oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
Files
2f925d8b09da300dfb28131ff7a83e273e63d00c
heimdal/lib/asn1/template.c
Nicolas Williams fb2c81f3e8 asn1: Add printing of ASN.1 values 
JSON-like printing of ASN.1 parsed values.

Status:

 - Not X.697 (JER) compliant, not even close.

 - String escaping isn't JSON-compliant.

 - It's not printing the names of CHOICE types.

 - It's not printing the names of open type choices (i.e., IOS object
   names)

And yet it's quite useful already.  It prints all the weird things in EK
certs for example.

Here's what it outputs for the EK cert we use in check-gen.c:

{
  "_type": "Certificate",
  "tbsCertificate": {
    "_type": "TBSCertificate",
    "_save": "30820376A00302010202146A0597BA71D7E6D3AC0EDC9EDC95A15B998DE40A300D06092A864886F70D01010B05003055310B3009060355040613024348311E301C060355040A131553544D6963726F656C656374726F6E696373204E56312630240603550403131D53544D2054504D20454B20496E7465726D656469617465204341203035301E170D3138313231343030303030305A170D3238313231343030303030305A300030820122300D06092A864886F70D01010105000382010F003082010A0282010100CC14EB27A78CEB0EA486FA2DF7835F5FA8E905B097012B5BDE50380C355B1A2A721BBC3D08DD21796CDB239FA95310651B1B56FD2CFE53C87352EBD996E33256160404CE9302A08066801E786A2F86E181F949966F492A85B58EAA4A6A8CB3697551BB236E87CC7BF8EC1347871C91E15437E8F266BF1EA5EB271FDCF374D8B47DF8BCE89E1FAD61C2A088CB4036B359CB72A294973FEDCCF0C340AFFD14B64F041165581ACA34147C1C75617047058F7ED7D603E032508094FA73E8B9153DA3BF255D2CBBC5DF301BA8F74D198BEBCE86040FC1D2927C7657414490D802F482F3EBF2DE35EE149A1A6DE8D16891FBFBA02A18AFE59F9D6F149744E5F0D559B10203010001A38201A9308201A5301F0603551D230418301680141ADB994AB58BE57A0CC9B900E7851E1A43C0866030420603551D20043B303930370604551D2000302F302D06082B060105050702011621687474703A2F2F7777772E73742E636F6D2F54504D2F7265706F7369746F72792F30590603551D110101FF044F304DA44B304931163014060567810502010C0B69643A353335343444323031173015060567810502020C0C53543333485450484148433031163014060567810502030C0B69643A303034393030303830670603551D090460305E301706056781050210310E300C0C03322E300201000202008A304306056781050212313A30380201000101FFA0030A0101A1030A0100A2030A0100A310300E1603332E310A01040A01020101FFA40F300D16053134302D320A0102010100300E0603551D0F0101FF040403020520300C0603551D130101FF0402300030100603551D250409300706056781050801304A06082B06010505070101043E303C303A06082B06010505073002862E687474703A2F2F7365637572652E676C6F62616C7369676E2E636F6D2F73746D74706D656B696E7430352E637274",
    "version": "2",
    "serialNumber": "6A0597BA71D7E6D3AC0EDC9EDC95A15B998DE40A",
    "signature": {
      "_type": "AlgorithmIdentifier",
      "algorithm": "1.2.840.113549.1.1.11",
      "parameters": "0500"
    },
    "issuer": {
      "_choice": "rdnSequence",
      "value": [
        [
          {
            "_type": "AttributeTypeAndValue",
            "type": "2.5.4.6",
            "value": {
              "_choice": "printableString",
              "value": "CH"
            }
          }
        ],
        [
          {
            "_type": "AttributeTypeAndValue",
            "type": "2.5.4.10",
            "value": {
              "_choice": "printableString",
              "value": "STMicroelectronics NV"
            }
          }
        ],
        [
          {
            "_type": "AttributeTypeAndValue",
            "type": "2.5.4.3",
            "value": {
              "_choice": "printableString",
              "value": "STM TPM EK Intermediate CA 05"
            }
          }
        ]
      ]
    },
    "validity": {
      "_type": "Validity",
      "notBefore": {
        "_choice": "utcTime",
        "value": "2018-12-14T00:00:00Z"
      },
      "notAfter": {
        "_choice": "utcTime",
        "value": "2028-12-14T00:00:00Z"
      }
    },
    "subject": {
      "_choice": "rdnSequence",
      "value": []
    },
    "subjectPublicKeyInfo": {
      "_type": "SubjectPublicKeyInfo",
      "algorithm": {
        "_type": "AlgorithmIdentifier",
        "algorithm": "1.2.840.113549.1.1.1",
        "parameters": "0500"
      },
      "subjectPublicKey": "2160:3082010A0282010100CC14EB27A78CEB0EA486FA2DF7835F5FA8E905B097012B5BDE50380C355B1A2A721BBC3D08DD21796CDB239FA95310651B1B56FD2CFE53C87352EBD996E33256160404CE9302A08066801E786A2F86E181F949966F492A85B58EAA4A6A8CB3697551BB236E87CC7BF8EC1347871C91E15437E8F266BF1EA5EB271FDCF374D8B47DF8BCE89E1FAD61C2A088CB4036B359CB72A294973FEDCCF0C340AFFD14B64F041165581ACA34147C1C75617047058F7ED7D603E032508094FA73E8B9153DA3BF255D2CBBC5DF301BA8F74D198BEBCE86040FC1D2927C7657414490D802F482F3EBF2DE35EE149A1A6DE8D16891FBFBA02A18AFE59F9D6F149744E5F0D559B10203010001"
    },
    "issuerUniqueID": null,
    "subjectUniqueID": null,
    "extensions": [
      {
        "_type": "Extension",
        "extnID": "2.5.29.35",
        "critical": false,
        "extnValue": "301680141ADB994AB58BE57A0CC9B900E7851E1A43C08660",
        "_extnValue": {
          "_type": "AuthorityKeyIdentifier",
          "keyIdentifier": "1ADB994AB58BE57A0CC9B900E7851E1A43C08660",
          "authorityCertIssuer": null,
          "authorityCertSerialNumber": null
        }
      },
      {
        "_type": "Extension",
        "extnID": "2.5.29.32",
        "critical": false,
        "extnValue": "303930370604551D2000302F302D06082B060105050702011621687474703A2F2F7777772E73742E636F6D2F54504D2F7265706F7369746F72792F",
        "_extnValue": [
          {
            "_type": "PolicyInformation",
            "policyIdentifier": "2.5.29.32.0",
            "policyQualifiers": [
              {
                "_type": "PolicyQualifierInfo",
                "policyQualifierId": "1.3.6.1.5.5.7.2.1",
                "qualifier": "1621687474703A2F2F7777772E73742E636F6D2F54504D2F7265706F7369746F72792F"
              }
            ]
          }
        ]
      },
      {
        "_type": "Extension",
        "extnID": "2.5.29.17",
        "critical": true,
        "extnValue": "304DA44B304931163014060567810502010C0B69643A353335343444323031173015060567810502020C0C53543333485450484148433031163014060567810502030C0B69643A3030343930303038",
        "_extnValue": [
          {
            "_choice": "directoryName",
            "value": {
              "_choice": "rdnSequence",
              "value": [
                [
                  {
                    "_type": "AttributeTypeAndValue",
                    "type": "2.23.133.2.1",
                    "value": {
                      "_choice": "utf8String",
                      "value": "id:53544D20"
                    }
                  }
                ],
                [
                  {
                    "_type": "AttributeTypeAndValue",
                    "type": "2.23.133.2.2",
                    "value": {
                      "_choice": "utf8String",
                      "value": "ST33HTPHAHC0"
                    }
                  }
                ],
                [
                  {
                    "_type": "AttributeTypeAndValue",
                    "type": "2.23.133.2.3",
                    "value": {
                      "_choice": "utf8String",
                      "value": "id:00490008"
                    }
                  }
                ]
              ]
            }
          }
        ]
      },
      {
        "_type": "Extension",
        "extnID": "2.5.29.9",
        "critical": false,
        "extnValue": "305E301706056781050210310E300C0C03322E300201000202008A304306056781050212313A30380201000101FFA0030A0101A1030A0100A2030A0100A310300E1603332E310A01040A01020101FFA40F300D16053134302D320A0102010100",
        "_extnValue": [
          {
            "_type": "AttributeSet",
            "type": "2.23.133.2.16",
            "values": [
              "300C0C03322E300201000202008A"
            ],
            "_values": [
              {
                "_type": "TPMSpecification",
                "family": "2.0",
                "level": "0",
                "revision": "138"
              }
            ]
          },
          {
            "_type": "AttributeSet",
            "type": "2.23.133.2.18",
            "values": [
              "30380201000101FFA0030A0101A1030A0100A2030A0100A310300E1603332E310A01040A01020101FFA40F300D16053134302D320A0102010100"
            ],
            "_values": [
              {
                "_type": "TPMSecurityAssertions",
                "version": "0",
                "fieldUpgradable": true,
                "ekGenerationType": "655617",
                "ekGenerationLocation": "655616",
                "ekCertificateGenerationLocation": "655616",
                "ccInfo": {
                  "_type": "CommonCriteriaMeasures",
                  "version": "3.1",
                  "assurancelevel": "4",
                  "evaluationStatus": "2",
                  "plus": true,
                  "strengthOfFunction": null,
                  "profileOid": null,
                  "profileUri": null,
                  "targetOid": null,
                  "targetUri": null
                },
                "fipsLevel": {
                  "_type": "FIPSLevel",
                  "version": "140-2",
                  "level": "2",
                  "plus": false
                },
                "iso9000Certified": false,
                "iso9000Uri": null
              }
            ]
          }
        ]
      },
      {
        "_type": "Extension",
        "extnID": "2.5.29.15",
        "critical": true,
        "extnValue": "03020520",
        "_extnValue": [
          "keyEncipherment"
        ]
      },
      {
        "_type": "Extension",
        "extnID": "2.5.29.19",
        "critical": true,
        "extnValue": "3000",
        "_extnValue": {
          "_type": "BasicConstraints",
          "cA": false,
          "pathLenConstraint": null
        }
      },
      {
        "_type": "Extension",
        "extnID": "2.5.29.37",
        "critical": false,
        "extnValue": "300706056781050801",
        "_extnValue": [
          "2.23.133.8.1"
        ]
      },
      {
        "_type": "Extension",
        "extnID": "1.3.6.1.5.5.7.1.1",
        "critical": false,
        "extnValue": "303C303A06082B06010505073002862E687474703A2F2F7365637572652E676C6F62616C7369676E2E636F6D2F73746D74706D656B696E7430352E637274",
        "_extnValue": [
          {
            "_type": "AccessDescription",
            "accessMethod": "1.3.6.1.5.5.7.48.2",
            "accessLocation": {
              "_choice": "uniformResourceIdentifier",
              "value": "http://secure.globalsign.com/stmtpmekint05.crt"
            }
          }
        ]
      }
    ]
  },
  "signatureAlgorithm": {
    "_type": "AlgorithmIdentifier",
    "algorithm": "1.2.840.113549.1.1.11",
    "parameters": "0500"
  },
  "signatureValue": "2048:3D4C381E5B4F1BCBE09C63D52F1F04570CAEA142FD9CD942043B11F8E3BDCF50007AE16CF8869013041E92CDD3280BA4B51FBBD40582ED750219E261A695095674855AACEB520ADAFF9E7E908480A39CDCF900462D9171960FFE55D3AC49E8C981341BBD2EFBCC252A4C18A4F3B7C84CCE42CE70A208C84D2630A7ABFBE72D6271E75B9FF1C971D20EB3DBD763F1E04D834EAA692D2E4001BBF4730A3E3FDA9711AE386524D91C63BE0E516D00D5C6141FCCF6C539F3518E180049865BE16B69CAE1F8CB7FDC474B38F7EE56CBE7D8A89D9BA99B65D5265AEF32AA62426B10E6D75BB8677EC44F755BBC2806FD2B4E04BDF5D44259DBEAA42B6F563DF7AA7506"
}
2021-02-28 18:13:08 -06:00

2937 lines
88 KiB
C
Raw Blame History

/*
* Copyright (c) 2009 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Portions Copyright (c) 2009 - 2010 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "der_locl.h"
#include <com_err.h>
#include <vis.h>
struct asn1_type_func asn1_template_prim[A1T_NUM_ENTRY] = {
#define el(name, type) { \
(asn1_type_encode)der_put_##name, \
(asn1_type_decode)der_get_##name, \
(asn1_type_length)der_length_##name, \
(asn1_type_copy)der_copy_##name, \
(asn1_type_release)der_free_##name, \
(asn1_type_print)der_print_##name, \
sizeof(type) \
}
#define elber(name, type) { \
(asn1_type_encode)der_put_##name, \
(asn1_type_decode)der_get_##name##_ber, \
(asn1_type_length)der_length_##name, \
(asn1_type_copy)der_copy_##name, \
(asn1_type_release)der_free_##name, \
(asn1_type_print)der_print_##name, \
sizeof(type) \
}
el(integer, int),
el(heim_integer, heim_integer),
el(integer, int),
el(integer64, int64_t),
el(unsigned, unsigned),
el(unsigned64, uint64_t),
el(general_string, heim_general_string),
el(octet_string, heim_octet_string),
elber(octet_string, heim_octet_string),
el(ia5_string, heim_ia5_string),
el(bmp_string, heim_bmp_string),
el(universal_string, heim_universal_string),
el(printable_string, heim_printable_string),
el(visible_string, heim_visible_string),
el(utf8string, heim_utf8_string),
el(generalized_time, time_t),
el(utctime, time_t),
el(bit_string, heim_bit_string),
{ (asn1_type_encode)der_put_boolean, (asn1_type_decode)der_get_boolean,
(asn1_type_length)der_length_boolean, (asn1_type_copy)der_copy_integer,
(asn1_type_release)der_free_integer, (asn1_type_print)der_print_boolean,
sizeof(int)
},
el(oid, heim_oid),
el(general_string, heim_general_string),
#undef el
#undef elber
};
size_t
_asn1_sizeofType(const struct asn1_template *t)
{
return t->offset;
}
/*
* Here is abstraction to not so well evil fact of bit fields in C,
* they are endian dependent, so when getting and setting bits in the
* host local structure we need to know the endianness of the host.
