2 * Copyright (C) 2002-2014 Free Software Foundation, Inc.
4 * This file is part of LIBTASN1.
6 * The LIBTASN1 library is free software; you can redistribute it
7 * and/or modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
23 /*****************************************************/
24 /* File: decoding.c */
25 /* Description: Functions to manage DER decoding */
26 /*****************************************************/
29 #include <parser_aux.h>
31 #include <structure.h>
37 # define warn() fprintf(stderr, "%s: %d\n", __func__, __LINE__)
42 #define HAVE_TWO(x) (x>=2?1:0)
44 #define DECR_LEN(l, s) do { \
48 result = ASN1_DER_ERROR; \
54 _asn1_get_indefinite_length_string (const unsigned char *der, int der_len, int *len);
57 _asn1_error_description_tag_error (asn1_node node, char *ErrorDescription)
60 Estrcpy (ErrorDescription, ":: tag error near element '");
61 _asn1_hierarchical_name (node, ErrorDescription + strlen (ErrorDescription),
62 ASN1_MAX_ERROR_DESCRIPTION_SIZE - 40);
63 Estrcat (ErrorDescription, "'");
68 * asn1_get_length_der:
69 * @der: DER data to decode.
70 * @der_len: Length of DER data to decode.
71 * @len: Output variable containing the length of the DER length field.
73 * Extract a length field from DER data.
75 * Returns: Return the decoded length value, or -1 on indefinite
76 * length, or -2 when the value was too big to fit in a int, or -4
77 * when the decoded length value plus @len would exceed @der_len.
80 asn1_get_length_der (const unsigned char *der, int der_len, int *len)
101 { /* definite length method */
103 while (punt <= k && punt < der_len)
105 if (INT_MULTIPLY_OVERFLOW (ans, 256))
109 if (INT_ADD_OVERFLOW (ans, ((unsigned) der[punt])))
116 { /* indefinite length method */
125 if (ans >= INT_MAX || INT_ADD_OVERFLOW (sum, (*len)))
137 * @der: DER data to decode.
138 * @der_len: Length of DER data to decode.
139 * @cls: Output variable containing decoded class.
140 * @len: Output variable containing the length of the DER TAG data.
141 * @tag: Output variable containing the decoded tag.
143 * Decode the class and TAG from DER code.
145 * Returns: Returns %ASN1_SUCCESS on success, or an error.
148 asn1_get_tag_der (const unsigned char *der, int der_len,
149 unsigned char *cls, int *len, unsigned long *tag)
154 if (der == NULL || der_len < 2 || len == NULL)
155 return ASN1_DER_ERROR;
157 *cls = der[0] & 0xE0;
158 if ((der[0] & 0x1F) != 0x1F)
169 while (punt < der_len && der[punt] & 128)
172 if (INT_MULTIPLY_OVERFLOW (ris, 128))
173 return ASN1_DER_ERROR;
176 if (INT_ADD_OVERFLOW (ris, ((unsigned) (der[punt] & 0x7F))))
177 return ASN1_DER_ERROR;
178 ris += (der[punt] & 0x7F);
183 return ASN1_DER_ERROR;
185 if (INT_MULTIPLY_OVERFLOW (ris, 128))
186 return ASN1_DER_ERROR;
189 if (INT_ADD_OVERFLOW (ris, ((unsigned) (der[punt] & 0x7F))))
190 return ASN1_DER_ERROR;
191 ris += (der[punt] & 0x7F);
203 * asn1_get_length_ber:
204 * @ber: BER data to decode.
205 * @ber_len: Length of BER data to decode.
206 * @len: Output variable containing the length of the BER length field.
208 * Extract a length field from BER data. The difference to
209 * asn1_get_length_der() is that this function will return a length
210 * even if the value has indefinite encoding.
212 * Returns: Return the decoded length value, or negative value when
213 * the value was too big.
218 asn1_get_length_ber (const unsigned char *ber, int ber_len, int *len)
223 ret = asn1_get_length_der (ber, ber_len, len);
225 { /* indefinite length method */
226 err = _asn1_get_indefinite_length_string (ber + 1, ber_len, &ret);
227 if (err != ASN1_SUCCESS)
235 * asn1_get_octet_der:
236 * @der: DER data to decode containing the OCTET SEQUENCE.
237 * @der_len: Length of DER data to decode.
238 * @ret_len: Output variable containing the length of the DER data.
239 * @str: Pre-allocated output buffer to put decoded OCTET SEQUENCE in.
240 * @str_size: Length of pre-allocated output buffer.
241 * @str_len: Output variable containing the length of the OCTET SEQUENCE.
243 * Extract an OCTET SEQUENCE from DER data.
245 * Returns: Returns %ASN1_SUCCESS on success, or an error.
248 asn1_get_octet_der (const unsigned char *der, int der_len,
249 int *ret_len, unsigned char *str, int str_size,
255 return ASN1_GENERIC_ERROR;
257 *str_len = asn1_get_length_der (der, der_len, &len_len);
260 return ASN1_DER_ERROR;
262 *ret_len = *str_len + len_len;
263 if (str_size >= *str_len)
265 if (*str_len > 0 && str != NULL)
266 memcpy (str, der + len_len, *str_len);
270 return ASN1_MEM_ERROR;
276 /* Returns ASN1_SUCCESS on success or an error code on error.
