Ruby 1.9.3p327(2012-11-10revision37606)
ext/openssl/ossl_asn1.c
Go to the documentation of this file.
00001 /*
00002  * $Id: ossl_asn1.c 34505 2012-02-09 03:25:07Z nobu $
00003  * 'OpenSSL for Ruby' team members
00004  * Copyright (C) 2003
00005  * All rights reserved.
00006  */
00007 /*
00008  * This program is licenced under the same licence as Ruby.
00009  * (See the file 'LICENCE'.)
00010  */
00011 #include "ossl.h"
00012 
00013 #if defined(HAVE_SYS_TIME_H)
00014 #  include <sys/time.h>
00015 #elif !defined(NT) && !defined(_WIN32)
00016 struct timeval {
00017     long tv_sec;        /* seconds */
00018     long tv_usec;       /* and microseconds */
00019 };
00020 #endif
00021 
00022 static VALUE join_der(VALUE enumerable);
00023 static VALUE ossl_asn1_decode0(unsigned char **pp, long length, long *offset,
00024                                int depth, int yield, long *num_read);
00025 static VALUE ossl_asn1_initialize(int argc, VALUE *argv, VALUE self);
00026 static VALUE ossl_asn1eoc_initialize(VALUE self);
00027 
00028 /*
00029  * DATE conversion
00030  */
00031 VALUE
00032 asn1time_to_time(ASN1_TIME *time)
00033 {
00034     struct tm tm;
00035     VALUE argv[6];
00036 
00037     if (!time || !time->data) return Qnil;
00038     memset(&tm, 0, sizeof(struct tm));
00039 
00040     switch (time->type) {
00041     case V_ASN1_UTCTIME:
00042         if (sscanf((const char *)time->data, "%2d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon,
00043                 &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) {
00044             ossl_raise(rb_eTypeError, "bad UTCTIME format");
00045         }
00046         if (tm.tm_year < 69) {
00047             tm.tm_year += 2000;
00048         } else {
00049             tm.tm_year += 1900;
00050         }
00051         break;
00052     case V_ASN1_GENERALIZEDTIME:
00053         if (sscanf((const char *)time->data, "%4d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon,
00054                 &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) {
00055             ossl_raise(rb_eTypeError, "bad GENERALIZEDTIME format" );
00056         }
00057         break;
00058     default:
00059         rb_warning("unknown time format");
00060         return Qnil;
00061     }
00062     argv[0] = INT2NUM(tm.tm_year);
00063     argv[1] = INT2NUM(tm.tm_mon);
00064     argv[2] = INT2NUM(tm.tm_mday);
00065     argv[3] = INT2NUM(tm.tm_hour);
00066     argv[4] = INT2NUM(tm.tm_min);
00067     argv[5] = INT2NUM(tm.tm_sec);
00068 
00069     return rb_funcall2(rb_cTime, rb_intern("utc"), 6, argv);
00070 }
00071 
00072 /*
00073  * This function is not exported in Ruby's *.h
00074  */
00075 extern struct timeval rb_time_timeval(VALUE);
00076 
00077 time_t
00078 time_to_time_t(VALUE time)
00079 {
00080     return (time_t)NUM2LONG(rb_Integer(time));
00081 }
00082 
00083 /*
00084  * STRING conversion
00085  */
00086 VALUE
00087 asn1str_to_str(ASN1_STRING *str)
00088 {
00089     return rb_str_new((const char *)str->data, str->length);
00090 }
00091 
00092 /*
00093  * ASN1_INTEGER conversions
00094  * TODO: Make a decision what's the right way to do this.
00095  */
00096 #define DO_IT_VIA_RUBY 0
00097 VALUE
00098 asn1integer_to_num(ASN1_INTEGER *ai)
00099 {
00100     BIGNUM *bn;
00101 #if DO_IT_VIA_RUBY
00102     char *txt;
00103 #endif
00104     VALUE num;
00105 
00106     if (!ai) {
00107         ossl_raise(rb_eTypeError, "ASN1_INTEGER is NULL!");
00108     }
00109     if (!(bn = ASN1_INTEGER_to_BN(ai, NULL))) {
00110         ossl_raise(eOSSLError, NULL);
00111     }
00112 #if DO_IT_VIA_RUBY
00113     if (!(txt = BN_bn2dec(bn))) {
00114         BN_free(bn);
00115         ossl_raise(eOSSLError, NULL);
00116     }
00117     num = rb_cstr_to_inum(txt, 10, Qtrue);
00118     OPENSSL_free(txt);
00119 #else
00120     num = ossl_bn_new(bn);
00121 #endif
00122     BN_free(bn);
00123 
00124     return num;
00125 }
00126 
00127 #if DO_IT_VIA_RUBY
00128 ASN1_INTEGER *
00129 num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai)
00130 {
00131     BIGNUM *bn = NULL;
00132 
00133     if (RTEST(rb_obj_is_kind_of(obj, cBN))) {
00134         bn = GetBNPtr(obj);
00135     } else {
00136         obj = rb_String(obj);
00137         if (!BN_dec2bn(&bn, StringValuePtr(obj))) {
00138             ossl_raise(eOSSLError, NULL);
00139         }
00140     }
00141     if (!(ai = BN_to_ASN1_INTEGER(bn, ai))) {
00142         BN_free(bn);
00143         ossl_raise(eOSSLError, NULL);
00144     }
00145     BN_free(bn);
00146     return ai;
00147 }
00148 #else
00149 ASN1_INTEGER *
00150 num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai)
00151 {
00152     BIGNUM *bn = GetBNPtr(obj);
00153 
00154     if (!(ai = BN_to_ASN1_INTEGER(bn, ai))) {
00155         ossl_raise(eOSSLError, NULL);
00156     }
00157     return ai;
00158 }
00159 #endif
00160 
00161 /********/
00162 /*
00163  * ASN1 module
00164  */
00165 #define ossl_asn1_get_value(o)           rb_attr_get((o),sivVALUE)
00166 #define ossl_asn1_get_tag(o)             rb_attr_get((o),sivTAG)
00167 #define ossl_asn1_get_tagging(o)         rb_attr_get((o),sivTAGGING)
00168 #define ossl_asn1_get_tag_class(o)       rb_attr_get((o),sivTAG_CLASS)
00169 #define ossl_asn1_get_infinite_length(o) rb_attr_get((o),sivINFINITE_LENGTH)
00170 
00171 #define ossl_asn1_set_value(o,v)           rb_ivar_set((o),sivVALUE,(v))
00172 #define ossl_asn1_set_tag(o,v)             rb_ivar_set((o),sivTAG,(v))
00173 #define ossl_asn1_set_tagging(o,v)         rb_ivar_set((o),sivTAGGING,(v))
00174 #define ossl_asn1_set_tag_class(o,v)       rb_ivar_set((o),sivTAG_CLASS,(v))
00175 #define ossl_asn1_set_infinite_length(o,v) rb_ivar_set((o),sivINFINITE_LENGTH,(v))
00176 
00177 VALUE mASN1;
00178 VALUE eASN1Error;
00179 
00180 VALUE cASN1Data;
00181 VALUE cASN1Primitive;
00182 VALUE cASN1Constructive;
00183 
00184 VALUE cASN1EndOfContent;
00185 VALUE cASN1Boolean;                           /* BOOLEAN           */
00186 VALUE cASN1Integer, cASN1Enumerated;          /* INTEGER           */
00187 VALUE cASN1BitString;                         /* BIT STRING        */
00188 VALUE cASN1OctetString, cASN1UTF8String;      /* STRINGs           */
00189 VALUE cASN1NumericString, cASN1PrintableString;
00190 VALUE cASN1T61String, cASN1VideotexString;
00191 VALUE cASN1IA5String, cASN1GraphicString;
00192 VALUE cASN1ISO64String, cASN1GeneralString;
00193 VALUE cASN1UniversalString, cASN1BMPString;
00194 VALUE cASN1Null;                              /* NULL              */
00195 VALUE cASN1ObjectId;                          /* OBJECT IDENTIFIER */
00196 VALUE cASN1UTCTime, cASN1GeneralizedTime;     /* TIME              */
00197 VALUE cASN1Sequence, cASN1Set;                /* CONSTRUCTIVE      */
00198 
00199 static ID sIMPLICIT, sEXPLICIT;
00200 static ID sUNIVERSAL, sAPPLICATION, sCONTEXT_SPECIFIC, sPRIVATE;
00201 static ID sivVALUE, sivTAG, sivTAG_CLASS, sivTAGGING, sivINFINITE_LENGTH, sivUNUSED_BITS;
00202 
00203 /*
00204  * We need to implement these for backward compatibility
00205  * reasons, behavior of ASN1_put_object and ASN1_object_size
00206  * for infinite length values is different in OpenSSL <= 0.9.7
00207  */
00208 #if OPENSSL_VERSION_NUMBER < 0x00908000L
00209 #define ossl_asn1_object_size(cons, len, tag)           (cons) == 2 ? (len) + ASN1_object_size((cons), 0, (tag)) : ASN1_object_size((cons), (len), (tag))
00210 #define ossl_asn1_put_object(pp, cons, len, tag, xc)    (cons) == 2 ? ASN1_put_object((pp), (cons), 0, (tag), (xc)) : ASN1_put_object((pp), (cons), (len), (tag), (xc))
00211 #else
00212 #define ossl_asn1_object_size(cons, len, tag)           ASN1_object_size((cons), (len), (tag))
00213 #define ossl_asn1_put_object(pp, cons, len, tag, xc)    ASN1_put_object((pp), (cons), (len), (tag), (xc))
00214 #endif
00215 
00216 /*
00217  * Ruby to ASN1 converters
00218  */
00219 static ASN1_BOOLEAN
00220 obj_to_asn1bool(VALUE obj)
00221 {
00222 #if OPENSSL_VERSION_NUMBER < 0x00907000L
00223      return RTEST(obj) ? 0xff : 0x100;
00224 #else
00225      return RTEST(obj) ? 0xff : 0x0;
00226 #endif
00227 }
00228 
00229 static ASN1_INTEGER*
00230 obj_to_asn1int(VALUE obj)
00231 {
00232     return num_to_asn1integer(obj, NULL);
00233 }
00234 
00235 static ASN1_BIT_STRING*
00236 obj_to_asn1bstr(VALUE obj, long unused_bits)
