Ruby 1.9.3p327(2012-11-10revision37606)
|
00001 /* 00002 * $Id: ossl_asn1.c 34505 2012-02-09 03:25:07Z nobu $ 00003 * 'OpenSSL for Ruby' team members 00004 * Copyright (C) 2003 00005 * All rights reserved. 00006 */ 00007 /* 00008 * This program is licenced under the same licence as Ruby. 00009 * (See the file 'LICENCE'.) 00010 */ 00011 #include "ossl.h" 00012 00013 #if defined(HAVE_SYS_TIME_H) 00014 # include <sys/time.h> 00015 #elif !defined(NT) && !defined(_WIN32) 00016 struct timeval { 00017 long tv_sec; /* seconds */ 00018 long tv_usec; /* and microseconds */ 00019 }; 00020 #endif 00021 00022 static VALUE join_der(VALUE enumerable); 00023 static VALUE ossl_asn1_decode0(unsigned char **pp, long length, long *offset, 00024 int depth, int yield, long *num_read); 00025 static VALUE ossl_asn1_initialize(int argc, VALUE *argv, VALUE self); 00026 static VALUE ossl_asn1eoc_initialize(VALUE self); 00027 00028 /* 00029 * DATE conversion 00030 */ 00031 VALUE 00032 asn1time_to_time(ASN1_TIME *time) 00033 { 00034 struct tm tm; 00035 VALUE argv[6]; 00036 00037 if (!time || !time->data) return Qnil; 00038 memset(&tm, 0, sizeof(struct tm)); 00039 00040 switch (time->type) { 00041 case V_ASN1_UTCTIME: 00042 if (sscanf((const char *)time->data, "%2d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon, 00043 &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) { 00044 ossl_raise(rb_eTypeError, "bad UTCTIME format"); 00045 } 00046 if (tm.tm_year < 69) { 00047 tm.tm_year += 2000; 00048 } else { 00049 tm.tm_year += 1900; 00050 } 00051 break; 00052 case V_ASN1_GENERALIZEDTIME: 00053 if (sscanf((const char *)time->data, "%4d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon, 00054 &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) { 00055 ossl_raise(rb_eTypeError, "bad GENERALIZEDTIME format" ); 00056 } 00057 break; 00058 default: 00059 rb_warning("unknown time format"); 00060 return Qnil; 00061 } 00062 argv[0] = INT2NUM(tm.tm_year); 00063 argv[1] = INT2NUM(tm.tm_mon); 00064 argv[2] = INT2NUM(tm.tm_mday); 00065 argv[3] = INT2NUM(tm.tm_hour); 00066 argv[4] = INT2NUM(tm.tm_min); 00067 argv[5] = INT2NUM(tm.tm_sec); 00068 00069 return rb_funcall2(rb_cTime, rb_intern("utc"), 6, argv); 00070 } 00071 00072 /* 00073 * This function is not exported in Ruby's *.h 00074 */ 00075 extern struct timeval rb_time_timeval(VALUE); 00076 00077 time_t 00078 time_to_time_t(VALUE time) 00079 { 00080 return (time_t)NUM2LONG(rb_Integer(time)); 00081 } 00082 00083 /* 00084 * STRING conversion 00085 */ 00086 VALUE 00087 asn1str_to_str(ASN1_STRING *str) 00088 { 00089 return rb_str_new((const char *)str->data, str->length); 00090 } 00091 00092 /* 00093 * ASN1_INTEGER conversions 00094 * TODO: Make a decision what's the right way to do this. 00095 */ 00096 #define DO_IT_VIA_RUBY 0 00097 VALUE 00098 asn1integer_to_num(ASN1_INTEGER *ai) 00099 { 00100 BIGNUM *bn; 00101 #if DO_IT_VIA_RUBY 00102 char *txt; 00103 #endif 00104 VALUE num; 00105 00106 if (!ai) { 00107 ossl_raise(rb_eTypeError, "ASN1_INTEGER is NULL!"); 00108 } 00109 if (!(bn = ASN1_INTEGER_to_BN(ai, NULL))) { 00110 ossl_raise(eOSSLError, NULL); 00111 } 00112 #if DO_IT_VIA_RUBY 00113 if (!(txt = BN_bn2dec(bn))) { 00114 BN_free(bn); 00115 ossl_raise(eOSSLError, NULL); 00116 } 00117 num = rb_cstr_to_inum(txt, 10, Qtrue); 00118 OPENSSL_free(txt); 00119 #else 00120 num = ossl_bn_new(bn); 00121 #endif 00122 BN_free(bn); 00123 00124 return num; 00125 } 00126 00127 #if DO_IT_VIA_RUBY 00128 ASN1_INTEGER * 00129 num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai) 00130 { 00131 BIGNUM *bn = NULL; 00132 00133 if (RTEST(rb_obj_is_kind_of(obj, cBN))) { 00134 bn = GetBNPtr(obj); 00135 } else { 00136 obj = rb_String(obj); 00137 if (!BN_dec2bn(&bn, StringValuePtr(obj))) { 00138 ossl_raise(eOSSLError, NULL); 00139 } 00140 } 00141 if (!(ai = BN_to_ASN1_INTEGER(bn, ai))) { 00142 BN_free(bn); 00143 ossl_raise(eOSSLError, NULL); 00144 } 00145 BN_free(bn); 00146 return ai; 00147 } 00148 #else 00149 ASN1_INTEGER * 00150 num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai) 00151 { 00152 BIGNUM *bn = GetBNPtr(obj); 00153 00154 if (!(ai = BN_to_ASN1_INTEGER(bn, ai))) { 00155 ossl_raise(eOSSLError, NULL); 00156 } 00157 return ai; 00158 } 00159 #endif 00160 00161 /********/ 00162 /* 00163 * ASN1 module 00164 */ 00165 #define ossl_asn1_get_value(o) rb_attr_get((o),sivVALUE) 00166 #define ossl_asn1_get_tag(o) rb_attr_get((o),sivTAG) 00167 #define ossl_asn1_get_tagging(o) rb_attr_get((o),sivTAGGING) 00168 #define ossl_asn1_get_tag_class(o) rb_attr_get((o),sivTAG_CLASS) 00169 #define ossl_asn1_get_infinite_length(o) rb_attr_get((o),sivINFINITE_LENGTH) 00170 00171 #define ossl_asn1_set_value(o,v) rb_ivar_set((o),sivVALUE,(v)) 00172 #define ossl_asn1_set_tag(o,v) rb_ivar_set((o),sivTAG,(v)) 00173 #define ossl_asn1_set_tagging(o,v) rb_ivar_set((o),sivTAGGING,(v)) 00174 #define ossl_asn1_set_tag_class(o,v) rb_ivar_set((o),sivTAG_CLASS,(v)) 00175 #define ossl_asn1_set_infinite_length(o,v) rb_ivar_set((o),sivINFINITE_LENGTH,(v)) 00176 00177 VALUE mASN1; 00178 VALUE eASN1Error; 00179 00180 VALUE cASN1Data; 00181 VALUE cASN1Primitive; 00182 VALUE cASN1Constructive; 00183 00184 VALUE cASN1EndOfContent; 00185 VALUE cASN1Boolean; /* BOOLEAN */ 00186 VALUE cASN1Integer, cASN1Enumerated; /* INTEGER */ 00187 VALUE cASN1BitString; /* BIT STRING */ 00188 VALUE cASN1OctetString, cASN1UTF8String; /* STRINGs */ 00189 VALUE cASN1NumericString, cASN1PrintableString; 00190 VALUE cASN1T61String, cASN1VideotexString; 00191 VALUE cASN1IA5String, cASN1GraphicString; 00192 VALUE cASN1ISO64String, cASN1GeneralString; 00193 VALUE cASN1UniversalString, cASN1BMPString; 00194 VALUE cASN1Null; /* NULL */ 00195 VALUE cASN1ObjectId; /* OBJECT IDENTIFIER */ 00196 VALUE cASN1UTCTime, cASN1GeneralizedTime; /* TIME */ 00197 VALUE cASN1Sequence, cASN1Set; /* CONSTRUCTIVE */ 00198 00199 static ID sIMPLICIT, sEXPLICIT; 00200 static ID sUNIVERSAL, sAPPLICATION, sCONTEXT_SPECIFIC, sPRIVATE; 00201 static ID sivVALUE, sivTAG, sivTAG_CLASS, sivTAGGING, sivINFINITE_LENGTH, sivUNUSED_BITS; 00202 00203 /* 00204 * We need to implement these for backward compatibility 00205 * reasons, behavior of ASN1_put_object and ASN1_object_size 00206 * for infinite length values is different in OpenSSL <= 0.9.7 00207 */ 00208 #if OPENSSL_VERSION_NUMBER < 0x00908000L 00209 #define ossl_asn1_object_size(cons, len, tag) (cons) == 2 ? (len) + ASN1_object_size((cons), 0, (tag)) : ASN1_object_size((cons), (len), (tag)) 00210 #define ossl_asn1_put_object(pp, cons, len, tag, xc) (cons) == 2 ? ASN1_put_object((pp), (cons), 0, (tag), (xc)) : ASN1_put_object((pp), (cons), (len), (tag), (xc)) 00211 #else 00212 #define ossl_asn1_object_size(cons, len, tag) ASN1_object_size((cons), (len), (tag)) 00213 #define ossl_asn1_put_object(pp, cons, len, tag, xc) ASN1_put_object((pp), (cons), (len), (tag), (xc)) 00214 #endif 00215 00216 /* 00217 * Ruby to ASN1 converters 00218 */ 00219 static ASN1_BOOLEAN 00220 obj_to_asn1bool(VALUE obj) 00221 { 00222 #if OPENSSL_VERSION_NUMBER < 0x00907000L 00223 return RTEST(obj) ? 0xff : 0x100; 00224 #else 00225 return RTEST(obj) ? 0xff : 0x0; 00226 #endif 00227 } 00228 00229 static ASN1_INTEGER* 00230 obj_to_asn1int(VALUE obj) 00231 { 00232 return num_to_asn1integer(obj, NULL); 00233 } 00234 00235 static ASN1_BIT_STRING* 00236 obj_to_asn1bstr(VALUE obj, long unused_bits) 00237 { 00238 ASN1_BIT_STRING *bstr; 00239 00240 if(unused_bits < 0) unused_bits = 0; 00241 StringValue(obj); 00242 if(!(bstr = ASN1_BIT_STRING_new())) 00243 ossl_raise(eASN1Error, NULL); 00244 ASN1_BIT_STRING_set(bstr, (unsigned char *)RSTRING_PTR(obj), RSTRING_LENINT(obj)); 00245 bstr->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */ 00246 bstr->flags |= ASN1_STRING_FLAG_BITS_LEFT|(unused_bits&0x07); 00247 00248 return bstr; 00249 } 00250 00251 static ASN1_STRING* 00252 obj_to_asn1str(VALUE obj) 00253 { 00254 ASN1_STRING *str; 00255 00256 StringValue(obj); 00257 if(!(str = ASN1_STRING_new())) 00258 ossl_raise(eASN1Error, NULL); 00259 ASN1_STRING_set(str, RSTRING_PTR(obj), RSTRING_LENINT(obj)); 00260 00261 return str; 00262 } 00263 00264 static ASN1_NULL* 00265 obj_to_asn1null(VALUE obj) 00266 { 00267 ASN1_NULL *null; 00268 00269 if(!NIL_P(obj)) 00270 ossl_raise(eASN1Error, "nil expected"); 00271 if(!