279 _asn1_get_time_der (const unsigned char *der, int der_len, int *ret_len,
280 char *str, int str_size)
282 int len_len, str_len;
284 if (der_len <= 0 || str == NULL)
285 return ASN1_DER_ERROR;
287 str_len = asn1_get_length_der (der, der_len, &len_len);
288 if (str_len <= 0 || str_size < str_len)
289 return ASN1_DER_ERROR;
291 memcpy (str, der + len_len, str_len);
293 *ret_len = str_len + len_len;
299 _asn1_get_objectid_der (const unsigned char *der, int der_len, int *ret_len,
300 char *str, int str_size)
304 char temp[LTOSTR_MAX_SIZE];
305 unsigned long val, val1;
308 if (str && str_size > 0)
309 str[0] = 0; /* no oid */
311 if (str == NULL || der_len <= 0)
312 return ASN1_GENERIC_ERROR;
314 len = asn1_get_length_der (der, der_len, &len_len);
316 if (len <= 0 || len + len_len > der_len)
317 return ASN1_DER_ERROR;
319 val1 = der[len_len] / 40;
320 val = der[len_len] - val1 * 40;
322 _asn1_str_cpy (str, str_size, _asn1_ltostr (val1, temp));
323 _asn1_str_cat (str, str_size, ".");
324 _asn1_str_cat (str, str_size, _asn1_ltostr (val, temp));
328 for (k = 1; k < len; k++)
330 /* X.690 mandates that the leading byte must never be 0x80
332 if (leading != 0 && der[len_len + k] == 0x80)
333 return ASN1_DER_ERROR;
336 /* check for wrap around */
337 if (INT_LEFT_SHIFT_OVERFLOW (val, 7))
338 return ASN1_DER_ERROR;
341 val |= der[len_len + k] & 0x7F;
343 if (!(der[len_len + k] & 0x80))
345 _asn1_str_cat (str, str_size, ".");
346 _asn1_str_cat (str, str_size, _asn1_ltostr (val, temp));
352 if (INT_ADD_OVERFLOW (len, len_len))
353 return ASN1_DER_ERROR;
355 *ret_len = len + len_len;
362 * @der: DER data to decode containing the BIT SEQUENCE.
363 * @der_len: Length of DER data to decode.
364 * @ret_len: Output variable containing the length of the DER data.
365 * @str: Pre-allocated output buffer to put decoded BIT SEQUENCE in.
366 * @str_size: Length of pre-allocated output buffer.
367 * @bit_len: Output variable containing the size of the BIT SEQUENCE.
369 * Extract a BIT SEQUENCE from DER data.
371 * Returns: Return %ASN1_SUCCESS on success, or an error.
374 asn1_get_bit_der (const unsigned char *der, int der_len,
375 int *ret_len, unsigned char *str, int str_size,
378 int len_len = 0, len_byte;
381 return ASN1_GENERIC_ERROR;
383 len_byte = asn1_get_length_der (der, der_len, &len_len) - 1;
385 return ASN1_DER_ERROR;
387 *ret_len = len_byte + len_len + 1;
388 *bit_len = len_byte * 8 - der[len_len];
391 return ASN1_DER_ERROR;
393 if (str_size >= len_byte)
395 if (len_byte > 0 && str)
396 memcpy (str, der + len_len + 1, len_byte);
400 return ASN1_MEM_ERROR;
408 _asn1_extract_tag_der (asn1_node node, const unsigned char *der, int der_len,
412 int counter, len2, len3, is_tag_implicit;
414 unsigned long tag, tag_implicit = 0;
415 unsigned char class, class2, class_implicit = 0;
418 return ASN1_GENERIC_ERROR;
420 counter = is_tag_implicit = 0;
422 if (node->type & CONST_TAG)
427 if (type_field (p->type) == ASN1_ETYPE_TAG)
429 if (p->type & CONST_APPLICATION)
430 class2 = ASN1_CLASS_APPLICATION;
431 else if (p->type & CONST_UNIVERSAL)
432 class2 = ASN1_CLASS_UNIVERSAL;
433 else if (p->type & CONST_PRIVATE)
434 class2 = ASN1_CLASS_PRIVATE;
436 class2 = ASN1_CLASS_CONTEXT_SPECIFIC;
438 if (p->type & CONST_EXPLICIT)
441 (der + counter, der_len, &class, &len2,
442 &tag) != ASN1_SUCCESS)
443 return ASN1_DER_ERROR;
445 DECR_LEN(der_len, len2);
449 asn1_get_length_ber (der + counter, der_len,
452 return ASN1_DER_ERROR;
454 DECR_LEN(der_len, len2);
457 if (!is_tag_implicit)
459 if ((class != (class2 | ASN1_CLASS_STRUCTURED)) ||
460 (tag != strtoul ((char *) p->value, NULL, 10)))
461 return ASN1_TAG_ERROR;
464 { /* ASN1_TAG_IMPLICIT */
465 if ((class != class_implicit) || (tag != tag_implicit))
466 return ASN1_TAG_ERROR;
471 { /* ASN1_TAG_IMPLICIT */
472 if (!is_tag_implicit)
474 if ((type_field (node->type) == ASN1_ETYPE_SEQUENCE) ||
475 (type_field (node->type) == ASN1_ETYPE_SEQUENCE_OF)
476 || (type_field (node->type) == ASN1_ETYPE_SET)
477 || (type_field (node->type) == ASN1_ETYPE_SET_OF))
478 class2 |= ASN1_CLASS_STRUCTURED;
