oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
Files
db7763ca7b3958a7008500eff0d5dcdb2ba87ce4
heimdal/lib/asn1/template.c
Nicolas Williams db7763ca7b asn1: X.681/682/683 magic handling of open types 
Status:

 - And it works!

 - We have an extensive test based on decoding a rich EK certficate.

   This test exercises all of:

    - decoding
    - encoding with and without decoded open types
    - copying of decoded values with decoded open types
    - freeing of decoded values with decoded open types

   Valgrind finds no memory errors.

 - Added a manual page for the compiler.

 - rfc2459.asn1 now has all three primary PKIX types that we care about
   defined as in RFC5912, with IOS constraints and parameterization:

    - `Extension`       (embeds open type in an `OCTET STRING`)
    - `OtherName`       (embeds open type in an        `ANY`-like type)
    - `SingleAttribute` (embeds open type in an        `ANY`-like type)
    - `AttributeSet`    (embeds open type in a  `SET OF ANY`-like type)

   All of these use OIDs as the open type type ID field, but integer
   open type type ID fields are also supported (and needed, for
   Kerberos).

   That will cover every typed hole pattern in all our ASN.1 modules.

   With this we'll be able to automatically and recursively decode
   through all subject DN attributes even when the subject DN is a
   directoryName SAN, and subjectDirectoryAttributes, and all
   extensions, and all SANs, and all authorization-data elements, and
   PA-data, and...

   We're not really using `SingleAttribute` and `AttributeSet` yet
   because various changes are needed in `lib/hx509` for that.

 - `asn1_compile` builds and recognizes the subset of X.681/682/683 that
   we need for, and now use in, rfc2459.asn1.  It builds the necessary
   AST, generates the correct C types, and generates templating for
   object sets and open types!

 - See READMEs for details.

 - Codegen backend not tested; I won't make it implement automatic open
   type handling, but it should at least not crash by substituting
   `heim_any` for open types not embedded in `OCTET STRING`.

 - We're _really_ starting to have problems with the ITU-T ASN.1
   grammar and our version of it...

   Type names have to start with upper-case, value names with
   lower-case, but it's not enough to disambiguate.

   The fact the we've allowed value and type names to violate their
   respective start-with case rules is causing us trouble now that we're
   adding grammar from X.681/682/683, and we're going to have to undo
   that.

   In preparation for that I'm capitalizing the `heim_any` and
   `heim_any_set` types, and doing some additional cleanup, which
   requires changes to other parts of Heimdal (all in this same commit
   for now).

   Problems we have because of this:

    - We cannot IMPORT values into modules because we have no idea if a
      symbol being imported refers to a value or a type because the only
      clue we would have is the symbol's name, so we assume IMPORTed
      symbols are for types.

      This means we can't import OIDs, for example, which is super
      annoying.

      One thing we might be able to do here is mark imported symbols as
      being of an undetermined-but-not-undefined type, then coerce the
      symbol's type the first time it's used in a context where its type
      is inferred as type, value, object, object set, or class.  (Though
      since we don't generate C symbols for objects or classes, we won't
      be able to import them, especially since we need to know them at
      compile time and cannot defer their handling to link- or
      run-time.)

    - The `NULL` type name, and the `NULL` value name now cause two
      reduce/reduce conflicts via the `FieldSetting` production.

    - Various shift/reduce conflicts involving `NULL` values in
      non-top-level contexts (in constraints, for example).

 - Currently I have a bug where to disambiguate the grammar I have a
   CLASS_IDENTIFIER token that is all caps, while TYPE_IDENTIFIER must
   start with a capital but not be all caps, but this breaks Kerberos
   since all its types are all capitalized -- oof!

   To fix this I made it so class names have to be all caps and
   start with an underscore (ick).

TBD:

 - Check all the XXX comments and address them
 - Apply this treatment to Kerberos!  Automatic handling of authz-data
   sounds useful :)
 - Apply this treatment to PKCS#10 (CSRs) and other ASN.1 modules too.
 - Replace various bits of code in `lib/hx509/` with uses of this
   feature.
 - Add JER.
 - Enhance `hxtool` and `asn1_print`.

