1/* 2 * Copyright (c) 2003-2006,2008,2010 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 * 23 * nameTemplates.h - ASN1 templates for X509 Name, GeneralName, etc. 24 */ 25 26#ifndef _NSS_NAME_TEMPLATES_H_ 27#define _NSS_NAME_TEMPLATES_H_ 28 29#include <Security/SecAsn1Types.h> 30 31#ifdef __cplusplus 32extern "C" { 33#endif 34 35// MARK: ----- Generalized NSS_TaggedItem template chooser support ----- 36 37/* 38 * A tagged item for use with simple CHOICE types implemented 39 * via SEC_ASN1_DYNAMIC. 40 */ 41typedef struct { 42 SecAsn1Item item; 43 unsigned char tag; 44} NSS_TaggedItem; 45 46/* 47 * Type/template-specific SecAsn1TemplateChooser passes 48 * an array of these, terminated by a NSS_TagChoice with 49 * a NULL templ field, to SecAsn1TaggedTemplateChooser(). 50 */ 51typedef struct { 52 unsigned char tag; 53 const SecAsn1Template *templ; 54} NSS_TagChoice; 55 56/* 57 * Generalized Template chooser. 58 */ 59const SecAsn1Template * SecAsn1TaggedTemplateChooser( 60 /* Four args passed to specific SecAsn1TemplateChooser */ 61 void *arg, // currently not used 62 Boolean enc, 63 const char *buf, 64 void *dest, 65 /* array of tag/template pairs */ 66 const NSS_TagChoice *chooser); 67 68// MARK: ----- X509 Name, RDN ------ 69 70/* 71 * ASN class : AttributeTypeAndValue 72 * C struct : NSS_ATV 73 * Roughly corresponds to a CSSM_X509_TYPE_VALUE_PAIR and used 74 * in DirectoryString elements. 75 */ 76 77/* 78 * This type and template process, via SEC_ASN1_DYNAMIC. the following 79 * tagged types: 80 * 81 * SEC_ASN1_PRINTABLE_STRING 82 * SEC_ASN1_TELETEX_STRING 83 * SEC_ASN1_UNIVERSAL_STRING 84 * SEC_ASN1_UTF8_STRING 85 * SEC_ASN1_BMP_STRING 86 * SEC_ASN1_IA5_STRING 87 * 88 * Note that SEC_ASN1_IA5_STRING is not a legal part of a 89 * DirectoryString, but some certs (e.g. the Thawte serverbasic cert) 90 * use this type. 91 */ 92typedef struct { 93 SecAsn1Oid type; 94 NSS_TaggedItem value; 95} NSS_ATV; 96 97/* 98 * ASN class : RelativeDistinguishedName 99 * C struct : NSS_RDN 100 * 101 * Corresponds to CSSM_X509_RDN. 102 */ 103typedef struct { 104 NSS_ATV **atvs; 105} NSS_RDN; 106 107/* 108 * ASN class : Name 109 * C struct : NSS_Name 110 * 111 * Corresponds to CSSM_X509_NAME. 112 */ 113typedef struct { 114 NSS_RDN **rdns; 115} NSS_Name; 116 117extern const SecAsn1Template kSecAsn1ATVTemplate[]; 118extern const SecAsn1Template kSecAsn1RDNTemplate[]; 119extern const SecAsn1Template kSecAsn1NameTemplate[]; 120 121// MARK: ----- OtherName, GeneralizedName ----- 122 123/* 124 * ASN Class : OtherName 125 * C struct : CE_OtherName 126 * 127 * CE_OtherName.value expressed as ASN_ANY, not en/decoded. 128 */ 129extern const SecAsn1Template kSecAsn1OtherNameTemplate[]; 130 131/* 132 * For decoding an OtherName when it's a context-specific CHOICE 133 * of a GeneralName. 134 */ 135extern const SecAsn1Template kSecAsn1GenNameOtherNameTemplate[]; 136 137/* 138 * ASN Class : GeneralName 139 * C struct : NSS_GeneralName, typedefd to an NSS_TaggedItem 140 * 141 * This roughly maps to a CE_GeneralName (from certextensions.h). 142 * The NSS_TaggedItem mechanism is used to resolve choices down 143 * to the SecAsn1Item level - i.e., at this level (prior to encoding 144 * or after decoding), NSS_GeneralName.item either contains a simple 145 * atomic type (IA5String, Octet string) or is raw, un{de,en}coded 146 * ASN_ANY. 147 */ 148typedef NSS_TaggedItem NSS_GeneralName; 149 150/* 151 * These context-specific tag definitions, for use in 152 * NSS_GeneralName.tag, are from the ASN definition and map to 153 * CE_GeneralNameType values from certextensions.h. The values 154 * happen to be equivalent but apps should not count on that - 155 * these NSS_GeneralNameTag values are explicitly assigned per 156 * the ASN spec of a GeneralName. 157 * 158 * Shown with each tag is the simple type the tag maps to. 159 */ 160typedef enum { 161 NGT_OtherName = 0, // ASN_ANY 162 NGT_RFC822Name = 1, // IA5String 163 NGT_DNSName = 2, // IA5String 164 NGT_X400Address = 3, // ASY_ANY 165 NGT_DirectoryName = 4, // ASN_ANY 166 NGT_EdiPartyName = 5, // ASN_ANY 167 NGT_URI = 6, // IA5String 168 NGT_IPAddress = 7, // OCTET_STRING 169 NGT_RegisteredID = 8 // OID 170} NSS_GeneralNameTag; 171 172extern const SecAsn1Template kSecAsn1GeneralNameTemplate[]; 173 174/* 175 * ASN Class : GeneralNames 176 * C struct : NSS_GeneralNames 177 * 178 * Since the SEC_ANY_DYNAMIC mechanism doesn't work with POINTERs 179 * or GROUPs (e.g., a sequence of NSS_GeneralName elements), decoding 180 * an NSS_GeneralNames first requires a decode to an array of 181 * ANY_ANY blobs as shown here. Use SEC_SequenceOfAnyTemplate for 182 * that step. Each of the resulting elements is individually 183 * decoded into an NSS_GeneralName. 184 */ 185typedef struct { 186 SecAsn1Item **names; /* sequence */ 187} NSS_GeneralNames; 188 189#define kSecAsn1GeneralNamesTemplate kSecAsn1SequenceOfAnyTemplate 190 191#ifdef __cplusplus 192} 193#endif 194 195#endif /* _NSS_NAME_TEMPLATES_H_ */ 196