Ruby
2.0.0p247(2013-06-27revision41674)
|
00001 /* 00002 * $Id: ossl_asn1.c 36895 2012-09-04 00:57:31Z nobu $ 00003 * 'OpenSSL for Ruby' team members 00004 * Copyright (C) 2003 00005 * All rights reserved. 00006 */ 00007 /* 00008 * This program is licenced under the same licence as Ruby. 00009 * (See the file 'LICENCE'.) 00010 */ 00011 #include "ossl.h" 00012 00013 #if defined(HAVE_SYS_TIME_H) 00014 # include <sys/time.h> 00015 #elif !defined(NT) && !defined(_WIN32) 00016 struct timeval { 00017 long tv_sec; /* seconds */ 00018 long tv_usec; /* and microseconds */ 00019 }; 00020 #endif 00021 00022 static VALUE join_der(VALUE enumerable); 00023 static VALUE ossl_asn1_decode0(unsigned char **pp, long length, long *offset, 00024 int depth, int yield, long *num_read); 00025 static VALUE ossl_asn1_initialize(int argc, VALUE *argv, VALUE self); 00026 static VALUE ossl_asn1eoc_initialize(VALUE self); 00027 00028 /* 00029 * DATE conversion 00030 */ 00031 VALUE 00032 asn1time_to_time(ASN1_TIME *time) 00033 { 00034 struct tm tm; 00035 VALUE argv[6]; 00036 00037 if (!time || !time->data) return Qnil; 00038 memset(&tm, 0, sizeof(struct tm)); 00039 00040 switch (time->type) { 00041 case V_ASN1_UTCTIME: 00042 if (sscanf((const char *)time->data, "%2d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon, 00043 &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) { 00044 ossl_raise(rb_eTypeError, "bad UTCTIME format"); 00045 } 00046 if (tm.tm_year < 69) { 00047 tm.tm_year += 2000; 00048 } else { 00049 tm.tm_year += 1900; 00050 } 00051 break; 00052 case V_ASN1_GENERALIZEDTIME: 00053 if (sscanf((const char *)time->data, "%4d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon, 00054 &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) { 00055 ossl_raise(rb_eTypeError, "bad GENERALIZEDTIME format" ); 00056 } 00057 break; 00058 default: 00059 rb_warning("unknown time format"); 00060 return Qnil; 00061 } 00062 argv[0] = INT2NUM(tm.tm_year); 00063 argv[1] = INT2NUM(tm.tm_mon); 00064 argv[2] = INT2NUM(tm.tm_mday); 00065 argv[3] = INT2NUM(tm.tm_hour); 00066 argv[4] = INT2NUM(tm.tm_min); 00067 argv[5] = INT2NUM(tm.tm_sec); 00068 00069 return rb_funcall2(rb_cTime, rb_intern("utc"), 6, argv); 00070 } 00071 00072 /* 00073 * This function is not exported in Ruby's *.h 00074 */ 00075 extern struct timeval rb_time_timeval(VALUE); 00076 00077 time_t 00078 time_to_time_t(VALUE time) 00079 { 00080 return (time_t)NUM2LONG(rb_Integer(time)); 00081 } 00082 00083 /* 00084 * STRING conversion 00085 */ 00086 VALUE 00087 asn1str_to_str(ASN1_STRING *str) 00088 { 00089 return rb_str_new((const char *)str->data, str->length); 00090 } 00091 00092 /* 00093 * ASN1_INTEGER conversions 00094 * TODO: Make a decision what's the right way to do this. 00095 */ 00096 #define DO_IT_VIA_RUBY 0 00097 VALUE 00098 asn1integer_to_num(ASN1_INTEGER *ai) 00099 { 00100 BIGNUM *bn; 00101 #if DO_IT_VIA_RUBY 00102 char *txt; 00103 #endif 00104 VALUE num; 00105 00106 if (!ai) { 00107 ossl_raise(rb_eTypeError, "ASN1_INTEGER is NULL!"); 00108 } 00109 if (!(bn = ASN1_INTEGER_to_BN(ai, NULL))) { 00110 ossl_raise(eOSSLError, NULL); 00111 } 00112 #if DO_IT_VIA_RUBY 00113 if (!(txt = BN_bn2dec(bn))) { 00114 BN_free(bn); 00115 ossl_raise(eOSSLError, NULL); 00116 } 00117 num = rb_cstr_to_inum(txt, 10, Qtrue); 00118 OPENSSL_free(txt); 00119 #else 00120 num = ossl_bn_new(bn); 00121 #endif 00122 BN_free(bn); 00123 00124 return num; 00125 } 00126 00127 #if DO_IT_VIA_RUBY 00128 ASN1_INTEGER * 00129 num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai) 00130 { 00131 BIGNUM *bn = NULL; 00132 00133 if (RTEST(rb_obj_is_kind_of(obj, cBN))) { 00134 bn = GetBNPtr(obj); 00135 } else { 00136 obj = rb_String(obj); 00137 if (!BN_dec2bn(&bn, StringValuePtr(obj))) { 00138 ossl_raise(eOSSLError, NULL); 00139 } 00140 } 00141 if (!(ai = BN_to_ASN1_INTEGER(bn, ai))) { 00142 BN_free(bn); 00143 ossl_raise(eOSSLError, NULL); 00144 } 00145 BN_free(bn); 00146 return ai; 00147 } 00148 #else 00149 ASN1_INTEGER * 00150 num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai) 00151 { 00152 BIGNUM *bn; 00153 00154 if (NIL_P(obj)) 00155 ossl_raise(rb_eTypeError, "Can't convert nil into Integer"); 00156 00157 bn = GetBNPtr(obj); 00158 00159 if (!(ai = BN_to_ASN1_INTEGER(bn, ai))) 00160 ossl_raise(eOSSLError, NULL); 00161 00162 return ai; 00163 } 00164 #endif 00165 00166 /********/ 00167 /* 00168 * ASN1 module 00169 */ 00170 #define ossl_asn1_get_value(o) rb_attr_get((o),sivVALUE) 00171 #define ossl_asn1_get_tag(o) rb_attr_get((o),sivTAG) 00172 #define ossl_asn1_get_tagging(o) rb_attr_get((o),sivTAGGING) 00173 #define ossl_asn1_get_tag_class(o) rb_attr_get((o),sivTAG_CLASS) 00174 #define ossl_asn1_get_infinite_length(o) rb_attr_get((o),sivINFINITE_LENGTH) 00175 00176 #define ossl_asn1_set_value(o,v) rb_ivar_set((o),sivVALUE,(v)) 00177 #define ossl_asn1_set_tag(o,v) rb_ivar_set((o),sivTAG,(v)) 00178 #define ossl_asn1_set_tagging(o,v) rb_ivar_set((o),sivTAGGING,(v)) 00179 #define ossl_asn1_set_tag_class(o,v) rb_ivar_set((o),sivTAG_CLASS,(v)) 00180 #define ossl_asn1_set_infinite_length(o,v) rb_ivar_set((o),sivINFINITE_LENGTH,(v)) 00181 00182 VALUE mASN1; 00183 VALUE eASN1Error; 00184 00185 VALUE cASN1Data; 00186 VALUE cASN1Primitive; 00187 VALUE cASN1Constructive; 00188 00189 VALUE cASN1EndOfContent; 00190 VALUE cASN1Boolean; /* BOOLEAN */ 00191 VALUE cASN1Integer, cASN1Enumerated; /* INTEGER */ 00192 VALUE cASN1BitString; /* BIT STRING */ 00193 VALUE cASN1OctetString, cASN1UTF8String; /* STRINGs */ 00194 VALUE cASN1NumericString, cASN1PrintableString; 00195 VALUE cASN1T61String, cASN1VideotexString; 00196 VALUE cASN1IA5String, cASN1GraphicString; 00197 VALUE cASN1ISO64String, cASN1GeneralString; 00198 VALUE cASN1UniversalString, cASN1BMPString; 00199 VALUE cASN1Null; /* NULL */ 00200 VALUE cASN1ObjectId; /* OBJECT IDENTIFIER */ 00201 VALUE cASN1UTCTime, cASN1GeneralizedTime; /* TIME */ 00202 VALUE cASN1Sequence, cASN1Set; /* CONSTRUCTIVE */ 00203 00204 static ID sIMPLICIT, sEXPLICIT; 00205 static ID sUNIVERSAL, sAPPLICATION, sCONTEXT_SPECIFIC, sPRIVATE; 00206 static ID sivVALUE, sivTAG, sivTAG_CLASS, sivTAGGING, sivINFINITE_LENGTH, sivUNUSED_BITS; 00207 00208 /* 00209 * We need to implement these for backward compatibility 00210 * reasons, behavior of ASN1_put_object and ASN1_object_size 00211 * for infinite length values is different in OpenSSL <= 0.9.7 00212 */ 00213 #if OPENSSL_VERSION_NUMBER < 0x00908000L 00214 #define ossl_asn1_object_size(cons, len, tag) (cons) == 2 ? (len) + ASN1_object_size((cons), 0, (tag)) : ASN1_object_size((cons), (len), (tag)) 00215 #define ossl_asn1_put_object(pp, cons, len, tag, xc) (cons) == 2 ? ASN1_put_object((pp), (cons), 0, (tag), (xc)) : ASN1_put_object((pp), (cons), (len), (tag), (xc)) 00216 #else 00217 #define ossl_asn1_object_size(cons, len, tag) ASN1_object_size((cons), (len), (tag)) 00218 #define ossl_asn1_put_object(pp, cons, len, tag, xc) ASN1_put_object((pp), (cons), (len), (tag), (xc)) 00219 #endif 00220 00221 /* 00222 * Ruby to ASN1 converters 00223 */ 00224 static ASN1_BOOLEAN 00225 obj_to_asn1bool(VALUE obj) 00226 { 00227 if (NIL_P(obj)) 00228 ossl_raise(rb_eTypeError, "Can't convert nil into Boolean"); 00229 00230 #if OPENSSL_VERSION_NUMBER < 0x00907000L 00231 return RTEST(obj) ? 0xff : 0x100; 00232 #else 00233 return RTEST(obj) ? 0xff : 0x0; 00234 #endif 00235 } 00236 00237 static ASN1_INTEGER* 00238 obj_to_asn1int(VALUE obj) 00239 { 00240 return num_to_asn1integer(obj, NULL); 00241 } 00242 00243 static ASN1_BIT_STRING* 00244 obj_to_asn1bstr(VALUE obj, long unused_bits) 00245 { 00246 ASN1_BIT_STRING *bstr; 00247 00248 if(unused_bits < 0) unused_bits = 0; 00249 StringValue(obj); 00250 if(!(bstr = ASN1_BIT_STRING_new())) 00251 ossl_raise(eASN1Error, NULL); 00252 ASN1_BIT_STRING_set(bstr, (unsigned char *)RSTRING_PTR(obj), RSTRING_LENINT(obj)); 00253 bstr->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */ 00254 bstr->flags |= ASN1_STRING_FLAG_BITS_LEFT|(unused_bits&0x07); 00255 00256 return bstr; 00257 } 00258 00259 static ASN1_STRING* 00260 obj_to_asn1str(VALUE obj) 00261 { 00262 ASN1_STRING *str; 00263 00264 StringValue(obj); 00265 if(!(str = ASN1_STRING_new())) 00266 ossl_raise(eASN1Error, NULL); 00267 ASN1_STRING_set(str, RSTRING_PTR(obj), RSTRING_LENINT(obj)); 00268 00269 return str; 00270 } 00271 00272 static ASN1_NULL* 00273 obj_to_asn1null(VALUE obj) 00274 { 00275 ASN1_NULL *null; 00276 00277 if(!NIL_P(obj)) 00278 ossl_raise(eASN1Error, "nil expected"); 00279 if(!