1 /* 2 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project 3 * 2006. 4 */ 5 /* ==================================================================== 6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing@OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58 59 #ifndef OPENSSL_HEADER_ASN1_INTERNAL_H 60 #define OPENSSL_HEADER_ASN1_INTERNAL_H 61 62 #include <time.h> 63 64 #include <openssl/asn1.h> 65 #include <openssl/asn1t.h> 66 67 #if defined(__cplusplus) 68 extern "C" { 69 #endif 70 71 72 // Wrapper functions for time functions. 73 74 // OPENSSL_gmtime converts a time_t value in |time| which must be in the range 75 // of year 0000 to 9999 to a broken out time value in |tm|. On success |tm| is 76 // returned. On failure NULL is returned. 77 OPENSSL_EXPORT struct tm *OPENSSL_gmtime(const time_t *time, struct tm *result); 78 79 // OPENSSL_timegm converts a time value between the years 0 and 9999 in |tm| to 80 // a time_t value in |out|. One is returned on success, zero is returned on 81 // failure. It is a failure if the converted time can not be represented in a 82 // time_t, or if the tm contains out of range values. 83 OPENSSL_EXPORT int OPENSSL_timegm(const struct tm *tm, time_t *out); 84 85 // OPENSSL_gmtime_adj returns one on success, and updates |tm| by adding 86 // |offset_day| days and |offset_sec| seconds. It returns zero on failure. |tm| 87 // must be in the range of year 0000 to 9999 both before and after the update or 88 // a failure will be returned. 89 OPENSSL_EXPORT int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, 90 long offset_sec); 91 92 // OPENSSL_gmtime_diff calculates the difference between |from| and |to|. It 93 // returns one, and outputs the difference as a number of days and seconds in 94 // |*out_days| and |*out_secs| on success. It returns zero on failure. Both 95 // |from| and |to| must be in the range of year 0000 to 9999 or a failure will 96 // be returned. 97 OPENSSL_EXPORT int OPENSSL_gmtime_diff(int *out_days, int *out_secs, 98 const struct tm *from, 99 const struct tm *to); 100 101 // Internal ASN1 structures and functions: not for application use 102 103 // These are used internally in the ASN1_OBJECT to keep track of 104 // whether the names and data need to be free()ed 105 #define ASN1_OBJECT_FLAG_DYNAMIC 0x01 // internal use 106 #define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 // internal use 107 #define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 // internal use 108 109 // An asn1_object_st (aka |ASN1_OBJECT|) represents an ASN.1 OBJECT IDENTIFIER. 110 // Note: Mutating an |ASN1_OBJECT| is only permitted when initializing it. The 111 // library maintains a table of static |ASN1_OBJECT|s, which may be referenced 112 // by non-const |ASN1_OBJECT| pointers. Code which receives an |ASN1_OBJECT| 113 // pointer externally must assume it is immutable, even if the pointer is not 114 // const. 115 struct asn1_object_st { 116 const char *sn, *ln; 117 int nid; 118 int length; 119 const unsigned char *data; // data remains const after init 120 int flags; // Should we free this one 121 }; 122 123 ASN1_OBJECT *ASN1_OBJECT_new(void); 124 125 // ASN1_ENCODING is used to save the received encoding of an ASN.1 type. This 126 // avoids problems with invalid encodings that break signatures. 127 typedef struct ASN1_ENCODING_st { 128 // enc is the saved DER encoding. Its ownership is determined by |buf|. 129 uint8_t *enc; 130 // len is the length of |enc|. If zero, there is no saved encoding. 131 size_t len; 132 // buf, if non-NULL, is the |CRYPTO_BUFFER| that |enc| points into. If NULL, 133 // |enc| must be released with |OPENSSL_free|. 134 CRYPTO_BUFFER *buf; 135 } ASN1_ENCODING; 136 137 OPENSSL_EXPORT int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d, 138 int allow_timezone_offset); 139 OPENSSL_EXPORT int asn1_generalizedtime_to_tm(struct tm *tm, 140 const ASN1_GENERALIZEDTIME *d); 141 142 int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it); 143 void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it); 144 145 void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); 146 147 // ASN1_item_ex_d2i parses |len| bytes from |*in| as a structure of type |it| 148 // and writes the result to |*pval|. If |tag| is non-negative, |it| is 149 // implicitly tagged with the tag specified by |tag| and |aclass|. If |opt| is 150 // non-zero, the value is optional. If |buf| is non-NULL, |*in| must point into 151 // |buf|. 152 // 153 // This function returns one and advances |*in| if an object was successfully 154 // parsed, -1 if an optional value was successfully skipped, and zero on error. 