source4/auth/kerberos/kerberos-notes.txt: Fix typo.
[Samba.git] / source4 / heimdal / lib / asn1 / der_get.c
blob3112da86f93b4e5169e7ae2103b81d073184eb9d
1 /*
2 * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
34 #include "der_locl.h"
37 * All decoding functions take a pointer `p' to first position in
38 * which to read, from the left, `len' which means the maximum number
39 * of characters we are able to read, `ret' were the value will be
40 * returned and `size' where the number of used bytes is stored.
41 * Either 0 or an error code is returned.
44 int
45 der_get_unsigned (const unsigned char *p, size_t len,
46 unsigned *ret, size_t *size)
48 unsigned val = 0;
49 size_t oldlen = len;
51 if (len == sizeof(unsigned) + 1 && p[0] == 0)
53 else if (len > sizeof(unsigned))
54 return ASN1_OVERRUN;
56 while (len--)
57 val = val * 256 + *p++;
58 *ret = val;
59 if(size) *size = oldlen;
60 return 0;
63 int
64 der_get_integer (const unsigned char *p, size_t len,
65 int *ret, size_t *size)
67 int val = 0;
68 size_t oldlen = len;
70 if (len > sizeof(int))
71 return ASN1_OVERRUN;
73 if (len > 0) {
74 val = (signed char)*p++;
75 while (--len)
76 val = val * 256 + *p++;
78 *ret = val;
79 if(size) *size = oldlen;
80 return 0;
83 int
84 der_get_length (const unsigned char *p, size_t len,
85 size_t *val, size_t *size)
87 size_t v;
89 if (len <= 0)
90 return ASN1_OVERRUN;
91 --len;
92 v = *p++;
93 if (v < 128) {
94 *val = v;
95 if(size) *size = 1;
96 } else {
97 int e;
98 size_t l;
99 unsigned tmp;
101 if(v == 0x80){
102 *val = ASN1_INDEFINITE;
103 if(size) *size = 1;
104 return 0;
106 v &= 0x7F;
107 if (len < v)
108 return ASN1_OVERRUN;
109 e = der_get_unsigned (p, v, &tmp, &l);
110 if(e) return e;
111 *val = tmp;
112 if(size) *size = l + 1;
114 return 0;
118 der_get_boolean(const unsigned char *p, size_t len, int *data, size_t *size)
120 if(len < 1)
121 return ASN1_OVERRUN;
122 if(*p != 0)
123 *data = 1;
124 else
125 *data = 0;
126 *size = 1;
127 return 0;
131 der_get_general_string (const unsigned char *p, size_t len,
132 heim_general_string *str, size_t *size)
134 const unsigned char *p1;
135 char *s;
137 p1 = memchr(p, 0, len);
138 if (p1 != NULL) {
140 * Allow trailing NULs. We allow this since MIT Kerberos sends
141 * an strings in the NEED_PREAUTH case that includes a
142 * trailing NUL.
