1 // Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 #ifndef OPENSSL_HEADER_CRYPTO_ASN1_INTERNAL_H
16 #define OPENSSL_HEADER_CRYPTO_ASN1_INTERNAL_H
17 
18 #include <time.h>
19 
20 #include <openssl/asn1.h>
21 #include <openssl/asn1t.h>
22 
23 #if defined(__cplusplus)
24 extern "C" {
25 #endif
26 
27 
28 // Wrapper functions for time functions.
29 
30 // OPENSSL_gmtime converts a time_t value in |time| which must be in the range
31 // of year 0000 to 9999 to a broken out time value in |tm|. On success |tm| is
32 // returned. On failure NULL is returned.
33 OPENSSL_EXPORT struct tm *OPENSSL_gmtime(const time_t *time, struct tm *result);
34 
35 // OPENSSL_gmtime_adj returns one on success, and updates |tm| by adding
36 // |offset_day| days and |offset_sec| seconds. It returns zero on failure. |tm|
37 // must be in the range of year 0000 to 9999 both before and after the update or
38 // a failure will be returned.
39 OPENSSL_EXPORT int OPENSSL_gmtime_adj(struct tm *tm, int offset_day,
40                                       int64_t offset_sec);
41 
42 // OPENSSL_gmtime_diff calculates the difference between |from| and |to|. It
43 // returns one, and outputs the difference as a number of days and seconds in
44 // |*out_days| and |*out_secs| on success. It returns zero on failure.  Both
45 // |from| and |to| must be in the range of year 0000 to 9999 or a failure will
46 // be returned.
47 OPENSSL_EXPORT int OPENSSL_gmtime_diff(int *out_days, int *out_secs,
48                                        const struct tm *from,
49                                        const struct tm *to);
50 
51 // Internal ASN1 structures and functions: not for application use
52 
53 // These are used internally in the ASN1_OBJECT to keep track of
54 // whether the names and data need to be free()ed
55 #define ASN1_OBJECT_FLAG_DYNAMIC 0x01          // internal use
56 #define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04  // internal use
57 #define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08     // internal use
58 
59 // An asn1_object_st (aka |ASN1_OBJECT|) represents an ASN.1 OBJECT IDENTIFIER.
60 // Note: Mutating an |ASN1_OBJECT| is only permitted when initializing it. The
61 // library maintains a table of static |ASN1_OBJECT|s, which may be referenced
62 // by non-const |ASN1_OBJECT| pointers. Code which receives an |ASN1_OBJECT|
63 // pointer externally must assume it is immutable, even if the pointer is not
64 // const.
65 struct asn1_object_st {
66   const char *sn, *ln;
67   int nid;
68   int length;
69   const unsigned char *data;  // data remains const after init
70   int flags;                  // Should we free this one
71 };
72 
73 ASN1_OBJECT *ASN1_OBJECT_new(void);
74 
75 // ASN1_ENCODING is used to save the received encoding of an ASN.1 type. This
76 // avoids problems with invalid encodings that break signatures.
77 typedef struct ASN1_ENCODING_st {
78   // enc is the saved DER encoding. Its ownership is determined by |buf|.
79   uint8_t *enc;
80   // len is the length of |enc|. If zero, there is no saved encoding.
81   size_t len;
82   // buf, if non-NULL, is the |CRYPTO_BUFFER| that |enc| points into. If NULL,
83   // |enc| must be released with |OPENSSL_free|.
84   CRYPTO_BUFFER *buf;
85 } ASN1_ENCODING;
86 
87 OPENSSL_EXPORT int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d,
88                                       int allow_timezone_offset);
89 OPENSSL_EXPORT int asn1_generalizedtime_to_tm(struct tm *tm,
90                                               const ASN1_GENERALIZEDTIME *d);
91 
92 int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
93 void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
94 
95 void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
96 
97 // ASN1_item_ex_d2i parses |len| bytes from |*in| as a structure of type |it|
98 // and writes the result to |*pval|. If |tag| is non-negative, |it| is
99 // implicitly tagged with the tag specified by |tag| and |aclass|. If |opt| is
100 // non-zero, the value is optional. If |buf| is non-NULL, |*in| must point into
101 // |buf|.
102 //
103 // This function returns one and advances |*in| if an object was successfully
104 // parsed, -1 if an optional value was successfully skipped, and zero on error.
105 int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
106                      const ASN1_ITEM *it, int tag, int aclass, char opt,
107                      CRYPTO_BUFFER *buf);
108 
109 // ASN1_item_ex_i2d encodes |*pval| as a value of type |it| to |out| under the
110 // i2d output convention. It returns a non-zero length on success and -1 on
111 // error. If |tag| is -1. the tag and class come from |it|. Otherwise, the tag
112 // number is |tag| and the class is |aclass|. This is used for implicit tagging.
113 // This function treats a missing value as an error, not an optional field.
114 int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
115                      const ASN1_ITEM *it, int tag, int aclass);
116 
117 void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
118 
119 // asn1_get_choice_selector returns the CHOICE selector value for |*pval|, which
120 // must of type |it|.
121 int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
122 
123 int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it);
124 
125 // asn1_get_field_ptr returns a pointer to the field in |*pval| corresponding to
126 // |tt|.