00237 {
00238     ASN1_BIT_STRING *bstr;
00239 
00240     if(unused_bits < 0) unused_bits = 0;
00241     StringValue(obj);
00242     if(!(bstr = ASN1_BIT_STRING_new()))
00243         ossl_raise(eASN1Error, NULL);
00244     ASN1_BIT_STRING_set(bstr, (unsigned char *)RSTRING_PTR(obj), RSTRING_LENINT(obj));
00245     bstr->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
00246     bstr->flags |= ASN1_STRING_FLAG_BITS_LEFT|(unused_bits&0x07);
00247 
00248     return bstr;
00249 }
00250 
00251 static ASN1_STRING*
00252 obj_to_asn1str(VALUE obj)
00253 {
00254     ASN1_STRING *str;
00255 
00256     StringValue(obj);
00257     if(!(str = ASN1_STRING_new()))
00258         ossl_raise(eASN1Error, NULL);
00259     ASN1_STRING_set(str, RSTRING_PTR(obj), RSTRING_LENINT(obj));
00260 
00261     return str;
00262 }
00263 
00264 static ASN1_NULL*
00265 obj_to_asn1null(VALUE obj)
00266 {
00267     ASN1_NULL *null;
00268 
00269     if(!NIL_P(obj))
00270         ossl_raise(eASN1Error, "nil expected");
00271     if(!(null = ASN1_NULL_new()))
00272         ossl_raise(eASN1Error, NULL);
00273 
00274     return null;
00275 }
00276 
00277 static ASN1_OBJECT*
00278 obj_to_asn1obj(VALUE obj)
00279 {
00280     ASN1_OBJECT *a1obj;
00281 
00282     StringValue(obj);
00283     a1obj = OBJ_txt2obj(RSTRING_PTR(obj), 0);
00284     if(!a1obj) a1obj = OBJ_txt2obj(RSTRING_PTR(obj), 1);
00285     if(!a1obj) ossl_raise(eASN1Error, "invalid OBJECT ID");
00286 
00287     return a1obj;
00288 }
00289 
00290 static ASN1_UTCTIME*
00291 obj_to_asn1utime(VALUE time)
00292 {
00293     time_t sec;
00294     ASN1_UTCTIME *t;
00295 
00296     sec = time_to_time_t(time);
00297     if(!(t = ASN1_UTCTIME_set(NULL, sec)))
00298         ossl_raise(eASN1Error, NULL);
00299 
00300     return t;
00301 }
00302 
00303 static ASN1_GENERALIZEDTIME*
00304 obj_to_asn1gtime(VALUE time)
00305 {
00306     time_t sec;
00307     ASN1_GENERALIZEDTIME *t;
00308 
00309     sec = time_to_time_t(time);
00310     if(!(t =ASN1_GENERALIZEDTIME_set(NULL, sec)))
00311         ossl_raise(eASN1Error, NULL);
00312 
00313     return t;
00314 }
00315 
00316 static ASN1_STRING*
00317 obj_to_asn1derstr(VALUE obj)
00318 {
00319     ASN1_STRING *a1str;
00320     VALUE str;
00321 
00322     str = ossl_to_der(obj);
00323     if(!(a1str = ASN1_STRING_new()))
00324         ossl_raise(eASN1Error, NULL);
00325     ASN1_STRING_set(a1str, RSTRING_PTR(str), RSTRING_LENINT(str));
00326 
00327     return a1str;
00328 }
00329 
00330 /*
00331  * DER to Ruby converters
00332  */
00333 static VALUE
00334 decode_bool(unsigned char* der, int length)
00335 {
00336     int val;
00337     const unsigned char *p;
00338 
00339     p = der;
00340     if((val = d2i_ASN1_BOOLEAN(NULL, &p, length)) < 0)
00341         ossl_raise(eASN1Error, NULL);
00342 
00343     return val ? Qtrue : Qfalse;
00344 }
00345 
00346 static VALUE
00347 decode_int(unsigned char* der, int length)
00348 {
00349     ASN1_INTEGER *ai;
00350     const unsigned char *p;
00351     VALUE ret;
00352     int status = 0;
00353 
00354     p = der;
00355     if(!(ai = d2i_ASN1_INTEGER(NULL, &p, length)))
00356         ossl_raise(eASN1Error, NULL);
00357     ret = rb_protect((VALUE(*)_((VALUE)))asn1integer_to_num,
00358                      (VALUE)ai, &status);
00359     ASN1_INTEGER_free(ai);
00360     if(status) rb_jump_tag(status);
00361 
00362     return ret;
00363 }
00364 
00365 static VALUE
00366 decode_bstr(unsigned char* der, int length, long *unused_bits)
00367 {
00368     ASN1_BIT_STRING *bstr;
00369     const unsigned char *p;
00370     long len;
00371     VALUE ret;
00372 
00373     p = der;
00374     if(!(bstr = d2i_ASN1_BIT_STRING(NULL, &p, length)))
00375         ossl_raise(eASN1Error, NULL);
00376     len = bstr->length;
00377     *unused_bits = 0;
00378     if(bstr->flags & ASN1_STRING_FLAG_BITS_LEFT)
00379         *unused_bits = bstr->flags & 0x07;
00380     ret = rb_str_new((const char *)bstr->data, len);
00381     ASN1_BIT_STRING_free(bstr);
00382 
00383     return ret;
00384 }
00385 
00386 static VALUE
00387 decode_enum(unsigned char* der, int length)
00388 {
00389     ASN1_ENUMERATED *ai;
00390     const unsigned char *p;
00391     VALUE ret;
00392     int status = 0;
00393 
00394     p = der;
00395     if(!(ai = d2i_ASN1_ENUMERATED(NULL, &p, length)))
00396         ossl_raise(eASN1Error, NULL);
00397     ret = rb_protect((VALUE(*)_((VALUE)))asn1integer_to_num,
00398                      (VALUE)ai, &status);
00399     ASN1_ENUMERATED_free(ai);
00400     if(status) rb_jump_tag(status);
00401 
00402     return ret;
00403 }
00404 
00405 static VALUE
00406 decode_null(unsigned char* der, int length)
00407 {
00408     ASN1_NULL *null;
00409     const unsigned char *p;
00410 
00411     p = der;
00412     if(!(null = d2i_ASN1_NULL(NULL, &p, length)))
00413         ossl_raise(eASN1Error, NULL);
00414     ASN1_NULL_free(null);
00415 
00416     return Qnil;
00417 }
00418 
00419 static VALUE
00420 decode_obj(unsigned char* der, int length)
00421 {
00422     ASN1_OBJECT *obj;
00423     const unsigned char *p;
00424     VALUE ret;
00425     int nid;
00426     BIO *bio;
00427 
00428     p = der;
00429     if(!(obj = d2i_ASN1_OBJECT(NULL, &p, length)))
00430         ossl_raise(eASN1Error, NULL);
00431     if((nid = OBJ_obj2nid(obj)) != NID_undef){
00432         ASN1_OBJECT_free(obj);
00433         ret = rb_str_new2(OBJ_nid2sn(nid));
00434     }
00435     else{
00436         if(!(bio = BIO_new(BIO_s_mem()))){
00437             ASN1_OBJECT_free(obj);
00438             ossl_raise(eASN1Error, NULL);
00439         }
00440         i2a_ASN1_OBJECT(bio, obj);
00441         ASN1_OBJECT_free(obj);
00442         ret = ossl_membio2str(bio);
00443     }
00444 
00445     return ret;
00446 }
00447 
00448 static VALUE
00449 decode_time(unsigned char* der, int length)
00450 {
00451     ASN1_TIME *time;
00452     const unsigned char *p;
00453     VALUE ret;
00454     int status = 0;
00455 
00456     p = der;
00457     if(!(time = d2i_ASN1_TIME(NULL, &p, length)))
00458         ossl_raise(eASN1Error, NULL);
00459     ret = rb_protect((VALUE(*)_((VALUE)))asn1time_to_time,
00460                      (VALUE)time, &status);
00461     ASN1_TIME_free(time);
00462     if(status) rb_jump_tag(status);
00463 
00464     return ret;
00465 }
00466 
00467 static VALUE
00468 decode_eoc(unsigned char *der, int length)
00469 {
00470     if (length != 2 || !(der[0] == 0x00 && der[1] == 0x00))
00471         ossl_raise(eASN1Error, NULL);
00472 
00473     return rb_str_new("", 0);
00474 }
00475 
00476 /********/
00477 
00478 typedef struct {
00479     const char *name;
00480     VALUE *klass;
00481 } ossl_asn1_info_t;
00482 
00483 static ossl_asn1_info_t ossl_asn1_info[] = {
00484     { "EOC",               &cASN1EndOfContent,    },  /*  0 */
00485     { "BOOLEAN",           &cASN1Boolean,         },  /*  1 */
00486     { "INTEGER",           &cASN1Integer,         },  /*  2 */
00487     { "BIT_STRING",        &cASN1BitString,       },  /*  3 */
00488     { "OCTET_STRING",      &cASN1OctetString,     },  /*  4 */
00489     { "NULL",              &cASN1Null,            },  /*  5 */
00490     { "OBJECT",            &cASN1ObjectId,        },  /*  6 */
00491     { "OBJECT_DESCRIPTOR", NULL,                  },  /*  7 */
00492     { "EXTERNAL",          NULL,                  },  /*  8 */
00493     { "REAL",              NULL,                  },  /*  9 */
00494     { "ENUMERATED",        &cASN1Enumerated,      },  /* 10 */
00495     { "EMBEDDED_PDV",      NULL,                  },  /* 11 */
00496     { "UTF8STRING",        &cASN1UTF8String,      },  /* 12 */
00497     { "RELATIVE_OID",      NULL,                  },  /* 13 */
00498     { "[UNIVERSAL 14]",    NULL,                  },  /* 14 */
00499     { "[UNIVERSAL 15]",    NULL,                  },  /* 15 */
00500     { "SEQUENCE",          &cASN1Sequence,        },  /* 16 */
00501     { "SET",               &cASN1Set,             },  /* 17 */
00502     { "NUMERICSTRING",     &cASN1NumericString,   },  /* 18 */
00503     { "PRINTABLESTRING",   &cASN1PrintableString, },  /* 19 */
00504     { "T61STRING",         &cASN1T61String,       },  /* 20 */
00505     { "VIDEOTEXSTRING",    &cASN1VideotexString,  },  /* 21 */
00506     { "IA5STRING",         &cASN1IA5String,       },  /* 22 */
