Ruby  1.9.3p392(2013-02-22revision39386)
ossl_asn1.c
Go to the documentation of this file.
1 /*
2  * $Id: ossl_asn1.c 34505 2012-02-09 03:25:07Z nobu $
3  * 'OpenSSL for Ruby' team members
4  * Copyright (C) 2003
5  * All rights reserved.
6  */
7 /*
8  * This program is licenced under the same licence as Ruby.
9  * (See the file 'LICENCE'.)
10  */
11 #include "ossl.h"
12 
13 #if defined(HAVE_SYS_TIME_H)
14 # include <sys/time.h>
15 #elif !defined(NT) && !defined(_WIN32)
16 struct timeval {
17  long tv_sec; /* seconds */
18  long tv_usec; /* and microseconds */
19 };
20 #endif
21 
22 static VALUE join_der(VALUE enumerable);
23 static VALUE ossl_asn1_decode0(unsigned char **pp, long length, long *offset,
24  int depth, int yield, long *num_read);
25 static VALUE ossl_asn1_initialize(int argc, VALUE *argv, VALUE self);
27 
28 /*
29  * DATE conversion
30  */
31 VALUE
32 asn1time_to_time(ASN1_TIME *time)
33 {
34  struct tm tm;
35  VALUE argv[6];
36 
37  if (!time || !time->data) return Qnil;
38  memset(&tm, 0, sizeof(struct tm));
39 
40  switch (time->type) {
41  case V_ASN1_UTCTIME:
42  if (sscanf((const char *)time->data, "%2d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon,
43  &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) {
44  ossl_raise(rb_eTypeError, "bad UTCTIME format");
45  }
46  if (tm.tm_year < 69) {
47  tm.tm_year += 2000;
48  } else {
49  tm.tm_year += 1900;
50  }
51  break;
52  case V_ASN1_GENERALIZEDTIME:
53  if (sscanf((const char *)time->data, "%4d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon,
54  &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) {
55  ossl_raise(rb_eTypeError, "bad GENERALIZEDTIME format" );
56  }
57  break;
58  default:
59  rb_warning("unknown time format");
60  return Qnil;
61  }
62  argv[0] = INT2NUM(tm.tm_year);
63  argv[1] = INT2NUM(tm.tm_mon);
64  argv[2] = INT2NUM(tm.tm_mday);
65  argv[3] = INT2NUM(tm.tm_hour);
66  argv[4] = INT2NUM(tm.tm_min);
67  argv[5] = INT2NUM(tm.tm_sec);
68 
69  return rb_funcall2(rb_cTime, rb_intern("utc"), 6, argv);
70 }
71 
72 /*
73  * This function is not exported in Ruby's *.h
74  */
75 extern struct timeval rb_time_timeval(VALUE);
76 
77 time_t
79 {
80  return (time_t)NUM2LONG(rb_Integer(time));
81 }
82 
83 /*
84  * STRING conversion
85  */
86 VALUE
87 asn1str_to_str(ASN1_STRING *str)
88 {
89  return rb_str_new((const char *)str->data, str->length);
90 }
91 
92 /*
93  * ASN1_INTEGER conversions
94  * TODO: Make a decision what's the right way to do this.
95  */
96 #define DO_IT_VIA_RUBY 0
97 VALUE
98 asn1integer_to_num(ASN1_INTEGER *ai)
99 {
100  BIGNUM *bn;
101 #if DO_IT_VIA_RUBY
102  char *txt;
103 #endif
104  VALUE num;
105 
106  if (!ai) {
107  ossl_raise(rb_eTypeError, "ASN1_INTEGER is NULL!");
108  }
109  if (!(bn = ASN1_INTEGER_to_BN(ai, NULL))) {
111  }
112 #if DO_IT_VIA_RUBY
113  if (!(txt = BN_bn2dec(bn))) {
114  BN_free(bn);
116  }
117  num = rb_cstr_to_inum(txt, 10, Qtrue);
118  OPENSSL_free(txt);
119 #else
120  num = ossl_bn_new(bn);
121 #endif
122  BN_free(bn);
123 
124  return num;
125 }
126 
127 #if DO_IT_VIA_RUBY
128 ASN1_INTEGER *
129 num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai)
130 {
131  BIGNUM *bn = NULL;
132 
133  if (RTEST(rb_obj_is_kind_of(obj, cBN))) {
134  bn = GetBNPtr(obj);
135  } else {
136  obj = rb_String(obj);
137  if (!BN_dec2bn(&bn, StringValuePtr(obj))) {
138  ossl_raise(eOSSLError, NULL);
139  }
140  }
141  if (!(ai = BN_to_ASN1_INTEGER(bn, ai))) {
142  BN_free(bn);
143  ossl_raise(eOSSLError, NULL);
144  }
145  BN_free(bn);
146  return ai;
147 }
148 #else
149 ASN1_INTEGER *
150 num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai)
151 {
152  BIGNUM *bn = GetBNPtr(obj);
153 
154  if (!(ai = BN_to_ASN1_INTEGER(bn, ai))) {
156  }
157  return ai;
158 }
159 #endif
160 
161 /********/
162 /*
163  * ASN1 module
164  */
165 #define ossl_asn1_get_value(o) rb_attr_get((o),sivVALUE)
166 #define ossl_asn1_get_tag(o) rb_attr_get((o),sivTAG)
167 #define ossl_asn1_get_tagging(o) rb_attr_get((o),sivTAGGING)
168 #define ossl_asn1_get_tag_class(o) rb_attr_get((o),sivTAG_CLASS)
169 #define ossl_asn1_get_infinite_length(o) rb_attr_get((o),sivINFINITE_LENGTH)
170 
171 #define ossl_asn1_set_value(o,v) rb_ivar_set((o),sivVALUE,(v))
172 #define ossl_asn1_set_tag(o,v) rb_ivar_set((o),sivTAG,(v))
173 #define ossl_asn1_set_tagging(o,v) rb_ivar_set((o),sivTAGGING,(v))
174 #define ossl_asn1_set_tag_class(o,v) rb_ivar_set((o),sivTAG_CLASS,(v))
175 #define ossl_asn1_set_infinite_length(o,v) rb_ivar_set((o),sivINFINITE_LENGTH,(v))
176 
179 
183 
185 VALUE cASN1Boolean; /* BOOLEAN */
187 VALUE cASN1BitString; /* BIT STRING */
194 VALUE cASN1Null; /* NULL */
195 VALUE cASN1ObjectId; /* OBJECT IDENTIFIER */
197 VALUE cASN1Sequence, cASN1Set; /* CONSTRUCTIVE */
198 
202 
203 /*
204  * We need to implement these for backward compatibility
205  * reasons, behavior of ASN1_put_object and ASN1_object_size
206  * for infinite length values is different in OpenSSL <= 0.9.7
207  */
208 #if OPENSSL_VERSION_NUMBER < 0x00908000L
209 #define ossl_asn1_object_size(cons, len, tag) (cons) == 2 ? (len) + ASN1_object_size((cons), 0, (tag)) : ASN1_object_size((cons), (len), (tag))
210 #define ossl_asn1_put_object(pp, cons, len, tag, xc) (cons) == 2 ? ASN1_put_object((pp), (cons), 0, (tag), (xc)) : ASN1_put_object((pp), (cons), (len), (tag), (xc))
211 #else
212 #define ossl_asn1_object_size(cons, len, tag) ASN1_object_size((cons), (len), (tag))
213 #define ossl_asn1_put_object(pp, cons, len, tag, xc) ASN1_put_object((pp), (cons), (len), (tag), (xc))
214 #endif
215 
216 /*
217  * Ruby to ASN1 converters
218  */
219 static ASN1_BOOLEAN
221 {
222 #if OPENSSL_VERSION_NUMBER < 0x00907000L
223  return RTEST(obj) ? 0xff : 0x100;
224 #else
225  return RTEST(obj) ? 0xff : 0x0;
226 #endif
227 }
228 
229 static ASN1_INTEGER*
231 {
232  return num_to_asn1integer(obj, NULL);
233 }
234 
235 static ASN1_BIT_STRING*
236 obj_to_asn1bstr(VALUE obj, long unused_bits)
237 {
238  ASN1_BIT_STRING *bstr;
239 
240  if(unused_bits < 0) unused_bits = 0;
241  StringValue(obj);
242  if(!(bstr = ASN1_BIT_STRING_new()))
243  ossl_raise(eASN1Error, NULL);
244  ASN1_BIT_STRING_set(bstr, (unsigned char *)RSTRING_PTR(obj), RSTRING_LENINT(obj));
245  bstr->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
246  bstr->flags |= ASN1_STRING_FLAG_BITS_LEFT|(unused_bits&0x07);
247 
248  return bstr;
249 }
250 
251 static ASN1_STRING*
253 {
254  ASN1_STRING *str;
255 
256  StringValue(obj);
257  if(!(str = ASN1_STRING_new()))
258  ossl_raise(eASN1Error, NULL);
259  ASN1_STRING_set(str, RSTRING_PTR(obj), RSTRING_LENINT(obj));
260 
261  return str;
262 }
263 
264 static ASN1_NULL*
266 {
267  ASN1_NULL *null;
268 
269  if(!NIL_P(obj))
270  ossl_raise(eASN1Error, "nil expected");
271  if(!(null = ASN1_NULL_new()))
272  ossl_raise(eASN1Error, NULL);
273 
274  return null;
275 }
276 
277 static ASN1_OBJECT*
279 {
280  ASN1_OBJECT *a1obj;
281 
282  StringValue(obj);
283  a1obj = OBJ_txt2obj(RSTRING_PTR(obj), 0);
284  if(!a1obj) a1obj = OBJ_txt2obj(RSTRING_PTR(obj), 1);
285  if(!a1obj) ossl_raise(eASN1Error, "invalid OBJECT ID");
286 
287  return a1obj;
288 }
289 
290 static ASN1_UTCTIME*
292 {
293  time_t sec;
294  ASN1_UTCTIME *t;
295 
296  sec = time_to_time_t(time);
297  if(!(t = ASN1_UTCTIME_set(NULL, sec)))
298  ossl_raise(eASN1Error, NULL);
299 
300  return t;
301 }
302 
303 static ASN1_GENERALIZEDTIME*
305 {
306  time_t sec;