*
* Its not the first time in Heimdal this have bitten us, and some day
* we'll grow up and use #defined constant, but bit fields are still
* so pretty and shiny.
*/
static void
_asn1_bmember_get_bit(const unsigned char *p, void *data,
unsigned int bit, size_t size)
{
unsigned int localbit = bit % 8;
if ((*p >> (7 - localbit)) & 1) {
#ifdef WORDS_BIGENDIAN
*(unsigned int *)data |= (1 << ((size * 8) - bit - 1));
#else
*(unsigned int *)data |= (1 << bit);
#endif
}
}
int
_asn1_bmember_isset_bit(const void *data, unsigned int bit, size_t size)
{
#ifdef WORDS_BIGENDIAN
if ((*(unsigned int *)data) & (1 << ((size * 8) - bit - 1)))
return 1;
return 0;
#else
if ((*(unsigned int *)data) & (1 << bit))
return 1;
return 0;
#endif
}
void
_asn1_bmember_put_bit(unsigned char *p, const void *data, unsigned int bit,
size_t size, unsigned int *bitset)
{
unsigned int localbit = bit % 8;
if (_asn1_bmember_isset_bit(data, bit, size)) {
*p |= (1 << (7 - localbit));
if (*bitset == 0)
*bitset = (7 - localbit) + 1;
}
}
/*
* Utility function to tell us if the encoding of some type per its template
* will have an outer tag. This is needed when the caller wants to slap on an
* IMPLICIT tag: if the inner type has a tag then we need to replace it.
*/
static int
is_tagged(const struct asn1_template *t)
{
size_t elements = A1_HEADER_LEN(t);
t += A1_HEADER_LEN(t);
if (elements != 1)
return 0;
switch (t->tt & A1_OP_MASK) {
case A1_OP_SEQOF: return 0;
case A1_OP_SETOF: return 0;
case A1_OP_BMEMBER: return 0;
case A1_OP_PARSE: return 0;
case A1_OP_TAG: return 1;
case A1_OP_CHOICE: return 1;
case A1_OP_TYPE: return 1;
case A1_OP_TYPE_EXTERN: {
const struct asn1_type_func *f = t->ptr;
/*
* XXX Add a boolean to struct asn1_type_func to tell us if the type is
* tagged or not. Basically, it's not tagged if it's primitive.
*/
if (f->encode == (asn1_type_encode)encode_heim_any ||
f->encode == (asn1_type_encode)encode_HEIM_ANY)
return 0;
abort(); /* XXX */
}
default: abort();
}
}
static size_t
inner_type_taglen(const struct asn1_template *t)
{
size_t elements = A1_HEADER_LEN(t);
t += A1_HEADER_LEN(t);
if (elements != 1)
return 0;
switch (t->tt & A1_OP_MASK) {
case A1_OP_SEQOF: return 0;
case A1_OP_SETOF: return 0;
case A1_OP_BMEMBER: return 0;
case A1_OP_PARSE: return 0;
case A1_OP_CHOICE: return 1;
case A1_OP_TYPE: return inner_type_taglen(t->ptr);
case A1_OP_TAG: return der_length_tag(A1_TAG_TAG(t->tt));
case A1_OP_TYPE_EXTERN: {
const struct asn1_type_func *f = t->ptr;
/*
* XXX Add a boolean to struct asn1_type_func to tell us if the type is
* tagged or not. Basically, it's not tagged if it's primitive.
*/
if (f->encode == (asn1_type_encode)encode_heim_any ||
f->encode == (asn1_type_encode)encode_HEIM_ANY)
return 0;
abort(); /* XXX */
}
default: abort();
#ifdef WIN32
_exit(0); /* Quiet VC */
#endif
}
}
/*
* Compare some int of unknown size in a type ID field to the int value in
* some IOS object's type ID template entry.
*
* This should be called with a `A1_TAG_T(ASN1_C_UNIV, PRIM, UT_Integer)'
* template as the `ttypeid'.
*/
static int
typeid_int_cmp(const void *intp,
int64_t i,
const struct asn1_template *ttypeid)
{
const struct asn1_template *tint = ttypeid->ptr;
if ((tint[1].tt & A1_OP_MASK) != A1_OP_PARSE)
return -1;
if (A1_PARSE_TYPE(tint[1].tt) != A1T_INTEGER)
return -1;
switch (tint[0].offset) {
case 8: return i - *(const int64_t *)intp;
case 4: return i - *(const int32_t *)intp;
default: return -1;
}
}
/*
* Map a logical SET/SEQUENCE member to a template entry.
*
* This should really have been done by the compiler, but clearly it wasn't.
*
* The point is that a struct type's template may be littered with entries that
* don't directly correspond to a struct field (SET/SEQUENCE member), so we
* have to count just the ones that do to get to the one we want.
*/
static const struct asn1_template *
template4member(const struct asn1_template *t, size_t f)
{
size_t n = (uintptr_t)t->ptr;
size_t i;
for (i = 0, t++; i < n; t++, i++) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_TAG:
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN:
if (f-- == 0)
return t;
continue;
case A1_OP_OPENTYPE_OBJSET:
case A1_OP_NAME:
return NULL;
default:
continue;
}
}
return NULL;
}
/*
* Attempt to decode known open type alternatives into a CHOICE-like
* discriminated union.
*
* Arguments:
*
* - object set template
* - decoder flags
* - pointer to memory object (C struct) to decode into
* - template for type ID field of `data'
* - template for open type field of `data' (an octet string or HEIM_ANY)
*
* Returns:
*
* - 0
* - ENOMEM
*
* Other errors in decoding open type values are ignored, but applications can
* note that an error must have occurred. (Perhaps we should generate a `ret'
* field for the discriminated union we decode into that we could use to
* indicate what went wrong with decoding an open type value? The application
* can always try to decode itself to find out what the error was, but the
* whole point is to save the developer the bother of writing code to decode
* open type values. Then again, the specific cause of any one decode failure
* is not usually very important to users, so it's not very important to
* applications either.)
*
* Here `data' is something like this:
*
* typedef struct SingleAttribute {
* heim_oid type; // <--- decoded already
* HEIM_ANY value; // <--- decoded already
* // We must set this:
* // vvvvvvvv
* struct {
* enum {
* choice_SingleAttribute_iosnumunknown = 0,
* choice_SingleAttribute_iosnum_id_at_name,
* ..
* choice_SingleAttribute_iosnum_id_at_emailAddress,
* } element; // <--- map type ID to enum
* union {
* X520name* at_name;
* X520name* at_surname;
* ..
* AliasIA5String* at_emailAddress;
* } u; // <--- alloc and decode val above into this
* } _ioschoice_value;
* } SingleAttribute;
*
* or
*
* typedef struct AttributeSet {
* heim_oid type; // <--- decoded already
* struct AttributeSet_values {
* unsigned int len; // <--- decoded already
* HEIM_ANY *val; // <--- decoded already
* } values;
* // We must set this:
* // vvvvvvvv
* struct {
* enum { choice_AttributeSet_iosnumunknown = 0,
* choice_AttributeSet_iosnum_id_at_name,
* choice_AttributeSet_iosnum_id_at_surname,
* ..
* choice_AttributeSet_iosnum_id_at_emailAddress,
* } element; // <--- map type ID to enum
* unsigned int len; // <--- set len to len as above
* union {
* X520name *at_name;
* X520name *at_surname;
* ..
* AliasIA5String *at_emailAddress;
* } *val; // <--- alloc and decode vals above into this
* } _ioschoice_values;
* } AttributeSet;
*/
static int
_asn1_decode_open_type(const struct asn1_template *t,
unsigned flags,
void *data,
const struct asn1_template *ttypeid,
const struct asn1_template *topentype)
{
const struct asn1_template *ttypeid_univ = ttypeid;
const struct asn1_template *tactual_type;
const struct asn1_template *tos = t->ptr;
size_t sz, n;
size_t i = 0;
unsigned int *lenp = NULL; /* Pointer to array length field */
unsigned int len = 1; /* Array length */
void **dp = NULL; /* Decoded open type struct pointer */
int *elementp; /* Choice enum pointer */
int typeid_is_oid = 0;
int typeid_is_int = 0;
int ret = 0;
/*
* NOTE: Here expressions like `DPO(data, t->offset + ...)' refer to parts
* of a _ioschoice_<fieldName> struct field of `data'.
*
* Expressions like `DPO(data, topentype->offset + ...)' refer to
* the open type field in `data', which is either a `heim_any', a
* `heim_octet_string', or an array of one of those.
*
* Expressions like `DPO(data, ttypeid->offset)' refer to the open
* type's type ID field in `data'.
*/
/*
* Minimal setup:
*
* - set type choice to choice_<type>_iosnumunknown (zero).
* - set union value to zero
*
* We need a pointer to the choice ID:
*
* typedef struct AttributeSet {
* heim_oid type; // <--- decoded already
* struct AttributeSet_values {
* unsigned int len; // <--- decoded already
* HEIM_ANY *val; // <--- decoded already
* } values;
* struct {
* enum { choice_AttributeSet_iosnumunknown = 0,
* -----------> ...
* } element; // HERE
* ...
* } ...
* }
*
* XXX NOTE: We're assuming that sizeof(enum) == sizeof(int)!