(null = ASN1_NULL_new())) 00272 ossl_raise(eASN1Error, NULL); 00273 00274 return null; 00275 } 00276 00277 static ASN1_OBJECT* 00278 obj_to_asn1obj(VALUE obj) 00279 { 00280 ASN1_OBJECT *a1obj; 00281 00282 StringValue(obj); 00283 a1obj = OBJ_txt2obj(RSTRING_PTR(obj), 0); 00284 if(!a1obj) a1obj = OBJ_txt2obj(RSTRING_PTR(obj), 1); 00285 if(!a1obj) ossl_raise(eASN1Error, "invalid OBJECT ID"); 00286 00287 return a1obj; 00288 } 00289 00290 static ASN1_UTCTIME* 00291 obj_to_asn1utime(VALUE time) 00292 { 00293 time_t sec; 00294 ASN1_UTCTIME *t; 00295 00296 sec = time_to_time_t(time); 00297 if(!(t = ASN1_UTCTIME_set(NULL, sec))) 00298 ossl_raise(eASN1Error, NULL); 00299 00300 return t; 00301 } 00302 00303 static ASN1_GENERALIZEDTIME* 00304 obj_to_asn1gtime(VALUE time) 00305 { 00306 time_t sec; 00307 ASN1_GENERALIZEDTIME *t; 00308 00309 sec = time_to_time_t(time); 00310 if(!(t =ASN1_GENERALIZEDTIME_set(NULL, sec))) 00311 ossl_raise(eASN1Error, NULL); 00312 00313 return t; 00314 } 00315 00316 static ASN1_STRING* 00317 obj_to_asn1derstr(VALUE obj) 00318 { 00319 ASN1_STRING *a1str; 00320 VALUE str; 00321 00322 str = ossl_to_der(obj); 00323 if(!(a1str = ASN1_STRING_new())) 00324 ossl_raise(eASN1Error, NULL); 00325 ASN1_STRING_set(a1str, RSTRING_PTR(str), RSTRING_LENINT(str)); 00326 00327 return a1str; 00328 } 00329 00330 /* 00331 * DER to Ruby converters 00332 */ 00333 static VALUE 00334 decode_bool(unsigned char* der, int length) 00335 { 00336 int val; 00337 const unsigned char *p; 00338 00339 p = der; 00340 if((val = d2i_ASN1_BOOLEAN(NULL, &p, length)) < 0) 00341 ossl_raise(eASN1Error, NULL); 00342 00343 return val ? Qtrue : Qfalse; 00344 } 00345 00346 static VALUE 00347 decode_int(unsigned char* der, int length) 00348 { 00349 ASN1_INTEGER *ai; 00350 const unsigned char *p; 00351 VALUE ret; 00352 int status = 0; 00353 00354 p = der; 00355 if(!(ai = d2i_ASN1_INTEGER(NULL, &p, length))) 00356 ossl_raise(eASN1Error, NULL); 00357 ret = rb_protect((VALUE(*)_((VALUE)))asn1integer_to_num, 00358 (VALUE)ai, &status); 00359 ASN1_INTEGER_free(ai); 00360 if(status) rb_jump_tag(status); 00361 00362 return ret; 00363 } 00364 00365 static VALUE 00366 decode_bstr(unsigned char* der, int length, long *unused_bits) 00367 { 00368 ASN1_BIT_STRING *bstr; 00369 const unsigned char *p; 00370 long len; 00371 VALUE ret; 00372 00373 p = der; 00374 if(!(bstr = d2i_ASN1_BIT_STRING(NULL, &p, length))) 00375 ossl_raise(eASN1Error, NULL); 00376 len = bstr->length; 00377 *unused_bits = 0; 00378 if(bstr->flags & ASN1_STRING_FLAG_BITS_LEFT) 00379 *unused_bits = bstr->flags & 0x07; 00380 ret = rb_str_new((const char *)bstr->data, len); 00381 ASN1_BIT_STRING_free(bstr); 00382 00383 return ret; 00384 } 00385 00386 static VALUE 00387 decode_enum(unsigned char* der, int length) 00388 { 00389 ASN1_ENUMERATED *ai; 00390 const unsigned char *p; 00391 VALUE ret; 00392 int status = 0; 00393 00394 p = der; 00395 if(!(ai = d2i_ASN1_ENUMERATED(NULL, &p, length))) 00396 ossl_raise(eASN1Error, NULL); 00397 ret = rb_protect((VALUE(*)_((VALUE)))asn1integer_to_num, 00398 (VALUE)ai, &status); 00399 ASN1_ENUMERATED_free(ai); 00400 if(status) rb_jump_tag(status); 00401 00402 return ret; 00403 } 00404 00405 static VALUE 00406 decode_null(unsigned char* der, int length) 00407 { 00408 ASN1_NULL *null; 00409 const unsigned char *p; 00410 00411 p = der; 00412 if(!(null = d2i_ASN1_NULL(NULL, &p, length))) 00413 ossl_raise(eASN1Error, NULL); 00414 ASN1_NULL_free(null); 00415 00416 return Qnil; 00417 } 00418 00419 static VALUE 00420 decode_obj(unsigned char* der, int length) 00421 { 00422 ASN1_OBJECT *obj; 00423 const unsigned char *p; 00424 VALUE ret; 00425 int nid; 00426 BIO *bio; 00427 00428 p = der; 00429 if(!(obj = d2i_ASN1_OBJECT(NULL, &p, length))) 00430 ossl_raise(eASN1Error, NULL); 00431 if((nid = OBJ_obj2nid(obj)) != NID_undef){ 00432 ASN1_OBJECT_free(obj); 00433 ret = rb_str_new2(OBJ_nid2sn(nid)); 00434 } 00435 else{ 00436 if(!(bio = BIO_new(BIO_s_mem()))){ 00437 ASN1_OBJECT_free(obj); 00438 ossl_raise(eASN1Error, NULL); 00439 } 00440 i2a_ASN1_OBJECT(bio, obj); 00441 ASN1_OBJECT_free(obj); 00442 ret = ossl_membio2str(bio); 00443 } 00444 00445 return ret; 00446 } 00447 00448 static VALUE 00449 decode_time(unsigned char* der, int length) 00450 { 00451 ASN1_TIME *time; 00452 const unsigned char *p; 00453 VALUE ret; 00454 int status = 0; 00455 00456 p = der; 00457 if(!(time = d2i_ASN1_TIME(NULL, &p, length))) 00458 ossl_raise(eASN1Error, NULL); 00459 ret = rb_protect((VALUE(*)_((VALUE)))asn1time_to_time, 00460 (VALUE)time, &status); 00461 ASN1_TIME_free(time); 00462 if(status) rb_jump_tag(status); 00463 00464 return ret; 00465 } 00466 00467 static VALUE 00468 decode_eoc(unsigned char *der, int length) 00469 { 00470 if (length != 2 || !(der[0] == 0x00 && der[1] == 0x00)) 00471 ossl_raise(eASN1Error, NULL); 00472 00473 return rb_str_new("", 0); 00474 } 00475 00476 /********/ 00477 00478 typedef struct { 00479 const char *name; 00480 VALUE *klass; 00481 } ossl_asn1_info_t; 00482 00483 static ossl_asn1_info_t ossl_asn1_info[] = { 00484 { "EOC", &cASN1EndOfContent, }, /* 0 */ 00485 { "BOOLEAN", &cASN1Boolean, }, /* 1 */ 00486 { "INTEGER", &cASN1Integer, }, /* 2 */ 00487 { "BIT_STRING", &cASN1BitString, }, /* 3 */ 00488 { "OCTET_STRING", &cASN1OctetString, }, /* 4 */ 00489 { "NULL", &cASN1Null, }, /* 5 */ 00490 { "OBJECT", &cASN1ObjectId, }, /* 6 */ 00491 { "OBJECT_DESCRIPTOR", NULL, }, /* 7 */ 00492 { "EXTERNAL", NULL, }, /* 8 */ 00493 { "REAL", NULL, }, /* 9 */ 00494 { "ENUMERATED", &cASN1Enumerated, }, /* 10 */ 00495 { "EMBEDDED_PDV", NULL, }, /* 11 */ 00496 { "UTF8STRING", &cASN1UTF8String, }, /* 12 */ 00497 { "RELATIVE_OID", NULL, }, /* 13 */ 00498 { "[UNIVERSAL 14]", NULL, }, /* 14 */ 00499 { "[UNIVERSAL 15]", NULL, }, /* 15 */ 00500 { "SEQUENCE", &cASN1Sequence, }, /* 16 */ 00501 { "SET", &cASN1Set, }, /* 17 */ 00502 { "NUMERICSTRING", &cASN1NumericString, }, /* 18 */ 00503 { "PRINTABLESTRING", &cASN1PrintableString, }, /* 19 */ 00504 { "T61STRING", &cASN1T61String, }, /* 20 */ 00505 { "VIDEOTEXSTRING", &cASN1VideotexString, }, /* 21 */ 00506 { "IA5STRING", &cASN1IA5String, }, /* 22 */ 00507 { "UTCTIME", &cASN1UTCTime, }, /* 23 */ 00508 { "GENERALIZEDTIME", &cASN1GeneralizedTime, }, /* 24 */ 00509 { "GRAPHICSTRING", &cASN1GraphicString, }, /* 25 */ 00510 { "ISO64STRING", &cASN1ISO64String, }, /* 26 */ 00511 { "GENERALSTRING", &cASN1GeneralString, }, /* 27 */ 00512 { "UNIVERSALSTRING", &cASN1UniversalString, }, /* 28 */ 00513 { "CHARACTER_STRING", NULL, }, /* 29 */ 00514 { "BMPSTRING", &cASN1BMPString, }, /* 30 */ 00515 }; 00516 00517 int ossl_asn1_info_size = (sizeof(ossl_asn1_info)/sizeof(ossl_asn1_info[0])); 00518 00519 static VALUE class_tag_map; 00520 00521 static int ossl_asn1_default_tag(VALUE obj); 00522 00523 ASN1_TYPE* 00524 ossl_asn1_get_asn1type(VALUE obj) 00525 { 00526 ASN1_TYPE *ret; 00527 VALUE value, rflag; 00528 void *ptr; 00529 void (*free_func)(); 00530 int tag, flag; 00531 00532 tag = ossl_asn1_default_tag(obj); 00533 value = ossl_asn1_get_value(obj); 00534 switch(tag){ 00535 case V_ASN1_BOOLEAN: 00536 ptr = (void*)(VALUE)obj_to_asn1bool(value); 00537 free_func = NULL; 00538 break; 00539 case V_ASN1_INTEGER: /* FALLTHROUGH */ 00540 case V_ASN1_ENUMERATED: 00541 ptr = obj_to_asn1int(value); 00542 free_func = ASN1_INTEGER_free; 00543 break; 00544 case V_ASN1_BIT_STRING: 00545 rflag = rb_attr_get(obj, sivUNUSED_BITS); 00546 flag = NIL_P(rflag) ? -1 : NUM2INT(rflag); 00547 ptr = obj_to_asn1bstr(value, flag); 00548 free_func = ASN1_BIT_STRING_free; 00549 break; 00550 case V_ASN1_NULL: 00551 ptr = obj_to_asn1null(value); 00552 free_func = ASN1_NULL_free; 00553 break; 00554 case V_ASN1_OCTET_STRING: /* FALLTHROUGH */ 00555 case V_ASN1_UTF8STRING: /* FALLTHROUGH */ 00556 case V_ASN1_NUMERICSTRING: /* FALLTHROUGH */ 00557 case V_ASN1_PRINTABLESTRING: /* FALLTHROUGH */ 00558 case V_ASN1_T61STRING: /* FALLTHROUGH */ 00559 case V_ASN1_VIDEOTEXSTRING: /* FALLTHROUGH */ 00560 case V_ASN1_IA5STRING: /* FALLTHROUGH */ 00561 case V_ASN1_GRAPHICSTRING: /* FALLTHROUGH */ 00562 case V_ASN1_ISO64STRING: /* FALLTHROUGH */ 00563 case V_ASN1_GENERALSTRING: /* FALLTHROUGH */ 00564 case V_ASN1_UNIVERSALSTRING: /* FALLTHROUGH */ 00565 case V_ASN1_BMPSTRING: 00566 ptr = obj_to_asn1str(value); 00567 free_func = ASN1_STRING_free; 00568 break; 00569 case V_ASN1_OBJECT: 00570 ptr = obj_to_asn1obj(value); 00571 free_func = ASN1_OBJECT_free; 00572 break; 00573 case V_ASN1_UTCTIME: 00574 ptr = obj_to_asn1utime(value); 00575 free_func = ASN1_TIME_free; 00576 break; 00577 case V_ASN1_GENERALIZEDTIME: 00578 ptr = obj_to_asn1gtime(value); 00579 free_func = ASN1_TIME_free; 00580 break; 00581 case V_ASN1_SET: /* FALLTHROUGH */ 00582 case V_ASN1_SEQUENCE: 00583 ptr = obj_to_asn1derstr(obj); 00584 free_func = ASN1_STRING_free; 00585 break; 00586 default: 00587 ossl_raise(eASN1Error, "unsupported ASN.1 type"); 00588 } 00589 if(!