307  ASN1_GENERALIZEDTIME *t;
308 
309  sec = time_to_time_t(time);
310  if(!(t =ASN1_GENERALIZEDTIME_set(NULL, sec)))
311  ossl_raise(eASN1Error, NULL);
312 
313  return t;
314 }
315 
316 static ASN1_STRING*
318 {
319  ASN1_STRING *a1str;
320  VALUE str;
321 
322  str = ossl_to_der(obj);
323  if(!(a1str = ASN1_STRING_new()))
324  ossl_raise(eASN1Error, NULL);
325  ASN1_STRING_set(a1str, RSTRING_PTR(str), RSTRING_LENINT(str));
326 
327  return a1str;
328 }
329 
330 /*
331  * DER to Ruby converters
332  */
333 static VALUE
334 decode_bool(unsigned char* der, int length)
335 {
336  int val;
337  const unsigned char *p;
338 
339  p = der;
340  if((val = d2i_ASN1_BOOLEAN(NULL, &p, length)) < 0)
341  ossl_raise(eASN1Error, NULL);
342 
343  return val ? Qtrue : Qfalse;
344 }
345 
346 static VALUE
347 decode_int(unsigned char* der, int length)
348 {
349  ASN1_INTEGER *ai;
350  const unsigned char *p;
351  VALUE ret;
352  int status = 0;
353 
354  p = der;
355  if(!(ai = d2i_ASN1_INTEGER(NULL, &p, length)))
356  ossl_raise(eASN1Error, NULL);
358  (VALUE)ai, &status);
359  ASN1_INTEGER_free(ai);
360  if(status) rb_jump_tag(status);
361 
362  return ret;
363 }
364 
365 static VALUE
366 decode_bstr(unsigned char* der, int length, long *unused_bits)
367 {
368  ASN1_BIT_STRING *bstr;
369  const unsigned char *p;
370  long len;
371  VALUE ret;
372 
373  p = der;
374  if(!(bstr = d2i_ASN1_BIT_STRING(NULL, &p, length)))
375  ossl_raise(eASN1Error, NULL);
376  len = bstr->length;
377  *unused_bits = 0;
378  if(bstr->flags & ASN1_STRING_FLAG_BITS_LEFT)
379  *unused_bits = bstr->flags & 0x07;
380  ret = rb_str_new((const char *)bstr->data, len);
381  ASN1_BIT_STRING_free(bstr);
382 
383  return ret;
384 }
385 
386 static VALUE
387 decode_enum(unsigned char* der, int length)
388 {
389  ASN1_ENUMERATED *ai;
390  const unsigned char *p;
391  VALUE ret;
392  int status = 0;
393 
394  p = der;
395  if(!(ai = d2i_ASN1_ENUMERATED(NULL, &p, length)))
396  ossl_raise(eASN1Error, NULL);
398  (VALUE)ai, &status);
399  ASN1_ENUMERATED_free(ai);
400  if(status) rb_jump_tag(status);
401 
402  return ret;
403 }
404 
405 static VALUE
406 decode_null(unsigned char* der, int length)
407 {
408  ASN1_NULL *null;
409  const unsigned char *p;
410 
411  p = der;
412  if(!(null = d2i_ASN1_NULL(NULL, &p, length)))
413  ossl_raise(eASN1Error, NULL);
414  ASN1_NULL_free(null);
415 
416  return Qnil;
417 }
418 
419 static VALUE
420 decode_obj(unsigned char* der, int length)
421 {
422  ASN1_OBJECT *obj;
423  const unsigned char *p;
424  VALUE ret;
425  int nid;
426  BIO *bio;
427 
428  p = der;
429  if(!(obj = d2i_ASN1_OBJECT(NULL, &p, length)))
430  ossl_raise(eASN1Error, NULL);
431  if((nid = OBJ_obj2nid(obj)) != NID_undef){
432  ASN1_OBJECT_free(obj);
433  ret = rb_str_new2(OBJ_nid2sn(nid));
434  }
435  else{
436  if(!(bio = BIO_new(BIO_s_mem()))){
437  ASN1_OBJECT_free(obj);
438  ossl_raise(eASN1Error, NULL);
439  }
440  i2a_ASN1_OBJECT(bio, obj);
441  ASN1_OBJECT_free(obj);
442  ret = ossl_membio2str(bio);
443  }
444 
445  return ret;
446 }
447 
448 static VALUE
449 decode_time(unsigned char* der, int length)
450 {
451  ASN1_TIME *time;
452  const unsigned char *p;
453  VALUE ret;
454  int status = 0;
455 
456  p = der;
457  if(!(time = d2i_ASN1_TIME(NULL, &p, length)))
458  ossl_raise(eASN1Error, NULL);
460  (VALUE)time, &status);
461  ASN1_TIME_free(time);
462  if(status) rb_jump_tag(status);
463 
464  return ret;
465 }
466 
467 static VALUE
468 decode_eoc(unsigned char *der, int length)
469 {
470  if (length != 2 || !(der[0] == 0x00 && der[1] == 0x00))
471  ossl_raise(eASN1Error, NULL);
472 
473  return rb_str_new("", 0);
474 }
475 
476 /********/
477 
478 typedef struct {
479  const char *name;
482 
484  { "EOC", &cASN1EndOfContent, }, /* 0 */
485  { "BOOLEAN", &cASN1Boolean, }, /* 1 */
486  { "INTEGER", &cASN1Integer, }, /* 2 */
487  { "BIT_STRING", &cASN1BitString, }, /* 3 */
488  { "OCTET_STRING", &cASN1OctetString, }, /* 4 */
489  { "NULL", &cASN1Null, }, /* 5 */
490  { "OBJECT", &cASN1ObjectId, }, /* 6 */
491  { "OBJECT_DESCRIPTOR", NULL, }, /* 7 */
492  { "EXTERNAL", NULL, }, /* 8 */
493  { "REAL", NULL, }, /* 9 */
494  { "ENUMERATED", &cASN1Enumerated, }, /* 10 */
495  { "EMBEDDED_PDV", NULL, }, /* 11 */
496  { "UTF8STRING", &cASN1UTF8String, }, /* 12 */
497  { "RELATIVE_OID", NULL, }, /* 13 */
498  { "[UNIVERSAL 14]", NULL, }, /* 14 */
499  { "[UNIVERSAL 15]", NULL, }, /* 15 */
500  { "SEQUENCE", &cASN1Sequence, }, /* 16 */
501  { "SET", &cASN1Set, }, /* 17 */
502  { "NUMERICSTRING", &cASN1NumericString, }, /* 18 */
503  { "PRINTABLESTRING", &cASN1PrintableString, }, /* 19 */
504  { "T61STRING", &cASN1T61String, }, /* 20 */
505  { "VIDEOTEXSTRING", &cASN1VideotexString, }, /* 21 */
506  { "IA5STRING", &cASN1IA5String, }, /* 22 */
507  { "UTCTIME", &cASN1UTCTime, }, /* 23 */
508  { "GENERALIZEDTIME", &cASN1GeneralizedTime, }, /* 24 */
509  { "GRAPHICSTRING", &cASN1GraphicString, }, /* 25 */
510  { "ISO64STRING", &cASN1ISO64String, }, /* 26 */
511  { "GENERALSTRING", &cASN1GeneralString, }, /* 27 */
512  { "UNIVERSALSTRING", &cASN1UniversalString, }, /* 28 */
513  { "CHARACTER_STRING", NULL, }, /* 29 */
514  { "BMPSTRING", &cASN1BMPString, }, /* 30 */
515 };
516 
517 int ossl_asn1_info_size = (sizeof(ossl_asn1_info)/sizeof(ossl_asn1_info[0]));
518 
520 
521 static int ossl_asn1_default_tag(VALUE obj);
522 
523 ASN1_TYPE*
525 {
526  ASN1_TYPE *ret;
527  VALUE value, rflag;
528  void *ptr;
529  void (*free_func)();
530  int tag, flag;
531 
532  tag = ossl_asn1_default_tag(obj);
533  value = ossl_asn1_get_value(obj);
534  switch(tag){
535  case V_ASN1_BOOLEAN:
536  ptr = (void*)(VALUE)obj_to_asn1bool(value);
537  free_func = NULL;
538  break;
539  case V_ASN1_INTEGER: /* FALLTHROUGH */
540  case V_ASN1_ENUMERATED:
541  ptr = obj_to_asn1int(value);
542  free_func = ASN1_INTEGER_free;
543  break;
544  case V_ASN1_BIT_STRING:
545  rflag = rb_attr_get(obj, sivUNUSED_BITS);
546  flag = NIL_P(rflag) ? -1 : NUM2INT(rflag);
547  ptr = obj_to_asn1bstr(value, flag);
548  free_func = ASN1_BIT_STRING_free;
549  break;
550  case V_ASN1_NULL:
551  ptr = obj_to_asn1null(value);
552  free_func = ASN1_NULL_free;
553  break;
554  case V_ASN1_OCTET_STRING: /* FALLTHROUGH */
555  case V_ASN1_UTF8STRING: /* FALLTHROUGH */
556  case V_ASN1_NUMERICSTRING: /* FALLTHROUGH */
557  case V_ASN1_PRINTABLESTRING: /* FALLTHROUGH */
558  case V_ASN1_T61STRING: /* FALLTHROUGH */
559  case V_ASN1_VIDEOTEXSTRING: /* FALLTHROUGH */
560  case V_ASN1_IA5STRING: /* FALLTHROUGH */
561  case V_ASN1_GRAPHICSTRING: /* FALLTHROUGH */
562  case V_ASN1_ISO64STRING: /* FALLTHROUGH */
563  case V_ASN1_GENERALSTRING: /* FALLTHROUGH */
564  case V_ASN1_UNIVERSALSTRING: /* FALLTHROUGH */
565  case V_ASN1_BMPSTRING:
566  ptr = obj_to_asn1str(value);
567  free_func = ASN1_STRING_free;
568  break;
569  case V_ASN1_OBJECT:
570  ptr = obj_to_asn1obj(value);
571  free_func = ASN1_OBJECT_free;
572  break;
573  case V_ASN1_UTCTIME:
574  ptr = obj_to_asn1utime(value);
575  free_func = ASN1_TIME_free;
576  break;
577  case V_ASN1_GENERALIZEDTIME:
578  ptr = obj_to_asn1gtime(value);
579  free_func = ASN1_TIME_free;
580  break;
581  case V_ASN1_SET: /* FALLTHROUGH */
582  case V_ASN1_SEQUENCE:
583  ptr = obj_to_asn1derstr(obj);
584  free_func = ASN1_STRING_free;
585  break;
586  default:
587  ossl_raise(eASN1Error, "unsupported ASN.1 type");
588  }
589  if(!(ret = OPENSSL_malloc(sizeof(ASN1_TYPE)))){
