lib/asn1/der_put.c

   1 /*
   2  * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan
   3  * (Royal Institute of Technology, Stockholm, Sweden).
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * 3. Neither the name of the Institute nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  */
  33
  34 #include "der_locl.h"
  35
  36 RCSID("$Id$");
  37
  38 /*
  39  * All encoding functions take a pointer `p' to first position in
  40  * which to write, from the right, `len' which means the maximum
  41  * number of characters we are able to write.  The function returns
  42  * the number of characters written in `size' (if non-NULL).
  43  * The return value is 0 or an error.
  44  */
  45
  46 int ASN1CALL
  47 der_put_unsigned (unsigned char *p, size_t len, const unsigned *v, size_t *size)
  48 {
  49     unsigned char *base = p;
  50     unsigned val = *v;
  51
  52     *size = 0;
  53
  54     if (val) {
  55         while (len > 0 && val) {
  56             *p-- = val % 256;
  57             val /= 256;
  58             --len;
  59         }
  60         if (val != 0)
  61             return ASN1_OVERFLOW;
  62         else {
  63             if(p[1] >= 128) {
  64                 if(len < 1)
  65                     return ASN1_OVERFLOW;
  66                 *p-- = 0;
  67             }
  68             *size = base - p;
  69             return 0;
  70         }
  71     } else if (len < 1)
  72         return ASN1_OVERFLOW;
  73     else {
  74         *p    = 0;
  75         *size = 1;
  76         return 0;
  77     }
  78 }
  79
  80 int ASN1CALL
  81 der_put_unsigned64 (unsigned char *p, size_t len, const uint64_t *v, size_t *size)
  82 {
  83     unsigned char *base = p;
  84     uint64_t val = *v;
  85
  86     *size = 0;
  87
  88     if (val) {
  89        while (len > 0 && val) {
  90            *p-- = val % 256;
  91            val /= 256;
  92            --len;
  93        }
  94        if (val != 0)
  95            return ASN1_OVERFLOW;
  96        else {
  97            if(p[1] >= 128) {
  98                if(len < 1)
  99                    return ASN1_OVERFLOW;
 100                *p-- = 0;
 101            }
 102            *size = base - p;
 103            return 0;
 104        }
 105     } else if (len < 1)
 106        return ASN1_OVERFLOW;
 107     else {
 108        *p    = 0;
 109        *size = 1;
 110        return 0;
 111     }
 112 }
 113
 114 int ASN1CALL
 115 der_put_integer (unsigned char *p, size_t len, const int *v, size_t *size)
 116 {
 117     unsigned char *base = p;
 118     int val = *v;
 119
 120     *size = 0;
 121
 122     if(val >= 0) {
 123         do {
 124             if(len < 1)
 125                 return ASN1_OVERFLOW;
 126             *p-- = val % 256;
 127             len--;
 128             val /= 256;
 129         } while(val);
 130         if(p[1] >= 128) {
 131             if(len < 1)
 132                 return ASN1_OVERFLOW;
 133             *p-- = 0;
 134             len--;
 135         }
 136     } else {
 137         val = ~val;
 138         do {
 139             if(len < 1)
 140                 return ASN1_OVERFLOW;
 141             *p-- = ~(val % 256);
 142             len--;
 143             val /= 256;
 144         } while(val);
 145         if(p[1] < 128) {
 146             if(len < 1)
 147                 return ASN1_OVERFLOW;
 148             *p-- = 0xff;
 149             len--;
 150         }
 151     }
 152     *size = base - p;
 153     return 0;
 154 }
 155
 156 int ASN1CALL
 157 der_put_integer64 (unsigned char *p, size_t len, const int64_t *v, size_t *size)
 158 {
 159     unsigned char *base = p;
 160     int64_t val = *v;
 161
 162     *size = 0;
 163
 164     if(val >= 0) {
 165        do {
 166            if(len < 1)
 167                return ASN1_OVERFLOW;
 168            *p-- = val % 256;
 169            len--;
 170            val /= 256;
 171        } while(val);
 172        if(p[1] >= 128) {
 173            if(len < 1)
 174                return ASN1_OVERFLOW;
 175            *p-- = 0;
 176            len--;
 177        }
 178     } else {
 179        val = ~val;
 180        do {
 181            if(len < 1)
 182                return ASN1_OVERFLOW;
 183            *p-- = ~(val % 256);