*/
elementp = DPO(data, t->offset);
*elementp = 0; /* Set the choice to choice_<type>_iosnumunknown */
if (t->tt & A1_OS_OT_IS_ARRAY) {
/*
* The open type is a SET OF / SEQUENCE OF -- an array.
*
* Get the number of elements to decode from:
*
* typedef struct AttributeSet {
* heim_oid type;
* struct AttributeSet_values {
* ------------>unsigned int len; // HERE
* HEIM_ANY *val;
* } values;
* ...
* }
*/
len = *((unsigned int *)DPO(data, topentype->offset));
/*
* Set the number of decoded elements to zero for now:
*
* typedef struct AttributeSet {
* heim_oid type;
* struct AttributeSet_values {
* unsigned int len;
* HEIM_ANY *val;
* } values;
* struct {
* enum { ... } element;
* ------------>unsigned int len; // HERE
* ...
* } _ioschoice_values;
* }
*/
lenp = DPO(data, t->offset + sizeof(*elementp));
*lenp = 0;
/*
* Get a pointer to the place where we must put the decoded value:
*
* typedef struct AttributeSet {
* heim_oid type;
* struct AttributeSet_values {
* unsigned int len;
* HEIM_ANY *val;
* } values;
* struct {
* enum { ... } element;
* unsigned int len;
* struct {
* union { SomeType *some_choice; ... } u;
* ------------>} *val; // HERE
* } _ioschoice_values;
* } AttributeSet;
*/
dp = DPO(data, t->offset + sizeof(*elementp) + sizeof(*lenp));
} else {
/*
* Get a pointer to the place where we must put the decoded value:
*
* typedef struct SingleAttribute {
* heim_oid type;
* HEIM_ANY value;
* struct {
* enum { ... } element;
* ------------>union { SomeType *some_choice; ... } u; // HERE
* } _ioschoice_value;
* } SingleAttribute;
*/
dp = DPO(data, t->offset + sizeof(*elementp));
}
/* Align `dp' */
while (sizeof(void *) != sizeof(*elementp) &&
((uintptr_t)dp) % sizeof(void *) != 0)
dp = (void *)(((char *)dp) + sizeof(*elementp));
*dp = NULL;
/*
* Find out the type of the type ID member. We currently support only
* integers and OIDs.
*
* Chase through any tags to get to the type.
*/
while (((ttypeid_univ->tt & A1_OP_MASK) == A1_OP_TAG &&
A1_TAG_CLASS(ttypeid_univ->tt) == ASN1_C_CONTEXT) ||
((ttypeid_univ->tt & A1_OP_MASK) == A1_OP_TYPE)) {
ttypeid_univ = ttypeid_univ->ptr;
ttypeid_univ++;
}
switch (ttypeid_univ->tt & A1_OP_MASK) {
case A1_OP_TAG:
if (A1_TAG_CLASS(ttypeid_univ->tt) != ASN1_C_UNIV)
return 0; /* Do nothing, silently */
switch (A1_TAG_TAG(ttypeid_univ->tt)) {
case UT_OID:
typeid_is_oid = 1;
break;
case UT_Integer: {
const struct asn1_template *tint = ttypeid_univ->ptr;
tint++;
if ((tint->tt & A1_OP_MASK) != A1_OP_PARSE)
return 0; /* Do nothing, silently */
if (A1_PARSE_TYPE(tint->tt) != A1T_INTEGER)
return 0; /* Do nothing, silently (probably a large int) */
typeid_is_int = 1;
break;
}
/* It might be cool to support string types as type ID types */
default: return 0; /* Do nothing, silently */
}
break;
default: return 0; /* Do nothing, silently */
}
/*
* Find the type of the open type.
*
* An object set template looks like:
*
* const struct asn1_template asn1_ObjectSetName[] = {
* // Header entry (in this case it says there's 17 objects):
* { 0, 0, ((void*)17) },
*
* // here's the name of the object set:
* { A1_OP_NAME, 0, "ObjectSetName" },
*
* // then three entries per object: object name, object type ID,
* // object type:
* { A1_OP_NAME, 0, "ext-AuthorityInfoAccess" },
* { A1_OP_OPENTYPE_ID, 0, (const void*)&asn1_oid_oidName },
* { A1_OP_OPENTYPE, sizeof(SomeType), (const void*)&asn1_SomeType },
* ...
* };
*
* `i' being a logical object offset, i*3+3 would be the index of the
* A1_OP_OPENTYPE_ID entry for the current object, and i*3+4 the index of
* the A1_OP_OPENTYPE entry for the current object.
*/
if (t->tt & A1_OS_IS_SORTED) {
size_t left = 0;
size_t right = A1_HEADER_LEN(tos);
const void *vp = DPO(data, ttypeid->offset);
int c = -1;
while (left <= right) {
size_t mid = (left + right) >> 1;
if ((tos[3 + mid * 3].tt & A1_OP_MASK) != A1_OP_OPENTYPE_ID)
return 0;
if (typeid_is_int)
c = typeid_int_cmp(vp, (intptr_t)tos[3 + mid * 3].ptr,
ttypeid_univ);
else if (typeid_is_oid)
c = der_heim_oid_cmp(vp, tos[3 + mid * 3].ptr);
if (c < 0) {
if (mid)
right = mid - 1;
else
break;
} else if (c > 0) {
left = mid + 1;
} else {
i = mid;
break;
}
}
if (c)
return 0; /* No match */
} else {
for (i = 0, n = A1_HEADER_LEN(tos); i < n; i++) {
/* We add 1 to `i' because we're skipping the header */
if ((tos[3 + i*3].tt & A1_OP_MASK) != A1_OP_OPENTYPE_ID)
return 0;
if (typeid_is_int &&
typeid_int_cmp(DPO(data, ttypeid->offset),
(intptr_t)tos[3 + i*3].ptr,
ttypeid_univ))
continue;
if (typeid_is_oid &&
der_heim_oid_cmp(DPO(data, ttypeid->offset), tos[3 + i*3].ptr))
continue;
break;
}
if (i == n)
return 0; /* No match */
}
/* Match! */
*elementp = i+1; /* Zero is the "unknown" choice, so add 1 */
/*
* We want the A1_OP_OPENTYPE template entry. Its `offset' is the sizeof
* the object we'll be decoding into, and its `ptr' is the pointer to the
* template for decoding that type.
*/
tactual_type = &tos[i*3 + 4];
/* Decode the encoded open type value(s) */
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
/*
* Not a SET OF/SEQUENCE OF open type, just singular.
*
* We need the address of the octet string / ANY field containing the
* encoded open type value:
*
* typedef struct SingleAttribute {
* heim_oid type;
* -------->HEIM_ANY value; // HERE
* struct {
* ...
* } ...
* }
*/
const struct heim_base_data *d = DPOC(data, topentype->offset);
void *o;
if ((o = calloc(1, tactual_type->offset)) == NULL)
return ENOMEM;
/* Re-enter to decode the encoded open type value */
ret = _asn1_decode(tactual_type->ptr, flags, d->data, d->length, o, &sz);
/*
* Store the decoded object in the union:
*
* typedef struct SingleAttribute {
* heim_oid type;
* HEIM_ANY value;
* struct {
* enum { ... } element;
* ------------>union { SomeType *some_choice; ... } u; // HERE
* } _ioschoice_value;
* } SingleAttribute;
*
* All the union arms are pointers.
*/
if (ret) {
free(o);
/*
* So we failed to decode the open type -- that should not be fatal
* to decoding the rest of the input. Only ENOMEM should be fatal.
*/
ret = 0;
} else {
*dp = o;
}
return ret;
} else {
const struct heim_base_data * const *d;
void **val; /* Array of pointers */
/*
* A SET OF/SEQUENCE OF open type, plural.
*
* We need the address of the octet string / ANY array pointer field
* containing the encoded open type values:
*
* typedef struct AttributeSet {
* heim_oid type;
* struct AttributeSet_values {
* unsigned int len;
* ------------>HEIM_ANY *val; // HERE
* } values;
* ...
* }
*
* We already know the value of the `len' field.
*/
d = DPOC(data, topentype->offset + sizeof(unsigned int));
while (sizeof(void *) != sizeof(len) &&
((uintptr_t)d) % sizeof(void *) != 0)
d = (const void *)(((const char *)d) + sizeof(len));
if ((val = calloc(len, sizeof(*val))) == NULL)
ret = ENOMEM;
/* Increment the count of decoded values as we decode */
*lenp = len;
for (i = 0; ret != ENOMEM && i < len; i++) {
if ((val[i] = calloc(len, tactual_type->offset)) == NULL)
ret = ENOMEM;
if (ret == 0)
/* Re-enter to decode the encoded open type value */
ret = _asn1_decode(tactual_type->ptr, flags, d[i]->data,
d[i]->length, val[i], &sz);
if (ret) {
free(val[i]);
val[i] = NULL;
}
}
if (ret == ENOMEM) {
for (i = 0; i < len; i++) {
_asn1_free(tactual_type->ptr, val[i]);
free(val[i]);
}
free(val);
val = 0;
*lenp = 0;
}
if (ret != ENOMEM)
ret = 0; /* See above */
*dp = val;
return ret;
}
}
int
_asn1_decode(const struct asn1_template *t, unsigned flags,
const unsigned char *p, size_t len, void *data, size_t *size)
{
const struct asn1_template *tbase = t;
const struct asn1_template *tdefval = NULL;
size_t elements = A1_HEADER_LEN(t);
size_t oldlen = len;
int ret = 0;
const unsigned char *startp = NULL;
unsigned int template_flags = t->tt;
/* skip over header */
t++;
if (template_flags & A1_HF_PRESERVE)
startp = p;
while (elements) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_OPENTYPE_OBJSET: {
size_t opentypeid = t->tt & ((1<<10)-1);
size_t opentype = (t->tt >> 10) & ((1<<10)-1);
/* Note that the only error returned here would be ENOMEM */
ret = _asn1_decode_open_type(t, flags, data,
template4member(tbase, opentypeid),
template4member(tbase, opentype));
if (ret)
return ret;
break;
}
case A1_OP_NAME: break;
case A1_OP_DEFVAL:
tdefval = t;
break;
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN: {
size_t newsize, elsize;
void *el = DPO(data, t->offset);
void **pel = (void **)el;
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
elsize = _asn1_sizeofType(t->ptr);
} else {
const struct asn1_type_func *f = t->ptr;
elsize = f->size;
}
if (t->tt & A1_FLAG_OPTIONAL) {
*pel = calloc(1, elsize);
if (*pel == NULL)
return ENOMEM;
el = *pel;
}
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
ret = _asn1_decode(t->ptr, flags, p, len, el, &newsize);
} else {
const struct asn1_type_func *f = t->ptr;
ret = (f->decode)(p, len, el, &newsize);
}
if (ret) {
if (t->tt & A1_FLAG_OPTIONAL) {
/*
* Optional field not present in encoding, presumably,
* though we should really look more carefully at `ret'.
*/
free(*pel);
*pel = NULL;
break;
} else if (t->tt & A1_FLAG_DEFAULT) {
/*
* Defaulted field not present in encoding, presumably,
* though we should really look more carefully at `ret'.