479 class_implicit = class2;
480 tag_implicit = strtoul ((char *) p->value, NULL, 10);
492 (der + counter, der_len, &class, &len2,
493 &tag) != ASN1_SUCCESS)
494 return ASN1_DER_ERROR;
496 DECR_LEN(der_len, len2);
498 if ((class != class_implicit) || (tag != tag_implicit))
500 if (type_field (node->type) == ASN1_ETYPE_OCTET_STRING)
502 class_implicit |= ASN1_CLASS_STRUCTURED;
503 if ((class != class_implicit) || (tag != tag_implicit))
504 return ASN1_TAG_ERROR;
507 return ASN1_TAG_ERROR;
512 unsigned type = type_field (node->type);
513 if (type == ASN1_ETYPE_TAG)
520 (der + counter, der_len, &class, &len2,
521 &tag) != ASN1_SUCCESS)
522 return ASN1_DER_ERROR;
524 DECR_LEN(der_len, len2);
528 case ASN1_ETYPE_NULL:
529 case ASN1_ETYPE_BOOLEAN:
530 case ASN1_ETYPE_INTEGER:
531 case ASN1_ETYPE_ENUMERATED:
532 case ASN1_ETYPE_OBJECT_ID:
533 case ASN1_ETYPE_GENERALSTRING:
534 case ASN1_ETYPE_NUMERIC_STRING:
535 case ASN1_ETYPE_IA5_STRING:
536 case ASN1_ETYPE_TELETEX_STRING:
537 case ASN1_ETYPE_PRINTABLE_STRING:
538 case ASN1_ETYPE_UNIVERSAL_STRING:
539 case ASN1_ETYPE_BMP_STRING:
540 case ASN1_ETYPE_UTF8_STRING:
541 case ASN1_ETYPE_VISIBLE_STRING:
542 case ASN1_ETYPE_BIT_STRING:
543 case ASN1_ETYPE_SEQUENCE:
544 case ASN1_ETYPE_SEQUENCE_OF:
546 case ASN1_ETYPE_SET_OF:
547 case ASN1_ETYPE_GENERALIZED_TIME:
548 case ASN1_ETYPE_UTC_TIME:
549 if ((class != _asn1_tags[type].class)
550 || (tag != _asn1_tags[type].tag))
551 return ASN1_DER_ERROR;
554 case ASN1_ETYPE_OCTET_STRING:
555 /* OCTET STRING is handled differently to allow
556 * BER encodings (structured class). */
557 if (((class != ASN1_CLASS_UNIVERSAL)
558 && (class != (ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED)))
559 || (tag != ASN1_TAG_OCTET_STRING))
560 return ASN1_DER_ERROR;
565 case ASN1_ETYPE_CHOICE:
569 return ASN1_DER_ERROR;
583 extract_tag_der_recursive(asn1_node node, const unsigned char *der, int der_len,
587 int ris = ASN1_DER_ERROR;
589 if (type_field (node->type) == ASN1_ETYPE_CHOICE)
594 ris = _asn1_extract_tag_der (p, der, der_len, ret_len);
595 if (ris == ASN1_SUCCESS)
604 return _asn1_extract_tag_der (node, der, der_len, ret_len);
608 _asn1_delete_not_used (asn1_node node)
613 return ASN1_ELEMENT_NOT_FOUND;
618 if (p->type & CONST_NOT_USED)
623 p2 = _asn1_find_left (p);
625 p2 = _asn1_get_up (p);
627 asn1_delete_structure (&p);
632 break; /* reach node */
648 p = _asn1_get_up (p);
667 _asn1_extract_der_octet (asn1_node node, const unsigned char *der,
671 int counter, counter_end;
674 len2 = asn1_get_length_der (der, der_len, &len3);
676 return ASN1_DER_ERROR;
681 counter_end = der_len - 2;
683 counter_end = der_len;
685 while (counter < counter_end)
687 len2 = asn1_get_length_der (der + counter, der_len, &len3);
690 return ASN1_DER_ERROR;
694 DECR_LEN(der_len, len2+len3);
695 _asn1_append_value (node, der + counter + len3, len2);
699 DECR_LEN(der_len, len3);
701 _asn1_extract_der_octet (node, der + counter + len3,
703 if (result != ASN1_SUCCESS)
708 DECR_LEN(der_len, 1);
709 counter += len2 + len3 + 1;
719 _asn1_get_octet_string (asn1_node node, const unsigned char *der, int der_len, int *len)
721 int len2, len3, counter, tot_len, indefinite;
726 if (*(der - 1) & ASN1_CLASS_STRUCTURED)
729 indefinite = asn1_get_length_der (der, der_len, &len3);
731 return ASN1_DER_ERROR;
734 DECR_LEN(der_len, len3);
741 if (indefinite == -1)
743 if (HAVE_TWO(der_len) && (der[counter] == 0) && (der[counter + 1] == 0))
746 DECR_LEN(der_len, 2);
750 else if (counter >= indefinite)
753 DECR_LEN(der_len, 1);
754 if (der[counter] != ASN1_TAG_OCTET_STRING)
755 return ASN1_DER_ERROR;
759 len2 = asn1_get_length_der (der + counter, der_len, &len3);
761 return ASN1_DER_ERROR;
763 DECR_LEN(der_len, len3 + len2);
764 counter += len3 + len2;
772 unsigned char temp[ASN1_MAX_LENGTH_SIZE];
775 len2 = sizeof (temp);
777 asn1_length_der (tot_len, temp, &len2);
778 _asn1_set_value (node, temp, len2);
780 ret = _asn1_extract_der_octet (node, der, der_len);
781 if (ret != ASN1_SUCCESS)
787 { /* NOT STRUCTURED */
788 len2 = asn1_get_length_der (der, der_len, &len3);