00507     { "UTCTIME",           &cASN1UTCTime,         },  /* 23 */
00508     { "GENERALIZEDTIME",   &cASN1GeneralizedTime, },  /* 24 */
00509     { "GRAPHICSTRING",     &cASN1GraphicString,   },  /* 25 */
00510     { "ISO64STRING",       &cASN1ISO64String,     },  /* 26 */
00511     { "GENERALSTRING",     &cASN1GeneralString,   },  /* 27 */
00512     { "UNIVERSALSTRING",   &cASN1UniversalString, },  /* 28 */
00513     { "CHARACTER_STRING",  NULL,                  },  /* 29 */
00514     { "BMPSTRING",         &cASN1BMPString,       },  /* 30 */
00515 };
00516 
00517 int ossl_asn1_info_size = (sizeof(ossl_asn1_info)/sizeof(ossl_asn1_info[0]));
00518 
00519 static VALUE class_tag_map;
00520 
00521 static int ossl_asn1_default_tag(VALUE obj);
00522 
00523 ASN1_TYPE*
00524 ossl_asn1_get_asn1type(VALUE obj)
00525 {
00526     ASN1_TYPE *ret;
00527     VALUE value, rflag;
00528     void *ptr;
00529     void (*free_func)();
00530     int tag, flag;
00531 
00532     tag = ossl_asn1_default_tag(obj);
00533     value = ossl_asn1_get_value(obj);
00534     switch(tag){
00535     case V_ASN1_BOOLEAN:
00536         ptr = (void*)(VALUE)obj_to_asn1bool(value);
00537         free_func = NULL;
00538         break;
00539     case V_ASN1_INTEGER:         /* FALLTHROUGH */
00540     case V_ASN1_ENUMERATED:
00541         ptr = obj_to_asn1int(value);
00542         free_func = ASN1_INTEGER_free;
00543         break;
00544     case V_ASN1_BIT_STRING:
00545         rflag = rb_attr_get(obj, sivUNUSED_BITS);
00546         flag = NIL_P(rflag) ? -1 : NUM2INT(rflag);
00547         ptr = obj_to_asn1bstr(value, flag);
00548         free_func = ASN1_BIT_STRING_free;
00549         break;
00550     case V_ASN1_NULL:
00551         ptr = obj_to_asn1null(value);
00552         free_func = ASN1_NULL_free;
00553         break;
00554     case V_ASN1_OCTET_STRING:    /* FALLTHROUGH */
00555     case V_ASN1_UTF8STRING:      /* FALLTHROUGH */
00556     case V_ASN1_NUMERICSTRING:   /* FALLTHROUGH */
00557     case V_ASN1_PRINTABLESTRING: /* FALLTHROUGH */
00558     case V_ASN1_T61STRING:       /* FALLTHROUGH */
00559     case V_ASN1_VIDEOTEXSTRING:  /* FALLTHROUGH */
00560     case V_ASN1_IA5STRING:       /* FALLTHROUGH */
00561     case V_ASN1_GRAPHICSTRING:   /* FALLTHROUGH */
00562     case V_ASN1_ISO64STRING:     /* FALLTHROUGH */
00563     case V_ASN1_GENERALSTRING:   /* FALLTHROUGH */
00564     case V_ASN1_UNIVERSALSTRING: /* FALLTHROUGH */
00565     case V_ASN1_BMPSTRING:
00566         ptr = obj_to_asn1str(value);
00567         free_func = ASN1_STRING_free;
00568         break;
00569     case V_ASN1_OBJECT:
00570         ptr = obj_to_asn1obj(value);
00571         free_func = ASN1_OBJECT_free;
00572         break;
00573     case V_ASN1_UTCTIME:
00574         ptr = obj_to_asn1utime(value);
00575         free_func = ASN1_TIME_free;
00576         break;
00577     case V_ASN1_GENERALIZEDTIME:
00578         ptr = obj_to_asn1gtime(value);
00579         free_func = ASN1_TIME_free;
00580         break;
00581     case V_ASN1_SET:             /* FALLTHROUGH */
00582     case V_ASN1_SEQUENCE:
00583         ptr = obj_to_asn1derstr(obj);
00584         free_func = ASN1_STRING_free;
00585         break;
00586     default:
00587         ossl_raise(eASN1Error, "unsupported ASN.1 type");
00588     }
00589     if(!(ret = OPENSSL_malloc(sizeof(ASN1_TYPE)))){
00590         if(free_func) free_func(ptr);
00591         ossl_raise(eASN1Error, "ASN1_TYPE alloc failure");
00592     }
00593     memset(ret, 0, sizeof(ASN1_TYPE));
00594     ASN1_TYPE_set(ret, tag, ptr);
00595 
00596     return ret;
00597 }
00598 
00599 static int
00600 ossl_asn1_default_tag(VALUE obj)
00601 {
00602     VALUE tmp_class, tag;
00603 
00604     tmp_class = CLASS_OF(obj);
00605     while (tmp_class) {
00606         tag = rb_hash_lookup(class_tag_map, tmp_class);
00607         if (tag != Qnil) {
00608             return NUM2INT(tag);
00609         }
00610         tmp_class = rb_class_superclass(tmp_class);
00611     }
00612     ossl_raise(eASN1Error, "universal tag for %s not found",
00613                rb_class2name(CLASS_OF(obj)));
00614 
00615     return -1; /* dummy */
00616 }
00617 
00618 static int
00619 ossl_asn1_tag(VALUE obj)
00620 {
00621     VALUE tag;
00622 
00623     tag = ossl_asn1_get_tag(obj);
00624     if(NIL_P(tag))
00625         ossl_raise(eASN1Error, "tag number not specified");
00626 
00627     return NUM2INT(tag);
00628 }
00629 
00630 static int
00631 ossl_asn1_is_explicit(VALUE obj)
00632 {
00633     VALUE s;
00634     int ret = -1;
00635 
00636     s = ossl_asn1_get_tagging(obj);
00637     if(NIL_P(s)) return 0;
00638     else if(SYMBOL_P(s)){
00639         if (SYM2ID(s) == sIMPLICIT)
00640             ret = 0;
00641         else if (SYM2ID(s) == sEXPLICIT)
00642             ret = 1;
00643     }
00644     if(ret < 0){
00645         ossl_raise(eASN1Error, "invalid tag default");
00646     }
00647 
00648     return ret;
00649 }
00650 
00651 static int
00652 ossl_asn1_tag_class(VALUE obj)
00653 {
00654     VALUE s;
00655     int ret = -1;
00656 
00657     s = ossl_asn1_get_tag_class(obj);
00658     if(NIL_P(s)) ret = V_ASN1_UNIVERSAL;
00659     else if(SYMBOL_P(s)){
00660         if (SYM2ID(s) == sUNIVERSAL)
00661             ret = V_ASN1_UNIVERSAL;
00662         else if (SYM2ID(s) == sAPPLICATION)
00663             ret = V_ASN1_APPLICATION;
00664         else if (SYM2ID(s) == sCONTEXT_SPECIFIC)
00665             ret = V_ASN1_CONTEXT_SPECIFIC;
00666         else if (SYM2ID(s) == sPRIVATE)
00667             ret = V_ASN1_PRIVATE;
00668     }
00669     if(ret < 0){
00670         ossl_raise(eASN1Error, "invalid tag class");
00671     }
00672 
00673     return ret;
00674 }
00675 
00676 static VALUE
00677 ossl_asn1_class2sym(int tc)
00678 {
00679     if((tc & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
00680         return ID2SYM(sPRIVATE);
00681     else if((tc & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
00682         return ID2SYM(sCONTEXT_SPECIFIC);
00683     else if((tc & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
00684         return ID2SYM(sAPPLICATION);
00685     else
00686         return ID2SYM(sUNIVERSAL);
00687 }
00688 
00689 /*
00690  * call-seq:
00691  *    OpenSSL::ASN1::ASN1Data.new(value, tag, tag_class) => ASN1Data
00692  *
00693  * +value+: Please have a look at Constructive and Primitive to see how Ruby
00694  * types are mapped to ASN.1 types and vice versa.
00695  *
00696  * +tag+: A +Number+ indicating the tag number.
00697  *
00698  * +tag_class+: A +Symbol+ indicating the tag class. Please cf. ASN1 for
00699  * possible values.
00700  *
00701  * == Example
00702  *   asn1_int = OpenSSL::ASN1Data.new(42, 2, :UNIVERSAL) # => Same as OpenSSL::ASN1::Integer.new(42)
00703  *   tagged_int = OpenSSL::ASN1Data.new(42, 0, :CONTEXT_SPECIFIC) # implicitly 0-tagged INTEGER
00704  */
00705 static VALUE
00706 ossl_asn1data_initialize(VALUE self, VALUE value, VALUE tag, VALUE tag_class)
00707 {
00708     if(!SYMBOL_P(tag_class))
00709         ossl_raise(eASN1Error, "invalid tag class");
00710     if((SYM2ID(tag_class) == sUNIVERSAL) && NUM2INT(tag) > 31)
00711         ossl_raise(eASN1Error, "tag number for Universal too large");
00712     ossl_asn1_set_tag(self, tag);
00713     ossl_asn1_set_value(self, value);
00714     ossl_asn1_set_tag_class(self, tag_class);
00715     ossl_asn1_set_infinite_length(self, Qfalse);
00716 
00717     return self;
00718 }
00719 
00720 static VALUE
00721 join_der_i(VALUE i, VALUE str)
00722 {
00723     i = ossl_to_der_if_possible(i);
00724     StringValue(i);
00725     rb_str_append(str, i);
00726     return Qnil;
00727 }
00728 
00729 static VALUE
00730 join_der(VALUE enumerable)
00731 {
00732     VALUE str = rb_str_new(0, 0);
00733     rb_block_call(enumerable, rb_intern("each"), 0, 0, join_der_i, str);
00734     return str;
00735 }
00736 
00737 /*
00738  * call-seq:
00739  *    asn1.to_der => DER-encoded String
00740  *
00741  * Encodes this ASN1Data into a DER-encoded String value. The result is
00742  * DER-encoded except for the possibility of infinite length encodings.
00743  * Infinite length encodings are not allowed in strict DER, so strictly
00744  * speaking the result of such an encoding would be a BER-encoding.