*/
if (tdefval->tt & A1_DV_BOOLEAN) {
int *i = (void *)(char *)el;
*i = tdefval->ptr ? 1 : 0;
} else if (tdefval->tt & A1_DV_INTEGER64) {
int64_t *i = (void *)(char *)el;
*i = (int64_t)(intptr_t)tdefval->ptr;
} else if (tdefval->tt & A1_DV_INTEGER32) {
int32_t *i = (void *)(char *)el;
*i = (int32_t)(intptr_t)tdefval->ptr;
} else if (tdefval->tt & A1_DV_INTEGER) {
struct heim_integer *i = (void *)(char *)el;
if ((ret = der_copy_heim_integer(tdefval->ptr, i)))
return ret;
} else if (tdefval->tt & A1_DV_UTF8STRING) {
char **s = el;
if ((*s = strdup(tdefval->ptr)) == NULL)
return ENOMEM;
} else {
abort();
}
break;
}
return ret; /* Error decoding required field */
}
p += newsize; len -= newsize;
break;
}
case A1_OP_TAG: {
Der_type dertype;
size_t newsize = 0;
size_t datalen, l = 0;
void *olddata = data;
int is_indefinite = 0;
int subflags = flags;
int replace_tag = (t->tt & A1_FLAG_IMPLICIT) && is_tagged(t->ptr);
data = DPO(data, t->offset);
/*
* XXX If this type (chasing t->ptr through IMPLICIT tags, if this
* one is too, till we find a non-TTag) is a [UNIVERSAL SET] type,
* then we have to accept fields out of order. For each field tag
* we see we'd have to do a linear search of the SET's template
* because it won't be sorted (or we could sort a copy and do a
* binary search on that, but these SETs will always be small so it
* won't be worthwhile). We'll need a utility function to do all
* of this.
*/
ret = der_match_tag_and_length(p, len, A1_TAG_CLASS(t->tt),
&dertype, A1_TAG_TAG(t->tt),
&datalen, &l);
if (ret) {
if (t->tt & A1_FLAG_OPTIONAL) {
data = olddata;
break;
} else if (t->tt & A1_FLAG_DEFAULT) {
/*
* Defaulted field not present in encoding, presumably,
* though we should really look more carefully at `ret'.
*/
if (tdefval->tt & A1_DV_BOOLEAN) {
int *i = (void *)(char *)data;
*i = tdefval->ptr ? 1 : 0;
} else if (tdefval->tt & A1_DV_INTEGER64) {
int64_t *i = (void *)(char *)data;
*i = (int64_t)(intptr_t)tdefval->ptr;
} else if (tdefval->tt & A1_DV_INTEGER32) {
int32_t *i = (void *)(char *)data;
*i = (int32_t)(intptr_t)tdefval->ptr;
} else if (tdefval->tt & A1_DV_INTEGER) {
struct heim_integer *i = (void *)(char *)data;
if ((ret = der_copy_heim_integer(tdefval->ptr, i)))
return ret;
} else if (tdefval->tt & A1_DV_UTF8STRING) {
char **s = data;
if ((*s = strdup(tdefval->ptr)) == NULL)
return ENOMEM;
} else {
abort();
}
data = olddata;
break;
}
return ret; /* Error decoding required field */
}
p += l; len -= l;
/*
* Only allow indefinite encoding for OCTET STRING and BER
* for now. Should handle BIT STRING too.
*/
if (dertype != A1_TAG_TYPE(t->tt) && (flags & A1_PF_ALLOW_BER)) {
const struct asn1_template *subtype = t->ptr;
subtype++; /* skip header */
if (((subtype->tt & A1_OP_MASK) == A1_OP_PARSE) &&
A1_PARSE_TYPE(subtype->tt) == A1T_OCTET_STRING)
subflags |= A1_PF_INDEFINTE;
}
if (datalen == ASN1_INDEFINITE) {
if ((flags & A1_PF_ALLOW_BER) == 0)
return ASN1_GOT_BER;
is_indefinite = 1;
datalen = len;
if (datalen < 2)
return ASN1_OVERRUN;
/* hide EndOfContent for sub-decoder, catching it below */
datalen -= 2;
} else if (datalen > len)
return ASN1_OVERRUN;
if (t->tt & A1_FLAG_OPTIONAL) {
void **el = (void **)data;
size_t ellen = _asn1_sizeofType(t->ptr);
*el = calloc(1, ellen);
if (*el == NULL)
return ENOMEM;
data = *el;
}
if (replace_tag) {
const struct asn1_template *subtype = t->ptr;
int have_tag = 0;
/*
* So, we have an IMPLICIT tag. What we want to do is find the
* template for the body of the type so-tagged. That's going
* to be a template that has a tag that isn't itself IMPLICIT.
*
* So we chase the pointer in the template until we find such a
* thing, then decode using that template.
*/
while (!have_tag) {
subtype++;
if ((subtype->tt & A1_OP_MASK) == A1_OP_TAG)
replace_tag = (subtype->tt & A1_FLAG_IMPLICIT) && is_tagged(t->ptr);
if (replace_tag) {
subtype = subtype->ptr;
continue;
}
if ((subtype->tt & A1_OP_MASK) == A1_OP_TAG) {
ret = _asn1_decode(subtype->ptr, subflags, p, datalen, data, &newsize);
have_tag = 1;
} else {
subtype = subtype->ptr;
}
}
} else {
ret = _asn1_decode(t->ptr, subflags, p, datalen, data, &newsize);
}
if (ret)
return ret;
if (is_indefinite) {
/* If we use indefinite encoding, the newsize is the datasize. */
datalen = newsize;
} else if (newsize != datalen) {
/* Check for hidden data that might be after the real tag */
return ASN1_EXTRA_DATA;
}
len -= datalen;
p += datalen;
/*
* Indefinite encoding needs a trailing EndOfContent,
* check for that.
*/
if (is_indefinite) {
ret = der_match_tag_and_length(p, len, ASN1_C_UNIV,
&dertype, UT_EndOfContent,
&datalen, &l);
if (ret)
return ret;
if (dertype != PRIM)
return ASN1_BAD_ID;
if (datalen != 0)
return ASN1_INDEF_EXTRA_DATA;
p += l; len -= l;
}
data = olddata;
break;
}
case A1_OP_PARSE: {
unsigned int type = A1_PARSE_TYPE(t->tt);
size_t newsize;
void *el = DPO(data, t->offset);
/*
* INDEFINITE primitive types are one element after the
* same type but non-INDEFINITE version.
*/
if (flags & A1_PF_INDEFINTE)
type++;
if (type >= sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) {
ABORT_ON_ERROR();
return ASN1_PARSE_ERROR;
}
ret = (asn1_template_prim[type].decode)(p, len, el, &newsize);
if (ret)
return ret;
p += newsize; len -= newsize;
break;
}
case A1_OP_SETOF:
case A1_OP_SEQOF: {
struct template_of *el = DPO(data, t->offset);
size_t newsize;
size_t ellen = _asn1_sizeofType(t->ptr);
size_t vallength = 0;
while (len > 0) {
void *tmp;
size_t newlen = vallength + ellen;
if (vallength > newlen)
return ASN1_OVERFLOW;
tmp = realloc(el->val, newlen);
if (tmp == NULL)
return ENOMEM;
memset(DPO(tmp, vallength), 0, ellen);
el->val = tmp;
ret = _asn1_decode(t->ptr, flags & (~A1_PF_INDEFINTE), p, len,
DPO(el->val, vallength), &newsize);
if (ret)
return ret;
vallength = newlen;
el->len++;
p += newsize; len -= newsize;
}
break;
}
case A1_OP_BMEMBER: {
const struct asn1_template *bmember = t->ptr;
size_t bsize = bmember->offset;
size_t belements = A1_HEADER_LEN(bmember);
size_t pos = 0;
bmember++;
memset(data, 0, bsize);
if (len < 1)
return ASN1_OVERRUN;
p++; len--;
while (belements && len) {
while (bmember->offset / 8 > pos / 8) {
if (len < 1)
break;
p++; len--;
pos += 8;
}
if (len) {
_asn1_bmember_get_bit(p, data, bmember->offset, bsize);
belements--; bmember++;
}
}
len = 0;
break;
}
case A1_OP_CHOICE: {
const struct asn1_template *choice = t->ptr;
unsigned int *element = DPO(data, choice->offset);
size_t datalen;
unsigned int i;
/*
* Provide a saner value as default, we should have a NO element value.
*
* XXX We do have an element value for the ellipsis case: 0. All
* CHOICE discriminant enums start off at 1.
*/
*element = 1;
for (i = 1; i < A1_HEADER_LEN(choice) + 1 && choice[i].tt; i++) {
/*
* This is more permissive than is required. CHOICE
* alternatives must have different outer tags, so in principle
* we should just match the tag at `p' and `len' in sequence to
* the choice alternatives.
*
* Trying every alternative instead happens to do this anyways
* because each one will first match the tag at `p' and `len',
* but if there are CHOICE altnernatives with the same outer
* tag, then we'll allow it, and they had better be unambiguous
* in their internal details, otherwise there would be some
* aliasing.
*
* Arguably the *compiler* should detect ambiguous CHOICE types
* and raise an error, then we don't have to be concerned here
* at all.
*/
ret = _asn1_decode(choice[i].ptr, 0, p, len,
DPO(data, choice[i].offset), &datalen);
if (ret == 0) {
*element = i;
p += datalen; len -= datalen;
break;
} else if (ret != ASN1_BAD_ID && ret != ASN1_MISPLACED_FIELD && ret != ASN1_MISSING_FIELD) {
return ret;
}
}
if (i >= A1_HEADER_LEN(choice) + 1 || !choice[i].tt) {
if (choice->tt == 0)
return ASN1_BAD_ID;
/* This is the ellipsis case */
*element = 0;
ret = der_get_octet_string(p, len,
DPO(data, choice->tt), &datalen);
if (ret)
return ret;
p += datalen; len -= datalen;
}
break;
}
default:
ABORT_ON_ERROR();
return ASN1_PARSE_ERROR;
}
t++;
elements--;
}
/* if we are using padding, eat up read of context */
if (template_flags & A1_HF_ELLIPSIS)
len = 0;
oldlen -= len;
if (size)
*size = oldlen;
/*
* saved the raw bits if asked for it, useful for signature
* verification.
*/
if (startp) {
heim_octet_string *save = data;
save->data = malloc(oldlen);
if (save->data == NULL)
return ENOMEM;
else {
save->length = oldlen;
memcpy(save->data, startp, oldlen);
}
}
return 0;
}
/*
* This should be called with a `A1_TAG_T(ASN1_C_UNIV, PRIM, UT_Integer)'
* template as the `ttypeid'.
*/
static int
typeid_int_copy(void *intp,
int64_t i,
const struct asn1_template *ttypeid)
{
const struct asn1_template *tint = ttypeid->ptr;
if ((tint[1].tt & A1_OP_MASK) != A1_OP_PARSE)
return -1;
if (A1_PARSE_TYPE(tint[1].tt) != A1T_INTEGER)
return -1;
switch (tint[0].offset) {
case 8: *((int64_t *)intp) = i; return 0;
case 4: *((int32_t *)intp) = i; return 0;
default: memset(intp, 0, tint[0].offset); return 0;
}
}
/* See commentary in _asn1_decode_open_type() */
static int
_asn1_encode_open_type(const struct asn1_template *t,
const void *data, /* NOTE: Not really const */
const struct asn1_template *ttypeid,
const struct asn1_template *topentype)
{
const struct asn1_template *ttypeid_univ = ttypeid;
const struct asn1_template *tactual_type;
const struct asn1_template *tos = t->ptr;
size_t sz, i;
unsigned int *lenp = NULL;
unsigned int len = 1;
int element = *(const int *)DPOC(data, t->offset);
int typeid_is_oid = 0;
int typeid_is_int = 0;
int enotsup = 0;
int ret = 0;
if (element == 0 || element >= A1_HEADER_LEN(tos) + 1)
return 0;
if (t->tt & A1_OS_OT_IS_ARRAY) {
/* The actual `len' is from the decoded open type field */
len = *(const unsigned int *)DPOC(data, t->offset + sizeof(element));
if (!len)
return 0; /* The app may be encoding the open type by itself */
}
/* Work out the type ID field's type */
while (((ttypeid_univ->tt & A1_OP_MASK) == A1_OP_TAG &&
A1_TAG_CLASS(ttypeid_univ->tt) == ASN1_C_CONTEXT) ||
((ttypeid_univ->tt & A1_OP_MASK) == A1_OP_TYPE)) {
ttypeid_univ = ttypeid_univ->ptr;
ttypeid_univ++;
}
switch (ttypeid_univ->tt & A1_OP_MASK) {
case A1_OP_TAG:
if (A1_TAG_CLASS(ttypeid_univ->tt) != ASN1_C_UNIV) {
enotsup = 1;
break;
}
switch (A1_TAG_TAG(ttypeid_univ->tt)) {
case UT_OID:
typeid_is_oid = 1;
break;
case UT_Integer: {
const struct asn1_template *tint = ttypeid_univ->ptr;
tint++;
if ((tint->tt & A1_OP_MASK) != A1_OP_PARSE ||
A1_PARSE_TYPE(tint->tt) != A1T_INTEGER) {
enotsup = 1;
break;
}
typeid_is_int = 1;
break;
}
default: enotsup = 1; break;
}
break;
default: enotsup = 1; break;
}
/*
* The app may not be aware of our automatic open type handling, so if the
* open type already appears to have been encoded, then ignore the decoded
* values.
