#ifndef HEADER_CURL_X509ASN1_H
#define HEADER_CURL_X509ASN1_H

/***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at https://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/

#include "curl_setup.h"

#if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS) || \
    defined(USE_CYASSL) || defined(USE_SCHANNEL)

#include "urldata.h"

/*
 * Constants.
 */

/* Largest supported ASN.1 structure. */
#define CURL_ASN1_MAX                   ((size_t) 0x40000)      /* 256K */

/* ASN.1 classes. */
#define CURL_ASN1_UNIVERSAL             0
#define CURL_ASN1_APPLICATION           1
#define CURL_ASN1_CONTEXT_SPECIFIC      2
#define CURL_ASN1_PRIVATE               3

/* ASN.1 types. */
#define CURL_ASN1_BOOLEAN               1
#define CURL_ASN1_INTEGER               2
#define CURL_ASN1_BIT_STRING            3
#define CURL_ASN1_OCTET_STRING          4
#define CURL_ASN1_NULL                  5
#define CURL_ASN1_OBJECT_IDENTIFIER     6
#define CURL_ASN1_OBJECT_DESCRIPTOR     7
#define CURL_ASN1_INSTANCE_OF           8
#define CURL_ASN1_REAL                  9
#define CURL_ASN1_ENUMERATED            10
#define CURL_ASN1_EMBEDDED              11
#define CURL_ASN1_UTF8_STRING           12
#define CURL_ASN1_RELATIVE_OID          13
#define CURL_ASN1_SEQUENCE              16
#define CURL_ASN1_SET                   17
#define CURL_ASN1_NUMERIC_STRING        18
#define CURL_ASN1_PRINTABLE_STRING      19
#define CURL_ASN1_TELETEX_STRING        20
#define CURL_ASN1_VIDEOTEX_STRING       21
#define CURL_ASN1_IA5_STRING            22
#define CURL_ASN1_UTC_TIME              23
#define CURL_ASN1_GENERALIZED_TIME      24
#define CURL_ASN1_GRAPHIC_STRING        25
#define CURL_ASN1_VISIBLE_STRING        26
#define CURL_ASN1_GENERAL_STRING        27
#define CURL_ASN1_UNIVERSAL_STRING      28
#define CURL_ASN1_CHARACTER_STRING      29
#define CURL_ASN1_BMP_STRING            30


/*
 * Types.
 */

/* ASN.1 parsed element. */
typedef struct {
  const char *  header;         /* Pointer to header byte. */
  const char *  beg;            /* Pointer to element data. */
  const char *  end;            /* Pointer to 1st byte after element. */
  unsigned char class;          /* ASN.1 element class. */
  unsigned char tag;            /* ASN.1 element tag. */
  bool          constructed;    /* Element is constructed. */
}  curl_asn1Element;


/* ASN.1 OID table entry. */
typedef struct {
  const char *  numoid;         /* Dotted-numeric OID. */
  const char *  textoid;        /* OID name. */
}  curl_OID;


/* X509 certificate: RFC 5280. */
typedef struct {
  curl_asn1Element      certificate;
  curl_asn1Element      version;
  curl_asn1Element      serialNumber;
  curl_asn1Element      signatureAlgorithm;
  curl_asn1Element      signature;
  curl_asn1Element      issuer;
  curl_asn1Element      notBefore;
  curl_asn1Element      notAfter;
  curl_asn1Element      subject;
  curl_asn1Element      subjectPublicKeyInfo;
  curl_asn1Element      subjectPublicKeyAlgorithm;
  curl_asn1Element      subjectPublicKey;
  curl_asn1Element      issuerUniqueID;
  curl_asn1Element      subjectUniqueID;
  curl_asn1Element      extensions;
}  curl_X509certificate;


/*
 * Prototypes.
 */

const char *Curl_getASN1Element(curl_asn1Element *elem,
                                 const char *beg, const char *end);
const char *Curl_ASN1tostr(curl_asn1Element *elem, int type);
const char *Curl_DNtostr(curl_asn1Element *dn);
int Curl_parseX509(curl_X509certificate *cert,
                   const char *beg, const char *end);
CURLcode Curl_extract_certinfo(struct connectdata *conn, int certnum,
                               const char *beg, const char *end);
CURLcode Curl_verifyhost(struct connectdata *conn,
                         const char *beg, const char *end);
#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_CYASSL or USE_SCHANNEL */
#endif /* HEADER_CURL_X509ASN1_H */