2
* The contents of this file are subject to the Mozilla Public
3
* License Version 1.1 (the "License"); you may not use this file
4
* except in compliance with the License. You may obtain a copy of
5
* the License at http://www.mozilla.org/MPL/
7
* Software distributed under the License is distributed on an "AS
8
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9
* implied. See the License for the specific language governing
10
* rights and limitations under the License.
12
* The Original Code is the Netscape security libraries.
14
* The Initial Developer of the Original Code is Netscape
15
* Communications Corporation. Portions created by Netscape are
16
* Copyright (C) 1994-2000 Netscape Communications Corporation. All
21
* Alternatively, the contents of this file may be used under the
22
* terms of the GNU General Public License Version 2 or later (the
23
* "GPL"), in which case the provisions of the GPL are applicable
24
* instead of those above. If you wish to allow use of your
25
* version of this file only under the terms of the GPL and not to
26
* allow others to use your version of this file under the MPL,
27
* indicate your decision by deleting the provisions above and
28
* replace them with the notice and other provisions required by
29
* the GPL. If you do not delete the provisions above, a recipient
30
* may use your version of this file under either the MPL or the
35
* Types for encoding/decoding of ASN.1 using BER/DER (Basic/Distinguished
38
* $Id: secasn1t.h,v 1.7 2003/11/07 01:41:22 nelsonb%netscape.com Exp $
45
** An array of these structures defines a BER/DER encoding for an object.
47
** The array usually starts with a dummy entry whose kind is SEC_ASN1_SEQUENCE;
48
** such an array is terminated with an entry where kind == 0. (An array
49
** which consists of a single component does not require a second dummy
50
** entry -- the array is only searched as long as previous component(s)
53
typedef struct sec_ASN1Template_struct {
55
** Kind of item being decoded/encoded, including tags and modifiers.
60
** The value is the offset from the base of the structure to the
61
** field that holds the value being decoded/encoded.
66
** When kind suggests it (SEC_ASN1_POINTER, SEC_ASN1_GROUP, SEC_ASN1_INLINE,
67
** or a component that is *not* a SEC_ASN1_UNIVERSAL), this points to
68
** a sub-template for nested encoding/decoding,
69
** OR, iff SEC_ASN1_DYNAMIC is set, then this is a pointer to a pointer
70
** to a function which will return the appropriate template when called
71
** at runtime. NOTE! that explicit level of indirection, which is
72
** necessary because ANSI does not allow you to store a function
73
** pointer directly as a "void *" so we must store it separately and
74
** dereference it to get at the function pointer itself.
79
** In the first element of a template array, the value is the size
80
** of the structure to allocate when this template is being referenced
81
** by another template via SEC_ASN1_POINTER or SEC_ASN1_GROUP.
82
** In all other cases, the value is ignored.
88
/* default size used for allocation of encoding/decoding stuff */
89
/* XXX what is the best value here? */
90
#define SEC_ASN1_DEFAULT_ARENA_SIZE (2048)
93
** BER/DER values for ASN.1 identifier octets.
95
#define SEC_ASN1_TAG_MASK 0xff
98
* BER/DER universal type tag numbers.
99
* The values are defined by the X.208 standard; do not change them!
100
* NOTE: if you add anything to this list, you must add code to secasn1d.c
101
* to accept the tag, and probably also to secasn1e.c to encode it.
102
* XXX It appears some have been added recently without being added to
103
* the code; so need to go through the list now and double-check them all.
104
* (Look especially at those added in revision 1.10.)