*/
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
struct heim_base_data *os = DPO(data, topentype->offset);
if (os->length && os->data)
return 0;
} else {
struct heim_base_data **os = DPO(data, topentype->offset + sizeof(len));
lenp = DPO(data, topentype->offset);
if (*lenp == len && os[0]->length && os[1]->data)
return 0;
}
if (typeid_is_int) {
/*
* Copy the int from the type ID object field to the type ID struct
* field.
*/
ret = typeid_int_copy(DPO(data, ttypeid->offset),
(intptr_t)tos[3 + (element-1)*3].ptr, ttypeid_univ);
} else if (typeid_is_oid) {
/*
* Copy the OID from the type ID object field to the type ID struct
* field.
*/
ret = der_copy_oid(tos[3 + (element-1)*3].ptr, DPO(data, ttypeid->offset));
} else
enotsup = 1;
/*
* If the app did not already encode the open type, we can't help it if we
* don't know what it is.
*/
if (enotsup)
return ENOTSUP;
tactual_type = &tos[(element-1)*3 + 4];
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
struct heim_base_data *os = DPO(data, topentype->offset);
const void * const *d = DPOC(data, t->offset + sizeof(element));
while (sizeof(void *) != sizeof(element) &&
((uintptr_t)d) % sizeof(void *) != 0) {
d = (void *)(((char *)d) + sizeof(element));
}
os->length = _asn1_length(tactual_type->ptr, *d);
if ((os->data = malloc(os->length)) == NULL)
return ENOMEM;
ret = _asn1_encode(tactual_type->ptr, (os->length - 1) + (unsigned char *)os->data, os->length, *d, &sz);
} else {
struct heim_base_data *os;
const void * const *val =
DPOC(data, t->offset + sizeof(element) + sizeof(*lenp));
if ((os = calloc(len, sizeof(*os))) == NULL)
return ENOMEM;
*lenp = len;
for (i = 0; ret == 0 && i < len; i++) {
os[i].length = _asn1_length(tactual_type->ptr, val[i]);
if ((os[i].data = malloc(os[i].length)) == NULL)
ret = ENOMEM;
if (ret == 0)
ret = _asn1_encode(tactual_type->ptr, (os[i].length - 1) + (unsigned char *)os[i].data, os[i].length,
val[i], &sz);
}
if (ret) {
for (i = 0; i < (*lenp); i++)
free(os[i].data);
free(os);
*lenp = 0;
return ret;
}
*(struct heim_base_data **)DPO(data, topentype->offset + sizeof(len)) = os;
}
return ret;
}
int
_asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, const void *data, size_t *size)
{
const struct asn1_template *tbase = t;
size_t elements = A1_HEADER_LEN(t);
int ret = 0;
size_t oldlen = len;
t += A1_HEADER_LEN(t);
while (elements) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_OPENTYPE_OBJSET: {
size_t opentypeid = t->tt & ((1<<10)-1);
size_t opentype = (t->tt >> 10) & ((1<<10)-1);
ret = _asn1_encode_open_type(t, data,
template4member(tbase, opentypeid),
template4member(tbase, opentype));
if (ret)
return ret;
break;
}
case A1_OP_NAME: break;
case A1_OP_DEFVAL: break;
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN: {
size_t newsize;
const void *el = DPOC(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **pel = (void **)el;
if (*pel == NULL)
break;
el = *pel;
} else if ((t->tt & A1_FLAG_DEFAULT) && elements > 1) {
const struct asn1_template *tdefval = t - 1;
/* Compare tdefval to whatever's at `el' */
if (tdefval->tt & A1_DV_BOOLEAN) {
const int *i = (void *)(char *)el;
if ((*i && tdefval->ptr) || (!*i && !tdefval->ptr))
break;
} else if (tdefval->tt & A1_DV_INTEGER64) {
const int64_t *i = (void *)(char *)el;
if (*i == (int64_t)(intptr_t)tdefval->ptr)
break;
} else if (tdefval->tt & A1_DV_INTEGER32) {
const int32_t *i = (void *)(char *)el;
if ((int64_t)(intptr_t)tdefval->ptr <= INT_MAX &&
(int64_t)(intptr_t)tdefval->ptr >= INT_MIN &&
*i == (int32_t)(intptr_t)tdefval->ptr)
break;
} else if (tdefval->tt & A1_DV_INTEGER) {
const struct heim_integer *i = (void *)(char *)el;
if (der_heim_integer_cmp(i, tdefval->ptr) == 0)
break;
} else if (tdefval->tt & A1_DV_UTF8STRING) {
const char * const *s = el;
if (*s && strcmp(*s, tdefval->ptr) == 0)
break;
} else {
abort();
}
}
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
ret = _asn1_encode(t->ptr, p, len, el, &newsize);
} else {
const struct asn1_type_func *f = t->ptr;
ret = (f->encode)(p, len, el, &newsize);
}
if (ret)
return ret;
p -= newsize; len -= newsize;
break;
}
case A1_OP_TAG: {
const void *olddata = data;
size_t l, datalen = 0;
int replace_tag = 0;
/*
* XXX If this type (chasing t->ptr through IMPLICIT tags, if this
* one is too) till we find a non-TTag) is a [UNIVERSAL SET] type,
* then we have to sort [a copy of] its template by tag, then
* encode the SET using that sorted template. These SETs will
* generally be small, so when they are we might want to allocate
* the copy on the stack and insertion sort it. We'll need a
* utility function to do all of this.
*/
data = DPOC(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **el = (void **)data;
if (*el == NULL) {
data = olddata;
break;
}
data = *el;
} else if ((t->tt & A1_FLAG_DEFAULT) && elements > 1) {
const struct asn1_template *tdefval = t - 1;
int exclude = 0;
/* Compare tdefval to whatever's at `data' */
if (tdefval->tt & A1_DV_BOOLEAN) {
const int *i = (void *)(char *)data;
if ((*i && tdefval->ptr) || (!*i && !tdefval->ptr))
exclude = 1;
} else if (tdefval->tt & A1_DV_INTEGER64) {
const int64_t *i = (void *)(char *)data;
if (*i == (int64_t)(intptr_t)tdefval->ptr)
exclude = 1;
} else if (tdefval->tt & A1_DV_INTEGER32) {
const int32_t *i = (void *)(char *)data;
if ((int64_t)(intptr_t)tdefval->ptr <= INT_MAX &&
(int64_t)(intptr_t)tdefval->ptr >= INT_MIN &&
*i == (int32_t)(intptr_t)tdefval->ptr)
exclude = 1;
} else if (tdefval->tt & A1_DV_INTEGER) {
const struct heim_integer *i = (void *)(char *)data;
if (der_heim_integer_cmp(i, tdefval->ptr) == 0)
break;
} else if (tdefval->tt & A1_DV_UTF8STRING) {
const char * const *s = data;
if (*s && strcmp(*s, tdefval->ptr) == 0)
exclude = 1;
} else {
abort();
}
if (exclude) {
data = olddata;
break;
}
}
replace_tag = (t->tt & A1_FLAG_IMPLICIT) && is_tagged(t->ptr);
/* IMPLICIT tags need special handling (see gen_encode.c) */
if (replace_tag) {
unsigned char *pfree, *psave = p;
Der_class found_class;
Der_type found_type = 0;
unsigned int found_tag;
size_t lensave = len;
size_t oldtaglen = 0;
size_t taglen = der_length_tag(A1_TAG_TAG(t->tt));;
/* Allocate a buffer at least as big as we need */
len = _asn1_length(t->ptr, data) + taglen;
if ((p = pfree = malloc(len)) == NULL) {
ret = ENOMEM;
} else {
/*
* Encode into it (with the wrong tag, which we'll replace
* below).
