1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
|
.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "ASN1_AUX_CB 3ossl"
.TH ASN1_AUX_CB 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
ASN1_AUX, ASN1_PRINT_ARG, ASN1_STREAM_ARG, ASN1_aux_cb, ASN1_aux_const_cb
\&\- ASN.1 auxiliary data
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/asn1t.h>
\&
\& struct ASN1_AUX_st {
\& void *app_data;
\& int flags;
\& int ref_offset; /* Offset of reference value */
\& int ref_lock; /* Offset to an CRYPTO_RWLOCK */
\& ASN1_aux_cb *asn1_cb;
\& int enc_offset; /* Offset of ASN1_ENCODING structure */
\& ASN1_aux_const_cb *asn1_const_cb; /* for ASN1_OP_I2D_ and ASN1_OP_PRINT_ */
\& };
\& typedef struct ASN1_AUX_st ASN1_AUX;
\&
\& struct ASN1_PRINT_ARG_st {
\& BIO *out;
\& int indent;
\& const ASN1_PCTX *pctx;
\& };
\& typedef struct ASN1_PRINT_ARG_st ASN1_PRINT_ARG;
\&
\& struct ASN1_STREAM_ARG_st {
\& BIO *out;
\& BIO *ndef_bio;
\& unsigned char **boundary;
\& };
\& typedef struct ASN1_STREAM_ARG_st ASN1_STREAM_ARG;
\&
\& typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
\& void *exarg);
\& typedef int ASN1_aux_const_cb(int operation, const ASN1_VALUE **in,
\& const ASN1_ITEM *it, void *exarg);
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
\&\s-1ASN.1\s0 data structures can be associated with an \fB\s-1ASN1_AUX\s0\fR object to supply
additional information about the \s-1ASN.1\s0 structure. An \fB\s-1ASN1_AUX\s0\fR structure is
associated with the structure during the definition of the \s-1ASN.1\s0 template. For
example an \fB\s-1ASN1_AUX\s0\fR structure will be associated by using one of the various
\&\s-1ASN.1\s0 template definition macros that supply auxiliary information such as
\&\fBASN1_SEQUENCE_enc()\fR, \fBASN1_SEQUENCE_ref()\fR, \fBASN1_SEQUENCE_cb_const_cb()\fR,
\&\fBASN1_SEQUENCE_const_cb()\fR, \fBASN1_SEQUENCE_cb()\fR or \fBASN1_NDEF_SEQUENCE_cb()\fR.
.PP
An \fB\s-1ASN1_AUX\s0\fR structure contains the following information.
.IP "\fIapp_data\fR" 4
.IX Item "app_data"
Arbitrary application data
.IP "\fIflags\fR" 4
.IX Item "flags"
Flags which indicate the auxiliarly functionality supported.
.Sp
The \fB\s-1ASN1_AFLG_REFCOUNT\s0\fR flag indicates that objects support reference counting.
.Sp
The \fB\s-1ASN1_AFLG_ENCODING\s0\fR flag indicates that the original encoding of the
object will be saved.
.Sp
The \fB\s-1ASN1_AFLG_BROKEN\s0\fR flag is a work around for broken encoders where the
sequence length value may not be correct. This should generally not be used.
.Sp
The \fB\s-1ASN1_AFLG_CONST_CB\s0\fR flag indicates that the \*(L"const\*(R" form of the
\&\fB\s-1ASN1_AUX\s0\fR callback should be used in preference to the non-const form.
.IP "\fIref_offset\fR" 4
.IX Item "ref_offset"
If the \fB\s-1ASN1_AFLG_REFCOUNT\s0\fR flag is set then this value is assumed to be an
offset into the \fB\s-1ASN1_VALUE\s0\fR structure where a \fB\s-1CRYPTO_REF_COUNT\s0\fR may be
found for the purposes of reference counting.
.IP "\fIref_lock\fR" 4
.IX Item "ref_lock"
If the \fB\s-1ASN1_AFLG_REFCOUNT\s0\fR flag is set then this value is assumed to be an
offset into the \fB\s-1ASN1_VALUE\s0\fR structure where a \fB\s-1CRYPTO_RWLOCK\s0\fR may be
found for the purposes of reference counting.
.IP "\fIasn1_cb\fR" 4
.IX Item "asn1_cb"
A callback that will be invoked at various points during the processing of
the the \fB\s-1ASN1_VALLUE\s0\fR. See below for further details.
.IP "\fIenc_offset\fR" 4
.IX Item "enc_offset"
Offset into the \fB\s-1ASN1_VALUE\s0\fR object where the original encoding of the object
will be saved if the \fB\s-1ASN1_AFLG_ENCODING\s0\fR flag has been set.
