ASN1_generate_nconf.3ossl 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382
  1. .\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
  2. .\"
  3. .\" Standard preamble:
  4. .\" ========================================================================
  5. .de Sp \" Vertical space (when we can't use .PP)
  6. .if t .sp .5v
  7. .if n .sp
  8. ..
  9. .de Vb \" Begin verbatim text
  10. .ft CW
  11. .nf
  12. .ne \\$1
  13. ..
  14. .de Ve \" End verbatim text
  15. .ft R
  16. .fi
  17. ..
  18. .\" Set up some character translations and predefined strings. \*(-- will
  19. .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
  20. .\" double quote, and \*(R" will give a right double quote. \*(C+ will
  21. .\" give a nicer C++. Capital omega is used to do unbreakable dashes and
  22. .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
  23. .\" nothing in troff, for use with C<>.
  24. .tr \(*W-
  25. .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
  26. .ie n \{\
  27. . ds -- \(*W-
  28. . ds PI pi
  29. . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
  30. . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
  31. . ds L" ""
  32. . ds R" ""
  33. . ds C` ""
  34. . ds C' ""
  35. 'br\}
  36. .el\{\
  37. . ds -- \|\(em\|
  38. . ds PI \(*p
  39. . ds L" ``
  40. . ds R" ''
  41. . ds C`
  42. . ds C'
  43. 'br\}
  44. .\"
  45. .\" Escape single quotes in literal strings from groff's Unicode transform.
  46. .ie \n(.g .ds Aq \(aq
  47. .el .ds Aq '
  48. .\"
  49. .\" If the F register is >0, we'll generate index entries on stderr for
  50. .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
  51. .\" entries marked with X<> in POD. Of course, you'll have to process the
  52. .\" output yourself in some meaningful fashion.
  53. .\"
  54. .\" Avoid warning from groff about undefined register 'F'.
  55. .de IX
  56. ..
  57. .nr rF 0
  58. .if \n(.g .if rF .nr rF 1
  59. .if (\n(rF:(\n(.g==0)) \{\
  60. . if \nF \{\
  61. . de IX
  62. . tm Index:\\$1\t\\n%\t"\\$2"
  63. ..
  64. . if !\nF==2 \{\
  65. . nr % 0
  66. . nr F 2
  67. . \}
  68. . \}
  69. .\}
  70. .rr rF
  71. .\"
  72. .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
  73. .\" Fear. Run. Save yourself. No user-serviceable parts.
  74. . \" fudge factors for nroff and troff
  75. .if n \{\
  76. . ds #H 0
  77. . ds #V .8m
  78. . ds #F .3m
  79. . ds #[ \f1
  80. . ds #] \fP
  81. .\}
  82. .if t \{\
  83. . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
  84. . ds #V .6m
  85. . ds #F 0
  86. . ds #[ \&
  87. . ds #] \&
  88. .\}
  89. . \" simple accents for nroff and troff
  90. .if n \{\
  91. . ds ' \&
  92. . ds ` \&
  93. . ds ^ \&
  94. . ds , \&
  95. . ds ~ ~
  96. . ds /
  97. .\}
  98. .if t \{\
  99. . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
  100. . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
  101. . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
  102. . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
  103. . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
  104. . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
  105. .\}
  106. . \" troff and (daisy-wheel) nroff accents
  107. .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
  108. .ds 8 \h'\*(#H'\(*b\h'-\*(#H'
  109. .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
  110. .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
  111. .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
  112. .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
  113. .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
  114. .ds ae a\h'-(\w'a'u*4/10)'e
  115. .ds Ae A\h'-(\w'A'u*4/10)'E
  116. . \" corrections for vroff
  117. .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
  118. .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
  119. . \" for low resolution devices (crt and lpr)
  120. .if \n(.H>23 .if \n(.V>19 \
  121. \{\
  122. . ds : e
  123. . ds 8 ss
  124. . ds o a
  125. . ds d- d\h'-1'\(ga
  126. . ds D- D\h'-1'\(hy
  127. . ds th \o'bp'
  128. . ds Th \o'LP'
  129. . ds ae ae
  130. . ds Ae AE
  131. .\}
  132. .rm #[ #] #H #V #F C
  133. .\" ========================================================================
  134. .\"
  135. .IX Title "ASN1_GENERATE_NCONF 3ossl"
  136. .TH ASN1_GENERATE_NCONF 3ossl "2024-09-03" "3.3.2" "OpenSSL"
  137. .\" For nroff, turn off justification. Always turn off hyphenation; it makes
  138. .\" way too many mistakes in technical documents.