*/
p += len - 1;
ret = _asn1_encode(t->ptr, p, len, data, &datalen);
}
if (ret == 0) {
/* Get the old tag and, critically, its length */
len -= datalen; p -= datalen;
ret = der_get_tag(p + 1, datalen, &found_class, &found_type,
&found_tag, &oldtaglen);
}
if (ret == 0) {
/* Drop the old tag */
len += oldtaglen; p += oldtaglen;
/* Put the new tag */
ret = der_put_tag(p, len,
A1_TAG_CLASS(t->tt),
found_type,
A1_TAG_TAG(t->tt), &l);
}
if (ret == 0) {
/* Copy the encoding where it belongs */
len -= l; p -= l;
psave -= (datalen + l - oldtaglen);
lensave -= (datalen + l - oldtaglen);
memcpy(psave + 1, p + 1, datalen + l - oldtaglen);
p = psave;
len = lensave;
}
free(pfree);
} else {
/* Easy case */
ret = _asn1_encode(t->ptr, p, len, data, &datalen);
if (ret)
return ret;
len -= datalen; p -= datalen;
ret = der_put_length_and_tag(p, len, datalen,
A1_TAG_CLASS(t->tt),
A1_TAG_TYPE(t->tt),
A1_TAG_TAG(t->tt), &l);
if (ret == 0) {
p -= l; len -= l;
}
}
if (ret)
return ret;
data = olddata;
break;
}
case A1_OP_PARSE: {
unsigned int type = A1_PARSE_TYPE(t->tt);
size_t newsize;
const void *el = DPOC(data, t->offset);
if (type >= sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) {
ABORT_ON_ERROR();
return ASN1_PARSE_ERROR;
}
ret = (asn1_template_prim[type].encode)(p, len, el, &newsize);
if (ret)
return ret;
p -= newsize; len -= newsize;
break;
}
case A1_OP_SETOF: {
const struct template_of *el = DPOC(data, t->offset);
size_t ellen = _asn1_sizeofType(t->ptr);
heim_octet_string *val;
unsigned char *elptr = el->val;
size_t i, totallen;
if (el->len == 0)
break;
if (el->len > UINT_MAX/sizeof(val[0]))
return ERANGE;
val = calloc(el->len, sizeof(val[0]));
if (val == NULL)
return ENOMEM;
for(totallen = 0, i = 0; i < el->len; i++) {
unsigned char *next;
size_t l;
val[i].length = _asn1_length(t->ptr, elptr);
if (val[i].length) {
val[i].data = malloc(val[i].length);
if (val[i].data == NULL) {
ret = ENOMEM;
break;
}
}
ret = _asn1_encode(t->ptr, DPO(val[i].data, val[i].length - 1),
val[i].length, elptr, &l);
if (ret)
break;
next = elptr + ellen;
if (next < elptr) {
ret = ASN1_OVERFLOW;
break;
}
elptr = next;
totallen += val[i].length;
}
if (ret == 0 && totallen > len)
ret = ASN1_OVERFLOW;
if (ret) {
for (i = 0; i < el->len; i++)
free(val[i].data);
free(val);
return ret;
}
len -= totallen;
qsort(val, el->len, sizeof(val[0]), _heim_der_set_sort);
i = el->len - 1;
do {
p -= val[i].length;
memcpy(p + 1, val[i].data, val[i].length);
free(val[i].data);
} while(i-- > 0);
free(val);
break;
}
case A1_OP_SEQOF: {
struct template_of *el = DPO(data, t->offset);
size_t ellen = _asn1_sizeofType(t->ptr);
size_t newsize;
unsigned int i;
unsigned char *elptr = el->val;
if (el->len == 0)
break;
elptr += ellen * (el->len - 1);
for (i = 0; i < el->len; i++) {
ret = _asn1_encode(t->ptr, p, len,
elptr,
&newsize);
if (ret)
return ret;
p -= newsize; len -= newsize;
elptr -= ellen;
}
break;
}
case A1_OP_BMEMBER: {
const struct asn1_template *bmember = t->ptr;
size_t bsize = bmember->offset;
size_t belements = A1_HEADER_LEN(bmember);
size_t pos;
unsigned char c = 0;
unsigned int bitset = 0;
int rfc1510 = (bmember->tt & A1_HBF_RFC1510);
bmember += belements;
if (rfc1510)
pos = 31;
else
pos = bmember->offset;
while (belements && len) {
while (bmember->offset / 8 < pos / 8) {
if (rfc1510 || bitset || c) {
if (len < 1)
return ASN1_OVERFLOW;
*p-- = c; len--;
}
c = 0;
pos -= 8;
}
_asn1_bmember_put_bit(&c, data, bmember->offset, bsize, &bitset);
belements--; bmember--;
}
if (rfc1510 || bitset) {
if (len < 1)
return ASN1_OVERFLOW;
*p-- = c; len--;
}
if (len < 1)
return ASN1_OVERFLOW;
if (rfc1510 || bitset == 0)
*p-- = 0;
else
*p-- = bitset - 1;
len--;
break;
}
case A1_OP_CHOICE: {
const struct asn1_template *choice = t->ptr;
const unsigned int *element = DPOC(data, choice->offset);
size_t datalen;
const void *el;
if (*element > A1_HEADER_LEN(choice)) {
printf("element: %d\n", *element);
return ASN1_PARSE_ERROR;
}
if (*element == 0) {
ret += der_put_octet_string(p, len,
DPOC(data, choice->tt), &datalen);
} else {
choice += *element;
el = DPOC(data, choice->offset);
ret = _asn1_encode(choice->ptr, p, len, el, &datalen);
if (ret)
return ret;
}
len -= datalen; p -= datalen;
break;
}
default:
ABORT_ON_ERROR();
}
t--;
elements--;
}
if (size)
*size = oldlen - len;
return 0;
}
static size_t
_asn1_length_open_type_helper(const struct asn1_template *t,
size_t sz)
{
const struct asn1_template *tinner = t->ptr;
switch (t->tt & A1_OP_MASK) {
case A1_OP_TAG:
/* XXX Not tail-recursive :( */
sz = _asn1_length_open_type_helper(tinner, sz);
sz += der_length_len(sz);
sz += der_length_tag(A1_TAG_TAG(t->tt));
return sz;
default:
return sz;
}
}
static size_t
_asn1_length_open_type_id(const struct asn1_template *t,
const void *data)
{
struct asn1_template pretend[2] = {
{ 0, 0, ((void*)1) },
};
pretend[1] = *t;
while ((t->tt & A1_OP_MASK) == A1_OP_TAG)
t = t->ptr;
pretend[0].offset = t->offset;
return _asn1_length(pretend, data);
}
/* See commentary in _asn1_encode_open_type() */
static size_t
_asn1_length_open_type(const struct asn1_template *tbase,
const struct asn1_template *t,
const void *data,
const struct asn1_template *ttypeid,
const struct asn1_template *topentype)
{
const struct asn1_template *ttypeid_univ = ttypeid;
const struct asn1_template *tactual_type;
const struct asn1_template *tos = t->ptr;
const unsigned int *lenp = NULL;
unsigned int len = 1;
size_t sz = 0;
size_t i;
int element = *(const int *)DPOC(data, t->offset);
int typeid_is_oid = 0;
int typeid_is_int = 0;
/* If nothing to encode, we add nothing to the length */
if (element == 0 || element >= A1_HEADER_LEN(tos) + 1)
return 0;
if (t->tt & A1_OS_OT_IS_ARRAY) {
len = *(const unsigned int *)DPOC(data, t->offset + sizeof(element));
if (!len)
return 0;
}
/* Work out the type ID field's type */
while (((ttypeid_univ->tt & A1_OP_MASK) == A1_OP_TAG &&
A1_TAG_CLASS(ttypeid_univ->tt) == ASN1_C_CONTEXT) ||
((ttypeid_univ->tt & A1_OP_MASK) == A1_OP_TYPE)) {
ttypeid_univ = ttypeid_univ->ptr;
ttypeid_univ++;
}
switch (ttypeid_univ->tt & A1_OP_MASK) {
case A1_OP_TAG:
if (A1_TAG_CLASS(ttypeid_univ->tt) != ASN1_C_UNIV)
return 0;
switch (A1_TAG_TAG(ttypeid_univ->tt)) {
case UT_OID:
typeid_is_oid = 1;
break;
case UT_Integer: {
const struct asn1_template *tint = ttypeid_univ->ptr;
tint++;
if ((tint->tt & A1_OP_MASK) != A1_OP_PARSE ||
A1_PARSE_TYPE(tint->tt) != A1T_INTEGER)
return 0;
typeid_is_int = 1;
break;
}
default: return 0;
}
break;
default: return 0;
}
if (!typeid_is_int && !typeid_is_oid)
return 0;
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
struct heim_base_data *os = DPO(data, topentype->offset);
if (os->length && os->data)
return 0;
} else {
struct heim_base_data **os = DPO(data, topentype->offset + sizeof(len));
lenp = DPOC(data, topentype->offset);
if (*lenp == len && os[0]->length && os[1]->data)
return 0;
}
/* Compute the size of the type ID field */
if (typeid_is_int) {
int64_t i8;
int32_t i4;
switch (ttypeid_univ->offset) {
case 8:
i8 = (intptr_t)t->ptr;
sz = _asn1_length_open_type_id(ttypeid, &i8);
i8 = 0;
sz -= _asn1_length_open_type_id(ttypeid, &i8);
break;
case 4:
i4 = (intptr_t)t->ptr;
sz = _asn1_length_open_type_id(ttypeid, &i4);
i4 = 0;
sz -= _asn1_length_open_type_id(ttypeid, &i8);
break;
default:
return 0;
}
} else if (typeid_is_oid) {
heim_oid no_oid = { 0, 0 };
sz = _asn1_length_open_type_id(ttypeid, tos[3 + (element - 1)*3].ptr);
sz -= _asn1_length_open_type_id(ttypeid, &no_oid);
}
tactual_type = &tos[(element-1)*3 + 4];
/* Compute the size of the encoded value(s) */
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
const void * const *d = DPOC(data, t->offset + sizeof(element));
while (sizeof(void *) != sizeof(element) &&
((uintptr_t)d) % sizeof(void *) != 0)
d = (void *)(((char *)d) + sizeof(element));
if (*d)
sz += _asn1_length(tactual_type->ptr, *d);
} else {
size_t bodysz;
const void * const * val =
DPOC(data, t->offset + sizeof(element) + sizeof(*lenp));
/* Compute the size of the encoded SET OF / SEQUENCE OF body */
for (i = 0, bodysz = 0; i < len; i++) {
if (val[i])
bodysz += _asn1_length(tactual_type->ptr, val[i]);
}
/*
* We now know the size of the body of the SET OF or SEQUENCE OF. Now
* we just need to count the length of all the TLs on the outside.
*/
sz += _asn1_length_open_type_helper(topentype, bodysz);
}
return sz;
}
size_t
_asn1_length(const struct asn1_template *t, const void *data)
{
const struct asn1_template *tbase = t;
size_t elements = A1_HEADER_LEN(t);
size_t ret = 0;
t += A1_HEADER_LEN(t);
while (elements) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_OPENTYPE_OBJSET: {
size_t opentypeid = t->tt & ((1<<10)-1);
size_t opentype = (t->tt >> 10) & ((1<<10)-1);
ret += _asn1_length_open_type(tbase, t, data,
template4member(tbase, opentypeid),
template4member(tbase, opentype));
break;
}
case A1_OP_NAME: break;
case A1_OP_DEFVAL: break;
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN: {
const void *el = DPOC(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **pel = (void **)el;
if (*pel == NULL)
break;
el = *pel;
} else if ((t->tt & A1_FLAG_DEFAULT) && elements > 1) {
const struct asn1_template *tdefval = t - 1;
/* Compare tdefval to whatever's at `el' */
if (tdefval->tt & A1_DV_BOOLEAN) {
const int *i = (void *)(char *)el;
if ((*i && tdefval->ptr) || (!*i && !tdefval->ptr))
break;
} else if (tdefval->tt & A1_DV_INTEGER64) {
const int64_t *i = (void *)(char *)el;
if (*i == (int64_t)(intptr_t)tdefval->ptr)
break;
} else if (tdefval->tt & A1_DV_INTEGER32) {
const int32_t *i = (void *)(char *)el;
if ((int64_t)(intptr_t)tdefval->ptr <= INT_MAX &&
(int64_t)(intptr_t)tdefval->ptr >= INT_MIN &&
*i == (int32_t)(intptr_t)tdefval->ptr)
break;
} else if (tdefval->tt & A1_DV_INTEGER) {
const struct heim_integer *i = (void *)(char *)el;
if (der_heim_integer_cmp(i, tdefval->ptr) == 0)
break;
} else if (tdefval->tt & A1_DV_UTF8STRING) {
const char * const *s = el;
if (*s && strcmp(*s, tdefval->ptr) == 0)
break;
} else {
abort();
}
}
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
ret += _asn1_length(t->ptr, el);
} else {
const struct asn1_type_func *f = t->ptr;
ret += (f->length)(el);
}
break;
}
case A1_OP_TAG: {