590  if(free_func) free_func(ptr);
591  ossl_raise(eASN1Error, "ASN1_TYPE alloc failure");
592  }
593  memset(ret, 0, sizeof(ASN1_TYPE));
594  ASN1_TYPE_set(ret, tag, ptr);
595 
596  return ret;
597 }
598 
599 static int
601 {
602  VALUE tmp_class, tag;
603 
604  tmp_class = CLASS_OF(obj);
605  while (tmp_class) {
606  tag = rb_hash_lookup(class_tag_map, tmp_class);
607  if (tag != Qnil) {
608  return NUM2INT(tag);
609  }
610  tmp_class = rb_class_superclass(tmp_class);
611  }
612  ossl_raise(eASN1Error, "universal tag for %s not found",
613  rb_class2name(CLASS_OF(obj)));
614 
615  return -1; /* dummy */
616 }
617 
618 static int
620 {
621  VALUE tag;
622 
623  tag = ossl_asn1_get_tag(obj);
624  if(NIL_P(tag))
625  ossl_raise(eASN1Error, "tag number not specified");
626 
627  return NUM2INT(tag);
628 }
629 
630 static int
632 {
633  VALUE s;
634  int ret = -1;
635 
636  s = ossl_asn1_get_tagging(obj);
637  if(NIL_P(s)) return 0;
638  else if(SYMBOL_P(s)){
639  if (SYM2ID(s) == sIMPLICIT)
640  ret = 0;
641  else if (SYM2ID(s) == sEXPLICIT)
642  ret = 1;
643  }
644  if(ret < 0){
645  ossl_raise(eASN1Error, "invalid tag default");
646  }
647 
648  return ret;
649 }
650 
651 static int
653 {
654  VALUE s;
655  int ret = -1;
656 
657  s = ossl_asn1_get_tag_class(obj);
658  if(NIL_P(s)) ret = V_ASN1_UNIVERSAL;
659  else if(SYMBOL_P(s)){
660  if (SYM2ID(s) == sUNIVERSAL)
661  ret = V_ASN1_UNIVERSAL;
662  else if (SYM2ID(s) == sAPPLICATION)
663  ret = V_ASN1_APPLICATION;
664  else if (SYM2ID(s) == sCONTEXT_SPECIFIC)
665  ret = V_ASN1_CONTEXT_SPECIFIC;
666  else if (SYM2ID(s) == sPRIVATE)
667  ret = V_ASN1_PRIVATE;
668  }
669  if(ret < 0){
670  ossl_raise(eASN1Error, "invalid tag class");
671  }
672 
673  return ret;
674 }
675 
676 static VALUE
678 {
679  if((tc & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
680  return ID2SYM(sPRIVATE);
681  else if((tc & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
682  return ID2SYM(sCONTEXT_SPECIFIC);
683  else if((tc & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
684  return ID2SYM(sAPPLICATION);
685  else
686  return ID2SYM(sUNIVERSAL);
687 }
688 
689 /*
690  * call-seq:
691  * OpenSSL::ASN1::ASN1Data.new(value, tag, tag_class) => ASN1Data
692  *
693  * +value+: Please have a look at Constructive and Primitive to see how Ruby
694  * types are mapped to ASN.1 types and vice versa.
695  *
696  * +tag+: A +Number+ indicating the tag number.
697  *
698  * +tag_class+: A +Symbol+ indicating the tag class. Please cf. ASN1 for
699  * possible values.
700  *
701  * == Example
702  * asn1_int = OpenSSL::ASN1Data.new(42, 2, :UNIVERSAL) # => Same as OpenSSL::ASN1::Integer.new(42)
703  * tagged_int = OpenSSL::ASN1Data.new(42, 0, :CONTEXT_SPECIFIC) # implicitly 0-tagged INTEGER
704  */
705 static VALUE
706 ossl_asn1data_initialize(VALUE self, VALUE value, VALUE tag, VALUE tag_class)
707 {
708  if(!SYMBOL_P(tag_class))
709  ossl_raise(eASN1Error, "invalid tag class");
710  if((SYM2ID(tag_class) == sUNIVERSAL) && NUM2INT(tag) > 31)
711  ossl_raise(eASN1Error, "tag number for Universal too large");
712  ossl_asn1_set_tag(self, tag);
713  ossl_asn1_set_value(self, value);
714  ossl_asn1_set_tag_class(self, tag_class);
716 
717  return self;
718 }
719 
720 static VALUE
722 {
724  StringValue(i);
725  rb_str_append(str, i);
726  return Qnil;
727 }
728 
729 static VALUE
730 join_der(VALUE enumerable)
731 {
732  VALUE str = rb_str_new(0, 0);
733  rb_block_call(enumerable, rb_intern("each"), 0, 0, join_der_i, str);
734  return str;
735 }
736 
737 /*
738  * call-seq:
739  * asn1.to_der => DER-encoded String
740  *
741  * Encodes this ASN1Data into a DER-encoded String value. The result is
742  * DER-encoded except for the possibility of infinite length encodings.
743  * Infinite length encodings are not allowed in strict DER, so strictly
744  * speaking the result of such an encoding would be a BER-encoding.
745  */
746 static VALUE
748 {
749  VALUE value, der, inf_length;
750  int tag, tag_class, is_cons = 0;
751  long length;
752  unsigned char *p;
753 
754  value = ossl_asn1_get_value(self);
755  if(rb_obj_is_kind_of(value, rb_cArray)){
756  is_cons = 1;
757  value = join_der(value);
758  }
759  StringValue(value);
760 
761  tag = ossl_asn1_tag(self);
762  tag_class = ossl_asn1_tag_class(self);
763  inf_length = ossl_asn1_get_infinite_length(self);
764  if (inf_length == Qtrue) {
765  is_cons = 2;
766  }
767  if((length = ossl_asn1_object_size(is_cons, RSTRING_LENINT(value), tag)) <= 0)
768  ossl_raise(eASN1Error, NULL);
769  der = rb_str_new(0, length);
770  p = (unsigned char *)RSTRING_PTR(der);
771  ossl_asn1_put_object(&p, is_cons, RSTRING_LENINT(value), tag, tag_class);
772  memcpy(p, RSTRING_PTR(value), RSTRING_LEN(value));
773  p += RSTRING_LEN(value);
774  ossl_str_adjust(der, p);
775 
776  return der;
777 }
778 
779 static VALUE
780 int_ossl_asn1_decode0_prim(unsigned char **pp, long length, int hlen, int tag,
781  VALUE tc, long *num_read)
782 {
783  VALUE value, asn1data;
784  unsigned char *p;
785  long flag = 0;
786 
787  p = *pp;
788 
789  if(tc == sUNIVERSAL && tag < ossl_asn1_info_size) {
790  switch(tag){
791  case V_ASN1_EOC:
792  value = decode_eoc(p, hlen+length);
793  break;
794  case V_ASN1_BOOLEAN:
795  value = decode_bool(p, hlen+length);
796  break;
797  case V_ASN1_INTEGER:
798  value = decode_int(p, hlen+length);
799  break;
800  case V_ASN1_BIT_STRING:
801  value = decode_bstr(p, hlen+length, &flag);
802  break;
803  case V_ASN1_NULL:
804  value = decode_null(p, hlen+length);
805  break;
806  case V_ASN1_ENUMERATED:
807  value = decode_enum(p, hlen+length);
808  break;
809  case V_ASN1_OBJECT:
810  value = decode_obj(p, hlen+length);
811  break;
812  case V_ASN1_UTCTIME: /* FALLTHROUGH */
813  case V_ASN1_GENERALIZEDTIME:
814  value = decode_time(p, hlen+length);
815  break;
816  default:
817  /* use original value */
818  p += hlen;
819  value = rb_str_new((const char *)p, length);
820  break;
821  }
822  }
823  else {
824  p += hlen;
825  value = rb_str_new((const char *)p, length);
826  }
827 
828  *pp += hlen + length;
829  *num_read = hlen + length;
830 
831  if (tc == sUNIVERSAL && tag < ossl_asn1_info_size && ossl_asn1_info[tag].klass) {
832  VALUE klass = *ossl_asn1_info[tag].klass;
833  VALUE args[4];
834  args[0] = value;
835  args[1] = INT2NUM(tag);
836  args[2] = Qnil;
837  args[3] = ID2SYM(tc);
838  asn1data = rb_obj_alloc(klass);
839  ossl_asn1_initialize(4, args, asn1data);
840  if(tag == V_ASN1_BIT_STRING){
841  rb_ivar_set(asn1data, sivUNUSED_BITS, LONG2NUM(flag));
842  }
843  }
844  else {
845  asn1data = rb_obj_alloc(cASN1Data);
846  ossl_asn1data_initialize(asn1data, value, INT2NUM(tag), ID2SYM(tc));
847  }
848 
849  return asn1data;
850 }
851 
852 static VALUE
853 int_ossl_asn1_decode0_cons(unsigned char **pp, long max_len, long length,
854  long *offset, int depth, int yield, int j,
855  int tag, VALUE tc, long *num_read)
856 {
857  VALUE value, asn1data, ary;
858  int infinite;
859  long off = *offset;
860 
861  infinite = (j == 0x21);
862  ary = rb_ary_new();
863 
864  while (length > 0 || infinite) {
865  long inner_read = 0;
866  value = ossl_asn1_decode0(pp, max_len, &off, depth + 1, yield, &inner_read);
867  *num_read += inner_read;
868  max_len -= inner_read;
869  rb_ary_push(ary, value);
870  if (length > 0)
871  length -= inner_read;
872 
873  if (infinite &&
874  NUM2INT(ossl_asn1_get_tag(value)) == V_ASN1_EOC &&
