Document ASN.1 printing functions.
ASN1_STRING_print_ex is extremely complex and attempting to implement
RFC2253, so write some tests for it. Along the way, unexport
CHARTYPE_*, which are internal book-keeping used in
ASN1_STRING_print_ex.
Change-Id: Idb27cd40fb66dc099d1fd6d039a00404608c2063
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48776
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index 2394939..8cf4398 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -67,6 +67,15 @@
#include "internal.h"
+// These flags must be distinct from |ESC_FLAGS| and fit in a byte.
+
+// Character is a valid PrintableString character
+#define CHARTYPE_PRINTABLESTRING 0x10
+// Character needs escaping if it is the first character
+#define CHARTYPE_FIRST_ESC_2253 0x20
+// Character needs escaping if it is the last character
+#define CHARTYPE_LAST_ESC_2253 0x40
+
#define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
@@ -188,6 +197,8 @@
orflags = CHARTYPE_FIRST_ESC_2253;
else
orflags = 0;
+ /* TODO(davidben): Replace this with |cbs_get_ucs2_be|, etc., to check
+ * for invalid codepoints. */
switch (charwidth) {
case 4:
c = ((uint32_t)*p++) << 24;
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index b1a01ed..282ad23 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -72,7 +72,7 @@
};
if ((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
- tag &= ~0x100;
+ tag &= ~V_ASN1_NEG;
if (tag < 0 || tag > 30)
return "(unknown)";
diff --git a/crypto/asn1/asn1_test.cc b/crypto/asn1/asn1_test.cc
index bc6e3f7..0d9c43c 100644
--- a/crypto/asn1/asn1_test.cc
+++ b/crypto/asn1/asn1_test.cc
@@ -530,6 +530,269 @@
}
}
+static std::vector<uint8_t> StringToVector(const std::string &str) {
+ return std::vector<uint8_t>(str.begin(), str.end());
+}
+
+TEST(ASN1Test, StringPrintEx) {
+ const struct {
+ int type;
+ std::vector<uint8_t> data;
+ int str_flags;
+ unsigned long flags;
+ std::string expected;
+ } kTests[] = {
+ // A string like "hello" is never escaped or quoted.
+ // |ASN1_STRFLGS_ESC_QUOTE| only introduces quotes when needed. Note
+ // OpenSSL interprets T61String as Latin-1.
+ {V_ASN1_T61STRING, StringToVector("hello"), 0, 0, "hello"},
+ {V_ASN1_T61STRING, StringToVector("hello"), 0,
+ ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB,
+ "hello"},
+ {V_ASN1_T61STRING, StringToVector("hello"), 0,
+ ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB |
+ ASN1_STRFLGS_ESC_QUOTE,
+ "hello"},
+
+ // By default, 8-bit characters are printed without escaping.
+ {V_ASN1_T61STRING,
+ {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
+ 0,
+ 0,
+ std::string(1, '\0') + "\n\x80\xff,+\"\\<>;"},
+
+ // Flags control different escapes. Note that any escape flag will cause
+ // blackslashes to be escaped.
+ {V_ASN1_T61STRING,
+ {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
+ 0,
+ ASN1_STRFLGS_ESC_2253,
+ std::string(1, '\0') + "\n\x80\xff\\,\\+\\\"\\\\\\<\\>\\;"},
+ {V_ASN1_T61STRING,
+ {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
+ 0,
+ ASN1_STRFLGS_ESC_CTRL,
+ "\\00\\0A\x80\xff,+\"\\\\<>;"},
+ {V_ASN1_T61STRING,
+ {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
+ 0,
+ ASN1_STRFLGS_ESC_MSB,
+ std::string(1, '\0') + "\n\\80\\FF,+\"\\\\<>;"},
+ {V_ASN1_T61STRING,
+ {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
+ 0,
+ ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB,
+ "\\00\\0A\\80\\FF\\,\\+\\\"\\\\\\<\\>\\;"},
+
+ // When quoted, fewer characters need to be escaped in RFC2253.
+ {V_ASN1_T61STRING,
+ {0, '\n', 0x80, 0xff, ',', '+', '"', '\\', '<', '>', ';'},
+ 0,
+ ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB |
+ ASN1_STRFLGS_ESC_QUOTE,
+ "\"\\00\\0A\\80\\FF,+\\\"\\\\<>;\""},
+
+ // If no characters benefit from quotes, no quotes are added.