Getting there!
2021-02-28 18:13:08 -06:00

2568 lines
76 KiB
C
Raw Blame History

/*
* Copyright (c) 2009 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Portions Copyright (c) 2009 - 2010 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "der_locl.h"
#include <com_err.h>
struct asn1_type_func asn1_template_prim[A1T_NUM_ENTRY] = {
#define el(name, type) { \
(asn1_type_encode)der_put_##name, \
(asn1_type_decode)der_get_##name, \
(asn1_type_length)der_length_##name, \
(asn1_type_copy)der_copy_##name, \
(asn1_type_release)der_free_##name, \
sizeof(type) \
}
#define elber(name, type) { \
(asn1_type_encode)der_put_##name, \
(asn1_type_decode)der_get_##name##_ber, \
(asn1_type_length)der_length_##name, \
(asn1_type_copy)der_copy_##name, \
(asn1_type_release)der_free_##name, \
sizeof(type) \
}
el(integer, int),
el(heim_integer, heim_integer),
el(integer, int),
el(integer64, int64_t),
el(unsigned, unsigned),
el(unsigned64, uint64_t),
el(general_string, heim_general_string),
el(octet_string, heim_octet_string),
elber(octet_string, heim_octet_string),
el(ia5_string, heim_ia5_string),
el(bmp_string, heim_bmp_string),
el(universal_string, heim_universal_string),
el(printable_string, heim_printable_string),
el(visible_string, heim_visible_string),
el(utf8string, heim_utf8_string),
el(generalized_time, time_t),
el(utctime, time_t),
el(bit_string, heim_bit_string),
{ (asn1_type_encode)der_put_boolean, (asn1_type_decode)der_get_boolean,
(asn1_type_length)der_length_boolean, (asn1_type_copy)der_copy_integer,
(asn1_type_release)der_free_integer, sizeof(int)
},
el(oid, heim_oid),
el(general_string, heim_general_string),
#undef el
#undef elber
};
size_t
_asn1_sizeofType(const struct asn1_template *t)
{
return t->offset;
}
/*
* Here is abstraction to not so well evil fact of bit fields in C,
* they are endian dependent, so when getting and setting bits in the
* host local structure we need to know the endianness of the host.
*
* Its not the first time in Heimdal this have bitten us, and some day
* we'll grow up and use #defined constant, but bit fields are still
* so pretty and shiny.
*/
static void
_asn1_bmember_get_bit(const unsigned char *p, void *data,
unsigned int bit, size_t size)
{
unsigned int localbit = bit % 8;
if ((*p >> (7 - localbit)) & 1) {
#ifdef WORDS_BIGENDIAN
*(unsigned int *)data |= (1 << ((size * 8) - bit - 1));
#else
*(unsigned int *)data |= (1 << bit);
#endif
}
}
int
_asn1_bmember_isset_bit(const void *data, unsigned int bit, size_t size)
{
#ifdef WORDS_BIGENDIAN
if ((*(unsigned int *)data) & (1 << ((size * 8) - bit - 1)))
return 1;
return 0;
#else
if ((*(unsigned int *)data) & (1 << bit))
return 1;
return 0;
#endif
}
void
_asn1_bmember_put_bit(unsigned char *p, const void *data, unsigned int bit,
size_t size, unsigned int *bitset)
{
unsigned int localbit = bit % 8;
if (_asn1_bmember_isset_bit(data, bit, size)) {
*p |= (1 << (7 - localbit));
if (*bitset == 0)
*bitset = (7 - localbit) + 1;
}
}
/*
* Utility function to tell us if the encoding of some type per its template
* will have an outer tag. This is needed when the caller wants to slap on an
* IMPLICIT tag: if the inner type has a tag then we need to replace it.
*/
static int
is_tagged(const struct asn1_template *t)
{
size_t elements = A1_HEADER_LEN(t);
t += A1_HEADER_LEN(t);
if (elements != 1)
return 0;
switch (t->tt & A1_OP_MASK) {
case A1_OP_SEQOF: return 0;
case A1_OP_SETOF: return 0;
case A1_OP_BMEMBER: return 0;
case A1_OP_PARSE: return 0;
case A1_OP_TAG: return 1;
case A1_OP_CHOICE: return 1;
case A1_OP_TYPE: return 1;
case A1_OP_TYPE_EXTERN: {
const struct asn1_type_func *f = t->ptr;
/*
* XXX Add a boolean to struct asn1_type_func to tell us if the type is
* tagged or not. Basically, it's not tagged if it's primitive.
*/
if (f->encode == (asn1_type_encode)encode_heim_any ||
f->encode == (asn1_type_encode)encode_HEIM_ANY)
return 0;
abort(); /* XXX */
}
default: abort();
}
}
static size_t
inner_type_taglen(const struct asn1_template *t)
{
size_t elements = A1_HEADER_LEN(t);
t += A1_HEADER_LEN(t);
if (elements != 1)
return 0;
switch (t->tt & A1_OP_MASK) {
case A1_OP_SEQOF: return 0;
case A1_OP_SETOF: return 0;
case A1_OP_BMEMBER: return 0;
case A1_OP_PARSE: return 0;
case A1_OP_CHOICE: return 1;
case A1_OP_TYPE: return inner_type_taglen(t->ptr);
case A1_OP_TAG: return der_length_tag(A1_TAG_TAG(t->tt));
case A1_OP_TYPE_EXTERN: {
const struct asn1_type_func *f = t->ptr;
/*
* XXX Add a boolean to struct asn1_type_func to tell us if the type is
* tagged or not. Basically, it's not tagged if it's primitive.
*/
if (f->encode == (asn1_type_encode)encode_heim_any ||
f->encode == (asn1_type_encode)encode_HEIM_ANY)
return 0;
abort(); /* XXX */
}
default: abort();
#ifdef WIN32
_exit(0); /* Quiet VC */
#endif
}
}
/*
* Compare some int of unknown size in a type ID field to the int value in
* some IOS object's type ID template entry.
*
* This should be called with a `A1_TAG_T(ASN1_C_UNIV, PRIM, UT_Integer)'
* template as the `ttypeid'.
*/
static int
typeid_int_cmp(const void *intp,
int64_t i,
const struct asn1_template *ttypeid)
{
const struct asn1_template *tint = ttypeid->ptr;
if ((tint[1].tt & A1_OP_MASK) != A1_OP_PARSE)
return -1;
if (A1_PARSE_TYPE(tint[1].tt) != A1T_INTEGER)
return -1;
switch (tint[0].offset) {
case 8: return i - *(const int64_t *)intp;
case 4: return i - *(const int32_t *)intp;
default: return -1;
}
}
/*
* Map a logical SET/SEQUENCE member to a template entry.
*
* This should really have been done by the compiler, but clearly it wasn't.
*
* The point is that a struct type's template may be littered with entries that
* don't directly correspond to a struct field (SET/SEQUENCE member), so we
* have to count just the ones that do to get to the one we want.
*/
static const struct asn1_template *
template4member(const struct asn1_template *t, size_t f)
{
size_t n = (uintptr_t)t->ptr;
size_t i;
for (i = 0, t++; i < n; t++, i++) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_TAG:
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN:
if (f-- == 0)
return t;
continue;
case A1_OP_OPENTYPE_OBJSET:
case A1_OP_NAME:
return NULL;
default:
continue;
}
}
return NULL;
}
/*
* Attempt to decode known open type alternatives into a CHOICE-like
* discriminated union.
*
* Arguments:
*
* - object set template
* - decoder flags
* - pointer to memory object (C struct) to decode into
* - template for type ID field of `data'
* - template for open type field of `data' (an octet string or HEIM_ANY)
*
* Returns:
*
* - 0
* - ENOMEM
*
* Other errors in decoding open type values are ignored, but applications can
* note that an error must have occurred. (Perhaps we should generate a `ret'
* field for the discriminated union we decode into that we could use to
* indicate what went wrong with decoding an open type value? The application
* can always try to decode itself to find out what the error was, but the
* whole point is to save the developer the bother of writing code to decode
* open type values. Then again, the specific cause of any one decode failure
* is not usually very important to users, so it's not very important to
* applications either.)
*
* Here `data' is something like this:
*
* typedef struct SingleAttribute {
* heim_oid type; // <--- decoded already
* HEIM_ANY value; // <--- decoded already
* // We must set this:
* // vvvvvvvv
* struct {
* enum {
* choice_SingleAttribute_iosnumunknown = 0,
* choice_SingleAttribute_iosnum_id_at_name,
* ..
* choice_SingleAttribute_iosnum_id_at_emailAddress,
* } element; // <--- map type ID to enum
* union {
* X520name* at_name;
* X520name* at_surname;
* ..
* AliasIA5String* at_emailAddress;
* } u; // <--- alloc and decode val above into this
* } _ioschoice_value;
* } SingleAttribute;
*
* or
*
* typedef struct AttributeSet {
* heim_oid type; // <--- decoded already
* struct AttributeSet_values {
* unsigned int len; // <--- decoded already
* HEIM_ANY *val; // <--- decoded already
* } values;
* // We must set this:
* // vvvvvvvv
* struct {
* enum { choice_AttributeSet_iosnumunknown = 0,
* choice_AttributeSet_iosnum_id_at_name,
* choice_AttributeSet_iosnum_id_at_surname,
* ..
* choice_AttributeSet_iosnum_id_at_emailAddress,
* } element; // <--- map type ID to enum
* unsigned int len; // <--- set len to len as above
* union {
* X520name *at_name;
* X520name *at_surname;