875  SYM2ID(ossl_asn1_get_tag_class(value)) == sUNIVERSAL) {
876  break;
877  }
878  }
879 
880  if (tc == sUNIVERSAL) {
881  VALUE args[4];
882  int not_sequence_or_set;
883 
884  not_sequence_or_set = tag != V_ASN1_SEQUENCE && tag != V_ASN1_SET;
885 
886  if (not_sequence_or_set) {
887  if (infinite) {
888  asn1data = rb_obj_alloc(cASN1Constructive);
889  }
890  else {
891  ossl_raise(eASN1Error, "invalid non-infinite tag");
892  return Qnil;
893  }
894  }
895  else {
896  VALUE klass = *ossl_asn1_info[tag].klass;
897  asn1data = rb_obj_alloc(klass);
898  }
899  args[0] = ary;
900  args[1] = INT2NUM(tag);
901  args[2] = Qnil;
902  args[3] = ID2SYM(tc);
903  ossl_asn1_initialize(4, args, asn1data);
904  }
905  else {
906  asn1data = rb_obj_alloc(cASN1Data);
907  ossl_asn1data_initialize(asn1data, ary, INT2NUM(tag), ID2SYM(tc));
908  }
909 
910  if (infinite)
912  else
914 
915  *offset = off;
916  return asn1data;
917 }
918 
919 static VALUE
920 ossl_asn1_decode0(unsigned char **pp, long length, long *offset, int depth,
921  int yield, long *num_read)
922 {
923  unsigned char *start, *p;
924  const unsigned char *p0;
925  long len = 0, inner_read = 0, off = *offset;
926  int hlen, tag, tc, j;
927  VALUE asn1data, tag_class;
928 
929  p = *pp;
930  start = p;
931  p0 = p;
932  j = ASN1_get_object(&p0, &len, &tag, &tc, length);
933  p = (unsigned char *)p0;
934  if(j & 0x80) ossl_raise(eASN1Error, NULL);
935  if(len > length) ossl_raise(eASN1Error, "value is too short");
936  if((tc & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
937  tag_class = sPRIVATE;
938  else if((tc & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
939  tag_class = sCONTEXT_SPECIFIC;
940  else if((tc & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
941  tag_class = sAPPLICATION;
942  else
943  tag_class = sUNIVERSAL;
944 
945  hlen = p - start;
946 
947  if(yield) {
948  VALUE arg = rb_ary_new();
949  rb_ary_push(arg, LONG2NUM(depth));
950  rb_ary_push(arg, LONG2NUM(*offset));
951  rb_ary_push(arg, LONG2NUM(hlen));
952  rb_ary_push(arg, LONG2NUM(len));
953  rb_ary_push(arg, (j & V_ASN1_CONSTRUCTED) ? Qtrue : Qfalse);
955  rb_ary_push(arg, INT2NUM(tag));
956  rb_yield(arg);
957  }
958 
959  if(j & V_ASN1_CONSTRUCTED) {
960  *pp += hlen;
961  off += hlen;
962  asn1data = int_ossl_asn1_decode0_cons(pp, length, len, &off, depth, yield, j, tag, tag_class, &inner_read);
963  inner_read += hlen;
964  }
965  else {
966  if ((j & 0x01) && (len == 0)) ossl_raise(eASN1Error, "Infinite length for primitive value");
967  asn1data = int_ossl_asn1_decode0_prim(pp, len, hlen, tag, tag_class, &inner_read);
968  off += hlen + len;
969  }
970  if (num_read)
971  *num_read = inner_read;
972  if (len != 0 && inner_read != hlen + len) {
973  ossl_raise(eASN1Error,
974  "Type mismatch. Bytes read: %ld Bytes available: %ld",
975  inner_read, hlen + len);
976  }
977 
978  *offset = off;
979  return asn1data;
980 }
981 
982 static void
983 int_ossl_decode_sanity_check(long len, long read, long offset)
984 {
985  if (len != 0 && (read != len || offset != len)) {
986  ossl_raise(eASN1Error,
987  "Type mismatch. Total bytes read: %ld Bytes available: %ld Offset: %ld",
988  read, len, offset);
989  }
990 }
991 
992 /*
993  * call-seq:
994  * OpenSSL::ASN1.traverse(asn1) -> nil
995  *
996  * If a block is given, it prints out each of the elements encountered.
997  * Block parameters are (in that order):
998  * * depth: The recursion depth, plus one with each constructed value being encountered (Number)
999  * * offset: Current byte offset (Number)
1000  * * header length: Combined length in bytes of the Tag and Length headers. (Number)
1001  * * length: The overall remaining length of the entire data (Number)
1002  * * constructed: Whether this value is constructed or not (Boolean)
1003  * * tag_class: Current tag class (Symbol)
1004  * * tag: The current tag (Number)
1005  *
1006  * == Example
1007  * der = File.binread('asn1data.der')
1008  * OpenSSL::ASN1.traverse(der) do | depth, offset, header_len, length, constructed, tag_class, tag|
1009  * puts "Depth: #{depth} Offset: #{offset} Length: #{length}"
1010  * puts "Header length: #{header_len} Tag: #{tag} Tag class: #{tag_class} Constructed: #{constructed}"
1011  * end
1012  */
1013 static VALUE
1015 {
1016  unsigned char *p;
1017  volatile VALUE tmp;
1018  long len, read = 0, offset = 0;
1019 
1020  obj = ossl_to_der_if_possible(obj);
1021  tmp = rb_str_new4(StringValue(obj));
1022  p = (unsigned char *)RSTRING_PTR(tmp);
1023  len = RSTRING_LEN(tmp);
1024  ossl_asn1_decode0(&p, len, &offset, 0, 1, &read);
1025  int_ossl_decode_sanity_check(len, read, offset);
1026  return Qnil;
1027 }
1028 
1029 /*
1030  * call-seq:
1031  * OpenSSL::ASN1.decode(der) -> ASN1Data
1032  *
1033  * Decodes a BER- or DER-encoded value and creates an ASN1Data instance. +der+
1034  * may be a +String+ or any object that features a +#to_der+ method transforming
1035  * it into a BER-/DER-encoded +String+.
1036  *
1037  * == Example
1038  * der = File.binread('asn1data')
1039  * asn1 = OpenSSL::ASN1.decode(der)
1040  */
1041 static VALUE
1043 {
1044  VALUE ret;
1045  unsigned char *p;
1046  volatile VALUE tmp;
1047  long len, read = 0, offset = 0;
1048 
1049  obj = ossl_to_der_if_possible(obj);
1050  tmp = rb_str_new4(StringValue(obj));
1051  p = (unsigned char *)RSTRING_PTR(tmp);
1052  len = RSTRING_LEN(tmp);
1053  ret = ossl_asn1_decode0(&p, len, &offset, 0, 0, &read);
1054  int_ossl_decode_sanity_check(len, read, offset);
1055  return ret;
1056 }
1057 
1058 /*
1059  * call-seq:
1060  * OpenSSL::ASN1.decode_all(der) -> Array of ASN1Data
1061  *
1062  * Similar to +decode+ with the difference that +decode+ expects one
1063  * distinct value represented in +der+. +decode_all+ on the contrary
1064  * decodes a sequence of sequential BER/DER values lined up in +der+
1065  * and returns them as an array.
1066  *
1067  * == Example
1068  * ders = File.binread('asn1data_seq')
1069  * asn1_ary = OpenSSL::ASN1.decode_all(ders)
1070  */
1071 static VALUE
1073 {
1074  VALUE ary, val;
1075  unsigned char *p;
1076  long len, tmp_len = 0, read = 0, offset = 0;
1077  volatile VALUE tmp;
1078 
1079  obj = ossl_to_der_if_possible(obj);
1080  tmp = rb_str_new4(StringValue(obj));
1081  p = (unsigned char *)RSTRING_PTR(tmp);
1082  len = RSTRING_LEN(tmp);
1083  tmp_len = len;
1084  ary = rb_ary_new();
1085  while (tmp_len > 0) {
1086  long tmp_read = 0;
1087  val = ossl_asn1_decode0(&p, tmp_len, &offset, 0, 0, &tmp_read);
1088  rb_ary_push(ary, val);
1089  read += tmp_read;
1090  tmp_len -= tmp_read;
1091  }
1092  int_ossl_decode_sanity_check(len, read, offset);
1093  return ary;
1094 }
1095 
1096 /*
1097  * call-seq:
1098  * OpenSSL::ASN1::Primitive.new( value [, tag, tagging, tag_class ]) => Primitive
1099  *
1100  * +value+: is mandatory.
1101  *
1102  * +tag+: optional, may be specified for tagged values. If no +tag+ is
1103  * specified, the UNIVERSAL tag corresponding to the Primitive sub-class
1104  * is used by default.
1105  *
1106  * +tagging+: may be used as an encoding hint to encode a value either
1107  * explicitly or implicitly, see ASN1 for possible values.
1108  *
1109  * +tag_class+: if +tag+ and +tagging+ are +nil+ then this is set to
1110  * +:UNIVERSAL+ by default. If either +tag+ or +tagging+ are set then
1111  * +:CONTEXT_SPECIFIC+ is used as the default. For possible values please
1112  * cf. ASN1.
