2 * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * All decoding functions take a pointer `p' to first position in
38 * which to read, from the left, `len' which means the maximum number
39 * of characters we are able to read, `ret' were the value will be
40 * returned and `size' where the number of used bytes is stored.
41 * Either 0 or an error code is returned.
45 der_get_unsigned (const unsigned char *p
, size_t len
,
46 unsigned *ret
, size_t *size
)
51 if (len
== sizeof(val
) + 1 && p
[0] == 0)
53 else if (len
> sizeof(val
))
57 val
= val
* 256 + *p
++;
59 if(size
) *size
= oldlen
;
64 der_get_unsigned64 (const unsigned char *p
, size_t len
,
65 uint64_t *ret
, size_t *size
)
70 if (len
== sizeof(val
) + 1 && p
[0] == 0)
72 else if (len
> sizeof(val
))
76 val
= val
* 256 + *p
++;
78 if(size
) *size
= oldlen
;
83 der_get_integer (const unsigned char *p
, size_t len
,
84 int *ret
, size_t *size
)
89 if (len
> sizeof(val
))
93 val
= (signed char)*p
++;
95 val
= val
* 256 + *p
++;
98 if(size
) *size
= oldlen
;
103 der_get_integer64 (const unsigned char *p
, size_t len
,
104 int64_t *ret
, size_t *size
)
109 if (len
> sizeof(val
))
113 val
= (signed char)*p
++;
115 val
= val
* 256 + *p
++;
118 if(size
) *size
= oldlen
;
124 der_get_length (const unsigned char *p
, size_t len
,
125 size_t *val
, size_t *size
)
142 *val
= ASN1_INDEFINITE
;
149 e
= der_get_unsigned (p
, v
, &tmp
, &l
);
152 if(size
) *size
= l
+ 1;
158 der_get_boolean(const unsigned char *p
, size_t len
, int *data
, size_t *size
)
171 der_get_general_string (const unsigned char *p
, size_t len
,
172 heim_general_string
*str
, size_t *size
)
174 const unsigned char *p1
;
180 p1
= memchr(p
, 0, len
);
183 * Allow trailing NULs. We allow this since MIT Kerberos sends
184 * an strings in the NEED_PREAUTH case that includes a
187 while ((size_t)(p1
- p
) < len
&& *p1
== '\0')
189 if ((size_t)(p1
- p
) != len
) {
191 return ASN1_BAD_CHARACTER
;
194 if (len
== SIZE_MAX
) {
196 return ASN1_BAD_LENGTH
;
199 *str
= s
= malloc (len
+ 1);
205 if(size
) *size
= len
;
210 der_get_utf8string (const unsigned char *p
, size_t len
,
211 heim_utf8_string
*str
, size_t *size
)
213 return der_get_general_string(p
, len
, str
, size
);
216 #define gen_data_zero(_data) \
217 do { (_data)->length = 0; (_data)->data = NULL; } while(0)
220 der_get_printable_string(const unsigned char *p
, size_t len
,
221 heim_printable_string
*str
, size_t *size
)
226 if (len
== SIZE_MAX
) {
228 return ASN1_BAD_LENGTH
;
231 str
->data
= malloc(len
+ 1);
232 if (str
->data
== NULL
) {
236 memcpy(str
->data
, p
, len
);
237 ((char *)str
->data
)[len
] = '\0';
238 if(size
) *size
= len
;
243 der_get_ia5_string(const unsigned char *p
, size_t len
,
244 heim_ia5_string
*str
, size_t *size
)
246 return der_get_printable_string(p
, len
, str
, size
);
250 der_get_bmp_string (const unsigned char *p
, size_t len
,
251 heim_bmp_string
*data
, size_t *size
)
260 return ASN1_BAD_FORMAT
;
262 data
->length
= len
/ 2;
263 if (data
->length
> UINT_MAX
/sizeof(data
->data
[0])) {
267 data
->data
= malloc(data
->length
* sizeof(data
->data
[0]));
268 if (data
->data
== NULL
&& data
->length
!= 0) {
273 for (i
= 0; i
< data
->length
; i
++) {
274 data
->data
[i
] = (p
[0] << 8) | p
[1];
276 /* check for NUL in the middle of the string */
277 if (data
->data
[i
] == 0 && i
!= (data
->length
- 1)) {
280 return ASN1_BAD_CHARACTER
;
283 if (size
) *size
= len
;
289 der_get_universal_string (const unsigned char *p
, size_t len
,
290 heim_universal_string
*data
, size_t *size
)
299 return ASN1_BAD_FORMAT
;
301 data
->length
= len
/ 4;