(null = ASN1_NULL_new())) 00280 ossl_raise(eASN1Error, NULL); 00281 00282 return null; 00283 } 00284 00285 static ASN1_OBJECT* 00286 obj_to_asn1obj(VALUE obj) 00287 { 00288 ASN1_OBJECT *a1obj; 00289 00290 StringValue(obj); 00291 a1obj = OBJ_txt2obj(RSTRING_PTR(obj), 0); 00292 if(!a1obj) a1obj = OBJ_txt2obj(RSTRING_PTR(obj), 1); 00293 if(!a1obj) ossl_raise(eASN1Error, "invalid OBJECT ID"); 00294 00295 return a1obj; 00296 } 00297 00298 static ASN1_UTCTIME* 00299 obj_to_asn1utime(VALUE time) 00300 { 00301 time_t sec; 00302 ASN1_UTCTIME *t; 00303 00304 sec = time_to_time_t(time); 00305 if(!(t = ASN1_UTCTIME_set(NULL, sec))) 00306 ossl_raise(eASN1Error, NULL); 00307 00308 return t; 00309 } 00310 00311 static ASN1_GENERALIZEDTIME* 00312 obj_to_asn1gtime(VALUE time) 00313 { 00314 time_t sec; 00315 ASN1_GENERALIZEDTIME *t; 00316 00317 sec = time_to_time_t(time); 00318 if(!(t =ASN1_GENERALIZEDTIME_set(NULL, sec))) 00319 ossl_raise(eASN1Error, NULL); 00320 00321 return t; 00322 } 00323 00324 static ASN1_STRING* 00325 obj_to_asn1derstr(VALUE obj) 00326 { 00327 ASN1_STRING *a1str; 00328 VALUE str; 00329 00330 str = ossl_to_der(obj); 00331 if(!(a1str = ASN1_STRING_new())) 00332 ossl_raise(eASN1Error, NULL); 00333 ASN1_STRING_set(a1str, RSTRING_PTR(str), RSTRING_LENINT(str)); 00334 00335 return a1str; 00336 } 00337 00338 /* 00339 * DER to Ruby converters 00340 */ 00341 static VALUE 00342 decode_bool(unsigned char* der, long length) 00343 { 00344 int val; 00345 const unsigned char *p; 00346 00347 p = der; 00348 if((val = d2i_ASN1_BOOLEAN(NULL, &p, length)) < 0) 00349 ossl_raise(eASN1Error, NULL); 00350 00351 return val ? Qtrue : Qfalse; 00352 } 00353 00354 static VALUE 00355 decode_int(unsigned char* der, long length) 00356 { 00357 ASN1_INTEGER *ai; 00358 const unsigned char *p; 00359 VALUE ret; 00360 int status = 0; 00361 00362 p = der; 00363 if(!(ai = d2i_ASN1_INTEGER(NULL, &p, length))) 00364 ossl_raise(eASN1Error, NULL); 00365 ret = rb_protect((VALUE(*)_((VALUE)))asn1integer_to_num, 00366 (VALUE)ai, &status); 00367 ASN1_INTEGER_free(ai); 00368 if(status) rb_jump_tag(status); 00369 00370 return ret; 00371 } 00372 00373 static VALUE 00374 decode_bstr(unsigned char* der, long length, long *unused_bits) 00375 { 00376 ASN1_BIT_STRING *bstr; 00377 const unsigned char *p; 00378 long len; 00379 VALUE ret; 00380 00381 p = der; 00382 if(!(bstr = d2i_ASN1_BIT_STRING(NULL, &p, length))) 00383 ossl_raise(eASN1Error, NULL); 00384 len = bstr->length; 00385 *unused_bits = 0; 00386 if(bstr->flags & ASN1_STRING_FLAG_BITS_LEFT) 00387 *unused_bits = bstr->flags & 0x07; 00388 ret = rb_str_new((const char *)bstr->data, len); 00389 ASN1_BIT_STRING_free(bstr); 00390 00391 return ret; 00392 } 00393 00394 static VALUE 00395 decode_enum(unsigned char* der, long length) 00396 { 00397 ASN1_ENUMERATED *ai; 00398 const unsigned char *p; 00399 VALUE ret; 00400 int status = 0; 00401 00402 p = der; 00403 if(!(ai = d2i_ASN1_ENUMERATED(NULL, &p, length))) 00404 ossl_raise(eASN1Error, NULL); 00405 ret = rb_protect((VALUE(*)_((VALUE)))asn1integer_to_num, 00406 (VALUE)ai, &status); 00407 ASN1_ENUMERATED_free(ai); 00408 if(status) rb_jump_tag(status); 00409 00410 return ret; 00411 } 00412 00413 static VALUE 00414 decode_null(unsigned char* der, long length) 00415 { 00416 ASN1_NULL *null; 00417 const unsigned char *p; 00418 00419 p = der; 00420 if(!(null = d2i_ASN1_NULL(NULL, &p, length))) 00421 ossl_raise(eASN1Error, NULL); 00422 ASN1_NULL_free(null); 00423 00424 return Qnil; 00425 } 00426 00427 static VALUE 00428 decode_obj(unsigned char* der, long length) 00429 { 00430 ASN1_OBJECT *obj; 00431 const unsigned char *p; 00432 VALUE ret; 00433 int nid; 00434 BIO *bio; 00435 00436 p = der; 00437 if(!(obj = d2i_ASN1_OBJECT(NULL, &p, length))) 00438 ossl_raise(eASN1Error, NULL); 00439 if((nid = OBJ_obj2nid(obj)) != NID_undef){ 00440 ASN1_OBJECT_free(obj); 00441 ret = rb_str_new2(OBJ_nid2sn(nid)); 00442 } 00443 else{ 00444 if(!(bio = BIO_new(BIO_s_mem()))){ 00445 ASN1_OBJECT_free(obj); 00446 ossl_raise(eASN1Error, NULL); 00447 } 00448 i2a_ASN1_OBJECT(bio, obj); 00449 ASN1_OBJECT_free(obj); 00450 ret = ossl_membio2str(bio); 00451 } 00452 00453 return ret; 00454 } 00455 00456 static VALUE 00457 decode_time(unsigned char* der, long length) 00458 { 00459 ASN1_TIME *time; 00460 const unsigned char *p; 00461 VALUE ret; 00462 int status = 0; 00463 00464 p = der; 00465 if(!(time = d2i_ASN1_TIME(NULL, &p, length))) 00466 ossl_raise(eASN1Error, NULL); 00467 ret = rb_protect((VALUE(*)_((VALUE)))asn1time_to_time, 00468 (VALUE)time, &status); 00469 ASN1_TIME_free(time); 00470 if(status) rb_jump_tag(status); 00471 00472 return ret; 00473 } 00474 00475 static VALUE 00476 decode_eoc(unsigned char *der, long length) 00477 { 00478 if (length != 2 || !(der[0] == 0x00 && der[1] == 0x00)) 00479 ossl_raise(eASN1Error, NULL); 00480 00481 return rb_str_new("", 0); 00482 } 00483 00484 /********/ 00485 00486 typedef struct { 00487 const char *name; 00488 VALUE *klass; 00489 } ossl_asn1_info_t; 00490 00491 static ossl_asn1_info_t ossl_asn1_info[] = { 00492 { "EOC", &cASN1EndOfContent, }, /* 0 */ 00493 { "BOOLEAN", &cASN1Boolean, }, /* 1 */ 00494 { "INTEGER", &cASN1Integer, }, /* 2 */ 00495 { "BIT_STRING", &cASN1BitString, }, /* 3 */ 00496 { "OCTET_STRING", &cASN1OctetString, }, /* 4 */ 00497 { "NULL", &cASN1Null, }, /* 5 */ 00498 { "OBJECT", &cASN1ObjectId, }, /* 6 */ 00499 { "OBJECT_DESCRIPTOR", NULL, }, /* 7 */ 00500 { "EXTERNAL", NULL, }, /* 8 */ 00501 { "REAL", NULL, }, /* 9 */ 00502 { "ENUMERATED", &cASN1Enumerated, }, /* 10 */ 00503 { "EMBEDDED_PDV", NULL, }, /* 11 */ 00504 { "UTF8STRING", &cASN1UTF8String, }, /* 12 */ 00505 { "RELATIVE_OID", NULL, }, /* 13 */ 00506 { "[UNIVERSAL 14]", NULL, }, /* 14 */ 00507 { "[UNIVERSAL 15]", NULL, }, /* 15 */ 00508 { "SEQUENCE", &cASN1Sequence, }, /* 16 */ 00509 { "SET", &cASN1Set, }, /* 17 */ 00510 { "NUMERICSTRING", &cASN1NumericString, }, /* 18 */ 00511 { "PRINTABLESTRING", &cASN1PrintableString, }, /* 19 */ 00512 { "T61STRING", &cASN1T61String, }, /* 20 */ 00513 { "VIDEOTEXSTRING", &cASN1VideotexString, }, /* 21 */ 00514 { "IA5STRING", &cASN1IA5String, }, /* 22 */ 00515 { "UTCTIME", &cASN1UTCTime, }, /* 23 */ 00516 { "GENERALIZEDTIME", &cASN1GeneralizedTime, }, /* 24 */ 00517 { "GRAPHICSTRING", &cASN1GraphicString, }, /* 25 */ 00518 { "ISO64STRING", &cASN1ISO64String, }, /* 26 */ 00519 { "GENERALSTRING", &cASN1GeneralString, }, /* 27 */ 00520 { "UNIVERSALSTRING", &cASN1UniversalString, }, /* 28 */ 00521 { "CHARACTER_STRING", NULL, }, /* 29 */ 00522 { "BMPSTRING", &cASN1BMPString, }, /* 30 */ 00523 }; 00524 00525 int ossl_asn1_info_size = (sizeof(ossl_asn1_info)/sizeof(ossl_asn1_info[0])); 00526 00527 static VALUE class_tag_map; 00528 00529 static int ossl_asn1_default_tag(VALUE obj); 00530 00531 ASN1_TYPE* 00532 ossl_asn1_get_asn1type(VALUE obj) 00533 { 00534 ASN1_TYPE *ret; 00535 VALUE value, rflag; 00536 void *ptr; 00537 void (*free_func)(); 00538 int tag, flag; 00539 00540 tag = ossl_asn1_default_tag(obj); 00541 value = ossl_asn1_get_value(obj); 00542 switch(tag){ 00543 case V_ASN1_BOOLEAN: 00544 ptr = (void*)(VALUE)obj_to_asn1bool(value); 00545 free_func = NULL; 00546 break; 00547 case V_ASN1_INTEGER: /* FALLTHROUGH */ 00548 case V_ASN1_ENUMERATED: 00549 ptr = obj_to_asn1int(value); 00550 free_func = ASN1_INTEGER_free; 00551 break; 00552 case V_ASN1_BIT_STRING: 00553 rflag = rb_attr_get(obj, sivUNUSED_BITS); 00554 flag = NIL_P(rflag) ? -1 : NUM2INT(rflag); 00555 ptr = obj_to_asn1bstr(value, flag); 00556 free_func = ASN1_BIT_STRING_free; 00557 break; 00558 case V_ASN1_NULL: 00559 ptr = obj_to_asn1null(value); 00560 free_func = ASN1_NULL_free; 00561 break; 00562 case V_ASN1_OCTET_STRING: /* FALLTHROUGH */ 00563 case V_ASN1_UTF8STRING: /* FALLTHROUGH */ 00564 case V_ASN1_NUMERICSTRING: /* FALLTHROUGH */ 00565 case V_ASN1_PRINTABLESTRING: /* FALLTHROUGH */ 00566 case V_ASN1_T61STRING: /* FALLTHROUGH */ 00567 case V_ASN1_VIDEOTEXSTRING: /* FALLTHROUGH */ 00568 case V_ASN1_IA5STRING: /* FALLTHROUGH */ 00569 case V_ASN1_GRAPHICSTRING: /* FALLTHROUGH */ 00570 case V_ASN1_ISO64STRING: /* FALLTHROUGH */ 00571 case V_ASN1_GENERALSTRING: /* FALLTHROUGH */ 00572 case V_ASN1_UNIVERSALSTRING: /* FALLTHROUGH */ 00573 case V_ASN1_BMPSTRING: 00574 ptr = obj_to_asn1str(value); 00575 free_func = ASN1_STRING_free; 00576 break; 00577 case V_ASN1_OBJECT: 00578 ptr = obj_to_asn1obj(value); 00579 free_func = ASN1_OBJECT_free; 00580 break; 00581 case V_ASN1_UTCTIME: 00582 ptr = obj_to_asn1utime(value); 00583 free_func = ASN1_TIME_free; 00584 break; 00585 case V_ASN1_GENERALIZEDTIME: 00586 ptr = obj_to_asn1gtime(value); 00587 free_func = ASN1_TIME_free; 00588 break; 00589 case V_ASN1_SET: /* FALLTHROUGH */ 00590 case V_ASN1_SEQUENCE: 00591 ptr = obj_to_asn1derstr(obj); 00592 free_func = ASN1_STRING_free; 00593 break; 00594 default: 00595 ossl_raise(eASN1Error, "unsupported ASN.1 type"); 00596 } 00597 if(!