1 /* 2 * Written by Dr Stephen N Henson ([email protected]) for the OpenSSL project 3 * 2006. 4 */ 5 /* ==================================================================== 6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * [email protected]. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * ([email protected]). This product includes software written by Tim 55 * Hudson ([email protected]). 56 * 57 */ 58 59 #ifndef OPENSSL_HEADER_ASN1_INTERNAL_H 60 #define OPENSSL_HEADER_ASN1_INTERNAL_H 61 62 #include <time.h> 63 64 #include <openssl/asn1.h> 65 #include <openssl/asn1t.h> 66 67 #if defined(__cplusplus) 68 extern "C" { 69 #endif 70 71 72 // Wrapper functions for time functions. 73 74 // OPENSSL_gmtime converts a time_t value in |time| which must be in the range 75 // of year 0000 to 9999 to a broken out time value in |tm|. On success |tm| is 76 // returned. On failure NULL is returned. 77 OPENSSL_EXPORT struct tm *OPENSSL_gmtime(const time_t *time, struct tm *result); 78 79 // OPENSSL_gmtime_adj returns one on success, and updates |tm| by adding 80 // |offset_day| days and |offset_sec| seconds. It returns zero on failure. |tm| 81 // must be in the range of year 0000 to 9999 both before and after the update or 82 // a failure will be returned. 83 OPENSSL_EXPORT int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, 84 int64_t offset_sec); 85 86 // OPENSSL_gmtime_diff calculates the difference between |from| and |to|. It 87 // returns one, and outputs the difference as a number of days and seconds in 88 // |*out_days| and |*out_secs| on success. It returns zero on failure. Both 89 // |from| and |to| must be in the range of year 0000 to 9999 or a failure will 90 // be returned. 91 OPENSSL_EXPORT int OPENSSL_gmtime_diff(int *out_days, int *out_secs, 92 const struct tm *from, 93 const struct tm *to); 94 95 // Internal ASN1 structures and functions: not for application use 96 97 // These are used internally in the ASN1_OBJECT to keep track of 98 // whether the names and data need to be free()ed 99 #define ASN1_OBJECT_FLAG_DYNAMIC 0x01 // internal use 100 #define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 // internal use 101 #define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 // internal use 102 103 // An asn1_object_st (aka |ASN1_OBJECT|) represents an ASN.1 OBJECT IDENTIFIER. 104 // Note: Mutating an |ASN1_OBJECT| is only permitted when initializing it. The 105 // library maintains a table of static |ASN1_OBJECT|s, which may be referenced 106 // by non-const |ASN1_OBJECT| pointers. Code which receives an |ASN1_OBJECT| 107 // pointer externally must assume it is immutable, even if the pointer is not 108 // const. 109 struct asn1_object_st { 110 const char *sn, *ln; 111 int nid; 112 int length; 113 const unsigned char *data; // data remains const after init 114 int flags; // Should we free this one 115 }; 116 117 ASN1_OBJECT *ASN1_OBJECT_new(void); 118 119 // ASN1_ENCODING is used to save the received encoding of an ASN.1 type. This 120 // avoids problems with invalid encodings that break signatures. 121 typedef struct ASN1_ENCODING_st { 122 // enc is the saved DER encoding. Its ownership is determined by |buf|. 123 uint8_t *enc; 124 // len is the length of |enc|. If zero, there is no saved encoding. 125 size_t len; 126 // buf, if non-NULL, is the |CRYPTO_BUFFER| that |enc| points into. If NULL, 127 // |enc| must be released with |OPENSSL_free|. 128 CRYPTO_BUFFER *buf; 129 } ASN1_ENCODING; 130 131 OPENSSL_EXPORT int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d, 132 int allow_timezone_offset); 133 OPENSSL_EXPORT int asn1_generalizedtime_to_tm(struct tm *tm, 134 const ASN1_GENERALIZEDTIME *d); 135 136 int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it); 137 void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it); 138 139 void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); 140 141 // ASN1_item_ex_d2i parses |len| bytes from |*in| as a structure of type |it| 142 // and writes the result to |*pval|. If |tag| is non-negative, |it| is 143 // implicitly tagged with the tag specified by |tag| and |aclass|. If |opt| is 144 // non-zero, the value is optional. If |buf| is non-NULL, |*in| must point into 145 // |buf|. 146 // 147 // This function returns one and advances |*in| if an object was successfully 148 // parsed, -1 if an optional value was successfully skipped, and zero on error. 149 int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, 150 const ASN1_ITEM *it, int tag, int aclass, char opt, 151 CRYPTO_BUFFER *buf); 152 153 // ASN1_item_ex_i2d encodes |*pval| as a value of type |it| to |out| under the 154 // i2d output convention. It returns a non-zero length on success and -1 on 155 // error. If |tag| is -1. the tag and class come from |it|. Otherwise, the tag 156 // number is |tag| and the class is |aclass|. This is used for implicit tagging. 