155 int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, 156 const ASN1_ITEM *it, int tag, int aclass, char opt, 157 CRYPTO_BUFFER *buf); 158 159 // ASN1_item_ex_i2d encodes |*pval| as a value of type |it| to |out| under the 160 // i2d output convention. It returns a non-zero length on success and -1 on 161 // error. If |tag| is -1. the tag and class come from |it|. Otherwise, the tag 162 // number is |tag| and the class is |aclass|. This is used for implicit tagging. 163 // This function treats a missing value as an error, not an optional field. 164 int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, 165 const ASN1_ITEM *it, int tag, int aclass); 166 167 void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); 168 169 // asn1_get_choice_selector returns the CHOICE selector value for |*pval|, which 170 // must of type |it|. 171 int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); 172 173 int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); 174 175 // asn1_get_field_ptr returns a pointer to the field in |*pval| corresponding to 176 // |tt|. 177 ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); 178 179 // asn1_do_adb returns the |ASN1_TEMPLATE| for the ANY DEFINED BY field |tt|, 180 // based on the selector INTEGER or OID in |*pval|. If |tt| is not an ADB field, 181 // it returns |tt|. If the selector does not match any value, it returns NULL. 182 // If |nullerr| is non-zero, it will additionally push an error to the error 183 // queue when there is no match. 184 const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, 185 int nullerr); 186 187 void asn1_refcount_set_one(ASN1_VALUE **pval, const ASN1_ITEM *it); 188 int asn1_refcount_dec_and_test_zero(ASN1_VALUE **pval, const ASN1_ITEM *it); 189 190 void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); 191 void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); 192 193 // asn1_enc_restore, if |*pval| has a saved encoding, writes it to |out| under 194 // the i2d output convention, sets |*len| to the length, and returns one. If it 195 // has no saved encoding, it returns zero. 196 int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, 197 const ASN1_ITEM *it); 198 199 // asn1_enc_save saves |inlen| bytes from |in| as |*pval|'s saved encoding. It 200 // returns one on success and zero on error. If |buf| is non-NULL, |in| must 201 // point into |buf|. 202 int asn1_enc_save(ASN1_VALUE **pval, const uint8_t *in, size_t inlen, 203 const ASN1_ITEM *it, CRYPTO_BUFFER *buf); 204 205 // asn1_encoding_clear clears the cached encoding in |enc|. 206 void asn1_encoding_clear(ASN1_ENCODING *enc); 207 208 // asn1_type_value_as_pointer returns |a|'s value in pointer form. This is 209 // usually the value object but, for BOOLEAN values, is 0 or 0xff cast to 210 // a pointer. 211 const void *asn1_type_value_as_pointer(const ASN1_TYPE *a); 212 213 // asn1_type_cleanup releases memory associated with |a|'s value, without 214 // freeing |a| itself. 215 void asn1_type_cleanup(ASN1_TYPE *a); 216 217 // asn1_is_printable returns one if |value| is a valid Unicode codepoint for an 218 // ASN.1 PrintableString, and zero otherwise. 219 int asn1_is_printable(uint32_t value); 220 221 // asn1_bit_string_length returns the number of bytes in |str| and sets 222 // |*out_padding_bits| to the number of padding bits. 223 // 224 // This function should be used instead of |ASN1_STRING_length| to correctly 225 // handle the non-|ASN1_STRING_FLAG_BITS_LEFT| case. 226 int asn1_bit_string_length(const ASN1_BIT_STRING *str, 227 uint8_t *out_padding_bits); 228 229 typedef struct { 230 int nid; 231 long minsize; 232 long maxsize; 233 unsigned long mask; 234 unsigned long flags; 235 } ASN1_STRING_TABLE; 236 237 // asn1_get_string_table_for_testing sets |*out_ptr| and |*out_len| to the table 238 // of built-in |ASN1_STRING_TABLE| values. It is exported for testing. 239 OPENSSL_EXPORT void asn1_get_string_table_for_testing( 240 const ASN1_STRING_TABLE **out_ptr, size_t *out_len); 241 242 typedef ASN1_VALUE *ASN1_new_func(void); 243 typedef void ASN1_free_func(ASN1_VALUE *a); 244 typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in, 245 long length); 246 typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in); 247 248 typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, 249 const ASN1_ITEM *it, int opt, ASN1_TLC *ctx); 250 251 typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, 252 const ASN1_ITEM *it); 253 typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it); 254 typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); 255 256 typedef struct ASN1_EXTERN_FUNCS_st { 257 ASN1_ex_new_func *asn1_ex_new; 258 ASN1_ex_free_func *asn1_ex_free; 259 ASN1_ex_d2i *asn1_ex_d2i; 260 ASN1_ex_i2d *asn1_ex_i2d; 261 } ASN1_EXTERN_FUNCS; 262 263 264 #if defined(__cplusplus) 265 } // extern C 266 #endif 267 268 #endif // OPENSSL_HEADER_ASN1_INTERNAL_H 269