 184            len--;
 185            val /= 256;
 186        } while(val);
 187        if(p[1] < 128) {
 188            if(len < 1)
 189                return ASN1_OVERFLOW;
 190            *p-- = 0xff;
 191            len--;
 192        }
 193     }
 194     *size = base - p;
 195     return 0;
 196 }
 197
 198
 199 int ASN1CALL
 200 der_put_length (unsigned char *p, size_t len, size_t val, size_t *size)
 201 {
 202     if (size)
 203         *size = 0;
 204
 205     if (len < 1)
 206         return ASN1_OVERFLOW;
 207
 208     if (val < 128) {
 209         *p = val;
 210         if (size)
 211             *size = 1;
 212     } else {
 213         size_t l = 0;
 214
 215         while(val > 0) {
 216             if(len < 2)
 217                 return ASN1_OVERFLOW;
 218             *p-- = val % 256;
 219             val /= 256;
 220             len--;
 221             l++;
 222         }
 223         *p = 0x80 | l;
 224         if(size)
 225             *size = l + 1;
 226     }
 227     return 0;
 228 }
 229
 230 int ASN1CALL
 231 der_put_boolean(unsigned char *p, size_t len, const int *data, size_t *size)
 232 {
 233     *size = 0;
 234
 235     if(len < 1)
 236         return ASN1_OVERFLOW;
 237     if(*data != 0)
 238         *p = 0xff;
 239     else
 240         *p = 0;
 241     *size = 1;
 242     return 0;
 243 }
 244
 245 int ASN1CALL
 246 der_put_general_string (unsigned char *p, size_t len,
 247                         const heim_general_string *str, size_t *size)
 248 {
 249     size_t slen;
 250
 251     assert(p != NULL && str != NULL && *str != NULL && size != NULL);
 252     *size = 0;
 253     slen = strlen(*str);
 254     if (len < slen)
 255         return ASN1_OVERFLOW;
 256     p -= slen;
 257     memcpy (p+1, *str, slen);
 258     *size = slen;
 259     return 0;
 260 }
 261
 262 int ASN1CALL
 263 der_put_utf8string (unsigned char *p, size_t len,
 264                     const heim_utf8_string *str, size_t *size)
 265 {
 266     return der_put_general_string(p, len, str, size);
 267 }
 268
 269 int ASN1CALL
 270 der_put_printable_string (unsigned char *p, size_t len,
 271                           const heim_printable_string *str, size_t *size)
 272 {
 273     return der_put_octet_string(p, len, str, size);
 274 }
 275
 276 int ASN1CALL
 277 der_put_ia5_string (unsigned char *p, size_t len,
 278                     const heim_ia5_string *str, size_t *size)
 279 {
 280     return der_put_octet_string(p, len, str, size);
 281 }
 282
 283 int ASN1CALL
 284 der_put_bmp_string (unsigned char *p, size_t len,
 285                     const heim_bmp_string *data, size_t *size)
 286 {
 287     size_t i;
 288
 289     assert(p != NULL && data != NULL);
 290
 291     if (size)
 292         *size = 0;
 293
 294     if (len / 2 < data->length)
 295         return ASN1_OVERFLOW;
 296     p -= data->length * 2;
 297     for (i = 0; i < data->length; i++) {
 298         p[1] = (data->data[i] >> 8) & 0xff;
 299         p[2] = data->data[i] & 0xff;
 300         p += 2;
 301     }
 302     if (size) *size = data->length * 2;
 303     return 0;
 304 }
 305
 306 int ASN1CALL
 307 der_put_universal_string (unsigned char *p, size_t len,
 308                           const heim_universal_string *data, size_t *size)
 309 {
 310     size_t i;
 311
 312     if (size)
 313         *size = 0;
 314
 315     if (len / 4 < data->length)
 316         return ASN1_OVERFLOW;
 317     p -= data->length * 4;
 318     for (i = 0; i < data->length; i++) {
 319         p[1] = (data->data[i] >> 24) & 0xff;
 320         p[2] = (data->data[i] >> 16) & 0xff;
 321         p[3] = (data->data[i] >> 8) & 0xff;
 322         p[4] = data->data[i] & 0xff;
 323         p += 4;
 324     }
 325     if (size) *size = data->length * 4;
 326     return 0;
 327 }
 328
 329 int ASN1CALL
 330 der_put_visible_string (unsigned char *p, size_t len,
 331                          const heim_visible_string *str, size_t *size)
 332 {
 333     return der_put_general_string(p, len, str, size);
 334 }
 335
 336 int ASN1CALL
 337 der_put_octet_string (unsigned char *p, size_t len,
 338                       const heim_octet_string *data, size_t *size)
 339 {
 340     assert(p != NULL && data != NULL && size != NULL);