size_t datalen;
const void *olddata = data;
size_t oldtaglen = 0;
data = DPO(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **el = (void **)data;
if (*el == NULL) {
data = olddata;
break;
}
data = *el;
} else if ((t->tt & A1_FLAG_DEFAULT) && elements > 1) {
const struct asn1_template *tdefval = t - 1;
int exclude = 0;
/* Compare tdefval to whatever's at `data' */
if (tdefval->tt & A1_DV_BOOLEAN) {
const int *i = (void *)(char *)data;
if ((*i && tdefval->ptr) || (!*i && !tdefval->ptr))
exclude = 1;
} else if (tdefval->tt & A1_DV_INTEGER64) {
const int64_t *i = (void *)(char *)data;
if (*i == (int64_t)(intptr_t)tdefval->ptr)
exclude = 1;
} else if (tdefval->tt & A1_DV_INTEGER32) {
const int32_t *i = (void *)(char *)data;
if ((int64_t)(intptr_t)tdefval->ptr <= INT_MAX &&
(int64_t)(intptr_t)tdefval->ptr >= INT_MIN &&
*i == (int32_t)(intptr_t)tdefval->ptr)
exclude = 1;
} else if (tdefval->tt & A1_DV_INTEGER) {
const struct heim_integer *i = (void *)(char *)data;
if (der_heim_integer_cmp(i, tdefval->ptr) == 0)
exclude = 1;
} else if (tdefval->tt & A1_DV_UTF8STRING) {
const char * const *s = data;
if (*s && strcmp(*s, tdefval->ptr) == 0)
exclude = 1;
} else {
abort();
}
if (exclude) {
data = olddata;
break;
}
}
if (t->tt & A1_FLAG_IMPLICIT)
oldtaglen = inner_type_taglen(t->ptr);
datalen = _asn1_length(t->ptr, data);
ret += datalen;
ret += der_length_tag(A1_TAG_TAG(t->tt));
ret += oldtaglen ? -oldtaglen : der_length_len(datalen);
data = olddata;
break;
}
case A1_OP_PARSE: {
unsigned int type = A1_PARSE_TYPE(t->tt);
const void *el = DPOC(data, t->offset);
if (type >= sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) {
ABORT_ON_ERROR();
break;
}
ret += (asn1_template_prim[type].length)(el);
break;
}
case A1_OP_SETOF:
case A1_OP_SEQOF: {
const struct template_of *el = DPOC(data, t->offset);
size_t ellen = _asn1_sizeofType(t->ptr);
const unsigned char *element = el->val;
unsigned int i;
for (i = 0; i < el->len; i++) {
ret += _asn1_length(t->ptr, element);
element += ellen;
}
break;
}
case A1_OP_BMEMBER: {
const struct asn1_template *bmember = t->ptr;
size_t size = bmember->offset;
size_t belements = A1_HEADER_LEN(bmember);
int rfc1510 = (bmember->tt & A1_HBF_RFC1510);
if (rfc1510) {
ret += 5;
} else {
ret += 1;
bmember += belements;
while (belements) {
if (_asn1_bmember_isset_bit(data, bmember->offset, size)) {
ret += (bmember->offset / 8) + 1;
break;
}
belements--; bmember--;
}
}
break;
}
case A1_OP_CHOICE: {
const struct asn1_template *choice = t->ptr;
const unsigned int *element = DPOC(data, choice->offset);
if (*element > A1_HEADER_LEN(choice))
break;
if (*element == 0) {
ret += der_length_octet_string(DPOC(data, choice->tt));
} else {
choice += *element;
ret += _asn1_length(choice->ptr, DPOC(data, choice->offset));
}
break;
}
default:
ABORT_ON_ERROR();
break;
}
elements--;
t--;
}
return ret;
}
/* See commentary in _asn1_decode_open_type() */
static void
_asn1_free_open_type(const struct asn1_template *t, /* object set template */
void *data)
{
const struct asn1_template *tactual_type;
const struct asn1_template *tos = t->ptr;
unsigned int *lenp = NULL; /* Pointer to array length field */
unsigned int len = 1; /* Array length */
size_t i;
void **dp;
void **val;
int *elementp = DPO(data, t->offset); /* Choice enum pointer */
/* XXX We assume sizeof(enum) == sizeof(int) */
if (!*elementp || *elementp >= A1_HEADER_LEN(tos) + 1)
return; /* Unknown choice -> it's not decoded, nothing to free here */
tactual_type = tos[3*(*elementp - 1) + 4].ptr;
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
dp = DPO(data, t->offset + sizeof(*elementp));
while (sizeof(void *) != sizeof(*elementp) &&
((uintptr_t)dp) % sizeof(void *) != 0)
dp = (void *)(((char *)dp) + sizeof(*elementp));
if (*dp) {
_asn1_free(tactual_type, *dp);
free(*dp);
*dp = NULL;
}
return;
}
lenp = DPO(data, t->offset + sizeof(*elementp));
len = *lenp;
dp = DPO(data, t->offset + sizeof(*elementp) + sizeof(*lenp));
while (sizeof(void *) != sizeof(*elementp) &&
((uintptr_t)dp) % sizeof(void *) != 0)
dp = (void *)(((char *)dp) + sizeof(*elementp));
val = *dp;
for (i = 0; i < len; i++) {
if (val[i]) {
_asn1_free(tactual_type, val[i]);
free(val[i]);
}
}
free(val);
*lenp = 0;
*dp = NULL;
}
void
_asn1_free(const struct asn1_template *t, void *data)
{
size_t elements = A1_HEADER_LEN(t);
if (t->tt & A1_HF_PRESERVE)
der_free_octet_string(data);
t++;
while (elements) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_OPENTYPE_OBJSET: {
_asn1_free_open_type(t, data);
break;
}
case A1_OP_NAME: break;
case A1_OP_DEFVAL: break;
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN: {
void *el = DPO(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **pel = (void **)el;
if (*pel == NULL)
break;
el = *pel;
}
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
_asn1_free(t->ptr, el);
} else {
const struct asn1_type_func *f = t->ptr;
(f->release)(el);
}
if (t->tt & A1_FLAG_OPTIONAL)
free(el);
break;
}
case A1_OP_PARSE: {
unsigned int type = A1_PARSE_TYPE(t->tt);
void *el = DPO(data, t->offset);
if (type >= sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) {
ABORT_ON_ERROR();
break;
}
(asn1_template_prim[type].release)(el);
break;
}
case A1_OP_TAG: {
void *el = DPO(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **pel = (void **)el;
if (*pel == NULL)
break;
el = *pel;
}
_asn1_free(t->ptr, el);
if (t->tt & A1_FLAG_OPTIONAL)
free(el);
break;
}
case A1_OP_SETOF:
case A1_OP_SEQOF: {
struct template_of *el = DPO(data, t->offset);
size_t ellen = _asn1_sizeofType(t->ptr);
unsigned char *element = el->val;
unsigned int i;
for (i = 0; i < el->len; i++) {
_asn1_free(t->ptr, element);
element += ellen;
}
free(el->val);
el->val = NULL;
el->len = 0;
break;
}
case A1_OP_BMEMBER:
break;
case A1_OP_CHOICE: {
const struct asn1_template *choice = t->ptr;
const unsigned int *element = DPOC(data, choice->offset);
if (*element > A1_HEADER_LEN(choice))
break;
if (*element == 0) {
der_free_octet_string(DPO(data, choice->tt));
} else {
choice += *element;
_asn1_free(choice->ptr, DPO(data, choice->offset));
}
break;
}
default:
ABORT_ON_ERROR();
break;
}
t++;
elements--;
}
}
static char *
getindent(int flags, unsigned int i)
{
char *s;
if (!(flags & ASN1_PRINT_INDENT) || i == 0)
return NULL;
if (i > 128)
i = 128;
if ((s = malloc(i * 2 + 2)) == NULL)
return NULL;
s[0] = '\n';
s[i * 2 + 1] = '\0';
memset(s + 1, ' ', i * 2);
return s;
}
static struct rk_strpool *_asn1_print(const struct asn1_template *,
struct rk_strpool *,
int,
unsigned int,
const void *,
const heim_octet_string *);
/* See commentary in _asn1_decode_open_type() */
static struct rk_strpool *
_asn1_print_open_type(const struct asn1_template *t, /* object set template */
struct rk_strpool *r,
int flags,
unsigned int indent,
const void *data,
const char *opentype_name)
{
const struct asn1_template *tactual_type;
const struct asn1_template *tos = t->ptr;
const unsigned int *lenp = NULL; /* Pointer to array length field */
unsigned int len = 1; /* Array length */
size_t i;
const void * const *dp;
const void * const *val;
const int *elementp = DPOC(data, t->offset); /* Choice enum pointer */
char *indents = getindent(flags, indent);
char *s;
/* XXX We assume sizeof(enum) == sizeof(int) */
if (!*elementp || *elementp >= A1_HEADER_LEN(tos) + 1) {
r = rk_strpoolprintf(r, ",%s\"_%s_choice\":\"_ERROR_DECODING_\"",
indents ? indents : "", opentype_name);
free(indents);
}
tactual_type = tos[3*(*elementp - 1) + 4].ptr;
r = rk_strpoolprintf(r, ",%s\"_%s_choice\":\"%s\"",
indents ? indents : "", opentype_name,
(const char *)tos[3*(*elementp - 1) + 2].ptr);
if (!r) {
free(indents);
return r;
}
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
dp = DPOC(data, t->offset + sizeof(*elementp));
while (sizeof(void *) != sizeof(*elementp) &&
((uintptr_t)dp) % sizeof(void *) != 0)
dp = (void *)(((char *)dp) + sizeof(*elementp));
if (*dp) {
struct rk_strpool *r2 = NULL;
r2 = _asn1_print(tactual_type, r2, flags, indent + 1, *dp, NULL);
if (r2 == NULL) {
r = rk_strpoolprintf(r,
",%s\"_%s\":\"_ERROR_FORMATTING_\"",
indents ? indents : "", opentype_name);
free(indents);
return r;
}
s = rk_strpoolcollect(r2);
r = rk_strpoolprintf(r, ",%s\"_%s\":%s",
indents ? indents : "", opentype_name, s);
free(indents);
free(s);
}
return r;
}
lenp = DPOC(data, t->offset + sizeof(*elementp));
len = *lenp;
dp = DPOC(data, t->offset + sizeof(*elementp) + sizeof(*lenp));
while (sizeof(void *) != sizeof(*elementp) &&
((uintptr_t)dp) % sizeof(void *) != 0)
dp = (void *)(((char *)dp) + sizeof(*elementp));
val = *dp;
r = rk_strpoolprintf(r, ",%s\"_%s\":[", indents ? indents : "",
opentype_name);
free(indents);
indents = getindent(flags, indent + 1);
if (indents)
r = rk_strpoolprintf(r, "%s", indents ? indents : "");
for (i = 0; r && i < len; i++) {
struct rk_strpool *r2 = NULL;
if (val[i]) {
r2 = _asn1_print(tactual_type, r2, flags, indent + 2, val[i], NULL);
if (r2 == NULL)
continue;
}
if (i)
r = rk_strpoolprintf(r, ",%s", indents ? indents : "");
if (r)
r = rk_strpoolprintf(r, "%s", (s = rk_strpoolcollect(r2)));
free(s);
}
return rk_strpoolprintf(r, "]");
}
static struct rk_strpool *
_asn1_print(const struct asn1_template *t,
struct rk_strpool *r,
int flags,
unsigned int indent,
const void *data,
const heim_octet_string *saved)
{
const struct asn1_template *tbase = t;
const struct asn1_template *tnames;
size_t nelements = A1_HEADER_LEN(t);
size_t elements = nelements;
size_t nnames = 0;
char *indents = getindent(flags, indent);
for (t += nelements; t > tbase && (t->tt & A1_OP_MASK) == A1_OP_NAME; t--)
nnames++;
tnames = tbase + nelements - nnames + 1;
if (nnames)
r = rk_strpoolprintf(r, "%s{\"_type\":\"%s\"",
indents ? indents : "",
(const char *)(tnames++)->ptr);
if (saved && r) {
char *s = der_print_octet_string(data, 0);
if (!s) {
rk_strpoolfree(r);
free(indents);
return NULL;
}
r = rk_strpoolprintf(r, ",%s\"_save\":\"%s\"",
indents ? indents : "", s);
free(s);
}
saved = NULL;
if (tbase->tt & A1_HF_PRESERVE)
saved = data;
t = tbase + 1;
while (elements && (t->tt & A1_OP_MASK) != A1_OP_NAME) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_NAME:
continue;
case A1_OP_DEFVAL:
t++;
elements--;