  139. .if n .ad l
  140. .nh
  141. .SH "NAME"
  142. ASN1_generate_nconf, ASN1_generate_v3 \- ASN1 string generation functions
  143. .SH "SYNOPSIS"
  144. .IX Header "SYNOPSIS"
  145. .Vb 1
  146. \& #include <openssl/asn1.h>
  147. \&
  148. \& ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf);
  149. \& ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf);
  150. .Ve
  151. .SH "DESCRIPTION"
  152. .IX Header "DESCRIPTION"
  153. These functions generate the \s-1ASN1\s0 encoding of a string
  154. in an \fB\s-1ASN1_TYPE\s0\fR structure.
  155. .PP
  156. \&\fIstr\fR contains the string to encode. \fInconf\fR or \fIcnf\fR contains
  157. the optional configuration information where additional strings
  158. will be read from. \fInconf\fR will typically come from a config
  159. file whereas \fIcnf\fR is obtained from an \fBX509V3_CTX\fR structure,
  160. which will typically be used by X509 v3 certificate extension
  161. functions. \fIcnf\fR or \fInconf\fR can be set to \s-1NULL\s0 if no additional
  162. configuration will be used.
  163. .SH "GENERATION STRING FORMAT"
  164. .IX Header "GENERATION STRING FORMAT"
  165. The actual data encoded is determined by the string \fIstr\fR and
  166. the configuration information. The general format of the string
  167. is:
  168. .IP "[\fImodifier\fR,]\fItype\fR[:\fIvalue\fR]" 4
  169. .IX Item "[modifier,]type[:value]"
  170. .PP
  171. That is zero or more comma separated modifiers followed by a type
  172. followed by an optional colon and a value. The formats of \fItype\fR,
  173. \&\fIvalue\fR and \fImodifier\fR are explained below.
  174. .SS "Supported Types"
  175. .IX Subsection "Supported Types"
  176. The supported types are listed below.
  177. Case is not significant in the type names.
  178. Unless otherwise specified only the \fB\s-1ASCII\s0\fR format is permissible.
  179. .IP "\fB\s-1BOOLEAN\s0\fR, \fB\s-1BOOL\s0\fR" 4
  180. .IX Item "BOOLEAN, BOOL"
  181. This encodes a boolean type. The \fIvalue\fR string is mandatory and
  182. should be \fB\s-1TRUE\s0\fR or \fB\s-1FALSE\s0\fR. Additionally \fB\s-1TRUE\s0\fR, \fBtrue\fR, \fBY\fR,
  183. \&\fBy\fR, \fB\s-1YES\s0\fR, \fByes\fR, \fB\s-1FALSE\s0\fR, \fBfalse\fR, \fBN\fR, \fBn\fR, \fB\s-1NO\s0\fR and \fBno\fR
  184. are acceptable.
  185. .IP "\fB\s-1NULL\s0\fR" 4
  186. .IX Item "NULL"
  187. Encode the \fB\s-1NULL\s0\fR type, the \fIvalue\fR string must not be present.
  188. .IP "\fB\s-1INTEGER\s0\fR, \fB\s-1INT\s0\fR" 4
  189. .IX Item "INTEGER, INT"
  190. Encodes an \s-1ASN1\s0 \fB\s-1INTEGER\s0\fR type. The \fIvalue\fR string represents
  191. the value of the integer, it can be prefaced by a minus sign and
  192. is normally interpreted as a decimal value unless the prefix \fB0x\fR
  193. is included.
  194. .IP "\fB\s-1ENUMERATED\s0\fR, \fB\s-1ENUM\s0\fR" 4
  195. .IX Item "ENUMERATED, ENUM"
  196. Encodes the \s-1ASN1\s0 \fB\s-1ENUMERATED\s0\fR type, it is otherwise identical to
  197. \&\fB\s-1INTEGER\s0\fR.