144 while ((size_t)(p1 - p) < len && *p1 == '\0')
145 p1++;
146 if ((size_t)(p1 - p) != len)
147 return ASN1_BAD_CHARACTER;
149 if (len > len + 1)
150 return ASN1_BAD_LENGTH;
152 s = malloc (len + 1);
153 if (s == NULL)
154 return ENOMEM;
155 memcpy (s, p, len);
156 s[len] = '\0';
157 *str = s;
158 if(size) *size = len;
159 return 0;
163 der_get_utf8string (const unsigned char *p, size_t len,
164 heim_utf8_string *str, size_t *size)
166 return der_get_general_string(p, len, str, size);
170 der_get_printable_string(const unsigned char *p, size_t len,
171 heim_printable_string *str, size_t *size)
173 str->length = len;
174 str->data = malloc(len + 1);
175 if (str->data == NULL)
176 return ENOMEM;
177 memcpy(str->data, p, len);
178 ((char *)str->data)[len] = '\0';
179 if(size) *size = len;
180 return 0;
184 der_get_ia5_string(const unsigned char *p, size_t len,
185 heim_ia5_string *str, size_t *size)
187 return der_get_printable_string(p, len, str, size);
191 der_get_bmp_string (const unsigned char *p, size_t len,
192 heim_bmp_string *data, size_t *size)
194 size_t i;
196 if (len & 1)
197 return ASN1_BAD_FORMAT;
198 data->length = len / 2;
199 if (data->length > UINT_MAX/sizeof(data->data[0]))
200 return ERANGE;
201 data->data = malloc(data->length * sizeof(data->data[0]));
202 if (data->data == NULL && data->length != 0)
203 return ENOMEM;
205 for (i = 0; i < data->length; i++) {
206 data->data[i] = (p[0] << 8) | p[1];
207 p += 2;
208 /* check for NUL in the middle of the string */
209 if (data->data[i] == 0 && i != (data->length - 1)) {
210 free(data->data);
211 data->data = NULL;
212 data->length = 0;
213 return ASN1_BAD_CHARACTER;
216 if (size) *size = len;
218 return 0;
222 der_get_universal_string (const unsigned char *p, size_t len,
223 heim_universal_string *data, size_t *size)
225 size_t i;
227 if (len & 3)
228 return ASN1_BAD_FORMAT;
229 data->length = len / 4;
230 if (data->length > UINT_MAX/sizeof(data->data[0]))
231 return ERANGE;
232 data->data = malloc(data->length * sizeof(data->data[0]));
233 if (data->data == NULL && data->length != 0)
234 return ENOMEM;
236 for (i = 0; i < data->length; i++) {
237 data->data[i] = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
238 p += 4;
239 /* check for NUL in the middle of the string */
240 if (data->data[i] == 0 && i != (data->length - 1)) {
241 free(data->data);
242 data->data = NULL;
243 data->length = 0;
244 return ASN1_BAD_CHARACTER;
247 if (size) *size = len;
248 return 0;
252 der_get_visible_string (const unsigned char *p, size_t len,
253 heim_visible_string *str, size_t *size)
255 return der_get_general_string(p, len, str, size);
259 der_get_octet_string (const unsigned char *p, size_t len,
260 heim_octet_string *data, size_t *size)
262 data->length = len;
263 data->data = malloc(len);
264 if (data->data == NULL && data->length != 0)
265 return ENOMEM;
266 memcpy (data->data, p, len);
267 if(size) *size = len;
268 return 0;
272 der_get_octet_string_ber (const unsigned char *p, size_t len,
273 heim_octet_string *data, size_t *size)
275 int e;
276 Der_type type;
277 Der_class class;
278 unsigned int tag, depth = 0;
279 size_t l, datalen, oldlen = len;
281 data->length = 0;
282 data->data = NULL;
284 while (len) {
285 e = der_get_tag (p, len, &class, &type, &tag, &l);
286 if (e) goto out;
287 if (class != ASN1_C_UNIV) {
288 e = ASN1_BAD_ID;
289 goto out;
291 if (type == PRIM && tag == UT_EndOfContent) {
292 if (depth == 0)
293 break;
294 depth--;
296 if (tag != UT_OctetString) {
297 e = ASN1_BAD_ID;
298 goto out;
301 p += l;
302 len -= l;
303 e = der_get_length (p, len, &datalen, &l);
304 if (e) goto out;
305 p += l;
306 len -= l;
308 if (datalen > len)
309 return ASN1_OVERRUN;