(ret = OPENSSL_malloc(sizeof(ASN1_TYPE)))){ 00598 if(free_func) free_func(ptr); 00599 ossl_raise(eASN1Error, "ASN1_TYPE alloc failure"); 00600 } 00601 memset(ret, 0, sizeof(ASN1_TYPE)); 00602 ASN1_TYPE_set(ret, tag, ptr); 00603 00604 return ret; 00605 } 00606 00607 static int 00608 ossl_asn1_default_tag(VALUE obj) 00609 { 00610 VALUE tmp_class, tag; 00611 00612 tmp_class = CLASS_OF(obj); 00613 while (tmp_class) { 00614 tag = rb_hash_lookup(class_tag_map, tmp_class); 00615 if (tag != Qnil) { 00616 return NUM2INT(tag); 00617 } 00618 tmp_class = rb_class_superclass(tmp_class); 00619 } 00620 ossl_raise(eASN1Error, "universal tag for %s not found", 00621 rb_class2name(CLASS_OF(obj))); 00622 00623 return -1; /* dummy */ 00624 } 00625 00626 static int 00627 ossl_asn1_tag(VALUE obj) 00628 { 00629 VALUE tag; 00630 00631 tag = ossl_asn1_get_tag(obj); 00632 if(NIL_P(tag)) 00633 ossl_raise(eASN1Error, "tag number not specified"); 00634 00635 return NUM2INT(tag); 00636 } 00637 00638 static int 00639 ossl_asn1_is_explicit(VALUE obj) 00640 { 00641 VALUE s; 00642 int ret = -1; 00643 00644 s = ossl_asn1_get_tagging(obj); 00645 if(NIL_P(s)) return 0; 00646 else if(SYMBOL_P(s)){ 00647 if (SYM2ID(s) == sIMPLICIT) 00648 ret = 0; 00649 else if (SYM2ID(s) == sEXPLICIT) 00650 ret = 1; 00651 } 00652 if(ret < 0){ 00653 ossl_raise(eASN1Error, "invalid tag default"); 00654 } 00655 00656 return ret; 00657 } 00658 00659 static int 00660 ossl_asn1_tag_class(VALUE obj) 00661 { 00662 VALUE s; 00663 int ret = -1; 00664 00665 s = ossl_asn1_get_tag_class(obj); 00666 if(NIL_P(s)) ret = V_ASN1_UNIVERSAL; 00667 else if(SYMBOL_P(s)){ 00668 if (SYM2ID(s) == sUNIVERSAL) 00669 ret = V_ASN1_UNIVERSAL; 00670 else if (SYM2ID(s) == sAPPLICATION) 00671 ret = V_ASN1_APPLICATION; 00672 else if (SYM2ID(s) == sCONTEXT_SPECIFIC) 00673 ret = V_ASN1_CONTEXT_SPECIFIC; 00674 else if (SYM2ID(s) == sPRIVATE) 00675 ret = V_ASN1_PRIVATE; 00676 } 00677 if(ret < 0){ 00678 ossl_raise(eASN1Error, "invalid tag class"); 00679 } 00680 00681 return ret; 00682 } 00683 00684 static VALUE 00685 ossl_asn1_class2sym(int tc) 00686 { 00687 if((tc & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) 00688 return ID2SYM(sPRIVATE); 00689 else if((tc & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC) 00690 return ID2SYM(sCONTEXT_SPECIFIC); 00691 else if((tc & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) 00692 return ID2SYM(sAPPLICATION); 00693 else 00694 return ID2SYM(sUNIVERSAL); 00695 } 00696 00697 /* 00698 * call-seq: 00699 * OpenSSL::ASN1::ASN1Data.new(value, tag, tag_class) => ASN1Data 00700 * 00701 * +value+: Please have a look at Constructive and Primitive to see how Ruby 00702 * types are mapped to ASN.1 types and vice versa. 00703 * 00704 * +tag+: A +Number+ indicating the tag number. 00705 * 00706 * +tag_class+: A +Symbol+ indicating the tag class. Please cf. ASN1 for 00707 * possible values. 00708 * 00709 * == Example 00710 * asn1_int = OpenSSL::ASN1Data.new(42, 2, :UNIVERSAL) # => Same as OpenSSL::ASN1::Integer.new(42) 00711 * tagged_int = OpenSSL::ASN1Data.new(42, 0, :CONTEXT_SPECIFIC) # implicitly 0-tagged INTEGER 00712 */ 00713 static VALUE 00714 ossl_asn1data_initialize(VALUE self, VALUE value, VALUE tag, VALUE tag_class) 00715 { 00716 if(!SYMBOL_P(tag_class)) 00717 ossl_raise(eASN1Error, "invalid tag class"); 00718 if((SYM2ID(tag_class) == sUNIVERSAL) && NUM2INT(tag) > 31) 00719 ossl_raise(eASN1Error, "tag number for Universal too large"); 00720 ossl_asn1_set_tag(self, tag); 00721 ossl_asn1_set_value(self, value); 00722 ossl_asn1_set_tag_class(self, tag_class); 00723 ossl_asn1_set_infinite_length(self, Qfalse); 00724 00725 return self; 00726 } 00727 00728 static VALUE 00729 join_der_i(VALUE i, VALUE str) 00730 { 00731 i = ossl_to_der_if_possible(i); 00732 StringValue(i); 00733 rb_str_append(str, i); 00734 return Qnil; 00735 } 00736 00737 static VALUE 00738 join_der(VALUE enumerable) 00739 { 00740 VALUE str = rb_str_new(0, 0); 00741 rb_block_call(enumerable, rb_intern("each"), 0, 0, join_der_i, str); 00742 return str; 00743 } 00744 00745 /* 00746 * call-seq: 00747 * asn1.to_der => DER-encoded String 00748 * 00749 * Encodes this ASN1Data into a DER-encoded String value. The result is 00750 * DER-encoded except for the possibility of infinite length encodings. 00751 * Infinite length encodings are not allowed in strict DER, so strictly 00752 * speaking the result of such an encoding would be a BER-encoding. 00753 */ 00754 static VALUE 00755 ossl_asn1data_to_der(VALUE self) 00756 { 00757 VALUE value, der, inf_length; 00758 int tag, tag_class, is_cons = 0; 00759 long length; 00760 unsigned char *p; 00761 00762 value = ossl_asn1_get_value(self); 00763 if(rb_obj_is_kind_of(value, rb_cArray)){ 00764 is_cons = 1; 00765 value = join_der(value); 00766 } 00767 StringValue(value); 00768 00769 tag = ossl_asn1_tag(self); 00770 tag_class = ossl_asn1_tag_class(self); 00771 inf_length = ossl_asn1_get_infinite_length(self); 00772 if (inf_length == Qtrue) { 00773 is_cons = 2; 00774 } 00775 if((length = ossl_asn1_object_size(is_cons, RSTRING_LENINT(value), tag)) <= 0) 00776 ossl_raise(eASN1Error, NULL); 00777 der = rb_str_new(0, length); 00778 p = (unsigned char *)RSTRING_PTR(der); 00779 ossl_asn1_put_object(&p, is_cons, RSTRING_LENINT(value), tag, tag_class); 00780 memcpy(p, RSTRING_PTR(value), RSTRING_LEN(value)); 00781 p += RSTRING_LEN(value); 00782 ossl_str_adjust(der, p); 00783 00784 return der; 00785 } 00786 00787 static VALUE 00788 int_ossl_asn1_decode0_prim(unsigned char **pp, long length, long hlen, int tag, 00789 VALUE tc, long *num_read) 00790 { 00791 VALUE value, asn1data; 00792 unsigned char *p; 00793 long flag = 0; 00794 00795 p = *pp; 00796 00797 if(tc == sUNIVERSAL && tag < ossl_asn1_info_size) { 00798 switch(tag){ 00799 case V_ASN1_EOC: 00800 value = decode_eoc(p, hlen+length); 00801 break; 00802 case V_ASN1_BOOLEAN: 00803 value = decode_bool(p, hlen+length); 00804 break; 00805 case V_ASN1_INTEGER: 00806 value = decode_int(p, hlen+length); 00807 break; 00808 case V_ASN1_BIT_STRING: 00809 value = decode_bstr(p, hlen+length, &flag); 00810 break; 00811 case V_ASN1_NULL: 00812 value = decode_null(p, hlen+length); 00813 break; 00814 case V_ASN1_ENUMERATED: 00815 value = decode_enum(p, hlen+length); 00816 break; 00817 case V_ASN1_OBJECT: 00818 value = decode_obj(p, hlen+length); 00819 break; 00820 case V_ASN1_UTCTIME: /* FALLTHROUGH */ 00821 case V_ASN1_GENERALIZEDTIME: 00822 value = decode_time(p, hlen+length); 00823 break; 00824 default: 00825 /* use original value */ 00826 p += hlen; 00827 value = rb_str_new((const char *)p, length); 00828 break; 00829 } 00830 } 00831 else { 00832 p += hlen; 00833 value = rb_str_new((const char *)p, length); 00834 } 00835 00836 *pp += hlen + length; 00837 *num_read = hlen + length; 00838 00839 if (tc == sUNIVERSAL && tag < ossl_asn1_info_size && ossl_asn1_info[tag].klass) { 00840 VALUE klass = *ossl_asn1_info[tag].klass; 00841 VALUE args[4]; 00842 args[0] = value; 00843 args[1] = INT2NUM(tag); 00844 args[2] = Qnil; 00845 args[3] = ID2SYM(tc); 00846 asn1data = rb_obj_alloc(klass); 00847 ossl_asn1_initialize(4, args, asn1data); 00848 if(tag == V_ASN1_BIT_STRING){ 00849 rb_ivar_set(asn1data, sivUNUSED_BITS, LONG2NUM(flag)); 00850 } 00851 } 00852 else { 00853 asn1data = rb_obj_alloc(cASN1Data); 00854 ossl_asn1data_initialize(asn1data, value, INT2NUM(tag), ID2SYM(tc)); 00855 } 00856 00857 return asn1data; 00858 } 00859 00860 static VALUE 00861 int_ossl_asn1_decode0_cons(unsigned char **pp, long max_len, long length, 00862 long *offset, int depth, int yield, int j, 00863 int tag, VALUE tc, long *num_read) 00864 { 00865 VALUE value, asn1data, ary; 00866 int infinite; 00867 long off = *offset; 00868 00869 infinite = (j == 0x21); 00870 ary = rb_ary_new(); 00871 00872 while (length > 0 || infinite) { 00873 long inner_read = 0; 00874 value = ossl_asn1_decode0(pp, max_len, &off, depth + 1, yield, &inner_read); 00875 *num_read += inner_read; 00876 max_len -= inner_read; 00877 rb_ary_push(ary, value); 