| blob | 152d2527ff153e164e9a482483331aa59b7ca4ed |
1 /*
2 * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
36 /*
37 * All decoding functions take a pointer `p' to first position in
38 * which to read, from the left, `len' which means the maximum number
39 * of characters we are able to read, `ret' were the value will be
40 * returned and `size' where the number of used bytes is stored.
41 * Either 0 or an error code is returned.
42 */
44 int ASN1CALL
47 {
52 ;
61 }
63 int ASN1CALL
66 {
71 ;
80 }
82 int ASN1CALL
85 {
96 }
100 }
102 int ASN1CALL
105 {
116 }
120 }
123 int ASN1CALL
126 {
145 }
153 }
155 }
157 int ASN1CALL
159 {
164 else
168 }
170 int ASN1CALL
173 {
182 /*
183 * Allow trailing NULs. We allow this since MIT Kerberos sends
184 * an strings in the NEED_PREAUTH case that includes a
185 * trailing NUL.
186 */
188 p1++;
192 }
193 }
197 }
207 }
209 int ASN1CALL
212 {
214 }
216 #define gen_data_zero(_data) \
217 do { (_data)->length = 0; (_data)->data = NULL; } while(0)
219 int ASN1CALL
222 {
229 }
235 }
240 }
242 int ASN1CALL
245 {
247 }
249 int ASN1CALL
252 {
261 }
266 }
271 }
276 /* check for NUL in the middle of the string */
281 }
282 }
286 }
288 int ASN1CALL
291 {
300 }
305 }
310 }
315 /* check for NUL in the middle of the string */
320 }
321 }
324 }
326 int ASN1CALL
329 {
331 }
333 int ASN1CALL
336 {
346 }
348 int ASN1CALL
351 {
353 Der_type type;
354 Der_class cls;
370 }
374 depth--;
375 }
379 }
398 }
403 depth++;
407 }
412 out:
417 }
420 int ASN1CALL
423 {
442 p++;
444 }
451 }
458 p--;
459 q--;
460 }
466 p++;
468 }
475 }
477 }
481 }
483 static int
485 {
498 else
500 }
505 }
507 static int ASN1CALL
510 {
529 }
531 int ASN1CALL
534 {
536 }
538 int ASN1CALL
541 {
543 }
545 int ASN1CALL
548 {
577 /* check that we don't overflow the element */
581 }
585 }
589 }
594 }
596 int ASN1CALL
600 {
621 /* check that we don't overflow the tag */
627 }
630 }
632 int ASN1CALL
636 {
637 Der_type thistype;
644 }
646 int ASN1CALL
650 {
652 Der_class thisclass;
661 /*
662 * We do depend on ASN1_BAD_ID being returned in places where we're
663 * essentially implementing an application-level CHOICE where we try to
664 * decode one way then the other. In Heimdal this happens only in lib/hdb/
665 * where we try to decode a blob as an hdb_entry, then as an
666 * hdb_entry_alias. Applications should really not depend on this.
667 */
674 }
676 /*
677 * Returns 0 if the encoded data at `p' of length `len' starts with the tag of
678 * class `cls`, type `type', and tag value `tag', and puts the length of the
679 * payload (i.e., the length of V in TLV, not the length of TLV) in
680 * `*length_ret', and the size of the whole thing (the TLV) in `*size' if
681 * `size' is not NULL.
682 *
683 * Else returns an error.
684 */
685 int ASN1CALL
689 {
702 }
706 /*
707 * Old versions of DCE was based on a very early beta of the MIT code,
708 * which used MAVROS for ASN.1 encoding. MAVROS had the interesting
709 * feature that it encoded data in the forward direction, which has
710 * it's problems, since you have no idea how long the data will be
711 * until after you're done. MAVROS solved this by reserving one byte
712 * for length, and later, if the actual length was longer, it reverted
713 * to indefinite, BER style, lengths. The version of MAVROS used by
714 * the DCE people could apparently generate correct X.509 DER encodings, and
715 * did this by making space for the length after encoding, but
716 * unfortunately this feature wasn't used with Kerberos.
717 */
719 int
721 {
728 }
730 int ASN1CALL
733 {
743 /* check if any of the three upper bits are set
744 * any of them will cause a interger overrun */
747 /*
748 * If there is data to copy, do that now.
749 */
760 }
763 }