Support routines for ASN1 scanning function, doesn't do much yet.

[oweals/openssl.git] / crypto / asn1 / asn1_locl.h

diff --git a/crypto/asn1/asn1_locl.h b/crypto/asn1/asn1_locl.h
index 099690203a07499dd76fae9c451dd8970b5fc5e1..c4c0c9d41e28e645bac49c08146abe3d47f19c95 100644 (file)
--- a/crypto/asn1/asn1_locl.h
+++ b/crypto/asn1/asn1_locl.h
@@ -1,5 +1,5 @@
 /* asn1t.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
 /* ====================================================================
@@ -69,6 +69,32 @@ struct asn1_pctx_st
        unsigned long str_flags;
        } /* ASN1_PCTX */;
 
+/* ASN1 scan context structure */
+
+struct asn1_sctx_st
+       {
+       /* The ASN1_ITEM associated with this field */
+       const ASN1_ITEM *it;
+       /* If ASN1_TEMPLATE associated with this field */
+       const ASN1_TEMPLATE *tt;
+       /* Various flags associated with field and context */
+       unsigned long flags;
+       /* If SEQUENCE OF or SET OF, field index */
+       int skidx;
+       /* ASN1 depth of field */
+       int depth;
+       /* Structure and field name */
+       const char *sname, *fname;
+       /* If a primitive type the type of underlying field */
+       int prim_type;
+       /* The field value itself */
+       ASN1_VALUE **field;
+       /* Callback to pass information to */
+       int (*scan_cb)(ASN1_SCTX *ctx);
+       /* Context specific application data */
+       void *app_data;
+       } /* ASN1_SCTX */;
+
 /* ASN1 public key method structure */
 
 struct evp_pkey_asn1_method_st
@@ -102,6 +128,10 @@ struct evp_pkey_asn1_method_st
        int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b);
        int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
                                                        ASN1_PCTX *pctx);
+       int (*sig_print)(BIO *out,
+                        const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                                        int indent, ASN1_PCTX *pctx);
+
 
        void (*pkey_free)(EVP_PKEY *pkey);
        int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2);
@@ -111,5 +141,31 @@ struct evp_pkey_asn1_method_st
        int (*old_priv_decode)(EVP_PKEY *pkey,
                                const unsigned char **pder, int derlen);
        int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder);
+       /* Custom ASN1 signature verification */
+       int (*item_verify)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                               X509_ALGOR *a, ASN1_BIT_STRING *sig,
+                               EVP_PKEY *pkey);
+       int (*item_sign)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                               X509_ALGOR *alg1, X509_ALGOR *alg2, 
+                               ASN1_BIT_STRING *sig);
 
        } /* EVP_PKEY_ASN1_METHOD */;
+
+/* Method to handle CRL access.
+ * In general a CRL could be very large (several Mb) and can consume large
+ * amounts of resources if stored in memory by multiple processes.
+ * This method allows general CRL operations to be redirected to more
+ * efficient callbacks: for example a CRL entry database.
+ */
+
+#define X509_CRL_METHOD_DYNAMIC                1
+
+struct x509_crl_method_st
+       {
+       int flags;
+       int (*crl_init)(X509_CRL *crl);
+       int (*crl_free)(X509_CRL *crl);
+       int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
+                               ASN1_INTEGER *ser, X509_NAME *issuer);
+       int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk);
+       };