commit EST application/csrattr response for /csrattrs endpoint

synrc · Oct 24, 2024 · 3cb2bf2 · 3cb2bf2
1 parent b6b4405
commit 3cb2bf2
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 1 deletion.
diff --git a/lib/services/est.ex b/lib/services/est.ex
@@ -13,6 +13,25 @@ defmodule CA.EST do
   get  "/.well-known/est/csrattrs"       do CA.EST.Get.get(conn, [], "Authority", [], "ABAC") end
   put  "/.well-known/est/fullcmc"        do CA.EST.Put.put(conn, [], "Authority", [], "CMC") end
 
+  # See Page 36 of RFC 7030
+
+  # iex(37)> :"EST".decode(:CsrAttrs, y)
+  # {:ok,
+  #  [
+  #    oid: {1, 2, 840, 113549, 1, 9, 7},
+  #    attribute: {:Attribute, {1, 2, 840, 10045, 2, 1},
+  #     [<<6, 5, 43, 129, 4, 0, 34>>]},
+  #    attribute: {:Attribute, {1, 2, 840, 113549, 1, 9, 14},
+  #     [<<6, 7, 43, 6, 1, 1, 1, 1, 22>>]},
+  #    oid: {1, 2, 840, 10045, 4, 3, 3}
+  #  ]}
+  # iex(38)> y
+  # <<48, 65, 6, 9, 42, 134, 72, 134, 247, 13, 1, 9, 7, 48, 18, 6, 7, 42, 134, 72,
+  #   206, 61, 2, 1, 49, 7, 6, 5, 43, 129, 4, 0, 34, 48, 22, 6, 9, 42, 134, 72, 134,
+  #   247, 13, 1, 9, 14, 49, 9, 6, 7, ...>>
+  # iex(39)> x
+  # "MEEGCSqGSIb3DQEJBzASBgcqhkjOPQIBMQcGBSuBBAAiMBYGCSqGSIb3DQEJDjEJBgcrBgEBAQEWBggqhkjOPQQDAw=="
+
   match _ do send_resp(conn, 404, "Please refer to https://authority.erp.uno for more information.\n") end
   def encode(x) do
       case Jason.encode(x) do

diff --git a/lib/signing/CAdES.ex b/lib/signing/CAdES.ex
@@ -103,7 +103,7 @@ defmodule CA.CAdES do
 
   def parseCert(cert, []), do: parseCert(cert)
   def parseCert(cert, [si|_]) do
-      {:SignerInfo, _v, _serial, _alg, attrs, _, _, _} = si
+      {:SignerInfo, _v, serial, _alg, attrs, _, _, _} = si
       {:Certificate, a, _, _} = cert
       {:Certificate_toBeSigned, _ver, _sel, _alg, issuer, _val, issuee, _a, _b, _c, exts} = a
       extensions = :lists.map(fn {:Extension,code,_x,b} ->

diff --git a/priv/csr/EST.asn1 b/priv/csr/EST.asn1
@@ -0,0 +1,11 @@
+EST DEFINITIONS IMPLICIT TAGS ::= BEGIN
+
+    IMPORTS ATTRIBUTE FROM PKIX-CommonTypes-2009 ;
+
+    CsrAttrs ::= SEQUENCE SIZE (0..MAX) OF AttrOrOID
+    AttrOrOID ::= CHOICE { oid OBJECT IDENTIFIER, attribute Attribute }
+    Attribute ::= SEQUENCE {
+        type   ATTRIBUTE.&id,
+        values SET SIZE(1..MAX) OF ATTRIBUTE.&Type }
+
+END