 341
 342     *size = 0;
 343     if (len < data->length)
 344         return ASN1_OVERFLOW;
 345     p -= data->length;
 346     if (data->length)
 347         memcpy(p+1, data->data, data->length);
 348     *size = data->length;
 349     return 0;
 350 }
 351
 352 int ASN1CALL
 353 der_put_heim_integer (unsigned char *p, size_t len,
 354                      const heim_integer *data, size_t *size)
 355 {
 356     unsigned char *buf;
 357     int hibitset = 0;
 358
 359     assert(p != NULL);
 360
 361     if (size)
 362         *size = 0;
 363
 364     if (data->length == 0) {
 365         if (len < 1)
 366             return ASN1_OVERFLOW;
 367         *p-- = 0;
 368         if (size)
 369             *size = 1;
 370         return 0;
 371     }
 372     if (len < data->length)
 373         return ASN1_OVERFLOW;
 374
 375     assert(data->data != NULL);
 376     buf = data->data;
 377     len -= data->length;
 378
 379     if (data->negative) {
 380         ssize_t i;
 381         int carry;
 382
 383         /*
 384          * We represent the parsed integer as a positive value with a
 385          * negativity flag.  But we need to put it on the wire as the shortest
 386          * twos-complement byte sequence possible.  So we're going to negate
 387          * the number as go.
 388          */
 389         if (data->length == 1 && *(unsigned char *)data->data == 1) {
 390             *(p--) = 0xff;
 391         } else {
 392             for (i = data->length - 1, carry = 1; i >= 0; i--) {
 393                 *p = buf[i] ^ 0xff;
 394                 if (carry)
 395                     carry = !++*p;
 396                 p--;
 397             }
 398             if (p[1] < 128) {
 399                 if (len < 1)
 400                     return ASN1_OVERFLOW;
 401                 *p-- = 0xff;
 402                 len--;
 403                 hibitset = 1;
 404             }
 405         }
 406     } else {
 407         p -= data->length;
 408         memcpy(p + 1, buf, data->length);
 409
 410         if (p[1] >= 128) {
 411             if (len < 1)
 412                 return ASN1_OVERFLOW;
 413             p[0] = 0;
 414             len--;
 415             hibitset = 1;
 416         }
 417     }
 418     if (size)
 419         *size = data->length + hibitset;
 420     return 0;
 421 }
 422
 423 int ASN1CALL
 424 der_put_generalized_time (unsigned char *p, size_t len,
 425                           const time_t *data, size_t *size)
 426 {
 427     heim_octet_string k;
 428     size_t l;
 429     int e;
 430
 431     e = _heim_time2generalizedtime (*data, &k, 1);
 432     if (e)
 433         return e;
 434     e = der_put_octet_string(p, len, &k, &l);
 435     free(k.data);
 436     if(e)
 437         return e;
 438     if(size)
 439         *size = l;
 440     return 0;
 441 }
 442
 443 int ASN1CALL
 444 der_put_utctime (unsigned char *p, size_t len,
 445                  const time_t *data, size_t *size)
 446 {
 447     heim_octet_string k;
 448     size_t l;
 449     int e;
 450
 451     e = _heim_time2generalizedtime (*data, &k, 0);
 452     if (e)
 453         return e;
 454     e = der_put_octet_string(p, len, &k, &l);
 455     free(k.data);
 456     if(e)
 457         return e;
 458     if(size)
 459         *size = l;
 460     return 0;
 461 }
 462
 463 int ASN1CALL
 464 der_put_oid (unsigned char *p, size_t len,
 465              const heim_oid *data, size_t *size)
 466 {
 467     unsigned char *base = p;
 468     size_t n;
 469
 470     for (n = data->length - 1; n >= 2; --n) {
 471         unsigned u = data->components[n];
 472
 473         if (len < 1)
 474             return ASN1_OVERFLOW;
 475         *p-- = u % 128;
 476         u /= 128;
 477         --len;
 478         while (u > 0) {
 479             if (len < 1)
 480                 return ASN1_OVERFLOW;
 481             *p-- = 128 + u % 128;
 482             u /= 128;
 483             --len;
 484         }
 485     }
 486     if (len < 1)
 487         return ASN1_OVERFLOW;
 488     *p-- = 40 * data->components[0] + data->components[1];
 489     *size = base - p;
 490     return 0;
 491 }
 492
 493 /*
 494  * Output a copy of the DER TLV at `p' with a different outermost tag.
