summaryrefslogtreecommitdiffstats
path: root/doc/man3/ASN1_aux_cb.pod
blob: 9ded162744ca7e2f4c735579132cd8827d537feb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
=pod

=head1 NAME

ASN1_AUX, ASN1_PRINT_ARG, ASN1_STREAM_ARG, ASN1_aux_cb, ASN1_aux_const_cb
- ASN.1 auxiliary data

=head1 SYNOPSIS

 #include <openssl/asn1t.h>

 struct ASN1_AUX_st {
     void *app_data;
     int flags;
     int ref_offset;             /* Offset of reference value */
     int ref_lock;               /* Offset to an CRYPTO_RWLOCK */
     ASN1_aux_cb *asn1_cb;
     int enc_offset;             /* Offset of ASN1_ENCODING structure */
     ASN1_aux_const_cb *asn1_const_cb; /* for ASN1_OP_I2D_ and ASN1_OP_PRINT_ */
 };
 typedef struct ASN1_AUX_st ASN1_AUX;

 struct ASN1_PRINT_ARG_st {
     BIO *out;
     int indent;
     const ASN1_PCTX *pctx;
 };
 typedef struct ASN1_PRINT_ARG_st ASN1_PRINT_ARG;

 struct ASN1_STREAM_ARG_st {
     BIO *out;
     BIO *ndef_bio;
     unsigned char **boundary;
 };
 typedef struct ASN1_STREAM_ARG_st ASN1_STREAM_ARG;

 typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
                         void *exarg);
 typedef int ASN1_aux_const_cb(int operation, const ASN1_VALUE **in,
                               const ASN1_ITEM *it, void *exarg);

=head1 DESCRIPTION

ASN.1 data structures can be associated with an B<ASN1_AUX> object to supply
additional information about the ASN.1 structure. An B<ASN1_AUX> structure is
associated with the structure during the definition of the ASN.1 template. For
example an B<ASN1_AUX> structure will be associated by using one of the various
ASN.1 template definition macros that supply auxiliary information such as
ASN1_SEQUENCE_enc(), ASN1_SEQUENCE_ref(), ASN1_SEQUENCE_cb_const_cb(),
ASN1_SEQUENCE_const_cb(), ASN1_SEQUENCE_cb() or ASN1_NDEF_SEQUENCE_cb().

An B<ASN1_AUX> structure contains the following information.

=over 4

=item I<app_data>

Arbitrary application data

=item I<flags>

Flags which indicate the auxiliarly functionality supported.

The B<ASN1_AFLG_REFCOUNT> flag indicates that objects support reference counting.

The B<ASN1_AFLG_ENCODING> flag indicates that the original encoding of the
object will be saved.

The B<ASN1_AFLG_BROKEN> flag is a work around for broken encoders where the
sequence length value may not be correct. This should generally not be used.

The B<ASN1_AFLG_CONST_CB> flag indicates that the "const" form of the
B<ASN1_AUX> callback should be used in preference to the non-const form.

=item I<ref_offset>

If the B<ASN1_AFLG_REFCOUNT> flag is set then this value is assumed to be an
offset into the B<ASN1_VALUE> structure where a B<CRYPTO_REF_COUNT> may be
found for the purposes of reference counting.

=item I<ref_lock>

If the B<ASN1_AFLG_REFCOUNT> flag is set then this value is assumed to be an
offset into the B<ASN1_VALUE> structure where a B<CRYPTO_RWLOCK> may be
found for the purposes of reference counting.

=item I<asn1_cb>

A callback that will be invoked at various points during the processing of
the B<ASN1_VALUE>. See below for further details.

=item I<enc_offset>

Offset into the B<ASN1_VALUE> object where the original encoding of the object
will be saved if the B<ASN1_AFLG_ENCODING> flag has been set.

=item I<asn1_const_cb>

A callback that will be invoked at various points during the processing of
the B<ASN1_VALUE>. This is used in preference to the I<asn1_cb> callback if
the B<ASN1_AFLG_CONST_CB> flag is set. See below for further details.

=back

During the processing of an B<ASN1_VALUE> object the callbacks set via
I<asn1_cb> or I<asn1_const_cb> will be invoked as a result of various events
indicated via the I<operation> parameter. The value of I<*in> will be the
B<ASN1_VALUE> object being processed based on the template in I<it>. An
additional operation specific parameter may be passed in I<exarg>. The currently
supported operations are as follows. The callbacks should return a positive
value on success or zero on error, unless otherwise noted below.

=over 4

=item B<ASN1_OP_NEW_PRE>

Invoked when processing a B<CHOICE>, B<SEQUENCE> or B<NDEF_SEQUENCE> structure
prior to an B<ASN1_VALUE> object being allocated. The callback may allocate the
B<ASN1_VALUE> itself and store it in I<*pval>. If it does so it should return 2
from the callback. On error it should return 0.

=item B<ASN1_OP_NEW_POST>

Invoked when processing a B<CHOICE>, B<SEQUENCE> or B<NDEF_SEQUENCE> structure
after an B<ASN1_VALUE> object has been allocated. The allocated object is in
I<*pval>.