+ {V_ASN1_T61STRING,
+ {0, '\n', 0x80, 0xff, '"', '\\'},
+ 0,
+ ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB |
+ ASN1_STRFLGS_ESC_QUOTE,
+ "\\00\\0A\\80\\FF\\\"\\\\"},
+
+ // RFC2253 only escapes spaces at the start and end of a string.
+ {V_ASN1_T61STRING, StringToVector(" "), 0, ASN1_STRFLGS_ESC_2253,
+ "\\ \\ "},
+ {V_ASN1_T61STRING, StringToVector(" "), 0,
+ ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_QUOTE, "\" \""},
+
+ // RFC2253 only escapes # at the start of a string.
+ {V_ASN1_T61STRING, StringToVector("###"), 0, ASN1_STRFLGS_ESC_2253,
+ "\\###"},
+ {V_ASN1_T61STRING, StringToVector("###"), 0,
+ ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_QUOTE, "\"###\""},
+
+ // By default, strings are decoded and Unicode code points are
+ // individually escaped.
+ {V_ASN1_UTF8STRING, StringToVector("a\xc2\x80\xc4\x80\xf0\x90\x80\x80"),
+ 0, ASN1_STRFLGS_ESC_MSB, "a\\80\\U0100\\W00010000"},
+ {V_ASN1_BMPSTRING,
+ {0x00, 'a', 0x00, 0x80, 0x01, 0x00},
+ 0,
+ ASN1_STRFLGS_ESC_MSB,
+ "a\\80\\U0100"},
+ {V_ASN1_UNIVERSALSTRING,
+ {0x00, 0x00, 0x00, 'a', //
+ 0x00, 0x00, 0x00, 0x80, //
+ 0x00, 0x00, 0x01, 0x00, //
+ 0x00, 0x01, 0x00, 0x00},
+ 0,
+ ASN1_STRFLGS_ESC_MSB,
+ "a\\80\\U0100\\W00010000"},
+
+ // |ASN1_STRFLGS_UTF8_CONVERT| normalizes everything to UTF-8 and then
+ // escapes individual bytes.
+ {V_ASN1_IA5STRING, StringToVector("a\x80"), 0,
+ ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT, "a\\C2\\80"},
+ {V_ASN1_T61STRING, StringToVector("a\x80"), 0,
+ ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT, "a\\C2\\80"},
+ {V_ASN1_UTF8STRING, StringToVector("a\xc2\x80\xc4\x80\xf0\x90\x80\x80"),
+ 0, ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT,
+ "a\\C2\\80\\C4\\80\\F0\\90\\80\\80"},
+ {V_ASN1_BMPSTRING,
+ {0x00, 'a', 0x00, 0x80, 0x01, 0x00},
+ 0,
+ ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT,
+ "a\\C2\\80\\C4\\80"},
+ {V_ASN1_UNIVERSALSTRING,
+ {0x00, 0x00, 0x00, 'a', //
+ 0x00, 0x00, 0x00, 0x80, //
+ 0x00, 0x00, 0x01, 0x00, //
+ 0x00, 0x01, 0x00, 0x00},
+ 0,
+ ASN1_STRFLGS_ESC_MSB | ASN1_STRFLGS_UTF8_CONVERT,
+ "a\\C2\\80\\C4\\80\\F0\\90\\80\\80"},
+
+ // The same as above, but without escaping the UTF-8 encoding.
+ {V_ASN1_IA5STRING, StringToVector("a\x80"), 0, ASN1_STRFLGS_UTF8_CONVERT,
+ "a\xc2\x80"},
+ {V_ASN1_T61STRING, StringToVector("a\x80"), 0, ASN1_STRFLGS_UTF8_CONVERT,
+ "a\xc2\x80"},
+ {V_ASN1_UTF8STRING, StringToVector("a\xc2\x80\xc4\x80\xf0\x90\x80\x80"),
+ 0, ASN1_STRFLGS_UTF8_CONVERT, "a\xc2\x80\xc4\x80\xf0\x90\x80\x80"},
+ {V_ASN1_BMPSTRING,
+ {0x00, 'a', 0x00, 0x80, 0x01, 0x00},
+ 0,
+ ASN1_STRFLGS_UTF8_CONVERT,
+ "a\xc2\x80\xc4\x80"},
+ {V_ASN1_UNIVERSALSTRING,
+ {0x00, 0x00, 0x00, 'a', //
+ 0x00, 0x00, 0x00, 0x80, //
+ 0x00, 0x00, 0x01, 0x00, //
+ 0x00, 0x01, 0x00, 0x00},
+ 0,
+ ASN1_STRFLGS_UTF8_CONVERT,
+ "a\xc2\x80\xc4\x80\xf0\x90\x80\x80"},
+
+ // Types that cannot be decoded are, by default, treated as a byte string.
+ {V_ASN1_OCTET_STRING, {0xff}, 0, 0, "\xff"},
+ {-1, {0xff}, 0, 0, "\xff"},
+ {100, {0xff}, 0, 0, "\xff"},
+
+ // |ASN1_STRFLGS_UTF8_CONVERT| still converts these bytes to UTF-8.
+ //
+ // TODO(davidben): This seems like a bug. Although it's unclear because
+ // the non-RFC2253 options aren't especially sound. Can we just remove
+ // them?
+ {V_ASN1_OCTET_STRING, {0xff}, 0, ASN1_STRFLGS_UTF8_CONVERT, "\xc3\xbf"},
+ {-1, {0xff}, 0, ASN1_STRFLGS_UTF8_CONVERT, "\xc3\xbf"},
+ {100, {0xff}, 0, ASN1_STRFLGS_UTF8_CONVERT, "\xc3\xbf"},
+
+ // |ASN1_STRFLGS_IGNORE_TYPE| causes the string type to be ignored, so it
+ // is always treated as a byte string, even if it is not a valid encoding.
+ {V_ASN1_UTF8STRING, {0xff}, 0, ASN1_STRFLGS_IGNORE_TYPE, "\xff"},
+ {V_ASN1_BMPSTRING, {0xff}, 0, ASN1_STRFLGS_IGNORE_TYPE, "\xff"},
+ {V_ASN1_UNIVERSALSTRING, {0xff}, 0, ASN1_STRFLGS_IGNORE_TYPE, "\xff"},
+
+ // |ASN1_STRFLGS_SHOW_TYPE| prepends the type name.
+ {V_ASN1_UTF8STRING, {'a'}, 0, ASN1_STRFLGS_SHOW_TYPE, "UTF8STRING:a"},
+ {-1, {'a'}, 0, ASN1_STRFLGS_SHOW_TYPE, "(unknown):a"},
+ {100, {'a'}, 0, ASN1_STRFLGS_SHOW_TYPE, "(unknown):a"},
+
+ // |ASN1_STRFLGS_DUMP_ALL| and |ASN1_STRFLGS_DUMP_UNKNOWN| cause
+ // non-string types to be printed in hex, though without the DER wrapper
+ // by default.
+ {V_ASN1_UTF8STRING, StringToVector("\xe2\x98\x83"), 0,
+ ASN1_STRFLGS_DUMP_UNKNOWN, "\\U2603"},
+ {V_ASN1_UTF8STRING, StringToVector("\xe2\x98\x83"), 0,
+ ASN1_STRFLGS_DUMP_ALL, "#E29883"},
+ {V_ASN1_OCTET_STRING, StringToVector("\xe2\x98\x83"), 0,
+ ASN1_STRFLGS_DUMP_UNKNOWN, "#E29883"},
+ {V_ASN1_OCTET_STRING, StringToVector("\xe2\x98\x83"), 0,
+ ASN1_STRFLGS_DUMP_ALL, "#E29883"},
+
+ // |ASN1_STRFLGS_DUMP_DER| includes the entire element.