311 if (type == PRIM) {
312 void *ptr;
314 ptr = realloc(data->data, data->length + datalen);
315 if (ptr == NULL) {
316 e = ENOMEM;
317 goto out;
319 data->data = ptr;
320 memcpy(((unsigned char *)data->data) + data->length, p, datalen);
321 data->length += datalen;
322 } else
323 depth++;
325 p += datalen;
326 len -= datalen;
328 if (depth != 0)
329 return ASN1_INDEF_OVERRUN;
330 if(size) *size = oldlen - len;
331 return 0;
332 out:
333 free(data->data);
334 data->data = NULL;
335 data->length = 0;
336 return e;
341 der_get_heim_integer (const unsigned char *p, size_t len,
342 heim_integer *data, size_t *size)
344 data->length = 0;
345 data->negative = 0;
346 data->data = NULL;
348 if (len == 0) {
349 if (size)
350 *size = 0;
351 return 0;
353 if (p[0] & 0x80) {
354 unsigned char *q;
355 int carry = 1;
356 data->negative = 1;
358 data->length = len;
360 if (p[0] == 0xff) {
361 p++;
362 data->length--;
364 data->data = malloc(data->length);
365 if (data->data == NULL) {
366 data->length = 0;
367 if (size)
368 *size = 0;
369 return ENOMEM;
371 q = &((unsigned char*)data->data)[data->length - 1];
372 p += data->length - 1;
373 while (q >= (unsigned char*)data->data) {
374 *q = *p ^ 0xff;
375 if (carry)
376 carry = !++*q;
377 p--;
378 q--;
380 } else {
381 data->negative = 0;
382 data->length = len;
384 if (p[0] == 0) {
385 p++;
386 data->length--;
388 data->data = malloc(data->length);
389 if (data->data == NULL && data->length != 0) {
390 data->length = 0;
391 if (size)
392 *size = 0;
393 return ENOMEM;
395 memcpy(data->data, p, data->length);
397 if (size)
398 *size = len;
399 return 0;
402 static int
403 generalizedtime2time (const char *s, time_t *t)
405 struct tm tm;
407 memset(&tm, 0, sizeof(tm));
408 if (sscanf (s, "%04d%02d%02d%02d%02d%02dZ",
409 &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour,
410 &tm.tm_min, &tm.tm_sec) != 6) {
411 if (sscanf (s, "%02d%02d%02d%02d%02d%02dZ",
412 &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour,
413 &tm.tm_min, &tm.tm_sec) != 6)
414 return ASN1_BAD_TIMEFORMAT;
415 if (tm.tm_year < 50)
416 tm.tm_year += 2000;
417 else
418 tm.tm_year += 1900;
420 tm.tm_year -= 1900;
421 tm.tm_mon -= 1;
422 *t = _der_timegm (&tm);
423 return 0;
426 static int
427 der_get_time (const unsigned char *p, size_t len,
428 time_t *data, size_t *size)
430 char *times;
431 int e;
433 if (len > len + 1 || len == 0)
434 return ASN1_BAD_LENGTH;
436 times = malloc(len + 1);
437 if (times == NULL)
438 return ENOMEM;
439 memcpy(times, p, len);
440 times[len] = '\0';
441 e = generalizedtime2time(times, data);
442 free (times);
443 if(size) *size = len;
444 return e;
448 der_get_generalized_time (const unsigned char *p, size_t len,
449 time_t *data, size_t *size)
451 return der_get_time(p, len, data, size);
455 der_get_utctime (const unsigned char *p, size_t len,
456 time_t *data, size_t *size)
458 return der_get_time(p, len, data, size);
462 der_get_oid (const unsigned char *p, size_t len,
463 heim_oid *data, size_t *size)
465 size_t n;
466 size_t oldlen = len;
468 if (len < 1)
469 return ASN1_OVERRUN;
471 if (len > len + 1)
472 return ASN1_BAD_LENGTH;
474 if (len + 1 > UINT_MAX/sizeof(data->components[0]))
475 return ERANGE;
477 data->components = malloc((len + 1) * sizeof(data->components[0]));
478 if (data->components == NULL)
479 return ENOMEM;
480 data->components[0] = (*p) / 40;
481 data->components[1] = (*p) % 40;
482 --len;
483 ++p;
484 for (n = 2; len > 0; ++n) {
485 unsigned u = 0, u1;
487 do {
488 --len;
489 u1 = u * 128 + (*p++ % 128);
490 /* check that we don't overflow the element */
491 if (u1 < u) {
492 der_free_oid(data);
493 return ASN1_OVERRUN;
495 u = u1;
496 } while (len > 0 && p[-1] & 0x80);
497 data->components[n] = u;
