1 /****************************************************************************
2 *																			*
3 *						  Certificate DN Header File						*
4 *						Copyright Peter Gutmann 1996-2008					*
5 *																			*
6 ****************************************************************************/
7 
8 #ifndef _DN_DEFINED
9 
10 #define _DN_DEFINED
11 
12 /* DN component information flags.  These are:
13 
14 	FLAG_CONTINUED: Some implementations may place more than one AVA into
15 		an RDN, this flag indicates that the RDN continues in the next DN
16 		component structure.
17 
18 	FLAG_LOCKED: If the RDN/DN was set by specifying the entire DN at once
19 		using a free-format text DN string it's not a good idea to allow
20 		random changes to it so this flag marks the components as locked.
21 
22 	FLAG_NOCHECK: If we're reading data from an external source the DN can
23 		contain all sorts of strange stuff so we use this flag to tell the
24 		DN component-handling code not to perform any validity checking on
25 		the components as they're added */
26 
27 #define DN_FLAG_NONE		0x00	/* No DN flag */
28 #define DN_FLAG_CONTINUED	0x01	/* RDN continues with another AVA */
29 #define DN_FLAG_LOCKED		0x02	/* RDN can't be modified */
30 #define DN_FLAG_NOCHECK		0x08	/* Don't check validity of components */
31 #define DN_FLAG_MAX			0x0F	/* Maximum possible flag value */
32 
33 /* When comparing DN fields we only want to compare relevant data and not
34    incidental flags related to parsing or encoding actions.  The following
35    mask defines the attribute flags that we want to compare */
36 
37 #define DN_FLAGS_COMPARE_MASK	( DN_FLAG_CONTINUED )
38 
39 /* The structure to hold a DN component */
40 
41 typedef struct DC {
42 	/* DN component type and type information */
43 	int type;						/* cryptlib component type, either a
44 									   CRYPT_ATTRIBUTE_TYPE or an integer ID */
45 	const void *typeInfo;			/* Type information for this component, a
46 									   pointer to the DN_COMPONENT_INFO tbl */
47 	int flags;
48 
49 	/* DN component data */
50 	BUFFER_FIXED( valueLength ) \
51 	void *value;					/* DN component value */
52 	int valueLength;				/* DN component value length */
53 	int valueStringType;			/* DN component native string type,
54 									   encoded as a cookie used by dnstring.c */
55 
56 	/* Encoding information: The ASN.1 encoded string type as a
57 	   BER_STRING_xyz, the overall size of the RDN data (without the tag and
58 	   length) if this is the first or only component of an RDN, and the size
59 	   of the AVA containing this component.  If it's the first component of
60 	   a multi-AVA RDN then the DN_FLAG_CONTINUED flag will be set in the
61 	   flags field */
62 	int asn1EncodedStringType, encodedRDNdataSize, encodedAVAdataSize;
63 
64 	/* The next and previous list element in the linked list of DN
65 	   components */
66 	struct DC *next, *prev;
67 
68 	/* Variable-length storage for the DN data */
69 	DECLARE_VARSTRUCT_VARS;
70 	} DN_COMPONENT;
71 
72 /* Type information for DN components */
73 
74 typedef struct {
75 	const int type;					/* cryptlib attribute type, or index
76 									   value for non-cryptlib attributes */
77 	const BYTE *oid;				/* OID for this type */
78 	ARRAY_FIXED( nameLen ) \
79 	const char *name;				/* Name for this type */
80 	const int nameLen;
81 	ARRAY_FIXED( nameLen ) \
82 	const char *altName;			/* Alt. name for this type */
83 	const int altNameLen;
84 	const int maxLength;			/* Maximum allowed length for this type */
85 	const BOOLEAN ia5OK;			/* Whether IA5 is allowed for this comp.*/
86 	const BOOLEAN wcsOK;			/* Whether widechar is allowed for comp.*/
87 	} DN_COMPONENT_INFO;
88 
89 /* Prototypes for functions in dn.c */
90 
91 CHECK_RETVAL_PTR STDC_NONNULL_ARG( ( 1 ) ) \
92 const DN_COMPONENT_INFO *findDNInfoByOID( IN_BUFFER( oidLength ) const BYTE *oid,
93 										  IN_LENGTH_OID const int oidLength );
94 #ifdef USE_CERT_DNSTRING
95 CHECK_RETVAL_PTR STDC_NONNULL_ARG( ( 1 ) ) \
96 const DN_COMPONENT_INFO *findDNInfoByLabel( IN_BUFFER( labelLength ) const char *label,
97 											IN_LENGTH_SHORT const int labelLength );
98 #endif /* USE_CERT_DNSTRING */
99 CHECK_RETVAL STDC_NONNULL_ARG( ( 1, 3, 7 ) ) \
100 int insertDNstring( INOUT DN_COMPONENT **dnComponentListPtrPtr,
101 					IN_INT const int type,
102 					IN_BUFFER( valueLength ) const void *value,
103 					IN_LENGTH_SHORT const int valueLength,
104 					IN_RANGE( 1, 20 ) const int valueStringType,
105 					IN_FLAGS_Z( DN ) const int flags,
106 					OUT_ENUM_OPT( CRYPT_ERRTYPE ) \
107 						CRYPT_ERRTYPE_TYPE *errorType );
108 
109 /* Prototypes for functions in dnstring.c */
110 
111 CHECK_RETVAL STDC_NONNULL_ARG( ( 1, 3, 4 ) ) \
112 int copyToAsn1String( OUT_BUFFER( destMaxLen, *destLen ) void *dest,
113 					  IN_LENGTH_SHORT const int destMaxLen,
114 					  OUT_LENGTH_BOUNDED_Z( destMaxLen ) int *destLen,
115 					  IN_BUFFER( sourceLen ) const void *source,
116 					  IN_LENGTH_SHORT const int sourceLen,
117 					  IN_RANGE( 0, 20 ) const int stringType );
118 CHECK_RETVAL STDC_NONNULL_ARG( ( 1, 3, 4, 5 ) ) \
119 int copyFromAsn1String( OUT_BUFFER( destMaxLen, *destLen ) void *dest,
120 						IN_LENGTH_SHORT const int destMaxLen,
121 						OUT_LENGTH_BOUNDED_Z( destMaxLen ) int *destLen,
122 						OUT_RANGE( 0, 20 ) int *destStringType,
123 						IN_BUFFER( sourceLen ) const void *source,
124 						IN_LENGTH_SHORT const int sourceLen,
125 						IN_TAG_ENCODED const int stringTag );
126 
127 #endif /* _DN_DEFINED */
128