00878 if (length > 0) 00879 length -= inner_read; 00880 00881 if (infinite && 00882 NUM2INT(ossl_asn1_get_tag(value)) == V_ASN1_EOC && 00883 SYM2ID(ossl_asn1_get_tag_class(value)) == sUNIVERSAL) { 00884 break; 00885 } 00886 } 00887 00888 if (tc == sUNIVERSAL) { 00889 VALUE args[4]; 00890 int not_sequence_or_set; 00891 00892 not_sequence_or_set = tag != V_ASN1_SEQUENCE && tag != V_ASN1_SET; 00893 00894 if (not_sequence_or_set) { 00895 if (infinite) { 00896 asn1data = rb_obj_alloc(cASN1Constructive); 00897 } 00898 else { 00899 ossl_raise(eASN1Error, "invalid non-infinite tag"); 00900 return Qnil; 00901 } 00902 } 00903 else { 00904 VALUE klass = *ossl_asn1_info[tag].klass; 00905 asn1data = rb_obj_alloc(klass); 00906 } 00907 args[0] = ary; 00908 args[1] = INT2NUM(tag); 00909 args[2] = Qnil; 00910 args[3] = ID2SYM(tc); 00911 ossl_asn1_initialize(4, args, asn1data); 00912 } 00913 else { 00914 asn1data = rb_obj_alloc(cASN1Data); 00915 ossl_asn1data_initialize(asn1data, ary, INT2NUM(tag), ID2SYM(tc)); 00916 } 00917 00918 if (infinite) 00919 ossl_asn1_set_infinite_length(asn1data, Qtrue); 00920 else 00921 ossl_asn1_set_infinite_length(asn1data, Qfalse); 00922 00923 *offset = off; 00924 return asn1data; 00925 } 00926 00927 static VALUE 00928 ossl_asn1_decode0(unsigned char **pp, long length, long *offset, int depth, 00929 int yield, long *num_read) 00930 { 00931 unsigned char *start, *p; 00932 const unsigned char *p0; 00933 long len = 0, inner_read = 0, off = *offset, hlen; 00934 int tag, tc, j; 00935 VALUE asn1data, tag_class; 00936 00937 p = *pp; 00938 start = p; 00939 p0 = p; 00940 j = ASN1_get_object(&p0, &len, &tag, &tc, length); 00941 p = (unsigned char *)p0; 00942 if(j & 0x80) ossl_raise(eASN1Error, NULL); 00943 if(len > length) ossl_raise(eASN1Error, "value is too short"); 00944 if((tc & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) 00945 tag_class = sPRIVATE; 00946 else if((tc & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC) 00947 tag_class = sCONTEXT_SPECIFIC; 00948 else if((tc & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) 00949 tag_class = sAPPLICATION; 00950 else 00951 tag_class = sUNIVERSAL; 00952 00953 hlen = p - start; 00954 00955 if(yield) { 00956 VALUE arg = rb_ary_new(); 00957 rb_ary_push(arg, LONG2NUM(depth)); 00958 rb_ary_push(arg, LONG2NUM(*offset)); 00959 rb_ary_push(arg, LONG2NUM(hlen)); 00960 rb_ary_push(arg, LONG2NUM(len)); 00961 rb_ary_push(arg, (j & V_ASN1_CONSTRUCTED) ? Qtrue : Qfalse); 00962 rb_ary_push(arg, ossl_asn1_class2sym(tc)); 00963 rb_ary_push(arg, INT2NUM(tag)); 00964 rb_yield(arg); 00965 } 00966 00967 if(j & V_ASN1_CONSTRUCTED) { 00968 *pp += hlen; 00969 off += hlen; 00970 asn1data = int_ossl_asn1_decode0_cons(pp, length, len, &off, depth, yield, j, tag, tag_class, &inner_read); 00971 inner_read += hlen; 00972 } 00973 else { 00974 if ((j & 0x01) && (len == 0)) ossl_raise(eASN1Error, "Infinite length for primitive value"); 00975 asn1data = int_ossl_asn1_decode0_prim(pp, len, hlen, tag, tag_class, &inner_read); 00976 off += hlen + len; 00977 } 00978 if (num_read) 00979 *num_read = inner_read; 00980 if (len != 0 && inner_read != hlen + len) { 00981 ossl_raise(eASN1Error, 00982 "Type mismatch. Bytes read: %ld Bytes available: %ld", 00983 inner_read, hlen + len); 00984 } 00985 00986 *offset = off; 00987 return asn1data; 00988 } 00989 00990 static void 00991 int_ossl_decode_sanity_check(long len, long read, long offset) 00992 { 00993 if (len != 0 && (read != len || offset != len)) { 00994 ossl_raise(eASN1Error, 00995 "Type mismatch. Total bytes read: %ld Bytes available: %ld Offset: %ld", 00996 read, len, offset); 00997 } 00998 } 00999 01000 /* 01001 * call-seq: 01002 * OpenSSL::ASN1.traverse(asn1) -> nil 01003 * 01004 * If a block is given, it prints out each of the elements encountered. 01005 * Block parameters are (in that order): 01006 * * depth: The recursion depth, plus one with each constructed value being encountered (Number) 01007 * * offset: Current byte offset (Number) 01008 * * header length: Combined length in bytes of the Tag and Length headers. (Number) 01009 * * length: The overall remaining length of the entire data (Number) 01010 * * constructed: Whether this value is constructed or not (Boolean) 01011 * * tag_class: Current tag class (Symbol) 01012 * * tag: The current tag (Number) 01013 * 01014 * == Example 01015 * der = File.binread('asn1data.der') 01016 * OpenSSL::ASN1.traverse(der) do | depth, offset, header_len, length, constructed, tag_class, tag| 01017 * puts "Depth: #{depth} Offset: #{offset} Length: #{length}" 01018 * puts "Header length: #{header_len} Tag: #{tag} Tag class: #{tag_class} Constructed: #{constructed}" 01019 * end 01020 */ 01021 static VALUE 01022 ossl_asn1_traverse(VALUE self, VALUE obj) 01023 { 01024 unsigned char *p; 01025 volatile VALUE tmp; 01026 long len, read = 0, offset = 0; 01027 01028 obj = ossl_to_der_if_possible(obj); 01029 tmp = rb_str_new4(StringValue(obj)); 01030 p = (unsigned char *)RSTRING_PTR(tmp); 01031 len = RSTRING_LEN(tmp); 01032 ossl_asn1_decode0(&p, len, &offset, 0, 1, &read); 01033 int_ossl_decode_sanity_check(len, read, offset); 01034 return Qnil; 01035 } 01036 01037 /* 01038 * call-seq: 01039 * OpenSSL::ASN1.decode(der) -> ASN1Data 01040 * 01041 * Decodes a BER- or DER-encoded value and creates an ASN1Data instance. +der+ 01042 * may be a +String+ or any object that features a +#to_der+ method transforming 01043 * it into a BER-/DER-encoded +String+. 01044 * 01045 * == Example 01046 * der = File.binread('asn1data') 01047 * asn1 = OpenSSL::ASN1.decode(der) 01048 */ 01049 static VALUE 01050 ossl_asn1_decode(VALUE self, VALUE obj) 01051 { 01052 VALUE ret; 01053 unsigned char *p; 01054 volatile VALUE tmp; 01055 long len, read = 0, offset = 0; 01056 01057 obj = ossl_to_der_if_possible(obj); 01058 tmp = rb_str_new4(StringValue(obj)); 01059 p = (unsigned char *)RSTRING_PTR(tmp); 01060 len = RSTRING_LEN(tmp); 01061 ret = ossl_asn1_decode0(&p, len, &offset, 0, 0, &read); 01062 int_ossl_decode_sanity_check(len, read, offset); 01063 return ret; 01064 } 01065 01066 /* 01067 * call-seq: 01068 * OpenSSL::ASN1.decode_all(der) -> Array of ASN1Data 01069 * 01070 * Similar to +decode+ with the difference that +decode+ expects one 01071 * distinct value represented in +der+. +decode_all+ on the contrary 01072 * decodes a sequence of sequential BER/DER values lined up in +der+ 01073 * and returns them as an array. 01074 * 01075 * == Example 01076 * ders = File.binread('asn1data_seq') 01077 * asn1_ary = OpenSSL::ASN1.decode_all(ders) 01078 */ 01079 static VALUE 01080 ossl_asn1_decode_all(VALUE self, VALUE obj) 01081 { 01082 VALUE ary, val; 01083 unsigned char *p; 01084 long len, tmp_len = 0, read = 0, offset = 0; 01085 volatile VALUE tmp; 01086 01087 obj = ossl_to_der_if_possible(obj); 01088 tmp = rb_str_new4(StringValue(obj)); 01089 p = (unsigned char *)RSTRING_PTR(tmp); 01090 len = RSTRING_LEN(tmp); 01091 tmp_len = len; 01092 ary = rb_ary_new(); 01093 while (tmp_len > 0) { 01094 long tmp_read = 0; 01095 val = ossl_asn1_decode0(&p, tmp_len, &offset, 0, 0, &tmp_read); 01096 rb_ary_push(ary, val); 01097 read += tmp_read; 01098 tmp_len -= tmp_read; 01099 } 01100 int_ossl_decode_sanity_check(len, read, offset); 01101 return ary; 01102 } 01103 01104 /* 01105 * call-seq: 01106 * OpenSSL::ASN1::Primitive.new( value [, tag, tagging, tag_class ]) => Primitive 01107 * 01108 * +value+: is mandatory. 01109 * 01110 * +tag+: optional, may be specified for tagged values. If no +tag+ is 01111 * specified, the UNIVERSAL tag corresponding to the Primitive sub-class 01112 * is used by default. 01113 * 01114 * +tagging+: may be used as an encoding hint to encode a value either 01115 * explicitly or implicitly, see ASN1 for possible values. 01116 * 01117 * +tag_class+: if +tag+ and +tagging+ are +nil+ then this is set to 01118 * +:UNIVERSAL+ by default. If either +tag+ or +tagging+ are set then 01119 * +:CONTEXT_SPECIFIC+ is used as the default. For possible values please 01120 * cf. ASN1. 