00745  */
00746 static VALUE
00747 ossl_asn1data_to_der(VALUE self)
00748 {
00749     VALUE value, der, inf_length;
00750     int tag, tag_class, is_cons = 0;
00751     long length;
00752     unsigned char *p;
00753 
00754     value = ossl_asn1_get_value(self);
00755     if(rb_obj_is_kind_of(value, rb_cArray)){
00756         is_cons = 1;
00757         value = join_der(value);
00758     }
00759     StringValue(value);
00760 
00761     tag = ossl_asn1_tag(self);
00762     tag_class = ossl_asn1_tag_class(self);
00763     inf_length = ossl_asn1_get_infinite_length(self);
00764     if (inf_length == Qtrue) {
00765         is_cons = 2;
00766     }
00767     if((length = ossl_asn1_object_size(is_cons, RSTRING_LENINT(value), tag)) <= 0)
00768         ossl_raise(eASN1Error, NULL);
00769     der = rb_str_new(0, length);
00770     p = (unsigned char *)RSTRING_PTR(der);
00771     ossl_asn1_put_object(&p, is_cons, RSTRING_LENINT(value), tag, tag_class);
00772     memcpy(p, RSTRING_PTR(value), RSTRING_LEN(value));
00773     p += RSTRING_LEN(value);
00774     ossl_str_adjust(der, p);
00775 
00776     return der;
00777 }
00778 
00779 static VALUE
00780 int_ossl_asn1_decode0_prim(unsigned char **pp, long length, int hlen, int tag,
00781                            VALUE tc, long *num_read)
00782 {
00783     VALUE value, asn1data;
00784     unsigned char *p;
00785     long flag = 0;
00786 
00787     p = *pp;
00788 
00789     if(tc == sUNIVERSAL && tag < ossl_asn1_info_size) {
00790         switch(tag){
00791         case V_ASN1_EOC:
00792             value = decode_eoc(p, hlen+length);
00793             break;
00794         case V_ASN1_BOOLEAN:
00795             value = decode_bool(p, hlen+length);
00796             break;
00797         case V_ASN1_INTEGER:
00798             value = decode_int(p, hlen+length);
00799             break;
00800         case V_ASN1_BIT_STRING:
00801             value = decode_bstr(p, hlen+length, &flag);
00802             break;
00803         case V_ASN1_NULL:
00804             value = decode_null(p, hlen+length);
00805             break;
00806         case V_ASN1_ENUMERATED:
00807             value = decode_enum(p, hlen+length);
00808             break;
00809         case V_ASN1_OBJECT:
00810             value = decode_obj(p, hlen+length);
00811             break;
00812         case V_ASN1_UTCTIME:           /* FALLTHROUGH */
00813         case V_ASN1_GENERALIZEDTIME:
00814             value = decode_time(p, hlen+length);
00815             break;
00816         default:
00817             /* use original value */
00818             p += hlen;
00819             value = rb_str_new((const char *)p, length);
00820             break;
00821         }
00822     }
00823     else {
00824         p += hlen;
00825         value = rb_str_new((const char *)p, length);
00826     }
00827 
00828     *pp += hlen + length;
00829     *num_read = hlen + length;
00830 
00831     if (tc == sUNIVERSAL && tag < ossl_asn1_info_size && ossl_asn1_info[tag].klass) {
00832         VALUE klass = *ossl_asn1_info[tag].klass;
00833         VALUE args[4];
00834         args[0] = value;
00835         args[1] = INT2NUM(tag);
00836         args[2] = Qnil;
00837         args[3] = ID2SYM(tc);
00838         asn1data = rb_obj_alloc(klass);
00839         ossl_asn1_initialize(4, args, asn1data);
00840         if(tag == V_ASN1_BIT_STRING){
00841             rb_ivar_set(asn1data, sivUNUSED_BITS, LONG2NUM(flag));
00842         }
00843     }
00844     else {
00845         asn1data = rb_obj_alloc(cASN1Data);
00846         ossl_asn1data_initialize(asn1data, value, INT2NUM(tag), ID2SYM(tc));
00847     }
00848 
00849     return asn1data;
00850 }
00851 
00852 static VALUE
00853 int_ossl_asn1_decode0_cons(unsigned char **pp, long max_len, long length,
00854                            long *offset, int depth, int yield, int j,
00855                            int tag, VALUE tc, long *num_read)
00856 {
00857     VALUE value, asn1data, ary;
00858     int infinite;
00859     long off = *offset;
00860 
00861     infinite = (j == 0x21);
00862     ary = rb_ary_new();
00863 
00864     while (length > 0 || infinite) {
00865         long inner_read = 0;
00866         value = ossl_asn1_decode0(pp, max_len, &off, depth + 1, yield, &inner_read);
00867         *num_read += inner_read;
00868         max_len -= inner_read;
00869         rb_ary_push(ary, value);
00870         if (length > 0)
00871             length -= inner_read;
00872 
00873         if (infinite &&
00874             NUM2INT(ossl_asn1_get_tag(value)) == V_ASN1_EOC &&
00875             SYM2ID(ossl_asn1_get_tag_class(value)) == sUNIVERSAL) {
00876             break;
00877         }
00878     }
00879 
00880     if (tc == sUNIVERSAL) {
00881         VALUE args[4];
00882         int not_sequence_or_set;
00883 
00884         not_sequence_or_set = tag != V_ASN1_SEQUENCE && tag != V_ASN1_SET;
00885 
00886         if (not_sequence_or_set) {
00887             if (infinite) {
00888                 asn1data = rb_obj_alloc(cASN1Constructive);
00889             }
00890             else {
00891                 ossl_raise(eASN1Error, "invalid non-infinite tag");
00892                 return Qnil;
00893             }
00894         }
00895         else {
00896             VALUE klass = *ossl_asn1_info[tag].klass;
00897             asn1data = rb_obj_alloc(klass);
00898         }
00899         args[0] = ary;
00900         args[1] = INT2NUM(tag);
00901         args[2] = Qnil;
00902         args[3] = ID2SYM(tc);
00903         ossl_asn1_initialize(4, args, asn1data);
00904     }
00905     else {
00906         asn1data = rb_obj_alloc(cASN1Data);
00907         ossl_asn1data_initialize(asn1data, ary, INT2NUM(tag), ID2SYM(tc));
00908     }
00909 
00910     if (infinite)
00911         ossl_asn1_set_infinite_length(asn1data, Qtrue);
00912     else
00913         ossl_asn1_set_infinite_length(asn1data, Qfalse);
00914 
00915     *offset = off;
00916     return asn1data;
00917 }
00918 
00919 static VALUE
00920 ossl_asn1_decode0(unsigned char **pp, long length, long *offset, int depth,
00921                   int yield, long *num_read)
00922 {
00923     unsigned char *start, *p;
00924     const unsigned char *p0;
00925     long len = 0, inner_read = 0, off = *offset;
00926     int hlen, tag, tc, j;
00927     VALUE asn1data, tag_class;
00928 
00929     p = *pp;
00930     start = p;
00931     p0 = p;
00932     j = ASN1_get_object(&p0, &len, &tag, &tc, length);
00933     p = (unsigned char *)p0;
00934     if(j & 0x80) ossl_raise(eASN1Error, NULL);
00935     if(len > length) ossl_raise(eASN1Error, "value is too short");
00936     if((tc & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
00937         tag_class = sPRIVATE;
00938     else if((tc & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
00939         tag_class = sCONTEXT_SPECIFIC;
00940     else if((tc & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
00941         tag_class = sAPPLICATION;
00942     else
00943         tag_class = sUNIVERSAL;
00944 
00945     hlen = p - start;
00946 
00947     if(yield) {
00948         VALUE arg = rb_ary_new();
00949         rb_ary_push(arg, LONG2NUM(depth));
00950         rb_ary_push(arg, LONG2NUM(*offset));
00951         rb_ary_push(arg, LONG2NUM(hlen));
00952         rb_ary_push(arg, LONG2NUM(len));
00953         rb_ary_push(arg, (j & V_ASN1_CONSTRUCTED) ? Qtrue : Qfalse);
00954         rb_ary_push(arg, ossl_asn1_class2sym(tc));
00955         rb_ary_push(arg, INT2NUM(tag));
00956         rb_yield(arg);
00957     }
00958 
00959     if(j & V_ASN1_CONSTRUCTED) {
00960         *pp += hlen;
00961         off += hlen;
00962         asn1data = int_ossl_asn1_decode0_cons(pp, length, len, &off, depth, yield, j, tag, tag_class, &inner_read);
00963         inner_read += hlen;
00964     }
00965     else {
00966         if ((j & 0x01) && (len == 0)) ossl_raise(eASN1Error, "Infinite length for primitive value");
00967         asn1data = int_ossl_asn1_decode0_prim(pp, len, hlen, tag, tag_class, &inner_read);
00968         off += hlen + len;
00969     }
00970     if (num_read)
00971         *num_read = inner_read;
00972     if (len != 0 && inner_read != hlen + len) {
00973         ossl_raise(eASN1Error,
00974                    "Type mismatch. Bytes read: %ld Bytes available: %ld",
00975                    inner_read, hlen + len);
00976     }
00977 
00978     *offset = off;
00979     return asn1data;
00980 }
00981 
00982 static void
00983 int_ossl_decode_sanity_check(long len, long read, long offset)
00984 {
00985     if (len != 0 && (read != len || offset != len)) {
00986         ossl_raise(eASN1Error,
00987                    "Type mismatch. Total bytes read: %ld Bytes available: %ld Offset: %ld",
00988                    read, len, offset);
00989     }
00990 }
00991 
00992 /*
00993  * call-seq:
00994  *    OpenSSL::ASN1.traverse(asn1) -> nil
00995  *
00996  * If a block is given, it prints out each of the elements encountered.
00997  * Block parameters are (in that order):
00998  * * depth: The recursion depth, plus one with each constructed value being encountered (Number)
00999  * * offset: Current byte offset (Number)
01000  * * header length: Combined length in bytes of the Tag and Length headers. (Number)
01001  * * length: The overall remaining length of the entire data (Number)
01002  * * constructed: Whether this value is constructed or not (Boolean)
01003  * * tag_class: Current tag class (Symbol)
01004  * * tag: The current tag (Number)
01005  *
01006  * == Example
01007  *   der = File.binread('asn1data.der')
01008  *   OpenSSL::ASN1.traverse(der) do | depth, offset, header_len, length, constructed, tag_class, tag|
01009  *     puts "Depth: #{depth} Offset: #{offset} Length: #{length}"
01010  *     puts "Header length: #{header_len} Tag: #{tag} Tag class: #{tag_class} Constructed: #{constructed}"
01011  *   end
01012  */
01013 static VALUE
01014 ossl_asn1_traverse(VALUE self, VALUE obj)
01015 {
01016     unsigned char *p;
01017     volatile VALUE tmp;
01018     long len, read = 0, offset = 0;
01019 
01020     obj = ossl_to_der_if_possible(obj);
01021     tmp = rb_str_new4(StringValue(obj));
01022     p = (unsigned char *)RSTRING_PTR(tmp);
01023     len = RSTRING_LEN(tmp);
01024     ossl_asn1_decode0(&p, len, &offset, 0, 1, &read);
01025     int_ossl_decode_sanity_check(len, read, offset);
01026     return Qnil;
01027 }
01028 
01029 /*
01030  * call-seq:
01031  *    OpenSSL::ASN1.decode(der) -> ASN1Data
01032  *
01033  * Decodes a BER- or DER-encoded value and creates an ASN1Data instance. +der+
01034  * may be a +String+ or any object that features a +#to_der+ method transforming
01035  * it into a BER-/DER-encoded +String+.
01036  *
01037  * == Example
01038  *   der = File.binread('asn1data')
01039  *   asn1 = OpenSSL::ASN1.decode(der)
01040  */
01041 static VALUE
01042 ossl_asn1_decode(VALUE self, VALUE obj)
01043 {
01044     VALUE ret;
01045     unsigned char *p;
01046     volatile VALUE tmp;
01047     long len, read = 0, offset = 0;
01048 
01049     obj = ossl_to_der_if_possible(obj);
01050     tmp = rb_str_new4(StringValue(obj));
01051     p = (unsigned char *)RSTRING_PTR(tmp);
01052     len = RSTRING_LEN(tmp);
01053     ret = ossl_asn1_decode0(&p, len, &offset, 0, 0, &read);
01054     int_ossl_decode_sanity_check(len, read, offset);
01055     return ret;
01056 }
01057 
01058 /*
01059  * call-seq:
01060  *    OpenSSL::ASN1.decode_all(der) -> Array of ASN1Data
01061  *
01062  * Similar to +decode+ with the difference that +decode+ expects one
01063  * distinct value represented in +der+. +decode_all+ on the contrary
01064  * decodes a sequence of sequential BER/DER values lined up in +der+
01065  * and returns them as an array.
01066  *
01067  * == Example
01068  *   ders = File.binread('asn1data_seq')
01069  *   asn1_ary = OpenSSL::ASN1.decode_all(ders)
01070  */
01071 static VALUE
01072 ossl_asn1_decode_all(VALUE self, VALUE obj)
01073 {
01074     VALUE ary, val;
01075     unsigned char *p;
01076     long len, tmp_len = 0, read = 0, offset = 0;
01077     volatile VALUE tmp;
01078 
01079     obj = ossl_to_der_if_possible(obj);
01080     tmp = rb_str_new4(StringValue(obj));
01081     p = (unsigned char *)RSTRING_PTR(tmp);
01082     len = RSTRING_LEN(tmp);
01083     tmp_len = len;
01084     ary = rb_ary_new();
01085     while (tmp_len > 0) {
01086         long tmp_read = 0;
01087         val = ossl_asn1_decode0(&p, tmp_len, &offset, 0, 0, &tmp_read);
01088         rb_ary_push(ary, val);
01089         read += tmp_read;
01090         tmp_len -= tmp_read;
01091     }
01092     int_ossl_decode_sanity_check(len, read, offset);
01093     return ary;
01094 }
01095 
01096 /*
01097  * call-seq:
01098  *    OpenSSL::ASN1::Primitive.new( value [, tag, tagging, tag_class ]) => Primitive
01099  *
01100  * +value+: is mandatory.