* ..
* AliasIA5String *at_emailAddress;
* } *val; // <--- alloc and decode vals above into this
* } _ioschoice_values;
* } AttributeSet;
*/
static int
_asn1_decode_open_type(const struct asn1_template *t,
unsigned flags,
void *data,
const struct asn1_template *ttypeid,
const struct asn1_template *topentype)
{
const struct asn1_template *ttypeid_univ = ttypeid;
const struct asn1_template *tactual_type;
const struct asn1_template *tos = t->ptr;
size_t sz, n;
size_t i = 0;
unsigned int *lenp = NULL; /* Pointer to array length field */
unsigned int len = 1; /* Array length */
void **dp = NULL; /* Decoded open type struct pointer */
int *elementp; /* Choice enum pointer */
int typeid_is_oid = 0;
int typeid_is_int = 0;
int ret = 0;
/*
* NOTE: Here expressions like `DPO(data, t->offset + ...)' refer to parts
* of a _ioschoice_<fieldName> struct field of `data'.
*
* Expressions like `DPO(data, topentype->offset + ...)' refer to
* the open type field in `data', which is either a `heim_any', a
* `heim_octet_string', or an array of one of those.
*
* Expressions like `DPO(data, ttypeid->offset)' refer to the open
* type's type ID field in `data'.
*/
/*
* Minimal setup:
*
* - set type choice to choice_<type>_iosnumunknown (zero).
* - set union value to zero
*
* We need a pointer to the choice ID:
*
* typedef struct AttributeSet {
* heim_oid type; // <--- decoded already
* struct AttributeSet_values {
* unsigned int len; // <--- decoded already
* HEIM_ANY *val; // <--- decoded already
* } values;
* struct {
* enum { choice_AttributeSet_iosnumunknown = 0,
* -----------> ...
* } element; // HERE
* ...
* } ...
* }
*
* XXX NOTE: We're assuming that sizeof(enum) == sizeof(int)!
*/
elementp = DPO(data, t->offset);
*elementp = 0; /* Set the choice to choice_<type>_iosnumunknown */
if (t->tt & A1_OS_OT_IS_ARRAY) {
/*
* The open type is a SET OF / SEQUENCE OF -- an array.
*
* Get the number of elements to decode from:
*
* typedef struct AttributeSet {
* heim_oid type;
* struct AttributeSet_values {
* ------------>unsigned int len; // HERE
* HEIM_ANY *val;
* } values;
* ...
* }
*/
len = *((unsigned int *)DPO(data, topentype->offset));
/*
* Set the number of decoded elements to zero for now:
*
* typedef struct AttributeSet {
* heim_oid type;
* struct AttributeSet_values {
* unsigned int len;
* HEIM_ANY *val;
* } values;
* struct {
* enum { ... } element;
* ------------>unsigned int len; // HERE
* ...
* } _ioschoice_values;
* }
*/
lenp = DPO(data, t->offset + sizeof(*elementp));
*lenp = 0;
/*
* Get a pointer to the place where we must put the decoded value:
*
* typedef struct AttributeSet {
* heim_oid type;
* struct AttributeSet_values {
* unsigned int len;
* HEIM_ANY *val;
* } values;
* struct {
* enum { ... } element;
* unsigned int len;
* struct {
* union { SomeType *some_choice; ... } u;
* ------------>} *val; // HERE
* } _ioschoice_values;
* } AttributeSet;
*/
dp = DPO(data, t->offset + sizeof(*elementp) + sizeof(*lenp));
} else {
/*
* Get a pointer to the place where we must put the decoded value:
*
* typedef struct SingleAttribute {
* heim_oid type;
* HEIM_ANY value;
* struct {
* enum { ... } element;
* ------------>union { SomeType *some_choice; ... } u; // HERE
* } _ioschoice_value;
* } SingleAttribute;
*/
dp = DPO(data, t->offset + sizeof(*elementp));
}
/* Align `dp' */
while (sizeof(void *) != sizeof(*elementp) &&
((uintptr_t)dp) % sizeof(void *) != 0)
dp = (void *)(((char *)dp) + sizeof(*elementp));
*dp = NULL;
/*
* Find out the type of the type ID member. We currently support only
* integers and OIDs.
*
* Chase through any tags to get to the type.
*/
while (((ttypeid_univ->tt & A1_OP_MASK) == A1_OP_TAG &&
A1_TAG_CLASS(ttypeid_univ->tt) == ASN1_C_CONTEXT) ||
((ttypeid_univ->tt & A1_OP_MASK) == A1_OP_TYPE)) {
ttypeid_univ = ttypeid_univ->ptr;
ttypeid_univ++;
}
switch (ttypeid_univ->tt & A1_OP_MASK) {
case A1_OP_TAG:
if (A1_TAG_CLASS(ttypeid_univ->tt) != ASN1_C_UNIV)
return 0; /* Do nothing, silently */
switch (A1_TAG_TAG(ttypeid_univ->tt)) {
case UT_OID:
typeid_is_oid = 1;
break;
case UT_Integer: {
const struct asn1_template *tint = ttypeid_univ->ptr;
tint++;
if ((tint->tt & A1_OP_MASK) != A1_OP_PARSE)
return 0; /* Do nothing, silently */
if (A1_PARSE_TYPE(tint->tt) != A1T_INTEGER)
return 0; /* Do nothing, silently (probably a large int) */
typeid_is_int = 1;
break;
}
/* It might be cool to support string types as type ID types */
default: return 0; /* Do nothing, silently */
}
break;
default: return 0; /* Do nothing, silently */
}
/*
* Find the type of the open type.
*
* An object set template looks like:
*
* const struct asn1_template asn1_ObjectSetName[] = {
* { 0, 0, ((void*)17) }, // HEADER ENTRY, here 17 objects
* // then two entries per object:
* { A1_OP_OPENTYPE_ID, 0, (const void*)&asn1_oid_oidName },
* { A1_OP_OPENTYPE, sizeof(SomeType), (const void*)&asn1_SomeType },
* ...
* };
*
* `i' will be a logical object offset, so i*2+1 will be the index of the
* A1_OP_OPENTYPE_ID entry for the current object, and i*2+2 will be the
* index of the A1_OP_OPENTYPE entry for the current object.
*/
if (t->tt & A1_OS_IS_SORTED) {
size_t left = 0;
size_t right = A1_HEADER_LEN(tos);
const void *vp = DPO(data, ttypeid->offset);
int c = -1;
while (left <= right) {
size_t mid = (left + right) >> 1;
if ((tos[1 + mid * 2].tt & A1_OP_MASK) != A1_OP_OPENTYPE_ID)
return 0;
if (typeid_is_int)
c = typeid_int_cmp(vp, (intptr_t)tos[1 + mid * 2].ptr,
ttypeid_univ);
else if (typeid_is_oid)
c = der_heim_oid_cmp(vp, tos[1 + mid * 2].ptr);
if (c < 0) {
if (mid)
right = mid - 1;
else
break;
} else if (c > 0) {
left = mid + 1;
} else {
i = mid;
break;
}
}
if (c)
return 0; /* No match */
} else {
for (i = 0, n = A1_HEADER_LEN(tos); i < n; i++) {
/* We add 1 to `i' because we're skipping the header */
if ((tos[1 + i*2].tt & A1_OP_MASK) != A1_OP_OPENTYPE_ID)
return 0;
if (typeid_is_int &&
typeid_int_cmp(DPO(data, ttypeid->offset),
(intptr_t)tos[1 + i*2].ptr,
ttypeid_univ))
continue;
if (typeid_is_oid &&
der_heim_oid_cmp(DPO(data, ttypeid->offset), tos[1 + i*2].ptr))
continue;
break;
}
if (i == n)
return 0; /* No match */
}
/* Match! */
*elementp = i+1; /* Zero is the "unknown" choice, so add 1 */
/*
* We want the A1_OP_OPENTYPE template entry. Its `offset' is the sizeof
* the object we'll be decoding into, and its `ptr' is the pointer to the
* template for decoding that type.
*/
tactual_type = &tos[i*2 + 2];
/* Decode the encoded open type value(s) */
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
/*
* Not a SET OF/SEQUENCE OF open type, just singular.
*
* We need the address of the octet string / ANY field containing the
* encoded open type value:
*
* typedef struct SingleAttribute {
* heim_oid type;
* -------->HEIM_ANY value; // HERE
* struct {
* ...
* } ...
* }
*/
const struct heim_base_data *d = DPOC(data, topentype->offset);
void *o;
if ((o = calloc(1, tactual_type->offset)) == NULL)
return ENOMEM;
/* Re-enter to decode the encoded open type value */
ret = _asn1_decode(tactual_type->ptr, flags, d->data, d->length, o, &sz);
/*
* Store the decoded object in the union:
*
* typedef struct SingleAttribute {
* heim_oid type;
* HEIM_ANY value;
* struct {
* enum { ... } element;
* ------------>union { SomeType *some_choice; ... } u; // HERE
* } _ioschoice_value;
* } SingleAttribute;
*
* All the union arms are pointers.
*/
if (ret) {
free(o);
/*
* So we failed to decode the open type -- that should not be fatal
* to decoding the rest of the input. Only ENOMEM should be fatal.
*/
ret = 0;
} else {
*dp = o;
}
return ret;
} else {
const struct heim_base_data * const *d;
void **val; /* Array of pointers */
/*
* A SET OF/SEQUENCE OF open type, plural.
*
* We need the address of the octet string / ANY array pointer field
* containing the encoded open type values:
*
* typedef struct AttributeSet {
* heim_oid type;
* struct AttributeSet_values {
* unsigned int len;
* ------------>HEIM_ANY *val; // HERE
* } values;
* ...
* }
*
* We already know the value of the `len' field.
*/
d = DPOC(data, topentype->offset + sizeof(unsigned int));
while (sizeof(void *) != sizeof(len) &&
((uintptr_t)d) % sizeof(void *) != 0)
d = (const void *)(((const char *)d) + sizeof(len));
if ((val = calloc(len, sizeof(*val))) == NULL)
ret = ENOMEM;
/* Increment the count of decoded values as we decode */
*lenp = len;