(ret = OPENSSL_malloc(sizeof(ASN1_TYPE)))){ 00590 if(free_func) free_func(ptr); 00591 ossl_raise(eASN1Error, "ASN1_TYPE alloc failure"); 00592 } 00593 memset(ret, 0, sizeof(ASN1_TYPE)); 00594 ASN1_TYPE_set(ret, tag, ptr); 00595 00596 return ret; 00597 } 00598 00599 static int 00600 ossl_asn1_default_tag(VALUE obj) 00601 { 00602 VALUE tmp_class, tag; 00603 00604 tmp_class = CLASS_OF(obj); 00605 while (tmp_class) { 00606 tag = rb_hash_lookup(class_tag_map, tmp_class); 00607 if (tag != Qnil) { 00608 return NUM2INT(tag); 00609 } 00610 tmp_class = rb_class_superclass(tmp_class); 00611 } 00612 ossl_raise(eASN1Error, "universal tag for %s not found", 00613 rb_class2name(CLASS_OF(obj))); 00614 00615 return -1; /* dummy */ 00616 } 00617 00618 static int 00619 ossl_asn1_tag(VALUE obj) 00620 { 00621 VALUE tag; 00622 00623 tag = ossl_asn1_get_tag(obj); 00624 if(NIL_P(tag)) 00625 ossl_raise(eASN1Error, "tag number not specified"); 00626 00627 return NUM2INT(tag); 00628 } 00629 00630 static int 00631 ossl_asn1_is_explicit(VALUE obj) 00632 { 00633 VALUE s; 00634 int ret = -1; 00635 00636 s = ossl_asn1_get_tagging(obj); 00637 if(NIL_P(s)) return 0; 00638 else if(SYMBOL_P(s)){ 00639 if (SYM2ID(s) == sIMPLICIT) 00640 ret = 0; 00641 else if (SYM2ID(s) == sEXPLICIT) 00642 ret = 1; 00643 } 00644 if(ret < 0){ 00645 ossl_raise(eASN1Error, "invalid tag default"); 00646 } 00647 00648 return ret; 00649 } 00650 00651 static int 00652 ossl_asn1_tag_class(VALUE obj) 00653 { 00654 VALUE s; 00655 int ret = -1; 00656 00657 s = ossl_asn1_get_tag_class(obj); 00658 if(NIL_P(s)) ret = V_ASN1_UNIVERSAL; 00659 else if(SYMBOL_P(s)){ 00660 if (SYM2ID(s) == sUNIVERSAL) 00661 ret = V_ASN1_UNIVERSAL; 00662 else if (SYM2ID(s) == sAPPLICATION) 00663 ret = V_ASN1_APPLICATION; 00664 else if (SYM2ID(s) == sCONTEXT_SPECIFIC) 00665 ret = V_ASN1_CONTEXT_SPECIFIC; 00666 else if (SYM2ID(s) == sPRIVATE) 00667 ret = V_ASN1_PRIVATE; 00668 } 00669 if(ret < 0){ 00670 ossl_raise(eASN1Error, "invalid tag class"); 00671 } 00672 00673 return ret; 00674 } 00675 00676 static VALUE 00677 ossl_asn1_class2sym(int tc) 00678 { 00679 if((tc & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) 00680 return ID2SYM(sPRIVATE); 00681 else if((tc & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC) 00682 return ID2SYM(sCONTEXT_SPECIFIC); 00683 else if((tc & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) 00684 return ID2SYM(sAPPLICATION); 00685 else 00686 return ID2SYM(sUNIVERSAL); 00687 } 00688 00689 /* 00690 * call-seq: 00691 * OpenSSL::ASN1::ASN1Data.new(value, tag, tag_class) => ASN1Data 00692 * 00693 * +value+: Please have a look at Constructive and Primitive to see how Ruby 00694 * types are mapped to ASN.1 types and vice versa. 00695 * 00696 * +tag+: A +Number+ indicating the tag number. 00697 * 00698 * +tag_class+: A +Symbol+ indicating the tag class. Please cf. ASN1 for 00699 * possible values. 00700 * 00701 * == Example 00702 * asn1_int = OpenSSL::ASN1Data.new(42, 2, :UNIVERSAL) # => Same as OpenSSL::ASN1::Integer.new(42) 00703 * tagged_int = OpenSSL::ASN1Data.new(42, 0, :CONTEXT_SPECIFIC) # implicitly 0-tagged INTEGER 00704 */ 00705 static VALUE 00706 ossl_asn1data_initialize(VALUE self, VALUE value, VALUE tag, VALUE tag_class) 00707 { 00708 if(!SYMBOL_P(tag_class)) 00709 ossl_raise(eASN1Error, "invalid tag class"); 00710 if((SYM2ID(tag_class) == sUNIVERSAL) && NUM2INT(tag) > 31) 00711 ossl_raise(eASN1Error, "tag number for Universal too large"); 00712 ossl_asn1_set_tag(self, tag); 00713 ossl_asn1_set_value(self, value); 00714 ossl_asn1_set_tag_class(self, tag_class); 00715 ossl_asn1_set_infinite_length(self, Qfalse); 00716 00717 return self; 00718 } 00719 00720 static VALUE 00721 join_der_i(VALUE i, VALUE str) 00722 { 00723 i = ossl_to_der_if_possible(i); 00724 StringValue(i); 00725 rb_str_append(str, i); 00726 return Qnil; 00727 } 00728 00729 static VALUE 00730 join_der(VALUE enumerable) 00731 { 00732 VALUE str = rb_str_new(0, 0); 00733 rb_block_call(enumerable, rb_intern("each"), 0, 0, join_der_i, str); 00734 return str; 00735 } 00736 00737 /* 00738 * call-seq: 00739 * asn1.to_der => DER-encoded String 00740 * 00741 * Encodes this ASN1Data into a DER-encoded String value. The result is 00742 * DER-encoded except for the possibility of infinite length encodings. 00743 * Infinite length encodings are not allowed in strict DER, so strictly 00744 * speaking the result of such an encoding would be a BER-encoding. 00745 */ 00746 static VALUE 00747 ossl_asn1data_to_der(VALUE self) 00748 { 00749 VALUE value, der, inf_length; 00750 int tag, tag_class, is_cons = 0; 00751 long length; 00752 unsigned char *p; 00753 00754 value = ossl_asn1_get_value(self); 00755 if(rb_obj_is_kind_of(value, rb_cArray)){ 00756 is_cons = 1; 00757 value = join_der(value); 00758 } 00759 StringValue(value); 00760 00761 tag = ossl_asn1_tag(self); 00762 tag_class = ossl_asn1_tag_class(self); 00763 inf_length = ossl_asn1_get_infinite_length(self); 00764 if (inf_length == Qtrue) { 00765 is_cons = 2; 00766 } 00767 if((length = ossl_asn1_object_size(is_cons, RSTRING_LENINT(value), tag)) <= 0) 00768 ossl_raise(eASN1Error, NULL); 00769 der = rb_str_new(0, length); 00770 p = (unsigned char *)RSTRING_PTR(der); 00771 ossl_asn1_put_object(&p, is_cons, RSTRING_LENINT(value), tag, tag_class); 00772 memcpy(p, RSTRING_PTR(value), RSTRING_LEN(value)); 00773 p += RSTRING_LEN(value); 00774 ossl_str_adjust(der, p); 00775 00776 return der; 00777 } 00778 00779 static VALUE 00780 int_ossl_asn1_decode0_prim(unsigned char **pp, long length, int hlen, int tag, 00781 VALUE tc, long *num_read) 00782 { 00783 VALUE value, asn1data; 00784 unsigned char *p; 00785 long flag = 0; 00786 00787 p = *pp; 00788 00789 if(tc == sUNIVERSAL && tag < ossl_asn1_info_size) { 00790 switch(tag){ 00791 case V_ASN1_EOC: 00792 value = decode_eoc(p, hlen+length); 00793 break; 00794 case V_ASN1_BOOLEAN: 00795 value = decode_bool(p, hlen+length); 00796 break; 00797 case V_ASN1_INTEGER: 00798 value = decode_int(p, hlen+length); 00799 break; 00800 case V_ASN1_BIT_STRING: 00801 value = decode_bstr(p, hlen+length, &flag); 00802 break; 00803 case V_ASN1_NULL: 00804 value = decode_null(p, hlen+length); 00805 break; 00806 case V_ASN1_ENUMERATED: 00807 value = decode_enum(p, hlen+length); 00808 break; 00809 case V_ASN1_OBJECT: 00810 value = decode_obj(p, hlen+length); 00811 break; 00812 case V_ASN1_UTCTIME: /* FALLTHROUGH */ 00813 case V_ASN1_GENERALIZEDTIME: 00814 value = decode_time(p, hlen+length); 00815 break; 00816 default: 00817 /* use original value */ 00818 p += hlen; 00819 value = rb_str_new((const char *)p, length); 00820 break; 00821 } 00822 } 00823 else { 00824 p += hlen; 00825 value = rb_str_new((const char *)p, length); 00826 } 00827 00828 *pp += hlen + length; 00829 *num_read = hlen + length; 00830 00831 if (tc == sUNIVERSAL && tag < ossl_asn1_info_size && ossl_asn1_info[tag].klass) { 00832 VALUE klass = *ossl_asn1_info[tag].klass; 00833 VALUE args[4]; 00834 args[0] = value; 00835 args[1] = INT2NUM(tag); 00836 args[2] = Qnil; 00837 args[3] = ID2SYM(tc); 00838 asn1data = rb_obj_alloc(klass); 00839 ossl_asn1_initialize(4, args, asn1data); 00840 if(tag == V_ASN1_BIT_STRING){ 00841 rb_ivar_set(asn1data, sivUNUSED_BITS, LONG2NUM(flag)); 00842 } 00843 } 00844 else { 00845 asn1data = rb_obj_alloc(cASN1Data); 00846 ossl_asn1data_initialize(asn1data, value, INT2NUM(tag), ID2SYM(tc)); 00847 } 00848 00849 return asn1data; 00850 } 00851 00852 static VALUE 00853 int_ossl_asn1_decode0_cons(unsigned char **pp, long max_len, long length, 00854 long *offset, int depth, int yield, int j, 00855 int tag, VALUE tc, long *num_read) 00856 { 00857 VALUE value, asn1data, ary; 00858 int infinite; 00859 long off = *offset; 00860 00861 infinite = (j == 0x21); 00862 ary = rb_ary_new(); 00863 00864 while (length > 0 || infinite) { 00865 long inner_read = 0; 00866 value = ossl_asn1_decode0(pp, max_len, &off, depth + 1, yield, &inner_read); 00867 *num_read += inner_read; 00868 max_len -= inner_read; 00869 rb_ary_push(ary, value); 00870 if (length > 0) 00871 length -= inner_read; 00872 00873 if (infinite && 