continue;
case A1_OP_OPENTYPE_OBJSET: {
size_t opentype = (t->tt >> 10) & ((1<<10)-1);
r = _asn1_print_open_type(t, r, flags, indent + 1, data,
tbase[(nelements - nnames) + 2 + opentype].ptr);
t++;
elements--;
continue;
}
default: break;
}
if (nnames)
r = rk_strpoolprintf(r, ",%s\"%s\":",
indents ? indents : "",
(const char *)(tnames++)->ptr);
switch (t->tt & A1_OP_MASK) {
case A1_OP_OPENTYPE_OBJSET:
break;
case A1_OP_NAME: break;
case A1_OP_DEFVAL: break;
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN: {
const void *el = DPOC(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
const void * const *pel = (const void *const *)el;
if (*pel == NULL) {
r = rk_strpoolprintf(r, "null");
break;
}
el = *pel;
}
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
r = _asn1_print(t->ptr, r, flags, indent + 1, el, saved);
} else {
const struct asn1_type_func *f = t->ptr;
char *s2 = NULL;
char *s = NULL;
s = (f->print)(el, 0);
if (s == NULL ||
rk_strasvis(&s2, s, VIS_TAB|VIS_NL|VIS_DQ, "") == -1) {
rk_strpoolfree(r);
free(indents);
free(s);
return NULL;
}
free(s);
r = rk_strpoolprintf(r, "\"%s\"", s2);
free(s2);
}
break;
}
case A1_OP_PARSE: {
unsigned int type = A1_PARSE_TYPE(t->tt);
const void *el = DPOC(data, t->offset);
char *s = NULL;
if (type >= sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) {
ABORT_ON_ERROR();
break;
}
s = (asn1_template_prim[type].print)(el, flags);
switch (type) {
case A1T_OID:
case A1T_BOOLEAN:
case A1T_INTEGER:
case A1T_INTEGER64:
case A1T_UNSIGNED:
case A1T_UNSIGNED64:
if (s)
r = rk_strpoolprintf(r, "%s", s);
break;
default: {
char *s2 = NULL;
if (s)
(void) rk_strasvis(&s2, s, VIS_TAB|VIS_NL|VIS_DQ, "");
free(s);
s = s2;
if (s)
r = rk_strpoolprintf(r, "\"%s\"", s);
}
}
if (!s) {
rk_strpoolfree(r);
free(indents);
return NULL;
}
free(s);
break;
}
case A1_OP_TAG: {
const void *el = DPOC(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
const void * const *pel = (const void * const *)el;
if (*pel == NULL) {
r = rk_strpoolprintf(r, "null");
break;
}
el = *pel;
}
r = _asn1_print(t->ptr, r, flags, indent + 1, el, saved);
break;
}
case A1_OP_SETOF:
case A1_OP_SEQOF: {
const struct template_of *el = DPOC(data, t->offset);
size_t ellen = _asn1_sizeofType(t->ptr);
const unsigned char *element = el->val;
unsigned int i;
r = rk_strpoolprintf(r, "%s[", indents ? indents : "");
for (i = 0; r && i < el->len; i++) {
if (i)
r = rk_strpoolprintf(r, ",%s", indents ? indents : "");
r = _asn1_print(t->ptr, r, flags, indent + 1, element, saved);
element += ellen;
}
if (r)
r = rk_strpoolprintf(r, "]");
break;
}
case A1_OP_BMEMBER: {
const struct asn1_template *bmember = t->ptr;
size_t size = bmember->offset;
size_t belements = A1_HEADER_LEN(bmember);
int first = 1;
bmember += belements;
r = rk_strpoolprintf(r, "%s[", indents ? indents : "");
while (r && belements) {
if (!first)
r = rk_strpoolprintf(r, ",");
if (r && _asn1_bmember_isset_bit(data, bmember->offset, size))
r = rk_strpoolprintf(r, "%s\"%s\"", indents ? indents : "",
(const char *)bmember->ptr);
belements--; bmember--;
}
if (r)
r = rk_strpoolprintf(r, "]");
break;
}
case A1_OP_CHOICE: {
const struct asn1_template *choice = t->ptr;
const unsigned int *element = DPOC(data, choice->offset);
unsigned int nchoices = ((uintptr_t)choice->ptr) >> 1;
if (*element > A1_HEADER_LEN(choice)) {
r = rk_strpoolprintf(r, "null");
} else if (*element == 0) {
r = rk_strpoolprintf(r, "null");
} else {
choice += *element;
r = rk_strpoolprintf(r, "%s{\"_choice\":\"%s\",%s\"value\":",
indents ? indents : "",
(const char *)choice[nchoices].ptr,
indents ? indents : "");
if (r)
r = _asn1_print(choice->ptr, r, flags, indent + 1,
DPOC(data, choice->offset), NULL);
if (r)
r = rk_strpoolprintf(r, "}");
}
break;
}
default:
ABORT_ON_ERROR();
break;
}
t++;
elements--;
}
free(indents);
if (nnames && r)
return rk_strpoolprintf(r, "}");
return r;
}
char *
_asn1_print_top(const struct asn1_template *t,
int flags,
const void *data)
{
struct rk_strpool *r = _asn1_print(t, NULL, flags, 0, data, NULL);
if (r == NULL)
return NULL;
return rk_strpoolcollect(r);
}
/* See commentary in _asn1_decode_open_type() */
static int
_asn1_copy_open_type(const struct asn1_template *t, /* object set template */
const void *from,
void *to)
{
const struct asn1_template *tactual_type;
const struct asn1_template *tos = t->ptr;
size_t i;
const void * const *dfromp;
const void * const *valfrom;
const unsigned int *lenfromp;
void **dtop;
void **valto;
unsigned int *lentop;
unsigned int len;
const int *efromp = DPO(from, t->offset);
int *etop = DPO(to, t->offset);
int ret = 0;
/* XXX We assume sizeof(enum) == sizeof(int) */
if (!*efromp || *efromp >= A1_HEADER_LEN(tos) + 1) {
if ((t->tt & A1_OS_OT_IS_ARRAY))
memset(etop, 0, sizeof(int) + sizeof(unsigned int) + sizeof(void *));
else
memset(etop, 0, sizeof(int) + sizeof(void *));
return 0; /* Unknown choice -> not copied */
}
tactual_type = &tos[3*(*efromp - 1) + 4];
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
dfromp = DPO(from, t->offset + sizeof(*efromp));
while (sizeof(void *) != sizeof(*efromp) &&
((uintptr_t)dfromp) % sizeof(void *) != 0)
dfromp = (void *)(((char *)dfromp) + sizeof(*efromp));
if (!*dfromp)
return 0;
dtop = DPO(to, t->offset + sizeof(*etop));
while (sizeof(void *) != sizeof(*etop) &&
((uintptr_t)dtop) % sizeof(void *) != 0)
dtop = (void *)(((char *)dtop) + sizeof(*etop));
if ((*dtop = calloc(1, tactual_type->offset)) == NULL)
ret = ENOMEM;
if (ret == 0)
ret = _asn1_copy(tactual_type->ptr, *dfromp, *dtop);
if (ret == 0)
*etop = *efromp;
return ret;
}
lenfromp = DPO(from, t->offset + sizeof(*efromp));
dfromp = DPO(from, t->offset + sizeof(*efromp) + sizeof(*lenfromp));
valfrom = *dfromp;
lentop = DPO(to, t->offset + sizeof(*etop));
dtop = DPO(to, t->offset + sizeof(*etop) + sizeof(*lentop));
*etop = *efromp;
len = *lenfromp;
*lentop = 0;
*dtop = NULL;
if ((valto = calloc(len, sizeof(valto[0]))) == NULL)
ret = ENOMEM;
for (i = 0, len = *lenfromp; ret == 0 && i < len; (*lentop)++, i++) {
if (valfrom[i] == NULL) {
valto[i] = NULL;
continue;
}
if ((valto[i] = calloc(1, tactual_type->offset)) == NULL)
ret = ENOMEM;
else
ret = _asn1_copy(tactual_type->ptr, valfrom[i], valto[i]);
}
for (i = 0; ret && i < len; i++) {
if (valto[i]) {
_asn1_free(tactual_type->ptr, valto[i]);
free(valto[i]);
}
}
if (ret)
free(valto);
else
*dtop = valto;
return ret;
}
int
_asn1_copy(const struct asn1_template *t, const void *from, void *to)
{
size_t elements = A1_HEADER_LEN(t);
int ret = 0;
int preserve = (t->tt & A1_HF_PRESERVE);
t++;
if (preserve) {
ret = der_copy_octet_string(from, to);
if (ret)
return ret;
}
while (elements) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_OPENTYPE_OBJSET: {
_asn1_copy_open_type(t, from, to);
break;
}
case A1_OP_NAME: break;
case A1_OP_DEFVAL: break;
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN: {
const void *fel = DPOC(from, t->offset);
void *tel = DPO(to, t->offset);
void **ptel = (void **)tel;
size_t size;
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
size = _asn1_sizeofType(t->ptr);
} else {
const struct asn1_type_func *f = t->ptr;
size = f->size;
}
if (t->tt & A1_FLAG_OPTIONAL) {
void **pfel = (void **)fel;
if (*pfel == NULL)
break;
fel = *pfel;
tel = *ptel = calloc(1, size);
if (tel == NULL)
return ENOMEM;
}
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
ret = _asn1_copy(t->ptr, fel, tel);
} else {
const struct asn1_type_func *f = t->ptr;
ret = (f->copy)(fel, tel);
}
if (ret) {
if (t->tt & A1_FLAG_OPTIONAL) {
free(*ptel);
*ptel = NULL;
}
return ret;
}
break;
}
case A1_OP_PARSE: {
unsigned int type = A1_PARSE_TYPE(t->tt);
const void *fel = DPOC(from, t->offset);
void *tel = DPO(to, t->offset);
if (type >= sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) {
ABORT_ON_ERROR();
return ASN1_PARSE_ERROR;
}
ret = (asn1_template_prim[type].copy)(fel, tel);
if (ret)
return ret;
break;
}
case A1_OP_TAG: {
const void *oldfrom = from;
void *oldto = to;
void **tel = NULL;
from = DPOC(from, t->offset);
to = DPO(to, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **fel = (void **)from;
tel = (void **)to;
if (*fel == NULL) {
from = oldfrom;
to = oldto;
break;
}
from = *fel;
to = *tel = calloc(1, _asn1_sizeofType(t->ptr));
if (to == NULL)
return ENOMEM;
}
ret = _asn1_copy(t->ptr, from, to);
if (ret) {
if (tel) {
free(*tel);
*tel = NULL;
}
return ret;
}
from = oldfrom;
to = oldto;
break;
}
case A1_OP_SETOF:
case A1_OP_SEQOF: {
const struct template_of *fel = DPOC(from, t->offset);
struct template_of *tel = DPO(to, t->offset);
size_t ellen = _asn1_sizeofType(t->ptr);
unsigned int i;
tel->val = calloc(fel->len, ellen);
if (tel->val == NULL)
return ENOMEM;
tel->len = fel->len;
for (i = 0; i < fel->len; i++) {
ret = _asn1_copy(t->ptr,
DPOC(fel->val, (i * ellen)),
DPO(tel->val, (i *ellen)));
if (ret)
return ret;
}
break;
}
case A1_OP_BMEMBER: {
const struct asn1_template *bmember = t->ptr;
size_t size = bmember->offset;
memcpy(to, from, size);
break;
}
case A1_OP_CHOICE: {
const struct asn1_template *choice = t->ptr;
const unsigned int *felement = DPOC(from, choice->offset);
unsigned int *telement = DPO(to, choice->offset);
if (*felement > A1_HEADER_LEN(choice))
return ASN1_PARSE_ERROR;
*telement = *felement;
if (*felement == 0) {
ret = der_copy_octet_string(DPOC(from, choice->tt), DPO(to, choice->tt));
} else {
choice += *felement;
ret = _asn1_copy(choice->ptr,
DPOC(from, choice->offset),
DPO(to, choice->offset));
}
if (ret)
return ret;
break;
}
default:
ABORT_ON_ERROR();
break;
}
t++;
elements--;
}
return 0;
}
int
_asn1_decode_top(const struct asn1_template *t, unsigned flags, const unsigned char *p, size_t len, void *data, size_t *size)
{
int ret;
memset(data, 0, t->offset);
ret = _asn1_decode(t, flags, p, len, data, size);
if (ret)
_asn1_free_top(t, data);
return ret;
}
int
_asn1_copy_top(const struct asn1_template *t, const void *from, void *to)
{
int ret;
memset(to, 0, t->offset);
ret = _asn1_copy(t, from, to);
if (ret)
_asn1_free_top(t, to);
return ret;
}
void
_asn1_free_top(const struct asn1_template *t, void *data)
{
_asn1_free(t, data);
memset(data, 0, t->offset);
}
Reference in New Issue View Git Blame Copy Permalink