for (i = 0; ret != ENOMEM && i < len; i++) {
if ((val[i] = calloc(len, tactual_type->offset)) == NULL)
ret = ENOMEM;
if (ret == 0)
/* Re-enter to decode the encoded open type value */
ret = _asn1_decode(tactual_type->ptr, flags, d[i]->data,
d[i]->length, val[i], &sz);
if (ret) {
free(val[i]);
val[i] = NULL;
}
}
if (ret == ENOMEM) {
for (i = 0; i < len; i++) {
_asn1_free(tactual_type->ptr, val[i]);
free(val[i]);
}
free(val);
val = 0;
*lenp = 0;
}
if (ret != ENOMEM)
ret = 0; /* See above */
*dp = val;
return ret;
}
}
int
_asn1_decode(const struct asn1_template *t, unsigned flags,
const unsigned char *p, size_t len, void *data, size_t *size)
{
const struct asn1_template *tbase = t;
const struct asn1_template *tdefval = NULL;
size_t elements = A1_HEADER_LEN(t);
size_t oldlen = len;
int ret = 0;
const unsigned char *startp = NULL;
unsigned int template_flags = t->tt;
/* skip over header */
t++;
if (template_flags & A1_HF_PRESERVE)
startp = p;
while (elements) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_OPENTYPE_OBJSET: {
size_t opentypeid = t->tt & ((1<<10)-1);
size_t opentype = (t->tt >> 10) & ((1<<10)-1);
/* Note that the only error returned here would be ENOMEM */
ret = _asn1_decode_open_type(t, flags, data,
template4member(tbase, opentypeid),
template4member(tbase, opentype));
if (ret)
return ret;
break;
}
case A1_OP_NAME: break;
case A1_OP_DEFVAL:
tdefval = t;
break;
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN: {
size_t newsize, elsize;
void *el = DPO(data, t->offset);
void **pel = (void **)el;
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
elsize = _asn1_sizeofType(t->ptr);
} else {
const struct asn1_type_func *f = t->ptr;
elsize = f->size;
}
if (t->tt & A1_FLAG_OPTIONAL) {
*pel = calloc(1, elsize);
if (*pel == NULL)
return ENOMEM;
el = *pel;
}
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
ret = _asn1_decode(t->ptr, flags, p, len, el, &newsize);
} else {
const struct asn1_type_func *f = t->ptr;
ret = (f->decode)(p, len, el, &newsize);
}
if (ret) {
if (t->tt & A1_FLAG_OPTIONAL) {
/*
* Optional field not present in encoding, presumably,
* though we should really look more carefully at `ret'.
*/
free(*pel);
*pel = NULL;
break;
} else if (t->tt & A1_FLAG_DEFAULT) {
/*
* Defaulted field not present in encoding, presumably,
* though we should really look more carefully at `ret'.
*/
if (tdefval->tt & A1_DV_BOOLEAN) {
int *i = (void *)(char *)el;
*i = tdefval->ptr ? 1 : 0;
} else if (tdefval->tt & A1_DV_INTEGER64) {
int64_t *i = (void *)(char *)el;
*i = (int64_t)(intptr_t)tdefval->ptr;
} else if (tdefval->tt & A1_DV_INTEGER32) {
int32_t *i = (void *)(char *)el;
*i = (int32_t)(intptr_t)tdefval->ptr;
} else if (tdefval->tt & A1_DV_INTEGER) {
struct heim_integer *i = (void *)(char *)el;
if ((ret = der_copy_heim_integer(tdefval->ptr, i)))
return ret;
} else if (tdefval->tt & A1_DV_UTF8STRING) {
char **s = el;
if ((*s = strdup(tdefval->ptr)) == NULL)
return ENOMEM;
} else {
abort();
}
break;
}
return ret; /* Error decoding required field */
}
p += newsize; len -= newsize;
break;
}
case A1_OP_TAG: {
Der_type dertype;
size_t newsize = 0;
size_t datalen, l = 0;
void *olddata = data;
int is_indefinite = 0;
int subflags = flags;
int replace_tag = (t->tt & A1_FLAG_IMPLICIT) && is_tagged(t->ptr);
data = DPO(data, t->offset);
/*
* XXX If this type (chasing t->ptr through IMPLICIT tags, if this
* one is too, till we find a non-TTag) is a [UNIVERSAL SET] type,
* then we have to accept fields out of order. For each field tag
* we see we'd have to do a linear search of the SET's template
* because it won't be sorted (or we could sort a copy and do a
* binary search on that, but these SETs will always be small so it
* won't be worthwhile). We'll need a utility function to do all
* of this.
*/
ret = der_match_tag_and_length(p, len, A1_TAG_CLASS(t->tt),
&dertype, A1_TAG_TAG(t->tt),
&datalen, &l);
if (ret) {
if (t->tt & A1_FLAG_OPTIONAL) {
data = olddata;
break;
} else if (t->tt & A1_FLAG_DEFAULT) {
/*
* Defaulted field not present in encoding, presumably,
* though we should really look more carefully at `ret'.
*/
if (tdefval->tt & A1_DV_BOOLEAN) {
int *i = (void *)(char *)data;
*i = tdefval->ptr ? 1 : 0;
} else if (tdefval->tt & A1_DV_INTEGER64) {
int64_t *i = (void *)(char *)data;
*i = (int64_t)(intptr_t)tdefval->ptr;
} else if (tdefval->tt & A1_DV_INTEGER32) {
int32_t *i = (void *)(char *)data;
*i = (int32_t)(intptr_t)tdefval->ptr;
} else if (tdefval->tt & A1_DV_INTEGER) {
struct heim_integer *i = (void *)(char *)data;
if ((ret = der_copy_heim_integer(tdefval->ptr, i)))
return ret;
} else if (tdefval->tt & A1_DV_UTF8STRING) {
char **s = data;
if ((*s = strdup(tdefval->ptr)) == NULL)
return ENOMEM;
} else {
abort();
}
data = olddata;
break;
}
return ret; /* Error decoding required field */
}
p += l; len -= l;
/*
* Only allow indefinite encoding for OCTET STRING and BER
* for now. Should handle BIT STRING too.
*/
if (dertype != A1_TAG_TYPE(t->tt) && (flags & A1_PF_ALLOW_BER)) {
const struct asn1_template *subtype = t->ptr;
subtype++; /* skip header */
if (((subtype->tt & A1_OP_MASK) == A1_OP_PARSE) &&
A1_PARSE_TYPE(subtype->tt) == A1T_OCTET_STRING)
subflags |= A1_PF_INDEFINTE;
}
if (datalen == ASN1_INDEFINITE) {
if ((flags & A1_PF_ALLOW_BER) == 0)
return ASN1_GOT_BER;
is_indefinite = 1;
datalen = len;
if (datalen < 2)
return ASN1_OVERRUN;
/* hide EndOfContent for sub-decoder, catching it below */
datalen -= 2;
} else if (datalen > len)
return ASN1_OVERRUN;
if (t->tt & A1_FLAG_OPTIONAL) {
void **el = (void **)data;
size_t ellen = _asn1_sizeofType(t->ptr);
*el = calloc(1, ellen);
if (*el == NULL)
return ENOMEM;
data = *el;
}
if (replace_tag) {
const struct asn1_template *subtype = t->ptr;
int have_tag = 0;
/*
* So, we have an IMPLICIT tag. What we want to do is find the
* template for the body of the type so-tagged. That's going
* to be a template that has a tag that isn't itself IMPLICIT.
*
* So we chase the pointer in the template until we find such a
* thing, then decode using that template.
*/
while (!have_tag) {
subtype++;
if ((subtype->tt & A1_OP_MASK) == A1_OP_TAG)
replace_tag = (subtype->tt & A1_FLAG_IMPLICIT) && is_tagged(t->ptr);
if (replace_tag) {
subtype = subtype->ptr;
continue;
}
if ((subtype->tt & A1_OP_MASK) == A1_OP_TAG) {
ret = _asn1_decode(subtype->ptr, subflags, p, datalen, data, &newsize);
have_tag = 1;
} else {
subtype = subtype->ptr;
}
}
} else {
ret = _asn1_decode(t->ptr, subflags, p, datalen, data, &newsize);
}
if (ret)
return ret;
if (is_indefinite) {
/* If we use indefinite encoding, the newsize is the datasize. */
datalen = newsize;
} else if (newsize != datalen) {
/* Check for hidden data that might be after the real tag */
return ASN1_EXTRA_DATA;
}
len -= datalen;
p += datalen;
/*
* Indefinite encoding needs a trailing EndOfContent,
* check for that.
*/
if (is_indefinite) {
ret = der_match_tag_and_length(p, len, ASN1_C_UNIV,
&dertype, UT_EndOfContent,
&datalen, &l);
if (ret)
return ret;
if (dertype != PRIM)
return ASN1_BAD_ID;
if (datalen != 0)
return ASN1_INDEF_EXTRA_DATA;
p += l; len -= l;
}
data = olddata;
break;
}
case A1_OP_PARSE: {
unsigned int type = A1_PARSE_TYPE(t->tt);
size_t newsize;
void *el = DPO(data, t->offset);
/*
* INDEFINITE primitive types are one element after the
* same type but non-INDEFINITE version.
*/
if (flags & A1_PF_INDEFINTE)
type++;
if (type >= sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) {
ABORT_ON_ERROR();
return ASN1_PARSE_ERROR;
}
ret = (asn1_template_prim[type].decode)(p, len, el, &newsize);
if (ret)
return ret;
p += newsize; len -= newsize;
break;
}
case A1_OP_SETOF:
case A1_OP_SEQOF: {
struct template_of *el = DPO(data, t->offset);
size_t newsize;
size_t ellen = _asn1_sizeofType(t->ptr);
size_t vallength = 0;
while (len > 0) {
void *tmp;
size_t newlen = vallength + ellen;
if (vallength > newlen)
return ASN1_OVERFLOW;
tmp = realloc(el->val, newlen);
if (tmp == NULL)
return ENOMEM;
memset(DPO(tmp, vallength), 0, ellen);
el->val = tmp;
ret = _asn1_decode(t->ptr, flags & (~A1_PF_INDEFINTE), p, len,
DPO(el->val, vallength), &newsize);
if (ret)
return ret;
vallength = newlen;
el->len++;
p += newsize; len -= newsize;
}
break;
}
case A1_OP_BMEMBER: {
const struct asn1_template *bmember = t->ptr;
size_t bsize = bmember->offset;
size_t belements = A1_HEADER_LEN(bmember);
size_t pos = 0;
bmember++;