 495  *
 496  * This is used in the implementation of IMPLICIT tags in generated decoder
 497  * functions.
 498  */
 499 int ASN1CALL
 500 der_replace_tag(const unsigned char *p, size_t len,
 501                 unsigned char **out, size_t *outlen,
 502                 Der_class class, Der_type type,
 503                 unsigned int tag)
 504 {
 505     Der_class found_class;
 506     Der_type found_type;
 507     unsigned int found_tag;
 508     size_t payload_len, l, tag_len, len_len;
 509     int e;
 510
 511     assert(p != NULL && out != NULL && outlen != NULL);
 512
 513     e = der_get_tag(p, len, &found_class, &found_type, &found_tag, &l);
 514     if (e)
 515         return e;
 516     if (found_type != type)
 517         return ASN1_TYPE_MISMATCH;
 518     /* We don't care what found_class and found_tag are though */
 519     tag_len = der_length_tag(tag);
 520     p += l;
 521     len -= l;
 522     e = der_get_length(p, len, &payload_len, &len_len);
 523     if (e)
 524         return e;
 525     if (payload_len > len)
 526         return ASN1_OVERFLOW;
 527     /*
 528      * `p' now points at the payload; `*out' + the length of the tag points at
 529      * where we should copy the DER length and the payload.
 530      */
 531     if ((*out = malloc(*outlen = tag_len + len_len + payload_len)) == NULL)
 532         return ENOMEM;
 533     memcpy(*out + tag_len, p, len_len + payload_len);
 534
 535     /* Put the new tag */
 536     e = der_put_tag(*out + tag_len - 1, tag_len, class, type, tag, &l);
 537     if (e)
 538         return e;
 539     if (l != tag_len)
 540         return ASN1_OVERFLOW;
 541     return 0;
 542 }
 543
 544 #if 0
 545 int ASN1CALL
 546 der_encode_implicit(unsigned char *p, size_t len,
 547                     asn1_generic_encoder_f encoder,
 548                     void *obj, size_t *size,
 549                     Der_type type,
 550                     unsigned int ttag, Der_class iclass, unsigned int itag)
 551 {
 552     size_t ttaglen = der_length_tag(ttag);
 553     size_t itaglen = der_length_tag(itag);
 554     size_t l;
 555     unsigned char *p2;
 556     int e;
 557
 558     assert(p != NULL && size != NULL);
 559
 560     /* Attempt to encode in place */
 561     e = encoder(p, len, obj, size);
 562     if (e == 0) {
 563         /* Fits!  Rewrite tag, adjust reported size. */
 564         e = der_put_tag(p + ttaglen - 1, itaglen, iclass, type, itag, &l);
 565         if (e == 0) {
 566             (*size) -= ttaglen;
 567             (*size) += itaglen;
 568         }
 569         return e;
 570     }
 571     if (e != ASN1_OVERFLOW || itaglen <= ttaglen)
 572         return e;
 573
 574     /*
 575      * Did not fit because ttaglen > itaglen and this was the last / only thing
 576      * being encoded in a buffer of just the right size.