01101  *
01102  * +tag+: optional, may be specified for tagged values. If no +tag+ is
01103  * specified, the UNIVERSAL tag corresponding to the Primitive sub-class
01104  * is used by default.
01105  *
01106  * +tagging+: may be used as an encoding hint to encode a value either
01107  * explicitly or implicitly, see ASN1 for possible values.
01108  *
01109  * +tag_class+: if +tag+ and +tagging+ are +nil+ then this is set to
01110  * +:UNIVERSAL+ by default. If either +tag+ or +tagging+ are set then
01111  * +:CONTEXT_SPECIFIC+ is used as the default. For possible values please
01112  * cf. ASN1.
01113  *
01114  * == Example
01115  *   int = OpenSSL::ASN1::Integer.new(42)
01116  *   zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :IMPLICIT)
01117  *   private_explicit_zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :EXPLICIT, :PRIVATE)
01118  */
01119 static VALUE
01120 ossl_asn1_initialize(int argc, VALUE *argv, VALUE self)
01121 {
01122     VALUE value, tag, tagging, tag_class;
01123 
01124     rb_scan_args(argc, argv, "13", &value, &tag, &tagging, &tag_class);
01125     if(argc > 1){
01126         if(NIL_P(tag))
01127             ossl_raise(eASN1Error, "must specify tag number");
01128         if(!NIL_P(tagging) && !SYMBOL_P(tagging))
01129             ossl_raise(eASN1Error, "invalid tagging method");
01130         if(NIL_P(tag_class)) {
01131             if (NIL_P(tagging))
01132                 tag_class = ID2SYM(sUNIVERSAL);
01133             else
01134                 tag_class = ID2SYM(sCONTEXT_SPECIFIC);
01135         }
01136         if(!SYMBOL_P(tag_class))
01137             ossl_raise(eASN1Error, "invalid tag class");
01138         if(SYM2ID(tagging) == sIMPLICIT && NUM2INT(tag) > 31)
01139             ossl_raise(eASN1Error, "tag number for Universal too large");
01140     }
01141     else{
01142         tag = INT2NUM(ossl_asn1_default_tag(self));
01143         tagging = Qnil;
01144         tag_class = ID2SYM(sUNIVERSAL);
01145     }
01146     ossl_asn1_set_tag(self, tag);
01147     ossl_asn1_set_value(self, value);
01148     ossl_asn1_set_tagging(self, tagging);
01149     ossl_asn1_set_tag_class(self, tag_class);
01150     ossl_asn1_set_infinite_length(self, Qfalse);
01151 
01152     return self;
01153 }
01154 
01155 static VALUE
01156 ossl_asn1eoc_initialize(VALUE self) {
01157     VALUE tag, tagging, tag_class, value;
01158     tag = INT2NUM(ossl_asn1_default_tag(self));
01159     tagging = Qnil;
01160     tag_class = ID2SYM(sUNIVERSAL);
01161     value = rb_str_new("", 0);
01162     ossl_asn1_set_tag(self, tag);
01163     ossl_asn1_set_value(self, value);
01164     ossl_asn1_set_tagging(self, tagging);
01165     ossl_asn1_set_tag_class(self, tag_class);
01166     ossl_asn1_set_infinite_length(self, Qfalse);
01167     return self;
01168 }
01169 
01170 static int
01171 ossl_i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp)
01172 {
01173 #if OPENSSL_VERSION_NUMBER < 0x00907000L
01174     if(!a) return 0;
01175     if(a->type == V_ASN1_BOOLEAN)
01176         return i2d_ASN1_BOOLEAN(a->value.boolean, pp);
01177 #endif
01178     return i2d_ASN1_TYPE(a, pp);
01179 }
01180 
01181 static void
01182 ossl_ASN1_TYPE_free(ASN1_TYPE *a)
01183 {
01184 #if OPENSSL_VERSION_NUMBER < 0x00907000L
01185     if(!a) return;
01186     if(a->type == V_ASN1_BOOLEAN){
01187         OPENSSL_free(a);
01188         return;
01189     }
01190 #endif
01191     ASN1_TYPE_free(a);
01192 }
01193 
01194 /*
01195  * call-seq:
01196  *    asn1.to_der => DER-encoded String
01197  *
01198  * See ASN1Data#to_der for details. *
01199  */
01200 static VALUE
01201 ossl_asn1prim_to_der(VALUE self)
01202 {
01203     ASN1_TYPE *asn1;
01204     int tn, tc, explicit;
01205     long len, reallen;
01206     unsigned char *buf, *p;
01207     VALUE str;
01208 
01209     tn = NUM2INT(ossl_asn1_get_tag(self));
01210     tc = ossl_asn1_tag_class(self);
01211     explicit = ossl_asn1_is_explicit(self);
01212     asn1 = ossl_asn1_get_asn1type(self);
01213 
01214     len = ossl_asn1_object_size(1, ossl_i2d_ASN1_TYPE(asn1, NULL), tn);
01215     if(!(buf = OPENSSL_malloc(len))){
01216         ossl_ASN1_TYPE_free(asn1);
01217         ossl_raise(eASN1Error, "cannot alloc buffer");
01218     }
01219     p = buf;
01220     if (tc == V_ASN1_UNIVERSAL) {
01221         ossl_i2d_ASN1_TYPE(asn1, &p);
01222     } else if (explicit) {
01223         ossl_asn1_put_object(&p, 1, ossl_i2d_ASN1_TYPE(asn1, NULL), tn, tc);
01224         ossl_i2d_ASN1_TYPE(asn1, &p);
01225     } else {
01226         ossl_i2d_ASN1_TYPE(asn1, &p);
01227         *buf = tc | tn | (*buf & V_ASN1_CONSTRUCTED);
01228     }
01229     ossl_ASN1_TYPE_free(asn1);
01230     reallen = p - buf;
01231     assert(reallen <= len);
01232     str = ossl_buf2str((char *)buf, rb_long2int(reallen)); /* buf will be free in ossl_buf2str */
01233 
01234     return str;
01235 }
01236 
01237 /*
01238  * call-seq:
01239  *    asn1.to_der => DER-encoded String
01240  *
01241  * See ASN1Data#to_der for details.
01242  */
01243 static VALUE
01244 ossl_asn1cons_to_der(VALUE self)
01245 {
01246     int tag, tn, tc, explicit, constructed = 1;
01247     int found_prim = 0, seq_len;
01248     long length;
01249     unsigned char *p;
01250     VALUE value, str, inf_length;
01251 
01252     tn = NUM2INT(ossl_asn1_get_tag(self));
01253     tc = ossl_asn1_tag_class(self);
01254     inf_length = ossl_asn1_get_infinite_length(self);
01255     if (inf_length == Qtrue) {
01256         VALUE ary, example;
01257         constructed = 2;
01258         if (CLASS_OF(self) == cASN1Sequence ||
01259             CLASS_OF(self) == cASN1Set) {
01260             tag = ossl_asn1_default_tag(self);
01261         }
01262         else { /* must be a constructive encoding of a primitive value */
01263             ary = ossl_asn1_get_value(self);
01264             if (!rb_obj_is_kind_of(ary, rb_cArray))
01265                 ossl_raise(eASN1Error, "Constructive value must be an Array");
01266             /* Recursively descend until a primitive value is found.
01267             The overall value of the entire constructed encoding
01268             is of the type of the first primitive encoding to be
01269             found. */
01270             while (!found_prim){
01271                 example = rb_ary_entry(ary, 0);
01272                 if (rb_obj_is_kind_of(example, cASN1Primitive)){
01273                     found_prim = 1;
01274                 }
01275                 else {
01276                     /* example is another ASN1Constructive */
01277                     if (!rb_obj_is_kind_of(example, cASN1Constructive)){
01278                         ossl_raise(eASN1Error, "invalid constructed encoding");
01279                         return Qnil; /* dummy */
01280                     }
01281                     ary = ossl_asn1_get_value(example);
01282                 }
01283             }
01284             tag = ossl_asn1_default_tag(example);
01285         }
01286     }
01287     else {
01288         if (CLASS_OF(self) == cASN1Constructive)
01289             ossl_raise(eASN1Error, "Constructive shall only be used with infinite length");
01290         tag = ossl_asn1_default_tag(self);
01291     }
01292     explicit = ossl_asn1_is_explicit(self);
01293     value = join_der(ossl_asn1_get_value(self));
01294 
01295     seq_len = ossl_asn1_object_size(constructed, RSTRING_LENINT(value), tag);
01296     length = ossl_asn1_object_size(constructed, seq_len, tn);
01297     str = rb_str_new(0, length);
01298     p = (unsigned char *)RSTRING_PTR(str);
01299     if(tc == V_ASN1_UNIVERSAL)
01300         ossl_asn1_put_object(&p, constructed, RSTRING_LENINT(value), tn, tc);
01301     else{
01302         if(explicit){
01303             ossl_asn1_put_object(&p, constructed, seq_len, tn, tc);
01304             ossl_asn1_put_object(&p, constructed, RSTRING_LENINT(value), tag, V_ASN1_UNIVERSAL);
01305         }
01306         else{
01307             ossl_asn1_put_object(&p, constructed, RSTRING_LENINT(value), tn, tc);
01308         }
01309     }
01310     memcpy(p, RSTRING_PTR(value), RSTRING_LEN(value));
01311     p += RSTRING_LEN(value);
01312 
01313     /* In this case we need an additional EOC (one for the explicit part and
01314      * one for the Constructive itself. The EOC for the Constructive is
01315      * supplied by the user, but that for the "explicit wrapper" must be
01316      * added here.
01317      */
01318     if (explicit && inf_length == Qtrue) {
01319         ASN1_put_eoc(&p);
01320     }
01321     ossl_str_adjust(str, p);
01322 
01323     return str;
01324 }
01325 
01326 /*
01327  * call-seq:
01328  *    asn1_ary.each { |asn1| block } => asn1_ary
01329  *
01330  * Calls <i>block</i> once for each element in +self+, passing that element
01331  * as parameter +asn1+. If no block is given, an enumerator is returned
01332  * instead.
