projects / apple / security.git / blame
| Commit | Line | Data |
|---|---|---|
| b1ab9ed8 | 1 | /* |
| d8f41ccd | 2 | * Copyright (c) 2003-2006,2008,2010-2012 Apple Inc. All Rights Reserved. |
| b1ab9ed8 A |
3 | * |
| 4 | * @APPLE_LICENSE_HEADER_START@ | |
| 5 | * | |
| 6 | * This file contains Original Code and/or Modifications of Original Code | |
| 7 | * as defined in and that are subject to the Apple Public Source License | |
| 8 | * Version 2.0 (the 'License'). You may not use this file except in | |
| 9 | * compliance with the License. Please obtain a copy of the License at | |
| 10 | * http://www.opensource.apple.com/apsl/ and read it before using this | |
| 11 | * file. | |
| 12 | * | |
| 13 | * The Original Code and all software distributed under the License are | |
| 14 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | |
| 15 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, | |
| 16 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | |
| 17 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. | |
| 18 | * Please see the License for the specific language governing rights and | |
| 19 | * limitations under the License. | |
| 20 | * | |
| 21 | * @APPLE_LICENSE_HEADER_END@ | |
| 22 | * | |
| 23 | * nameTemplates.h - ASN1 templates for X509 Name, GeneralName, etc. | |
| 24 | */ | |
| 25 | ||
| 26 | #ifndef _NSS_NAME_TEMPLATES_H_ | |
| 27 | #define _NSS_NAME_TEMPLATES_H_ | |
| 28 | ||
| 29 | #include <Security/SecAsn1Types.h> | |
| 30 | ||
| 31 | #ifdef __cplusplus | |
| 32 | extern "C" { | |
| 33 | #endif | |
| 34 | ||
| 427c49bc | 35 | // MARK: ----- Generalized NSS_TaggedItem template chooser support ----- |
| b1ab9ed8 A |
36 | |
| 37 | /* | |
| 38 | * A tagged item for use with simple CHOICE types implemented | |
| 39 | * via SEC_ASN1_DYNAMIC. | |
| 40 | */ | |
| 41 | typedef struct { | |
| 42 | SecAsn1Item item; | |
| 43 | unsigned char tag; | |
| 44 | } NSS_TaggedItem; | |
| 45 | ||
| 46 | /* | |
| 47 | * Type/template-specific SecAsn1TemplateChooser passes | |
| 48 | * an array of these, terminated by a NSS_TagChoice with | |
| 49 | * a NULL templ field, to SecAsn1TaggedTemplateChooser(). | |
| 50 | */ | |
| 51 | typedef struct { | |
| 52 | unsigned char tag; | |
| 53 | const SecAsn1Template *templ; | |
| 54 | } NSS_TagChoice; | |
| 55 | ||
| 56 | /* | |
| 57 | * Generalized Template chooser. | |
| 58 | */ | |
| 59 | const SecAsn1Template * SecAsn1TaggedTemplateChooser( | |
| 822b670c | 60 | /* Five args passed to specific SecAsn1TemplateChooser */ |
| b1ab9ed8 A |
61 | void *arg, // currently not used |
| 62 | Boolean enc, | |
| 63 | const char *buf, | |
| 822b670c | 64 | size_t len, |
| b1ab9ed8 A |
65 | void *dest, |
| 66 | /* array of tag/template pairs */ | |
| 67 | const NSS_TagChoice *chooser); | |
| 68 | ||
| 427c49bc | 69 | // MARK: ----- X509 Name, RDN ------ |
| b1ab9ed8 A |
70 | |
| 71 | /* | |
| 72 | * ASN class : AttributeTypeAndValue | |
| 73 | * C struct : NSS_ATV | |
| 74 | * Roughly corresponds to a CSSM_X509_TYPE_VALUE_PAIR and used | |
| 75 | * in DirectoryString elements. | |
| 76 | */ | |
| 77 | ||
| 78 | /* | |
| 79 | * This type and template process, via SEC_ASN1_DYNAMIC. the following | |
| 80 | * tagged types: | |
| 81 | * | |
| 82 | * SEC_ASN1_PRINTABLE_STRING | |
| 83 | * SEC_ASN1_TELETEX_STRING | |
| 84 | * SEC_ASN1_UNIVERSAL_STRING | |
| 85 | * SEC_ASN1_UTF8_STRING | |
| 86 | * SEC_ASN1_BMP_STRING | |
| 87 | * SEC_ASN1_IA5_STRING | |
| 88 | * | |
| 89 | * Note that SEC_ASN1_IA5_STRING is not a legal part of a | |
| 90 | * DirectoryString, but some certs (e.g. the Thawte serverbasic cert) | |
| 91 | * use this type. | |
| 92 | */ | |
| 93 | typedef struct { | |
| 94 | SecAsn1Oid type; | |
| 95 | NSS_TaggedItem value; | |
| 96 | } NSS_ATV; | |
| 97 | ||
| 98 | /* | |
| 99 | * ASN class : RelativeDistinguishedName | |
