The Tor Browser / file comparison
comparison: security/nss/lib/util/secasn1t.h
security/nss/lib/util/secasn1t.h
- changeset 0
- 6474c204b198
equal
deleted
inserted
replaced
| -1:000000000000 | 0:d861a7ce859b |
|---|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 4 | |
| 5 /* | |
| 6 * Types for encoding/decoding of ASN.1 using BER/DER (Basic/Distinguished | |
| 7 * Encoding Rules). | |
| 8 */ | |
| 9 | |
| 10 #ifndef _SECASN1T_H_ | |
| 11 #define _SECASN1T_H_ | |
| 12 | |
| 13 #include "utilrename.h" | |
| 14 | |
| 15 /* | |
| 16 ** An array of these structures defines a BER/DER encoding for an object. | |
| 17 ** | |
| 18 ** The array usually starts with a dummy entry whose kind is SEC_ASN1_SEQUENCE; | |
| 19 ** such an array is terminated with an entry where kind == 0. (An array | |
| 20 ** which consists of a single component does not require a second dummy | |
| 21 ** entry -- the array is only searched as long as previous component(s) | |
| 22 ** instruct it.) | |
| 23 */ | |
| 24 typedef struct sec_ASN1Template_struct { | |
| 25 /* | |
| 26 ** Kind of item being decoded/encoded, including tags and modifiers. | |
| 27 */ | |
| 28 unsigned long kind; | |
| 29 | |
| 30 /* | |
| 31 ** The value is the offset from the base of the structure to the | |
| 32 ** field that holds the value being decoded/encoded. | |
| 33 */ | |
| 34 unsigned long offset; | |
| 35 | |
| 36 /* | |
| 37 ** When kind suggests it (SEC_ASN1_POINTER, SEC_ASN1_GROUP, SEC_ASN1_INLINE, | |
| 38 ** or a component that is *not* a SEC_ASN1_UNIVERSAL), this points to | |
| 39 ** a sub-template for nested encoding/decoding, | |
| 40 ** OR, iff SEC_ASN1_DYNAMIC is set, then this is a pointer to a pointer | |
| 41 ** to a function which will return the appropriate template when called | |
| 42 ** at runtime. NOTE! that explicit level of indirection, which is | |
| 43 ** necessary because ANSI does not allow you to store a function | |
| 44 ** pointer directly as a "void *" so we must store it separately and | |
| 45 ** dereference it to get at the function pointer itself. | |
| 46 */ | |
| 47 const void *sub; | |
| 48 | |
| 49 /* | |
| 50 ** In the first element of a template array, the value is the size | |
| 51 ** of the structure to allocate when this template is being referenced | |
| 52 ** by another template via SEC_ASN1_POINTER or SEC_ASN1_GROUP. | |
| 53 ** In all other cases, the value is ignored. | |
| 54 */ | |
| 55 unsigned int size; | |
| 56 } SEC_ASN1Template; | |
| 57 | |
| 58 | |
| 59 /* default size used for allocation of encoding/decoding stuff */ | |
| 60 /* XXX what is the best value here? */ | |
| 61 #define SEC_ASN1_DEFAULT_ARENA_SIZE (2048) | |
| 62 | |
| 63 /* | |
| 64 ** BER/DER values for ASN.1 identifier octets. | |
| 65 */ | |
| 66 #define SEC_ASN1_TAG_MASK 0xff | |
| 67 | |
| 68 /* | |
| 69 * BER/DER universal type tag numbers. | |
| 70 * The values are defined by the X.208 standard; do not change them! | |
| 71 * NOTE: if you add anything to this list, you must add code to secasn1d.c | |
