1 /* $OpenBSD: asn1_locl.h,v 1.39 2022/09/11 17:22:52 tb Exp $ */ 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * project 2006. 4 */ 5 /* ==================================================================== 6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing@OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58 59 #include "bytestring.h" 60 61 __BEGIN_HIDDEN_DECLS 62 63 /* Internal ASN1 structures and functions: not for application use */ 64 65 ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s, ASN1_TYPE **t); 66 void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t); 67 68 /* These are used internally in the ASN1_OBJECT to keep track of 69 * whether the names and data need to be free()ed */ 70 #define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */ 71 #define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */ 72 #define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */ 73 #define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */ 74 struct asn1_object_st { 75 const char *sn, *ln; 76 int nid; 77 int length; 78 const unsigned char *data; /* data remains const after init */ 79 int flags; /* Should we free this one */ 80 } /* ASN1_OBJECT */; 81 82 /* ASN1 print context structure */ 83 84 struct asn1_pctx_st { 85 unsigned long flags; 86 unsigned long nm_flags; 87 unsigned long cert_flags; 88 unsigned long oid_flags; 89 unsigned long str_flags; 90 } /* ASN1_PCTX */; 91 92 /* ASN1 public key method structure */ 93 94 struct evp_pkey_asn1_method_st { 95 int pkey_id; 96 int pkey_base_id; 97 unsigned long pkey_flags; 98 99 char *pem_str; 100 char *info; 101 102 int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub); 103 int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk); 104 int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b); 105 int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent, 106 ASN1_PCTX *pctx); 107 108 int (*priv_decode)(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf); 109 int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk); 110 int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent, 111 ASN1_PCTX *pctx); 112 113 int (*pkey_size)(const EVP_PKEY *pk); 114 int (*pkey_bits)(const EVP_PKEY *pk); 115 int (*pkey_security_bits)(const EVP_PKEY *pk); 116 117 int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, 118 int derlen); 119 int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder); 120 int (*param_missing)(const EVP_PKEY *pk); 121 int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from); 122 int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b); 123 int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent, 124 ASN1_PCTX *pctx); 125 int (*sig_print)(BIO *out, const X509_ALGOR *sigalg, 126 const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx); 127 128 void (*pkey_free)(EVP_PKEY *pkey); 129 int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2); 130 131 /* Legacy functions for old PEM */ 132 133 int (*old_priv_decode)(EVP_PKEY *pkey, const unsigned char **pder, 134 int derlen); 135 int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder); 136 /* Custom ASN1 signature verification */ 137 int (*item_verify)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, 138 X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey); 139 int (*item_sign)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, 140 X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig); 141 142 int (*pkey_check)(const EVP_PKEY *pk); 143 int (*pkey_public_check)(const EVP_PKEY *pk); 144 int (*pkey_param_check)(const EVP_PKEY *pk); 145 } /* EVP_PKEY_ASN1_METHOD */; 146 147 /* Method to handle CRL access. 148 * In general a CRL could be very large (several Mb) and can consume large 149 * amounts of resources if stored in memory by multiple processes. 150 * This method allows general CRL operations to be redirected to more 151 * efficient callbacks: for example a CRL entry database. 152 */ 153 154 #define X509_CRL_METHOD_DYNAMIC 1 155 156 struct x509_crl_method_st { 157 int flags; 158 int (*crl_init)(X509_CRL *crl); 159 int (*crl_free)(X509_CRL *crl); 160 int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret, 161 ASN1_INTEGER *ser, X509_NAME *issuer); 162 int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk); 163 }; 164 165 int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); 166 int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); 167 168 ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); 169 170 const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr); 171 172 int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it); 173 174 void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); 175 void asn1_enc_cleanup(ASN1_VALUE **pval, const ASN1_ITEM *it); 176 int asn1_enc_save(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it); 177 int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it); 178 179 int i2d_ASN1_BOOLEAN(int a, unsigned char **pp); 180 int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length); 181 182 /* 183 * Unicode codepoint constants 184 */ 185 #define UNICODE_MAX 0x10FFFF 186 #define UNICODE_SURROGATE_MIN 0x00D800 187 #define UNICODE_SURROGATE_MAX 0x00DFFF 188 189 #define UNICODE_IS_SURROGATE(x) \ 190 ((x) >= UNICODE_SURROGATE_MIN && (x) <= UNICODE_SURROGATE_MAX) 191 192 int UTF8_getc(const unsigned char *str, int len, unsigned long *val); 193 int UTF8_putc(unsigned char *str, int len, unsigned long value); 194 195 int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb); 196 197 int asn1_get_identifier_cbs(CBS *cbs, int der_mode, uint8_t *out_class, 198 int *out_constructed, uint32_t *out_tag_number); 199 int asn1_get_length_cbs(CBS *cbs, int der_mode, int *out_indefinite, 200 size_t *out_length); 201 int asn1_get_object_cbs(CBS *cbs, int der_mode, uint8_t *out_class, 202 int *out_constructed, uint32_t *out_tag_number, int *out_indefinite, 203 size_t *out_length); 204 int asn1_get_primitive(CBS *cbs, int der_mode, uint32_t *out_tag_number, 205 CBS *out_content); 206 207 int asn1_must_be_constructed(int tag); 208 int asn1_must_be_primitive(int tag); 209 int asn1_tag2charwidth(int tag); 210 211 int asn1_abs_set_unused_bits(ASN1_BIT_STRING *abs, uint8_t unused_bits); 212 int c2i_ASN1_BIT_STRING_cbs(ASN1_BIT_STRING **out_abs, CBS *cbs); 213 214 int c2i_ASN1_ENUMERATED_cbs(ASN1_ENUMERATED **out_aenum, CBS *cbs); 215 216 int asn1_aint_get_uint64(CBS *cbs, uint64_t *out_val); 217 int asn1_aint_set_uint64(uint64_t val, uint8_t **out_data, int *out_len); 218 int asn1_aint_get_int64(CBS *cbs, int negative, int64_t *out_val); 219 int c2i_ASN1_INTEGER_cbs(ASN1_INTEGER **out_aint, CBS *cbs); 220 221 int c2i_ASN1_OBJECT_cbs(ASN1_OBJECT **out_aobj, CBS *content); 222 int i2t_ASN1_OBJECT_internal(const ASN1_OBJECT *aobj, char *buf, int buf_len, 223 int no_name); 224 ASN1_OBJECT *t2i_ASN1_OBJECT_internal(const char *oid); 225 226 int asn1_time_parse_cbs(const CBS *cbs, int is_gentime, struct tm *out_tm); 227 228 ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, 229 long length); 230 int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp); 231 ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, 232 const unsigned char **pp, long length); 233 int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp); 234 ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, 235 long length); 236 237 __END_HIDDEN_DECLS 238