1113  *
1114  * == Example
1115  * int = OpenSSL::ASN1::Integer.new(42)
1116  * zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :IMPLICIT)
1117  * private_explicit_zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :EXPLICIT, :PRIVATE)
1118  */
1119 static VALUE
1121 {
1122  VALUE value, tag, tagging, tag_class;
1123 
1124  rb_scan_args(argc, argv, "13", &value, &tag, &tagging, &tag_class);
1125  if(argc > 1){
1126  if(NIL_P(tag))
1127  ossl_raise(eASN1Error, "must specify tag number");
1128  if(!NIL_P(tagging) && !SYMBOL_P(tagging))
1129  ossl_raise(eASN1Error, "invalid tagging method");
1130  if(NIL_P(tag_class)) {
1131  if (NIL_P(tagging))
1132  tag_class = ID2SYM(sUNIVERSAL);
1133  else
1134  tag_class = ID2SYM(sCONTEXT_SPECIFIC);
1135  }
1136  if(!SYMBOL_P(tag_class))
1137  ossl_raise(eASN1Error, "invalid tag class");
1138  if(SYM2ID(tagging) == sIMPLICIT && NUM2INT(tag) > 31)
1139  ossl_raise(eASN1Error, "tag number for Universal too large");
1140  }
1141  else{
1142  tag = INT2NUM(ossl_asn1_default_tag(self));
1143  tagging = Qnil;
1144  tag_class = ID2SYM(sUNIVERSAL);
1145  }
1146  ossl_asn1_set_tag(self, tag);
1147  ossl_asn1_set_value(self, value);
1148  ossl_asn1_set_tagging(self, tagging);
1149  ossl_asn1_set_tag_class(self, tag_class);
1151 
1152  return self;
1153 }
1154 
1155 static VALUE
1157  VALUE tag, tagging, tag_class, value;
1158  tag = INT2NUM(ossl_asn1_default_tag(self));
1159  tagging = Qnil;
1160  tag_class = ID2SYM(sUNIVERSAL);
1161  value = rb_str_new("", 0);
1162  ossl_asn1_set_tag(self, tag);
1163  ossl_asn1_set_value(self, value);
1164  ossl_asn1_set_tagging(self, tagging);
1165  ossl_asn1_set_tag_class(self, tag_class);
1167  return self;
1168 }
1169 
1170 static int
1171 ossl_i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp)
1172 {
1173 #if OPENSSL_VERSION_NUMBER < 0x00907000L
1174  if(!a) return 0;
1175  if(a->type == V_ASN1_BOOLEAN)
1176  return i2d_ASN1_BOOLEAN(a->value.boolean, pp);
1177 #endif
1178  return i2d_ASN1_TYPE(a, pp);
1179 }
1180 
1181 static void
1182 ossl_ASN1_TYPE_free(ASN1_TYPE *a)
1183 {
1184 #if OPENSSL_VERSION_NUMBER < 0x00907000L
1185  if(!a) return;
1186  if(a->type == V_ASN1_BOOLEAN){
1187  OPENSSL_free(a);
1188  return;
1189  }
1190 #endif
1191  ASN1_TYPE_free(a);
1192 }
1193 
1194 /*
1195  * call-seq:
1196  * asn1.to_der => DER-encoded String
1197  *
1198  * See ASN1Data#to_der for details. *
1199  */
1200 static VALUE
1202 {
1203  ASN1_TYPE *asn1;
1204  int tn, tc, explicit;
1205  long len, reallen;
1206  unsigned char *buf, *p;
1207  VALUE str;
1208 
1209  tn = NUM2INT(ossl_asn1_get_tag(self));
1210  tc = ossl_asn1_tag_class(self);
1211  explicit = ossl_asn1_is_explicit(self);
1212  asn1 = ossl_asn1_get_asn1type(self);
1213 
1214  len = ossl_asn1_object_size(1, ossl_i2d_ASN1_TYPE(asn1, NULL), tn);
1215  if(!(buf = OPENSSL_malloc(len))){
1216  ossl_ASN1_TYPE_free(asn1);
1217  ossl_raise(eASN1Error, "cannot alloc buffer");
1218  }
1219  p = buf;
1220  if (tc == V_ASN1_UNIVERSAL) {
1221  ossl_i2d_ASN1_TYPE(asn1, &p);
1222  } else if (explicit) {
1223  ossl_asn1_put_object(&p, 1, ossl_i2d_ASN1_TYPE(asn1, NULL), tn, tc);
1224  ossl_i2d_ASN1_TYPE(asn1, &p);
1225  } else {
1226  ossl_i2d_ASN1_TYPE(asn1, &p);
1227  *buf = tc | tn | (*buf & V_ASN1_CONSTRUCTED);
1228  }
1229  ossl_ASN1_TYPE_free(asn1);
1230  reallen = p - buf;
1231  assert(reallen <= len);
1232  str = ossl_buf2str((char *)buf, rb_long2int(reallen)); /* buf will be free in ossl_buf2str */
1233 
1234  return str;
1235 }
1236 
1237 /*
1238  * call-seq:
1239  * asn1.to_der => DER-encoded String
1240  *
1241  * See ASN1Data#to_der for details.
1242  */
1243 static VALUE
1245 {
1246  int tag, tn, tc, explicit, constructed = 1;
1247  int found_prim = 0, seq_len;
1248  long length;
1249  unsigned char *p;
1250  VALUE value, str, inf_length;
1251 
1252  tn = NUM2INT(ossl_asn1_get_tag(self));
1253  tc = ossl_asn1_tag_class(self);
1254  inf_length = ossl_asn1_get_infinite_length(self);
1255  if (inf_length == Qtrue) {
1256  VALUE ary, example;
1257  constructed = 2;
1258  if (CLASS_OF(self) == cASN1Sequence ||
1259  CLASS_OF(self) == cASN1Set) {
1260  tag = ossl_asn1_default_tag(self);
1261  }
1262  else { /* must be a constructive encoding of a primitive value */
1263  ary = ossl_asn1_get_value(self);
1264  if (!rb_obj_is_kind_of(ary, rb_cArray))
1265  ossl_raise(eASN1Error, "Constructive value must be an Array");
1266  /* Recursively descend until a primitive value is found.
1267  The overall value of the entire constructed encoding
1268  is of the type of the first primitive encoding to be
1269  found. */
1270  while (!found_prim){
1271  example = rb_ary_entry(ary, 0);
1272  if (rb_obj_is_kind_of(example, cASN1Primitive)){
1273  found_prim = 1;
1274  }
1275  else {
1276  /* example is another ASN1Constructive */
1277  if (!rb_obj_is_kind_of(example, cASN1Constructive)){
1278  ossl_raise(eASN1Error, "invalid constructed encoding");
1279  return Qnil; /* dummy */
1280  }
1281  ary = ossl_asn1_get_value(example);
1282  }
1283  }
1284  tag = ossl_asn1_default_tag(example);
1285  }
1286  }
1287  else {
1288  if (CLASS_OF(self) == cASN1Constructive)
1289  ossl_raise(eASN1Error, "Constructive shall only be used with infinite length");
1290  tag = ossl_asn1_default_tag(self);
1291  }
1292  explicit = ossl_asn1_is_explicit(self);
1293  value = join_der(ossl_asn1_get_value(self));
1294 
1295  seq_len = ossl_asn1_object_size(constructed, RSTRING_LENINT(value), tag);
1296  length = ossl_asn1_object_size(constructed, seq_len, tn);
1297  str = rb_str_new(0, length);
1298  p = (unsigned char *)RSTRING_PTR(str);
1299  if(tc == V_ASN1_UNIVERSAL)
1300  ossl_asn1_put_object(&p, constructed, RSTRING_LENINT(value), tn, tc);
1301  else{
1302  if(explicit){
1303  ossl_asn1_put_object(&p, constructed, seq_len, tn, tc);
1304  ossl_asn1_put_object(&p, constructed, RSTRING_LENINT(value), tag, V_ASN1_UNIVERSAL);
1305  }
1306  else{
1307  ossl_asn1_put_object(&p, constructed, RSTRING_LENINT(value), tn, tc);
1308  }
1309  }
1310  memcpy(p, RSTRING_PTR(value), RSTRING_LEN(value));
1311  p += RSTRING_LEN(value);
1312 
1313  /* In this case we need an additional EOC (one for the explicit part and
1314  * one for the Constructive itself. The EOC for the Constructive is
1315  * supplied by the user, but that for the "explicit wrapper" must be
1316  * added here.
1317  */
1318  if (explicit && inf_length == Qtrue) {
1319  ASN1_put_eoc(&p);
1320  }
1321  ossl_str_adjust(str, p);
1322 
1323  return str;
1324 }
1325 
1326 /*
1327  * call-seq:
1328  * asn1_ary.each { |asn1| block } => asn1_ary
1329  *
1330  * Calls <i>block</i> once for each element in +self+, passing that element
1331  * as parameter +asn1+. If no block is given, an enumerator is returned
1332  * instead.
1333  *
1334  * == Example
1335  * asn1_ary.each do |asn1|
1336  * puts asn1
1337  * end
1338  */
1339 static VALUE
1341 {
1343  return self;
1344 }
1345 
1346 static VALUE
1348 {
1349  StringValue(oid);
1350  StringValue(sn);
1351  StringValue(ln);
1352 
1353  if(!OBJ_create(RSTRING_PTR(oid), RSTRING_PTR(sn), RSTRING_PTR(ln)))
1354  ossl_raise(eASN1Error, NULL);
1355 
1356  return Qtrue;
1357 }
1358 
1359 static VALUE
1361 {
1362  VALUE val, ret = Qnil;
1363  int nid;
1364 
1365  val = ossl_asn1_get_value(self);
1366  if ((nid = OBJ_txt2nid(StringValuePtr(val))) != NID_undef)
1367  ret = rb_str_new2(OBJ_nid2sn(nid));
1368 
1369  return ret;
1370 }
1371 
1372 static VALUE
1374 {
1375  VALUE val, ret = Qnil;
1376  int nid;
1377 
1378  val = ossl_asn1_get_value(self);
1379  if ((nid = OBJ_txt2nid(StringValuePtr(val))) != NID_undef)
1380  ret = rb_str_new2(OBJ_nid2ln(nid));
1381 
1382  return ret;
1383 }
1384 
1385 static VALUE
1387 {
1388  VALUE val;
1389  ASN1_OBJECT *a1obj;
1390  char buf[128];
1391 
1392  val = ossl_asn1_get_value(self);
1393  a1obj = obj_to_asn1obj(val);
1394  OBJ_obj2txt(buf, sizeof(buf), a1obj, 1);
1395  ASN1_OBJECT_free(a1obj);
1396 
1397  return rb_str_new2(buf);
1398 }
1399 
1400 #define OSSL_ASN1_IMPL_FACTORY_METHOD(klass) \
1401 static VALUE ossl_asn1_##klass(int argc, VALUE *argv, VALUE self)\
1402 { return rb_funcall3(cASN1##klass, rb_intern("new"), argc, argv); }
1403 
1408 OSSL_ASN1_IMPL_FACTORY_METHOD(OctetString)
1410 OSSL_ASN1_IMPL_FACTORY_METHOD(NumericString)
1411 OSSL_ASN1_IMPL_FACTORY_METHOD(PrintableString)
1413 OSSL_ASN1_IMPL_FACTORY_METHOD(VideotexString)
1415 OSSL_ASN1_IMPL_FACTORY_METHOD(GraphicString)
1416 OSSL_ASN1_IMPL_FACTORY_METHOD(ISO64String)
1417 OSSL_ASN1_IMPL_FACTORY_METHOD(GeneralString)
1418 OSSL_ASN1_IMPL_FACTORY_METHOD(UniversalString)
1423 OSSL_ASN1_IMPL_FACTORY_METHOD(GeneralizedTime)
1426 OSSL_ASN1_IMPL_FACTORY_METHOD(EndOfContent)
1427 
1428 void
1430 {
1431  VALUE ary;
1432  int i;
1433 
1434 #if 0
1435  mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */
1436 #endif
1437 
1438  sUNIVERSAL = rb_intern("UNIVERSAL");
1439  sCONTEXT_SPECIFIC = rb_intern("CONTEXT_SPECIFIC");
1440  sAPPLICATION = rb_intern("APPLICATION");
1441  sPRIVATE = rb_intern("PRIVATE");
1442  sEXPLICIT = rb_intern("EXPLICIT");
1443  sIMPLICIT = rb_intern("IMPLICIT");
1444 
1445  sivVALUE = rb_intern("@value");
1446  sivTAG = rb_intern("@tag");
1447  sivTAGGING = rb_intern("@tagging");
1448  sivTAG_CLASS = rb_intern("@tag_class");
1449  sivINFINITE_LENGTH = rb_intern("@infinite_length");
1450  sivUNUSED_BITS = rb_intern("@unused_bits");
1451 
1452  /*
1453  * Document-module: OpenSSL::ASN1
1454  *
1455  * Abstract Syntax Notation One (or ASN.1) is a notation syntax to
1456  * describe data structures and is defined in ITU-T X.680. ASN.1 itself
1457  * does not mandate any encoding or parsing rules, but usually ASN.1 data
1458  * structures are encoded using the Distinguished Encoding Rules (DER) or
1459  * less often the Basic Encoding Rules (BER) described in ITU-T X.690. DER
1460  * and BER encodings are binary Tag-Length-Value (TLV) encodings that are
1461  * quite concise compared to other popular data description formats such
1462  * as XML, JSON etc.