106
#define SEC_ASN1_TAGNUM_MASK 0x1f
107
#define SEC_ASN1_BOOLEAN 0x01
108
#define SEC_ASN1_INTEGER 0x02
109
#define SEC_ASN1_BIT_STRING 0x03
110
#define SEC_ASN1_OCTET_STRING 0x04
111
#define SEC_ASN1_NULL 0x05
112
#define SEC_ASN1_OBJECT_ID 0x06
113
#define SEC_ASN1_OBJECT_DESCRIPTOR 0x07
114
/* External type and instance-of type 0x08 */
115
#define SEC_ASN1_REAL 0x09
116
#define SEC_ASN1_ENUMERATED 0x0a
117
#define SEC_ASN1_EMBEDDED_PDV 0x0b
118
#define SEC_ASN1_UTF8_STRING 0x0c
119
#define SEC_ASN1_SEQUENCE 0x10
120
#define SEC_ASN1_SET 0x11
121
#define SEC_ASN1_NUMERIC_STRING 0x12
122
#define SEC_ASN1_PRINTABLE_STRING 0x13
123
#define SEC_ASN1_T61_STRING 0x14
124
#define SEC_ASN1_TELETEX_STRING SEC_ASN1_T61_STRING
125
#define SEC_ASN1_VIDEOTEX_STRING 0x15
126
#define SEC_ASN1_IA5_STRING 0x16
127
#define SEC_ASN1_UTC_TIME 0x17
128
#define SEC_ASN1_GENERALIZED_TIME 0x18
129
#define SEC_ASN1_GRAPHIC_STRING 0x19
130
#define SEC_ASN1_VISIBLE_STRING 0x1a
131
#define SEC_ASN1_GENERAL_STRING 0x1b
132
#define SEC_ASN1_UNIVERSAL_STRING 0x1c
134
#define SEC_ASN1_BMP_STRING 0x1e
135
#define SEC_ASN1_HIGH_TAG_NUMBER 0x1f
138
** Modifiers to type tags. These are also specified by a/the
139
** standard, and must not be changed.
142
#define SEC_ASN1_METHOD_MASK 0x20
143
#define SEC_ASN1_PRIMITIVE 0x00
144
#define SEC_ASN1_CONSTRUCTED 0x20
146
#define SEC_ASN1_CLASS_MASK 0xc0
147
#define SEC_ASN1_UNIVERSAL 0x00
148
#define SEC_ASN1_APPLICATION 0x40
149
#define SEC_ASN1_CONTEXT_SPECIFIC 0x80
150
#define SEC_ASN1_PRIVATE 0xc0
153
** Our additions, used for templates.
154
** These are not defined by any standard; the values are used internally only.
155
** Just be careful to keep them out of the low 8 bits.
156
** XXX finish comments
158
#define SEC_ASN1_OPTIONAL 0x00100
159
#define SEC_ASN1_EXPLICIT 0x00200
160
#define SEC_ASN1_ANY 0x00400
161
#define SEC_ASN1_INLINE 0x00800
162
#define SEC_ASN1_POINTER 0x01000
163
#define SEC_ASN1_GROUP 0x02000 /* with SET or SEQUENCE means
164
* SET OF or SEQUENCE OF */
165
#define SEC_ASN1_DYNAMIC 0x04000 /* subtemplate is found by calling
166
* a function at runtime */
167
#define SEC_ASN1_SKIP 0x08000 /* skip a field; only for decoding */
168
#define SEC_ASN1_INNER 0x10000 /* with ANY means capture the
169
* contents only (not the id, len,
170
* or eoc); only for decoding */
171
#define SEC_ASN1_SAVE 0x20000 /* stash away the encoded bytes first;
172
* only for decoding */
173
#define SEC_ASN1_MAY_STREAM 0x40000 /* field or one of its sub-fields may
174
* stream in and so should encode as
175
* indefinite-length when streaming
176
* has been indicated; only for
178
#define SEC_ASN1_SKIP_REST 0x80000 /* skip all following fields;
180
#define SEC_ASN1_CHOICE 0x100000 /* pick one from a template */
181
#define SEC_ASN1_NO_STREAM 0X200000 /* This entry will not stream
182
even if the sub-template says
183
streaming is possible. Helps
184
to solve ambiguities with potential
185
streaming entries that are
187
#define SEC_ASN1_DEBUG_BREAK 0X400000 /* put this in your template and the
188
decoder will assert when it
189
processes it. Only for use with
190
SEC_QuickDERDecodeItem */
194
/* Shorthand/Aliases */
195
#define SEC_ASN1_SEQUENCE_OF (SEC_ASN1_GROUP | SEC_ASN1_SEQUENCE)
196
#define SEC_ASN1_SET_OF (SEC_ASN1_GROUP | SEC_ASN1_SET)
197
#define SEC_ASN1_ANY_CONTENTS (SEC_ASN1_ANY | SEC_ASN1_INNER)