| 72 * to accept the tag, and probably also to secasn1e.c to encode it. | |
| 73 * XXX It appears some have been added recently without being added to | |
| 74 * the code; so need to go through the list now and double-check them all. | |
| 75 * (Look especially at those added in revision 1.10.) | |
| 76 */ | |
| 77 #define SEC_ASN1_TAGNUM_MASK 0x1f | |
| 78 #define SEC_ASN1_BOOLEAN 0x01 | |
| 79 #define SEC_ASN1_INTEGER 0x02 | |
| 80 #define SEC_ASN1_BIT_STRING 0x03 | |
| 81 #define SEC_ASN1_OCTET_STRING 0x04 | |
| 82 #define SEC_ASN1_NULL 0x05 | |
| 83 #define SEC_ASN1_OBJECT_ID 0x06 | |
| 84 #define SEC_ASN1_OBJECT_DESCRIPTOR 0x07 | |
| 85 /* External type and instance-of type 0x08 */ | |
| 86 #define SEC_ASN1_REAL 0x09 | |
| 87 #define SEC_ASN1_ENUMERATED 0x0a | |
| 88 #define SEC_ASN1_EMBEDDED_PDV 0x0b | |
| 89 #define SEC_ASN1_UTF8_STRING 0x0c | |
| 90 /* 0x0d */ | |
| 91 /* 0x0e */ | |
| 92 /* 0x0f */ | |
| 93 #define SEC_ASN1_SEQUENCE 0x10 | |
| 94 #define SEC_ASN1_SET 0x11 | |
| 95 #define SEC_ASN1_NUMERIC_STRING 0x12 | |
| 96 #define SEC_ASN1_PRINTABLE_STRING 0x13 | |
| 97 #define SEC_ASN1_T61_STRING 0x14 | |
| 98 #define SEC_ASN1_VIDEOTEX_STRING 0x15 | |
| 99 #define SEC_ASN1_IA5_STRING 0x16 | |
| 100 #define SEC_ASN1_UTC_TIME 0x17 | |
| 101 #define SEC_ASN1_GENERALIZED_TIME 0x18 | |
| 102 #define SEC_ASN1_GRAPHIC_STRING 0x19 | |
| 103 #define SEC_ASN1_VISIBLE_STRING 0x1a | |
| 104 #define SEC_ASN1_GENERAL_STRING 0x1b | |
| 105 #define SEC_ASN1_UNIVERSAL_STRING 0x1c | |
| 106 /* 0x1d */ | |
| 107 #define SEC_ASN1_BMP_STRING 0x1e | |
| 108 #define SEC_ASN1_HIGH_TAG_NUMBER 0x1f | |
| 109 #define SEC_ASN1_TELETEX_STRING SEC_ASN1_T61_STRING | |
| 110 | |
| 111 /* | |
| 112 ** Modifiers to type tags. These are also specified by a/the | |
| 113 ** standard, and must not be changed. | |
| 114 */ | |
| 115 | |
| 116 #define SEC_ASN1_METHOD_MASK 0x20 | |
| 117 #define SEC_ASN1_PRIMITIVE 0x00 | |
| 118 #define SEC_ASN1_CONSTRUCTED 0x20 | |
| 119 | |
| 120 #define SEC_ASN1_CLASS_MASK 0xc0 | |
| 121 #define SEC_ASN1_UNIVERSAL 0x00 | |
| 122 #define SEC_ASN1_APPLICATION 0x40 | |
| 123 #define SEC_ASN1_CONTEXT_SPECIFIC 0x80 | |
| 124 #define SEC_ASN1_PRIVATE 0xc0 | |
| 125 | |
| 126 /* | |
| 127 ** Our additions, used for templates. | |
| 128 ** These are not defined by any standard; the values are used internally only. | |
| 129 ** Just be careful to keep them out of the low 8 bits. | |
| 130 ** XXX finish comments | |
| 131 */ | |
| 132 #define SEC_ASN1_OPTIONAL 0x00100 | |
| 133 #define SEC_ASN1_EXPLICIT 0x00200 | |
| 134 #define SEC_ASN1_ANY 0x00400 | |
| 135 #define SEC_ASN1_INLINE 0x00800 | |
| 136 #define SEC_ASN1_POINTER 0x01000 | |
| 137 #define SEC_ASN1_GROUP 0x02000 /* with SET or SEQUENCE means | |
| 138 * SET OF or SEQUENCE OF */ | |
| 139 #define SEC_ASN1_DYNAMIC 0x04000 /* subtemplate is found by calling | |
| 140 * a function at runtime */ | |
| 141 #define SEC_ASN1_SKIP 0x08000 /* skip a field; only for decoding */ | |