1463  * ASN.1 data structures are very common in cryptographic applications,
1464  * e.g. X.509 public key certificates or certificate revocation lists
1465  * (CRLs) are all defined in ASN.1 and DER-encoded. ASN.1, DER and BER are
1466  * the building blocks of applied cryptography.
1467  * The ASN1 module provides the necessary classes that allow generation
1468  * of ASN.1 data structures and the methods to encode them using a DER
1469  * encoding. The decode method allows parsing arbitrary BER-/DER-encoded
1470  * data to a Ruby object that can then be modified and re-encoded at will.
1471  *
1472  * == ASN.1 class hierarchy
1473  *
1474  * The base class representing ASN.1 structures is ASN1Data. ASN1Data offers
1475  * attributes to read and set the +tag+, the +tag_class+ and finally the
1476  * +value+ of a particular ASN.1 item. Upon parsing, any tagged values
1477  * (implicit or explicit) will be represented by ASN1Data instances because
1478  * their "real type" can only be determined using out-of-band information
1479  * from the ASN.1 type declaration. Since this information is normally
1480  * known when encoding a type, all sub-classes of ASN1Data offer an
1481  * additional attribute +tagging+ that allows to encode a value implicitly
1482  * (+:IMPLICIT+) or explicitly (+:EXPLICIT+).
1483  *
1484  * === Constructive
1485  *
1486  * Constructive is, as its name implies, the base class for all
1487  * constructed encodings, i.e. those that consist of several values,
1488  * opposed to "primitive" encodings with just one single value.
1489  * Primitive values that are encoded with "infinite length" are typically
1490  * constructed (their values come in multiple chunks) and are therefore
1491  * represented by instances of Constructive. The value of an Constructive
1492  * is always an Array.
1493  *
1494  * ==== ASN1::Set and ASN1::Sequence
1495  *
1496  * The most common constructive encodings are SETs and SEQUENCEs, which is
1497  * why there are two sub-classes of Constructive representing each of
1498  * them.
1499  *
1500  * === Primitive
1501  *
1502  * This is the super class of all primitive values. Primitive
1503  * itself is not used when parsing ASN.1 data, all values are either
1504  * instances of a corresponding sub-class of Primitive or they are
1505  * instances of ASN1Data if the value was tagged implicitly or explicitly.
1506  * Please cf. Primitive documentation for details on sub-classes and
1507  * their respective mappings of ASN.1 data types to Ruby objects.
1508  *
1509  * == Possible values for +tagging+
1510  *
1511  * When constructing an ASN1Data object the ASN.1 type definition may
1512  * require certain elements to be either implicitly or explicitly tagged.
1513  * This can be achieved by setting the +tagging+ attribute manually for
1514  * sub-classes of ASN1Data. Use the symbol +:IMPLICIT+ for implicit
1515  * tagging and +:EXPLICIT+ if the element requires explicit tagging.
1516  *
1517  * == Possible values for +tag_class+
1518  *
1519  * It is possible to create arbitrary ASN1Data objects that also support
1520  * a PRIVATE or APPLICATION tag class. Possible values for the +tag_class+
1521  * attribute are:
1522  * * +:UNIVERSAL+ (the default for untagged values)
1523  * * +:CONTEXT_SPECIFIC+ (the default for tagged values)
1524  * * +:APPLICATION+
1525  * * +:PRIVATE+
1526  *
1527  * == Tag constants
1528  *
1529  * There is a constant defined for each universal tag:
1530  * * OpenSSL::ASN1::EOC (0)
1531  * * OpenSSL::ASN1::BOOLEAN (1)
1532  * * OpenSSL::ASN1::INTEGER (2)
1533  * * OpenSSL::ASN1::BIT_STRING (3)
1534  * * OpenSSL::ASN1::OCTET_STRING (4)
1535  * * OpenSSL::ASN1::NULL (5)
1536  * * OpenSSL::ASN1::OBJECT (6)
1537  * * OpenSSL::ASN1::ENUMERATED (10)
1538  * * OpenSSL::ASN1::UTF8STRING (12)
1539  * * OpenSSL::ASN1::SEQUENCE (16)
1540  * * OpenSSL::ASN1::SET (17)
1541  * * OpenSSL::ASN1::NUMERICSTRING (18)
1542  * * OpenSSL::ASN1::PRINTABLESTRING (19)
1543  * * OpenSSL::ASN1::T61STRING (20)
1544  * * OpenSSL::ASN1::VIDEOTEXSTRING (21)
1545  * * OpenSSL::ASN1::IA5STRING (22)
1546  * * OpenSSL::ASN1::UTCTIME (23)
1547  * * OpenSSL::ASN1::GENERALIZEDTIME (24)
1548  * * OpenSSL::ASN1::GRAPHICSTRING (25)
1549  * * OpenSSL::ASN1::ISO64STRING (26)
1550  * * OpenSSL::ASN1::GENERALSTRING (27)
1551  * * OpenSSL::ASN1::UNIVERSALSTRING (28)
1552  * * OpenSSL::ASN1::BMPSTRING (30)
1553  *
1554  * == UNIVERSAL_TAG_NAME constant
1555  *
1556  * An Array that stores the name of a given tag number. These names are
1557  * the same as the name of the tag constant that is additionally defined,
1558  * e.g. UNIVERSAL_TAG_NAME[2] = "INTEGER" and OpenSSL::ASN1::INTEGER = 2.
1559  *
1560  * == Example usage
1561  *
1562  * === Decoding and viewing a DER-encoded file
1563  * require 'openssl'
1564  * require 'pp'
1565  * der = File.binread('data.der')
1566  * asn1 = OpenSSL::ASN1.decode(der)
1567  * pp der
1568  *
1569  * === Creating an ASN.1 structure and DER-encoding it
1570  * require 'openssl'
1571  * version = OpenSSL::ASN1::Integer.new(1)
1572  * # Explicitly 0-tagged implies context-specific tag class
1573  * serial = OpenSSL::ASN1::Integer.new(12345, 0, :EXPLICIT, :CONTEXT_SPECIFIC)
1574  * name = OpenSSL::ASN1::PrintableString.new('Data 1')
1575  * sequence = OpenSSL::ASN1::Sequence.new( [ version, serial, name ] )
1576  * der = sequence.to_der
1577  */
1578  mASN1 = rb_define_module_under(mOSSL, "ASN1");
1579 
1580  /* Document-class: OpenSSL::ASN1::ASN1Error
1581  *
1582  * Generic error class for all errors raised in ASN1 and any of the
1583  * classes defined in it.
1584  */
1585  eASN1Error = rb_define_class_under(mASN1, "ASN1Error", eOSSLError);
1586  rb_define_module_function(mASN1, "traverse", ossl_asn1_traverse, 1);
1587  rb_define_module_function(mASN1, "decode", ossl_asn1_decode, 1);
1588  rb_define_module_function(mASN1, "decode_all", ossl_asn1_decode_all, 1);
1589  ary = rb_ary_new();
1590 
1591  /*
1592  * Array storing tag names at the tag's index.
1593  */
1594  rb_define_const(mASN1, "UNIVERSAL_TAG_NAME", ary);
1595  for(i = 0; i < ossl_asn1_info_size; i++){
1596  if(ossl_asn1_info[i].name[0] == '[') continue;
1597  rb_define_const(mASN1, ossl_asn1_info[i].name, INT2NUM(i));
1598  rb_ary_store(ary, i, rb_str_new2(ossl_asn1_info[i].name));
1599  }
1600 
1601  /* Document-class: OpenSSL::ASN1::ASN1Data
1602  *
1603  * The top-level class representing any ASN.1 object. When parsed by
1604  * ASN1.decode, tagged values are always represented by an instance
1605  * of ASN1Data.
1606  *
1607  * == The role of ASN1Data for parsing tagged values
1608  *
1609  * When encoding an ASN.1 type it is inherently clear what original
1610  * type (e.g. INTEGER, OCTET STRING etc.) this value has, regardless
1611  * of its tagging.
1612  * But opposed to the time an ASN.1 type is to be encoded, when parsing
1613  * them it is not possible to deduce the "real type" of tagged
1614  * values. This is why tagged values are generally parsed into ASN1Data
1615  * instances, but with a different outcome for implicit and explicit
1616  * tagging.