199
/* Maximum depth of nested SEQUENCEs and SETs */
200
#define SEC_ASN1D_MAX_DEPTH 32
203
** Function used for SEC_ASN1_DYNAMIC.
204
** "arg" is a pointer to the structure being encoded/decoded
205
** "enc", when true, means that we are encoding (false means decoding)
207
typedef const SEC_ASN1Template * SEC_ASN1TemplateChooser(void *arg, PRBool enc);
208
typedef SEC_ASN1TemplateChooser * SEC_ASN1TemplateChooserPtr;
211
#define SEC_ASN1_GET(x) NSS_Get_##x(NULL, PR_FALSE)
212
#define SEC_ASN1_SUB(x) &p_NSS_Get_##x
213
#define SEC_ASN1_XTRN SEC_ASN1_DYNAMIC
214
#define SEC_ASN1_MKSUB(x) \
215
static const SEC_ASN1TemplateChooserPtr p_NSS_Get_##x = &NSS_Get_##x;
217
#define SEC_ASN1_GET(x) x
218
#define SEC_ASN1_SUB(x) x
219
#define SEC_ASN1_XTRN 0
220
#define SEC_ASN1_MKSUB(x)
223
#define SEC_ASN1_CHOOSER_DECLARE(x) \
224
extern const SEC_ASN1Template * NSS_Get_##x (void *arg, PRBool enc);
226
#define SEC_ASN1_CHOOSER_IMPLEMENT(x) \
227
const SEC_ASN1Template * NSS_Get_##x(void * arg, PRBool enc) \
231
** Opaque object used by the decoder to store state.
233
typedef struct sec_DecoderContext_struct SEC_ASN1DecoderContext;
236
** Opaque object used by the encoder to store state.
238
typedef struct sec_EncoderContext_struct SEC_ASN1EncoderContext;
241
* This is used to describe to a filter function the bytes that are
242
* being passed to it. This is only useful when the filter is an "outer"
243
* one, meaning it expects to get *all* of the bytes not just the
247
SEC_ASN1_Identifier = 0,
249
SEC_ASN1_Contents = 2,
250
SEC_ASN1_EndOfContents = 3
251
} SEC_ASN1EncodingPart;
254
* Type of the function pointer used either for decoding or encoding,
255
* when doing anything "funny" (e.g. manipulating the data stream)
257
typedef void (* SEC_ASN1NotifyProc)(void *arg, PRBool before,
258
void *dest, int real_depth);
261
* Type of the function pointer used for grabbing encoded bytes.
262
* This can be used during either encoding or decoding, as follows...
264
* When decoding, this can be used to filter the encoded bytes as they
265
* are parsed. This is what you would do if you wanted to process the data
266
* along the way (like to decrypt it, or to perform a hash on it in order
267
* to do a signature check later). See SEC_ASN1DecoderSetFilterProc().
268
* When processing only part of the encoded bytes is desired, you "watch"
269
* for the field(s) you are interested in with a "notify proc" (see
270
* SEC_ASN1DecoderSetNotifyProc()) and for even finer granularity (e.g. to
271
* ignore all by the contents bytes) you pay attention to the "data_kind"
274
* When encoding, this is the specification for the output function which
275
* will receive the bytes as they are encoded. The output function can
276
* perform any postprocessing necessary (like hashing (some of) the data
277
* to create a digest that gets included at the end) as well as shoving
278
* the data off wherever it needs to go. (In order to "tune" any processing,
279
* you can set a "notify proc" as described above in the decoding case.)
282
* - "arg" is an opaque pointer that you provided at the same time you
283
* specified a function of this type
284
* - "data" is a buffer of length "len", containing the encoded bytes
285
* - "depth" is how deep in a nested encoding we are (it is not usually
286
* valuable, but can be useful sometimes so I included it)
287
* - "data_kind" tells you if these bytes are part of the ASN.1 encoded
288
* octets for identifier, length, contents, or end-of-contents
290
typedef void (* SEC_ASN1WriteProc)(void *arg,
291
const char *data, unsigned long len,
292
int depth, SEC_ASN1EncodingPart data_kind);
294
#endif /* _SECASN1T_H_ */