790 return ASN1_DER_ERROR;
792 DECR_LEN(der_len, len3+len2);
793 counter = len3 + len2;
795 _asn1_set_value (node, der, counter);
806 _asn1_get_indefinite_length_string (const unsigned char *der,
807 int der_len, int *len)
809 int len2, len3, counter, indefinite;
814 counter = indefinite = 0;
818 if (HAVE_TWO(der_len) && (der[counter] == 0) && (der[counter + 1] == 0))
821 DECR_LEN(der_len, 2);
831 (der + counter, der_len, &class, &len2,
832 &tag) != ASN1_SUCCESS)
833 return ASN1_DER_ERROR;
835 DECR_LEN(der_len, len2);
838 len2 = asn1_get_length_der (der + counter, der_len, &len3);
840 return ASN1_DER_ERROR;
846 DECR_LEN(der_len, 1);
850 counter += len2 + len3;
851 DECR_LEN(der_len, len2+len3);
862 static void delete_unneeded_choice_fields(asn1_node p)
869 asn1_delete_structure (&p2);
877 * @element: pointer to an ASN1 structure.
878 * @ider: vector that contains the DER encoding.
879 * @ider_len: number of bytes of *@ider: @ider[0]..@ider[len-1].
880 * @errorDescription: null-terminated string contains details when an
883 * Fill the structure *@element with values of a DER encoding
884 * string. The structure must just be created with function
885 * asn1_create_element().
887 * Note that the *@element variable is provided as a pointer for
888 * historical reasons.
890 * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND
891 * if @ELEMENT is %NULL, and %ASN1_TAG_ERROR or
892 * %ASN1_DER_ERROR if the der encoding doesn't match the structure
893 * name (*@ELEMENT deleted).
896 asn1_der_decoding (asn1_node * element, const void *ider, int ider_len,
897 char *errorDescription)
899 asn1_node node, p, p2, p3;
901 int counter, len2, len3, len4, move, ris, tlen;
902 asn1_node ptail = NULL;
905 int indefinite, result, total_len = ider_len;
906 const unsigned char *der = ider;
910 if (errorDescription != NULL)
911 errorDescription[0] = 0;
914 return ASN1_ELEMENT_NOT_FOUND;
916 if (node->type & CONST_OPTION)
918 result = ASN1_GENERIC_ERROR;
931 if (p->type & CONST_SET)
933 p2 = _asn1_get_up (p);
937 if (HAVE_TWO(ider_len) && !der[counter] && !der[counter + 1])
942 DECR_LEN(ider_len, 2);
946 else if (counter == len2)
952 else if (counter > len2)
954 result = ASN1_DER_ERROR;
961 if ((p2->type & CONST_SET) && (p2->type & CONST_NOT_USED))
964 extract_tag_der_recursive (p2, der + counter,
966 if (ris == ASN1_SUCCESS)
968 p2->type &= ~CONST_NOT_USED;
977 result = ASN1_DER_ERROR;
983 /* the position in the DER structure this starts */
987 if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT))
989 p2 = _asn1_get_up (p);
1001 if (p->type & CONST_OPTION)
1002 asn1_delete_structure (&p);
1009 if (type_field (p->type) == ASN1_ETYPE_CHOICE)
1014 extract_tag_der_recursive (p->down, der + counter,
1017 if (ris == ASN1_SUCCESS)
1019 delete_unneeded_choice_fields(p->down);
1022 else if (ris == ASN1_ERROR_TYPE_ANY)
1024 result = ASN1_ERROR_TYPE_ANY;
1031 asn1_delete_structure (&p2);
1035 if (p->down == NULL)
1037 if (!(p->type & CONST_OPTION))
1039 result = ASN1_DER_ERROR;
1044 else if (type_field (p->type) != ASN1_ETYPE_CHOICE)
1050 if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT))
1052 p2 = _asn1_get_up (p);
1053 len2 = p2->tmp_ival;
1055 if ((len2 != -1) && (counter > len2))
1056 ris = ASN1_TAG_ERROR;
1059 if (ris == ASN1_SUCCESS)
1061 extract_tag_der_recursive (p, der + counter, ider_len, &len2);
1063 if (ris != ASN1_SUCCESS)
1065 if (p->type & CONST_OPTION)
1067 p->type |= CONST_NOT_USED;
1070 else if (p->type & CONST_DEFAULT)
1072 _asn1_set_value (p, NULL, 0);
1077 if (errorDescription != NULL)
1078 _asn1_error_description_tag_error (p, errorDescription);
1080 result = ASN1_TAG_ERROR;
1087 DECR_LEN(ider_len, len2);
1092 if (ris == ASN1_SUCCESS)
1094 switch (type_field (p->type))
1096 case ASN1_ETYPE_NULL:
1097 DECR_LEN(ider_len, 1);
1100 result = ASN1_DER_ERROR;
1107 case ASN1_ETYPE_BOOLEAN:
1108 DECR_LEN(ider_len, 2);
1110 if (der[counter++] != 1)
1112 result = ASN1_DER_ERROR;
1116 if (der[counter++] == 0)
1117 _asn1_set_value (p, "F", 1);
1119 _asn1_set_value (p, "T", 1);