00874 NUM2INT(ossl_asn1_get_tag(value)) == V_ASN1_EOC && 00875 SYM2ID(ossl_asn1_get_tag_class(value)) == sUNIVERSAL) { 00876 break; 00877 } 00878 } 00879 00880 if (tc == sUNIVERSAL) { 00881 VALUE args[4]; 00882 int not_sequence_or_set; 00883 00884 not_sequence_or_set = tag != V_ASN1_SEQUENCE && tag != V_ASN1_SET; 00885 00886 if (not_sequence_or_set) { 00887 if (infinite) { 00888 asn1data = rb_obj_alloc(cASN1Constructive); 00889 } 00890 else { 00891 ossl_raise(eASN1Error, "invalid non-infinite tag"); 00892 return Qnil; 00893 } 00894 } 00895 else { 00896 VALUE klass = *ossl_asn1_info[tag].klass; 00897 asn1data = rb_obj_alloc(klass); 00898 } 00899 args[0] = ary; 00900 args[1] = INT2NUM(tag); 00901 args[2] = Qnil; 00902 args[3] = ID2SYM(tc); 00903 ossl_asn1_initialize(4, args, asn1data); 00904 } 00905 else { 00906 asn1data = rb_obj_alloc(cASN1Data); 00907 ossl_asn1data_initialize(asn1data, ary, INT2NUM(tag), ID2SYM(tc)); 00908 } 00909 00910 if (infinite) 00911 ossl_asn1_set_infinite_length(asn1data, Qtrue); 00912 else 00913 ossl_asn1_set_infinite_length(asn1data, Qfalse); 00914 00915 *offset = off; 00916 return asn1data; 00917 } 00918 00919 static VALUE 00920 ossl_asn1_decode0(unsigned char **pp, long length, long *offset, int depth, 00921 int yield, long *num_read) 00922 { 00923 unsigned char *start, *p; 00924 const unsigned char *p0; 00925 long len = 0, inner_read = 0, off = *offset; 00926 int hlen, tag, tc, j; 00927 VALUE asn1data, tag_class; 00928 00929 p = *pp; 00930 start = p; 00931 p0 = p; 00932 j = ASN1_get_object(&p0, &len, &tag, &tc, length); 00933 p = (unsigned char *)p0; 00934 if(j & 0x80) ossl_raise(eASN1Error, NULL); 00935 if(len > length) ossl_raise(eASN1Error, "value is too short"); 00936 if((tc & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) 00937 tag_class = sPRIVATE; 00938 else if((tc & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC) 00939 tag_class = sCONTEXT_SPECIFIC; 00940 else if((tc & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) 00941 tag_class = sAPPLICATION; 00942 else 00943 tag_class = sUNIVERSAL; 00944 00945 hlen = p - start; 00946 00947 if(yield) { 00948 VALUE arg = rb_ary_new(); 00949 rb_ary_push(arg, LONG2NUM(depth)); 00950 rb_ary_push(arg, LONG2NUM(*offset)); 00951 rb_ary_push(arg, LONG2NUM(hlen)); 00952 rb_ary_push(arg, LONG2NUM(len)); 00953 rb_ary_push(arg, (j & V_ASN1_CONSTRUCTED) ? Qtrue : Qfalse); 00954 rb_ary_push(arg, ossl_asn1_class2sym(tc)); 00955 rb_ary_push(arg, INT2NUM(tag)); 00956 rb_yield(arg); 00957 } 00958 00959 if(j & V_ASN1_CONSTRUCTED) { 00960 *pp += hlen; 00961 off += hlen; 00962 asn1data = int_ossl_asn1_decode0_cons(pp, length, len, &off, depth, yield, j, tag, tag_class, &inner_read); 00963 inner_read += hlen; 00964 } 00965 else { 00966 if ((j & 0x01) && (len == 0)) ossl_raise(eASN1Error, "Infinite length for primitive value"); 00967 asn1data = int_ossl_asn1_decode0_prim(pp, len, hlen, tag, tag_class, &inner_read); 00968 off += hlen + len; 00969 } 00970 if (num_read) 00971 *num_read = inner_read; 00972 if (len != 0 && inner_read != hlen + len) { 00973 ossl_raise(eASN1Error, 00974 "Type mismatch. Bytes read: %ld Bytes available: %ld", 00975 inner_read, hlen + len); 00976 } 00977 00978 *offset = off; 00979 return asn1data; 00980 } 00981 00982 static void 00983 int_ossl_decode_sanity_check(long len, long read, long offset) 00984 { 00985 if (len != 0 && (read != len || offset != len)) { 00986 ossl_raise(eASN1Error, 00987 "Type mismatch. Total bytes read: %ld Bytes available: %ld Offset: %ld", 00988 read, len, offset); 00989 } 00990 } 00991 00992 /* 00993 * call-seq: 00994 * OpenSSL::ASN1.traverse(asn1) -> nil 00995 * 00996 * If a block is given, it prints out each of the elements encountered. 00997 * Block parameters are (in that order): 00998 * * depth: The recursion depth, plus one with each constructed value being encountered (Number) 00999 * * offset: Current byte offset (Number) 01000 * * header length: Combined length in bytes of the Tag and Length headers. (Number) 01001 * * length: The overall remaining length of the entire data (Number) 01002 * * constructed: Whether this value is constructed or not (Boolean) 01003 * * tag_class: Current tag class (Symbol) 01004 * * tag: The current tag (Number) 01005 * 01006 * == Example 01007 * der = File.binread('asn1data.der') 01008 * OpenSSL::ASN1.traverse(der) do | depth, offset, header_len, length, constructed, tag_class, tag| 01009 * puts "Depth: #{depth} Offset: #{offset} Length: #{length}" 01010 * puts "Header length: #{header_len} Tag: #{tag} Tag class: #{tag_class} Constructed: #{constructed}" 01011 * end 01012 */ 01013 static VALUE 01014 ossl_asn1_traverse(VALUE self, VALUE obj) 01015 { 01016 unsigned char *p; 01017 volatile VALUE tmp; 01018 long len, read = 0, offset = 0; 01019 01020 obj = ossl_to_der_if_possible(obj); 01021 tmp = rb_str_new4(StringValue(obj)); 01022 p = (unsigned char *)RSTRING_PTR(tmp); 01023 len = RSTRING_LEN(tmp); 01024 ossl_asn1_decode0(&p, len, &offset, 0, 1, &read); 01025 int_ossl_decode_sanity_check(len, read, offset); 01026 return Qnil; 01027 } 01028 01029 /* 01030 * call-seq: 01031 * OpenSSL::ASN1.decode(der) -> ASN1Data 01032 * 01033 * Decodes a BER- or DER-encoded value and creates an ASN1Data instance. +der+ 01034 * may be a +String+ or any object that features a +#to_der+ method transforming 01035 * it into a BER-/DER-encoded +String+. 01036 * 01037 * == Example 01038 * der = File.binread('asn1data') 01039 * asn1 = OpenSSL::ASN1.decode(der) 01040 */ 01041 static VALUE 01042 ossl_asn1_decode(VALUE self, VALUE obj) 01043 { 01044 VALUE ret; 01045 unsigned char *p; 01046 volatile VALUE tmp; 01047 long len, read = 0, offset = 0; 01048 01049 obj = ossl_to_der_if_possible(obj); 01050 tmp = rb_str_new4(StringValue(obj)); 01051 p = (unsigned char *)RSTRING_PTR(tmp); 01052 len = RSTRING_LEN(tmp); 01053 ret = ossl_asn1_decode0(&p, len, &offset, 0, 0, &read); 01054 int_ossl_decode_sanity_check(len, read, offset); 01055 return ret; 01056 } 01057 01058 /* 01059 * call-seq: 01060 * OpenSSL::ASN1.decode_all(der) -> Array of ASN1Data 01061 * 01062 * Similar to +decode+ with the difference that +decode+ expects one 01063 * distinct value represented in +der+. +decode_all+ on the contrary 01064 * decodes a sequence of sequential BER/DER values lined up in +der+ 01065 * and returns them as an array. 01066 * 01067 * == Example 01068 * ders = File.binread('asn1data_seq') 01069 * asn1_ary = OpenSSL::ASN1.decode_all(ders) 01070 */ 01071 static VALUE 01072 ossl_asn1_decode_all(VALUE self, VALUE obj) 01073 { 01074 VALUE ary, val; 01075 unsigned char *p; 01076 long len, tmp_len = 0, read = 0, offset = 0; 01077 volatile VALUE tmp; 01078 01079 obj = ossl_to_der_if_possible(obj); 01080 tmp = rb_str_new4(StringValue(obj)); 01081 p = (unsigned char *)RSTRING_PTR(tmp); 01082 len = RSTRING_LEN(tmp); 01083 tmp_len = len; 01084 ary = rb_ary_new(); 01085 while (tmp_len > 0) { 01086 long tmp_read = 0; 01087 val = ossl_asn1_decode0(&p, tmp_len, &offset, 0, 0, &tmp_read); 01088 rb_ary_push(ary, val); 01089 read += tmp_read; 01090 tmp_len -= tmp_read; 01091 } 01092 int_ossl_decode_sanity_check(len, read, offset); 01093 return ary; 01094 } 01095 01096 /* 01097 * call-seq: 01098 * OpenSSL::ASN1::Primitive.new( value [, tag, tagging, tag_class ]) => Primitive 01099 * 01100 * +value+: is mandatory. 01101 * 01102 * +tag+: optional, may be specified for tagged values. If no +tag+ is 01103 * specified, the UNIVERSAL tag corresponding to the Primitive sub-class 01104 * is used by default. 01105 * 01106 * +tagging+: may be used as an encoding hint to encode a value either 01107 * explicitly or implicitly, see ASN1 for possible values. 01108 * 01109 * +tag_class+: if +tag+ and +tagging+ are +nil+ then this is set to 01110 * +:UNIVERSAL+ by default. If either +tag+ or +tagging+ are set then 01111 * +:CONTEXT_SPECIFIC+ is used as the default. For possible values please 01112 * cf. ASN1. 