302 if (data
->length
> UINT_MAX
/sizeof(data
->data
[0])) {
306 data
->data
= malloc(data
->length
* sizeof(data
->data
[0]));
307 if (data
->data
== NULL
&& data
->length
!= 0) {
312 for (i
= 0; i
< data
->length
; i
++) {
313 data
->data
[i
] = (p
[0] << 24) | (p
[1] << 16) | (p
[2] << 8) | p
[3];
315 /* check for NUL in the middle of the string */
316 if (data
->data
[i
] == 0 && i
!= (data
->length
- 1)) {
319 return ASN1_BAD_CHARACTER
;
322 if (size
) *size
= len
;
327 der_get_visible_string (const unsigned char *p
, size_t len
,
328 heim_visible_string
*str
, size_t *size
)
330 return der_get_general_string(p
, len
, str
, size
);
334 der_get_octet_string (const unsigned char *p
, size_t len
,
335 heim_octet_string
*data
, size_t *size
)
340 data
->data
= malloc(len
);
341 if (data
->data
== NULL
&& data
->length
!= 0)
343 memcpy (data
->data
, p
, len
);
344 if(size
) *size
= len
;
349 der_get_octet_string_ber (const unsigned char *p
, size_t len
,
350 heim_octet_string
*data
, size_t *size
)
355 unsigned int tag
, depth
= 0;
356 size_t l
, datalen
, oldlen
= len
;
365 e
= der_get_tag (p
, len
, &cls
, &type
, &tag
, &l
);
367 if (cls
!= ASN1_C_UNIV
) {
371 if (type
== PRIM
&& tag
== UT_EndOfContent
) {
376 if (tag
!= UT_OctetString
) {
383 e
= der_get_length (p
, len
, &datalen
, &l
);
391 if (type
== PRIM
&& datalen
) {
394 ptr
= realloc(data
->data
, data
->length
+ datalen
);
400 memcpy(((unsigned char *)data
->data
) + data
->length
, p
, datalen
);
401 data
->length
+= datalen
;
402 } else if (type
!= PRIM
)
409 return ASN1_INDEF_OVERRUN
;
410 if(size
) *size
= oldlen
- len
;
421 der_get_heim_integer (const unsigned char *p
, size_t len
,
422 heim_integer
*data
, size_t *size
)
445 data
->data
= malloc(data
->length
);
446 if (data
->data
== NULL
) {
452 q
= &((unsigned char*)data
->data
)[data
->length
- 1];
453 p
+= data
->length
- 1;
454 while (q
>= (unsigned char*)data
->data
) {
469 data
->data
= malloc(data
->length
);
470 if (data
->data
== NULL
&& data
->length
!= 0) {
476 memcpy(data
->data
, p
, data
->length
);
484 generalizedtime2time (const char *s
, time_t *t
)
488 memset(&tm
, 0, sizeof(tm
));
489 if (sscanf (s
, "%04d%02d%02d%02d%02d%02dZ",
490 &tm
.tm_year
, &tm
.tm_mon
, &tm
.tm_mday
, &tm
.tm_hour
,
491 &tm
.tm_min
, &tm
.tm_sec
) != 6) {
492 if (sscanf (s
, "%02d%02d%02d%02d%02d%02dZ",
493 &tm
.tm_year
, &tm
.tm_mon
, &tm
.tm_mday
, &tm
.tm_hour
,
494 &tm
.tm_min
, &tm
.tm_sec
) != 6)
495 return ASN1_BAD_TIMEFORMAT
;
503 *t
= _der_timegm (&tm
);
508 der_get_time (const unsigned char *p
, size_t len
,
509 time_t *data
, size_t *size
)
517 if (len
== SIZE_MAX
|| len
== 0)
518 return ASN1_BAD_LENGTH
;
520 times
= malloc(len
+ 1);
523 memcpy(times
, p
, len
);
525 e
= generalizedtime2time(times
, data
);
527 if(size
) *size
= len
;
532 der_get_generalized_time (const unsigned char *p
, size_t len
,
533 time_t *data
, size_t *size
)
535 return der_get_time(p
, len
, data
, size
);
539 der_get_utctime (const unsigned char *p
, size_t len
,
540 time_t *data
, size_t *size
)
542 return der_get_time(p
, len
, data
, size
);
546 der_get_oid (const unsigned char *p
, size_t len
,
547 heim_oid
*data
, size_t *size
)
559 return ASN1_BAD_LENGTH
;
561 if (len
+ 1 > UINT_MAX
/sizeof(data
->components
[0]))
564 data
->components
= malloc((len
+ 1) * sizeof(data
->components
[0]));
565 if (data
->components
== NULL
)
567 data
->components
[0] = (*p
) / 40;
568 data
->components
[1] = (*p
) % 40;
571 for (n
= 2; len
> 0; ++n
) {
576 u1
= u
* 128 + (*p
++ % 128);
577 /* check that we don't overflow the element */
583 } while (len