1122 case ASN1_ETYPE_INTEGER:
1123 case ASN1_ETYPE_ENUMERATED:
1125 asn1_get_length_der (der + counter, ider_len, &len3);
1128 result = ASN1_DER_ERROR;
1133 DECR_LEN(ider_len, len3+len2);
1135 _asn1_set_value (p, der + counter, len3 + len2);
1136 counter += len3 + len2;
1139 case ASN1_ETYPE_OBJECT_ID:
1141 _asn1_get_objectid_der (der + counter, ider_len, &len2,
1142 temp, sizeof (temp));
1143 if (result != ASN1_SUCCESS)
1149 DECR_LEN(ider_len, len2);
1151 tlen = strlen (temp);
1153 _asn1_set_value (p, temp, tlen + 1);
1158 case ASN1_ETYPE_GENERALIZED_TIME:
1159 case ASN1_ETYPE_UTC_TIME:
1161 _asn1_get_time_der (der + counter, ider_len, &len2, temp,
1163 if (result != ASN1_SUCCESS)
1169 DECR_LEN(ider_len, len2);
1171 tlen = strlen (temp);
1173 _asn1_set_value (p, temp, tlen);
1178 case ASN1_ETYPE_OCTET_STRING:
1179 result = _asn1_get_octet_string (p, der + counter, ider_len, &len3);
1180 if (result != ASN1_SUCCESS)
1186 DECR_LEN(ider_len, len3);
1190 case ASN1_ETYPE_GENERALSTRING:
1191 case ASN1_ETYPE_NUMERIC_STRING:
1192 case ASN1_ETYPE_IA5_STRING:
1193 case ASN1_ETYPE_TELETEX_STRING:
1194 case ASN1_ETYPE_PRINTABLE_STRING:
1195 case ASN1_ETYPE_UNIVERSAL_STRING:
1196 case ASN1_ETYPE_BMP_STRING:
1197 case ASN1_ETYPE_UTF8_STRING:
1198 case ASN1_ETYPE_VISIBLE_STRING:
1199 case ASN1_ETYPE_BIT_STRING:
1201 asn1_get_length_der (der + counter, ider_len, &len3);
1204 result = ASN1_DER_ERROR;
1209 DECR_LEN(ider_len, len3+len2);
1211 _asn1_set_value (p, der + counter, len3 + len2);
1212 counter += len3 + len2;
1215 case ASN1_ETYPE_SEQUENCE:
1216 case ASN1_ETYPE_SET:
1222 { /* indefinite length method */
1223 DECR_LEN(ider_len, 2);
1224 if ((der[counter]) || der[counter + 1])
1226 result = ASN1_DER_ERROR;
1233 { /* definite length method */
1234 if (len2 != counter)
1236 result = ASN1_DER_ERROR;
1244 { /* move==DOWN || move==RIGHT */
1246 asn1_get_length_der (der + counter, ider_len, &len2);
1249 result = ASN1_DER_ERROR;
1254 DECR_LEN(ider_len, len2);
1259 p->tmp_ival = counter + len3;
1267 if (type_field (p2->type) != ASN1_ETYPE_TAG)
1270 asn1_delete_structure (&p2);
1279 { /* indefinite length method */
1285 case ASN1_ETYPE_SEQUENCE_OF:
1286 case ASN1_ETYPE_SET_OF:
1291 { /* indefinite length method */
1292 if (!HAVE_TWO(ider_len) || ((der[counter]) || der[counter + 1]))
1294 _asn1_append_sequence_set (p, &ptail);
1301 ptail = NULL; /* finished decoding this structure */
1302 DECR_LEN(ider_len, 2);
1306 { /* definite length method */
1309 _asn1_append_sequence_set (p, &ptail);
1316 ptail = NULL; /* finished decoding this structure */
1318 if (len2 != counter)
1320 result = ASN1_DER_ERROR;
1327 { /* move==DOWN || move==RIGHT */
1329 asn1_get_length_der (der + counter, ider_len, &len2);
1332 result = ASN1_DER_ERROR;
1337 DECR_LEN(ider_len, len2);
1342 { /* definite length method */
1343 p->tmp_ival = counter + len3;
1346 { /* indefinite length method */
1350 while ((type_field (p2->type) == ASN1_ETYPE_TAG)
1351 || (type_field (p2->type) == ASN1_ETYPE_SIZE))
1353 if (p2->right == NULL)
1354 _asn1_append_sequence_set (p, &ptail);
1360 case ASN1_ETYPE_ANY:
1361 if (asn1_get_tag_der
1362 (der + counter, ider_len, &class, &len2,
1363 &tag) != ASN1_SUCCESS)
1365 result = ASN1_DER_ERROR;
1370 DECR_LEN(ider_len, len2);
1373 asn1_get_length_der (der + counter + len2,
1377 result = ASN1_DER_ERROR;
1381 if (len4 != -1) /* definite */
1385 DECR_LEN(ider_len, len4+len3);
1386 _asn1_set_value_lv (p, der + counter, len2 + len3);
1387 counter += len2 + len3;
1390 { /* indefinite length */
1391 ider_len += len2; /* undo DECR_LEN */
1395 result = ASN1_DER_ERROR;
1400 /* Check indefinite lenth method in an EXPLICIT TAG */
1401 if ((p->type & CONST_TAG) && (der[counter - 1] == 0x80))
1407 _asn1_get_indefinite_length_string (der + counter, ider_len, &len2);
1408 if (result != ASN1_SUCCESS)
1414 DECR_LEN(ider_len, len2);
1415 _asn1_set_value_lv (p, der + counter, len2);
1418 /* Check if a couple of 0x00 are present due to an EXPLICIT TAG with
1419 an indefinite length method. */
1422 DECR_LEN(ider_len, 2);
1423 if (!der[counter] && !der[counter + 1])