memset(data, 0, bsize);
if (len < 1)
return ASN1_OVERRUN;
p++; len--;
while (belements && len) {
while (bmember->offset / 8 > pos / 8) {
if (len < 1)
break;
p++; len--;
pos += 8;
}
if (len) {
_asn1_bmember_get_bit(p, data, bmember->offset, bsize);
belements--; bmember++;
}
}
len = 0;
break;
}
case A1_OP_CHOICE: {
const struct asn1_template *choice = t->ptr;
unsigned int *element = DPO(data, choice->offset);
size_t datalen;
unsigned int i;
/*
* Provide a saner value as default, we should have a NO element value.
*
* XXX We do have an element value for the ellipsis case: 0. All
* CHOICE discriminant enums start off at 1.
*/
*element = 1;
for (i = 1; i < A1_HEADER_LEN(choice) + 1; i++) {
/*
* This is more permissive than is required. CHOICE
* alternatives must have different outer tags, so in principle
* we should just match the tag at `p' and `len' in sequence to
* the choice alternatives.
*
* Trying every alternative instead happens to do this anyways
* because each one will first match the tag at `p' and `len',
* but if there are CHOICE altnernatives with the same outer
* tag, then we'll allow it, and they had better be unambiguous
* in their internal details, otherwise there would be some
* aliasing.
*
* Arguably the *compiler* should detect ambiguous CHOICE types
* and raise an error, then we don't have to be concerned here
* at all.
*/
ret = _asn1_decode(choice[i].ptr, 0, p, len,
DPO(data, choice[i].offset), &datalen);
if (ret == 0) {
*element = i;
p += datalen; len -= datalen;
break;
} else if (ret != ASN1_BAD_ID && ret != ASN1_MISPLACED_FIELD && ret != ASN1_MISSING_FIELD) {
return ret;
}
}
if (i >= A1_HEADER_LEN(choice) + 1) {
if (choice->tt == 0)
return ASN1_BAD_ID;
*element = 0;
ret = der_get_octet_string(p, len,
DPO(data, choice->tt), &datalen);
if (ret)
return ret;
p += datalen; len -= datalen;
}
break;
}
default:
ABORT_ON_ERROR();
return ASN1_PARSE_ERROR;
}
t++;
elements--;
}
/* if we are using padding, eat up read of context */
if (template_flags & A1_HF_ELLIPSIS)
len = 0;
oldlen -= len;
if (size)
*size = oldlen;
/*
* saved the raw bits if asked for it, useful for signature
* verification.
*/
if (startp) {
heim_octet_string *save = data;
save->data = malloc(oldlen);
if (save->data == NULL)
return ENOMEM;
else {
save->length = oldlen;
memcpy(save->data, startp, oldlen);
}
}
return 0;
}
/*
* This should be called with a `A1_TAG_T(ASN1_C_UNIV, PRIM, UT_Integer)'
* template as the `ttypeid'.
*/
static int
typeid_int_copy(void *intp,
int64_t i,
const struct asn1_template *ttypeid)
{
const struct asn1_template *tint = ttypeid->ptr;
if ((tint[1].tt & A1_OP_MASK) != A1_OP_PARSE)
return -1;
if (A1_PARSE_TYPE(tint[1].tt) != A1T_INTEGER)
return -1;
switch (tint[0].offset) {
case 8: *((int64_t *)intp) = i; return 0;
case 4: *((int32_t *)intp) = i; return 0;
default: memset(intp, 0, tint[0].offset); return 0;
}
}
/* See commentary in _asn1_decode_open_type() */
static int
_asn1_encode_open_type(const struct asn1_template *t,
const void *data, /* NOTE: Not really const */
const struct asn1_template *ttypeid,
const struct asn1_template *topentype)
{
const struct asn1_template *ttypeid_univ = ttypeid;
const struct asn1_template *tactual_type;
const struct asn1_template *tos = t->ptr;
size_t sz, i;
unsigned int *lenp = NULL;
unsigned int len = 1;
int element = *(const int *)DPOC(data, t->offset);
int typeid_is_oid = 0;
int typeid_is_int = 0;
int enotsup = 0;
int ret = 0;
if (element == 0 || element >= A1_HEADER_LEN(tos) + 1)
return 0;
if (t->tt & A1_OS_OT_IS_ARRAY) {
/* The actual `len' is from the decoded open type field */
len = *(const unsigned int *)DPOC(data, t->offset + sizeof(element));
if (!len)
return 0; /* The app may be encoding the open type by itself */
}
/* Work out the type ID field's type */
while (((ttypeid_univ->tt & A1_OP_MASK) == A1_OP_TAG &&
A1_TAG_CLASS(ttypeid_univ->tt) == ASN1_C_CONTEXT) ||
((ttypeid_univ->tt & A1_OP_MASK) == A1_OP_TYPE)) {
ttypeid_univ = ttypeid_univ->ptr;
ttypeid_univ++;
}
switch (ttypeid_univ->tt & A1_OP_MASK) {
case A1_OP_TAG:
if (A1_TAG_CLASS(ttypeid_univ->tt) != ASN1_C_UNIV) {
enotsup = 1;
break;
}
switch (A1_TAG_TAG(ttypeid_univ->tt)) {
case UT_OID:
typeid_is_oid = 1;
break;
case UT_Integer: {
const struct asn1_template *tint = ttypeid_univ->ptr;
tint++;
if ((tint->tt & A1_OP_MASK) != A1_OP_PARSE ||
A1_PARSE_TYPE(tint->tt) != A1T_INTEGER) {
enotsup = 1;
break;
}
typeid_is_int = 1;
break;
}
default: enotsup = 1; break;
}
break;
default: enotsup = 1; break;
}
/*
* The app may not be aware of our automatic open type handling, so if the
* open type already appears to have been encoded, then ignore the decoded
* values.
*/
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
struct heim_base_data *os = DPO(data, topentype->offset);
if (os->length && os->data)
return 0;
} else {
struct heim_base_data **os = DPO(data, topentype->offset + sizeof(len));
lenp = DPO(data, topentype->offset);
if (*lenp == len && os[0]->length && os[1]->data)
return 0;
}
if (typeid_is_int) {
/*
* Copy the int from the type ID object field to the type ID struct
* field.
*/
ret = typeid_int_copy(DPO(data, ttypeid->offset),
(intptr_t)tos[1 + (element-1)*2].ptr, ttypeid_univ);
} else if (typeid_is_oid) {
/*
* Copy the OID from the type ID object field to the type ID struct
* field.
*/
ret = der_copy_oid(tos[1 + (element-1)*2].ptr, DPO(data, ttypeid->offset));
} else
enotsup = 1;
/*
* If the app did not already encode the open type, we can't help it if we
* don't know what it is.
*/
if (enotsup)
return ENOTSUP;
tactual_type = &tos[(element-1)*2 + 2];
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
struct heim_base_data *os = DPO(data, topentype->offset);
const void * const *d = DPOC(data, t->offset + sizeof(element));
while (sizeof(void *) != sizeof(element) &&
((uintptr_t)d) % sizeof(void *) != 0) {
d = (void *)(((char *)d) + sizeof(element));
}
os->length = _asn1_length(tactual_type->ptr, *d);
if ((os->data = malloc(os->length)) == NULL)
return ENOMEM;
ret = _asn1_encode(tactual_type->ptr, (os->length - 1) + (unsigned char *)os->data, os->length, *d, &sz);
} else {
struct heim_base_data *os;
const void * const *val =
DPOC(data, t->offset + sizeof(element) + sizeof(*lenp));
if ((os = calloc(len, sizeof(*os))) == NULL)
return ENOMEM;
*lenp = len;
for (i = 0; ret == 0 && i < len; i++) {
os[i].length = _asn1_length(tactual_type->ptr, val[i]);
if ((os[i].data = malloc(os[i].length)) == NULL)
ret = ENOMEM;
if (ret == 0)
ret = _asn1_encode(tactual_type->ptr, (os[i].length - 1) + (unsigned char *)os[i].data, os[i].length,
val[i], &sz);
}
if (ret) {
for (i = 0; i < (*lenp); i++)
free(os[i].data);
free(os);
*lenp = 0;
return ret;
}
*(struct heim_base_data **)DPO(data, topentype->offset + sizeof(len)) = os;
}
return ret;
}
int
_asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, const void *data, size_t *size)
{
const struct asn1_template *tbase = t;
size_t elements = A1_HEADER_LEN(t);
int ret = 0;
size_t oldlen = len;
t += A1_HEADER_LEN(t);
while (elements) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_OPENTYPE_OBJSET: {
size_t opentypeid = t->tt & ((1<<10)-1);
size_t opentype = (t->tt >> 10) & ((1<<10)-1);
ret = _asn1_encode_open_type(t, data,
template4member(tbase, opentypeid),
template4member(tbase, opentype));
if (ret)
return ret;
break;
}
case A1_OP_NAME: break;
case A1_OP_DEFVAL: break;
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN: {
size_t newsize;
const void *el = DPOC(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **pel = (void **)el;
if (*pel == NULL)
break;
el = *pel;
} else if ((t->tt & A1_FLAG_DEFAULT) && elements > 1) {
const struct asn1_template *tdefval = t - 1;
/* Compare tdefval to whatever's at `el' */
if (tdefval->tt & A1_DV_BOOLEAN) {
const int *i = (void *)(char *)el;
if ((*i && tdefval->ptr) || (!*i && !tdefval->ptr))
break;
} else if (tdefval->tt & A1_DV_INTEGER64) {
const int64_t *i = (void *)(char *)el;
if (*i == (int64_t)(intptr_t)tdefval->ptr)
break;
} else if (tdefval->tt & A1_DV_INTEGER32) {
const int32_t *i = (void *)(char *)el;
if ((int64_t)(intptr_t)tdefval->ptr <= INT_MAX &&
(int64_t)(intptr_t)tdefval->ptr >= INT_MIN &&
*i == (int32_t)(intptr_t)tdefval->ptr)
break;
} else if (tdefval->tt & A1_DV_INTEGER) {
const struct heim_integer *i = (void *)(char *)el;
if (der_heim_integer_cmp(i, tdefval->ptr) == 0)