> 0 && p
[-1] & 0x80);
584 data
->components
[n
] = u
;
586 if (n
> 2 && p
[-1] & 0x80) {
597 der_get_tag (const unsigned char *p
, size_t len
,
598 Der_class
*cls
, Der_type
*type
,
599 unsigned int *tag
, size_t *size
)
607 return ASN1_MISSING_FIELD
;
608 *cls
= (Der_class
)(((*p
) >> 6) & 0x03);
609 *type
= (Der_type
)(((*p
) >> 5) & 0x01);
613 unsigned int continuation
;
619 continuation
= *p
& 128;
620 tag1
= *tag
* 128 + (*p
% 128);
621 /* check that we don't overflow the tag */
623 return ASN1_OVERFLOW
;
626 } while(continuation
);
628 if(size
) *size
= ret
;
633 der_match_tag (const unsigned char *p
, size_t len
,
634 Der_class cls
, Der_type type
,
635 unsigned int tag
, size_t *size
)
640 e
= der_match_tag2(p
, len
, cls
, &thistype
, tag
, size
);
642 if (thistype
!= type
) return ASN1_BAD_ID
;
647 der_match_tag2 (const unsigned char *p
, size_t len
,
648 Der_class cls
, Der_type
*type
,
649 unsigned int tag
, size_t *size
)
653 unsigned int thistag
;
659 e
= der_get_tag(p
, len
, &thisclass
, type
, &thistag
, &l
);
662 * We do depend on ASN1_BAD_ID being returned in places where we're
663 * essentially implementing an application-level CHOICE where we try to
664 * decode one way then the other. In Heimdal this happens only in lib/hdb/
665 * where we try to decode a blob as an hdb_entry, then as an
666 * hdb_entry_alias. Applications should really not depend on this.
668 if (cls
!= thisclass
&& (cls
== ASN1_C_APPL
|| thisclass
== ASN1_C_APPL
))
670 if (cls
!= thisclass
|| tag
!= thistag
)
671 return ASN1_MISSING_FIELD
;
677 * Returns 0 if the encoded data at `p' of length `len' starts with the tag of
678 * class `cls`, type `type', and tag value `tag', and puts the length of the
679 * payload (i.e., the length of V in TLV, not the length of TLV) in
680 * `*length_ret', and the size of the whole thing (the TLV) in `*size' if
681 * `size' is not NULL.
683 * Else returns an error.
686 der_match_tag_and_length (const unsigned char *p
, size_t len
,
687 Der_class cls
, Der_type
*type
, unsigned int tag
,
688 size_t *length_ret
, size_t *size
)
693 e
= der_match_tag2 (p
, len
, cls
, type
, tag
, &l
);
698 e
= der_get_length (p
, len
, length_ret
, &l
);
700 if(size
) *size
= ret
+ l
;
707 * Old versions of DCE was based on a very early beta of the MIT code,
708 * which used MAVROS for ASN.1 encoding. MAVROS had the interesting
709 * feature that it encoded data in the forward direction, which has
710 * it's problems, since you have no idea how long the data will be
711 * until after you're done. MAVROS solved this by reserving one byte
712 * for length, and later, if the actual length was longer, it reverted
713 * to indefinite, BER style, lengths. The version of MAVROS used by
714 * the DCE people could apparently generate correct X.509 DER encodings, and
715 * did this by making space for the length after encoding, but
716 * unfortunately this feature wasn't used with Kerberos.
720 _heim_fix_dce(size_t reallen
, size_t *len
)
722 if(reallen
== ASN1_INDEFINITE
)
731 der_get_bit_string (const unsigned char *p
, size_t len
,
732 heim_bit_string
*data
, size_t *size
)
740 return ASN1_BAD_FORMAT
;
741 if (len
- 1 == 0 && p
[0] != 0)
742 return ASN1_BAD_FORMAT
;
743 /* check if any of the three upper bits are set
744 * any of them will cause a interger overrun */
745 if ((len
- 1) >> (sizeof(len
) * 8 - 3))
748 * If there is data to copy, do that now.
751 data
->length
= (len
- 1) * 8;
752 data
->data
= malloc(len
- 1);
753 if (data
->data
== NULL
)
755 memcpy (data
->data
, p
+ 1, len
- 1);
756 data
->length
-= p
[0];
761 if(size
) *size
= len
;