1429 result = ASN1_DER_ERROR;
1438 move = (move == UP) ? RIGHT : DOWN;
1445 p->end = counter - 1;
1448 if (p == node && move != DOWN)
1458 if ((move == RIGHT) && !(p->type & CONST_SET))
1466 p = _asn1_get_up (p);
1469 _asn1_delete_not_used (*element);
1474 result = ASN1_DER_ERROR;
1478 return ASN1_SUCCESS;
1481 asn1_delete_structure (element);
1486 #define SAME_BRANCH 2
1487 #define OTHER_BRANCH 3
1491 * asn1_der_decoding_element:
1492 * @structure: pointer to an ASN1 structure
1493 * @elementName: name of the element to fill
1494 * @ider: vector that contains the DER encoding of the whole structure.
1495 * @len: number of bytes of *der: der[0]..der[len-1]
1496 * @errorDescription: null-terminated string contains details when an
1499 * Fill the element named @ELEMENTNAME with values of a DER encoding
1500 * string. The structure must just be created with function
1501 * asn1_create_element(). The DER vector must contain the encoding
1502 * string of the whole @STRUCTURE. If an error occurs during the
1503 * decoding procedure, the *@STRUCTURE is deleted and set equal to
1506 * This function is deprecated and may just be an alias to asn1_der_decoding
1507 * in future versions. Use asn1_der_decoding() instead.
1509 * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND
1510 * if ELEMENT is %NULL or @elementName == NULL, and
1511 * %ASN1_TAG_ERROR or %ASN1_DER_ERROR if the der encoding doesn't
1512 * match the structure @structure (*ELEMENT deleted).
1515 asn1_der_decoding_element (asn1_node * structure, const char *elementName,
1516 const void *ider, int len, char *errorDescription)
1518 return asn1_der_decoding(structure, ider, len, errorDescription);
1522 * asn1_der_decoding_startEnd:
1523 * @element: pointer to an ASN1 element
1524 * @ider: vector that contains the DER encoding.
1525 * @ider_len: number of bytes of *@ider: @ider[0]..@ider[len-1]
1526 * @name_element: an element of NAME structure.
1527 * @start: the position of the first byte of NAME_ELEMENT decoding
1529 * @end: the position of the last byte of NAME_ELEMENT decoding
1532 * Find the start and end point of an element in a DER encoding
1533 * string. I mean that if you have a der encoding and you have already
1534 * used the function asn1_der_decoding() to fill a structure, it may
1535 * happen that you want to find the piece of string concerning an
1536 * element of the structure.
1538 * One example is the sequence "tbsCertificate" inside an X509
1541 * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND
1542 * if ELEMENT is %asn1_node EMPTY or @name_element is not a valid
1543 * element, %ASN1_TAG_ERROR or %ASN1_DER_ERROR if the der encoding
1544 * doesn't match the structure ELEMENT.
1547 asn1_der_decoding_startEnd (asn1_node element, const void *ider, int ider_len,
1548 const char *name_element, int *start, int *end)
1550 asn1_node node, node_to_find;
1551 int result = ASN1_DER_ERROR;
1556 return ASN1_ELEMENT_NOT_FOUND;
1558 node_to_find = asn1_find_node (node, name_element);
1560 if (node_to_find == NULL)
1561 return ASN1_ELEMENT_NOT_FOUND;
1563 *start = node_to_find->start;
1564 *end = node_to_find->end;
1566 if (*start == 0 && *end == 0)
1568 /* it seems asn1_der_decoding() wasn't called before. Do it now */
1569 result = asn1_der_decoding (&node, ider, ider_len, NULL);
1570 if (result != ASN1_SUCCESS)
1576 node_to_find = asn1_find_node (node, name_element);
1577 if (node_to_find == NULL)
1578 return ASN1_ELEMENT_NOT_FOUND;
1580 *start = node_to_find->start;
1581 *end = node_to_find->end;
1585 return ASN1_GENERIC_ERROR;
1587 return ASN1_SUCCESS;
1591 * asn1_expand_any_defined_by:
1592 * @definitions: ASN1 definitions
1593 * @element: pointer to an ASN1 structure
1595 * Expands every "ANY DEFINED BY" element of a structure created from
1596 * a DER decoding process (asn1_der_decoding function). The element
1597 * ANY must be defined by an OBJECT IDENTIFIER. The type used to
1598 * expand the element ANY is the first one following the definition of
1599 * the actual value of the OBJECT IDENTIFIER.