  198. .IP "\fB\s-1OBJECT\s0\fR, \fB\s-1OID\s0\fR" 4
  199. .IX Item "OBJECT, OID"
  200. Encodes an \s-1ASN1\s0 \fB\s-1OBJECT IDENTIFIER\s0\fR, the \fIvalue\fR string can be
  201. a short name, a long name or numerical format.
  202. .IP "\fB\s-1UTCTIME\s0\fR, \fB\s-1UTC\s0\fR" 4
  203. .IX Item "UTCTIME, UTC"
  204. Encodes an \s-1ASN1\s0 \fBUTCTime\fR structure, the value should be in
  205. the format \fB\s-1YYMMDDHHMMSSZ\s0\fR.
  206. .IP "\fB\s-1GENERALIZEDTIME\s0\fR, \fB\s-1GENTIME\s0\fR" 4
  207. .IX Item "GENERALIZEDTIME, GENTIME"
  208. Encodes an \s-1ASN1\s0 \fBGeneralizedTime\fR structure, the value should be in
  209. the format \fB\s-1YYYYMMDDHHMMSSZ\s0\fR.
  210. .IP "\fB\s-1OCTETSTRING\s0\fR, \fB\s-1OCT\s0\fR" 4
  211. .IX Item "OCTETSTRING, OCT"
  212. Encodes an \s-1ASN1\s0 \fB\s-1OCTET STRING\s0\fR. \fIvalue\fR represents the contents
  213. of this structure, the format strings \fB\s-1ASCII\s0\fR and \fB\s-1HEX\s0\fR can be
  214. used to specify the format of \fIvalue\fR.
  215. .IP "\fB\s-1BITSTRING\s0\fR, \fB\s-1BITSTR\s0\fR" 4
  216. .IX Item "BITSTRING, BITSTR"
  217. Encodes an \s-1ASN1\s0 \fB\s-1BIT STRING\s0\fR. \fIvalue\fR represents the contents
  218. of this structure, the format strings \fB\s-1ASCII\s0\fR, \fB\s-1HEX\s0\fR and \fB\s-1BITLIST\s0\fR
  219. can be used to specify the format of \fIvalue\fR.
  220. .Sp
  221. If the format is anything other than \fB\s-1BITLIST\s0\fR the number of unused
  222. bits is set to zero.
  223. .IP "\fB\s-1UNIVERSALSTRING\s0\fR, \fB\s-1UNIV\s0\fR, \fB\s-1IA5\s0\fR, \fB\s-1IA5STRING\s0\fR, \fB\s-1UTF8\s0\fR, \fBUTF8String\fR, \fB\s-1BMP\s0\fR, \fB\s-1BMPSTRING\s0\fR, \fB\s-1VISIBLESTRING\s0\fR, \fB\s-1VISIBLE\s0\fR, \fB\s-1PRINTABLESTRING\s0\fR, \fB\s-1PRINTABLE\s0\fR, \fBT61\fR, \fBT61STRING\fR, \fB\s-1TELETEXSTRING\s0\fR, \fBGeneralString\fR, \fB\s-1NUMERICSTRING\s0\fR, \fB\s-1NUMERIC\s0\fR" 4
  224. .IX Item "UNIVERSALSTRING, UNIV, IA5, IA5STRING, UTF8, UTF8String, BMP, BMPSTRING, VISIBLESTRING, VISIBLE, PRINTABLESTRING, PRINTABLE, T61, T61STRING, TELETEXSTRING, GeneralString, NUMERICSTRING, NUMERIC"
  225. These encode the corresponding string types. \fIvalue\fR represents the
  226. contents of this structure. The format can be \fB\s-1ASCII\s0\fR or \fB\s-1UTF8\s0\fR.
  227. .IP "\fB\s-1SEQUENCE\s0\fR, \fB\s-1SEQ\s0\fR, \fB\s-1SET\s0\fR" 4
  228. .IX Item "SEQUENCE, SEQ, SET"
  229. Formats the result as an \s-1ASN1\s0 \fB\s-1SEQUENCE\s0\fR or \fB\s-1SET\s0\fR type. \fIvalue\fR
  230. should be a section name which will contain the contents. The
  231. field names in the section are ignored and the values are in the
  232. generated string format. If \fIvalue\fR is absent then an empty \s-1SEQUENCE\s0
  233. will be encoded.