01333  *
01334  * == Example
01335  *   asn1_ary.each do |asn1|
01336  *     puts asn1
01337  *   end
01338  */
01339 static VALUE
01340 ossl_asn1cons_each(VALUE self)
01341 {
01342     rb_ary_each(ossl_asn1_get_value(self));
01343     return self;
01344 }
01345 
01346 static VALUE
01347 ossl_asn1obj_s_register(VALUE self, VALUE oid, VALUE sn, VALUE ln)
01348 {
01349     StringValue(oid);
01350     StringValue(sn);
01351     StringValue(ln);
01352 
01353     if(!OBJ_create(RSTRING_PTR(oid), RSTRING_PTR(sn), RSTRING_PTR(ln)))
01354         ossl_raise(eASN1Error, NULL);
01355 
01356     return Qtrue;
01357 }
01358 
01359 static VALUE
01360 ossl_asn1obj_get_sn(VALUE self)
01361 {
01362     VALUE val, ret = Qnil;
01363     int nid;
01364 
01365     val = ossl_asn1_get_value(self);
01366     if ((nid = OBJ_txt2nid(StringValuePtr(val))) != NID_undef)
01367         ret = rb_str_new2(OBJ_nid2sn(nid));
01368 
01369     return ret;
01370 }
01371 
01372 static VALUE
01373 ossl_asn1obj_get_ln(VALUE self)
01374 {
01375     VALUE val, ret = Qnil;
01376     int nid;
01377 
01378     val = ossl_asn1_get_value(self);
01379     if ((nid = OBJ_txt2nid(StringValuePtr(val))) != NID_undef)
01380         ret = rb_str_new2(OBJ_nid2ln(nid));
01381 
01382     return ret;
01383 }
01384 
01385 static VALUE
01386 ossl_asn1obj_get_oid(VALUE self)
01387 {
01388     VALUE val;
01389     ASN1_OBJECT *a1obj;
01390     char buf[128];
01391 
01392     val = ossl_asn1_get_value(self);
01393     a1obj = obj_to_asn1obj(val);
01394     OBJ_obj2txt(buf, sizeof(buf), a1obj, 1);
01395     ASN1_OBJECT_free(a1obj);
01396 
01397     return rb_str_new2(buf);
01398 }
01399 
01400 #define OSSL_ASN1_IMPL_FACTORY_METHOD(klass) \
01401 static VALUE ossl_asn1_##klass(int argc, VALUE *argv, VALUE self)\
01402 { return rb_funcall3(cASN1##klass, rb_intern("new"), argc, argv); }
01403 
01404 OSSL_ASN1_IMPL_FACTORY_METHOD(Boolean)
01405 OSSL_ASN1_IMPL_FACTORY_METHOD(Integer)
01406 OSSL_ASN1_IMPL_FACTORY_METHOD(Enumerated)
01407 OSSL_ASN1_IMPL_FACTORY_METHOD(BitString)
01408 OSSL_ASN1_IMPL_FACTORY_METHOD(OctetString)
01409 OSSL_ASN1_IMPL_FACTORY_METHOD(UTF8String)
01410 OSSL_ASN1_IMPL_FACTORY_METHOD(NumericString)
01411 OSSL_ASN1_IMPL_FACTORY_METHOD(PrintableString)
01412 OSSL_ASN1_IMPL_FACTORY_METHOD(T61String)
01413 OSSL_ASN1_IMPL_FACTORY_METHOD(VideotexString)
01414 OSSL_ASN1_IMPL_FACTORY_METHOD(IA5String)
01415 OSSL_ASN1_IMPL_FACTORY_METHOD(GraphicString)
01416 OSSL_ASN1_IMPL_FACTORY_METHOD(ISO64String)
01417 OSSL_ASN1_IMPL_FACTORY_METHOD(GeneralString)
01418 OSSL_ASN1_IMPL_FACTORY_METHOD(UniversalString)
01419 OSSL_ASN1_IMPL_FACTORY_METHOD(BMPString)
01420 OSSL_ASN1_IMPL_FACTORY_METHOD(Null)
01421 OSSL_ASN1_IMPL_FACTORY_METHOD(ObjectId)
01422 OSSL_ASN1_IMPL_FACTORY_METHOD(UTCTime)
01423 OSSL_ASN1_IMPL_FACTORY_METHOD(GeneralizedTime)
01424 OSSL_ASN1_IMPL_FACTORY_METHOD(Sequence)
01425 OSSL_ASN1_IMPL_FACTORY_METHOD(Set)
01426 OSSL_ASN1_IMPL_FACTORY_METHOD(EndOfContent)
01427 
01428 void
01429 Init_ossl_asn1()
01430 {
01431     VALUE ary;
01432     int i;
01433 
01434 #if 0
01435     mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */
01436 #endif
01437 
01438     sUNIVERSAL = rb_intern("UNIVERSAL");
01439     sCONTEXT_SPECIFIC = rb_intern("CONTEXT_SPECIFIC");
01440     sAPPLICATION = rb_intern("APPLICATION");
01441     sPRIVATE = rb_intern("PRIVATE");
01442     sEXPLICIT = rb_intern("EXPLICIT");
01443     sIMPLICIT = rb_intern("IMPLICIT");
01444 
01445     sivVALUE = rb_intern("@value");
01446     sivTAG = rb_intern("@tag");
01447     sivTAGGING = rb_intern("@tagging");
01448     sivTAG_CLASS = rb_intern("@tag_class");
01449     sivINFINITE_LENGTH = rb_intern("@infinite_length");
01450     sivUNUSED_BITS = rb_intern("@unused_bits");
01451 
01452     /*
01453      * Document-module: OpenSSL::ASN1
01454      *
01455      * Abstract Syntax Notation One (or ASN.1) is a notation syntax to
01456      * describe data structures and is defined in ITU-T X.680. ASN.1 itself
01457      * does not mandate any encoding or parsing rules, but usually ASN.1 data
01458      * structures are encoded using the Distinguished Encoding Rules (DER) or
01459      * less often the Basic Encoding Rules (BER) described in ITU-T X.690. DER
01460      * and BER encodings are binary Tag-Length-Value (TLV) encodings that are
01461      * quite concise compared to other popular data description formats such
01462      * as XML, JSON etc.
01463      * ASN.1 data structures are very common in cryptographic applications,
01464      * e.g. X.509 public key certificates or certificate revocation lists
01465      * (CRLs) are all defined in ASN.1 and DER-encoded. ASN.1, DER and BER are
01466      * the building blocks of applied cryptography.
01467      * The ASN1 module provides the necessary classes that allow generation
01468      * of ASN.1 data structures and the methods to encode them using a DER
01469      * encoding. The decode method allows parsing arbitrary BER-/DER-encoded
01470      * data to a Ruby object that can then be modified and re-encoded at will.
01471      *
01472      * == ASN.1 class hierarchy
01473      *
01474      * The base class representing ASN.1 structures is ASN1Data. ASN1Data offers
01475      * attributes to read and set the +tag+, the +tag_class+ and finally the
01476      * +value+ of a particular ASN.1 item. Upon parsing, any tagged values
01477      * (implicit or explicit) will be represented by ASN1Data instances because
01478      * their "real type" can only be determined using out-of-band information
01479      * from the ASN.1 type declaration. Since this information is normally
01480      * known when encoding a type, all sub-classes of ASN1Data offer an
01481      * additional attribute +tagging+ that allows to encode a value implicitly
01482      * (+:IMPLICIT+) or explicitly (+:EXPLICIT+).
01483      *
01484      * === Constructive
01485      *
01486      * Constructive is, as its name implies, the base class for all
01487      * constructed encodings, i.e. those that consist of several values,
01488      * opposed to "primitive" encodings with just one single value.
01489      * Primitive values that are encoded with "infinite length" are typically
01490      * constructed (their values come in multiple chunks) and are therefore
01491      * represented by instances of Constructive. The value of an Constructive
01492      * is always an Array.
01493      *
01494      * ==== ASN1::Set and ASN1::Sequence
01495      *
01496      * The most common constructive encodings are SETs and SEQUENCEs, which is
01497      * why there are two sub-classes of Constructive representing each of
01498      * them.
01499      *
01500      * === Primitive
01501      *
01502      * This is the super class of all primitive values. Primitive
01503      * itself is not used when parsing ASN.1 data, all values are either
01504      * instances of a corresponding sub-class of Primitive or they are
01505      * instances of ASN1Data if the value was tagged implicitly or explicitly.
01506      * Please cf. Primitive documentation for details on sub-classes and
01507      * their respective mappings of ASN.1 data types to Ruby objects.
01508      *
01509      * == Possible values for +tagging+
01510      *
01511      * When constructing an ASN1Data object the ASN.1 type definition may
01512      * require certain elements to be either implicitly or explicitly tagged.
01513      * This can be achieved by setting the +tagging+ attribute manually for
01514      * sub-classes of ASN1Data. Use the symbol +:IMPLICIT+ for implicit
01515      * tagging and +:EXPLICIT+ if the element requires explicit tagging.
01516      *
01517      * == Possible values for +tag_class+
01518      *
01519      * It is possible to create arbitrary ASN1Data objects that also support
01520      * a PRIVATE or APPLICATION tag class. Possible values for the +tag_class+
01521      * attribute are:
01522      * * +:UNIVERSAL+ (the default for untagged values)
01523      * * +:CONTEXT_SPECIFIC+ (the default for tagged values)
01524      * * +:APPLICATION+
01525      * * +:PRIVATE+
01526      *
01527      * == Tag constants
01528      *
01529      * There is a constant defined for each universal tag:
01530      * * OpenSSL::ASN1::EOC (0)
01531      * * OpenSSL::ASN1::BOOLEAN (1)
01532      * * OpenSSL::ASN1::INTEGER (2)
01533      * * OpenSSL::ASN1::BIT_STRING (3)
01534      * * OpenSSL::ASN1::OCTET_STRING (4)
01535      * * OpenSSL::ASN1::NULL (5)
01536      * * OpenSSL::ASN1::OBJECT (6)
01537      * * OpenSSL::ASN1::ENUMERATED (10)
01538      * * OpenSSL::ASN1::UTF8STRING (12)
01539      * * OpenSSL::ASN1::SEQUENCE (16)
01540      * * OpenSSL::ASN1::SET (17)
01541      * * OpenSSL::ASN1::NUMERICSTRING (18)
01542      * * OpenSSL::ASN1::PRINTABLESTRING (19)
01543      * * OpenSSL::ASN1::T61STRING (20)
01544      * * OpenSSL::ASN1::VIDEOTEXSTRING (21)
01545      * * OpenSSL::ASN1::IA5STRING (22)
01546      * * OpenSSL::ASN1::UTCTIME (23)
01547      * * OpenSSL::ASN1::GENERALIZEDTIME (24)
01548      * * OpenSSL::ASN1::GRAPHICSTRING (25)
01549      * * OpenSSL::ASN1::ISO64STRING (26)
01550      * * OpenSSL::ASN1::GENERALSTRING (27)
01551      * * OpenSSL::ASN1::UNIVERSALSTRING (28)
01552      * * OpenSSL::ASN1::BMPSTRING (30)
01553      *
01554      * == UNIVERSAL_TAG_NAME constant
01555      *
01556      * An Array that stores the name of a given tag number. These names are
01557      * the same as the name of the tag constant that is additionally defined,
01558      * e.g. UNIVERSAL_TAG_NAME[2] = "INTEGER" and OpenSSL::ASN1::INTEGER = 2.
01559      *
01560      * == Example usage
01561      *
01562      * === Decoding and viewing a DER-encoded file
01563      *   require 'openssl'
01564      *   require 'pp'
01565      *   der = File.binread('data.der')
01566      *   asn1 = OpenSSL::ASN1.decode(der)
01567      *   pp der
01568      *
01569      * === Creating an ASN.1 structure and DER-encoding it
01570      *   require 'openssl'
01571      *   version = OpenSSL::ASN1::Integer.new(1)
01572      *   # Explicitly 0-tagged implies context-specific tag class
01573      *   serial = OpenSSL::ASN1::Integer.new(12345, 0, :EXPLICIT, :CONTEXT_SPECIFIC)
01574      *   name = OpenSSL::ASN1::PrintableString.new('Data 1')
01575      *   sequence = OpenSSL::ASN1::Sequence.new( [ version, serial, name ] )
01576      *   der = sequence.to_der
01577      */
01578     mASN1 = rb_define_module_under(mOSSL, "ASN1");
01579 
01580     /* Document-class: OpenSSL::ASN1::ASN1Error
01581      *
01582      * Generic error class for all errors raised in ASN1 and any of the
01583      * classes defined in it.
