forked from TrueCloudLab/certificates
19f0397fe9
Apparently the existing library works out of the box, after all. We'll have to see how it works out continuing forward.
56 lines
1.3 KiB
Go
56 lines
1.3 KiB
Go
package scep
|
|
|
|
import (
|
|
"crypto/x509"
|
|
"encoding/asn1"
|
|
|
|
microscep "github.com/micromdm/scep/scep"
|
|
|
|
//"github.com/smallstep/certificates/scep/pkcs7"
|
|
|
|
"go.mozilla.org/pkcs7"
|
|
)
|
|
|
|
// SCEP OIDs
|
|
var (
|
|
oidSCEPmessageType = asn1.ObjectIdentifier{2, 16, 840, 1, 113733, 1, 9, 2}
|
|
oidSCEPpkiStatus = asn1.ObjectIdentifier{2, 16, 840, 1, 113733, 1, 9, 3}
|
|
oidSCEPfailInfo = asn1.ObjectIdentifier{2, 16, 840, 1, 113733, 1, 9, 4}
|
|
oidSCEPsenderNonce = asn1.ObjectIdentifier{2, 16, 840, 1, 113733, 1, 9, 5}
|
|
oidSCEPrecipientNonce = asn1.ObjectIdentifier{2, 16, 840, 1, 113733, 1, 9, 6}
|
|
oidSCEPtransactionID = asn1.ObjectIdentifier{2, 16, 840, 1, 113733, 1, 9, 7}
|
|
oidChallengePassword = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 9, 7}
|
|
)
|
|
|
|
// PKIMessage defines the possible SCEP message types
|
|
type PKIMessage struct {
|
|
microscep.TransactionID
|
|
microscep.MessageType
|
|
microscep.SenderNonce
|
|
*microscep.CSRReqMessage
|
|
|
|
*CertRepMessage
|
|
|
|
// DER Encoded PKIMessage
|
|
Raw []byte
|
|
|
|
// parsed
|
|
p7 *pkcs7.PKCS7
|
|
|
|
// decrypted enveloped content
|
|
pkiEnvelope []byte
|
|
|
|
// Used to sign message
|
|
Recipients []*x509.Certificate
|
|
}
|
|
|
|
// CertRepMessage is a type of PKIMessage
|
|
type CertRepMessage struct {
|
|
microscep.PKIStatus
|
|
microscep.RecipientNonce
|
|
microscep.FailInfo
|
|
|
|
Certificate *x509.Certificate
|
|
|
|
degenerate []byte
|
|
}
|