1601 * Returns: %ASN1_SUCCESS if Substitution OK, %ASN1_ERROR_TYPE_ANY if
1602 * some "ANY DEFINED BY" element couldn't be expanded due to a
1603 * problem in OBJECT_ID -> TYPE association, or other error codes
1604 * depending on DER decoding.
1607 asn1_expand_any_defined_by (asn1_node definitions, asn1_node * element)
1609 char name[2 * ASN1_MAX_NAME_SIZE + 1],
1610 value[ASN1_MAX_NAME_SIZE];
1611 int retCode = ASN1_SUCCESS, result;
1612 int len, len2, len3;
1613 asn1_node p, p2, p3, aux = NULL;
1614 char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
1615 const char *definitionsName;
1617 if ((definitions == NULL) || (*element == NULL))
1618 return ASN1_ELEMENT_NOT_FOUND;
1620 definitionsName = definitions->name;
1626 switch (type_field (p->type))
1628 case ASN1_ETYPE_ANY:
1629 if ((p->type & CONST_DEFINED_BY) && (p->value))
1631 /* search the "DEF_BY" element */
1633 while ((p2) && (type_field (p2->type) != ASN1_ETYPE_CONSTANT))
1638 retCode = ASN1_ERROR_TYPE_ANY;
1642 p3 = _asn1_get_up (p);
1646 retCode = ASN1_ERROR_TYPE_ANY;
1653 if (!(strcmp (p3->name, p2->name)))
1658 if ((!p3) || (type_field (p3->type) != ASN1_ETYPE_OBJECT_ID) ||
1659 (p3->value == NULL))
1662 p3 = _asn1_get_up (p);
1663 p3 = _asn1_get_up (p3);
1667 retCode = ASN1_ERROR_TYPE_ANY;
1675 if (!(strcmp (p3->name, p2->name)))
1680 if ((!p3) || (type_field (p3->type) != ASN1_ETYPE_OBJECT_ID)
1681 || (p3->value == NULL))
1683 retCode = ASN1_ERROR_TYPE_ANY;
1688 /* search the OBJECT_ID into definitions */
1689 p2 = definitions->down;
1692 if ((type_field (p2->type) == ASN1_ETYPE_OBJECT_ID) &&
1693 (p2->type & CONST_ASSIGN))
1695 snprintf(name, sizeof(name), "%s.%s", definitionsName, p2->name);
1697 len = ASN1_MAX_NAME_SIZE;
1699 asn1_read_value (definitions, name, value, &len);
1701 if ((result == ASN1_SUCCESS)
1702 && (!_asn1_strcmp (p3->value, value)))
1704 p2 = p2->right; /* pointer to the structure to
1705 use for expansion */
1706 while ((p2) && (p2->type & CONST_ASSIGN))
1711 snprintf(name, sizeof(name), "%s.%s", definitionsName, p2->name);
1714 asn1_create_element (definitions, name, &aux);
1715 if (result == ASN1_SUCCESS)
1717 _asn1_cpy_name (aux, p);
1719 asn1_get_length_der (p->value,
1720 p->value_len, &len3);
1722 return ASN1_DER_ERROR;
1725 asn1_der_decoding (&aux, p->value + len3,
1728 if (result == ASN1_SUCCESS)
1731 _asn1_set_right (aux, p->right);
1732 _asn1_set_right (p, aux);
1734 result = asn1_delete_structure (&p);
1735 if (result == ASN1_SUCCESS)
1742 { /* error with asn1_delete_structure */
1743 asn1_delete_structure (&aux);
1749 { /* error with asn1_der_decoding */
1755 { /* error with asn1_create_element */
1761 { /* error with the pointer to the structure to exapand */
1762 retCode = ASN1_ERROR_TYPE_ANY;
1772 retCode = ASN1_ERROR_TYPE_ANY;
1787 else if (p == *element)
1798 p = _asn1_get_up (p);
1817 * asn1_expand_octet_string:
1818 * @definitions: ASN1 definitions
1819 * @element: pointer to an ASN1 structure
1820 * @octetName: name of the OCTECT STRING field to expand.
1821 * @objectName: name of the OBJECT IDENTIFIER field to use to define
1822 * the type for expansion.
1824 * Expands an "OCTET STRING" element of a structure created from a DER
1825 * decoding process (the asn1_der_decoding() function). The type used
1826 * for expansion is the first one following the definition of the
1827 * actual value of the OBJECT IDENTIFIER indicated by OBJECTNAME.
