2 * Copyright (C) 2002-2014 Free Software Foundation, Inc.
4 * This file is part of LIBTASN1.
6 * The LIBTASN1 library is free software; you can redistribute it
7 * and/or modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
23 /*****************************************************/
24 /* File: decoding.c */
25 /* Description: Functions to manage DER decoding */
26 /*****************************************************/
29 #include <parser_aux.h>
31 #include <structure.h>
37 # define warn() fprintf(stderr, "%s: %d\n", __func__, __LINE__)
42 #define HAVE_TWO(x) (x>=2?1:0)
44 #define DECR_LEN(l, s) do { \
48 result = ASN1_DER_ERROR; \
54 _asn1_get_indefinite_length_string (const unsigned char *der, int der_len, int *len);
57 _asn1_error_description_tag_error (asn1_node node, char *ErrorDescription)
60 Estrcpy (ErrorDescription, ":: tag error near element '");
61 _asn1_hierarchical_name (node, ErrorDescription + strlen (ErrorDescription),
62 ASN1_MAX_ERROR_DESCRIPTION_SIZE - 40);
63 Estrcat (ErrorDescription, "'");
68 * asn1_get_length_der:
69 * @der: DER data to decode.
70 * @der_len: Length of DER data to decode.
71 * @len: Output variable containing the length of the DER length field.
73 * Extract a length field from DER data.
75 * Returns: Return the decoded length value, or -1 on indefinite
76 * length, or -2 when the value was too big to fit in a int, or -4
77 * when the decoded length value plus @len would exceed @der_len.
80 asn1_get_length_der (const unsigned char *der, int der_len, int *len)
101 { /* definite length method */
103 while (punt <= k && punt < der_len)
105 if (INT_MULTIPLY_OVERFLOW (ans, 256))
109 if (INT_ADD_OVERFLOW (ans, ((unsigned) der[punt])))
116 { /* indefinite length method */
125 if (ans >= INT_MAX || INT_ADD_OVERFLOW (sum, (*len)))
137 * @der: DER data to decode.
138 * @der_len: Length of DER data to decode.
139 * @cls: Output variable containing decoded class.
140 * @len: Output variable containing the length of the DER TAG data.
141 * @tag: Output variable containing the decoded tag.
143 * Decode the class and TAG from DER code.
145 * Returns: Returns %ASN1_SUCCESS on success, or an error.
148 asn1_get_tag_der (const unsigned char *der, int der_len,
149 unsigned char *cls, int *len, unsigned long *tag)
154 if (der == NULL || der_len < 2 || len == NULL)
155 return ASN1_DER_ERROR;
157 *cls = der[0] & 0xE0;
158 if ((der[0] & 0x1F) != 0x1F)
169 while (punt < der_len && der[punt] & 128)
172 if (INT_MULTIPLY_OVERFLOW (ris, 128))
173 return ASN1_DER_ERROR;
176 if (INT_ADD_OVERFLOW (ris, ((unsigned) (der[punt] & 0x7F))))
177 return ASN1_DER_ERROR;
178 ris += (der[punt] & 0x7F);
183 return ASN1_DER_ERROR;
185 if (INT_MULTIPLY_OVERFLOW (ris, 128))
186 return ASN1_DER_ERROR;
189 if (INT_ADD_OVERFLOW (ris, ((unsigned) (der[punt] & 0x7F))))
190 return ASN1_DER_ERROR;
191 ris += (der[punt] & 0x7F);
203 * asn1_get_length_ber:
204 * @ber: BER data to decode.
205 * @ber_len: Length of BER data to decode.
206 * @len: Output variable containing the length of the BER length field.
208 * Extract a length field from BER data. The difference to
209 * asn1_get_length_der() is that this function will return a length
210 * even if the value has indefinite encoding.
212 * Returns: Return the decoded length value, or negative value when
213 * the value was too big.