 577      */
 578     if ((p2 = malloc(len + ttaglen - itaglen)) == NULL)
 579         e = ENOMEM;
 580     if (e == 0)
 581         e = encoder(p2 + len + ttaglen - itaglen - 1, len + ttaglen - itaglen,
 582                     obj, size);
 583     if (e == 0)
 584         e = der_put_tag(p2 + ttaglen - 1, itaglen, iclass, type, itag, &l);
 585     if (e == 0) {
 586         (*size) -= ttaglen;
 587         (*size) += itaglen;
 588         memcpy(p - *size, p2 + ttaglen - itaglen, *size);
 589     }
 590     free(p2);
 591     return e;
 592 }
 593 #endif
 594
 595 int ASN1CALL
 596 der_put_tag (unsigned char *p, size_t len, Der_class class, Der_type type,
 597              unsigned int tag, size_t *size)
 598 {
 599     if (tag <= 30) {
 600         if (len < 1)
 601             return ASN1_OVERFLOW;
 602         *p = MAKE_TAG(class, type, tag);
 603         *size = 1;
 604     } else {
 605         size_t ret = 0;
 606         unsigned int continuation = 0;
 607
 608         do {
 609             if (len < 1)
 610                 return ASN1_OVERFLOW;
 611             *p-- = tag % 128 | continuation;
 612             len--;
 613             ret++;
 614             tag /= 128;
 615             continuation = 0x80;
 616         } while(tag > 0);
 617         if (len < 1)
 618             return ASN1_OVERFLOW;
 619         *p-- = MAKE_TAG(class, type, 0x1f);
 620         ret++;
 621         *size = ret;
 622     }
 623     return 0;
 624 }
 625
 626 int ASN1CALL
 627 der_put_length_and_tag (unsigned char *p, size_t len, size_t len_val,
 628                         Der_class class, Der_type type,
 629                         unsigned int tag, size_t *size)
 630 {
 631     size_t ret = 0;
 632     size_t l;
 633     int e;
 634
 635     e = der_put_length (p, len, len_val, &l);
 636     if(e)
 637         return e;
 638     p -= l;
 639     len -= l;
 640     ret += l;
 641     e = der_put_tag (p, len, class, type, tag, &l);
 642     if(e)
 643         return e;
 644
 645     ret += l;
 646     *size = ret;
 647     return 0;
 648 }
 649
 650 int
 651 _heim_time2generalizedtime (time_t t, heim_octet_string *s, int gtimep)
 652 {
 653      struct tm tm;
 654      const size_t len = gtimep ? 15 : 13;
 655      int bytes;
 656
 657      s->data = NULL;
 658      s->length = 0;
 659      if (_der_gmtime(t, &tm) == NULL)
 660          return ASN1_BAD_TIMEFORMAT;
 661      s->data = malloc(len + 1);
 662      if (s->data == NULL)
 663          return ENOMEM;
 664      s->length = len;
 665      if (gtimep)
 666          bytes = snprintf(s->data, len + 1, "%04d%02d%02d%02d%02d%02dZ",
 667                           tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday,
 668                           tm.tm_hour, tm.tm_min, tm.tm_sec);
 669      else
 670          bytes = snprintf(s->data, len + 1, "%02d%02d%02d%02d%02d%02dZ",
 671                           tm.tm_year % 100, tm.tm_mon + 1, tm.tm_mday,
 672                           tm.tm_hour, tm.tm_min, tm.tm_sec);
 673
 674      if (bytes > len)
 675          abort();
 676
 677      return 0;
 678 }
 679
 680 int ASN1CALL
 681 der_put_bit_string (unsigned char *p, size_t len,
 682                     const heim_bit_string *data, size_t *size)
 683 {
 684     size_t data_size;
 685
 686     assert(p != NULL && data != NULL && size != NULL);
 687
 688     *size = 0;
 689     data_size = (data->length + 7) / 8;
 690     if (len < data_size + 1)
 691         return ASN1_OVERFLOW;
 692     p -= data_size + 1;
 693
 694     memcpy (p+2, data->data, data_size);
 695     if (data->length && (data->length % 8) != 0)
 696         p[1] = 8 - (data->length % 8);
 697     else
 698         p[1] = 0;
 699     *size = data_size + 1;
 700     return 0;
 701 }
 702
 703 int
 704 _heim_der_set_sort(const void *a1, const void *a2)
 705 {
 706     const heim_octet_string *s1, *s2;
 707     int ret;
 708
 709     assert(a1 != NULL && a2 != NULL);
 710     s1 = a1;
 711     s2 = a2;
 712     ret = memcmp(s1->data, s2->data,
 713                  s1->length < s2->length ? s1->length : s2->length);
 714     if (ret != 0)
 715         return ret;
 716     return (int)(s1->length - s2->length);
 717 }