search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix memset
[heimdal.git] / lib / asn1 / der_get.c
blob8a456d4d983d861f501f1949a43cb286b2ee39d4
1 /*
2 * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "der_locl.h"
35
36 /*
37 * All decoding functions take a pointer `p' to first position in
38 * which to read, from the left, `len' which means the maximum number
39 * of characters we are able to read, `ret' were the value will be
40 * returned and `size' where the number of used bytes is stored.
41 * Either 0 or an error code is returned.
42 */
43
44 int
45 der_get_unsigned (const unsigned char *p, size_t len,
46 unsigned *ret, size_t *size)
47 {
48 unsigned val = 0;
49 size_t oldlen = len;
50
51 if (len == sizeof(val) + 1 && p[0] == 0)
52 ;
53 else if (len > sizeof(val))
54 return ASN1_OVERRUN;
55
56 while (len--)
57 val = val * 256 + *p++;
58 *ret = val;
59 if(size) *size = oldlen;
60 return 0;
61 }
62
63 int
64 der_get_unsigned64 (const unsigned char *p, size_t len,
65 uint64_t *ret, size_t *size)
66 {
67 uint64_t val = 0;
68 size_t oldlen = len;
69
70 if (len == sizeof(val) + 1 && p[0] == 0)
71 ;
72 else if (len > sizeof(val))
73 return ASN1_OVERRUN;
74
75 while (len--)
76 val = val * 256 + *p++;
77 *ret = val;
78 if(size) *size = oldlen;
79 return 0;
80 }
81
82 int
83 der_get_integer (const unsigned char *p, size_t len,
84 int *ret, size_t *size)
85 {
86 int val = 0;
87 size_t oldlen = len;
88
89 if (len > sizeof(val))
90 return ASN1_OVERRUN;
91
92 if (len > 0) {
93 val = (signed char)*p++;
94 while (--len)
95 val = val * 256 + *p++;
96 }
97 *ret = val;
98 if(size) *size = oldlen;
99 return 0;
100 }
101
102 int
103 der_get_integer64 (const unsigned char *p, size_t len,
104 int64_t *ret, size_t *size)
105 {
106 int64_t val = 0;
107 size_t oldlen = len;
108
109 if (len > sizeof(val))
110 return ASN1_OVERRUN;
111
112 if (len > 0) {
113 val = (signed char)*p++;
114 while (--len)
115 val = val * 256 + *p++;
116 }
117 *ret = val;
118 if(size) *size = oldlen;
119 return 0;
120 }
121
122 int
123 der_get_length (const unsigned char *p, size_t len,
124 size_t *val, size_t *size)
125 {
126 size_t v;
127
128 if (len <= 0)
129 return ASN1_OVERRUN;
130 --len;
131 v = *p++;
132 if (v < 128) {
133 *val = v;
134 if(size) *size = 1;
135 } else {
136 int e;
137 size_t l;
138 unsigned tmp;
139
140 if(v == 0x80){
141 *val = ASN1_INDEFINITE;
142 if(size) *size = 1;
143 return 0;
144 }
145 v &= 0x7F;
146 if (len < v)
147 return ASN1_OVERRUN;
148 e = der_get_unsigned (p, v, &tmp, &l);
149 if(e) return e;
150 *val = tmp;
151 if(size) *size = l + 1;
152 }
153 return 0;
154 }
155
156 int
157 der_get_boolean(const unsigned char *p, size_t len, int *data, size_t *size)
158 {
159 if(len < 1)
160 return ASN1_OVERRUN;
161 if(*p != 0)
162 *data = 1;
163 else
164 *data = 0;
165 *size = 1;
166 return 0;
167 }
168
169 int
170 der_get_general_string (const unsigned char *p, size_t len,
171 heim_general_string *str, size_t *size)
172 {
173 const unsigned char *p1;
174 char *s;
175
176 p1 = memchr(p, 0, len);
177 if (p1 != NULL) {
178 /*
179 * Allow trailing NULs. We allow this since MIT Kerberos sends
180 * an strings in the NEED_PREAUTH case that includes a
181 * trailing NUL.