1617  *
1618  * === Example of a parsed implicitly tagged value
1619  *
1620  * An implicitly 1-tagged INTEGER value will be parsed as an
1621  * ASN1Data with
1622  * * +tag+ equal to 1
1623  * * +tag_class+ equal to +:CONTEXT_SPECIFIC+
1624  * * +value+ equal to a +String+ that carries the raw encoding
1625  * of the INTEGER.
1626  * This implies that a subsequent decoding step is required to
1627  * completely decode implicitly tagged values.
1628  *
1629  * === Example of a parsed explicitly tagged value
1630  *
1631  * An explicitly 1-tagged INTEGER value will be parsed as an
1632  * ASN1Data with
1633  * * +tag+ equal to 1
1634  * * +tag_class+ equal to +:CONTEXT_SPECIFIC+
1635  * * +value+ equal to an +Array+ with one single element, an
1636  * instance of OpenSSL::ASN1::Integer, i.e. the inner element
1637  * is the non-tagged primitive value, and the tagging is represented
1638  * in the outer ASN1Data
1639  *
1640  * == Example - Decoding an implicitly tagged INTEGER
1641  * int = OpenSSL::ASN1::Integer.new(1, 0, :IMPLICIT) # implicit 0-tagged
1642  * seq = OpenSSL::ASN1::Sequence.new( [int] )
1643  * der = seq.to_der
1644  * asn1 = OpenSSL::ASN1.decode(der)
1645  * # pp asn1 => #<OpenSSL::ASN1::Sequence:0x87326e0
1646  * # @infinite_length=false,
1647  * # @tag=16,
1648  * # @tag_class=:UNIVERSAL,
1649  * # @tagging=nil,
1650  * # @value=
1651  * # [#<OpenSSL::ASN1::ASN1Data:0x87326f4
1652  * # @infinite_length=false,
1653  * # @tag=0,
1654  * # @tag_class=:CONTEXT_SPECIFIC,
1655  * # @value="\x01">]>
1656  * raw_int = asn1.value[0]
1657  * # manually rewrite tag and tag class to make it an UNIVERSAL value
1658  * raw_int.tag = OpenSSL::ASN1::INTEGER
1659  * raw_int.tag_class = :UNIVERSAL
1660  * int2 = OpenSSL::ASN1.decode(raw_int)
1661  * puts int2.value # => 1
1662  *
1663  * == Example - Decoding an explicitly tagged INTEGER
1664  * int = OpenSSL::ASN1::Integer.new(1, 0, :EXPLICIT) # explicit 0-tagged
1665  * seq = OpenSSL::ASN1::Sequence.new( [int] )
1666  * der = seq.to_der
1667  * asn1 = OpenSSL::ASN1.decode(der)
1668  * # pp asn1 => #<OpenSSL::ASN1::Sequence:0x87326e0
1669  * # @infinite_length=false,
1670  * # @tag=16,
1671  * # @tag_class=:UNIVERSAL,
1672  * # @tagging=nil,
1673  * # @value=
1674  * # [#<OpenSSL::ASN1::ASN1Data:0x87326f4
1675  * # @infinite_length=false,
1676  * # @tag=0,
1677  * # @tag_class=:CONTEXT_SPECIFIC,
1678  * # @value=
1679  * # [#<OpenSSL::ASN1::Integer:0x85bf308
1680  * # @infinite_length=false,
1681  * # @tag=2,
1682  * # @tag_class=:UNIVERSAL
1683  * # @tagging=nil,
1684  * # @value=1>]>]>
1685  * int2 = asn1.value[0].value[0]
1686  * puts int2.value # => 1
1687  */
1688  cASN1Data = rb_define_class_under(mASN1, "ASN1Data", rb_cObject);
1689  /*
1690  * Carries the value of a ASN.1 type.
1691  * Please confer Constructive and Primitive for the mappings between
1692  * ASN.1 data types and Ruby classes.
1693  */
1694  rb_attr(cASN1Data, rb_intern("value"), 1, 1, 0);
1695  /*
1696  * A +Number+ representing the tag number of this ASN1Data. Never +nil+.
1697  */
1698  rb_attr(cASN1Data, rb_intern("tag"), 1, 1, 0);
1699  /*
1700  * A +Symbol+ representing the tag class of this ASN1Data. Never +nil+.
1701  * See ASN1Data for possible values.
1702  */
1703  rb_attr(cASN1Data, rb_intern("tag_class"), 1, 1, 0);
1704  /*
1705  * Never +nil+. A +Boolean+ indicating whether the encoding was infinite
1706  * length (in the case of parsing) or whether an infinite length encoding
1707  * shall be used (in the encoding case).
1708  * In DER, every value has a finite length associated with it. But in
1709  * scenarios where large amounts of data need to be transferred it
1710  * might be desirable to have some kind of streaming support available.
1711  * For example, huge OCTET STRINGs are preferably sent in smaller-sized
1712  * chunks, each at a time.
1713  * This is possible in BER by setting the length bytes of an encoding
1714  * to zero and by this indicating that the following value will be
1715  * sent in chunks. Infinite length encodings are always constructed.
1716  * The end of such a stream of chunks is indicated by sending a EOC
1717  * (End of Content) tag. SETs and SEQUENCEs may use an infinite length
1718  * encoding, but also primitive types such as e.g. OCTET STRINGS or
1719  * BIT STRINGS may leverage this functionality (cf. ITU-T X.690).
1720  */
1721  rb_attr(cASN1Data, rb_intern("infinite_length"), 1, 1, 0);
1722  rb_define_method(cASN1Data, "initialize", ossl_asn1data_initialize, 3);
1723  rb_define_method(cASN1Data, "to_der", ossl_asn1data_to_der, 0);
1724 
1725  /* Document-class: OpenSSL::ASN1::Primitive
1726  *
1727  * The parent class for all primitive encodings. Attributes are the same as
1728  * for ASN1Data, with the addition of +tagging+.
1729  * Primitive values can never be infinite length encodings, thus it is not
1730  * possible to set the +infinite_length+ attribute for Primitive and its
1731  * sub-classes.
1732  *
1733  * == Primitive sub-classes and their mapping to Ruby classes
1734  * * OpenSSL::ASN1::EndOfContent <=> +value+ is always +nil+
1735  * * OpenSSL::ASN1::Boolean <=> +value+ is a +Boolean+
1736  * * OpenSSL::ASN1::Integer <=> +value+ is a +Number+
1737  * * OpenSSL::ASN1::BitString <=> +value+ is a +String+
1738  * * OpenSSL::ASN1::OctetString <=> +value+ is a +String+
1739  * * OpenSSL::ASN1::Null <=> +value+ is always +nil+
1740  * * OpenSSL::ASN1::Object <=> +value+ is a +String+
1741  * * OpenSSL::ASN1::Enumerated <=> +value+ is a +Number+
1742  * * OpenSSL::ASN1::UTF8String <=> +value+ is a +String+
1743  * * OpenSSL::ASN1::NumericString <=> +value+ is a +String+
1744  * * OpenSSL::ASN1::PrintableString <=> +value+ is a +String+
1745  * * OpenSSL::ASN1::T61String <=> +value+ is a +String+
1746  * * OpenSSL::ASN1::VideotexString <=> +value+ is a +String+
1747  * * OpenSSL::ASN1::IA5String <=> +value+ is a +String+
1748  * * OpenSSL::ASN1::UTCTime <=> +value+ is a +Time+
1749  * * OpenSSL::ASN1::GeneralizedTime <=> +value+ is a +Time+
1750  * * OpenSSL::ASN1::GraphicString <=> +value+ is a +String+
1751  * * OpenSSL::ASN1::ISO64String <=> +value+ is a +String+
1752  * * OpenSSL::ASN1::GeneralString <=> +value+ is a +String+
1753  * * OpenSSL::ASN1::UniversalString <=> +value+ is a +String+
1754  * * OpenSSL::ASN1::BMPString <=> +value+ is a +String+
1755  *
1756  * == OpenSSL::ASN1::BitString
1757  *
1758  * === Additional attributes
1759  * +unused_bits+: if the underlying BIT STRING's
1760  * length is a multiple of 8 then +unused_bits+ is 0. Otherwise
1761  * +unused_bits+ indicates the number of bits that are to be ignored in
1762  * the final octet of the +BitString+'s +value+.
1763  *
1764  * == OpenSSL::ASN1::ObjectId
1765  *
1766  * === Additional attributes
1767  * * +sn+: the short name as defined in <openssl/objects.h>.
1768  * * +ln+: the long name as defined in <openssl/objects.h>.
1769  * * +oid+: the object identifier as a +String+, e.g. "1.2.3.4.5"
1770  * * +short_name+: alias for +sn+.
1771  * * +long_name+: alias for +ln+.
1772  *
1773  * == Examples
1774  * With the Exception of OpenSSL::ASN1::EndOfContent, each Primitive class
1775  * constructor takes at least one parameter, the +value+.
1776  *
1777  * === Creating EndOfContent
1778  * eoc = OpenSSL::ASN1::EndOfContent.new
1779  *
1780  * === Creating any other Primitive
1781  * prim = <class>.new(value) # <class> being one of the sub-classes except EndOfContent
1782  * prim_zero_tagged_implicit = <class>.new(value, 0, :IMPLICIT)
1783  * prim_zero_tagged_explicit = <class>.new(value, 0, :EXPLICIT)
1784  */
1785  cASN1Primitive = rb_define_class_under(mASN1, "Primitive", cASN1Data);
1786  /*
1787  * May be used as a hint for encoding a value either implicitly or
1788  * explicitly by setting it either to +:IMPLICIT+ or to +:EXPLICIT+.
1789  * +tagging+ is not set when a ASN.1 structure is parsed using
1790  * OpenSSL::ASN1.decode.
1791  */
1792  rb_attr(cASN1Primitive, rb_intern("tagging"), 1, 1, Qtrue);
1793  rb_undef_method(cASN1Primitive, "infinite_length=");
1794  rb_define_method(cASN1Primitive, "initialize", ossl_asn1_initialize, -1);
1795  rb_define_method(cASN1Primitive, "to_der", ossl_asn1prim_to_der, 0);
1796 
1797  /* Document-class: OpenSSL::ASN1::Constructive
1798  *
1799  * The parent class for all constructed encodings. The +value+ attribute
1800  * of a Constructive is always an +Array+. Attributes are the same as
1801  * for ASN1Data, with the addition of +tagging+.