break;
} else if (tdefval->tt & A1_DV_UTF8STRING) {
const char * const *s = el;
if (*s && strcmp(*s, tdefval->ptr) == 0)
break;
} else {
abort();
}
}
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
ret = _asn1_encode(t->ptr, p, len, el, &newsize);
} else {
const struct asn1_type_func *f = t->ptr;
ret = (f->encode)(p, len, el, &newsize);
}
if (ret)
return ret;
p -= newsize; len -= newsize;
break;
}
case A1_OP_TAG: {
const void *olddata = data;
size_t l, datalen = 0;
int replace_tag = 0;
/*
* XXX If this type (chasing t->ptr through IMPLICIT tags, if this
* one is too) till we find a non-TTag) is a [UNIVERSAL SET] type,
* then we have to sort [a copy of] its template by tag, then
* encode the SET using that sorted template. These SETs will
* generally be small, so when they are we might want to allocate
* the copy on the stack and insertion sort it. We'll need a
* utility function to do all of this.
*/
data = DPOC(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **el = (void **)data;
if (*el == NULL) {
data = olddata;
break;
}
data = *el;
} else if ((t->tt & A1_FLAG_DEFAULT) && elements > 1) {
const struct asn1_template *tdefval = t - 1;
int exclude = 0;
/* Compare tdefval to whatever's at `data' */
if (tdefval->tt & A1_DV_BOOLEAN) {
const int *i = (void *)(char *)data;
if ((*i && tdefval->ptr) || (!*i && !tdefval->ptr))
exclude = 1;
} else if (tdefval->tt & A1_DV_INTEGER64) {
const int64_t *i = (void *)(char *)data;
if (*i == (int64_t)(intptr_t)tdefval->ptr)
exclude = 1;
} else if (tdefval->tt & A1_DV_INTEGER32) {
const int32_t *i = (void *)(char *)data;
if ((int64_t)(intptr_t)tdefval->ptr <= INT_MAX &&
(int64_t)(intptr_t)tdefval->ptr >= INT_MIN &&
*i == (int32_t)(intptr_t)tdefval->ptr)
exclude = 1;
} else if (tdefval->tt & A1_DV_INTEGER) {
const struct heim_integer *i = (void *)(char *)data;
if (der_heim_integer_cmp(i, tdefval->ptr) == 0)
break;
} else if (tdefval->tt & A1_DV_UTF8STRING) {
const char * const *s = data;
if (*s && strcmp(*s, tdefval->ptr) == 0)
exclude = 1;
} else {
abort();
}
if (exclude) {
data = olddata;
break;
}
}
replace_tag = (t->tt & A1_FLAG_IMPLICIT) && is_tagged(t->ptr);
/* IMPLICIT tags need special handling (see gen_encode.c) */
if (replace_tag) {
unsigned char *pfree, *psave = p;
Der_class found_class;
Der_type found_type = 0;
unsigned int found_tag;
size_t lensave = len;
size_t oldtaglen = 0;
size_t taglen = der_length_tag(A1_TAG_TAG(t->tt));;
/* Allocate a buffer at least as big as we need */
len = _asn1_length(t->ptr, data) + taglen;
if ((p = pfree = malloc(len)) == NULL) {
ret = ENOMEM;
} else {
/*
* Encode into it (with the wrong tag, which we'll replace
* below).
*/
p += len - 1;
ret = _asn1_encode(t->ptr, p, len, data, &datalen);
}
if (ret == 0) {
/* Get the old tag and, critically, its length */
len -= datalen; p -= datalen;
ret = der_get_tag(p + 1, datalen, &found_class, &found_type,
&found_tag, &oldtaglen);
}
if (ret == 0) {
/* Drop the old tag */
len += oldtaglen; p += oldtaglen;
/* Put the new tag */
ret = der_put_tag(p, len,
A1_TAG_CLASS(t->tt),
found_type,
A1_TAG_TAG(t->tt), &l);
}
if (ret == 0) {
/* Copy the encoding where it belongs */
len -= l; p -= l;
psave -= (datalen + l - oldtaglen);
lensave -= (datalen + l - oldtaglen);
memcpy(psave + 1, p + 1, datalen + l - oldtaglen);
p = psave;
len = lensave;
}
free(pfree);
} else {
/* Easy case */
ret = _asn1_encode(t->ptr, p, len, data, &datalen);
if (ret)
return ret;
len -= datalen; p -= datalen;
ret = der_put_length_and_tag(p, len, datalen,
A1_TAG_CLASS(t->tt),
A1_TAG_TYPE(t->tt),
A1_TAG_TAG(t->tt), &l);
if (ret == 0) {
p -= l; len -= l;
}
}
if (ret)
return ret;
data = olddata;
break;
}
case A1_OP_PARSE: {
unsigned int type = A1_PARSE_TYPE(t->tt);
size_t newsize;
const void *el = DPOC(data, t->offset);
if (type >= sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) {
ABORT_ON_ERROR();
return ASN1_PARSE_ERROR;
}
ret = (asn1_template_prim[type].encode)(p, len, el, &newsize);
if (ret)
return ret;
p -= newsize; len -= newsize;
break;
}
case A1_OP_SETOF: {
const struct template_of *el = DPOC(data, t->offset);
size_t ellen = _asn1_sizeofType(t->ptr);
heim_octet_string *val;
unsigned char *elptr = el->val;
size_t i, totallen;
if (el->len == 0)
break;
if (el->len > UINT_MAX/sizeof(val[0]))
return ERANGE;
val = calloc(el->len, sizeof(val[0]));
if (val == NULL)
return ENOMEM;
for(totallen = 0, i = 0; i < el->len; i++) {
unsigned char *next;
size_t l;
val[i].length = _asn1_length(t->ptr, elptr);
if (val[i].length) {
val[i].data = malloc(val[i].length);
if (val[i].data == NULL) {
ret = ENOMEM;
break;
}
}
ret = _asn1_encode(t->ptr, DPO(val[i].data, val[i].length - 1),
val[i].length, elptr, &l);
if (ret)
break;
next = elptr + ellen;
if (next < elptr) {
ret = ASN1_OVERFLOW;
break;
}
elptr = next;
totallen += val[i].length;
}
if (ret == 0 && totallen > len)
ret = ASN1_OVERFLOW;
if (ret) {
for (i = 0; i < el->len; i++)
free(val[i].data);
free(val);
return ret;
}
len -= totallen;
qsort(val, el->len, sizeof(val[0]), _heim_der_set_sort);
i = el->len - 1;
do {
p -= val[i].length;
memcpy(p + 1, val[i].data, val[i].length);
free(val[i].data);
} while(i-- > 0);
free(val);
break;
}
case A1_OP_SEQOF: {
struct template_of *el = DPO(data, t->offset);
size_t ellen = _asn1_sizeofType(t->ptr);
size_t newsize;
unsigned int i;
unsigned char *elptr = el->val;
if (el->len == 0)
break;
elptr += ellen * (el->len - 1);
for (i = 0; i < el->len; i++) {
ret = _asn1_encode(t->ptr, p, len,
elptr,
&newsize);
if (ret)
return ret;
p -= newsize; len -= newsize;
elptr -= ellen;
}
break;
}
case A1_OP_BMEMBER: {
const struct asn1_template *bmember = t->ptr;
size_t bsize = bmember->offset;
size_t belements = A1_HEADER_LEN(bmember);
size_t pos;
unsigned char c = 0;
unsigned int bitset = 0;
int rfc1510 = (bmember->tt & A1_HBF_RFC1510);
bmember += belements;
if (rfc1510)
pos = 31;
else
pos = bmember->offset;
while (belements && len) {
while (bmember->offset / 8 < pos / 8) {
if (rfc1510 || bitset || c) {
if (len < 1)
return ASN1_OVERFLOW;
*p-- = c; len--;
}
c = 0;
pos -= 8;
}
_asn1_bmember_put_bit(&c, data, bmember->offset, bsize, &bitset);
belements--; bmember--;
}
if (rfc1510 || bitset) {
if (len < 1)
return ASN1_OVERFLOW;
*p-- = c; len--;
}
if (len < 1)
return ASN1_OVERFLOW;
if (rfc1510 || bitset == 0)
*p-- = 0;
else
*p-- = bitset - 1;
len--;
break;
}
case A1_OP_CHOICE: {
const struct asn1_template *choice = t->ptr;
const unsigned int *element = DPOC(data, choice->offset);
size_t datalen;
const void *el;
if (*element > A1_HEADER_LEN(choice)) {
printf("element: %d\n", *element);
return ASN1_PARSE_ERROR;
}
if (*element == 0) {
ret += der_put_octet_string(p, len,
DPOC(data, choice->tt), &datalen);
} else {
choice += *element;
el = DPOC(data, choice->offset);
ret = _asn1_encode(choice->ptr, p, len, el, &datalen);
if (ret)
return ret;
}
len -= datalen; p -= datalen;
break;
}
default:
ABORT_ON_ERROR();
}
t--;
elements--;
}
if (size)
*size = oldlen - len;
return 0;
}
static size_t
_asn1_length_open_type_helper(const struct asn1_template *t,
size_t sz)
{
const struct asn1_template *tinner = t->ptr;
switch (t->tt & A1_OP_MASK) {
case A1_OP_TAG:
/* XXX Not tail-recursive :( */
sz = _asn1_length_open_type_helper(tinner, sz);
sz += der_length_len(sz);
sz += der_length_tag(A1_TAG_TAG(t->tt));
return sz;
default:
return sz;
}
}
static size_t
_asn1_length_open_type_id(const struct asn1_template *t,
const void *data)
{
struct asn1_template pretend[2] = {
{ 0, 0, ((void*)1) },
};
pretend[1] = *t;
while ((t->tt & A1_OP_MASK) == A1_OP_TAG)
t = t->ptr;
pretend[0].offset = t->offset;
return _asn1_length(pretend, data);
}
/* See commentary in _asn1_encode_open_type() */
static size_t
_asn1_length_open_type(const struct asn1_template *tbase,
const struct asn1_template *t,
const void *data,
const struct asn1_template *ttypeid,
const struct asn1_template *topentype)
{
const struct asn1_template *ttypeid_univ = ttypeid;
const struct asn1_template *tactual_type;
const struct asn1_template *tos = t->ptr;
const unsigned int *lenp = NULL;
unsigned int len = 1;
size_t sz = 0;
size_t i;
int element = *(const int *)DPOC(data, t->offset);
int typeid_is_oid = 0;
int typeid_is_int = 0;
/* If nothing to encode, we add nothing to the length */
if (element == 0 || element >= A1_HEADER_LEN(tos) + 1)
return 0;
if (t->tt & A1_OS_OT_IS_ARRAY) {