182 */
183 while ((size_t)(p1 - p) < len && *p1 == '\0')
184 p1++;
185 if ((size_t)(p1 - p) != len)
186 return ASN1_BAD_CHARACTER;
187 }
188 if (len > len + 1)
189 return ASN1_BAD_LENGTH;
190
191 s = malloc (len + 1);
192 if (s == NULL)
193 return ENOMEM;
194 memcpy (s, p, len);
195 s[len] = '\0';
196 *str = s;
197 if(size) *size = len;
198 return 0;
199 }
200
201 int
202 der_get_utf8string (const unsigned char *p, size_t len,
203 heim_utf8_string *str, size_t *size)
204 {
205 return der_get_general_string(p, len, str, size);
206 }
207
208 int
209 der_get_printable_string(const unsigned char *p, size_t len,
210 heim_printable_string *str, size_t *size)
211 {
212 str->length = len;
213 str->data = malloc(len + 1);
214 if (str->data == NULL)
215 return ENOMEM;
216 memcpy(str->data, p, len);
217 ((char *)str->data)[len] = '\0';
218 if(size) *size = len;
219 return 0;
220 }
221
222 int
223 der_get_ia5_string(const unsigned char *p, size_t len,
224 heim_ia5_string *str, size_t *size)
225 {
226 return der_get_printable_string(p, len, str, size);
227 }
228
229 int
230 der_get_bmp_string (const unsigned char *p, size_t len,
231 heim_bmp_string *data, size_t *size)
232 {
233 size_t i;
234
235 if (len & 1)
236 return ASN1_BAD_FORMAT;
237 data->length = len / 2;
238 if (data->length > UINT_MAX/sizeof(data->data[0]))
239 return ERANGE;
240 data->data = malloc(data->length * sizeof(data->data[0]));
241 if (data->data == NULL && data->length != 0)
242 return ENOMEM;
243
244 for (i = 0; i < data->length; i++) {
245 data->data[i] = (p[0] << 8) | p[1];
246 p += 2;
247 /* check for NUL in the middle of the string */
248 if (data->data[i] == 0 && i != (data->length - 1)) {
249 free(data->data);
250 data->data = NULL;
251 data->length = 0;
252 return ASN1_BAD_CHARACTER;
253 }
254 }
255 if (size) *size = len;
256
257 return 0;
258 }
259
260 int
261 der_get_universal_string (const unsigned char *p, size_t len,
262 heim_universal_string *data, size_t *size)
263 {
264 size_t i;
265
266 if (len & 3)
267 return ASN1_BAD_FORMAT;
268 data->length = len / 4;
269 if (data->length > UINT_MAX/sizeof(data->data[0]))
270 return ERANGE;
271 data->data = malloc(data->length * sizeof(data->data[0]));
272 if (data->data == NULL && data->length != 0)
273 return ENOMEM;
274
275 for (i = 0; i < data->length; i++) {
276 data->data[i] = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
277 p += 4;
278 /* check for NUL in the middle of the string */
279 if (data->data[i] == 0 && i != (data->length - 1)) {
280 free(data->data);
281 data->data = NULL;
282 data->length = 0;
283 return ASN1_BAD_CHARACTER;
284 }
285 }
286 if (size) *size = len;
287 return 0;
288 }
289
290 int
291 der_get_visible_string (const unsigned char *p, size_t len,
292 heim_visible_string *str, size_t *size)
293 {
294 return der_get_general_string(p, len, str, size);
295 }
296
297 int
298 der_get_octet_string (const unsigned char *p, size_t len,
299 heim_octet_string *data, size_t *size)
300 {
301 data->length = len;
302 data->data = malloc(len);
303 if (data->data == NULL && data->length != 0)
304 return ENOMEM;
305 memcpy (data->data, p, len);
306 if(size) *size = len;
307 return 0;
308 }
309
310 int
311 der_get_octet_string_ber (const unsigned char *p, size_t len,
312 heim_octet_string *data, size_t *size)
313 {
314 int e;
315 Der_type type;
316 Der_class class;
317 unsigned int tag, depth = 0;
318 size_t l, datalen, oldlen = len;
319
320 data->length = 0;
321 data->data = NULL;
322
323 while (len) {
324 e = der_get_tag (p, len, &class, &type, &tag, &l);
325 if (e) goto out;
326 if (class != ASN1_C_UNIV) {
327 e = ASN1_BAD_ID;
328 goto out;
329 }
330 if (type == PRIM && tag == UT_EndOfContent) {
331 if (depth == 0)
332 break;
333 depth--;
334 }
335 if (tag != UT_OctetString) {
336 e = ASN1_BAD_ID;
337 goto out;
338 }
339
340 p += l;
341 len -= l;
342 e = der_get_length (p, len, &datalen, &l);
343 if (e) goto out;
344 p += l;
345 len -= l;
346
347 if (datalen > len)
