mirror of
https://github.com/smallstep/certificates.git
synced 2024-10-31 03:20:16 +00:00
19f0397fe9
Apparently the existing library works out of the box, after all. We'll have to see how it works out continuing forward.
57 lines
1.3 KiB
Go
57 lines
1.3 KiB
Go
package scep
|
|
|
|
import (
|
|
"crypto/x509"
|
|
"encoding/asn1"
|
|
|
|
microscep "github.com/micromdm/scep/scep"
|
|
|
|
//"github.com/smallstep/certificates/scep/pkcs7"
|
|
|
|
"go.mozilla.org/pkcs7"
|
|
)
|
|
|
|
// SCEP OIDs
|
|
var (
|
|
oidSCEPmessageType = asn1.ObjectIdentifier{2, 16, 840, 1, 113733, 1, 9, 2}
|
|
oidSCEPpkiStatus = asn1.ObjectIdentifier{2, 16, 840, 1, 113733, 1, 9, 3}
|
|
oidSCEPfailInfo = asn1.ObjectIdentifier{2, 16, 840, 1, 113733, 1, 9, 4}
|
|
oidSCEPsenderNonce = asn1.ObjectIdentifier{2, 16, 840, 1, 113733, 1, 9, 5}
|
|
oidSCEPrecipientNonce = asn1.ObjectIdentifier{2, 16, 840, 1, 113733, 1, 9, 6}
|
|
oidSCEPtransactionID = asn1.ObjectIdentifier{2, 16, 840, 1, 113733, 1, 9, 7}
|
|
oidChallengePassword = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 9, 7}
|
|
)
|
|
|
|
// PKIMessage defines the possible SCEP message types
|
|
type PKIMessage struct {
|
|
microscep.TransactionID
|
|
microscep.MessageType
|
|
microscep.SenderNonce
|
|
*microscep.CSRReqMessage
|
|
|
|
*CertRepMessage
|
|
|
|
// DER Encoded PKIMessage
|
|
Raw []byte
|
|
|
|
// parsed
|
|
p7 *pkcs7.PKCS7
|
|
|
|
// decrypted enveloped content
|
|
pkiEnvelope []byte
|
|
|
|
// Used to sign message
|
|
Recipients []*x509.Certificate
|
|
}
|
|
|
|
// CertRepMessage is a type of PKIMessage
|
|
type CertRepMessage struct {
|
|
microscep.PKIStatus
|
|
microscep.RecipientNonce
|
|
microscep.FailInfo
|
|
|
|
Certificate *x509.Certificate
|
|
|
|
degenerate []byte
|
|
}
|