1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/cryptoservices/certificateandkeymgmt/tder/syntax.txt Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,145 @@
1.4 +dergen.pl
1.5 +*********
1.6 +This Perl application recursively parses a set of text files translating the
1.7 +contents into a DER encoding. This should now support all of the ASN.1
1.8 +tags required to create a PKCS#12 file.
1.9 +
1.10 +Syntax:
1.11 +
1.12 +* key value format
1.13 +* one key per line
1.14 +* tabs + whitespace up to command ignored
1.15 +* comment is //
1.16 +* $1 .. $N for textual substitution of args
1.17 +* escape character is \
1.18 +* case insensitive
1.19 +
1.20 +Simple types are of the form
1.21 +SIMPLE_COMMAND=arg1,arg2,arg3
1.22 +
1.23 +simple types
1.24 +************
1.25 +BITSTRING
1.26 + Output an DER bit string
1.27 + ARG0=A sequence of 0s and 1s.
1.28 +BMPSTRING
1.29 + Encodes ascii text as BMPSTRING
1.30 + ARG0=ascii text to encode
1.31 +BMPSTRING_FILE
1.32 + Includes a BMPSTRING file as a BMPSTRING element
1.33 + ARG0=name of file to include
1.34 +ENUMERATED
1.35 + Encodes and enumerated value
1.36 + ARG0=integer value of enum
1.37 +IA5STRING
1.38 + Encodes ascii text as BMPSTRING
1.39 + ARG0=ascii text to encode
1.40 +IA5STRING_FILE
1.41 + Includes a IA5STRING file as an IA5STRING element
1.42 + ARG0=name of file to include
1.43 +INCLUDE_BINARY_FILE
1.44 + Includes raw binary data from a file
1.45 + ARG0=filename to include
1.46 +INTEGER|INT
1.47 + Outputs an integer
1.48 + ARG0=Integer in decimal or hex format (leading 0x)
1.49 +NULL
1.50 + A null entry (no args)
1.51 +OID
1.52 + An ASN.1 object identifier
1.53 + ARG0=Raw form (1.2.840.113549.1) or one of the defined key words (look in the source)
1.54 +PRINTABLESTRING
1.55 + Encodes ascii text as PRINTABLESTRING
1.56 + ARG0=ascii text to encode
1.57 +UTF8STRING_FILE
1.58 + Includes a UTF8STRING file as an UTF8STRING element
1.59 + ARG0=name of file to include
1.60 +RAW
1.61 + Allows raw hex to be inserted into the file
1.62 + ARG0=AA:BB:CC:DD:EE:FF
1.63 +UTCTIME
1.64 + Encodes a utc time. N.B. no attempt is made to validate the format of the time.
1.65 + ARG0=time in ascii
1.66 +UTF8STRING
1.67 + Encodes ascii text as UTF8STRING
1.68 + ARG0=ascii text to encode
1.69 +UTF8STRING_FILE
1.70 + Includes a UTF8STRING file as an UTF8STRING element
1.71 + ARG0=name of file to include
1.72 +**********
1.73 +
1.74 +Compound types are of the form and apply an encoding to the result of
1.75 +recursively concatenating the embedded types.
1.76 +
1.77 +COMPOUND_TYPE
1.78 + SIMPLE_TYPE
1.79 + COMPOUND_TYPE
1.80 + SIMPLE_TYPE
1.81 + END
1.82 + SIMPLE_TYPE
1.83 +END
1.84 +
1.85 +compound types
1.86 +**************
1.87 +BITSTRING_WRAPPER
1.88 + Wraps the nested content inside a BITSTRING
1.89 +INCLUDE
1.90 + Allows nesting of dergen script file. Arguments may also be passed for textual substitution. Refer to arguments as $1 .. $N
1.91 + ARG0=filename to include
1.92 + ARG1 (optional)=argument to subtitute for $1 in include file
1.93 + ARGN (optional)=argument
1.94 +
1.95 +IMPLICIT
1.96 + Changes the tag of the embedded type according to the tag number and class arguments.
1.97 + The default tag number is 0 and the default class is CONTEXT-SPECIFIC.
1.98 + ARG1 (optional)=tag nummber (in hex)
1.99 + ARG2 (optional)=class (UNIVERSAL,APPLICATION,CONTEXT-SPECIFIC,PRIVATE)
1.100 +
1.101 +ENCRYPT
1.102 + Encrypts the nested data. (Requires OpenSSL)
1.103 + ARG0=cipher (as defined by openssl without the leading hyphen)
1.104 + ARG1=key (in hex)
1.105 + ARG2=iv (in hex)
1.106 +EXPLICIT
1.107 + Wraps the embedded type with a new tag defined by the tag number and class arguments.
1.108 + The default tag number is 0 and the default class is CONTEXT-SPECIFIC.
1.109 + ARG0 (optional)=tag nummber (in hex)
1.110 + ARG1 (optional)class (UNIVERSAL,APPLICATION,CONTEXT-SPECIFIC,PRIVATE)
1.111 +HASH
1.112 + Embeds the hash of the nested data. (Requries OpenSSL)
1.113 + ARG0=algorithm (as defined by OpenSSL without the leading hyphen)
1.114 +HMAC
1.115 + Embeds a HMAC for the nested data.
1.116 + ARG0=algorithm (SHA1|MD5)
1.117 + ARG1=key (in kex)
1.118 +OCTETSTRING
1.119 + Wraps the nested content in an OCTETSTRING tag
1.120 +OUTPUT_BINARY_FILE
1.121 + Outputs the nested data in binary form to the named file and optionally includes the nested data in the
1.122 + encoding stream as well.
1.123 + ARG0=The filename to write the data to
1.124 + ARG1=Set this to 1 to also include the binary content int he output stream (Optional)
1.125 +SEQ
1.126 + Embeds content in a SEQ tag
1.127 +SIGN Creates a PKCS#7 signed data object of the nested data using OpenSSL's SMIME command
1.128 + ARG0=signing certificate filename (PEM format)
1.129 + ARG1=signing key filename (PEM format)
1.130 +SET
1.131 + Embeds content in a SET tag
1.132 +SHELL
1.133 + Executes an arbitrary shell command
1.134 + ARG0=program to run
1.135 + ARG1 (optional)=first argument to shell command
1.136 + ARGN (optional)=last largument to shell command
1.137 +
1.138 +command line arguments
1.139 +**********************
1.140 +--in <filename> : script file
1.141 +--out <filename> : output file
1.142 +--hex : output hex instead of binary
1.143 +--debug : set the debug level. 0=off,1=parsing information,2=parsing & encoding information,3=everything
1.144 +
1.145 +other
1.146 +****
1.147 +If it doesn't work then then try setting the DEBUG global variable to 1 (or 2
1.148 +or 3 for more increased verbosity)