  234. .SS "Modifiers"
  235. .IX Subsection "Modifiers"
  236. Modifiers affect the following structure, they can be used to
  237. add \s-1EXPLICIT\s0 or \s-1IMPLICIT\s0 tagging, add wrappers or to change
  238. the string format of the final type and value. The supported
  239. formats are documented below.
  240. .IP "\fB\s-1EXPLICIT\s0\fR, \fB\s-1EXP\s0\fR" 4
  241. .IX Item "EXPLICIT, EXP"
  242. Add an explicit tag to the following structure. This string
  243. should be followed by a colon and the tag value to use as a
  244. decimal value.
  245. .Sp
  246. By following the number with \fBU\fR, \fBA\fR, \fBP\fR or \fBC\fR \s-1UNIVERSAL,
  247. APPLICATION, PRIVATE\s0 or \s-1CONTEXT SPECIFIC\s0 tagging can be used,
  248. the default is \s-1CONTEXT SPECIFIC.\s0
  249. .IP "\fB\s-1IMPLICIT\s0\fR, \fB\s-1IMP\s0\fR" 4
  250. .IX Item "IMPLICIT, IMP"
  251. This is the same as \fB\s-1EXPLICIT\s0\fR except \s-1IMPLICIT\s0 tagging is used
  252. instead.
  253. .IP "\fB\s-1OCTWRAP\s0\fR, \fB\s-1SEQWRAP\s0\fR, \fB\s-1SETWRAP\s0\fR, \fB\s-1BITWRAP\s0\fR" 4
  254. .IX Item "OCTWRAP, SEQWRAP, SETWRAP, BITWRAP"
  255. The following structure is surrounded by an \s-1OCTET STRING,\s0 a \s-1SEQUENCE,\s0
  256. a \s-1SET\s0 or a \s-1BIT STRING\s0 respectively. For a \s-1BIT STRING\s0 the number of unused
  257. bits is set to zero.
  258. .IP "\fB\s-1FORMAT\s0\fR" 4
  259. .IX Item "FORMAT"
  260. This specifies the format of the ultimate value. It should be followed
  261. by a colon and one of the strings \fB\s-1ASCII\s0\fR, \fB\s-1UTF8\s0\fR, \fB\s-1HEX\s0\fR or \fB\s-1BITLIST\s0\fR.
  262. .Sp
  263. If no format specifier is included then \fB\s-1ASCII\s0\fR is used. If \fB\s-1UTF8\s0\fR is
  264. specified then the value string must be a valid \fB\s-1UTF8\s0\fR string. For \fB\s-1HEX\s0\fR the
  265. output must be a set of hex digits. \fB\s-1BITLIST\s0\fR (which is only valid for a \s-1BIT
  266. STRING\s0) is a comma separated list of the indices of the set bits, all other
  267. bits are zero.
  268. .SH "RETURN VALUES"
  269. .IX Header "RETURN VALUES"
  270. \&\fBASN1_generate_nconf()\fR and \fBASN1_generate_v3()\fR return the encoded
  271. data as an \fB\s-1ASN1_TYPE\s0\fR structure or \s-1NULL\s0 if an error occurred.