.IP "\fIasn1_const_cb\fR" 4
.IX Item "asn1_const_cb"
A callback that will be invoked at various points during the processing of
the the \fB\s-1ASN1_VALLUE\s0\fR. This is used in preference to the \fIasn1_cb\fR callback if
the \fB\s-1ASN1_AFLG_CONST_CB\s0\fR flag is set. See below for further details.
.PP
During the processing of an \fB\s-1ASN1_VALUE\s0\fR object the callbacks set via
\&\fIasn1_cb\fR or \fIasn1_const_cb\fR will be invoked as a result of various events
indicated via the \fIoperation\fR parameter. The value of \fI*in\fR will be the
\&\fB\s-1ASN1_VALUE\s0\fR object being processed based on the template in \fIit\fR. An
additional operation specific parameter may be passed in \fIexarg\fR. The currently
supported operations are as follows. The callbacks should return a positive
value on success or zero on error, unless otherwise noted below.
.IP "\fB\s-1ASN1_OP_NEW_PRE\s0\fR" 4
.IX Item "ASN1_OP_NEW_PRE"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
prior to an \fB\s-1ASN1_VALUE\s0\fR object being allocated. The callback may allocate the
\&\fB\s-1ASN1_VALUE\s0\fR itself and store it in \fI*pval\fR. If it does so it should return 2
from the callback. On error it should return 0.
.IP "\fB\s-1ASN1_OP_NEW_POST\s0\fR" 4
.IX Item "ASN1_OP_NEW_POST"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
after an \fB\s-1ASN1_VALUE\s0\fR object has been allocated. The allocated object is in
\&\fI*pval\fR.
.IP "\fB\s-1ASN1_OP_FREE_PRE\s0\fR" 4
.IX Item "ASN1_OP_FREE_PRE"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
immediately before an \fB\s-1ASN1_VALUE\s0\fR is freed. If the callback originally
constructed the \fB\s-1ASN1_VALUE\s0\fR via \fB\s-1ASN1_OP_NEW_PRE\s0\fR then it should free it at
this point and return 2 from the callback. Otherwise it should return 1 for
success or 0 on error.
.IP "\fB\s-1ASN1_OP_FREE_POST\s0\fR" 4
.IX Item "ASN1_OP_FREE_POST"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
immediately after \fB\s-1ASN1_VALUE\s0\fR sub-structures are freed.
.IP "\fB\s-1ASN1_OP_D2I_PRE\s0\fR" 4
.IX Item "ASN1_OP_D2I_PRE"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
immediately before a \*(L"d2i\*(R" operation for the \fB\s-1ASN1_VALUE\s0\fR.
.IP "\fB\s-1ASN1_OP_D2I_POST\s0\fR" 4
.IX Item "ASN1_OP_D2I_POST"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
immediately after a \*(L"d2i\*(R" operation for the \fB\s-1ASN1_VALUE\s0\fR.
.IP "\fB\s-1ASN1_OP_I2D_PRE\s0\fR" 4
.IX Item "ASN1_OP_I2D_PRE"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
immediately before a \*(L"i2d\*(R" operation for the \fB\s-1ASN1_VALUE\s0\fR.
.IP "\fB\s-1ASN1_OP_I2D_POST\s0\fR" 4
.IX Item "ASN1_OP_I2D_POST"
Invoked when processing a \fB\s-1CHOICE\s0\fR, \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure
immediately after a \*(L"i2d\*(R" operation for the \fB\s-1ASN1_VALUE\s0\fR.
.IP "\fB\s-1ASN1_OP_PRINT_PRE\s0\fR" 4
.IX Item "ASN1_OP_PRINT_PRE"
Invoked when processing a \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure immediately
before printing the \fB\s-1ASN1_VALUE\s0\fR. The \fIexarg\fR argument will be a pointer to an
\&\fB\s-1ASN1_PRINT_ARG\s0\fR structure (see below).
.IP "\fB\s-1ASN1_OP_PRINT_POST\s0\fR" 4
.IX Item "ASN1_OP_PRINT_POST"
Invoked when processing a \fB\s-1SEQUENCE\s0\fR or \fB\s-1NDEF_SEQUENCE\s0\fR structure immediately
after printing the \fB\s-1ASN1_VALUE\s0\fR. The \fIexarg\fR argument will be a pointer to an
\&\fB\s-1ASN1_PRINT_ARG\s0\fR structure (see below).
.IP "\fB\s-1ASN1_OP_STREAM_PRE\s0\fR" 4
.IX Item "ASN1_OP_STREAM_PRE"
Invoked immediately prior to streaming the \fB\s-1ASN1_VALUE\s0\fR data using indefinite
length encoding. The \fIexarg\fR argument will be a pointer to a \fB\s-1ASN1_STREAM_ARG\s0\fR
structure (see below).
