/* Apr 30 1991 143U  */
/* Apr 30 1991 GARDINER made minor format fixes */
/* Apr 18 1991 135U  */
/* Apr 18 1991 GARDINER added extended RDN testing; revised struct eeprom; used offset for patch */
/* Apr 11 1991 133U  */
/* Apr 11 1991 GARDINER added patch; straightened out varflds. */
/* Feb 14 1991 108U  */
/* Feb 14 1991 GARDINER changed last_ia_tag, moved rpmcpc */
/* Dec 17 1990  76U  */
/* Dec 17 1990 GARDINER removed ex_pm_id stuff */
/* Dec 17 1990  74U  */
/* Dec 17 1990 GARDINER moved next_snum out of EEPROM's MAC */
/* Dec 13 1990  71U  */
/* Dec 13 1990 GARDINER added '$q)' for spec printing */
/* Dec 11 1990  66U  */
/* Dec 11 1990 GARDINER added eeprom->writes and define of max */
/* Dec 10 1990  64U  */
/* Dec  7 1990 GARDINER added min/max key size */
/* Nov  9 1990  53U  */
/* Nov  9 1990 GARDINER fixed comments, added PM_MAX_FLAG. End of contract */
/* Nov  2 1990  51U  */
/* Nov  2 1990 GARDINER misc changes */
/* Oct 18 1990  45U  */
/* Oct 18 1990 GARDINER changed to raw encryption; made general RSA msg */
/* Oct 10 1990  37U  */
/* Oct 10 1990 GARDINER starting */
/* sfcsid[] = "@(#)pm_eeprom.h 143P" */
#ifndef __pm_h
#include <pm.h>
#endif

#ifndef __asn_h
#include <asn.h>
#endif

 /* $q) */
#define MAX_EEPROM_WRITES 9900

struct eeprom	   	/* structure of data in EEPROM */
    {
    uchar mac[MACSIZE];      /* MAC on EEPROM */
    ushort writes;           /* count of writes to MAC */
    ulong pm_id,     	     /* ID of this PM */
        flags,     	     /* flags defined below */
        nonce,               /* latest nonce */
	spare[2];
    ushort last_ia_tag,      /* last issuing authority tag used */
	key_pr_size,         /* default size of key pairs to generate */
	min_key_size,        /* minimum  "   "   "   "     "   "      */
	max_key_size,        /* maximum  "   "   "   "     "   "      */
        patch,       	     /* offset to patch function for validate_ctf */
        xrdnp;               /*  "     "  table of extended RDN items */
    uchar copy_cik_secs,     /* # of seconds CIK may be removed to copy */
	cert_valid_mos,      /* # of months a certificate may be valid */
	next_crl_mos,        /* " "   " from current CRL till next */
	chk_date_yrs;        /* " "  years from last nonce */
    struct varfld pmpc,	     /* PM secret component, encrypted with PMSK */
	pmsc,		     /* PM public component */
    	rpmcpc,              /* RSADSI PM control public component */
	ias;	             /* variable number of ia_base structs. This
	                        must be the last item in vararea */
    uchar vararea[2];        /* area for variable-length fields */
    };

struct ia_eeprom
    {
    ulong ia_tag;       /* tag to find IA from tag in CIK */
    ushort iask_inst,   /* iask instance count */
        flags;	        /* same flags as for IA types in new_ia () */
    ulong lo_snum,      /* lowest authorized serial number */
        hi_snum;        /* highest  "          "      "  plus 1 */
		    /* NOTE: If hi_snum < lo_snum, none stored here */
    ulong notbefore,    /* issuer's earliest authorized date */
        notafter;       /*   "      latest       "       " */
    struct varfld ianame, /* IAName */
        iasc_pkg;       /* IASC package, encrypted with (IASK XOR PMSK) */
    uchar vararea[2];   /* area for variable-length fields */
    };                  
/* $k( */
struct ia_base	/* these start at VARADDR(eeprom,ias) and 'grow' upwards */
    {
    ushort offset,      /* IA's struct ia_eeprom starts at
                           &eo_eeprom[-((int)offset)] */
        count;          /* number of times next_snum has been written */
    ulong next_snum;    /* next authorized serial number (last + 1) */
    };

/* NOTE: The actual ia_eeprom structs 'grow' down from the highest EEPROM
  address. */
 /* $k)k( */
/* Exponents of flags defined for eeprom.flags */
#define PM_KEEP_AUTH  1	    /* store IA serial number authorizations */
#define PM_KEEP_COUNT 2     /*  " next   "      ", if PM_KEEP_AUTH */
#define PM_GEN_KEYPR  3	    /* authorized to generate key pairs */
#define PM_REUSE_IASK 4     /*   "        "  re-use IASK */
#define PM_CHK_SUBJ   5     /* PM must check subject name against IA */
#define PM_IASC_EEPR  6     /* " may store IASC package in EEPROM */
#define PM_IASC_WS    7     /* "  "  send   "    " to workstation */
#define PM_CHK_DATES  8     /* " must check all dates against last nonce */
#define PM_TOP_LEVEL  9     /* PM is for a top-level     authority */
#define PM_CTRL_AUTH  10    /* PM may have 1 control        "   */
#define PM_CROSS_CERT 11    /* PM  "   " a cross-certifying " */
#define PM_ANY_IA     12    /* PM  "   "   any issuing      " */
#define PM_IA_KIDS    13    /* PM "    " IAs descended from first */
#define PM_NOTARY     14    /* PM  "   " a notary authority */
#define PM_MAX_FLAG   14    /* must match highest flag # */
 /* $k) */