1802  *
1803  * == SET and SEQUENCE
1804  *
1805  * Most constructed encodings come in the form of a SET or a SEQUENCE.
1806  * These encodings are represented by one of the two sub-classes of
1807  * Constructive:
1808  * * OpenSSL::ASN1::Set
1809  * * OpenSSL::ASN1::Sequence
1810  * Please note that tagged sequences and sets are still parsed as
1811  * instances of ASN1Data. Find further details on tagged values
1812  * there.
1813  *
1814  * === Example - constructing a SEQUENCE
1815  * int = OpenSSL::ASN1::Integer.new(1)
1816  * str = OpenSSL::ASN1::PrintableString.new('abc')
1817  * sequence = OpenSSL::ASN1::Sequence.new( [ int, str ] )
1818  *
1819  * === Example - constructing a SET
1820  * int = OpenSSL::ASN1::Integer.new(1)
1821  * str = OpenSSL::ASN1::PrintableString.new('abc')
1822  * set = OpenSSL::ASN1::Set.new( [ int, str ] )
1823  *
1824  * == Infinite length primitive values
1825  *
1826  * The only case where Constructive is used directly is for infinite
1827  * length encodings of primitive values. These encodings are always
1828  * constructed, with the contents of the +value+ +Array+ being either
1829  * UNIVERSAL non-infinite length partial encodings of the actual value
1830  * or again constructive encodings with infinite length (i.e. infinite
1831  * length primitive encodings may be constructed recursively with another
1832  * infinite length value within an already infinite length value). Each
1833  * partial encoding must be of the same UNIVERSAL type as the overall
1834  * encoding. The value of the overall encoding consists of the
1835  * concatenation of each partial encoding taken in sequence. The +value+
1836  * array of the outer infinite length value must end with a
1837  * OpenSSL::ASN1::EndOfContent instance.
1838  *
1839  * Please note that it is not possible to encode Constructive without
1840  * the +infinite_length+ attribute being set to +true+, use
1841  * OpenSSL::ASN1::Sequence or OpenSSL::ASN1::Set in these cases instead.
1842  *
1843  * === Example - Infinite length OCTET STRING
1844  * partial1 = OpenSSL::ASN1::OctetString.new("\x01")
1845  * partial2 = OpenSSL::ASN1::OctetString.new("\x02")
1846  * inf_octets = OpenSSL::ASN1::Constructive.new( [ partial1,
1847  * partial2,
1848  * OpenSSL::ASN1::EndOfContent.new ],
1849  * OpenSSL::ASN1::OCTET_STRING,
1850  * nil,
1851  * :UNIVERSAL )
1852  * # The real value of inf_octets is "\x01\x02", i.e. the concatenation
1853  * # of partial1 and partial2
1854  * inf_octets.infinite_length = true
1855  * der = inf_octets.to_der
1856  * asn1 = OpenSSL::ASN1.decode(der)
1857  * puts asn1.infinite_length # => true
1858  */
1859  cASN1Constructive = rb_define_class_under(mASN1,"Constructive", cASN1Data);
1860  rb_include_module(cASN1Constructive, rb_mEnumerable);
1861  /*
1862  * May be used as a hint for encoding a value either implicitly or
1863  * explicitly by setting it either to +:IMPLICIT+ or to +:EXPLICIT+.
1864  * +tagging+ is not set when a ASN.1 structure is parsed using
1865  * OpenSSL::ASN1.decode.
1866  */
1867  rb_attr(cASN1Constructive, rb_intern("tagging"), 1, 1, Qtrue);
1868  rb_define_method(cASN1Constructive, "initialize", ossl_asn1_initialize, -1);
1869  rb_define_method(cASN1Constructive, "to_der", ossl_asn1cons_to_der, 0);
1870  rb_define_method(cASN1Constructive, "each", ossl_asn1cons_each, 0);
1871 
1872 #define OSSL_ASN1_DEFINE_CLASS(name, super) \
1873 do{\
1874  cASN1##name = rb_define_class_under(mASN1, #name, cASN1##super);\
1875  rb_define_module_function(mASN1, #name, ossl_asn1_##name, -1);\
1876 }while(0)
1877 
1878  OSSL_ASN1_DEFINE_CLASS(Boolean, Primitive);
1879  OSSL_ASN1_DEFINE_CLASS(Integer, Primitive);
1880  OSSL_ASN1_DEFINE_CLASS(Enumerated, Primitive);
1881  OSSL_ASN1_DEFINE_CLASS(BitString, Primitive);
1882  OSSL_ASN1_DEFINE_CLASS(OctetString, Primitive);
1883  OSSL_ASN1_DEFINE_CLASS(UTF8String, Primitive);
1884  OSSL_ASN1_DEFINE_CLASS(NumericString, Primitive);
1885  OSSL_ASN1_DEFINE_CLASS(PrintableString, Primitive);
1886  OSSL_ASN1_DEFINE_CLASS(T61String, Primitive);
1887  OSSL_ASN1_DEFINE_CLASS(VideotexString, Primitive);
1888  OSSL_ASN1_DEFINE_CLASS(IA5String, Primitive);
1889  OSSL_ASN1_DEFINE_CLASS(GraphicString, Primitive);
1890  OSSL_ASN1_DEFINE_CLASS(ISO64String, Primitive);
1891  OSSL_ASN1_DEFINE_CLASS(GeneralString, Primitive);
1892  OSSL_ASN1_DEFINE_CLASS(UniversalString, Primitive);
1893  OSSL_ASN1_DEFINE_CLASS(BMPString, Primitive);
1894  OSSL_ASN1_DEFINE_CLASS(Null, Primitive);
1895  OSSL_ASN1_DEFINE_CLASS(ObjectId, Primitive);
1896  OSSL_ASN1_DEFINE_CLASS(UTCTime, Primitive);
1897  OSSL_ASN1_DEFINE_CLASS(GeneralizedTime, Primitive);
1898 
1899  OSSL_ASN1_DEFINE_CLASS(Sequence, Constructive);
1900  OSSL_ASN1_DEFINE_CLASS(Set, Constructive);
1901 
1902  OSSL_ASN1_DEFINE_CLASS(EndOfContent, Data);
1903 
1904  rb_define_singleton_method(cASN1ObjectId, "register", ossl_asn1obj_s_register, 3);
1905  rb_define_method(cASN1ObjectId, "sn", ossl_asn1obj_get_sn, 0);
1906  rb_define_method(cASN1ObjectId, "ln", ossl_asn1obj_get_ln, 0);
1907  rb_define_method(cASN1ObjectId, "oid", ossl_asn1obj_get_oid, 0);
1908  rb_define_alias(cASN1ObjectId, "short_name", "sn");
1909  rb_define_alias(cASN1ObjectId, "long_name", "ln");
1910  rb_attr(cASN1BitString, rb_intern("unused_bits"), 1, 1, 0);
1911 
1912  rb_define_method(cASN1EndOfContent, "initialize", ossl_asn1eoc_initialize, 0);
1913 
1914  class_tag_map = rb_hash_new();
1915  rb_hash_aset(class_tag_map, cASN1EndOfContent, INT2NUM(V_ASN1_EOC));
1916  rb_hash_aset(class_tag_map, cASN1Boolean, INT2NUM(V_ASN1_BOOLEAN));
1917  rb_hash_aset(class_tag_map, cASN1Integer, INT2NUM(V_ASN1_INTEGER));
1918  rb_hash_aset(class_tag_map, cASN1BitString, INT2NUM(V_ASN1_BIT_STRING));
1919  rb_hash_aset(class_tag_map, cASN1OctetString, INT2NUM(V_ASN1_OCTET_STRING));
1920  rb_hash_aset(class_tag_map, cASN1Null, INT2NUM(V_ASN1_NULL));
1921  rb_hash_aset(class_tag_map, cASN1ObjectId, INT2NUM(V_ASN1_OBJECT));
1922  rb_hash_aset(class_tag_map, cASN1Enumerated, INT2NUM(V_ASN1_ENUMERATED));
1923  rb_hash_aset(class_tag_map, cASN1UTF8String, INT2NUM(V_ASN1_UTF8STRING));
1924  rb_hash_aset(class_tag_map, cASN1Sequence, INT2NUM(V_ASN1_SEQUENCE));
1925  rb_hash_aset(class_tag_map, cASN1Set, INT2NUM(V_ASN1_SET));
1926  rb_hash_aset(class_tag_map, cASN1NumericString, INT2NUM(V_ASN1_NUMERICSTRING));
1927  rb_hash_aset(class_tag_map, cASN1PrintableString, INT2NUM(V_ASN1_PRINTABLESTRING));
1928  rb_hash_aset(class_tag_map, cASN1T61String, INT2NUM(V_ASN1_T61STRING));
1929  rb_hash_aset(class_tag_map, cASN1VideotexString, INT2NUM(V_ASN1_VIDEOTEXSTRING));
1930  rb_hash_aset(class_tag_map, cASN1IA5String, INT2NUM(V_ASN1_IA5STRING));
1931  rb_hash_aset(class_tag_map, cASN1UTCTime, INT2NUM(V_ASN1_UTCTIME));
1932  rb_hash_aset(class_tag_map, cASN1GeneralizedTime, INT2NUM(V_ASN1_GENERALIZEDTIME));
1933  rb_hash_aset(class_tag_map, cASN1GraphicString, INT2NUM(V_ASN1_GRAPHICSTRING));
1934  rb_hash_aset(class_tag_map, cASN1ISO64String, INT2NUM(V_ASN1_ISO64STRING));
1935  rb_hash_aset(class_tag_map, cASN1GeneralString, INT2NUM(V_ASN1_GENERALSTRING));
1936  rb_hash_aset(class_tag_map, cASN1UniversalString, INT2NUM(V_ASN1_UNIVERSALSTRING));
1937  rb_hash_aset(class_tag_map, cASN1BMPString, INT2NUM(V_ASN1_BMPSTRING));
1938  rb_global_variable(&class_tag_map);
1939 }
1940