01113 * 01114 * == Example 01115 * int = OpenSSL::ASN1::Integer.new(42) 01116 * zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :IMPLICIT) 01117 * private_explicit_zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :EXPLICIT, :PRIVATE) 01118 */ 01119 static VALUE 01120 ossl_asn1_initialize(int argc, VALUE *argv, VALUE self) 01121 { 01122 VALUE value, tag, tagging, tag_class; 01123 01124 rb_scan_args(argc, argv, "13", &value, &tag, &tagging, &tag_class); 01125 if(argc > 1){ 01126 if(NIL_P(tag)) 01127 ossl_raise(eASN1Error, "must specify tag number"); 01128 if(!NIL_P(tagging) && !SYMBOL_P(tagging)) 01129 ossl_raise(eASN1Error, "invalid tagging method"); 01130 if(NIL_P(tag_class)) { 01131 if (NIL_P(tagging)) 01132 tag_class = ID2SYM(sUNIVERSAL); 01133 else 01134 tag_class = ID2SYM(sCONTEXT_SPECIFIC); 01135 } 01136 if(!SYMBOL_P(tag_class)) 01137 ossl_raise(eASN1Error, "invalid tag class"); 01138 if(SYM2ID(tagging) == sIMPLICIT && NUM2INT(tag) > 31) 01139 ossl_raise(eASN1Error, "tag number for Universal too large"); 01140 } 01141 else{ 01142 tag = INT2NUM(ossl_asn1_default_tag(self)); 01143 tagging = Qnil; 01144 tag_class = ID2SYM(sUNIVERSAL); 01145 } 01146 ossl_asn1_set_tag(self, tag); 01147 ossl_asn1_set_value(self, value); 01148 ossl_asn1_set_tagging(self, tagging); 01149 ossl_asn1_set_tag_class(self, tag_class); 01150 ossl_asn1_set_infinite_length(self, Qfalse); 01151 01152 return self; 01153 } 01154 01155 static VALUE 01156 ossl_asn1eoc_initialize(VALUE self) { 01157 VALUE tag, tagging, tag_class, value; 01158 tag = INT2NUM(ossl_asn1_default_tag(self)); 01159 tagging = Qnil; 01160 tag_class = ID2SYM(sUNIVERSAL); 01161 value = rb_str_new("", 0); 01162 ossl_asn1_set_tag(self, tag); 01163 ossl_asn1_set_value(self, value); 01164 ossl_asn1_set_tagging(self, tagging); 01165 ossl_asn1_set_tag_class(self, tag_class); 01166 ossl_asn1_set_infinite_length(self, Qfalse); 01167 return self; 01168 } 01169 01170 static int 01171 ossl_i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp) 01172 { 01173 #if OPENSSL_VERSION_NUMBER < 0x00907000L 01174 if(!a) return 0; 01175 if(a->type == V_ASN1_BOOLEAN) 01176 return i2d_ASN1_BOOLEAN(a->value.boolean, pp); 01177 #endif 01178 return i2d_ASN1_TYPE(a, pp); 01179 } 01180 01181 static void 01182 ossl_ASN1_TYPE_free(ASN1_TYPE *a) 01183 { 01184 #if OPENSSL_VERSION_NUMBER < 0x00907000L 01185 if(!a) return; 01186 if(a->type == V_ASN1_BOOLEAN){ 01187 OPENSSL_free(a); 01188 return; 01189 } 01190 #endif 01191 ASN1_TYPE_free(a); 01192 } 01193 01194 /* 01195 * call-seq: 01196 * asn1.to_der => DER-encoded String 01197 * 01198 * See ASN1Data#to_der for details. * 01199 */ 01200 static VALUE 01201 ossl_asn1prim_to_der(VALUE self) 01202 { 01203 ASN1_TYPE *asn1; 01204 int tn, tc, explicit; 01205 long len, reallen; 01206 unsigned char *buf, *p; 01207 VALUE str; 01208 01209 tn = NUM2INT(ossl_asn1_get_tag(self)); 01210 tc = ossl_asn1_tag_class(self); 01211 explicit = ossl_asn1_is_explicit(self); 01212 asn1 = ossl_asn1_get_asn1type(self); 01213 01214 len = ossl_asn1_object_size(1, ossl_i2d_ASN1_TYPE(asn1, NULL), tn); 01215 if(!(buf = OPENSSL_malloc(len))){ 01216 ossl_ASN1_TYPE_free(asn1); 01217 ossl_raise(eASN1Error, "cannot alloc buffer"); 01218 } 01219 p = buf; 01220 if (tc == V_ASN1_UNIVERSAL) { 01221 ossl_i2d_ASN1_TYPE(asn1, &p); 01222 } else if (explicit) { 01223 ossl_asn1_put_object(&p, 1, ossl_i2d_ASN1_TYPE(asn1, NULL), tn, tc); 01224 ossl_i2d_ASN1_TYPE(asn1, &p); 01225 } else { 01226 ossl_i2d_ASN1_TYPE(asn1, &p); 01227 *buf = tc | tn | (*buf & V_ASN1_CONSTRUCTED); 01228 } 01229 ossl_ASN1_TYPE_free(asn1); 01230 reallen = p - buf; 01231 assert(reallen <= len); 01232 str = ossl_buf2str((char *)buf, rb_long2int(reallen)); /* buf will be free in ossl_buf2str */ 01233 01234 return str; 01235 } 01236 01237 /* 01238 * call-seq: 01239 * asn1.to_der => DER-encoded String 01240 * 01241 * See ASN1Data#to_der for details. 01242 */ 01243 static VALUE 01244 ossl_asn1cons_to_der(VALUE self) 01245 { 01246 int tag, tn, tc, explicit, constructed = 1; 01247 int found_prim = 0, seq_len; 01248 long length; 01249 unsigned char *p; 01250 VALUE value, str, inf_length; 01251 01252 tn = NUM2INT(ossl_asn1_get_tag(self)); 01253 tc = ossl_asn1_tag_class(self); 01254 inf_length = ossl_asn1_get_infinite_length(self); 01255 if (inf_length == Qtrue) { 01256 VALUE ary, example; 01257 constructed = 2; 01258 if (CLASS_OF(self) == cASN1Sequence || 01259 CLASS_OF(self) == cASN1Set) { 01260 tag = ossl_asn1_default_tag(self); 01261 } 01262 else { /* must be a constructive encoding of a primitive value */ 01263 ary = ossl_asn1_get_value(self); 01264 if (!rb_obj_is_kind_of(ary, rb_cArray)) 01265 ossl_raise(eASN1Error, "Constructive value must be an Array"); 01266 /* Recursively descend until a primitive value is found. 01267 The overall value of the entire constructed encoding 01268 is of the type of the first primitive encoding to be 01269 found. */ 01270 while (!found_prim){ 01271 example = rb_ary_entry(ary, 0); 01272 if (rb_obj_is_kind_of(example, cASN1Primitive)){ 01273 found_prim = 1; 01274 } 01275 else { 01276 /* example is another ASN1Constructive */ 01277 if (!rb_obj_is_kind_of(example, cASN1Constructive)){ 01278 ossl_raise(eASN1Error, "invalid constructed encoding"); 01279 return Qnil; /* dummy */ 01280 } 01281 ary = ossl_asn1_get_value(example); 01282 } 01283 } 01284 tag = ossl_asn1_default_tag(example); 01285 } 01286 } 01287 else { 01288 if (CLASS_OF(self) == cASN1Constructive) 01289 ossl_raise(eASN1Error, "Constructive shall only be used with infinite length"); 01290 tag = ossl_asn1_default_tag(self); 01291 } 01292 explicit = ossl_asn1_is_explicit(self); 01293 value = join_der(ossl_asn1_get_value(self)); 01294 01295 seq_len = ossl_asn1_object_size(constructed, RSTRING_LENINT(value), tag); 01296 length = ossl_asn1_object_size(constructed, seq_len, tn); 01297 str = rb_str_new(0, length); 01298 p = (unsigned char *)RSTRING_PTR(str); 01299 if(tc == V_ASN1_UNIVERSAL) 01300 ossl_asn1_put_object(&p, constructed, RSTRING_LENINT(value), tn, tc); 01301 else{ 01302 if(explicit){ 01303 ossl_asn1_put_object(&p, constructed, seq_len, tn, tc); 01304 ossl_asn1_put_object(&p, constructed, RSTRING_LENINT(value), tag, V_ASN1_UNIVERSAL); 01305 } 01306 else{ 01307 ossl_asn1_put_object(&p, constructed, RSTRING_LENINT(value), tn, tc); 01308 } 01309 } 01310 memcpy(p, RSTRING_PTR(value), RSTRING_LEN(value)); 01311 p += RSTRING_LEN(value); 01312 01313 /* In this case we need an additional EOC (one for the explicit part and 01314 * one for the Constructive itself. The EOC for the Constructive is 01315 * supplied by the user, but that for the "explicit wrapper" must be 01316 * added here. 01317 */ 01318 if (explicit && inf_length == Qtrue) { 01319 ASN1_put_eoc(&p); 01320 } 01321 ossl_str_adjust(str, p); 01322 01323 return str; 01324 } 01325 01326 /* 01327 * call-seq: 01328 * asn1_ary.each { |asn1| block } => asn1_ary 01329 * 01330 * Calls <i>block</i> once for each element in +self+, passing that element 01331 * as parameter +asn1+. If no block is given, an enumerator is returned 01332 * instead. 01333 * 01334 * == Example 01335 * asn1_ary.each do |asn1| 01336 * puts asn1 01337 * end 01338 */ 01339 static VALUE 01340 ossl_asn1cons_each(VALUE self) 01341 { 01342 rb_ary_each(ossl_asn1_get_value(self)); 01343 return self; 01344 } 01345 01346 static VALUE 01347 ossl_asn1obj_s_register(VALUE self, VALUE oid, VALUE sn, VALUE ln) 01348 { 01349 StringValue(oid); 01350 StringValue(sn); 01351 StringValue(ln); 01352 01353 if(!OBJ_create(RSTRING_PTR(oid), RSTRING_PTR(sn), RSTRING_PTR(ln))) 01354 ossl_raise(eASN1Error, NULL); 01355 01356 return Qtrue; 01357 } 01358 01359 static VALUE 01360 ossl_asn1obj_get_sn(VALUE self) 01361 { 01362 VALUE val, ret = Qnil; 01363 int nid; 01364 01365 val = ossl_asn1_get_value(self); 01366 if ((nid = OBJ_txt2nid(StringValuePtr(val))) != NID_undef) 01367 ret = rb_str_new2(OBJ_nid2sn(nid)); 01368 01369 return ret; 01370 } 01371 01372 static VALUE 01373 ossl_asn1obj_get_ln(VALUE self) 01374 { 01375 VALUE val, ret = Qnil; 01376 int nid; 01377 01378 val = ossl_asn1_get_value(self); 01379 if ((nid = OBJ_txt2nid(StringValuePtr(val))) != NID_undef) 01380 ret = rb_str_new2(OBJ_nid2ln(nid)); 01381 01382 return ret; 01383 } 01384 01385 static VALUE 01386 ossl_asn1obj_get_oid(VALUE self) 01387 { 01388 VALUE val; 01389 ASN1_OBJECT *a1obj; 01390 char buf[128]; 01391 01392 val = ossl_asn1_get_value(self); 01393 a1obj = obj_to_asn1obj(val); 01394 OBJ_obj2txt(buf, sizeof(buf), a1obj, 1); 01395 ASN1_OBJECT_free(a1obj); 01396 01397 return rb_str_new2(buf); 01398 } 01399 01400 #define OSSL_ASN1_IMPL_FACTORY_METHOD(klass) \ 01401 static VALUE ossl_asn1_##klass(int argc, VALUE *argv, VALUE self)\ 01402 { return rb_funcall3(cASN1##klass, rb_intern("new"), argc, argv); } 01403 01404 OSSL_ASN1_IMPL_FACTORY_METHOD(Boolean) 01405 OSSL_ASN1_IMPL_FACTORY_METHOD(Integer) 01406 OSSL_ASN1_IMPL_FACTORY_METHOD(Enumerated) 