01121 * 01122 * == Example 01123 * int = OpenSSL::ASN1::Integer.new(42) 01124 * zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :IMPLICIT) 01125 * private_explicit_zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :EXPLICIT, :PRIVATE) 01126 */ 01127 static VALUE 01128 ossl_asn1_initialize(int argc, VALUE *argv, VALUE self) 01129 { 01130 VALUE value, tag, tagging, tag_class; 01131 01132 rb_scan_args(argc, argv, "13", &value, &tag, &tagging, &tag_class); 01133 if(argc > 1){ 01134 if(NIL_P(tag)) 01135 ossl_raise(eASN1Error, "must specify tag number"); 01136 if(!NIL_P(tagging) && !SYMBOL_P(tagging)) 01137 ossl_raise(eASN1Error, "invalid tagging method"); 01138 if(NIL_P(tag_class)) { 01139 if (NIL_P(tagging)) 01140 tag_class = ID2SYM(sUNIVERSAL); 01141 else 01142 tag_class = ID2SYM(sCONTEXT_SPECIFIC); 01143 } 01144 if(!SYMBOL_P(tag_class)) 01145 ossl_raise(eASN1Error, "invalid tag class"); 01146 if(SYM2ID(tagging) == sIMPLICIT && NUM2INT(tag) > 31) 01147 ossl_raise(eASN1Error, "tag number for Universal too large"); 01148 } 01149 else{ 01150 tag = INT2NUM(ossl_asn1_default_tag(self)); 01151 tagging = Qnil; 01152 tag_class = ID2SYM(sUNIVERSAL); 01153 } 01154 ossl_asn1_set_tag(self, tag); 01155 ossl_asn1_set_value(self, value); 01156 ossl_asn1_set_tagging(self, tagging); 01157 ossl_asn1_set_tag_class(self, tag_class); 01158 ossl_asn1_set_infinite_length(self, Qfalse); 01159 01160 return self; 01161 } 01162 01163 static VALUE 01164 ossl_asn1eoc_initialize(VALUE self) { 01165 VALUE tag, tagging, tag_class, value; 01166 tag = INT2NUM(ossl_asn1_default_tag(self)); 01167 tagging = Qnil; 01168 tag_class = ID2SYM(sUNIVERSAL); 01169 value = rb_str_new("", 0); 01170 ossl_asn1_set_tag(self, tag); 01171 ossl_asn1_set_value(self, value); 01172 ossl_asn1_set_tagging(self, tagging); 01173 ossl_asn1_set_tag_class(self, tag_class); 01174 ossl_asn1_set_infinite_length(self, Qfalse); 01175 return self; 01176 } 01177 01178 static int 01179 ossl_i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp) 01180 { 01181 #if OPENSSL_VERSION_NUMBER < 0x00907000L 01182 if(!a) return 0; 01183 if(a->type == V_ASN1_BOOLEAN) 01184 return i2d_ASN1_BOOLEAN(a->value.boolean, pp); 01185 #endif 01186 return i2d_ASN1_TYPE(a, pp); 01187 } 01188 01189 static void 01190 ossl_ASN1_TYPE_free(ASN1_TYPE *a) 01191 { 01192 #if OPENSSL_VERSION_NUMBER < 0x00907000L 01193 if(!a) return; 01194 if(a->type == V_ASN1_BOOLEAN){ 01195 OPENSSL_free(a); 01196 return; 01197 } 01198 #endif 01199 ASN1_TYPE_free(a); 01200 } 01201 01202 /* 01203 * call-seq: 01204 * asn1.to_der => DER-encoded String 01205 * 01206 * See ASN1Data#to_der for details. * 01207 */ 01208 static VALUE 01209 ossl_asn1prim_to_der(VALUE self) 01210 { 01211 ASN1_TYPE *asn1; 01212 int tn, tc, explicit; 01213 long len, reallen; 01214 unsigned char *buf, *p; 01215 VALUE str; 01216 01217 tn = NUM2INT(ossl_asn1_get_tag(self)); 01218 tc = ossl_asn1_tag_class(self); 01219 explicit = ossl_asn1_is_explicit(self); 01220 asn1 = ossl_asn1_get_asn1type(self); 01221 01222 len = ossl_asn1_object_size(1, ossl_i2d_ASN1_TYPE(asn1, NULL), tn); 01223 if(!(buf = OPENSSL_malloc(len))){ 01224 ossl_ASN1_TYPE_free(asn1); 01225 ossl_raise(eASN1Error, "cannot alloc buffer"); 01226 } 01227 p = buf; 01228 if (tc == V_ASN1_UNIVERSAL) { 01229 ossl_i2d_ASN1_TYPE(asn1, &p); 01230 } else if (explicit) { 01231 ossl_asn1_put_object(&p, 1, ossl_i2d_ASN1_TYPE(asn1, NULL), tn, tc); 01232 ossl_i2d_ASN1_TYPE(asn1, &p); 01233 } else { 01234 ossl_i2d_ASN1_TYPE(asn1, &p); 01235 *buf = tc | tn | (*buf & V_ASN1_CONSTRUCTED); 01236 } 01237 ossl_ASN1_TYPE_free(asn1); 01238 reallen = p - buf; 01239 assert(reallen <= len); 01240 str = ossl_buf2str((char *)buf, rb_long2int(reallen)); /* buf will be free in ossl_buf2str */ 01241 01242 return str; 01243 } 01244 01245 /* 01246 * call-seq: 01247 * asn1.to_der => DER-encoded String 01248 * 01249 * See ASN1Data#to_der for details. 01250 */ 01251 static VALUE 01252 ossl_asn1cons_to_der(VALUE self) 01253 { 01254 int tag, tn, tc, explicit, constructed = 1; 01255 int found_prim = 0, seq_len; 01256 long length; 01257 unsigned char *p; 01258 VALUE value, str, inf_length; 01259 01260 tn = NUM2INT(ossl_asn1_get_tag(self)); 01261 tc = ossl_asn1_tag_class(self); 01262 inf_length = ossl_asn1_get_infinite_length(self); 01263 if (inf_length == Qtrue) { 01264 VALUE ary, example; 01265 constructed = 2; 01266 if (CLASS_OF(self) == cASN1Sequence || 01267 CLASS_OF(self) == cASN1Set) { 01268 tag = ossl_asn1_default_tag(self); 01269 } 01270 else { /* must be a constructive encoding of a primitive value */ 01271 ary = ossl_asn1_get_value(self); 01272 if (!rb_obj_is_kind_of(ary, rb_cArray)) 01273 ossl_raise(eASN1Error, "Constructive value must be an Array"); 01274 /* Recursively descend until a primitive value is found. 01275 The overall value of the entire constructed encoding 01276 is of the type of the first primitive encoding to be 01277 found. */ 01278 while (!found_prim){ 01279 example = rb_ary_entry(ary, 0); 01280 if (rb_obj_is_kind_of(example, cASN1Primitive)){ 01281 found_prim = 1; 01282 } 01283 else { 01284 /* example is another ASN1Constructive */ 01285 if (!rb_obj_is_kind_of(example, cASN1Constructive)){ 01286 ossl_raise(eASN1Error, "invalid constructed encoding"); 01287 return Qnil; /* dummy */ 01288 } 01289 ary = ossl_asn1_get_value(example); 01290 } 01291 } 01292 tag = ossl_asn1_default_tag(example); 01293 } 01294 } 01295 else { 01296 if (CLASS_OF(self) == cASN1Constructive) 01297 ossl_raise(eASN1Error, "Constructive shall only be used with infinite length"); 01298 tag = ossl_asn1_default_tag(self); 01299 } 01300 explicit = ossl_asn1_is_explicit(self); 01301 value = join_der(ossl_asn1_get_value(self)); 01302 01303 seq_len = ossl_asn1_object_size(constructed, RSTRING_LENINT(value), tag); 01304 length = ossl_asn1_object_size(constructed, seq_len, tn); 01305 str = rb_str_new(0, length); 01306 p = (unsigned char *)RSTRING_PTR(str); 01307 if(tc == V_ASN1_UNIVERSAL) 01308 ossl_asn1_put_object(&p, constructed, RSTRING_LENINT(value), tn, tc); 01309 else{ 01310 if(explicit){ 01311 ossl_asn1_put_object(&p, constructed, seq_len, tn, tc); 01312 ossl_asn1_put_object(&p, constructed, RSTRING_LENINT(value), tag, V_ASN1_UNIVERSAL); 01313 } 01314 else{ 01315 ossl_asn1_put_object(&p, constructed, RSTRING_LENINT(value), tn, tc); 01316 } 01317 } 01318 memcpy(p, RSTRING_PTR(value), RSTRING_LEN(value)); 01319 p += RSTRING_LEN(value); 01320 01321 /* In this case we need an additional EOC (one for the explicit part and 01322 * one for the Constructive itself. The EOC for the Constructive is 01323 * supplied by the user, but that for the "explicit wrapper" must be 01324 * added here. 01325 */ 01326 if (explicit && inf_length == Qtrue) { 01327 ASN1_put_eoc(&p); 01328 } 01329 ossl_str_adjust(str, p); 01330 01331 return str; 01332 } 01333 01334 /* 01335 * call-seq: 01336 * asn1_ary.each { |asn1| block } => asn1_ary 01337 * 01338 * Calls <i>block</i> once for each element in +self+, passing that element 01339 * as parameter +asn1+. If no block is given, an enumerator is returned 01340 * instead. 01341 * 01342 * == Example 01343 * asn1_ary.each do |asn1| 01344 * puts asn1 01345 * end 01346 */ 01347 static VALUE 01348 ossl_asn1cons_each(VALUE self) 01349 { 01350 rb_ary_each(ossl_asn1_get_value(self)); 01351 return self; 01352 } 01353 01354 static VALUE 01355 ossl_asn1obj_s_register(VALUE self, VALUE oid, VALUE sn, VALUE ln) 01356 { 01357 StringValue(oid); 01358 StringValue(sn); 01359 StringValue(ln); 01360 01361 if(!OBJ_create(RSTRING_PTR(oid), RSTRING_PTR(sn), RSTRING_PTR(ln))) 01362 ossl_raise(eASN1Error, NULL); 01363 01364 return Qtrue; 01365 } 01366 01367 static VALUE 01368 ossl_asn1obj_get_sn(VALUE self) 01369 { 01370 VALUE val, ret = Qnil; 01371 int nid; 01372 01373 val = ossl_asn1_get_value(self); 01374 if ((nid = OBJ_txt2nid(StringValuePtr(val))) != NID_undef) 01375 ret = rb_str_new2(OBJ_nid2sn(nid)); 01376 01377 return ret; 01378 } 01379 01380 static VALUE 01381 ossl_asn1obj_get_ln(VALUE self) 01382 { 01383 VALUE val, ret = Qnil; 01384 int nid; 01385 01386 val = ossl_asn1_get_value(self); 01387 if ((nid = OBJ_txt2nid(StringValuePtr(val))) != NID_undef) 01388 ret = rb_str_new2(OBJ_nid2ln(nid)); 01389 01390 return ret; 01391 } 01392 01393 static VALUE 01394 ossl_asn1obj_get_oid(VALUE self) 01395 { 01396 VALUE val; 01397 ASN1_OBJECT *a1obj; 01398 char buf[128]; 01399 01400 val = ossl_asn1_get_value(self); 01401 a1obj = obj_to_asn1obj(val); 01402 OBJ_obj2txt(buf, sizeof(buf), a1obj, 1); 01403 ASN1_OBJECT_free(a1obj); 01404 01405 return rb_str_new2(buf); 01406 } 01407 01408 #define OSSL_ASN1_IMPL_FACTORY_METHOD(klass) \ 01409 static VALUE ossl_asn1_##klass(int argc, VALUE *argv, VALUE self)\ 01410 { return rb_funcall3(cASN1##klass, rb_intern("new"), argc, argv); } 01411 01412 OSSL_ASN1_IMPL_FACTORY_METHOD(Boolean) 01413 OSSL_ASN1_IMPL_FACTORY_METHOD(Integer) 01414 OSSL_ASN1_IMPL_FACTORY_METHOD(Enumerated) 