01584      */
01585     eASN1Error = rb_define_class_under(mASN1, "ASN1Error", eOSSLError);
01586     rb_define_module_function(mASN1, "traverse", ossl_asn1_traverse, 1);
01587     rb_define_module_function(mASN1, "decode", ossl_asn1_decode, 1);
01588     rb_define_module_function(mASN1, "decode_all", ossl_asn1_decode_all, 1);
01589     ary = rb_ary_new();
01590 
01591     /*
01592      * Array storing tag names at the tag's index.
01593      */
01594     rb_define_const(mASN1, "UNIVERSAL_TAG_NAME", ary);
01595     for(i = 0; i < ossl_asn1_info_size; i++){
01596         if(ossl_asn1_info[i].name[0] == '[') continue;
01597         rb_define_const(mASN1, ossl_asn1_info[i].name, INT2NUM(i));
01598         rb_ary_store(ary, i, rb_str_new2(ossl_asn1_info[i].name));
01599     }
01600 
01601     /* Document-class: OpenSSL::ASN1::ASN1Data
01602      *
01603      * The top-level class representing any ASN.1 object. When parsed by
01604      * ASN1.decode, tagged values are always represented by an instance
01605      * of ASN1Data.
01606      *
01607      * == The role of ASN1Data for parsing tagged values
01608      *
01609      * When encoding an ASN.1 type it is inherently clear what original
01610      * type (e.g. INTEGER, OCTET STRING etc.) this value has, regardless
01611      * of its tagging.
01612      * But opposed to the time an ASN.1 type is to be encoded, when parsing
01613      * them it is not possible to deduce the "real type" of tagged
01614      * values. This is why tagged values are generally parsed into ASN1Data
01615      * instances, but with a different outcome for implicit and explicit
01616      * tagging.
01617      *
01618      * === Example of a parsed implicitly tagged value
01619      *
01620      * An implicitly 1-tagged INTEGER value will be parsed as an
01621      * ASN1Data with
01622      * * +tag+ equal to 1
01623      * * +tag_class+ equal to +:CONTEXT_SPECIFIC+
01624      * * +value+ equal to a +String+ that carries the raw encoding
01625      *   of the INTEGER.
01626      * This implies that a subsequent decoding step is required to
01627      * completely decode implicitly tagged values.
01628      *
01629      * === Example of a parsed explicitly tagged value
01630      *
01631      * An explicitly 1-tagged INTEGER value will be parsed as an
01632      * ASN1Data with
01633      * * +tag+ equal to 1
01634      * * +tag_class+ equal to +:CONTEXT_SPECIFIC+
01635      * * +value+ equal to an +Array+ with one single element, an
01636      *   instance of OpenSSL::ASN1::Integer, i.e. the inner element
01637      *   is the non-tagged primitive value, and the tagging is represented
01638      *   in the outer ASN1Data
01639      *
01640      * == Example - Decoding an implicitly tagged INTEGER
01641      *   int = OpenSSL::ASN1::Integer.new(1, 0, :IMPLICIT) # implicit 0-tagged
01642      *   seq = OpenSSL::ASN1::Sequence.new( [int] )
01643      *   der = seq.to_der
01644      *   asn1 = OpenSSL::ASN1.decode(der)
01645      *   # pp asn1 => #<OpenSSL::ASN1::Sequence:0x87326e0
01646      *   #              @infinite_length=false,
01647      *   #              @tag=16,
01648      *   #              @tag_class=:UNIVERSAL,
01649      *   #              @tagging=nil,
01650      *   #              @value=
01651      *   #                [#<OpenSSL::ASN1::ASN1Data:0x87326f4
01652      *   #                   @infinite_length=false,
01653      *   #                   @tag=0,
01654      *   #                   @tag_class=:CONTEXT_SPECIFIC,
01655      *   #                   @value="\x01">]>
01656      *   raw_int = asn1.value[0]
01657      *   # manually rewrite tag and tag class to make it an UNIVERSAL value
01658      *   raw_int.tag = OpenSSL::ASN1::INTEGER
01659      *   raw_int.tag_class = :UNIVERSAL
01660      *   int2 = OpenSSL::ASN1.decode(raw_int)
01661      *   puts int2.value # => 1
01662      *
01663      * == Example - Decoding an explicitly tagged INTEGER
01664      *   int = OpenSSL::ASN1::Integer.new(1, 0, :EXPLICIT) # explicit 0-tagged
01665      *   seq = OpenSSL::ASN1::Sequence.new( [int] )
01666      *   der = seq.to_der
01667      *   asn1 = OpenSSL::ASN1.decode(der)
01668      *   # pp asn1 => #<OpenSSL::ASN1::Sequence:0x87326e0
01669      *   #              @infinite_length=false,
01670      *   #              @tag=16,
01671      *   #              @tag_class=:UNIVERSAL,
01672      *   #              @tagging=nil,
01673      *   #              @value=
01674      *   #                [#<OpenSSL::ASN1::ASN1Data:0x87326f4
01675      *   #                   @infinite_length=false,
01676      *   #                   @tag=0,
01677      *   #                   @tag_class=:CONTEXT_SPECIFIC,
01678      *   #                   @value=
01679      *   #                     [#<OpenSSL::ASN1::Integer:0x85bf308
01680      *   #                        @infinite_length=false,
01681      *   #                        @tag=2,
01682      *   #                        @tag_class=:UNIVERSAL
01683      *   #                        @tagging=nil,
01684      *   #                        @value=1>]>]>
01685      *   int2 = asn1.value[0].value[0]
01686      *   puts int2.value # => 1
01687      */
01688     cASN1Data = rb_define_class_under(mASN1, "ASN1Data", rb_cObject);
01689     /*
01690      * Carries the value of a ASN.1 type.
01691      * Please confer Constructive and Primitive for the mappings between
01692      * ASN.1 data types and Ruby classes.
01693      */
01694     rb_attr(cASN1Data, rb_intern("value"), 1, 1, 0);
01695     /*
01696      * A +Number+ representing the tag number of this ASN1Data. Never +nil+.
01697      */
01698     rb_attr(cASN1Data, rb_intern("tag"), 1, 1, 0);
01699     /*
01700      * A +Symbol+ representing the tag class of this ASN1Data. Never +nil+.
01701      * See ASN1Data for possible values.
01702      */
01703     rb_attr(cASN1Data, rb_intern("tag_class"), 1, 1, 0);
01704     /*
01705      * Never +nil+. A +Boolean+ indicating whether the encoding was infinite
01706      * length (in the case of parsing) or whether an infinite length encoding
01707      * shall be used (in the encoding case).
01708      * In DER, every value has a finite length associated with it. But in
01709      * scenarios where large amounts of data need to be transferred it
01710      * might be desirable to have some kind of streaming support available.
01711      * For example, huge OCTET STRINGs are preferably sent in smaller-sized
01712      * chunks, each at a time.
01713      * This is possible in BER by setting the length bytes of an encoding
01714      * to zero and by this indicating that the following value will be
01715      * sent in chunks. Infinite length encodings are always constructed.
01716      * The end of such a stream of chunks is indicated by sending a EOC
01717      * (End of Content) tag. SETs and SEQUENCEs may use an infinite length
01718      * encoding, but also primitive types such as e.g. OCTET STRINGS or
01719      * BIT STRINGS may leverage this functionality (cf. ITU-T X.690).
01720      */
01721     rb_attr(cASN1Data, rb_intern("infinite_length"), 1, 1, 0);
01722     rb_define_method(cASN1Data, "initialize", ossl_asn1data_initialize, 3);
01723     rb_define_method(cASN1Data, "to_der", ossl_asn1data_to_der, 0);
01724 
01725     /* Document-class: OpenSSL::ASN1::Primitive
01726      *
01727      * The parent class for all primitive encodings. Attributes are the same as
01728      * for ASN1Data, with the addition of +tagging+.
01729      * Primitive values can never be infinite length encodings, thus it is not
01730      * possible to set the +infinite_length+ attribute for Primitive and its
01731      * sub-classes.
01732      *
01733      * == Primitive sub-classes and their mapping to Ruby classes
01734      * * OpenSSL::ASN1::EndOfContent    <=> +value+ is always +nil+
01735      * * OpenSSL::ASN1::Boolean         <=> +value+ is a +Boolean+
01736      * * OpenSSL::ASN1::Integer         <=> +value+ is a +Number+
01737      * * OpenSSL::ASN1::BitString       <=> +value+ is a +String+
01738      * * OpenSSL::ASN1::OctetString     <=> +value+ is a +String+
01739      * * OpenSSL::ASN1::Null            <=> +value+ is always +nil+
01740      * * OpenSSL::ASN1::Object          <=> +value+ is a +String+
01741      * * OpenSSL::ASN1::Enumerated      <=> +value+ is a +Number+
01742      * * OpenSSL::ASN1::UTF8String      <=> +value+ is a +String+
01743      * * OpenSSL::ASN1::NumericString   <=> +value+ is a +String+
01744      * * OpenSSL::ASN1::PrintableString <=> +value+ is a +String+
01745      * * OpenSSL::ASN1::T61String       <=> +value+ is a +String+
01746      * * OpenSSL::ASN1::VideotexString  <=> +value+ is a +String+
01747      * * OpenSSL::ASN1::IA5String       <=> +value+ is a +String+
01748      * * OpenSSL::ASN1::UTCTime         <=> +value+ is a +Time+
01749      * * OpenSSL::ASN1::GeneralizedTime <=> +value+ is a +Time+
01750      * * OpenSSL::ASN1::GraphicString   <=> +value+ is a +String+
01751      * * OpenSSL::ASN1::ISO64String     <=> +value+ is a +String+
01752      * * OpenSSL::ASN1::GeneralString   <=> +value+ is a +String+
01753      * * OpenSSL::ASN1::UniversalString <=> +value+ is a +String+
01754      * * OpenSSL::ASN1::BMPString       <=> +value+ is a +String+
01755      *
01756      * == OpenSSL::ASN1::BitString
01757      *
01758      * === Additional attributes
01759      * +unused_bits+: if the underlying BIT STRING's
01760      * length is a multiple of 8 then +unused_bits+ is 0. Otherwise
01761      * +unused_bits+ indicates the number of bits that are to be ignored in
01762      * the final octet of the +BitString+'s +value+.
01763      *
01764      * == OpenSSL::ASN1::ObjectId
01765      *
01766      * === Additional attributes
01767      * * +sn+: the short name as defined in <openssl/objects.h>.
01768      * * +ln+: the long name as defined in <openssl/objects.h>.
01769      * * +oid+: the object identifier as a +String+, e.g. "1.2.3.4.5"
01770      * * +short_name+: alias for +sn+.
01771      * * +long_name+: alias for +ln+.
01772      *
01773      * == Examples
01774      * With the Exception of OpenSSL::ASN1::EndOfContent, each Primitive class
01775      * constructor takes at least one parameter, the +value+.