.IP "\fB\s-1ASN1_OP_STREAM_POST\s0\fR" 4
.IX Item "ASN1_OP_STREAM_POST"
Invoked immediately after streaming the \fB\s-1ASN1_VALUE\s0\fR data using indefinite
length encoding. The \fIexarg\fR argument will be a pointer to a \fB\s-1ASN1_STREAM_ARG\s0\fR
structure (see below).
.IP "\fB\s-1ASN1_OP_DETACHED_PRE\s0\fR" 4
.IX Item "ASN1_OP_DETACHED_PRE"
Invoked immediately prior to processing the \fB\s-1ASN1_VALUE\s0\fR data as a \*(L"detached\*(R"
value (as used in \s-1CMS\s0 and \s-1PKCS7\s0). The \fIexarg\fR argument will be a pointer to a
\&\fB\s-1ASN1_STREAM_ARG\s0\fR structure (see below).
.IP "\fB\s-1ASN1_OP_DETACHED_POST\s0\fR" 4
.IX Item "ASN1_OP_DETACHED_POST"
Invoked immediately after processing the \fB\s-1ASN1_VALUE\s0\fR data as a \*(L"detached\*(R"
value (as used in \s-1CMS\s0 and \s-1PKCS7\s0). The \fIexarg\fR argument will be a pointer to a
\&\fB\s-1ASN1_STREAM_ARG\s0\fR structure (see below).
.IP "\fB\s-1ASN1_OP_DUP_PRE\s0\fR" 4
.IX Item "ASN1_OP_DUP_PRE"
Invoked immediate prior to an \s-1ASN1_VALUE\s0 being duplicated via a call to
\&\fBASN1_item_dup()\fR.
.IP "\fB\s-1ASN1_OP_DUP_POST\s0\fR" 4
.IX Item "ASN1_OP_DUP_POST"
Invoked immediate after to an \s-1ASN1_VALUE\s0 has been duplicated via a call to
\&\fBASN1_item_dup()\fR.
.IP "\fB\s-1ASN1_OP_GET0_LIBCTX\s0\fR" 4
.IX Item "ASN1_OP_GET0_LIBCTX"
Invoked in order to obtain the \fB\s-1OSSL_LIB_CTX\s0\fR associated with an \fB\s-1ASN1_VALUE\s0\fR
if any. A pointer to an \fB\s-1OSSL_LIB_CTX\s0\fR should be stored in \fI*exarg\fR if such
a value exists.
.IP "\fB\s-1ASN1_OP_GET0_PROPQ\s0\fR" 4
.IX Item "ASN1_OP_GET0_PROPQ"
Invoked in order to obtain the property query string associated with an
\&\fB\s-1ASN1_VALUE\s0\fR if any. A pointer to the property query string should be stored in
\&\fI*exarg\fR if such a value exists.
.PP
An \fB\s-1ASN1_PRINT_ARG\s0\fR object is used during processing of \fB\s-1ASN1_OP_PRINT_PRE\s0\fR
and \fB\s-1ASN1_OP_PRINT_POST\s0\fR callback operations. It contains the following
information.
.IP "\fIout\fR" 4
.IX Item "out"
The \fB\s-1BIO\s0\fR being used to print the data out.
.IP "\fIndef_bio\fR" 4
.IX Item "ndef_bio"
The current number of indent spaces that should be used for printing this data.
.IP "\fIpctx\fR" 4
.IX Item "pctx"
The context for the \fB\s-1ASN1_PCTX\s0\fR operation.
.PP
An \fB\s-1ASN1_STREAM_ARG\s0\fR object is used during processing of \fB\s-1ASN1_OP_STREAM_PRE\s0\fR,
\&\fB\s-1ASN1_OP_STREAM_POST\s0\fR, \fB\s-1ASN1_OP_DETACHED_PRE\s0\fR and \fB\s-1ASN1_OP_DETACHED_POST\s0\fR
callback operations. It contains the following information.
.IP "\fIout\fR" 4
.IX Item "out"
The \fB\s-1BIO\s0\fR to stream through
.IP "\fIndef_bio\fR" 4
.IX Item "ndef_bio"
The \fB\s-1BIO\s0\fR with filters appended
.IP "\fIboundary\fR" 4
.IX Item "boundary"
The streaming I/O boundary.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
The callbacks return 0 on error and a positive value on success. Some operations
require specific positive success values as noted above.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBASN1_item_new_ex\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
The \fBASN1_aux_const_cb()\fR callback and the \fB\s-1ASN1_OP_GET0_LIBCTX\s0\fR and
\&\fB\s-1ASN1_OP_GET0_PROPQ\s0\fR operation types were added in OpenSSL 3.0.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.
|