=item B<ASN1_OP_FREE_PRE>

Invoked when processing a B<CHOICE>, B<SEQUENCE> or B<NDEF_SEQUENCE> structure
immediately before an B<ASN1_VALUE> is freed. If the callback originally
constructed the B<ASN1_VALUE> via B<ASN1_OP_NEW_PRE> then it should free it at
this point and return 2 from the callback. Otherwise it should return 1 for
success or 0 on error.

=item B<ASN1_OP_FREE_POST>

Invoked when processing a B<CHOICE>, B<SEQUENCE> or B<NDEF_SEQUENCE> structure
immediately after B<ASN1_VALUE> sub-structures are freed.

=item B<ASN1_OP_D2I_PRE>

Invoked when processing a B<CHOICE>, B<SEQUENCE> or B<NDEF_SEQUENCE> structure
immediately before a "d2i" operation for the B<ASN1_VALUE>.

=item B<ASN1_OP_D2I_POST>

Invoked when processing a B<CHOICE>, B<SEQUENCE> or B<NDEF_SEQUENCE> structure
immediately after a "d2i" operation for the B<ASN1_VALUE>.

=item B<ASN1_OP_I2D_PRE>

Invoked when processing a B<CHOICE>, B<SEQUENCE> or B<NDEF_SEQUENCE> structure
immediately before a "i2d" operation for the B<ASN1_VALUE>.

=item B<ASN1_OP_I2D_POST>

Invoked when processing a B<CHOICE>, B<SEQUENCE> or B<NDEF_SEQUENCE> structure
immediately after a "i2d" operation for the B<ASN1_VALUE>.

=item B<ASN1_OP_PRINT_PRE>

Invoked when processing a B<SEQUENCE> or B<NDEF_SEQUENCE> structure immediately
before printing the B<ASN1_VALUE>. The I<exarg> argument will be a pointer to an
B<ASN1_PRINT_ARG> structure (see below).

=item B<ASN1_OP_PRINT_POST>

Invoked when processing a B<SEQUENCE> or B<NDEF_SEQUENCE> structure immediately
after printing the B<ASN1_VALUE>. The I<exarg> argument will be a pointer to an
B<ASN1_PRINT_ARG> structure (see below).

=item B<ASN1_OP_STREAM_PRE>

Invoked immediately prior to streaming the B<ASN1_VALUE> data using indefinite
length encoding. The I<exarg> argument will be a pointer to a B<ASN1_STREAM_ARG>
structure (see below).

=item B<ASN1_OP_STREAM_POST>

Invoked immediately after streaming the B<ASN1_VALUE> data using indefinite
length encoding. The I<exarg> argument will be a pointer to a B<ASN1_STREAM_ARG>
structure (see below).

=item B<ASN1_OP_DETACHED_PRE>

Invoked immediately prior to processing the B<ASN1_VALUE> data as a "detached"
value (as used in CMS and PKCS7). The I<exarg> argument will be a pointer to a
B<ASN1_STREAM_ARG> structure (see below).

=item B<ASN1_OP_DETACHED_POST>

Invoked immediately after processing the B<ASN1_VALUE> data as a "detached"
value (as used in CMS and PKCS7). The I<exarg> argument will be a pointer to a
B<ASN1_STREAM_ARG> structure (see below).

=item B<ASN1_OP_DUP_PRE>

Invoked immediate prior to an ASN1_VALUE being duplicated via a call to
ASN1_item_dup().

=item B<ASN1_OP_DUP_POST>

Invoked immediate after to an ASN1_VALUE has been duplicated via a call to
ASN1_item_dup().

=item B<ASN1_OP_GET0_LIBCTX>

Invoked in order to obtain the B<OSSL_LIB_CTX> associated with an B<ASN1_VALUE>
if any. A pointer to an B<OSSL_LIB_CTX> should be stored in I<*exarg> if such
a value exists.

=item B<ASN1_OP_GET0_PROPQ>

Invoked in order to obtain the property query string associated with an
B<ASN1_VALUE> if any. A pointer to the property query string should be stored in
I<*exarg> if such a value exists.

=back

An B<ASN1_PRINT_ARG> object is used during processing of B<ASN1_OP_PRINT_PRE>
and B<ASN1_OP_PRINT_POST> callback operations. It contains the following
information.

=over 4

=item I<out>

The B<BIO> being used to print the data out.

=item I<ndef_bio>

The current number of indent spaces that should be used for printing this data.

=item I<pctx>

The context for the B<ASN1_PCTX> operation.

=back

An B<ASN1_STREAM_ARG> object is used during processing of B<ASN1_OP_STREAM_PRE>,
B<ASN1_OP_STREAM_POST>, B<ASN1_OP_DETACHED_PRE> and B<ASN1_OP_DETACHED_POST>
callback operations. It contains the following information.

=over 4

=item I<out>

The B<BIO> to stream through

=item I<ndef_bio>

The B<BIO> with filters appended

=item I<boundary>

The streaming I/O boundary.

=back

=head1 RETURN VALUES

The callbacks return 0 on error and a positive value on success. Some operations
require specific positive success values as noted above.

=head1 SEE ALSO

L<ASN1_item_new_ex(3)>

=head1 HISTORY

The ASN1_aux_const_cb() callback and the B<ASN1_OP_GET0_LIBCTX> and
B<ASN1_OP_GET0_PROPQ> operation types were added in OpenSSL 3.0.

=head1 COPYRIGHT

Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut