8fde460772
The template compiler was applying IMPLICIT tags to CHOICE types. This
is very wrong, as the tag of a CHOICE's taken choice cannot be replaced
without making it impossible to figure out what the choice was. An
example of this is GeneralName's directoryName, which is an IMPLICIT-
tagged CHOICE.
Separately, the non-template compiler was requiring inlining of
IMPLICIT-tagged CHOICEs, which also happens in GeneralName's
directoryName case:
```
205 Name ::= CHOICE {
206 rdnSequence RDNSequence
207 }
...
287 GeneralName ::= CHOICE {
288 otherName [0] IMPLICIT -- OtherName --
SEQUENCE {
289 type-id OBJECT IDENTIFIER,
290 value [0] EXPLICIT heim_any
291 },
292 rfc822Name [1] IMPLICIT IA5String,
293 dNSName [2] IMPLICIT IA5String,
294 -- x400Address [3] IMPLICIT ORAddress,--
--->295 directoryName [4] IMPLICIT -- Name -- CHOICE
{
296 rdnSequence RDNSequence
297 },
298 -- ediPartyName [5] IMPLICIT EDIPartyName, --
299 uniformResourceIdentifier [6] IMPLICIT IA5String,
300 iPAddress [7] IMPLICIT OCTET STRING,
301 registeredID [8] IMPLICIT OBJECT IDENTIFIER
302 }
```
Anyways, that's fixed now, though changing that will require making
corresponding changes to `lib/hx509/`.
We're getting closer to parity between the two compilers. The template
compiler is still missing support for `SET { ... }` types. Speaking of
`SET { ... }`, the regular compiler generates code that uses `qsort()`
to sort the encoded values values of the members of such a set, but this
seems silly because the order of members is knowable at compile time, as
for DER and CER the order by the tags of the members, from lowest to
highest (see X.690, section 9.3 and X.680, section 8.6). As it happens
using `qsort()` on the encodings of the members works, but it would be
be better to sort in `lib/asn1/asn1parse.y` and then not have to bother
anywhere else. Sorting SETs at definition time will help keep the
tamplate compiler simple. Not that we _need_ `SET { ... }` for anything
in-tree other than the X.690 sample...
While we're at it, let's note that the core of PKIX from the RFC
2459/3280/5280/5912 consists of *two* ASN.1 modules, one with
default-EXPLICIT tags, and one with default-IMPLICIT tags, and
Heimdal has these merged as a default-EXPLICIT tags module in
`lib/asn1/rfc2459.asn1`, with `IMPLICIT` added in by hand in all the
tags in the default-IMPLICIT tagged module. This fixes one recently
added type from PKIX that didn't have `IMPLICIT` added in manually!
248 lines
6.1 KiB
Groff
248 lines
6.1 KiB
Groff
-- $Id$ --
|
|
|
|
TEST DEFINITIONS ::=
|
|
|
|
BEGIN
|
|
|
|
IMPORTS heim_any FROM heim;
|
|
|
|
-- Check that we handle out of order definitions.
|
|
-- The compiler should emit the definition of TESTOutOfOrderBar before that of
|
|
-- TESTOutOfOrderFoo.
|
|
TESTOutOfOrderFoo ::= SEQUENCE {
|
|
bar TESTOutOfOrderBar
|
|
}
|
|
|
|
TESTOutOfOrderBar ::= SEQUENCE {
|
|
aMember INTEGER
|
|
}
|
|
|
|
-- Check that we can handle rpc.mountd style "lists". This is unnecessarily
|
|
-- inefficient in its encoding, and there's no point to using this over
|
|
-- SEQUENCE OF (arrays), but it's neat that we can do this now that we can do
|
|
-- out of order definitions.
|
|
--
|
|
-- This could be useful if we ever extend asn1_compile to also handle XDR,
|
|
-- which we well might since XDR's syntax is a dual of a strict subset of
|
|
-- ASN.1, and since XDR the encoding is fairly straightforward.
|
|
--
|
|
-- Note that the `next' member has to be OPTIONAL or DEFAULTed for this to
|
|
-- work.
|
|
TESTCircular ::= SEQUENCE {
|
|
name UTF8String,
|
|
next TESTCircular OPTIONAL
|
|
}
|
|
|
|
TESTuint32 ::= INTEGER (0..4294967295)
|
|
TESTuint64 ::= INTEGER(0..9223372036854775807)
|
|
TESTint64 ::= INTEGER(-9223372036854775808..9223372036854775807)
|
|
|
|
TESTLargeTag ::= SEQUENCE {
|
|
foo[127] INTEGER (-2147483648..2147483647),
|
|
bar[128] INTEGER (-2147483648..2147483647)
|
|
}
|
|
|
|
TESTSeq ::= SEQUENCE {
|
|
tag0[0] INTEGER (-2147483648..2147483647),
|
|
tag1[1] TESTLargeTag,
|
|
tagless INTEGER (-2147483648..2147483647),
|
|
tag3[2] INTEGER (-2147483648..2147483647)
|
|
}
|
|
|
|
TESTChoice1 ::= CHOICE {
|
|
i1[1] INTEGER (-2147483648..2147483647),
|
|
i2[2] INTEGER (-2147483648..2147483647),
|
|
...
|
|
}
|
|
|
|
TESTChoice2 ::= CHOICE {
|
|
i1[1] INTEGER (-2147483648..2147483647),
|
|
...
|
|
}
|
|
|
|
TESTInteger ::= INTEGER (-2147483648..2147483647)
|
|
|
|
TESTInteger2 ::= [4] IMPLICIT TESTInteger
|
|
TESTInteger3 ::= [5] IMPLICIT TESTInteger2
|
|
|
|
TESTImplicit ::= SEQUENCE {
|
|
ti1[0] IMPLICIT INTEGER (-2147483648..2147483647),
|
|
ti2[1] IMPLICIT SEQUENCE {
|
|
foo[127] INTEGER (-2147483648..2147483647)
|
|
},
|
|
ti3[2] IMPLICIT [5] IMPLICIT [4] IMPLICIT INTEGER (-2147483648..2147483647)
|
|
}
|
|
|
|
TESTImplicit2 ::= SEQUENCE {
|
|
ti1[0] IMPLICIT TESTInteger,
|
|
-- ti2[1] IMPLICIT TESTLargeTag, this is disabled since the IMPLICT encoder does't get the types right when stepping inside an structure --
|
|
ti3[2] IMPLICIT TESTInteger3,
|
|
ti4[51] IMPLICIT TESTInteger OPTIONAL
|
|
}
|
|
|
|
TESTImplicit3 ::= CHOICE {
|
|
ti1[0] IMPLICIT INTEGER (-2147483648..2147483647),
|
|
ti2[5] IMPLICIT CHOICE { i1[1] INTEGER (-2147483648..2147483647) }
|
|
}
|
|
|
|
TESTImplicit4 ::= CHOICE {
|
|
ti1[0] IMPLICIT INTEGER (-2147483648..2147483647),
|
|
ti2[5] IMPLICIT TESTChoice2
|
|
}
|
|
|
|
TESTAllocInner ::= SEQUENCE {
|
|
ai[0] TESTInteger
|
|
}
|
|
|
|
TESTAlloc ::= SEQUENCE {
|
|
tagless TESTAllocInner OPTIONAL,
|
|
three [1] INTEGER (-2147483648..2147483647),
|
|
tagless2 heim_any OPTIONAL
|
|
}
|
|
|
|
TESTOptional ::= SEQUENCE {
|
|
zero [0] INTEGER (-2147483648..2147483647) OPTIONAL,
|
|
one [1] INTEGER (-2147483648..2147483647) OPTIONAL
|
|
}
|
|
|
|
|
|
TESTCONTAINING ::= OCTET STRING ( CONTAINING INTEGER )
|
|
TESTENCODEDBY ::= OCTET STRING ( ENCODED BY
|
|
{ joint-iso-itu-t(2) asn(1) ber-derived(2) distinguished-encoding(1) }
|
|
)
|
|
|
|
TESTDer OBJECT IDENTIFIER ::= {
|
|
joint-iso-itu-t(2) asn(1) ber-derived(2) distinguished-encoding(1)
|
|
}
|
|
|
|
TESTCONTAININGENCODEDBY ::= OCTET STRING ( CONTAINING INTEGER ENCODED BY
|
|
{ joint-iso-itu-t(2) asn(1) ber-derived(2) distinguished-encoding(1) }
|
|
)
|
|
|
|
TESTCONTAININGENCODEDBY2 ::= OCTET STRING (
|
|
CONTAINING INTEGER ENCODED BY TESTDer
|
|
)
|
|
|
|
|
|
TESTValue1 INTEGER ::= 1
|
|
|
|
TESTUSERCONSTRAINED ::= OCTET STRING (CONSTRAINED BY { -- meh -- })
|
|
-- TESTUSERCONSTRAINED2 ::= OCTET STRING (CONSTRAINED BY { TESTInteger })
|
|
-- TESTUSERCONSTRAINED3 ::= OCTET STRING (CONSTRAINED BY { INTEGER })
|
|
-- TESTUSERCONSTRAINED4 ::= OCTET STRING (CONSTRAINED BY { INTEGER : 1 })
|
|
|
|
TESTSeqOf ::= SEQUENCE OF TESTInteger
|
|
|
|
TESTSeqSizeOf1 ::= SEQUENCE SIZE (2) OF TESTInteger
|
|
TESTSeqSizeOf2 ::= SEQUENCE SIZE (1..2) OF TESTInteger
|
|
TESTSeqSizeOf3 ::= SEQUENCE SIZE (1..MAX) OF TESTInteger
|
|
TESTSeqSizeOf4 ::= SEQUENCE SIZE (0..2) OF TESTInteger
|
|
|
|
TESTOSSize1 ::= OCTET STRING SIZE (1..2)
|
|
|
|
TESTSeqOfSeq ::= SEQUENCE OF SEQUENCE {
|
|
zero [0] TESTInteger
|
|
}
|
|
|
|
TESTSeqOfSeq2 ::= SEQUENCE OF SEQUENCE {
|
|
string [0] GeneralString
|
|
}
|
|
|
|
TESTSeqOfSeq3 ::= SEQUENCE OF SEQUENCE {
|
|
zero [0] TESTInteger,
|
|
string [0] GeneralString
|
|
}
|
|
|
|
TESTSeqOf2 ::= SEQUENCE {
|
|
strings SEQUENCE OF GeneralString
|
|
}
|
|
|
|
TESTSeqOf3 ::= SEQUENCE {
|
|
strings SEQUENCE OF GeneralString OPTIONAL
|
|
}
|
|
|
|
-- Larger/more complex to increase odds of out-of-bounds
|
|
-- read/writes if miscoded
|
|
|
|
TESTSeqOf4 ::= SEQUENCE {
|
|
b1 [0] SEQUENCE OF SEQUENCE {
|
|
s1 OCTET STRING,
|
|
s2 OCTET STRING,
|
|
u1 TESTuint64,
|
|
u2 TESTuint64
|
|
} OPTIONAL,
|
|
b2 [1] IMPLICIT SEQUENCE OF SEQUENCE {
|
|
u1 TESTuint64,
|
|
u2 TESTuint64,
|
|
u3 TESTuint64,
|
|
s1 OCTET STRING,
|
|
s2 OCTET STRING,
|
|
s3 OCTET STRING
|
|
} OPTIONAL,
|
|
b3 [2] IMPLICIT SEQUENCE OF SEQUENCE {
|
|
s1 OCTET STRING,
|
|
u1 TESTuint64,
|
|
s2 OCTET STRING,
|
|
u2 TESTuint64,
|
|
s3 OCTET STRING,
|
|
u3 TESTuint64,
|
|
s4 OCTET STRING,
|
|
u4 TESTuint64
|
|
} OPTIONAL
|
|
}
|
|
|
|
TESTSeqOf5 ::= SEQUENCE {
|
|
outer SEQUENCE {
|
|
inner SEQUENCE {
|
|
u0 TESTuint64,
|
|
s0 OCTET STRING,
|
|
u1 TESTuint64,
|
|
s1 OCTET STRING,
|
|
u2 TESTuint64,
|
|
s2 OCTET STRING,
|
|
u3 TESTuint64,
|
|
s3 OCTET STRING,
|
|
u4 TESTuint64,
|
|
s4 OCTET STRING,
|
|
u5 TESTuint64,
|
|
s5 OCTET STRING,
|
|
u6 TESTuint64,
|
|
s6 OCTET STRING,
|
|
u7 TESTuint64,
|
|
s7 OCTET STRING
|
|
}
|
|
}
|
|
OPTIONAL
|
|
}
|
|
|
|
TESTPreserve ::= SEQUENCE {
|
|
zero [0] TESTInteger,
|
|
one [1] TESTInteger
|
|
}
|
|
|
|
TESTBitString ::= BIT STRING {
|
|
zero(0),
|
|
eight(8),
|
|
thirtyone(31)
|
|
}
|
|
|
|
TESTBitString64 ::= BIT STRING {
|
|
zero(0),
|
|
eight(8),
|
|
thirtyone(31),
|
|
thirtytwo(32),
|
|
sixtythree(63)
|
|
}
|
|
|
|
TESTLargeBitString ::= BIT STRING {
|
|
zero(0),
|
|
eight(8),
|
|
thirtyone(31),
|
|
onehundredtwenty(120)
|
|
}
|
|
|
|
TESTMechType::= OBJECT IDENTIFIER
|
|
TESTMechTypeList ::= SEQUENCE OF TESTMechType
|
|
|
|
END
|