01407 OSSL_ASN1_IMPL_FACTORY_METHOD(BitString) 01408 OSSL_ASN1_IMPL_FACTORY_METHOD(OctetString) 01409 OSSL_ASN1_IMPL_FACTORY_METHOD(UTF8String) 01410 OSSL_ASN1_IMPL_FACTORY_METHOD(NumericString) 01411 OSSL_ASN1_IMPL_FACTORY_METHOD(PrintableString) 01412 OSSL_ASN1_IMPL_FACTORY_METHOD(T61String) 01413 OSSL_ASN1_IMPL_FACTORY_METHOD(VideotexString) 01414 OSSL_ASN1_IMPL_FACTORY_METHOD(IA5String) 01415 OSSL_ASN1_IMPL_FACTORY_METHOD(GraphicString) 01416 OSSL_ASN1_IMPL_FACTORY_METHOD(ISO64String) 01417 OSSL_ASN1_IMPL_FACTORY_METHOD(GeneralString) 01418 OSSL_ASN1_IMPL_FACTORY_METHOD(UniversalString) 01419 OSSL_ASN1_IMPL_FACTORY_METHOD(BMPString) 01420 OSSL_ASN1_IMPL_FACTORY_METHOD(Null) 01421 OSSL_ASN1_IMPL_FACTORY_METHOD(ObjectId) 01422 OSSL_ASN1_IMPL_FACTORY_METHOD(UTCTime) 01423 OSSL_ASN1_IMPL_FACTORY_METHOD(GeneralizedTime) 01424 OSSL_ASN1_IMPL_FACTORY_METHOD(Sequence) 01425 OSSL_ASN1_IMPL_FACTORY_METHOD(Set) 01426 OSSL_ASN1_IMPL_FACTORY_METHOD(EndOfContent) 01427 01428 void 01429 Init_ossl_asn1() 01430 { 01431 VALUE ary; 01432 int i; 01433 01434 #if 0 01435 mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ 01436 #endif 01437 01438 sUNIVERSAL = rb_intern("UNIVERSAL"); 01439 sCONTEXT_SPECIFIC = rb_intern("CONTEXT_SPECIFIC"); 01440 sAPPLICATION = rb_intern("APPLICATION"); 01441 sPRIVATE = rb_intern("PRIVATE"); 01442 sEXPLICIT = rb_intern("EXPLICIT"); 01443 sIMPLICIT = rb_intern("IMPLICIT"); 01444 01445 sivVALUE = rb_intern("@value"); 01446 sivTAG = rb_intern("@tag"); 01447 sivTAGGING = rb_intern("@tagging"); 01448 sivTAG_CLASS = rb_intern("@tag_class"); 01449 sivINFINITE_LENGTH = rb_intern("@infinite_length"); 01450 sivUNUSED_BITS = rb_intern("@unused_bits"); 01451 01452 /* 01453 * Document-module: OpenSSL::ASN1 01454 * 01455 * Abstract Syntax Notation One (or ASN.1) is a notation syntax to 01456 * describe data structures and is defined in ITU-T X.680. ASN.1 itself 01457 * does not mandate any encoding or parsing rules, but usually ASN.1 data 01458 * structures are encoded using the Distinguished Encoding Rules (DER) or 01459 * less often the Basic Encoding Rules (BER) described in ITU-T X.690. DER 01460 * and BER encodings are binary Tag-Length-Value (TLV) encodings that are 01461 * quite concise compared to other popular data description formats such 01462 * as XML, JSON etc. 01463 * ASN.1 data structures are very common in cryptographic applications, 01464 * e.g. X.509 public key certificates or certificate revocation lists 01465 * (CRLs) are all defined in ASN.1 and DER-encoded. ASN.1, DER and BER are 01466 * the building blocks of applied cryptography. 01467 * The ASN1 module provides the necessary classes that allow generation 01468 * of ASN.1 data structures and the methods to encode them using a DER 01469 * encoding. The decode method allows parsing arbitrary BER-/DER-encoded 01470 * data to a Ruby object that can then be modified and re-encoded at will. 01471 * 01472 * == ASN.1 class hierarchy 01473 * 01474 * The base class representing ASN.1 structures is ASN1Data. ASN1Data offers 01475 * attributes to read and set the +tag+, the +tag_class+ and finally the 01476 * +value+ of a particular ASN.1 item. Upon parsing, any tagged values 01477 * (implicit or explicit) will be represented by ASN1Data instances because 01478 * their "real type" can only be determined using out-of-band information 01479 * from the ASN.1 type declaration. Since this information is normally 01480 * known when encoding a type, all sub-classes of ASN1Data offer an 01481 * additional attribute +tagging+ that allows to encode a value implicitly 01482 * (+:IMPLICIT+) or explicitly (+:EXPLICIT+). 01483 * 01484 * === Constructive 01485 * 01486 * Constructive is, as its name implies, the base class for all 01487 * constructed encodings, i.e. those that consist of several values, 01488 * opposed to "primitive" encodings with just one single value. 01489 * Primitive values that are encoded with "infinite length" are typically 01490 * constructed (their values come in multiple chunks) and are therefore 01491 * represented by instances of Constructive. The value of an Constructive 01492 * is always an Array. 01493 * 01494 * ==== ASN1::Set and ASN1::Sequence 01495 * 01496 * The most common constructive encodings are SETs and SEQUENCEs, which is 01497 * why there are two sub-classes of Constructive representing each of 01498 * them. 01499 * 01500 * === Primitive 01501 * 01502 * This is the super class of all primitive values. Primitive 01503 * itself is not used when parsing ASN.1 data, all values are either 01504 * instances of a corresponding sub-class of Primitive or they are 01505 * instances of ASN1Data if the value was tagged implicitly or explicitly. 01506 * Please cf. Primitive documentation for details on sub-classes and 01507 * their respective mappings of ASN.1 data types to Ruby objects. 01508 * 01509 * == Possible values for +tagging+ 01510 * 01511 * When constructing an ASN1Data object the ASN.1 type definition may 01512 * require certain elements to be either implicitly or explicitly tagged. 01513 * This can be achieved by setting the +tagging+ attribute manually for 01514 * sub-classes of ASN1Data. Use the symbol +:IMPLICIT+ for implicit 01515 * tagging and +:EXPLICIT+ if the element requires explicit tagging. 01516 * 01517 * == Possible values for +tag_class+ 01518 * 01519 * It is possible to create arbitrary ASN1Data objects that also support 01520 * a PRIVATE or APPLICATION tag class. Possible values for the +tag_class+ 01521 * attribute are: 01522 * * +:UNIVERSAL+ (the default for untagged values) 01523 * * +:CONTEXT_SPECIFIC+ (the default for tagged values) 01524 * * +:APPLICATION+ 01525 * * +:PRIVATE+ 01526 * 01527 * == Tag constants 01528 * 01529 * There is a constant defined for each universal tag: 01530 * * OpenSSL::ASN1::EOC (0) 01531 * * OpenSSL::ASN1::BOOLEAN (1) 01532 * * OpenSSL::ASN1::INTEGER (2) 01533 * * OpenSSL::ASN1::BIT_STRING (3) 01534 * * OpenSSL::ASN1::OCTET_STRING (4) 01535 * * OpenSSL::ASN1::NULL (5) 01536 * * OpenSSL::ASN1::OBJECT (6) 01537 * * OpenSSL::ASN1::ENUMERATED (10) 01538 * * OpenSSL::ASN1::UTF8STRING (12) 01539 * * OpenSSL::ASN1::SEQUENCE (16) 01540 * * OpenSSL::ASN1::SET (17) 01541 * * OpenSSL::ASN1::NUMERICSTRING (18) 01542 * * OpenSSL::ASN1::PRINTABLESTRING (19) 01543 * * OpenSSL::ASN1::T61STRING (20) 01544 * * OpenSSL::ASN1::VIDEOTEXSTRING (21) 01545 * * OpenSSL::ASN1::IA5STRING (22) 01546 * * OpenSSL::ASN1::UTCTIME (23) 01547 * * OpenSSL::ASN1::GENERALIZEDTIME (24) 01548 * * OpenSSL::ASN1::GRAPHICSTRING (25) 01549 * * OpenSSL::ASN1::ISO64STRING (26) 01550 * * OpenSSL::ASN1::GENERALSTRING (27) 01551 * * OpenSSL::ASN1::UNIVERSALSTRING (28) 01552 * * OpenSSL::ASN1::BMPSTRING (30) 01553 * 01554 * == UNIVERSAL_TAG_NAME constant 01555 * 01556 * An Array that stores the name of a given tag number. These names are 01557 * the same as the name of the tag constant that is additionally defined, 01558 * e.g. UNIVERSAL_TAG_NAME[2] = "INTEGER" and OpenSSL::ASN1::INTEGER = 2. 01559 * 01560 * == Example usage 01561 * 01562 * === Decoding and viewing a DER-encoded file 01563 * require 'openssl' 01564 * require 'pp' 01565 * der = File.binread('data.der') 01566 * asn1 = OpenSSL::ASN1.decode(der) 01567 * pp der 01568 * 01569 * === Creating an ASN.1 structure and DER-encoding it 01570 * require 'openssl' 01571 * version = OpenSSL::ASN1::Integer.new(1) 01572 * # Explicitly 0-tagged implies context-specific tag class 01573 * serial = OpenSSL::ASN1::Integer.new(12345, 0, :EXPLICIT, :CONTEXT_SPECIFIC) 01574 * name = OpenSSL::ASN1::PrintableString.new('Data 1') 01575 * sequence = OpenSSL::ASN1::Sequence.new( [ version, serial, name ] ) 01576 * der = sequence.to_der 01577 */ 01578 mASN1 = rb_define_module_under(mOSSL, "ASN1"); 01579 01580 /* Document-class: OpenSSL::ASN1::ASN1Error 01581 * 01582 * Generic error class for all errors raised in ASN1 and any of the 01583 * classes defined in it. 01584 */ 01585 eASN1Error = rb_define_class_under(mASN1, "ASN1Error", eOSSLError); 01586 rb_define_module_function(mASN1, "traverse", ossl_asn1_traverse, 1); 01587 rb_define_module_function(mASN1, "decode", ossl_asn1_decode, 1); 01588 rb_define_module_function(mASN1, "decode_all", ossl_asn1_decode_all, 1); 01589 ary = rb_ary_new(); 01590 01591 /* 01592 * Array storing tag names at the tag's index. 