| 100 | * C struct : NSS_RDN | |
| 101 | * | |
| 102 | * Corresponds to CSSM_X509_RDN. | |
| 103 | */ | |
| 104 | typedef struct { | |
| 105 | NSS_ATV **atvs; | |
| 106 | } NSS_RDN; | |
| 107 | ||
| 108 | /* | |
| 109 | * ASN class : Name | |
| 110 | * C struct : NSS_Name | |
| 111 | * | |
| 112 | * Corresponds to CSSM_X509_NAME. | |
| 113 | */ | |
| 114 | typedef struct { | |
| 115 | NSS_RDN **rdns; | |
| 116 | } NSS_Name; | |
| 117 | ||
| 118 | extern const SecAsn1Template kSecAsn1ATVTemplate[]; | |
| 119 | extern const SecAsn1Template kSecAsn1RDNTemplate[]; | |
| 120 | extern const SecAsn1Template kSecAsn1NameTemplate[]; | |
| 121 | ||
| 427c49bc | 122 | // MARK: ----- OtherName, GeneralizedName ----- |
| b1ab9ed8 A |
123 | |
| 124 | /* | |
| 125 | * ASN Class : OtherName | |
| 126 | * C struct : CE_OtherName | |
| 127 | * | |
| 128 | * CE_OtherName.value expressed as ASN_ANY, not en/decoded. | |
| 129 | */ | |
| 130 | extern const SecAsn1Template kSecAsn1OtherNameTemplate[]; | |
| 131 | ||
| 132 | /* | |
| 133 | * For decoding an OtherName when it's a context-specific CHOICE | |
| 134 | * of a GeneralName. | |
| 135 | */ | |
| 136 | extern const SecAsn1Template kSecAsn1GenNameOtherNameTemplate[]; | |
| 137 | ||
| 138 | /* | |
| 139 | * ASN Class : GeneralName | |
| 140 | * C struct : NSS_GeneralName, typedefd to an NSS_TaggedItem | |
| 141 | * | |
| 142 | * This roughly maps to a CE_GeneralName (from certextensions.h). | |
| 143 | * The NSS_TaggedItem mechanism is used to resolve choices down | |
| 144 | * to the SecAsn1Item level - i.e., at this level (prior to encoding | |
| 145 | * or after decoding), NSS_GeneralName.item either contains a simple | |
| 146 | * atomic type (IA5String, Octet string) or is raw, un{de,en}coded | |
| 147 | * ASN_ANY. | |
| 148 | */ | |
| 149 | typedef NSS_TaggedItem NSS_GeneralName; | |
| 150 | ||
| 151 | /* | |
| 152 | * These context-specific tag definitions, for use in | |
| 153 | * NSS_GeneralName.tag, are from the ASN definition and map to | |
| 154 | * CE_GeneralNameType values from certextensions.h. The values | |
| 155 | * happen to be equivalent but apps should not count on that - | |
| 156 | * these NSS_GeneralNameTag values are explicitly assigned per | |
| 157 | * the ASN spec of a GeneralName. | |
| 158 | * | |
| 159 | * Shown with each tag is the simple type the tag maps to. | |
| 160 | */ | |
| 161 | typedef enum { | |
| 162 | NGT_OtherName = 0, // ASN_ANY | |
| 163 | NGT_RFC822Name = 1, // IA5String | |
| 164 | NGT_DNSName = 2, // IA5String | |
| 165 | NGT_X400Address = 3, // ASY_ANY | |
| 166 | NGT_DirectoryName = 4, // ASN_ANY | |
| 167 | NGT_EdiPartyName = 5, // ASN_ANY | |
| 168 | NGT_URI = 6, // IA5String | |
| 169 | NGT_IPAddress = 7, // OCTET_STRING | |
| 170 | NGT_RegisteredID = 8 // OID | |
| 171 | } NSS_GeneralNameTag; | |
| 172 | ||
| 173 | extern const SecAsn1Template kSecAsn1GeneralNameTemplate[]; | |
| 174 | ||
| 175 | /* | |
| 176 | * ASN Class : GeneralNames | |
| 177 | * C struct : NSS_GeneralNames | |
| 178 | * | |
| 179 | * Since the SEC_ANY_DYNAMIC mechanism doesn't work with POINTERs | |
| 180 | * or GROUPs (e.g., a sequence of NSS_GeneralName elements), decoding | |
| 181 | * an NSS_GeneralNames first requires a decode to an array of | |
| 182 | * ANY_ANY blobs as shown here. Use SEC_SequenceOfAnyTemplate for | |
| 183 | * that step. Each of the resulting elements is individually | |
| 184 | * decoded into an NSS_GeneralName. | |
| 185 | */ | |
| 186 | typedef struct { | |
| 187 | SecAsn1Item **names; /* sequence */ | |
| 188 | } NSS_GeneralNames; | |
| 189 | ||
| 190 | #define kSecAsn1GeneralNamesTemplate kSecAsn1SequenceOfAnyTemplate | |
| 191 | ||
| 192 | #ifdef __cplusplus | |
| 193 | } | |
| 194 | #endif | |
| 195 | ||
| 196 | #endif /* _NSS_NAME_TEMPLATES_H_ */ |