348 return ASN1_OVERRUN;
349
350 if (type == PRIM) {
351 void *ptr;
352
353 ptr = realloc(data->data, data->length + datalen);
354 if (ptr == NULL) {
355 e = ENOMEM;
356 goto out;
357 }
358 data->data = ptr;
359 memcpy(((unsigned char *)data->data) + data->length, p, datalen);
360 data->length += datalen;
361 } else
362 depth++;
363
364 p += datalen;
365 len -= datalen;
366 }
367 if (depth != 0)
368 return ASN1_INDEF_OVERRUN;
369 if(size) *size = oldlen - len;
370 return 0;
371 out:
372 free(data->data);
373 data->data = NULL;
374 data->length = 0;
375 return e;
376 }
377
378
379 int
380 der_get_heim_integer (const unsigned char *p, size_t len,
381 heim_integer *data, size_t *size)
382 {
383 data->length = 0;
384 data->negative = 0;
385 data->data = NULL;
386
387 if (len == 0) {
388 if (size)
389 *size = 0;
390 return 0;
391 }
392 if (p[0] & 0x80) {
393 unsigned char *q;
394 int carry = 1;
395 data->negative = 1;
396
397 data->length = len;
398
399 if (p[0] == 0xff) {
400 p++;
401 data->length--;
402 }
403 data->data = malloc(data->length);
404 if (data->data == NULL) {
405 data->length = 0;
406 if (size)
407 *size = 0;
408 return ENOMEM;
409 }
410 q = &((unsigned char*)data->data)[data->length - 1];
411 p += data->length - 1;
412 while (q >= (unsigned char*)data->data) {
413 *q = *p ^ 0xff;
414 if (carry)
415 carry = !++*q;
416 p--;
417 q--;
418 }
419 } else {
420 data->negative = 0;
421 data->length = len;
422
423 if (p[0] == 0) {
424 p++;
425 data->length--;
426 }
427 data->data = malloc(data->length);
428 if (data->data == NULL && data->length != 0) {
429 data->length = 0;
430 if (size)
431 *size = 0;
432 return ENOMEM;
433 }
434 memcpy(data->data, p, data->length);
435 }
436 if (size)
437 *size = len;
438 return 0;
439 }
440
441 static int
442 generalizedtime2time (const char *s, time_t *t)
443 {
444 struct tm tm;
445
446 memset(&tm, 0, sizeof(tm));
447 if (sscanf (s, "%04d%02d%02d%02d%02d%02dZ",
448 &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour,
449 &tm.tm_min, &tm.tm_sec) != 6) {
450 if (sscanf (s, "%02d%02d%02d%02d%02d%02dZ",
451 &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour,
452 &tm.tm_min, &tm.tm_sec) != 6)
453 return ASN1_BAD_TIMEFORMAT;
454 if (tm.tm_year < 50)
455 tm.tm_year += 2000;
456 else
457 tm.tm_year += 1900;
458 }
459 tm.tm_year -= 1900;
460 tm.tm_mon -= 1;
461 *t = _der_timegm (&tm);
462 return 0;
463 }
464
465 static int
466 der_get_time (const unsigned char *p, size_t len,
467 time_t *data, size_t *size)
468 {
469 char *times;
470 int e;
471
472 if (len > len + 1 || len == 0)
473 return ASN1_BAD_LENGTH;
474
475 times = malloc(len + 1);
476 if (times == NULL)
477 return ENOMEM;
478 memcpy(times, p, len);
479 times[len] = '\0';
480 e = generalizedtime2time(times, data);
481 free (times);
482 if(size) *size = len;
483 return e;
484 }
485
486 int
487 der_get_generalized_time (const unsigned char *p, size_t len,
488 time_t *data, size_t *size)
489 {
490 return der_get_time(p, len, data, size);
491 }
492
493 int
494 der_get_utctime (const unsigned char *p, size_t len,
495 time_t *data, size_t *size)
496 {
497 return der_get_time(p, len, data, size);
498 }
499
500 int
501 der_get_oid (const unsigned char *p, size_t len,
502 heim_oid *data, size_t *size)
503 {
504 size_t n;
505 size_t oldlen = len;
506
507 if (len < 1)
508 return ASN1_OVERRUN;
509
510 if (len > len + 1)
511 return ASN1_BAD_LENGTH;
512
513 if (len + 1 > UINT_MAX/sizeof(data->components[0]))
514 return ERANGE;
515
516 data->components = malloc((len + 1) * sizeof(data->components[0]));
517 if (data->components == NULL)
518 return ENOMEM;
519 data->components[0] = (*p) / 40;
520 data->components[1] = (*p) % 40;
521 --len;
522 ++p;
523 for (n = 2; len > 0; ++n) {
524 unsigned u = 0, u1;
525
526 do {
527 --len;
528 u1 = u * 128 + (*p++ % 128);
529 /* check that we don't overflow the element */
530 if (u1 < u) {
531 der_free_oid(data);
532 return ASN1_OVERRUN;
533 }
534 u = u1;
535 } while (len > 0 && p[-1] & 0x80);
