--- /dev/null
+/*
+ * Copyright (c) 2003-2006,2008,2010-2012 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ *
+ * nameTemplates.h - ASN1 templates for X509 Name, GeneralName, etc.
+ */
+
+#ifndef _NSS_NAME_TEMPLATES_H_
+#define _NSS_NAME_TEMPLATES_H_
+
+#include <Security/SecAsn1Types.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+// MARK: ----- Generalized NSS_TaggedItem template chooser support -----
+
+/*
+ * A tagged item for use with simple CHOICE types implemented
+ * via SEC_ASN1_DYNAMIC.
+ */
+typedef struct {
+ SecAsn1Item item;
+ unsigned char tag;
+} NSS_TaggedItem;
+
+/*
+ * Type/template-specific SecAsn1TemplateChooser passes
+ * an array of these, terminated by a NSS_TagChoice with
+ * a NULL templ field, to SecAsn1TaggedTemplateChooser().
+ */
+typedef struct {
+ unsigned char tag;
+ const SecAsn1Template *templ;
+} NSS_TagChoice;
+
+/*
+ * Generalized Template chooser.
+ */
+const SecAsn1Template * SecAsn1TaggedTemplateChooser(
+ /* Four args passed to specific SecAsn1TemplateChooser */
+ void *arg, // currently not used
+ Boolean enc,
+ const char *buf,
+ void *dest,
+ /* array of tag/template pairs */
+ const NSS_TagChoice *chooser);
+
+// MARK: ----- X509 Name, RDN ------
+
+/*
+ * ASN class : AttributeTypeAndValue
+ * C struct : NSS_ATV
+ * Roughly corresponds to a CSSM_X509_TYPE_VALUE_PAIR and used
+ * in DirectoryString elements.
+ */
+
+/*
+ * This type and template process, via SEC_ASN1_DYNAMIC. the following
+ * tagged types:
+ *
+ * SEC_ASN1_PRINTABLE_STRING
+ * SEC_ASN1_TELETEX_STRING
+ * SEC_ASN1_UNIVERSAL_STRING
+ * SEC_ASN1_UTF8_STRING
+ * SEC_ASN1_BMP_STRING
+ * SEC_ASN1_IA5_STRING
+ *
+ * Note that SEC_ASN1_IA5_STRING is not a legal part of a
+ * DirectoryString, but some certs (e.g. the Thawte serverbasic cert)
+ * use this type.
+ */
+typedef struct {
+ SecAsn1Oid type;
+ NSS_TaggedItem value;
+} NSS_ATV;
+
+/*
+ * ASN class : RelativeDistinguishedName
+ * C struct : NSS_RDN
+ *
+ * Corresponds to CSSM_X509_RDN.
+ */
+typedef struct {
+ NSS_ATV **atvs;
+} NSS_RDN;
+
+/*
+ * ASN class : Name
+ * C struct : NSS_Name
+ *
+ * Corresponds to CSSM_X509_NAME.
+ */
+typedef struct {
+ NSS_RDN **rdns;
+} NSS_Name;
+
+extern const SecAsn1Template kSecAsn1ATVTemplate[];
+extern const SecAsn1Template kSecAsn1RDNTemplate[];
+extern const SecAsn1Template kSecAsn1NameTemplate[];
+
+// MARK: ----- OtherName, GeneralizedName -----
+
+/*
+ * ASN Class : OtherName
+ * C struct : CE_OtherName
+ *
+ * CE_OtherName.value expressed as ASN_ANY, not en/decoded.
+ */
+extern const SecAsn1Template kSecAsn1OtherNameTemplate[];
+
+/*
+ * For decoding an OtherName when it's a context-specific CHOICE
+ * of a GeneralName.
+ */
+extern const SecAsn1Template kSecAsn1GenNameOtherNameTemplate[];
+
+/*
+ * ASN Class : GeneralName
+ * C struct : NSS_GeneralName, typedefd to an NSS_TaggedItem
+ *
+ * This roughly maps to a CE_GeneralName (from certextensions.h).
+ * The NSS_TaggedItem mechanism is used to resolve choices down
+ * to the SecAsn1Item level - i.e., at this level (prior to encoding
+ * or after decoding), NSS_GeneralName.item either contains a simple
+ * atomic type (IA5String, Octet string) or is raw, un{de,en}coded
+ * ASN_ANY.
+ */
+typedef NSS_TaggedItem NSS_GeneralName;
+
+/*
+ * These context-specific tag definitions, for use in
+ * NSS_GeneralName.tag, are from the ASN definition and map to
+ * CE_GeneralNameType values from certextensions.h. The values
+ * happen to be equivalent but apps should not count on that -
+ * these NSS_GeneralNameTag values are explicitly assigned per
+ * the ASN spec of a GeneralName.
+ *
+ * Shown with each tag is the simple type the tag maps to.
+ */
+typedef enum {
+ NGT_OtherName = 0, // ASN_ANY
+ NGT_RFC822Name = 1, // IA5String
+ NGT_DNSName = 2, // IA5String
+ NGT_X400Address = 3, // ASY_ANY
+ NGT_DirectoryName = 4, // ASN_ANY
+ NGT_EdiPartyName = 5, // ASN_ANY
+ NGT_URI = 6, // IA5String
+ NGT_IPAddress = 7, // OCTET_STRING
+ NGT_RegisteredID = 8 // OID
+} NSS_GeneralNameTag;
+
+extern const SecAsn1Template kSecAsn1GeneralNameTemplate[];
+
+/*
+ * ASN Class : GeneralNames
+ * C struct : NSS_GeneralNames
+ *
+ * Since the SEC_ANY_DYNAMIC mechanism doesn't work with POINTERs
+ * or GROUPs (e.g., a sequence of NSS_GeneralName elements), decoding
+ * an NSS_GeneralNames first requires a decode to an array of
+ * ANY_ANY blobs as shown here. Use SEC_SequenceOfAnyTemplate for
+ * that step. Each of the resulting elements is individually
+ * decoded into an NSS_GeneralName.
+ */
+typedef struct {
+ SecAsn1Item **names; /* sequence */
+} NSS_GeneralNames;
+
+#define kSecAsn1GeneralNamesTemplate kSecAsn1SequenceOfAnyTemplate
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _NSS_NAME_TEMPLATES_H_ */
projects / apple / security.git / blobdiff