| 142 #define SEC_ASN1_INNER 0x10000 /* with ANY means capture the | |
| 143 * contents only (not the id, len, | |
| 144 * or eoc); only for decoding */ | |
| 145 #define SEC_ASN1_SAVE 0x20000 /* stash away the encoded bytes first; | |
| 146 * only for decoding */ | |
| 147 #define SEC_ASN1_MAY_STREAM 0x40000 /* field or one of its sub-fields may | |
| 148 * stream in and so should encode as | |
| 149 * indefinite-length when streaming | |
| 150 * has been indicated; only for | |
| 151 * encoding */ | |
| 152 #define SEC_ASN1_SKIP_REST 0x80000 /* skip all following fields; | |
| 153 only for decoding */ | |
| 154 #define SEC_ASN1_CHOICE 0x100000 /* pick one from a template */ | |
| 155 #define SEC_ASN1_NO_STREAM 0X200000 /* This entry will not stream | |
| 156 even if the sub-template says | |
| 157 streaming is possible. Helps | |
| 158 to solve ambiguities with potential | |
| 159 streaming entries that are | |
| 160 optional */ | |
| 161 #define SEC_ASN1_DEBUG_BREAK 0X400000 /* put this in your template and the | |
| 162 decoder will assert when it | |
| 163 processes it. Only for use with | |
| 164 SEC_QuickDERDecodeItem */ | |
| 165 | |
| 166 | |
| 167 | |
| 168 /* Shorthand/Aliases */ | |
| 169 #define SEC_ASN1_SEQUENCE_OF (SEC_ASN1_GROUP | SEC_ASN1_SEQUENCE) | |
| 170 #define SEC_ASN1_SET_OF (SEC_ASN1_GROUP | SEC_ASN1_SET) | |
| 171 #define SEC_ASN1_ANY_CONTENTS (SEC_ASN1_ANY | SEC_ASN1_INNER) | |
| 172 | |
| 173 /* Maximum depth of nested SEQUENCEs and SETs */ | |
| 174 #define SEC_ASN1D_MAX_DEPTH 32 | |
| 175 | |
| 176 /* | |
| 177 ** Function used for SEC_ASN1_DYNAMIC. | |
| 178 ** "arg" is a pointer to the structure being encoded/decoded | |
| 179 ** "enc", when true, means that we are encoding (false means decoding) | |
| 180 */ | |
| 181 typedef const SEC_ASN1Template * SEC_ASN1TemplateChooser(void *arg, PRBool enc); | |
| 182 typedef SEC_ASN1TemplateChooser * SEC_ASN1TemplateChooserPtr; | |
| 183 | |
| 184 #if defined(_WIN32) || defined(ANDROID) | |
| 185 #define SEC_ASN1_GET(x) NSS_Get_##x(NULL, PR_FALSE) | |
| 186 #define SEC_ASN1_SUB(x) &p_NSS_Get_##x | |
| 187 #define SEC_ASN1_XTRN SEC_ASN1_DYNAMIC | |
| 188 #define SEC_ASN1_MKSUB(x) \ | |
| 189 static const SEC_ASN1TemplateChooserPtr p_NSS_Get_##x = &NSS_Get_##x; | |
| 190 #else | |
| 191 #define SEC_ASN1_GET(x) x | |
| 192 #define SEC_ASN1_SUB(x) x | |
| 193 #define SEC_ASN1_XTRN 0 | |
| 194 #define SEC_ASN1_MKSUB(x) | |
| 195 #endif | |
| 196 | |
| 197 #define SEC_ASN1_CHOOSER_DECLARE(x) \ | |
| 198 extern const SEC_ASN1Template * NSS_Get_##x (void *arg, PRBool enc); | |
| 199 | |
| 200 #define SEC_ASN1_CHOOSER_IMPLEMENT(x) \ | |
| 201 const SEC_ASN1Template * NSS_Get_##x(void * arg, PRBool enc) \ | |
| 202 { return x; } | |
| 203 | |
| 204 /* | |
| 205 ** Opaque object used by the decoder to store state. | |
| 206 */ | |
| 207 typedef struct sec_DecoderContext_struct SEC_ASN1DecoderContext; | |
| 208 | |
| 209 /* | |
| 210 ** Opaque object used by the encoder to store state. | |