536 data->components[n] = u;
537 }
538 if (n > 2 && p[-1] & 0x80) {
539 der_free_oid (data);
540 return ASN1_OVERRUN;
541 }
542 data->length = n;
543 if (size)
544 *size = oldlen;
545 return 0;
546 }
547
548 int
549 der_get_tag (const unsigned char *p, size_t len,
550 Der_class *class, Der_type *type,
551 unsigned int *tag, size_t *size)
552 {
553 size_t ret = 0;
554 if (len < 1)
555 return ASN1_OVERRUN;
556 *class = (Der_class)(((*p) >> 6) & 0x03);
557 *type = (Der_type)(((*p) >> 5) & 0x01);
558 *tag = (*p) & 0x1f;
559 p++; len--; ret++;
560 if(*tag == 0x1f) {
561 unsigned int continuation;
562 unsigned int tag1;
563 *tag = 0;
564 do {
565 if(len < 1)
566 return ASN1_OVERRUN;
567 continuation = *p & 128;
568 tag1 = *tag * 128 + (*p % 128);
569 /* check that we don't overflow the tag */
570 if (tag1 < *tag)
571 return ASN1_OVERFLOW;
572 *tag = tag1;
573 p++; len--; ret++;
574 } while(continuation);
575 }
576 if(size) *size = ret;
577 return 0;
578 }
579
580 int
581 der_match_tag (const unsigned char *p, size_t len,
582 Der_class class, Der_type type,
583 unsigned int tag, size_t *size)
584 {
585 Der_type thistype;
586 int e;
587
588 e = der_match_tag2(p, len, class, &thistype, tag, size);
589 if (e) return e;
590 if (thistype != type) return ASN1_BAD_ID;
591 return 0;
592 }
593
594 int
595 der_match_tag2 (const unsigned char *p, size_t len,
596 Der_class class, Der_type *type,
597 unsigned int tag, size_t *size)
598 {
599 size_t l;
600 Der_class thisclass;
601 unsigned int thistag;
602 int e;
603
604 e = der_get_tag (p, len, &thisclass, type, &thistag, &l);
605 if (e) return e;
606 if (class != thisclass)
607 return ASN1_BAD_ID;
608 if(tag > thistag)
609 return ASN1_MISPLACED_FIELD;
610 if(tag < thistag)
611 return ASN1_MISSING_FIELD;
612 if(size) *size = l;
613 return 0;
614 }
615
616 int
617 der_match_tag_and_length (const unsigned char *p, size_t len,
618 Der_class class, Der_type *type, unsigned int tag,
619 size_t *length_ret, size_t *size)
620 {
621 size_t l, ret = 0;
622 int e;
623
624 e = der_match_tag2 (p, len, class, type, tag, &l);
625 if (e) return e;
626 p += l;
627 len -= l;
628 ret += l;
629 e = der_get_length (p, len, length_ret, &l);
630 if (e) return e;
631 if(size) *size = ret + l;
632 return 0;
633 }
634
635
636
637 /*
638 * Old versions of DCE was based on a very early beta of the MIT code,
639 * which used MAVROS for ASN.1 encoding. MAVROS had the interesting
640 * feature that it encoded data in the forward direction, which has
641 * it's problems, since you have no idea how long the data will be
642 * until after you're done. MAVROS solved this by reserving one byte
643 * for length, and later, if the actual length was longer, it reverted
644 * to indefinite, BER style, lengths. The version of MAVROS used by
645 * the DCE people could apparently generate correct X.509 DER encodings, and
646 * did this by making space for the length after encoding, but
647 * unfortunately this feature wasn't used with Kerberos.
648 */
649
650 int
651 _heim_fix_dce(size_t reallen, size_t *len)
652 {
653 if(reallen == ASN1_INDEFINITE)
654 return 1;
655 if(*len < reallen)
656 return -1;
657 *len = reallen;
658 return 0;
659 }
660
661 int
662 der_get_bit_string (const unsigned char *p, size_t len,
663 heim_bit_string *data, size_t *size)
664 {
665 if (len < 1)
666 return ASN1_OVERRUN;
667 if (p[0] > 7)
668 return ASN1_BAD_FORMAT;
669 if (len - 1 == 0 && p[0] != 0)
670 return ASN1_BAD_FORMAT;
671 /* check if any of the three upper bits are set
672 * any of them will cause a interger overrun */
673 if ((len - 1) >> (sizeof(len) * 8 - 3))
674 return ASN1_OVERRUN;
675 data->length = (len - 1) * 8;
676 data->data = malloc(len - 1);
677 if (data->data == NULL && (len - 1) != 0)
678 return ENOMEM;
679 /* copy data is there is data to copy */
680 if (len - 1 != 0) {
681 memcpy (data->data, p + 1, len - 1);
682 data->length -= p[0];
683 }
684 if(size) *size = len;
685 return 0;
686 }
Heimdal