len = *(const unsigned int *)DPOC(data, t->offset + sizeof(element));
if (!len)
return 0;
}
/* Work out the type ID field's type */
while (((ttypeid_univ->tt & A1_OP_MASK) == A1_OP_TAG &&
A1_TAG_CLASS(ttypeid_univ->tt) == ASN1_C_CONTEXT) ||
((ttypeid_univ->tt & A1_OP_MASK) == A1_OP_TYPE)) {
ttypeid_univ = ttypeid_univ->ptr;
ttypeid_univ++;
}
switch (ttypeid_univ->tt & A1_OP_MASK) {
case A1_OP_TAG:
if (A1_TAG_CLASS(ttypeid_univ->tt) != ASN1_C_UNIV)
return 0;
switch (A1_TAG_TAG(ttypeid_univ->tt)) {
case UT_OID:
typeid_is_oid = 1;
break;
case UT_Integer: {
const struct asn1_template *tint = ttypeid_univ->ptr;
tint++;
if ((tint->tt & A1_OP_MASK) != A1_OP_PARSE ||
A1_PARSE_TYPE(tint->tt) != A1T_INTEGER)
return 0;
typeid_is_int = 1;
break;
}
default: return 0;
}
break;
default: return 0;
}
if (!typeid_is_int && !typeid_is_oid)
return 0;
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
struct heim_base_data *os = DPO(data, topentype->offset);
if (os->length && os->data)
return 0;
} else {
struct heim_base_data **os = DPO(data, topentype->offset + sizeof(len));
lenp = DPOC(data, topentype->offset);
if (*lenp == len && os[0]->length && os[1]->data)
return 0;
}
/* Compute the size of the type ID field */
if (typeid_is_int) {
int64_t i8;
int32_t i4;
switch (ttypeid_univ->offset) {
case 8:
i8 = (intptr_t)t->ptr;
sz = _asn1_length_open_type_id(ttypeid, &i8);
i8 = 0;
sz -= _asn1_length_open_type_id(ttypeid, &i8);
break;
case 4:
i4 = (intptr_t)t->ptr;
sz = _asn1_length_open_type_id(ttypeid, &i4);
i4 = 0;
sz -= _asn1_length_open_type_id(ttypeid, &i8);
break;
default:
return 0;
}
} else if (typeid_is_oid) {
heim_oid no_oid = { 0, 0 };
sz = _asn1_length_open_type_id(ttypeid, tos[1 + (element - 1)*2].ptr);
sz -= _asn1_length_open_type_id(ttypeid, &no_oid);
}
tactual_type = &tos[(element-1)*2 + 2];
/* Compute the size of the encoded value(s) */
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
const void * const *d = DPOC(data, t->offset + sizeof(element));
while (sizeof(void *) != sizeof(element) &&
((uintptr_t)d) % sizeof(void *) != 0)
d = (void *)(((char *)d) + sizeof(element));
if (*d)
sz += _asn1_length(tactual_type->ptr, *d);
} else {
size_t bodysz;
const void * const * val =
DPOC(data, t->offset + sizeof(element) + sizeof(*lenp));
/* Compute the size of the encoded SET OF / SEQUENCE OF body */
for (i = 0, bodysz = 0; i < len; i++) {
if (val[i])
bodysz += _asn1_length(tactual_type->ptr, val[i]);
}
/*
* We now know the size of the body of the SET OF or SEQUENCE OF. Now
* we just need to count the length of all the TLs on the outside.
*/
sz += _asn1_length_open_type_helper(topentype, bodysz);
}
return sz;
}
size_t
_asn1_length(const struct asn1_template *t, const void *data)
{
const struct asn1_template *tbase = t;
size_t elements = A1_HEADER_LEN(t);
size_t ret = 0;
t += A1_HEADER_LEN(t);
while (elements) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_OPENTYPE_OBJSET: {
size_t opentypeid = t->tt & ((1<<10)-1);
size_t opentype = (t->tt >> 10) & ((1<<10)-1);
ret += _asn1_length_open_type(tbase, t, data,
template4member(tbase, opentypeid),
template4member(tbase, opentype));
break;
}
case A1_OP_NAME: break;
case A1_OP_DEFVAL: break;
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN: {
const void *el = DPOC(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **pel = (void **)el;
if (*pel == NULL)
break;
el = *pel;
} else if ((t->tt & A1_FLAG_DEFAULT) && elements > 1) {
const struct asn1_template *tdefval = t - 1;
/* Compare tdefval to whatever's at `el' */
if (tdefval->tt & A1_DV_BOOLEAN) {
const int *i = (void *)(char *)el;
if ((*i && tdefval->ptr) || (!*i && !tdefval->ptr))
break;
} else if (tdefval->tt & A1_DV_INTEGER64) {
const int64_t *i = (void *)(char *)el;
if (*i == (int64_t)(intptr_t)tdefval->ptr)
break;
} else if (tdefval->tt & A1_DV_INTEGER32) {
const int32_t *i = (void *)(char *)el;
if ((int64_t)(intptr_t)tdefval->ptr <= INT_MAX &&
(int64_t)(intptr_t)tdefval->ptr >= INT_MIN &&
*i == (int32_t)(intptr_t)tdefval->ptr)
break;
} else if (tdefval->tt & A1_DV_INTEGER) {
const struct heim_integer *i = (void *)(char *)el;
if (der_heim_integer_cmp(i, tdefval->ptr) == 0)
break;
} else if (tdefval->tt & A1_DV_UTF8STRING) {
const char * const *s = el;
if (*s && strcmp(*s, tdefval->ptr) == 0)
break;
} else {
abort();
}
}
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
ret += _asn1_length(t->ptr, el);
} else {
const struct asn1_type_func *f = t->ptr;
ret += (f->length)(el);
}
break;
}
case A1_OP_TAG: {
size_t datalen;
const void *olddata = data;
size_t oldtaglen = 0;
data = DPO(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **el = (void **)data;
if (*el == NULL) {
data = olddata;
break;
}
data = *el;
} else if ((t->tt & A1_FLAG_DEFAULT) && elements > 1) {
const struct asn1_template *tdefval = t - 1;
int exclude = 0;
/* Compare tdefval to whatever's at `data' */
if (tdefval->tt & A1_DV_BOOLEAN) {
const int *i = (void *)(char *)data;
if ((*i && tdefval->ptr) || (!*i && !tdefval->ptr))
exclude = 1;
} else if (tdefval->tt & A1_DV_INTEGER64) {
const int64_t *i = (void *)(char *)data;
if (*i == (int64_t)(intptr_t)tdefval->ptr)
exclude = 1;
} else if (tdefval->tt & A1_DV_INTEGER32) {
const int32_t *i = (void *)(char *)data;
if ((int64_t)(intptr_t)tdefval->ptr <= INT_MAX &&
(int64_t)(intptr_t)tdefval->ptr >= INT_MIN &&
*i == (int32_t)(intptr_t)tdefval->ptr)
exclude = 1;
} else if (tdefval->tt & A1_DV_INTEGER) {
const struct heim_integer *i = (void *)(char *)data;
if (der_heim_integer_cmp(i, tdefval->ptr) == 0)
exclude = 1;
} else if (tdefval->tt & A1_DV_UTF8STRING) {
const char * const *s = data;
if (*s && strcmp(*s, tdefval->ptr) == 0)
exclude = 1;
} else {
abort();
}
if (exclude) {
data = olddata;
break;
}
}
if (t->tt & A1_FLAG_IMPLICIT)
oldtaglen = inner_type_taglen(t->ptr);
datalen = _asn1_length(t->ptr, data);
ret += datalen;
ret += der_length_tag(A1_TAG_TAG(t->tt));
ret += oldtaglen ? -oldtaglen : der_length_len(datalen);
data = olddata;
break;
}
case A1_OP_PARSE: {
unsigned int type = A1_PARSE_TYPE(t->tt);
const void *el = DPOC(data, t->offset);
if (type >= sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) {
ABORT_ON_ERROR();
break;
}
ret += (asn1_template_prim[type].length)(el);
break;
}
case A1_OP_SETOF:
case A1_OP_SEQOF: {
const struct template_of *el = DPOC(data, t->offset);
size_t ellen = _asn1_sizeofType(t->ptr);
const unsigned char *element = el->val;
unsigned int i;
for (i = 0; i < el->len; i++) {
ret += _asn1_length(t->ptr, element);
element += ellen;
}
break;
}
case A1_OP_BMEMBER: {
const struct asn1_template *bmember = t->ptr;
size_t size = bmember->offset;
size_t belements = A1_HEADER_LEN(bmember);
int rfc1510 = (bmember->tt & A1_HBF_RFC1510);
if (rfc1510) {
ret += 5;
} else {
ret += 1;
bmember += belements;
while (belements) {
if (_asn1_bmember_isset_bit(data, bmember->offset, size)) {
ret += (bmember->offset / 8) + 1;
break;
}
belements--; bmember--;
}
}
break;
}
case A1_OP_CHOICE: {
const struct asn1_template *choice = t->ptr;
const unsigned int *element = DPOC(data, choice->offset);
if (*element > A1_HEADER_LEN(choice))
break;
if (*element == 0) {
ret += der_length_octet_string(DPOC(data, choice->tt));
} else {
choice += *element;
ret += _asn1_length(choice->ptr, DPOC(data, choice->offset));
}
break;
}
default:
ABORT_ON_ERROR();
break;
}
elements--;
t--;
}
return ret;
}
/* See commentary in _asn1_decode_open_type() */
static void
_asn1_free_open_type(const struct asn1_template *t, /* object set template */
void *data)
{
const struct asn1_template *tactual_type;
const struct asn1_template *tos = t->ptr;
unsigned int *lenp = NULL; /* Pointer to array length field */
unsigned int len = 1; /* Array length */
size_t i;
void **dp;
void **val;
int *elementp = DPO(data, t->offset); /* Choice enum pointer */
/* XXX We assume sizeof(enum) == sizeof(int) */
if (!*elementp || *elementp >= A1_HEADER_LEN(tos) + 1)
return; /* Unknown choice -> it's not decoded, nothing to free here */
tactual_type = tos[2*(*elementp - 1) + 2].ptr;
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
dp = DPO(data, t->offset + sizeof(*elementp));
while (sizeof(void *) != sizeof(*elementp) &&
((uintptr_t)dp) % sizeof(void *) != 0)
dp = (void *)(((char *)dp) + sizeof(*elementp));
if (*dp) {
_asn1_free(tactual_type, *dp);
free(*dp);
*dp = NULL;
}
return;
}