01415 OSSL_ASN1_IMPL_FACTORY_METHOD(BitString) 01416 OSSL_ASN1_IMPL_FACTORY_METHOD(OctetString) 01417 OSSL_ASN1_IMPL_FACTORY_METHOD(UTF8String) 01418 OSSL_ASN1_IMPL_FACTORY_METHOD(NumericString) 01419 OSSL_ASN1_IMPL_FACTORY_METHOD(PrintableString) 01420 OSSL_ASN1_IMPL_FACTORY_METHOD(T61String) 01421 OSSL_ASN1_IMPL_FACTORY_METHOD(VideotexString) 01422 OSSL_ASN1_IMPL_FACTORY_METHOD(IA5String) 01423 OSSL_ASN1_IMPL_FACTORY_METHOD(GraphicString) 01424 OSSL_ASN1_IMPL_FACTORY_METHOD(ISO64String) 01425 OSSL_ASN1_IMPL_FACTORY_METHOD(GeneralString) 01426 OSSL_ASN1_IMPL_FACTORY_METHOD(UniversalString) 01427 OSSL_ASN1_IMPL_FACTORY_METHOD(BMPString) 01428 OSSL_ASN1_IMPL_FACTORY_METHOD(Null) 01429 OSSL_ASN1_IMPL_FACTORY_METHOD(ObjectId) 01430 OSSL_ASN1_IMPL_FACTORY_METHOD(UTCTime) 01431 OSSL_ASN1_IMPL_FACTORY_METHOD(GeneralizedTime) 01432 OSSL_ASN1_IMPL_FACTORY_METHOD(Sequence) 01433 OSSL_ASN1_IMPL_FACTORY_METHOD(Set) 01434 OSSL_ASN1_IMPL_FACTORY_METHOD(EndOfContent) 01435 01436 void 01437 Init_ossl_asn1() 01438 { 01439 VALUE ary; 01440 int i; 01441 01442 #if 0 01443 mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ 01444 #endif 01445 01446 sUNIVERSAL = rb_intern("UNIVERSAL"); 01447 sCONTEXT_SPECIFIC = rb_intern("CONTEXT_SPECIFIC"); 01448 sAPPLICATION = rb_intern("APPLICATION"); 01449 sPRIVATE = rb_intern("PRIVATE"); 01450 sEXPLICIT = rb_intern("EXPLICIT"); 01451 sIMPLICIT = rb_intern("IMPLICIT"); 01452 01453 sivVALUE = rb_intern("@value"); 01454 sivTAG = rb_intern("@tag"); 01455 sivTAGGING = rb_intern("@tagging"); 01456 sivTAG_CLASS = rb_intern("@tag_class"); 01457 sivINFINITE_LENGTH = rb_intern("@infinite_length"); 01458 sivUNUSED_BITS = rb_intern("@unused_bits"); 01459 01460 /* 01461 * Document-module: OpenSSL::ASN1 01462 * 01463 * Abstract Syntax Notation One (or ASN.1) is a notation syntax to 01464 * describe data structures and is defined in ITU-T X.680. ASN.1 itself 01465 * does not mandate any encoding or parsing rules, but usually ASN.1 data 01466 * structures are encoded using the Distinguished Encoding Rules (DER) or 01467 * less often the Basic Encoding Rules (BER) described in ITU-T X.690. DER 01468 * and BER encodings are binary Tag-Length-Value (TLV) encodings that are 01469 * quite concise compared to other popular data description formats such 01470 * as XML, JSON etc. 01471 * ASN.1 data structures are very common in cryptographic applications, 01472 * e.g. X.509 public key certificates or certificate revocation lists 01473 * (CRLs) are all defined in ASN.1 and DER-encoded. ASN.1, DER and BER are 01474 * the building blocks of applied cryptography. 01475 * The ASN1 module provides the necessary classes that allow generation 01476 * of ASN.1 data structures and the methods to encode them using a DER 01477 * encoding. The decode method allows parsing arbitrary BER-/DER-encoded 01478 * data to a Ruby object that can then be modified and re-encoded at will. 01479 * 01480 * == ASN.1 class hierarchy 01481 * 01482 * The base class representing ASN.1 structures is ASN1Data. ASN1Data offers 01483 * attributes to read and set the +tag+, the +tag_class+ and finally the 01484 * +value+ of a particular ASN.1 item. Upon parsing, any tagged values 01485 * (implicit or explicit) will be represented by ASN1Data instances because 01486 * their "real type" can only be determined using out-of-band information 01487 * from the ASN.1 type declaration. Since this information is normally 01488 * known when encoding a type, all sub-classes of ASN1Data offer an 01489 * additional attribute +tagging+ that allows to encode a value implicitly 01490 * (+:IMPLICIT+) or explicitly (+:EXPLICIT+). 01491 * 01492 * === Constructive 01493 * 01494 * Constructive is, as its name implies, the base class for all 01495 * constructed encodings, i.e. those that consist of several values, 01496 * opposed to "primitive" encodings with just one single value. 01497 * Primitive values that are encoded with "infinite length" are typically 01498 * constructed (their values come in multiple chunks) and are therefore 01499 * represented by instances of Constructive. The value of an Constructive 01500 * is always an Array. 01501 * 01502 * ==== ASN1::Set and ASN1::Sequence 01503 * 01504 * The most common constructive encodings are SETs and SEQUENCEs, which is 01505 * why there are two sub-classes of Constructive representing each of 01506 * them. 01507 * 01508 * === Primitive 01509 * 01510 * This is the super class of all primitive values. Primitive 01511 * itself is not used when parsing ASN.1 data, all values are either 01512 * instances of a corresponding sub-class of Primitive or they are 01513 * instances of ASN1Data if the value was tagged implicitly or explicitly. 01514 * Please cf. Primitive documentation for details on sub-classes and 01515 * their respective mappings of ASN.1 data types to Ruby objects. 01516 * 01517 * == Possible values for +tagging+ 01518 * 01519 * When constructing an ASN1Data object the ASN.1 type definition may 01520 * require certain elements to be either implicitly or explicitly tagged. 01521 * This can be achieved by setting the +tagging+ attribute manually for 01522 * sub-classes of ASN1Data. Use the symbol +:IMPLICIT+ for implicit 01523 * tagging and +:EXPLICIT+ if the element requires explicit tagging. 01524 * 01525 * == Possible values for +tag_class+ 01526 * 01527 * It is possible to create arbitrary ASN1Data objects that also support 01528 * a PRIVATE or APPLICATION tag class. Possible values for the +tag_class+ 01529 * attribute are: 01530 * * +:UNIVERSAL+ (the default for untagged values) 01531 * * +:CONTEXT_SPECIFIC+ (the default for tagged values) 01532 * * +:APPLICATION+ 01533 * * +:PRIVATE+ 01534 * 01535 * == Tag constants 01536 * 01537 * There is a constant defined for each universal tag: 01538 * * OpenSSL::ASN1::EOC (0) 01539 * * OpenSSL::ASN1::BOOLEAN (1) 01540 * * OpenSSL::ASN1::INTEGER (2) 01541 * * OpenSSL::ASN1::BIT_STRING (3) 01542 * * OpenSSL::ASN1::OCTET_STRING (4) 01543 * * OpenSSL::ASN1::NULL (5) 01544 * * OpenSSL::ASN1::OBJECT (6) 01545 * * OpenSSL::ASN1::ENUMERATED (10) 01546 * * OpenSSL::ASN1::UTF8STRING (12) 01547 * * OpenSSL::ASN1::SEQUENCE (16) 01548 * * OpenSSL::ASN1::SET (17) 01549 * * OpenSSL::ASN1::NUMERICSTRING (18) 01550 * * OpenSSL::ASN1::PRINTABLESTRING (19) 01551 * * OpenSSL::ASN1::T61STRING (20) 01552 * * OpenSSL::ASN1::VIDEOTEXSTRING (21) 01553 * * OpenSSL::ASN1::IA5STRING (22) 01554 * * OpenSSL::ASN1::UTCTIME (23) 01555 * * OpenSSL::ASN1::GENERALIZEDTIME (24) 01556 * * OpenSSL::ASN1::GRAPHICSTRING (25) 01557 * * OpenSSL::ASN1::ISO64STRING (26) 01558 * * OpenSSL::ASN1::GENERALSTRING (27) 01559 * * OpenSSL::ASN1::UNIVERSALSTRING (28) 01560 * * OpenSSL::ASN1::BMPSTRING (30) 01561 * 01562 * == UNIVERSAL_TAG_NAME constant 01563 * 01564 * An Array that stores the name of a given tag number. These names are 01565 * the same as the name of the tag constant that is additionally defined, 01566 * e.g. UNIVERSAL_TAG_NAME[2] = "INTEGER" and OpenSSL::ASN1::INTEGER = 2. 01567 * 01568 * == Example usage 01569 * 01570 * === Decoding and viewing a DER-encoded file 01571 * require 'openssl' 01572 * require 'pp' 01573 * der = File.binread('data.der') 01574 * asn1 = OpenSSL::ASN1.decode(der) 01575 * pp der 01576 * 01577 * === Creating an ASN.1 structure and DER-encoding it 01578 * require 'openssl' 01579 * version = OpenSSL::ASN1::Integer.new(1) 01580 * # Explicitly 0-tagged implies context-specific tag class 01581 * serial = OpenSSL::ASN1::Integer.new(12345, 0, :EXPLICIT, :CONTEXT_SPECIFIC) 01582 * name = OpenSSL::ASN1::PrintableString.new('Data 1') 01583 * sequence = OpenSSL::ASN1::Sequence.new( [ version, serial, name ] ) 01584 * der = sequence.to_der 01585 */ 01586 mASN1 = rb_define_module_under(mOSSL, "ASN1"); 01587 01588 /* Document-class: OpenSSL::ASN1::ASN1Error 01589 * 01590 * Generic error class for all errors raised in ASN1 and any of the 01591 * classes defined in it. 01592 */ 01593 eASN1Error = rb_define_class_under(mASN1, "ASN1Error", eOSSLError); 01594 rb_define_module_function(mASN1, "traverse", ossl_asn1_traverse, 1); 01595 rb_define_module_function(mASN1, "decode", ossl_asn1_decode, 1); 01596 rb_define_module_function(mASN1, "decode_all", ossl_asn1_decode_all, 1); 01597 ary = rb_ary_new(); 01598 01599 /* 01600 * Array storing tag names at the tag's index. 