01593 */ 01594 rb_define_const(mASN1, "UNIVERSAL_TAG_NAME", ary); 01595 for(i = 0; i < ossl_asn1_info_size; i++){ 01596 if(ossl_asn1_info[i].name[0] == '[') continue; 01597 rb_define_const(mASN1, ossl_asn1_info[i].name, INT2NUM(i)); 01598 rb_ary_store(ary, i, rb_str_new2(ossl_asn1_info[i].name)); 01599 } 01600 01601 /* Document-class: OpenSSL::ASN1::ASN1Data 01602 * 01603 * The top-level class representing any ASN.1 object. When parsed by 01604 * ASN1.decode, tagged values are always represented by an instance 01605 * of ASN1Data. 01606 * 01607 * == The role of ASN1Data for parsing tagged values 01608 * 01609 * When encoding an ASN.1 type it is inherently clear what original 01610 * type (e.g. INTEGER, OCTET STRING etc.) this value has, regardless 01611 * of its tagging. 01612 * But opposed to the time an ASN.1 type is to be encoded, when parsing 01613 * them it is not possible to deduce the "real type" of tagged 01614 * values. This is why tagged values are generally parsed into ASN1Data 01615 * instances, but with a different outcome for implicit and explicit 01616 * tagging. 01617 * 01618 * === Example of a parsed implicitly tagged value 01619 * 01620 * An implicitly 1-tagged INTEGER value will be parsed as an 01621 * ASN1Data with 01622 * * +tag+ equal to 1 01623 * * +tag_class+ equal to +:CONTEXT_SPECIFIC+ 01624 * * +value+ equal to a +String+ that carries the raw encoding 01625 * of the INTEGER. 01626 * This implies that a subsequent decoding step is required to 01627 * completely decode implicitly tagged values. 01628 * 01629 * === Example of a parsed explicitly tagged value 01630 * 01631 * An explicitly 1-tagged INTEGER value will be parsed as an 01632 * ASN1Data with 01633 * * +tag+ equal to 1 01634 * * +tag_class+ equal to +:CONTEXT_SPECIFIC+ 01635 * * +value+ equal to an +Array+ with one single element, an 01636 * instance of OpenSSL::ASN1::Integer, i.e. the inner element 01637 * is the non-tagged primitive value, and the tagging is represented 01638 * in the outer ASN1Data 01639 * 01640 * == Example - Decoding an implicitly tagged INTEGER 01641 * int = OpenSSL::ASN1::Integer.new(1, 0, :IMPLICIT) # implicit 0-tagged 01642 * seq = OpenSSL::ASN1::Sequence.new( [int] ) 01643 * der = seq.to_der 01644 * asn1 = OpenSSL::ASN1.decode(der) 01645 * # pp asn1 => #<OpenSSL::ASN1::Sequence:0x87326e0 01646 * # @infinite_length=false, 01647 * # @tag=16, 01648 * # @tag_class=:UNIVERSAL, 01649 * # @tagging=nil, 01650 * # @value= 01651 * # [#<OpenSSL::ASN1::ASN1Data:0x87326f4 01652 * # @infinite_length=false, 01653 * # @tag=0, 01654 * # @tag_class=:CONTEXT_SPECIFIC, 01655 * # @value="\x01">]> 01656 * raw_int = asn1.value[0] 01657 * # manually rewrite tag and tag class to make it an UNIVERSAL value 01658 * raw_int.tag = OpenSSL::ASN1::INTEGER 01659 * raw_int.tag_class = :UNIVERSAL 01660 * int2 = OpenSSL::ASN1.decode(raw_int) 01661 * puts int2.value # => 1 01662 * 01663 * == Example - Decoding an explicitly tagged INTEGER 01664 * int = OpenSSL::ASN1::Integer.new(1, 0, :EXPLICIT) # explicit 0-tagged 01665 * seq = OpenSSL::ASN1::Sequence.new( [int] ) 01666 * der = seq.to_der 01667 * asn1 = OpenSSL::ASN1.decode(der) 01668 * # pp asn1 => #<OpenSSL::ASN1::Sequence:0x87326e0 01669 * # @infinite_length=false, 01670 * # @tag=16, 01671 * # @tag_class=:UNIVERSAL, 01672 * # @tagging=nil, 01673 * # @value= 01674 * # [#<OpenSSL::ASN1::ASN1Data:0x87326f4 01675 * # @infinite_length=false, 01676 * # @tag=0, 01677 * # @tag_class=:CONTEXT_SPECIFIC, 01678 * # @value= 01679 * # [#<OpenSSL::ASN1::Integer:0x85bf308 01680 * # @infinite_length=false, 01681 * # @tag=2, 01682 * # @tag_class=:UNIVERSAL 01683 * # @tagging=nil, 01684 * # @value=1>]>]> 01685 * int2 = asn1.value[0].value[0] 01686 * puts int2.value # => 1 01687 */ 01688 cASN1Data = rb_define_class_under(mASN1, "ASN1Data", rb_cObject); 01689 /* 01690 * Carries the value of a ASN.1 type. 01691 * Please confer Constructive and Primitive for the mappings between 01692 * ASN.1 data types and Ruby classes. 01693 */ 01694 rb_attr(cASN1Data, rb_intern("value"), 1, 1, 0); 01695 /* 01696 * A +Number+ representing the tag number of this ASN1Data. Never +nil+. 01697 */ 01698 rb_attr(cASN1Data, rb_intern("tag"), 1, 1, 0); 01699 /* 01700 * A +Symbol+ representing the tag class of this ASN1Data. Never +nil+. 01701 * See ASN1Data for possible values. 01702 */ 01703 rb_attr(cASN1Data, rb_intern("tag_class"), 1, 1, 0); 01704 /* 01705 * Never +nil+. A +Boolean+ indicating whether the encoding was infinite 01706 * length (in the case of parsing) or whether an infinite length encoding 01707 * shall be used (in the encoding case). 01708 * In DER, every value has a finite length associated with it. But in 01709 * scenarios where large amounts of data need to be transferred it 01710 * might be desirable to have some kind of streaming support available. 01711 * For example, huge OCTET STRINGs are preferably sent in smaller-sized 01712 * chunks, each at a time. 01713 * This is possible in BER by setting the length bytes of an encoding 01714 * to zero and by this indicating that the following value will be 01715 * sent in chunks. Infinite length encodings are always constructed. 01716 * The end of such a stream of chunks is indicated by sending a EOC 01717 * (End of Content) tag. SETs and SEQUENCEs may use an infinite length 01718 * encoding, but also primitive types such as e.g. OCTET STRINGS or 01719 * BIT STRINGS may leverage this functionality (cf. ITU-T X.690). 01720 */ 01721 rb_attr(cASN1Data, rb_intern("infinite_length"), 1, 1, 0); 01722 rb_define_method(cASN1Data, "initialize", ossl_asn1data_initialize, 3); 01723 rb_define_method(cASN1Data, "to_der", ossl_asn1data_to_der, 0); 01724 01725 /* Document-class: OpenSSL::ASN1::Primitive 01726 * 01727 * The parent class for all primitive encodings. Attributes are the same as 01728 * for ASN1Data, with the addition of +tagging+. 01729 * Primitive values can never be infinite length encodings, thus it is not 01730 * possible to set the +infinite_length+ attribute for Primitive and its 01731 * sub-classes. 01732 * 01733 * == Primitive sub-classes and their mapping to Ruby classes 01734 * * OpenSSL::ASN1::EndOfContent <=> +value+ is always +nil+ 01735 * * OpenSSL::ASN1::Boolean <=> +value+ is a +Boolean+ 01736 * * OpenSSL::ASN1::Integer <=> +value+ is a +Number+ 01737 * * OpenSSL::ASN1::BitString <=> +value+ is a +String+ 01738 * * OpenSSL::ASN1::OctetString <=> +value+ is a +String+ 01739 * * OpenSSL::ASN1::Null <=> +value+ is always +nil+ 01740 * * OpenSSL::ASN1::Object <=> +value+ is a +String+ 01741 * * OpenSSL::ASN1::Enumerated <=> +value+ is a +Number+ 01742 * * OpenSSL::ASN1::UTF8String <=> +value+ is a +String+ 01743 * * OpenSSL::ASN1::NumericString <=> +value+ is a +String+ 01744 * * OpenSSL::ASN1::PrintableString <=> +value+ is a +String+ 01745 * * OpenSSL::ASN1::T61String <=> +value+ is a +String+ 01746 * * OpenSSL::ASN1::VideotexString <=> +value+ is a +String+ 01747 * * OpenSSL::ASN1::IA5String <=> +value+ is a +String+ 01748 * * OpenSSL::ASN1::UTCTime <=> +value+ is a +Time+ 01749 * * OpenSSL::ASN1::GeneralizedTime <=> +value+ is a +Time+ 01750 * * OpenSSL::ASN1::GraphicString <=> +value+ is a +String+ 01751 * * OpenSSL::ASN1::ISO64String <=> +value+ is a +String+ 01752 * * OpenSSL::ASN1::GeneralString <=> +value+ is a +String+ 01753 * * OpenSSL::ASN1::UniversalString <=> +value+ is a +String+ 01754 * * OpenSSL::ASN1::BMPString <=> +value+ is a +String+ 01755 * 01756 * == OpenSSL::ASN1::BitString 01757 * 01758 * === Additional attributes 01759 * +unused_bits+: if the underlying BIT STRING's 01760 * length is a multiple of 8 then +unused_bits+ is 0. Otherwise 01761 * +unused_bits+ indicates the number of bits that are to be ignored in 01762 * the final octet of the +BitString+'s +value+. 01763 * 01764 * == OpenSSL::ASN1::ObjectId 01765 * 01766 * === Additional attributes 01767 * * +sn+: the short name as defined in <openssl/objects.h>. 01768 * * +ln+: the long name as defined in <openssl/objects.h>. 01769 * * +oid+: the object identifier as a +String+, e.g. "1.2.3.4.5" 01770 * * +short_name+: alias for +sn+. 01771 * * +long_name+: alias for +ln+. 01772 * 01773 * == Examples 01774 * With the Exception of OpenSSL::ASN1::EndOfContent, each Primitive class 01775 * constructor takes at least one parameter, the +value+. 