01776      *
01777      * === Creating EndOfContent
01778      *   eoc = OpenSSL::ASN1::EndOfContent.new
01779      *
01780      * === Creating any other Primitive
01781      *   prim = <class>.new(value) # <class> being one of the sub-classes except EndOfContent
01782      *   prim_zero_tagged_implicit = <class>.new(value, 0, :IMPLICIT)
01783      *   prim_zero_tagged_explicit = <class>.new(value, 0, :EXPLICIT)
01784      */
01785     cASN1Primitive = rb_define_class_under(mASN1, "Primitive", cASN1Data);
01786     /*
01787      * May be used as a hint for encoding a value either implicitly or
01788      * explicitly by setting it either to +:IMPLICIT+ or to +:EXPLICIT+.
01789      * +tagging+ is not set when a ASN.1 structure is parsed using
01790      * OpenSSL::ASN1.decode.
01791      */
01792     rb_attr(cASN1Primitive, rb_intern("tagging"), 1, 1, Qtrue);
01793     rb_undef_method(cASN1Primitive, "infinite_length=");
01794     rb_define_method(cASN1Primitive, "initialize", ossl_asn1_initialize, -1);
01795     rb_define_method(cASN1Primitive, "to_der", ossl_asn1prim_to_der, 0);
01796 
01797     /* Document-class: OpenSSL::ASN1::Constructive
01798      *
01799      * The parent class for all constructed encodings. The +value+ attribute
01800      * of a Constructive is always an +Array+. Attributes are the same as
01801      * for ASN1Data, with the addition of +tagging+.
01802      *
01803      * == SET and SEQUENCE
01804      *
01805      * Most constructed encodings come in the form of a SET or a SEQUENCE.
01806      * These encodings are represented by one of the two sub-classes of
01807      * Constructive:
01808      * * OpenSSL::ASN1::Set
01809      * * OpenSSL::ASN1::Sequence
01810      * Please note that tagged sequences and sets are still parsed as
01811      * instances of ASN1Data. Find further details on tagged values
01812      * there.
01813      *
01814      * === Example - constructing a SEQUENCE
01815      *   int = OpenSSL::ASN1::Integer.new(1)
01816      *   str = OpenSSL::ASN1::PrintableString.new('abc')
01817      *   sequence = OpenSSL::ASN1::Sequence.new( [ int, str ] )
01818      *
01819      * === Example - constructing a SET
01820      *   int = OpenSSL::ASN1::Integer.new(1)
01821      *   str = OpenSSL::ASN1::PrintableString.new('abc')
01822      *   set = OpenSSL::ASN1::Set.new( [ int, str ] )
01823      *
01824      * == Infinite length primitive values
01825      *
01826      * The only case where Constructive is used directly is for infinite
01827      * length encodings of primitive values. These encodings are always
01828      * constructed, with the contents of the +value+ +Array+ being either
01829      * UNIVERSAL non-infinite length partial encodings of the actual value
01830      * or again constructive encodings with infinite length (i.e. infinite
01831      * length primitive encodings may be constructed recursively with another
01832      * infinite length value within an already infinite length value). Each
01833      * partial encoding must be of the same UNIVERSAL type as the overall
01834      * encoding. The value of the overall encoding consists of the
01835      * concatenation of each partial encoding taken in sequence. The +value+
01836      * array of the outer infinite length value must end with a
01837      * OpenSSL::ASN1::EndOfContent instance.
01838      *
01839      * Please note that it is not possible to encode Constructive without
01840      * the +infinite_length+ attribute being set to +true+, use
01841      * OpenSSL::ASN1::Sequence or OpenSSL::ASN1::Set in these cases instead.
01842      *
01843      * === Example - Infinite length OCTET STRING
01844      *   partial1 = OpenSSL::ASN1::OctetString.new("\x01")
01845      *   partial2 = OpenSSL::ASN1::OctetString.new("\x02")
01846      *   inf_octets = OpenSSL::ASN1::Constructive.new( [ partial1,
01847      *                                                   partial2,
01848      *                                                   OpenSSL::ASN1::EndOfContent.new ],
01849      *                                                 OpenSSL::ASN1::OCTET_STRING,
01850      *                                                 nil,
01851      *                                                 :UNIVERSAL )
01852      *   # The real value of inf_octets is "\x01\x02", i.e. the concatenation
01853      *   # of partial1 and partial2
01854      *   inf_octets.infinite_length = true
01855      *   der = inf_octets.to_der
01856      *   asn1 = OpenSSL::ASN1.decode(der)
01857      *   puts asn1.infinite_length # => true
01858      */
01859     cASN1Constructive = rb_define_class_under(mASN1,"Constructive", cASN1Data);
01860     rb_include_module(cASN1Constructive, rb_mEnumerable);
01861     /*
01862      * May be used as a hint for encoding a value either implicitly or
01863      * explicitly by setting it either to +:IMPLICIT+ or to +:EXPLICIT+.
01864      * +tagging+ is not set when a ASN.1 structure is parsed using
01865      * OpenSSL::ASN1.decode.
01866      */
01867     rb_attr(cASN1Constructive, rb_intern("tagging"), 1, 1, Qtrue);
01868     rb_define_method(cASN1Constructive, "initialize", ossl_asn1_initialize, -1);
01869     rb_define_method(cASN1Constructive, "to_der", ossl_asn1cons_to_der, 0);
01870     rb_define_method(cASN1Constructive, "each", ossl_asn1cons_each, 0);
01871 
01872 #define OSSL_ASN1_DEFINE_CLASS(name, super) \
01873 do{\
01874     cASN1##name = rb_define_class_under(mASN1, #name, cASN1##super);\
01875     rb_define_module_function(mASN1, #name, ossl_asn1_##name, -1);\
01876 }while(0)
01877 
01878     OSSL_ASN1_DEFINE_CLASS(Boolean, Primitive);
01879     OSSL_ASN1_DEFINE_CLASS(Integer, Primitive);
01880     OSSL_ASN1_DEFINE_CLASS(Enumerated, Primitive);
01881     OSSL_ASN1_DEFINE_CLASS(BitString, Primitive);
01882     OSSL_ASN1_DEFINE_CLASS(OctetString, Primitive);
01883     OSSL_ASN1_DEFINE_CLASS(UTF8String, Primitive);
01884     OSSL_ASN1_DEFINE_CLASS(NumericString, Primitive);
01885     OSSL_ASN1_DEFINE_CLASS(PrintableString, Primitive);
01886     OSSL_ASN1_DEFINE_CLASS(T61String, Primitive);
01887     OSSL_ASN1_DEFINE_CLASS(VideotexString, Primitive);
01888     OSSL_ASN1_DEFINE_CLASS(IA5String, Primitive);
01889     OSSL_ASN1_DEFINE_CLASS(GraphicString, Primitive);
01890     OSSL_ASN1_DEFINE_CLASS(ISO64String, Primitive);
01891     OSSL_ASN1_DEFINE_CLASS(GeneralString, Primitive);
01892     OSSL_ASN1_DEFINE_CLASS(UniversalString, Primitive);
01893     OSSL_ASN1_DEFINE_CLASS(BMPString, Primitive);
01894     OSSL_ASN1_DEFINE_CLASS(Null, Primitive);
01895     OSSL_ASN1_DEFINE_CLASS(ObjectId, Primitive);
01896     OSSL_ASN1_DEFINE_CLASS(UTCTime, Primitive);
01897     OSSL_ASN1_DEFINE_CLASS(GeneralizedTime, Primitive);
01898 
01899     OSSL_ASN1_DEFINE_CLASS(Sequence, Constructive);
01900     OSSL_ASN1_DEFINE_CLASS(Set, Constructive);
01901 
01902     OSSL_ASN1_DEFINE_CLASS(EndOfContent, Data);
01903 
01904     rb_define_singleton_method(cASN1ObjectId, "register", ossl_asn1obj_s_register, 3);
01905     rb_define_method(cASN1ObjectId, "sn", ossl_asn1obj_get_sn, 0);
01906     rb_define_method(cASN1ObjectId, "ln", ossl_asn1obj_get_ln, 0);
01907     rb_define_method(cASN1ObjectId, "oid", ossl_asn1obj_get_oid, 0);
01908     rb_define_alias(cASN1ObjectId, "short_name", "sn");
01909     rb_define_alias(cASN1ObjectId, "long_name", "ln");
01910     rb_attr(cASN1BitString, rb_intern("unused_bits"), 1, 1, 0);
01911 
01912     rb_define_method(cASN1EndOfContent, "initialize", ossl_asn1eoc_initialize, 0);
01913 
01914     class_tag_map = rb_hash_new();
01915     rb_hash_aset(class_tag_map, cASN1EndOfContent, INT2NUM(V_ASN1_EOC));
01916     rb_hash_aset(class_tag_map, cASN1Boolean, INT2NUM(V_ASN1_BOOLEAN));
01917     rb_hash_aset(class_tag_map, cASN1Integer, INT2NUM(V_ASN1_INTEGER));
01918     rb_hash_aset(class_tag_map, cASN1BitString, INT2NUM(V_ASN1_BIT_STRING));
01919     rb_hash_aset(class_tag_map, cASN1OctetString, INT2NUM(V_ASN1_OCTET_STRING));
01920     rb_hash_aset(class_tag_map, cASN1Null, INT2NUM(V_ASN1_NULL));
01921     rb_hash_aset(class_tag_map, cASN1ObjectId, INT2NUM(V_ASN1_OBJECT));
01922     rb_hash_aset(class_tag_map, cASN1Enumerated, INT2NUM(V_ASN1_ENUMERATED));
01923     rb_hash_aset(class_tag_map, cASN1UTF8String, INT2NUM(V_ASN1_UTF8STRING));
01924     rb_hash_aset(class_tag_map, cASN1Sequence, INT2NUM(V_ASN1_SEQUENCE));
01925     rb_hash_aset(class_tag_map, cASN1Set, INT2NUM(V_ASN1_SET));
01926     rb_hash_aset(class_tag_map, cASN1NumericString, INT2NUM(V_ASN1_NUMERICSTRING));
01927     rb_hash_aset(class_tag_map, cASN1PrintableString, INT2NUM(V_ASN1_PRINTABLESTRING));
01928     rb_hash_aset(class_tag_map, cASN1T61String, INT2NUM(V_ASN1_T61STRING));
01929     rb_hash_aset(class_tag_map, cASN1VideotexString, INT2NUM(V_ASN1_VIDEOTEXSTRING));
01930     rb_hash_aset(class_tag_map, cASN1IA5String, INT2NUM(V_ASN1_IA5STRING));
01931     rb_hash_aset(class_tag_map, cASN1UTCTime, INT2NUM(V_ASN1_UTCTIME));
01932     rb_hash_aset(class_tag_map, cASN1GeneralizedTime, INT2NUM(V_ASN1_GENERALIZEDTIME));
01933     rb_hash_aset(class_tag_map, cASN1GraphicString, INT2NUM(V_ASN1_GRAPHICSTRING));
01934     rb_hash_aset(class_tag_map, cASN1ISO64String, INT2NUM(V_ASN1_ISO64STRING));
01935     rb_hash_aset(class_tag_map, cASN1GeneralString, INT2NUM(V_ASN1_GENERALSTRING));
01936     rb_hash_aset(class_tag_map, cASN1UniversalString, INT2NUM(V_ASN1_UNIVERSALSTRING));
01937     rb_hash_aset(class_tag_map, cASN1BMPString, INT2NUM(V_ASN1_BMPSTRING));
01938     rb_global_variable(&class_tag_map);
01939 }
01940