1/*
2 * Copyright (c) 2003-2006,2008,2010 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 *
23 * nameTemplates.h - ASN1 templates for X509 Name, GeneralName, etc.
24 */
25
26#ifndef	_NSS_NAME_TEMPLATES_H_
27#define _NSS_NAME_TEMPLATES_H_
28
29#include <Security/SecAsn1Types.h>
30
31#ifdef  __cplusplus
32extern "C" {
33#endif
34
35// MARK: ----- Generalized NSS_TaggedItem template chooser support -----
36
37/*
38 * A tagged item for use with simple CHOICE types implemented
39 * via SEC_ASN1_DYNAMIC.
40 */
41typedef struct {
42	SecAsn1Item		item;
43	unsigned char	tag;
44} NSS_TaggedItem;
45
46/*
47 * Type/template-specific SecAsn1TemplateChooser passes
48 * an array of these, terminated by a NSS_TagChoice with
49 * a NULL templ field, to SecAsn1TaggedTemplateChooser().
50 */
51typedef struct {
52	unsigned char 			tag;
53	const SecAsn1Template	*templ;
54} NSS_TagChoice;
55
56/*
57 * Generalized Template chooser.
58 */
59const SecAsn1Template * SecAsn1TaggedTemplateChooser(
60	/* Four args passed to specific SecAsn1TemplateChooser */
61	void *arg, 				// currently not used
62	Boolean enc,
63	const char *buf,
64	void *dest,
65	/* array of tag/template pairs */
66	const NSS_TagChoice *chooser);
67
68// MARK: ----- X509 Name, RDN ------
69
70/*
71 * ASN class : AttributeTypeAndValue
72 * C struct  : NSS_ATV
73 * Roughly corresponds to a CSSM_X509_TYPE_VALUE_PAIR and used
74 * in DirectoryString elements.
75 */
76
77/*
78 * This type and template process, via SEC_ASN1_DYNAMIC. the following
79 * tagged types:
80 *
81 *	SEC_ASN1_PRINTABLE_STRING
82 *	SEC_ASN1_TELETEX_STRING
83 *	SEC_ASN1_UNIVERSAL_STRING
84 *	SEC_ASN1_UTF8_STRING
85 *	SEC_ASN1_BMP_STRING
86 *  SEC_ASN1_IA5_STRING
87 *
88 * Note that SEC_ASN1_IA5_STRING is not a legal part of a
89 * DirectoryString, but some certs (e.g. the Thawte serverbasic cert)
90 * use this type.
91 */
92typedef struct {
93    SecAsn1Oid 		type;
94    NSS_TaggedItem 	value;
95} NSS_ATV;
96
97/*
98 * ASN class : RelativeDistinguishedName
99 * C struct  : NSS_RDN
100 *
101 * Corresponds to CSSM_X509_RDN.
102 */
103typedef struct  {
104    NSS_ATV 	**atvs;
105} NSS_RDN;
106
107/*
108 * ASN class : Name
109 * C struct  : NSS_Name
110 *
111 * Corresponds to CSSM_X509_NAME.
112 */
113typedef struct {
114    NSS_RDN 	**rdns;
115} NSS_Name;
116
117extern const SecAsn1Template kSecAsn1ATVTemplate[];
118extern const SecAsn1Template kSecAsn1RDNTemplate[];
119extern const SecAsn1Template kSecAsn1NameTemplate[];
120
121// MARK: ----- OtherName, GeneralizedName -----
122
123/*
124 * ASN Class : OtherName
125 * C struct  : CE_OtherName
126 *
127 * CE_OtherName.value expressed as ASN_ANY, not en/decoded.
128 */
129extern const SecAsn1Template kSecAsn1OtherNameTemplate[];
130
131/*
132 * For decoding an OtherName when it's a context-specific CHOICE
133 * of a GeneralName.
134 */
135extern const SecAsn1Template kSecAsn1GenNameOtherNameTemplate[];
136
137/*
138 * ASN Class : GeneralName
139 * C struct  : NSS_GeneralName, typedefd to an NSS_TaggedItem
140 *
141 * This roughly maps to a CE_GeneralName (from certextensions.h).
142 * The NSS_TaggedItem mechanism is used to resolve choices down
143 * to the SecAsn1Item level - i.e., at this level (prior to encoding
144 * or after decoding), NSS_GeneralName.item either contains a simple
145 * atomic type (IA5String, Octet string) or is raw, un{de,en}coded
146 * ASN_ANY.
147 */
148typedef NSS_TaggedItem NSS_GeneralName;
149
150/*
151 * These context-specific tag definitions, for use in
152 * NSS_GeneralName.tag, are from the ASN definition and map to
153 * CE_GeneralNameType values from certextensions.h. The values
154 * happen to be equivalent but apps should not count on that -
155 * these NSS_GeneralNameTag values are explicitly assigned per
156 * the ASN spec of a GeneralName.
157 *
158 * Shown with each tag is the simple type the tag maps to.
159 */
160typedef enum {
161	NGT_OtherName = 0,			// ASN_ANY
162	NGT_RFC822Name = 1,			// IA5String
163	NGT_DNSName = 2,			// IA5String
164	NGT_X400Address = 3,		// ASY_ANY
165	NGT_DirectoryName = 4,		// ASN_ANY
166	NGT_EdiPartyName = 5,		// ASN_ANY
167	NGT_URI = 6,				// IA5String
168	NGT_IPAddress = 7,			// OCTET_STRING
169	NGT_RegisteredID = 8		// OID
170} NSS_GeneralNameTag;
171
172extern const SecAsn1Template kSecAsn1GeneralNameTemplate[];
173
174/*
175 * ASN Class : GeneralNames
176 * C struct  : NSS_GeneralNames
177 *
178 * Since the SEC_ANY_DYNAMIC mechanism doesn't work with POINTERs
179 * or GROUPs (e.g., a sequence of NSS_GeneralName elements), decoding
180 * an NSS_GeneralNames first requires a decode to an array of
181 * ANY_ANY blobs as shown here. Use SEC_SequenceOfAnyTemplate for
182 * that step. Each of the resulting elements is individually
183 * decoded into an NSS_GeneralName.
184 */
185typedef struct {
186	SecAsn1Item **names;		/* sequence */
187} NSS_GeneralNames;
188
189#define kSecAsn1GeneralNamesTemplate kSecAsn1SequenceOfAnyTemplate
190
191#ifdef  __cplusplus
192}
193#endif
194
195#endif	/* _NSS_NAME_TEMPLATES_H_ */
196