157 // This function treats a missing value as an error, not an optional field. 158 int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, 159 const ASN1_ITEM *it, int tag, int aclass); 160 161 void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); 162 163 // asn1_get_choice_selector returns the CHOICE selector value for |*pval|, which 164 // must of type |it|. 165 int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); 166 167 int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); 168 169 // asn1_get_field_ptr returns a pointer to the field in |*pval| corresponding to 170 // |tt|. 171 ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); 172 173 // asn1_do_adb returns the |ASN1_TEMPLATE| for the ANY DEFINED BY field |tt|, 174 // based on the selector INTEGER or OID in |*pval|. If |tt| is not an ADB field, 175 // it returns |tt|. If the selector does not match any value, it returns NULL. 176 // If |nullerr| is non-zero, it will additionally push an error to the error 177 // queue when there is no match. 178 const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, 179 int nullerr); 180 181 void asn1_refcount_set_one(ASN1_VALUE **pval, const ASN1_ITEM *it); 182 int asn1_refcount_dec_and_test_zero(ASN1_VALUE **pval, const ASN1_ITEM *it); 183 184 void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); 185 void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); 186 187 // asn1_enc_restore, if |*pval| has a saved encoding, writes it to |out| under 188 // the i2d output convention, sets |*len| to the length, and returns one. If it 189 // has no saved encoding, it returns zero. 190 int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, 191 const ASN1_ITEM *it); 192 193 // asn1_enc_save saves |inlen| bytes from |in| as |*pval|'s saved encoding. It 194 // returns one on success and zero on error. If |buf| is non-NULL, |in| must 195 // point into |buf|. 196 int asn1_enc_save(ASN1_VALUE **pval, const uint8_t *in, size_t inlen, 197 const ASN1_ITEM *it, CRYPTO_BUFFER *buf); 198 199 // asn1_encoding_clear clears the cached encoding in |enc|. 200 void asn1_encoding_clear(ASN1_ENCODING *enc); 201 202 // asn1_type_value_as_pointer returns |a|'s value in pointer form. This is 203 // usually the value object but, for BOOLEAN values, is 0 or 0xff cast to 204 // a pointer. 205 const void *asn1_type_value_as_pointer(const ASN1_TYPE *a); 206 207 // asn1_type_set0_string sets |a|'s value to the object represented by |str| and 208 // takes ownership of |str|. 209 void asn1_type_set0_string(ASN1_TYPE *a, ASN1_STRING *str); 210 211 // asn1_type_cleanup releases memory associated with |a|'s value, without 212 // freeing |a| itself. 213 void asn1_type_cleanup(ASN1_TYPE *a); 214 215 // asn1_is_printable returns one if |value| is a valid Unicode codepoint for an 216 // ASN.1 PrintableString, and zero otherwise. 217 int asn1_is_printable(uint32_t value); 218 219 // asn1_bit_string_length returns the number of bytes in |str| and sets 220 // |*out_padding_bits| to the number of padding bits. 221 // 222 // This function should be used instead of |ASN1_STRING_length| to correctly 223 // handle the non-|ASN1_STRING_FLAG_BITS_LEFT| case. 224 int asn1_bit_string_length(const ASN1_BIT_STRING *str, 225 uint8_t *out_padding_bits); 226 227 typedef struct { 228 int nid; 229 long minsize; 230 long maxsize; 231 unsigned long mask; 232 unsigned long flags; 233 } ASN1_STRING_TABLE; 234 235 // asn1_get_string_table_for_testing sets |*out_ptr| and |*out_len| to the table 236 // of built-in |ASN1_STRING_TABLE| values. It is exported for testing. 237 OPENSSL_EXPORT void asn1_get_string_table_for_testing( 238 const ASN1_STRING_TABLE **out_ptr, size_t *out_len); 239 240 typedef ASN1_VALUE *ASN1_new_func(void); 241 typedef void ASN1_free_func(ASN1_VALUE *a); 242 typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in, 243 long length); 244 typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in); 245 246 typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, 247 const ASN1_ITEM *it, int opt, ASN1_TLC *ctx); 248 249 typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, 250 const ASN1_ITEM *it); 251 typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it); 252 typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); 253 254 typedef struct ASN1_EXTERN_FUNCS_st { 255 ASN1_ex_new_func *asn1_ex_new; 256 ASN1_ex_free_func *asn1_ex_free; 257 ASN1_ex_d2i *asn1_ex_d2i; 258 ASN1_ex_i2d *asn1_ex_i2d; 259 } ASN1_EXTERN_FUNCS; 260 261 262 #if defined(__cplusplus) 263 } // extern C 264 #endif 265 266 #endif // OPENSSL_HEADER_ASN1_INTERNAL_H 267