1829 * Returns: %ASN1_SUCCESS if substitution OK, %ASN1_ELEMENT_NOT_FOUND
1830 * if @objectName or @octetName are not correct,
1831 * %ASN1_VALUE_NOT_VALID if it wasn't possible to find the type to
1832 * use for expansion, or other errors depending on DER decoding.
1835 asn1_expand_octet_string (asn1_node definitions, asn1_node * element,
1836 const char *octetName, const char *objectName)
1838 char name[2 * ASN1_MAX_NAME_SIZE + 1], value[ASN1_MAX_NAME_SIZE];
1839 int retCode = ASN1_SUCCESS, result;
1840 int len, len2, len3;
1841 asn1_node p2, aux = NULL;
1842 asn1_node octetNode = NULL, objectNode = NULL;
1843 char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
1845 if ((definitions == NULL) || (*element == NULL))
1846 return ASN1_ELEMENT_NOT_FOUND;
1848 octetNode = asn1_find_node (*element, octetName);
1849 if (octetNode == NULL)
1850 return ASN1_ELEMENT_NOT_FOUND;
1851 if (type_field (octetNode->type) != ASN1_ETYPE_OCTET_STRING)
1852 return ASN1_ELEMENT_NOT_FOUND;
1853 if (octetNode->value == NULL)
1854 return ASN1_VALUE_NOT_FOUND;
1856 objectNode = asn1_find_node (*element, objectName);
1857 if (objectNode == NULL)
1858 return ASN1_ELEMENT_NOT_FOUND;
1860 if (type_field (objectNode->type) != ASN1_ETYPE_OBJECT_ID)
1861 return ASN1_ELEMENT_NOT_FOUND;
1863 if (objectNode->value == NULL)
1864 return ASN1_VALUE_NOT_FOUND;
1867 /* search the OBJECT_ID into definitions */
1868 p2 = definitions->down;
1871 if ((type_field (p2->type) == ASN1_ETYPE_OBJECT_ID) &&
1872 (p2->type & CONST_ASSIGN))
1874 strcpy (name, definitions->name);
1876 strcat (name, p2->name);
1878 len = sizeof (value);
1879 result = asn1_read_value (definitions, name, value, &len);
1881 if ((result == ASN1_SUCCESS)
1882 && (!_asn1_strcmp (objectNode->value, value)))
1885 p2 = p2->right; /* pointer to the structure to
1886 use for expansion */
1887 while ((p2) && (p2->type & CONST_ASSIGN))
1892 strcpy (name, definitions->name);
1894 strcat (name, p2->name);
1896 result = asn1_create_element (definitions, name, &aux);
1897 if (result == ASN1_SUCCESS)
1899 _asn1_cpy_name (aux, octetNode);
1901 asn1_get_length_der (octetNode->value,
1902 octetNode->value_len, &len3);
1904 return ASN1_DER_ERROR;
1907 asn1_der_decoding (&aux, octetNode->value + len3,
1908 len2, errorDescription);
1909 if (result == ASN1_SUCCESS)
1912 _asn1_set_right (aux, octetNode->right);
1913 _asn1_set_right (octetNode, aux);
1915 result = asn1_delete_structure (&octetNode);
1916 if (result == ASN1_SUCCESS)
1922 { /* error with asn1_delete_structure */
1923 asn1_delete_structure (&aux);
1929 { /* error with asn1_der_decoding */
1935 { /* error with asn1_create_element */
1941 { /* error with the pointer to the structure to exapand */
1942 retCode = ASN1_VALUE_NOT_VALID;
1953 retCode = ASN1_VALUE_NOT_VALID;
1959 * asn1_decode_simple_der:
1960 * @etype: The type of the string to be encoded (ASN1_ETYPE_)
1961 * @der: the encoded string
1962 * @der_len: the bytes of the encoded string
1963 * @str: a pointer to the data
1964 * @str_len: the length of the data
1966 * Decodes a simple DER encoded type (e.g. a string, which is not constructed).
1967 * The output is a pointer inside the @der.
1969 * Returns: %ASN1_SUCCESS if successful or an error value.
1972 asn1_decode_simple_der (unsigned int etype, const unsigned char *der,
1973 unsigned int der_len, const unsigned char **str,
1974 unsigned int *str_len)
1976 int tag_len, len_len;
1977 const unsigned char *p;
1978 unsigned char class;
1982 if (der == NULL || der_len == 0)
1983 return ASN1_VALUE_NOT_VALID;
1985 if (ETYPE_OK (etype) == 0)
1986 return ASN1_VALUE_NOT_VALID;
1988 /* doesn't handle constructed classes */
1989 if (ETYPE_CLASS (etype) != ASN1_CLASS_UNIVERSAL)
1990 return ASN1_VALUE_NOT_VALID;
1993 ret = asn1_get_tag_der (p, der_len, &class, &tag_len, &tag);
1994 if (ret != ASN1_SUCCESS)
1997 if (class != ETYPE_CLASS (etype) || tag != ETYPE_TAG (etype))
1998 return ASN1_DER_ERROR;
2003 ret = asn1_get_length_der (p, der_len, &len_len);
2005 return ASN1_DER_ERROR;
2013 return ASN1_SUCCESS;