01776 * 01777 * === Creating EndOfContent 01778 * eoc = OpenSSL::ASN1::EndOfContent.new 01779 * 01780 * === Creating any other Primitive 01781 * prim = <class>.new(value) # <class> being one of the sub-classes except EndOfContent 01782 * prim_zero_tagged_implicit = <class>.new(value, 0, :IMPLICIT) 01783 * prim_zero_tagged_explicit = <class>.new(value, 0, :EXPLICIT) 01784 */ 01785 cASN1Primitive = rb_define_class_under(mASN1, "Primitive", cASN1Data); 01786 /* 01787 * May be used as a hint for encoding a value either implicitly or 01788 * explicitly by setting it either to +:IMPLICIT+ or to +:EXPLICIT+. 01789 * +tagging+ is not set when a ASN.1 structure is parsed using 01790 * OpenSSL::ASN1.decode. 01791 */ 01792 rb_attr(cASN1Primitive, rb_intern("tagging"), 1, 1, Qtrue); 01793 rb_undef_method(cASN1Primitive, "infinite_length="); 01794 rb_define_method(cASN1Primitive, "initialize", ossl_asn1_initialize, -1); 01795 rb_define_method(cASN1Primitive, "to_der", ossl_asn1prim_to_der, 0); 01796 01797 /* Document-class: OpenSSL::ASN1::Constructive 01798 * 01799 * The parent class for all constructed encodings. The +value+ attribute 01800 * of a Constructive is always an +Array+. Attributes are the same as 01801 * for ASN1Data, with the addition of +tagging+. 01802 * 01803 * == SET and SEQUENCE 01804 * 01805 * Most constructed encodings come in the form of a SET or a SEQUENCE. 01806 * These encodings are represented by one of the two sub-classes of 01807 * Constructive: 01808 * * OpenSSL::ASN1::Set 01809 * * OpenSSL::ASN1::Sequence 01810 * Please note that tagged sequences and sets are still parsed as 01811 * instances of ASN1Data. Find further details on tagged values 01812 * there. 01813 * 01814 * === Example - constructing a SEQUENCE 01815 * int = OpenSSL::ASN1::Integer.new(1) 01816 * str = OpenSSL::ASN1::PrintableString.new('abc') 01817 * sequence = OpenSSL::ASN1::Sequence.new( [ int, str ] ) 01818 * 01819 * === Example - constructing a SET 01820 * int = OpenSSL::ASN1::Integer.new(1) 01821 * str = OpenSSL::ASN1::PrintableString.new('abc') 01822 * set = OpenSSL::ASN1::Set.new( [ int, str ] ) 01823 * 01824 * == Infinite length primitive values 01825 * 01826 * The only case where Constructive is used directly is for infinite 01827 * length encodings of primitive values. These encodings are always 01828 * constructed, with the contents of the +value+ +Array+ being either 01829 * UNIVERSAL non-infinite length partial encodings of the actual value 01830 * or again constructive encodings with infinite length (i.e. infinite 01831 * length primitive encodings may be constructed recursively with another 01832 * infinite length value within an already infinite length value). Each 01833 * partial encoding must be of the same UNIVERSAL type as the overall 01834 * encoding. The value of the overall encoding consists of the 01835 * concatenation of each partial encoding taken in sequence. The +value+ 01836 * array of the outer infinite length value must end with a 01837 * OpenSSL::ASN1::EndOfContent instance. 01838 * 01839 * Please note that it is not possible to encode Constructive without 01840 * the +infinite_length+ attribute being set to +true+, use 01841 * OpenSSL::ASN1::Sequence or OpenSSL::ASN1::Set in these cases instead. 01842 * 01843 * === Example - Infinite length OCTET STRING 01844 * partial1 = OpenSSL::ASN1::OctetString.new("\x01") 01845 * partial2 = OpenSSL::ASN1::OctetString.new("\x02") 01846 * inf_octets = OpenSSL::ASN1::Constructive.new( [ partial1, 01847 * partial2, 01848 * OpenSSL::ASN1::EndOfContent.new ], 01849 * OpenSSL::ASN1::OCTET_STRING, 01850 * nil, 01851 * :UNIVERSAL ) 01852 * # The real value of inf_octets is "\x01\x02", i.e. the concatenation 01853 * # of partial1 and partial2 01854 * inf_octets.infinite_length = true 01855 * der = inf_octets.to_der 01856 * asn1 = OpenSSL::ASN1.decode(der) 01857 * puts asn1.infinite_length # => true 01858 */ 01859 cASN1Constructive = rb_define_class_under(mASN1,"Constructive", cASN1Data); 01860 rb_include_module(cASN1Constructive, rb_mEnumerable); 01861 /* 01862 * May be used as a hint for encoding a value either implicitly or 01863 * explicitly by setting it either to +:IMPLICIT+ or to +:EXPLICIT+. 01864 * +tagging+ is not set when a ASN.1 structure is parsed using 01865 * OpenSSL::ASN1.decode. 01866 */ 01867 rb_attr(cASN1Constructive, rb_intern("tagging"), 1, 1, Qtrue); 01868 rb_define_method(cASN1Constructive, "initialize", ossl_asn1_initialize, -1); 01869 rb_define_method(cASN1Constructive, "to_der", ossl_asn1cons_to_der, 0); 01870 rb_define_method(cASN1Constructive, "each", ossl_asn1cons_each, 0); 01871 01872 #define OSSL_ASN1_DEFINE_CLASS(name, super) \ 01873 do{\ 01874 cASN1##name = rb_define_class_under(mASN1, #name, cASN1##super);\ 01875 rb_define_module_function(mASN1, #name, ossl_asn1_##name, -1);\ 01876 }while(0) 01877 01878 OSSL_ASN1_DEFINE_CLASS(Boolean, Primitive); 01879 OSSL_ASN1_DEFINE_CLASS(Integer, Primitive); 01880 OSSL_ASN1_DEFINE_CLASS(Enumerated, Primitive); 01881 OSSL_ASN1_DEFINE_CLASS(BitString, Primitive); 01882 OSSL_ASN1_DEFINE_CLASS(OctetString, Primitive); 01883 OSSL_ASN1_DEFINE_CLASS(UTF8String, Primitive); 01884 OSSL_ASN1_DEFINE_CLASS(NumericString, Primitive); 01885 OSSL_ASN1_DEFINE_CLASS(PrintableString, Primitive); 01886 OSSL_ASN1_DEFINE_CLASS(T61String, Primitive); 01887 OSSL_ASN1_DEFINE_CLASS(VideotexString, Primitive); 01888 OSSL_ASN1_DEFINE_CLASS(IA5String, Primitive); 01889 OSSL_ASN1_DEFINE_CLASS(GraphicString, Primitive); 01890 OSSL_ASN1_DEFINE_CLASS(ISO64String, Primitive); 01891 OSSL_ASN1_DEFINE_CLASS(GeneralString, Primitive); 01892 OSSL_ASN1_DEFINE_CLASS(UniversalString, Primitive); 01893 OSSL_ASN1_DEFINE_CLASS(BMPString, Primitive); 01894 OSSL_ASN1_DEFINE_CLASS(Null, Primitive); 01895 OSSL_ASN1_DEFINE_CLASS(ObjectId, Primitive); 01896 OSSL_ASN1_DEFINE_CLASS(UTCTime, Primitive); 01897 OSSL_ASN1_DEFINE_CLASS(GeneralizedTime, Primitive); 01898 01899 OSSL_ASN1_DEFINE_CLASS(Sequence, Constructive); 01900 OSSL_ASN1_DEFINE_CLASS(Set, Constructive); 01901 01902 OSSL_ASN1_DEFINE_CLASS(EndOfContent, Data); 01903 01904 rb_define_singleton_method(cASN1ObjectId, "register", ossl_asn1obj_s_register, 3); 01905 rb_define_method(cASN1ObjectId, "sn", ossl_asn1obj_get_sn, 0); 01906 rb_define_method(cASN1ObjectId, "ln", ossl_asn1obj_get_ln, 0); 01907 rb_define_method(cASN1ObjectId, "oid", ossl_asn1obj_get_oid, 0); 01908 rb_define_alias(cASN1ObjectId, "short_name", "sn"); 01909 rb_define_alias(cASN1ObjectId, "long_name", "ln"); 01910 rb_attr(cASN1BitString, rb_intern("unused_bits"), 1, 1, 0); 01911 01912 rb_define_method(cASN1EndOfContent, "initialize", ossl_asn1eoc_initialize, 0); 01913 01914 class_tag_map = rb_hash_new(); 01915 rb_hash_aset(class_tag_map, cASN1EndOfContent, INT2NUM(V_ASN1_EOC)); 01916 rb_hash_aset(class_tag_map, cASN1Boolean, INT2NUM(V_ASN1_BOOLEAN)); 01917 rb_hash_aset(class_tag_map, cASN1Integer, INT2NUM(V_ASN1_INTEGER)); 01918 rb_hash_aset(class_tag_map, cASN1BitString, INT2NUM(V_ASN1_BIT_STRING)); 01919 rb_hash_aset(class_tag_map, cASN1OctetString, INT2NUM(V_ASN1_OCTET_STRING)); 01920 rb_hash_aset(class_tag_map, cASN1Null, INT2NUM(V_ASN1_NULL)); 01921 rb_hash_aset(class_tag_map, cASN1ObjectId, INT2NUM(V_ASN1_OBJECT)); 01922 rb_hash_aset(class_tag_map, cASN1Enumerated, INT2NUM(V_ASN1_ENUMERATED)); 01923 rb_hash_aset(class_tag_map, cASN1UTF8String, INT2NUM(V_ASN1_UTF8STRING)); 01924 rb_hash_aset(class_tag_map, cASN1Sequence, INT2NUM(V_ASN1_SEQUENCE)); 01925 rb_hash_aset(class_tag_map, cASN1Set, INT2NUM(V_ASN1_SET)); 01926 rb_hash_aset(class_tag_map, cASN1NumericString, INT2NUM(V_ASN1_NUMERICSTRING)); 01927 rb_hash_aset(class_tag_map, cASN1PrintableString, INT2NUM(V_ASN1_PRINTABLESTRING)); 01928 rb_hash_aset(class_tag_map, cASN1T61String, INT2NUM(V_ASN1_T61STRING)); 01929 rb_hash_aset(class_tag_map, cASN1VideotexString, INT2NUM(V_ASN1_VIDEOTEXSTRING)); 01930 rb_hash_aset(class_tag_map, cASN1IA5String, INT2NUM(V_ASN1_IA5STRING)); 01931 rb_hash_aset(class_tag_map, cASN1UTCTime, INT2NUM(V_ASN1_UTCTIME)); 01932 rb_hash_aset(class_tag_map, cASN1GeneralizedTime, INT2NUM(V_ASN1_GENERALIZEDTIME)); 01933 rb_hash_aset(class_tag_map, cASN1GraphicString, INT2NUM(V_ASN1_GRAPHICSTRING)); 01934 rb_hash_aset(class_tag_map, cASN1ISO64String, INT2NUM(V_ASN1_ISO64STRING)); 01935 rb_hash_aset(class_tag_map, cASN1GeneralString, INT2NUM(V_ASN1_GENERALSTRING)); 01936 rb_hash_aset(class_tag_map, cASN1UniversalString, INT2NUM(V_ASN1_UNIVERSALSTRING)); 01937 rb_hash_aset(class_tag_map, cASN1BMPString, INT2NUM(V_ASN1_BMPSTRING)); 01938 rb_global_variable(&class_tag_map); 01939 } 01940