+ {V_ASN1_UTF8STRING, StringToVector("\xe2\x98\x83"), 0,
+ ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER, "#0C03E29883"},
+ {V_ASN1_OCTET_STRING, StringToVector("\xe2\x98\x83"), 0,
+ ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER, "#0403E29883"},
+ {V_ASN1_BIT_STRING,
+ {0x80},
+ ASN1_STRING_FLAG_BITS_LEFT | 4,
+ ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER,
+ "#03020480"},
+ };
+ for (const auto &t : kTests) {
+ SCOPED_TRACE(t.type);
+ SCOPED_TRACE(Bytes(t.data));
+ SCOPED_TRACE(t.str_flags);
+ SCOPED_TRACE(t.flags);
+
+ bssl::UniquePtr<ASN1_STRING> str(ASN1_STRING_type_new(t.type));
+ ASSERT_TRUE(ASN1_STRING_set(str.get(), t.data.data(), t.data.size()));
+ str->flags = t.str_flags;
+
+ // If the |BIO| is null, it should measure the size.
+ int len = ASN1_STRING_print_ex(nullptr, str.get(), t.flags);
+ EXPECT_EQ(len, static_cast<int>(t.expected.size()));
+
+ // Measuring the size should also work for the |FILE| version
+ len = ASN1_STRING_print_ex_fp(nullptr, str.get(), t.flags);
+ EXPECT_EQ(len, static_cast<int>(t.expected.size()));
+
+ // Actually print the string.
+ bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem()));
+ ASSERT_TRUE(bio);
+ len = ASN1_STRING_print_ex(bio.get(), str.get(), t.flags);
+ EXPECT_EQ(len, static_cast<int>(t.expected.size()));
+
+ const uint8_t *bio_contents;
+ size_t bio_len;
+ ASSERT_TRUE(BIO_mem_contents(bio.get(), &bio_contents, &bio_len));
+ EXPECT_EQ(t.expected, std::string(bio_contents, bio_contents + bio_len));
+ }
+
+ const struct {
+ int type;
+ std::vector<uint8_t> data;
+ int str_flags;
+ unsigned long flags;
+ } kUnprintableTests[] = {
+ // When decoding strings, invalid codepoints are errors.
+ {V_ASN1_UTF8STRING, {0xff}, 0, ASN1_STRFLGS_ESC_MSB},
+ {V_ASN1_BMPSTRING, {0xff}, 0, ASN1_STRFLGS_ESC_MSB},
+ {V_ASN1_BMPSTRING, {0xff}, 0, ASN1_STRFLGS_ESC_MSB},
+ {V_ASN1_UNIVERSALSTRING, {0xff}, 0, ASN1_STRFLGS_ESC_MSB},
+ };
+ for (const auto &t : kUnprintableTests) {
+ SCOPED_TRACE(t.type);
+ SCOPED_TRACE(Bytes(t.data));
+ SCOPED_TRACE(t.str_flags);
+ SCOPED_TRACE(t.flags);
+
+ bssl::UniquePtr<ASN1_STRING> str(ASN1_STRING_type_new(t.type));
+ ASSERT_TRUE(ASN1_STRING_set(str.get(), t.data.data(), t.data.size()));
+ str->flags = t.str_flags;
+
+ // If the |BIO| is null, it should measure the size.
+ int len = ASN1_STRING_print_ex(nullptr, str.get(), t.flags);
+ EXPECT_EQ(len, -1);
+ ERR_clear_error();
+
+ // Measuring the size should also work for the |FILE| version
+ len = ASN1_STRING_print_ex_fp(nullptr, str.get(), t.flags);
+ EXPECT_EQ(len, -1);
+ ERR_clear_error();
+
+ // Actually print the string.
+ bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem()));
+ ASSERT_TRUE(bio);
+ len = ASN1_STRING_print_ex(bio.get(), str.get(), t.flags);
+ EXPECT_EQ(len, -1);
+ ERR_clear_error();
+ }
+}
+
// The ASN.1 macros do not work on Windows shared library builds, where usage of
// |OPENSSL_EXPORT| is a bit stricter.
#if !defined(OPENSSL_WINDOWS) || !defined(BORINGSSL_SHARED_LIBRARY)
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
index 8bbb49b..4cf71ad 100644
--- a/include/openssl/asn1.h
+++ b/include/openssl/asn1.h
@@ -178,6 +178,10 @@
#define B_ASN1_GENERALIZEDTIME 0x8000
#define B_ASN1_SEQUENCE 0x10000
+// ASN1_tag2str returns a string representation of |tag|, interpret as a tag
+// number for a universal type, or |V_ASN1_NEG_*|.
+OPENSSL_EXPORT const char *ASN1_tag2str(int tag);
+
// Strings.