  272. .PP
  273. The error codes that can be obtained by \fBERR_get_error\fR\|(3).
  274. .SH "EXAMPLES"
  275. .IX Header "EXAMPLES"
  276. A simple IA5String:
  277. .PP
  278. .Vb 1
  279. \& IA5STRING:Hello World
  280. .Ve
  281. .PP
  282. An IA5String explicitly tagged:
  283. .PP
  284. .Vb 1
  285. \& EXPLICIT:0,IA5STRING:Hello World
  286. .Ve
  287. .PP
  288. An IA5String explicitly tagged using \s-1APPLICATION\s0 tagging:
  289. .PP
  290. .Vb 1
  291. \& EXPLICIT:0A,IA5STRING:Hello World
  292. .Ve
  293. .PP
  294. A \s-1BITSTRING\s0 with bits 1 and 5 set and all others zero:
  295. .PP
  296. .Vb 1
  297. \& FORMAT:BITLIST,BITSTRING:1,5
  298. .Ve
  299. .PP
  300. A more complex example using a config file to produce a
  301. \&\s-1SEQUENCE\s0 consisting of a \s-1BOOL\s0 an \s-1OID\s0 and a UTF8String:
  302. .PP
  303. .Vb 1
  304. \& asn1 = SEQUENCE:seq_section
  305. \&
  306. \& [seq_section]
  307. \&
  308. \& field1 = BOOLEAN:TRUE
  309. \& field2 = OID:commonName
  310. \& field3 = UTF8:Third field
  311. .Ve
  312. .PP
  313. This example produces an RSAPrivateKey structure, this is the
  314. key contained in the file client.pem in all OpenSSL distributions
  315. (note: the field names such as 'coeff' are ignored and are present just
  316. for clarity):
  317. .PP
  318. .Vb 3
  319. \& asn1=SEQUENCE:private_key
  320. \& [private_key]
  321. \& version=INTEGER:0
  322. \&
  323. \& n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\e
  324. \& D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9
  325. \&
  326. \& e=INTEGER:0x010001
  327. \&
  328. \& d=INTEGER:0x6F05EAD2F27FFAEC84BEC360C4B928FD5F3A9865D0FCAAD291E2A52F4A\e
  329. \& F810DC6373278C006A0ABBA27DC8C63BF97F7E666E27C5284D7D3B1FFFE16B7A87B51D
  330. \&
  331. \& p=INTEGER:0xF3929B9435608F8A22C208D86795271D54EBDFB09DDEF539AB083DA912\e
  332. \& D4BD57
  333. \&
  334. \& q=INTEGER:0xC50016F89DFF2561347ED1186A46E150E28BF2D0F539A1594BBD7FE467\e
  335. \& 46EC4F
  336. \&
  337. \& exp1=INTEGER:0x9E7D4326C924AFC1DEA40B45650134966D6F9DFA3A7F9D698CD4ABEA\e
  338. \& 9C0A39B9
  339. \&
  340. \& exp2=INTEGER:0xBA84003BB95355AFB7C50DF140C60513D0BA51D637272E355E397779\e
  341. \& E7B2458F
  342. \&
  343. \& coeff=INTEGER:0x30B9E4F2AFA5AC679F920FC83F1F2DF1BAF1779CF989447FABC2F5\e
  344. \& 628657053A
  345. .Ve
  346. .PP
  347. This example is the corresponding public key in a SubjectPublicKeyInfo
  348. structure:
  349. .PP
  350. .Vb 2
  351. \& # Start with a SEQUENCE
  352. \& asn1=SEQUENCE:pubkeyinfo
  353. \&
  354. \& # pubkeyinfo contains an algorithm identifier and the public key wrapped
  355. \& # in a BIT STRING
  356. \& [pubkeyinfo]
  357. \& algorithm=SEQUENCE:rsa_alg
  358. \& pubkey=BITWRAP,SEQUENCE:rsapubkey
  359. \&
  360. \& # algorithm ID for RSA is just an OID and a NULL
  361. \& [rsa_alg]
  362. \& algorithm=OID:rsaEncryption
  363. \& parameter=NULL
  364. \&
  365. \& # Actual public key: modulus and exponent
  366. \& [rsapubkey]
  367. \& n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\e
  368. \& D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9
  369. \&
  370. \& e=INTEGER:0x010001
  371. .Ve
  372. .SH "SEE ALSO"
  373. .IX Header "SEE ALSO"
  374. \&\fBERR_get_error\fR\|(3)
  375. .SH "COPYRIGHT"
  376. .IX Header "COPYRIGHT"
  377. Copyright 2002\-2021 The OpenSSL Project Authors. All Rights Reserved.
  378. .PP
  379. Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
  380. this file except in compliance with the License. You can obtain a copy
  381. in the file \s-1LICENSE\s0 in the source distribution or at
  382. <https://www.openssl.org/source/license.html>.