lenp = DPO(data, t->offset + sizeof(*elementp));
len = *lenp;
dp = DPO(data, t->offset + sizeof(*elementp) + sizeof(*lenp));
while (sizeof(void *) != sizeof(*elementp) &&
((uintptr_t)dp) % sizeof(void *) != 0)
dp = (void *)(((char *)dp) + sizeof(*elementp));
val = *dp;
for (i = 0; i < len; i++) {
if (val[i]) {
_asn1_free(tactual_type, val[i]);
free(val[i]);
}
}
free(val);
*lenp = 0;
*dp = NULL;
}
void
_asn1_free(const struct asn1_template *t, void *data)
{
size_t elements = A1_HEADER_LEN(t);
if (t->tt & A1_HF_PRESERVE)
der_free_octet_string(data);
t++;
while (elements) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_OPENTYPE_OBJSET: {
_asn1_free_open_type(t, data);
break;
}
case A1_OP_NAME: break;
case A1_OP_DEFVAL: break;
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN: {
void *el = DPO(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **pel = (void **)el;
if (*pel == NULL)
break;
el = *pel;
}
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
_asn1_free(t->ptr, el);
} else {
const struct asn1_type_func *f = t->ptr;
(f->release)(el);
}
if (t->tt & A1_FLAG_OPTIONAL)
free(el);
break;
}
case A1_OP_PARSE: {
unsigned int type = A1_PARSE_TYPE(t->tt);
void *el = DPO(data, t->offset);
if (type >= sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) {
ABORT_ON_ERROR();
break;
}
(asn1_template_prim[type].release)(el);
break;
}
case A1_OP_TAG: {
void *el = DPO(data, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **pel = (void **)el;
if (*pel == NULL)
break;
el = *pel;
}
_asn1_free(t->ptr, el);
if (t->tt & A1_FLAG_OPTIONAL)
free(el);
break;
}
case A1_OP_SETOF:
case A1_OP_SEQOF: {
struct template_of *el = DPO(data, t->offset);
size_t ellen = _asn1_sizeofType(t->ptr);
unsigned char *element = el->val;
unsigned int i;
for (i = 0; i < el->len; i++) {
_asn1_free(t->ptr, element);
element += ellen;
}
free(el->val);
el->val = NULL;
el->len = 0;
break;
}
case A1_OP_BMEMBER:
break;
case A1_OP_CHOICE: {
const struct asn1_template *choice = t->ptr;
const unsigned int *element = DPOC(data, choice->offset);
if (*element > A1_HEADER_LEN(choice))
break;
if (*element == 0) {
der_free_octet_string(DPO(data, choice->tt));
} else {
choice += *element;
_asn1_free(choice->ptr, DPO(data, choice->offset));
}
break;
}
default:
ABORT_ON_ERROR();
break;
}
t++;
elements--;
}
}
/* See commentary in _asn1_decode_open_type() */
static int
_asn1_copy_open_type(const struct asn1_template *t, /* object set template */
const void *from,
void *to)
{
const struct asn1_template *tactual_type;
const struct asn1_template *tos = t->ptr;
size_t i;
const void * const *dfromp;
const void * const *valfrom;
const unsigned int *lenfromp;
void **dtop;
void **valto;
unsigned int *lentop;
unsigned int len;
const int *efromp = DPO(from, t->offset);
int *etop = DPO(to, t->offset);
int ret = 0;
/* XXX We assume sizeof(enum) == sizeof(int) */
if (!*efromp || *efromp >= A1_HEADER_LEN(tos) + 1) {
if ((t->tt & A1_OS_OT_IS_ARRAY))
memset(etop, 0, sizeof(int) + sizeof(unsigned int) + sizeof(void *));
else
memset(etop, 0, sizeof(int) + sizeof(void *));
return 0; /* Unknown choice -> not copied */
}
tactual_type = &tos[2*(*efromp - 1) + 2];
if (!(t->tt & A1_OS_OT_IS_ARRAY)) {
dfromp = DPO(from, t->offset + sizeof(*efromp));
while (sizeof(void *) != sizeof(*efromp) &&
((uintptr_t)dfromp) % sizeof(void *) != 0)
dfromp = (void *)(((char *)dfromp) + sizeof(*efromp));
if (!*dfromp)
return 0;
dtop = DPO(to, t->offset + sizeof(*etop));
while (sizeof(void *) != sizeof(*etop) &&
((uintptr_t)dtop) % sizeof(void *) != 0)
dtop = (void *)(((char *)dtop) + sizeof(*etop));
if ((*dtop = calloc(1, tactual_type->offset)) == NULL)
ret = ENOMEM;
if (ret == 0)
ret = _asn1_copy(tactual_type->ptr, *dfromp, *dtop);
if (ret == 0)
*etop = *efromp;
return ret;
}
lenfromp = DPO(from, t->offset + sizeof(*efromp));
dfromp = DPO(from, t->offset + sizeof(*efromp) + sizeof(*lenfromp));
valfrom = *dfromp;
lentop = DPO(to, t->offset + sizeof(*etop));
dtop = DPO(to, t->offset + sizeof(*etop) + sizeof(*lentop));
*etop = *efromp;
len = *lenfromp;
*lentop = 0;
*dtop = NULL;
if ((valto = calloc(len, sizeof(valto[0]))) == NULL)
ret = ENOMEM;
for (i = 0, len = *lenfromp; ret == 0 && i < len; (*lentop)++, i++) {
if (valfrom[i] == NULL) {
valto[i] = NULL;
continue;
}
if ((valto[i] = calloc(1, tactual_type->offset)) == NULL)
ret = ENOMEM;
else
ret = _asn1_copy(tactual_type->ptr, valfrom[i], valto[i]);
}
for (i = 0; ret && i < len; i++) {
if (valto[i]) {
_asn1_free(tactual_type->ptr, valto[i]);
free(valto[i]);
}
}
if (ret)
free(valto);
else
*dtop = valto;
return ret;
}
int
_asn1_copy(const struct asn1_template *t, const void *from, void *to)
{
size_t elements = A1_HEADER_LEN(t);
int ret = 0;
int preserve = (t->tt & A1_HF_PRESERVE);
t++;
if (preserve) {
ret = der_copy_octet_string(from, to);
if (ret)
return ret;
}
while (elements) {
switch (t->tt & A1_OP_MASK) {
case A1_OP_OPENTYPE_OBJSET: {
_asn1_copy_open_type(t, from, to);
break;
}
case A1_OP_NAME: break;
case A1_OP_DEFVAL: break;
case A1_OP_TYPE:
case A1_OP_TYPE_EXTERN: {
const void *fel = DPOC(from, t->offset);
void *tel = DPO(to, t->offset);
void **ptel = (void **)tel;
size_t size;
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
size = _asn1_sizeofType(t->ptr);
} else {
const struct asn1_type_func *f = t->ptr;
size = f->size;
}
if (t->tt & A1_FLAG_OPTIONAL) {
void **pfel = (void **)fel;
if (*pfel == NULL)
break;
fel = *pfel;
tel = *ptel = calloc(1, size);
if (tel == NULL)
return ENOMEM;
}
if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
ret = _asn1_copy(t->ptr, fel, tel);
} else {
const struct asn1_type_func *f = t->ptr;
ret = (f->copy)(fel, tel);
}
if (ret) {
if (t->tt & A1_FLAG_OPTIONAL) {
free(*ptel);
*ptel = NULL;
}
return ret;
}
break;
}
case A1_OP_PARSE: {
unsigned int type = A1_PARSE_TYPE(t->tt);
const void *fel = DPOC(from, t->offset);
void *tel = DPO(to, t->offset);
if (type >= sizeof(asn1_template_prim)/sizeof(asn1_template_prim[0])) {
ABORT_ON_ERROR();
return ASN1_PARSE_ERROR;
}
ret = (asn1_template_prim[type].copy)(fel, tel);
if (ret)
return ret;
break;
}
case A1_OP_TAG: {
const void *oldfrom = from;
void *oldto = to;
void **tel = NULL;
from = DPOC(from, t->offset);
to = DPO(to, t->offset);
if (t->tt & A1_FLAG_OPTIONAL) {
void **fel = (void **)from;
tel = (void **)to;
if (*fel == NULL) {
from = oldfrom;
to = oldto;
break;
}
from = *fel;
to = *tel = calloc(1, _asn1_sizeofType(t->ptr));
if (to == NULL)
return ENOMEM;
}
ret = _asn1_copy(t->ptr, from, to);
if (ret) {
if (tel) {
free(*tel);
*tel = NULL;
}
return ret;
}
from = oldfrom;
to = oldto;
break;
}
case A1_OP_SETOF:
case A1_OP_SEQOF: {
const struct template_of *fel = DPOC(from, t->offset);
struct template_of *tel = DPO(to, t->offset);
size_t ellen = _asn1_sizeofType(t->ptr);
unsigned int i;
tel->val = calloc(fel->len, ellen);
if (tel->val == NULL)
return ENOMEM;
tel->len = fel->len;
for (i = 0; i < fel->len; i++) {
ret = _asn1_copy(t->ptr,
DPOC(fel->val, (i * ellen)),
DPO(tel->val, (i *ellen)));
if (ret)
return ret;
}
break;
}
case A1_OP_BMEMBER: {
const struct asn1_template *bmember = t->ptr;
size_t size = bmember->offset;
memcpy(to, from, size);
break;
}
case A1_OP_CHOICE: {
const struct asn1_template *choice = t->ptr;
const unsigned int *felement = DPOC(from, choice->offset);
unsigned int *telement = DPO(to, choice->offset);
if (*felement > A1_HEADER_LEN(choice))
return ASN1_PARSE_ERROR;
*telement = *felement;
if (*felement == 0) {
ret = der_copy_octet_string(DPOC(from, choice->tt), DPO(to, choice->tt));
} else {
choice += *felement;
ret = _asn1_copy(choice->ptr,
DPOC(from, choice->offset),
DPO(to, choice->offset));
}
if (ret)
return ret;
break;
}
default:
ABORT_ON_ERROR();
break;
}
t++;
elements--;
}
return 0;
}
int
_asn1_decode_top(const struct asn1_template *t, unsigned flags, const unsigned char *p, size_t len, void *data, size_t *size)
{
int ret;
memset(data, 0, t->offset);
ret = _asn1_decode(t, flags, p, len, data, size);
if (ret)
_asn1_free_top(t, data);
return ret;
}
int
_asn1_copy_top(const struct asn1_template *t, const void *from, void *to)
{
int ret;
memset(to, 0, t->offset);
ret = _asn1_copy(t, from, to);
if (ret)
_asn1_free_top(t, to);
return ret;
}
void
_asn1_free_top(const struct asn1_template *t, void *data)
{
_asn1_free(t, data);
memset(data, 0, t->offset);
}
Reference in New Issue View Git Blame Copy Permalink