//
@@ -740,6 +744,99 @@
// the macros, document them, and move them to this section.
+// Human-readable output.
+//
+// The following functions output types in some human-readable format. These
+// functions may be used for debugging and logging. However, the output should
+// not be consumed programmatically. They may be ambiguous or lose information.
+
+// ASN1_UTCTIME_print writes a human-readable representation of |a| to |out|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int ASN1_UTCTIME_print(BIO *out, const ASN1_UTCTIME *a);
+
+// ASN1_GENERALIZEDTIME_print writes a human-readable representation of |a| to
+// |out|. It returns one on success and zero on error.
+OPENSSL_EXPORT int ASN1_GENERALIZEDTIME_print(BIO *out,
+ const ASN1_GENERALIZEDTIME *a);
+
+// ASN1_TIME_print writes a human-readable representation of |a| to |out|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int ASN1_TIME_print(BIO *out, const ASN1_TIME *a);
+
+// ASN1_STRING_print writes a human-readable representation of |str| to |out|.
+// It returns one on success and zero on error. Unprintable characters are
+// replaced with '.'.
+OPENSSL_EXPORT int ASN1_STRING_print(BIO *out, const ASN1_STRING *str);
+
+// ASN1_STRFLGS_ESC_2253 causes characters to be escaped as in RFC2253, section
+// 2.4.
+#define ASN1_STRFLGS_ESC_2253 1
+
+// ASN1_STRFLGS_ESC_CTRL causes all control characters to be escaped.
+#define ASN1_STRFLGS_ESC_CTRL 2
+
+// ASN1_STRFLGS_ESC_MSB causes all characters above 127 to be escaped.
+#define ASN1_STRFLGS_ESC_MSB 4
+
+// ASN1_STRFLGS_ESC_QUOTE causes the string to be surrounded by quotes, rather
+// than using backslashes, when characters are escaped. Fewer characters will
+// require escapes in this case.
+#define ASN1_STRFLGS_ESC_QUOTE 8
+
+// ASN1_STRFLGS_UTF8_CONVERT causes the string to be encoded as UTF-8, with each
+// byte in the UTF-8 encoding treated as an individual character for purposes of
+// escape sequences. If not set, each Unicode codepoint in the string is treated
+// as a character, with wide characters escaped as "\Uxxxx" or "\Wxxxxxxxx".
+// Note this can be ambiguous if |ASN1_STRFLGS_ESC_*| are all unset. In that
+// case, backslashes are not escaped, but wide characters are.
+#define ASN1_STRFLGS_UTF8_CONVERT 0x10
+
+// ASN1_STRFLGS_IGNORE_TYPE causes the string type to be ignored. The
+// |ASN1_STRING| in-memory representation will be printed directly.
+#define ASN1_STRFLGS_IGNORE_TYPE 0x20
+
+// ASN1_STRFLGS_SHOW_TYPE causes the string type to be included in the output.
+#define ASN1_STRFLGS_SHOW_TYPE 0x40
+
+// ASN1_STRFLGS_DUMP_ALL causes all strings to be printed as a hexdump, using
+// RFC2253 hexstring notation, such as "#0123456789ABCDEF".
+#define ASN1_STRFLGS_DUMP_ALL 0x80
+
+// ASN1_STRFLGS_DUMP_UNKNOWN behaves like |ASN1_STRFLGS_DUMP_ALL| but only
+// applies to values of unknown type. If unset, unknown values will print
+// their contents as single-byte characters with escape sequences.
+#define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
+
+// ASN1_STRFLGS_DUMP_DER causes hexdumped strings (as determined by
+// |ASN1_STRFLGS_DUMP_ALL| or |ASN1_STRFLGS_DUMP_UNKNOWN|) to print the entire
+// DER element as in RFC2253, rather than only the contents of the
+// |ASN1_STRING|.
+#define ASN1_STRFLGS_DUMP_DER 0x200
+
+// ASN1_STRFLGS_RFC2253 causes the string to be escaped as in RFC2253,
+// additionally escaping control characters.
