP_OPT(OSSL_CRMF_OPTIONALVALIDITY, notBefore, ASN1_TIME, 0),

    ASN1_EXP_OPT(OSSL_CRMF_OPTIONALVALIDITY, notAfter,  ASN1_TIME, 1)

} ASN1_SEQUENCE_END(OSSL_CRMF_OPTIONALVALIDITY)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_OPTIONALVALIDITY)





ASN1_SEQUENCE(OSSL_CRMF_CERTTEMPLATE) = {

    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, version,      ASN1_INTEGER, 0),

    /*

     * serialNumber MUST be omitted. This field is assigned by the CA

     * during certificate creation.

     */

    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, serialNumber, ASN1_INTEGER, 1),

    /*

     * signingAlg MUST be omitted. This field is assigned by the CA

     * during certificate creation.

     */

    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, signingAlg,   X509_ALGOR, 2),

    ASN1_EXP_OPT(OSSL_CRMF_CERTTEMPLATE, issuer,       X509_NAME, 3),

    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, validity,

                 OSSL_CRMF_OPTIONALVALIDITY, 4),

    ASN1_EXP_OPT(OSSL_CRMF_CERTTEMPLATE, subject,      X509_NAME, 5),

    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, publicKey,    X509_PUBKEY, 6),

    /* issuerUID is deprecated in version 2 */

    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, issuerUID,    ASN1_BIT_STRING, 7),

    /* subjectUID is deprecated in version 2 */

    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, subjectUID,   ASN1_BIT_STRING, 8),

    ASN1_IMP_SEQUENCE_OF_OPT(OSSL_CRMF_CERTTEMPLATE, extensions,

                             X509_EXTENSION, 9),

} ASN1_SEQUENCE_END(OSSL_CRMF_CERTTEMPLATE)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_CERTTEMPLATE)





ASN1_SEQUENCE(OSSL_CRMF_CERTREQUEST) = {

    ASN1_SIMPLE(OSSL_CRMF_CERTREQUEST, certReqId, ASN1_INTEGER),

    ASN1_SIMPLE(OSSL_CRMF_CERTREQUEST, certTemplate, OSSL_CRMF_CERTTEMPLATE),

    ASN1_SEQUENCE_OF_OPT(OSSL_CRMF_CERTREQUEST, controls,

                         OSSL_CRMF_ATTRIBUTETYPEANDVALUE)

} ASN1_SEQUENCE_END(OSSL_CRMF_CERTREQUEST)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_CERTREQUEST)

IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTREQUEST)





ASN1_SEQUENCE(OSSL_CRMF_MSG) = {

    ASN1_SIMPLE(OSSL_CRMF_MSG, certReq, OSSL_CRMF_CERTREQUEST),

    ASN1_OPT(OSSL_CRMF_MSG, popo, OSSL_CRMF_POPO),

    ASN1_SEQUENCE_OF_OPT(OSSL_CRMF_MSG, regInfo,

                         OSSL_CRMF_ATTRIBUTETYPEANDVALUE)

} ASN1_SEQUENCE_END(OSSL_CRMF_MSG)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_MSG)





ASN1_ITEM_TEMPLATE(OSSL_CRMF_MSGS) =

    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,

                          OSSL_CRMF_MSGS, OSSL_CRMF_MSG)

    ASN1_ITEM_TEMPLATE_END(OSSL_CRMF_MSGS)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_MSGS)

crypto/crmf/crmf_err.c

0 → 100644
+104 −0
Original line number Diff line number Diff line 
/*

 * Generated by util/mkerr.pl DO NOT EDIT

 * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.

 *

 * Licensed under the OpenSSL license (the "License").  You may not use

 * this file except in compliance with the License.  You can obtain a copy

 * in the file LICENSE in the source distribution or at

 * https://www.openssl.org/source/license.html

 */



#include <openssl/err.h>

#include <openssl/crmferr.h>



#ifndef OPENSSL_NO_ERR



static const ERR_STRING_DATA CRMF_str_functs[] = {

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_CRMF_POPOSIGNINGKEY_INIT, 0),

     "CRMF_poposigningkey_init"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_CERTID_GEN, 0),

     "OSSL_CRMF_CERTID_gen"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_CERTTEMPLATE_FILL, 0),

     "OSSL_CRMF_CERTTEMPLATE_fill"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, 0),

     "OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, 0),

     "OSSL_CRMF_MSGS_verify_popo"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_CREATE_POPO, 0),

     "OSSL_CRMF_MSG_create_popo"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_GET0_TMPL, 0),

     "OSSL_CRMF_MSG_get0_tmpl"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_GET_CERTREQID, 0),

     "OSSL_CRMF_MSG_get_certReqId"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO, 0),

     "OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_PUSH0_EXTENSION, 0),

     "OSSL_CRMF_MSG_push0_extension"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_PUSH0_REGCTRL, 0),

     "OSSL_CRMF_MSG_push0_regCtrl"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_PUSH0_REGINFO, 0),

     "OSSL_CRMF_MSG_push0_regInfo"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_SET0_EXTENSIONS, 0),

     "OSSL_CRMF_MSG_set0_extensions"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_SET0_SINGLEPUBINFO, 0),

     "OSSL_CRMF_MSG_set0_SinglePubInfo"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_SET_CERTREQID, 0),

     "OSSL_CRMF_MSG_set_certReqId"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_SET_PKIPUBLICATIONINFO_ACTION, 0),

     "OSSL_CRMF_MSG_set_PKIPublicationInfo_action"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_MSG_SET_VALIDITY, 0),

     "OSSL_CRMF_MSG_set_validity"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_PBMP_NEW, 0),

     "OSSL_CRMF_pbmp_new"},

    {ERR_PACK(ERR_LIB_CRMF, CRMF_F_OSSL_CRMF_PBM_NEW, 0), "OSSL_CRMF_pbm_new"},

    {0, NULL}

};



static const ERR_STRING_DATA CRMF_str_reasons[] = {

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_BAD_PBM_ITERATIONCOUNT),

    "bad pbm iterationcount"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_CRMFERROR), "crmferror"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_ERROR), "error"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_ERROR_DECODING_CERTIFICATE),

    "error decoding certificate"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_ERROR_DECRYPTING_CERTIFICATE),

    "error decrypting certificate"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY),

    "error decrypting symmetric key"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_FAILURE_OBTAINING_RANDOM),

    "failure obtaining random"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_ITERATIONCOUNT_BELOW_100),

    "iterationcount below 100"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_MALFORMED_IV), "malformed iv"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_NULL_ARGUMENT), "null argument"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_SETTING_MAC_ALGOR_FAILURE),

    "setting mac algor failure"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_SETTING_OWF_ALGOR_FAILURE),

    "setting owf algor failure"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_ALGORITHM),

    "unsupported algorithm"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY),

    "unsupported alg for popsigningkey"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_CIPHER),

    "unsupported cipher"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO),

    "unsupported method for creating popo"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_POPO_METHOD),

    "unsupported popo method"},

    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_UNSUPPORTED_POPO_NOT_ACCEPTED),

    "unsupported popo not accepted"},

    {0, NULL}

};



#endif



int ERR_load_CRMF_strings(void)

{

#ifndef OPENSSL_NO_ERR

    if (ERR_func_error_string(CRMF_str_functs[0].error) == NULL) {

        ERR_load_strings_const(CRMF_str_functs);

        ERR_load_strings_const(CRMF_str_reasons);

    }

#endif

    return 1;

}