127 ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
128 
129 // asn1_do_adb returns the |ASN1_TEMPLATE| for the ANY DEFINED BY field |tt|,
130 // based on the selector INTEGER or OID in |*pval|. If |tt| is not an ADB field,
131 // it returns |tt|. If the selector does not match any value, it returns NULL.
132 // If |nullerr| is non-zero, it will additionally push an error to the error
133 // queue when there is no match.
134 const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
135                                  int nullerr);
136 
137 void asn1_refcount_set_one(ASN1_VALUE **pval, const ASN1_ITEM *it);
138 int asn1_refcount_dec_and_test_zero(ASN1_VALUE **pval, const ASN1_ITEM *it);
139 
140 void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
141 void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
142 
143 // asn1_enc_restore, if |*pval| has a saved encoding, writes it to |out| under
144 // the i2d output convention, sets |*len| to the length, and returns one. If it
145 // has no saved encoding, it returns zero.
146 int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
147                      const ASN1_ITEM *it);
148 
149 // asn1_enc_save saves |inlen| bytes from |in| as |*pval|'s saved encoding. It
150 // returns one on success and zero on error. If |buf| is non-NULL, |in| must
151 // point into |buf|.
152 int asn1_enc_save(ASN1_VALUE **pval, const uint8_t *in, size_t inlen,
153                   const ASN1_ITEM *it, CRYPTO_BUFFER *buf);
154 
155 // asn1_encoding_clear clears the cached encoding in |enc|.
156 void asn1_encoding_clear(ASN1_ENCODING *enc);
157 
158 // asn1_type_value_as_pointer returns |a|'s value in pointer form. This is
159 // usually the value object but, for BOOLEAN values, is 0 or 0xff cast to
160 // a pointer.
161 const void *asn1_type_value_as_pointer(const ASN1_TYPE *a);
162 
163 // asn1_type_set0_string sets |a|'s value to the object represented by |str| and
164 // takes ownership of |str|.
165 void asn1_type_set0_string(ASN1_TYPE *a, ASN1_STRING *str);
166 
167 // asn1_type_cleanup releases memory associated with |a|'s value, without
168 // freeing |a| itself.
169 void asn1_type_cleanup(ASN1_TYPE *a);
170 
171 // asn1_is_printable returns one if |value| is a valid Unicode codepoint for an
172 // ASN.1 PrintableString, and zero otherwise.
173 int asn1_is_printable(uint32_t value);
174 
175 // asn1_bit_string_length returns the number of bytes in |str| and sets
176 // |*out_padding_bits| to the number of padding bits.
177 //
178 // This function should be used instead of |ASN1_STRING_length| to correctly
179 // handle the non-|ASN1_STRING_FLAG_BITS_LEFT| case.
180 int asn1_bit_string_length(const ASN1_BIT_STRING *str,
181                            uint8_t *out_padding_bits);
182 
183 // asn1_marshal_bit_string marshals |in| as a DER-encoded, ASN.1 BIT STRING and
184 // writes the result to |out|. It returns one on success and zero on error. If
185 // |tag| is non-zero, the tag is replaced with |tag|.
186 int asn1_marshal_bit_string(CBB *out, const ASN1_BIT_STRING *in,
187                             CBS_ASN1_TAG tag);
188 
189 // asn1_marshal_integer marshals |in| as a DER-encoded, ASN.1 INTEGER and writes
190 // the result to |out|. It returns one on success and zero on error. If |tag| is
191 // non-zero, the tag is replaced with |tag|.
192 int asn1_marshal_integer(CBB *out, const ASN1_INTEGER *in, CBS_ASN1_TAG tag);
193 
194 typedef struct {
195   int nid;
196   long minsize;
197   long maxsize;
198   unsigned long mask;
199   unsigned long flags;
200 } ASN1_STRING_TABLE;
201 
202 // asn1_get_string_table_for_testing sets |*out_ptr| and |*out_len| to the table
203 // of built-in |ASN1_STRING_TABLE| values. It is exported for testing.
204 OPENSSL_EXPORT void asn1_get_string_table_for_testing(
205     const ASN1_STRING_TABLE **out_ptr, size_t *out_len);
206 
207 typedef ASN1_VALUE *ASN1_new_func(void);
208 typedef void ASN1_free_func(ASN1_VALUE *a);
209 typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in,
210                                   long length);
211 typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in);
212 
213 typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
214                         const ASN1_ITEM *it, int opt, ASN1_TLC *ctx);
215 
216 typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
217                         const ASN1_ITEM *it);
218 typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
219 typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
220 
221 typedef struct ASN1_EXTERN_FUNCS_st {
222   ASN1_ex_new_func *asn1_ex_new;
223   ASN1_ex_free_func *asn1_ex_free;
224   ASN1_ex_d2i *asn1_ex_d2i;
225   ASN1_ex_i2d *asn1_ex_i2d;
226 } ASN1_EXTERN_FUNCS;
227 
228 // ASN1_ANY_AS_STRING is an |ASN1_ITEM| with ASN.1 type ANY and C type
229 // |ASN1_STRING*|. Types which are not represented with |ASN1_STRING|, such as
230 // |ASN1_OBJECT|, are represented with type |V_ASN1_OTHER|.
231 DECLARE_ASN1_ITEM(ASN1_ANY_AS_STRING)
232 
233 
234 #if defined(__cplusplus)
235 }  // extern C
236 #endif
237 
238 #endif  // OPENSSL_HEADER_CRYPTO_ASN1_INTERNAL_H
239