+#define ASN1_STRFLGS_RFC2253 \
+ (ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | \
+ ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_DUMP_UNKNOWN | \
+ ASN1_STRFLGS_DUMP_DER)
+
+// ASN1_STRING_print_ex writes a human-readable representation of |str| to
+// |out|. It returns the number of bytes written on success and -1 on error. If
+// |out| is NULL, it returns the number of bytes it would have written, without
+// writing anything.
+//
+// The |flags| should be a combination of combination of |ASN1_STRFLGS_*|
+// constants. See the documentation for each flag for how it controls the
+// output. If unsure, use |ASN1_STRFLGS_RFC2253|.
+OPENSSL_EXPORT int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str,
+ unsigned long flags);
+
+// ASN1_STRING_print_ex_fp behaves like |ASN1_STRING_print_ex| but writes to a
+// |FILE| rather than a |BIO|.
+OPENSSL_EXPORT int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str,
+ unsigned long flags);
+
+
// Underdocumented functions.
//
// The following functions are not yet documented and organized.
@@ -876,75 +973,6 @@
#define DECLARE_ASN1_ITEM(name) extern OPENSSL_EXPORT const ASN1_ITEM name##_it;
-// Parameters used by ASN1_STRING_print_ex()
-
-// These determine which characters to escape:
-// RFC2253 special characters, control characters and
-// MSB set characters
-
-#define ASN1_STRFLGS_ESC_2253 1
-#define ASN1_STRFLGS_ESC_CTRL 2
-#define ASN1_STRFLGS_ESC_MSB 4
-
-
-// This flag determines how we do escaping: normally
-// RC2253 backslash only, set this to use backslash and
-// quote.
-
-#define ASN1_STRFLGS_ESC_QUOTE 8
-
-
-// These three flags are internal use only.
-
-// Character is a valid PrintableString character
-#define CHARTYPE_PRINTABLESTRING 0x10
-// Character needs escaping if it is the first character
-#define CHARTYPE_FIRST_ESC_2253 0x20
-// Character needs escaping if it is the last character
-#define CHARTYPE_LAST_ESC_2253 0x40
-
-// NB the internal flags are safely reused below by flags
-// handled at the top level.
-
-// If this is set we convert all character strings
-// to UTF8 first
-
-#define ASN1_STRFLGS_UTF8_CONVERT 0x10
-
-// If this is set we don't attempt to interpret content:
-// just assume all strings are 1 byte per character. This
-// will produce some pretty odd looking output!
-
-#define ASN1_STRFLGS_IGNORE_TYPE 0x20
-
-// If this is set we include the string type in the output
-#define ASN1_STRFLGS_SHOW_TYPE 0x40
-
-// This determines which strings to display and which to
-// 'dump' (hex dump of content octets or DER encoding). We can
-// only dump non character strings or everything. If we
-// don't dump 'unknown' they are interpreted as character
-// strings with 1 octet per character and are subject to
-// the usual escaping options.
-
-#define ASN1_STRFLGS_DUMP_ALL 0x80
-#define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
-
-// These determine what 'dumping' does, we can dump the
-// content octets or the DER encoding: both use the
-// RFC2253 #XXXXX notation.
-
-#define ASN1_STRFLGS_DUMP_DER 0x200
-
-// All the string flags consistent with RFC2253,
-// escaping control characters isn't essential in
-// RFC2253 but it is advisable anyway.
-
-#define ASN1_STRFLGS_RFC2253 \
- (ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | \
- ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_DUMP_UNKNOWN | \
- ASN1_STRFLGS_DUMP_DER)
-
DEFINE_STACK_OF(ASN1_INTEGER)
DEFINE_STACK_OF(ASN1_TYPE)
@@ -1106,19 +1134,9 @@
OPENSSL_EXPORT void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
OPENSSL_EXPORT int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
-OPENSSL_EXPORT int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str,
- unsigned long flags);
OPENSSL_EXPORT void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
OPENSSL_EXPORT int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
-OPENSSL_EXPORT int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
-OPENSSL_EXPORT int ASN1_GENERALIZEDTIME_print(BIO *fp,
- const ASN1_GENERALIZEDTIME *a);
-OPENSSL_EXPORT int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
-OPENSSL_EXPORT int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
-OPENSSL_EXPORT int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str,
- unsigned long flags);
-OPENSSL_EXPORT const char *ASN1_tag2str(int tag);
// Used to load and write netscape format cert