| 211 */ | |
| 212 typedef struct sec_EncoderContext_struct SEC_ASN1EncoderContext; | |
| 213 | |
| 214 /* | |
| 215 * This is used to describe to a filter function the bytes that are | |
| 216 * being passed to it. This is only useful when the filter is an "outer" | |
| 217 * one, meaning it expects to get *all* of the bytes not just the | |
| 218 * contents octets. | |
| 219 */ | |
| 220 typedef enum { | |
| 221 SEC_ASN1_Identifier = 0, | |
| 222 SEC_ASN1_Length = 1, | |
| 223 SEC_ASN1_Contents = 2, | |
| 224 SEC_ASN1_EndOfContents = 3 | |
| 225 } SEC_ASN1EncodingPart; | |
| 226 | |
| 227 /* | |
| 228 * Type of the function pointer used either for decoding or encoding, | |
| 229 * when doing anything "funny" (e.g. manipulating the data stream) | |
| 230 */ | |
| 231 typedef void (* SEC_ASN1NotifyProc)(void *arg, PRBool before, | |
| 232 void *dest, int real_depth); | |
| 233 | |
| 234 /* | |
| 235 * Type of the function pointer used for grabbing encoded bytes. | |
| 236 * This can be used during either encoding or decoding, as follows... | |
| 237 * | |
| 238 * When decoding, this can be used to filter the encoded bytes as they | |
| 239 * are parsed. This is what you would do if you wanted to process the data | |
| 240 * along the way (like to decrypt it, or to perform a hash on it in order | |
| 241 * to do a signature check later). See SEC_ASN1DecoderSetFilterProc(). | |
| 242 * When processing only part of the encoded bytes is desired, you "watch" | |
| 243 * for the field(s) you are interested in with a "notify proc" (see | |
| 244 * SEC_ASN1DecoderSetNotifyProc()) and for even finer granularity (e.g. to | |
| 245 * ignore all by the contents bytes) you pay attention to the "data_kind" | |
| 246 * parameter. | |
| 247 * | |
| 248 * When encoding, this is the specification for the output function which | |
| 249 * will receive the bytes as they are encoded. The output function can | |
| 250 * perform any postprocessing necessary (like hashing (some of) the data | |
| 251 * to create a digest that gets included at the end) as well as shoving | |
| 252 * the data off wherever it needs to go. (In order to "tune" any processing, | |
| 253 * you can set a "notify proc" as described above in the decoding case.) | |
| 254 * | |
| 255 * The parameters: | |
| 256 * - "arg" is an opaque pointer that you provided at the same time you | |
| 257 * specified a function of this type | |
| 258 * - "data" is a buffer of length "len", containing the encoded bytes | |
| 259 * - "depth" is how deep in a nested encoding we are (it is not usually | |
| 260 * valuable, but can be useful sometimes so I included it) | |
| 261 * - "data_kind" tells you if these bytes are part of the ASN.1 encoded | |
| 262 * octets for identifier, length, contents, or end-of-contents | |
| 263 */ | |
| 264 typedef void (* SEC_ASN1WriteProc)(void *arg, | |
| 265 const char *data, unsigned long len, | |
| 266 int depth, SEC_ASN1EncodingPart data_kind); | |
| 267 | |
| 268 #endif /* _SECASN1T_H_ */ |