01601 */ 01602 rb_define_const(mASN1, "UNIVERSAL_TAG_NAME", ary); 01603 for(i = 0; i < ossl_asn1_info_size; i++){ 01604 if(ossl_asn1_info[i].name[0] == '[') continue; 01605 rb_define_const(mASN1, ossl_asn1_info[i].name, INT2NUM(i)); 01606 rb_ary_store(ary, i, rb_str_new2(ossl_asn1_info[i].name)); 01607 } 01608 01609 /* Document-class: OpenSSL::ASN1::ASN1Data 01610 * 01611 * The top-level class representing any ASN.1 object. When parsed by 01612 * ASN1.decode, tagged values are always represented by an instance 01613 * of ASN1Data. 01614 * 01615 * == The role of ASN1Data for parsing tagged values 01616 * 01617 * When encoding an ASN.1 type it is inherently clear what original 01618 * type (e.g. INTEGER, OCTET STRING etc.) this value has, regardless 01619 * of its tagging. 01620 * But opposed to the time an ASN.1 type is to be encoded, when parsing 01621 * them it is not possible to deduce the "real type" of tagged 01622 * values. This is why tagged values are generally parsed into ASN1Data 01623 * instances, but with a different outcome for implicit and explicit 01624 * tagging. 01625 * 01626 * === Example of a parsed implicitly tagged value 01627 * 01628 * An implicitly 1-tagged INTEGER value will be parsed as an 01629 * ASN1Data with 01630 * * +tag+ equal to 1 01631 * * +tag_class+ equal to +:CONTEXT_SPECIFIC+ 01632 * * +value+ equal to a +String+ that carries the raw encoding 01633 * of the INTEGER. 01634 * This implies that a subsequent decoding step is required to 01635 * completely decode implicitly tagged values. 01636 * 01637 * === Example of a parsed explicitly tagged value 01638 * 01639 * An explicitly 1-tagged INTEGER value will be parsed as an 01640 * ASN1Data with 01641 * * +tag+ equal to 1 01642 * * +tag_class+ equal to +:CONTEXT_SPECIFIC+ 01643 * * +value+ equal to an +Array+ with one single element, an 01644 * instance of OpenSSL::ASN1::Integer, i.e. the inner element 01645 * is the non-tagged primitive value, and the tagging is represented 01646 * in the outer ASN1Data 01647 * 01648 * == Example - Decoding an implicitly tagged INTEGER 01649 * int = OpenSSL::ASN1::Integer.new(1, 0, :IMPLICIT) # implicit 0-tagged 01650 * seq = OpenSSL::ASN1::Sequence.new( [int] ) 01651 * der = seq.to_der 01652 * asn1 = OpenSSL::ASN1.decode(der) 01653 * # pp asn1 => #<OpenSSL::ASN1::Sequence:0x87326e0 01654 * # @infinite_length=false, 01655 * # @tag=16, 01656 * # @tag_class=:UNIVERSAL, 01657 * # @tagging=nil, 01658 * # @value= 01659 * # [#<OpenSSL::ASN1::ASN1Data:0x87326f4 01660 * # @infinite_length=false, 01661 * # @tag=0, 01662 * # @tag_class=:CONTEXT_SPECIFIC, 01663 * # @value="\x01">]> 01664 * raw_int = asn1.value[0] 01665 * # manually rewrite tag and tag class to make it an UNIVERSAL value 01666 * raw_int.tag = OpenSSL::ASN1::INTEGER 01667 * raw_int.tag_class = :UNIVERSAL 01668 * int2 = OpenSSL::ASN1.decode(raw_int) 01669 * puts int2.value # => 1 01670 * 01671 * == Example - Decoding an explicitly tagged INTEGER 01672 * int = OpenSSL::ASN1::Integer.new(1, 0, :EXPLICIT) # explicit 0-tagged 01673 * seq = OpenSSL::ASN1::Sequence.new( [int] ) 01674 * der = seq.to_der 01675 * asn1 = OpenSSL::ASN1.decode(der) 01676 * # pp asn1 => #<OpenSSL::ASN1::Sequence:0x87326e0 01677 * # @infinite_length=false, 01678 * # @tag=16, 01679 * # @tag_class=:UNIVERSAL, 01680 * # @tagging=nil, 01681 * # @value= 01682 * # [#<OpenSSL::ASN1::ASN1Data:0x87326f4 01683 * # @infinite_length=false, 01684 * # @tag=0, 01685 * # @tag_class=:CONTEXT_SPECIFIC, 01686 * # @value= 01687 * # [#<OpenSSL::ASN1::Integer:0x85bf308 01688 * # @infinite_length=false, 01689 * # @tag=2, 01690 * # @tag_class=:UNIVERSAL 01691 * # @tagging=nil, 01692 * # @value=1>]>]> 01693 * int2 = asn1.value[0].value[0] 01694 * puts int2.value # => 1 01695 */ 01696 cASN1Data = rb_define_class_under(mASN1, "ASN1Data", rb_cObject); 01697 /* 01698 * Carries the value of a ASN.1 type. 01699 * Please confer Constructive and Primitive for the mappings between 01700 * ASN.1 data types and Ruby classes. 01701 */ 01702 rb_attr(cASN1Data, rb_intern("value"), 1, 1, 0); 01703 /* 01704 * A +Number+ representing the tag number of this ASN1Data. Never +nil+. 01705 */ 01706 rb_attr(cASN1Data, rb_intern("tag"), 1, 1, 0); 01707 /* 01708 * A +Symbol+ representing the tag class of this ASN1Data. Never +nil+. 01709 * See ASN1Data for possible values. 01710 */ 01711 rb_attr(cASN1Data, rb_intern("tag_class"), 1, 1, 0); 01712 /* 01713 * Never +nil+. A +Boolean+ indicating whether the encoding was infinite 01714 * length (in the case of parsing) or whether an infinite length encoding 01715 * shall be used (in the encoding case). 01716 * In DER, every value has a finite length associated with it. But in 01717 * scenarios where large amounts of data need to be transferred it 01718 * might be desirable to have some kind of streaming support available. 01719 * For example, huge OCTET STRINGs are preferably sent in smaller-sized 01720 * chunks, each at a time. 01721 * This is possible in BER by setting the length bytes of an encoding 01722 * to zero and by this indicating that the following value will be 01723 * sent in chunks. Infinite length encodings are always constructed. 01724 * The end of such a stream of chunks is indicated by sending a EOC 01725 * (End of Content) tag. SETs and SEQUENCEs may use an infinite length 01726 * encoding, but also primitive types such as e.g. OCTET STRINGS or 01727 * BIT STRINGS may leverage this functionality (cf. ITU-T X.690). 01728 */ 01729 rb_attr(cASN1Data, rb_intern("infinite_length"), 1, 1, 0); 01730 rb_define_method(cASN1Data, "initialize", ossl_asn1data_initialize, 3); 01731 rb_define_method(cASN1Data, "to_der", ossl_asn1data_to_der, 0); 01732 01733 /* Document-class: OpenSSL::ASN1::Primitive 01734 * 01735 * The parent class for all primitive encodings. Attributes are the same as 01736 * for ASN1Data, with the addition of +tagging+. 01737 * Primitive values can never be infinite length encodings, thus it is not 01738 * possible to set the +infinite_length+ attribute for Primitive and its 01739 * sub-classes. 01740 * 01741 * == Primitive sub-classes and their mapping to Ruby classes 01742 * * OpenSSL::ASN1::EndOfContent <=> +value+ is always +nil+ 01743 * * OpenSSL::ASN1::Boolean <=> +value+ is a +Boolean+ 01744 * * OpenSSL::ASN1::Integer <=> +value+ is a +Number+ 01745 * * OpenSSL::ASN1::BitString <=> +value+ is a +String+ 01746 * * OpenSSL::ASN1::OctetString <=> +value+ is a +String+ 01747 * * OpenSSL::ASN1::Null <=> +value+ is always +nil+ 01748 * * OpenSSL::ASN1::Object <=> +value+ is a +String+ 01749 * * OpenSSL::ASN1::Enumerated <=> +value+ is a +Number+ 01750 * * OpenSSL::ASN1::UTF8String <=> +value+ is a +String+ 01751 * * OpenSSL::ASN1::NumericString <=> +value+ is a +String+ 01752 * * OpenSSL::ASN1::PrintableString <=> +value+ is a +String+ 01753 * * OpenSSL::ASN1::T61String <=> +value+ is a +String+ 01754 * * OpenSSL::ASN1::VideotexString <=> +value+ is a +String+ 01755 * * OpenSSL::ASN1::IA5String <=> +value+ is a +String+ 01756 * * OpenSSL::ASN1::UTCTime <=> +value+ is a +Time+ 01757 * * OpenSSL::ASN1::GeneralizedTime <=> +value+ is a +Time+ 01758 * * OpenSSL::ASN1::GraphicString <=> +value+ is a +String+ 01759 * * OpenSSL::ASN1::ISO64String <=> +value+ is a +String+ 01760 * * OpenSSL::ASN1::GeneralString <=> +value+ is a +String+ 01761 * * OpenSSL::ASN1::UniversalString <=> +value+ is a +String+ 01762 * * OpenSSL::ASN1::BMPString <=> +value+ is a +String+ 01763 * 01764 * == OpenSSL::ASN1::BitString 01765 * 01766 * === Additional attributes 01767 * +unused_bits+: if the underlying BIT STRING's 01768 * length is a multiple of 8 then +unused_bits+ is 0. Otherwise 01769 * +unused_bits+ indicates the number of bits that are to be ignored in 01770 * the final octet of the +BitString+'s +value+. 01771 * 01772 * == OpenSSL::ASN1::ObjectId 01773 * 01774 * === Additional attributes 01775 * * +sn+: the short name as defined in <openssl/objects.h>. 01776 * * +ln+: the long name as defined in <openssl/objects.h>. 01777 * * +oid+: the object identifier as a +String+, e.g. "1.2.3.4.5" 01778 * * +short_name+: alias for +sn+. 01779 * * +long_name+: alias for +ln+. 01780 * 01781 * == Examples 01782 * With the Exception of OpenSSL::ASN1::EndOfContent, each Primitive class 01783 * constructor takes at least one parameter, the +value+. 