499 if (n > 2 && p[-1] & 0x80) {
500 der_free_oid (data);
501 return ASN1_OVERRUN;
503 data->length = n;
504 if (size)
505 *size = oldlen;
506 return 0;
510 der_get_tag (const unsigned char *p, size_t len,
511 Der_class *class, Der_type *type,
512 unsigned int *tag, size_t *size)
514 size_t ret = 0;
515 if (len < 1)
516 return ASN1_OVERRUN;
517 *class = (Der_class)(((*p) >> 6) & 0x03);
518 *type = (Der_type)(((*p) >> 5) & 0x01);
519 *tag = (*p) & 0x1f;
520 p++; len--; ret++;
521 if(*tag == 0x1f) {
522 unsigned int continuation;
523 unsigned int tag1;
524 *tag = 0;
525 do {
526 if(len < 1)
527 return ASN1_OVERRUN;
528 continuation = *p & 128;
529 tag1 = *tag * 128 + (*p % 128);
530 /* check that we don't overflow the tag */
531 if (tag1 < *tag)
532 return ASN1_OVERFLOW;
533 *tag = tag1;
534 p++; len--; ret++;
535 } while(continuation);
537 if(size) *size = ret;
538 return 0;
542 der_match_tag (const unsigned char *p, size_t len,
543 Der_class class, Der_type type,
544 unsigned int tag, size_t *size)
546 Der_type thistype;
547 int e;
549 e = der_match_tag2(p, len, class, &thistype, tag, size);
550 if (e) return e;
551 if (thistype != type) return ASN1_BAD_ID;
552 return 0;
556 der_match_tag2 (const unsigned char *p, size_t len,
557 Der_class class, Der_type *type,
558 unsigned int tag, size_t *size)
560 size_t l;
561 Der_class thisclass;
562 unsigned int thistag;
563 int e;
565 e = der_get_tag (p, len, &thisclass, type, &thistag, &l);
566 if (e) return e;
567 if (class != thisclass)
568 return ASN1_BAD_ID;
569 if(tag > thistag)
570 return ASN1_MISPLACED_FIELD;
571 if(tag < thistag)
572 return ASN1_MISSING_FIELD;
573 if(size) *size = l;
574 return 0;
578 der_match_tag_and_length (const unsigned char *p, size_t len,
579 Der_class class, Der_type *type, unsigned int tag,
580 size_t *length_ret, size_t *size)
582 size_t l, ret = 0;
583 int e;
585 e = der_match_tag2 (p, len, class, type, tag, &l);
586 if (e) return e;
587 p += l;
588 len -= l;
589 ret += l;
590 e = der_get_length (p, len, length_ret, &l);
591 if (e) return e;
592 if(size) *size = ret + l;
593 return 0;
599 * Old versions of DCE was based on a very early beta of the MIT code,
600 * which used MAVROS for ASN.1 encoding. MAVROS had the interesting
601 * feature that it encoded data in the forward direction, which has
602 * it's problems, since you have no idea how long the data will be
603 * until after you're done. MAVROS solved this by reserving one byte
604 * for length, and later, if the actual length was longer, it reverted
605 * to indefinite, BER style, lengths. The version of MAVROS used by
606 * the DCE people could apparently generate correct X.509 DER encodings, and
607 * did this by making space for the length after encoding, but
608 * unfortunately this feature wasn't used with Kerberos.
612 _heim_fix_dce(size_t reallen, size_t *len)
614 if(reallen == ASN1_INDEFINITE)
615 return 1;
616 if(*len < reallen)
617 return -1;
618 *len = reallen;
619 return 0;
623 der_get_bit_string (const unsigned char *p, size_t len,
624 heim_bit_string *data, size_t *size)
626 if (len < 1)
627 return ASN1_OVERRUN;
628 if (p[0] > 7)
629 return ASN1_BAD_FORMAT;
630 if (len - 1 == 0 && p[0] != 0)
631 return ASN1_BAD_FORMAT;
632 /* check if any of the three upper bits are set
633 * any of them will cause a interger overrun */
634 if ((len - 1) >> (sizeof(len) * 8 - 3))
635 return ASN1_OVERRUN;
636 data->length = (len - 1) * 8;
637 data->data = malloc(len - 1);
638 if (data->data == NULL && (len - 1) != 0)
639 return ENOMEM;
640 /* copy data is there is data to copy */
641 if (len - 1 != 0) {
642 memcpy (data->data, p + 1, len - 1);
643 data->length -= p[0];
645 if(size) *size = len;
646 return 0;