01784 * 01785 * === Creating EndOfContent 01786 * eoc = OpenSSL::ASN1::EndOfContent.new 01787 * 01788 * === Creating any other Primitive 01789 * prim = <class>.new(value) # <class> being one of the sub-classes except EndOfContent 01790 * prim_zero_tagged_implicit = <class>.new(value, 0, :IMPLICIT) 01791 * prim_zero_tagged_explicit = <class>.new(value, 0, :EXPLICIT) 01792 */ 01793 cASN1Primitive = rb_define_class_under(mASN1, "Primitive", cASN1Data); 01794 /* 01795 * May be used as a hint for encoding a value either implicitly or 01796 * explicitly by setting it either to +:IMPLICIT+ or to +:EXPLICIT+. 01797 * +tagging+ is not set when a ASN.1 structure is parsed using 01798 * OpenSSL::ASN1.decode. 01799 */ 01800 rb_attr(cASN1Primitive, rb_intern("tagging"), 1, 1, Qtrue); 01801 rb_undef_method(cASN1Primitive, "infinite_length="); 01802 rb_define_method(cASN1Primitive, "initialize", ossl_asn1_initialize, -1); 01803 rb_define_method(cASN1Primitive, "to_der", ossl_asn1prim_to_der, 0); 01804 01805 /* Document-class: OpenSSL::ASN1::Constructive 01806 * 01807 * The parent class for all constructed encodings. The +value+ attribute 01808 * of a Constructive is always an +Array+. Attributes are the same as 01809 * for ASN1Data, with the addition of +tagging+. 01810 * 01811 * == SET and SEQUENCE 01812 * 01813 * Most constructed encodings come in the form of a SET or a SEQUENCE. 01814 * These encodings are represented by one of the two sub-classes of 01815 * Constructive: 01816 * * OpenSSL::ASN1::Set 01817 * * OpenSSL::ASN1::Sequence 01818 * Please note that tagged sequences and sets are still parsed as 01819 * instances of ASN1Data. Find further details on tagged values 01820 * there. 01821 * 01822 * === Example - constructing a SEQUENCE 01823 * int = OpenSSL::ASN1::Integer.new(1) 01824 * str = OpenSSL::ASN1::PrintableString.new('abc') 01825 * sequence = OpenSSL::ASN1::Sequence.new( [ int, str ] ) 01826 * 01827 * === Example - constructing a SET 01828 * int = OpenSSL::ASN1::Integer.new(1) 01829 * str = OpenSSL::ASN1::PrintableString.new('abc') 01830 * set = OpenSSL::ASN1::Set.new( [ int, str ] ) 01831 * 01832 * == Infinite length primitive values 01833 * 01834 * The only case where Constructive is used directly is for infinite 01835 * length encodings of primitive values. These encodings are always 01836 * constructed, with the contents of the +value+ +Array+ being either 01837 * UNIVERSAL non-infinite length partial encodings of the actual value 01838 * or again constructive encodings with infinite length (i.e. infinite 01839 * length primitive encodings may be constructed recursively with another 01840 * infinite length value within an already infinite length value). Each 01841 * partial encoding must be of the same UNIVERSAL type as the overall 01842 * encoding. The value of the overall encoding consists of the 01843 * concatenation of each partial encoding taken in sequence. The +value+ 01844 * array of the outer infinite length value must end with a 01845 * OpenSSL::ASN1::EndOfContent instance. 01846 * 01847 * Please note that it is not possible to encode Constructive without 01848 * the +infinite_length+ attribute being set to +true+, use 01849 * OpenSSL::ASN1::Sequence or OpenSSL::ASN1::Set in these cases instead. 01850 * 01851 * === Example - Infinite length OCTET STRING 01852 * partial1 = OpenSSL::ASN1::OctetString.new("\x01") 01853 * partial2 = OpenSSL::ASN1::OctetString.new("\x02") 01854 * inf_octets = OpenSSL::ASN1::Constructive.new( [ partial1, 01855 * partial2, 01856 * OpenSSL::ASN1::EndOfContent.new ], 01857 * OpenSSL::ASN1::OCTET_STRING, 01858 * nil, 01859 * :UNIVERSAL ) 01860 * # The real value of inf_octets is "\x01\x02", i.e. the concatenation 01861 * # of partial1 and partial2 01862 * inf_octets.infinite_length = true 01863 * der = inf_octets.to_der 01864 * asn1 = OpenSSL::ASN1.decode(der) 01865 * puts asn1.infinite_length # => true 01866 */ 01867 cASN1Constructive = rb_define_class_under(mASN1,"Constructive", cASN1Data); 01868 rb_include_module(cASN1Constructive, rb_mEnumerable); 01869 /* 01870 * May be used as a hint for encoding a value either implicitly or 01871 * explicitly by setting it either to +:IMPLICIT+ or to +:EXPLICIT+. 01872 * +tagging+ is not set when a ASN.1 structure is parsed using 01873 * OpenSSL::ASN1.decode. 01874 */ 01875 rb_attr(cASN1Constructive, rb_intern("tagging"), 1, 1, Qtrue); 01876 rb_define_method(cASN1Constructive, "initialize", ossl_asn1_initialize, -1); 01877 rb_define_method(cASN1Constructive, "to_der", ossl_asn1cons_to_der, 0); 01878 rb_define_method(cASN1Constructive, "each", ossl_asn1cons_each, 0); 01879 01880 #define OSSL_ASN1_DEFINE_CLASS(name, super) \ 01881 do{\ 01882 cASN1##name = rb_define_class_under(mASN1, #name, cASN1##super);\ 01883 rb_define_module_function(mASN1, #name, ossl_asn1_##name, -1);\ 01884 }while(0) 01885 01886 OSSL_ASN1_DEFINE_CLASS(Boolean, Primitive); 01887 OSSL_ASN1_DEFINE_CLASS(Integer, Primitive); 01888 OSSL_ASN1_DEFINE_CLASS(Enumerated, Primitive); 01889 OSSL_ASN1_DEFINE_CLASS(BitString, Primitive); 01890 OSSL_ASN1_DEFINE_CLASS(OctetString, Primitive); 01891 OSSL_ASN1_DEFINE_CLASS(UTF8String, Primitive); 01892 OSSL_ASN1_DEFINE_CLASS(NumericString, Primitive); 01893 OSSL_ASN1_DEFINE_CLASS(PrintableString, Primitive); 01894 OSSL_ASN1_DEFINE_CLASS(T61String, Primitive); 01895 OSSL_ASN1_DEFINE_CLASS(VideotexString, Primitive); 01896 OSSL_ASN1_DEFINE_CLASS(IA5String, Primitive); 01897 OSSL_ASN1_DEFINE_CLASS(GraphicString, Primitive); 01898 OSSL_ASN1_DEFINE_CLASS(ISO64String, Primitive); 01899 OSSL_ASN1_DEFINE_CLASS(GeneralString, Primitive); 01900 OSSL_ASN1_DEFINE_CLASS(UniversalString, Primitive); 01901 OSSL_ASN1_DEFINE_CLASS(BMPString, Primitive); 01902 OSSL_ASN1_DEFINE_CLASS(Null, Primitive); 01903 OSSL_ASN1_DEFINE_CLASS(ObjectId, Primitive); 01904 OSSL_ASN1_DEFINE_CLASS(UTCTime, Primitive); 01905 OSSL_ASN1_DEFINE_CLASS(GeneralizedTime, Primitive); 01906 01907 OSSL_ASN1_DEFINE_CLASS(Sequence, Constructive); 01908 OSSL_ASN1_DEFINE_CLASS(Set, Constructive); 01909 01910 OSSL_ASN1_DEFINE_CLASS(EndOfContent, Data); 01911 01912 01913 #if 0 01914 cASN1ObjectId = rb_define_class_under(mASN1, "ObjectId", cASN1Primitive); /* let rdoc know */ 01915 #endif 01916 rb_define_singleton_method(cASN1ObjectId, "register", ossl_asn1obj_s_register, 3); 01917 rb_define_method(cASN1ObjectId, "sn", ossl_asn1obj_get_sn, 0); 01918 rb_define_method(cASN1ObjectId, "ln", ossl_asn1obj_get_ln, 0); 01919 rb_define_method(cASN1ObjectId, "oid", ossl_asn1obj_get_oid, 0); 01920 rb_define_alias(cASN1ObjectId, "short_name", "sn"); 01921 rb_define_alias(cASN1ObjectId, "long_name", "ln"); 01922 rb_attr(cASN1BitString, rb_intern("unused_bits"), 1, 1, 0); 01923 01924 rb_define_method(cASN1EndOfContent, "initialize", ossl_asn1eoc_initialize, 0); 01925 01926 class_tag_map = rb_hash_new(); 01927 rb_hash_aset(class_tag_map, cASN1EndOfContent, INT2NUM(V_ASN1_EOC)); 01928 rb_hash_aset(class_tag_map, cASN1Boolean, INT2NUM(V_ASN1_BOOLEAN)); 01929 rb_hash_aset(class_tag_map, cASN1Integer, INT2NUM(V_ASN1_INTEGER)); 01930 rb_hash_aset(class_tag_map, cASN1BitString, INT2NUM(V_ASN1_BIT_STRING)); 01931 rb_hash_aset(class_tag_map, cASN1OctetString, INT2NUM(V_ASN1_OCTET_STRING)); 01932 rb_hash_aset(class_tag_map, cASN1Null, INT2NUM(V_ASN1_NULL)); 01933 rb_hash_aset(class_tag_map, cASN1ObjectId, INT2NUM(V_ASN1_OBJECT)); 01934 rb_hash_aset(class_tag_map, cASN1Enumerated, INT2NUM(V_ASN1_ENUMERATED)); 01935 rb_hash_aset(class_tag_map, cASN1UTF8String, INT2NUM(V_ASN1_UTF8STRING)); 01936 rb_hash_aset(class_tag_map, cASN1Sequence, INT2NUM(V_ASN1_SEQUENCE)); 01937 rb_hash_aset(class_tag_map, cASN1Set, INT2NUM(V_ASN1_SET)); 01938 rb_hash_aset(class_tag_map, cASN1NumericString, INT2NUM(V_ASN1_NUMERICSTRING)); 01939 rb_hash_aset(class_tag_map, cASN1PrintableString, INT2NUM(V_ASN1_PRINTABLESTRING)); 01940 rb_hash_aset(class_tag_map, cASN1T61String, INT2NUM(V_ASN1_T61STRING)); 01941 rb_hash_aset(class_tag_map, cASN1VideotexString, INT2NUM(V_ASN1_VIDEOTEXSTRING)); 01942 rb_hash_aset(class_tag_map, cASN1IA5String, INT2NUM(V_ASN1_IA5STRING)); 01943 rb_hash_aset(class_tag_map, cASN1UTCTime, INT2NUM(V_ASN1_UTCTIME)); 01944 rb_hash_aset(class_tag_map, cASN1GeneralizedTime, INT2NUM(V_ASN1_GENERALIZEDTIME)); 01945 rb_hash_aset(class_tag_map, cASN1GraphicString, INT2NUM(V_ASN1_GRAPHICSTRING)); 01946 rb_hash_aset(class_tag_map, cASN1ISO64String, INT2NUM(V_ASN1_ISO64STRING)); 01947 rb_hash_aset(class_tag_map, cASN1GeneralString, INT2NUM(V_ASN1_GENERALSTRING)); 01948 rb_hash_aset(class_tag_map, cASN1UniversalString, INT2NUM(V_ASN1_UNIVERSALSTRING)); 01949 rb_hash_aset(class_tag_map, cASN1BMPString, INT2NUM(V_ASN1_BMPSTRING)); 01950 rb_global_variable(&class_tag_map); 01951 } 01952