218 asn1_get_length_ber (const unsigned char *ber, int ber_len, int *len)
223 ret = asn1_get_length_der (ber, ber_len, len);
225 { /* indefinite length method */
226 err = _asn1_get_indefinite_length_string (ber + 1, ber_len, &ret);
227 if (err != ASN1_SUCCESS)
235 * asn1_get_octet_der:
236 * @der: DER data to decode containing the OCTET SEQUENCE.
237 * @der_len: Length of DER data to decode.
238 * @ret_len: Output variable containing the length of the DER data.
239 * @str: Pre-allocated output buffer to put decoded OCTET SEQUENCE in.
240 * @str_size: Length of pre-allocated output buffer.
241 * @str_len: Output variable containing the length of the OCTET SEQUENCE.
243 * Extract an OCTET SEQUENCE from DER data.
245 * Returns: Returns %ASN1_SUCCESS on success, or an error.
248 asn1_get_octet_der (const unsigned char *der, int der_len,
249 int *ret_len, unsigned char *str, int str_size,
255 return ASN1_GENERIC_ERROR;
257 *str_len = asn1_get_length_der (der, der_len, &len_len);
260 return ASN1_DER_ERROR;
262 *ret_len = *str_len + len_len;
263 if (str_size >= *str_len)
265 if (*str_len > 0 && str != NULL)
266 memcpy (str, der + len_len, *str_len);
270 return ASN1_MEM_ERROR;
276 /* Returns ASN1_SUCCESS on success or an error code on error.
279 _asn1_get_time_der (const unsigned char *der, int der_len, int *ret_len,
280 char *str, int str_size)
282 int len_len, str_len;
284 if (der_len <= 0 || str == NULL)
285 return ASN1_DER_ERROR;
287 str_len = asn1_get_length_der (der, der_len, &len_len);
288 if (str_len <= 0 || str_size < str_len)
289 return ASN1_DER_ERROR;
291 memcpy (str, der + len_len, str_len);
293 *ret_len = str_len + len_len;
299 _asn1_get_objectid_der (const unsigned char *der, int der_len, int *ret_len,
300 char *str, int str_size)
304 char temp[LTOSTR_MAX_SIZE];
305 unsigned long val, val1;
308 if (str && str_size > 0)
309 str[0] = 0; /* no oid */
311 if (str == NULL || der_len <= 0)
312 return ASN1_GENERIC_ERROR;
314 len = asn1_get_length_der (der, der_len, &len_len);
316 if (len <= 0 || len + len_len > der_len)
317 return ASN1_DER_ERROR;
319 val1 = der[len_len] / 40;
320 val = der[len_len] - val1 * 40;
322 _asn1_str_cpy (str, str_size, _asn1_ltostr (val1, temp));
323 _asn1_str_cat (str, str_size, ".");
324 _asn1_str_cat (str, str_size, _asn1_ltostr (val, temp));
328 for (k = 1; k < len; k++)
330 /* X.690 mandates that the leading byte must never be 0x80
332 if (leading != 0 && der[len_len + k] == 0x80)
333 return ASN1_DER_ERROR;
336 /* check for wrap around */
337 if (INT_LEFT_SHIFT_OVERFLOW (val, 7))
338 return ASN1_DER_ERROR;
341 val |= der[len_len + k] & 0x7F;
343 if (!(der[len_len + k] & 0x80))
345 _asn1_str_cat (str, str_size, ".");
346 _asn1_str_cat (str, str_size, _asn1_ltostr (val, temp));
352 if (INT_ADD_OVERFLOW (len, len_len))
353 return ASN1_DER_ERROR;
355 *ret_len = len + len_len;
362 * @der: DER data to decode containing the BIT SEQUENCE.
363 * @der_len: Length of DER data to decode.
364 * @ret_len: Output variable containing the length of the DER data.
365 * @str: Pre-allocated output buffer to put decoded BIT SEQUENCE in.
366 * @str_size: Length of pre-allocated output buffer.
367 * @bit_len: Output variable containing the size of the BIT SEQUENCE.
369 * Extract a BIT SEQUENCE from DER data.
371 * Returns: Return %ASN1_SUCCESS on success, or an error.
374 asn1_get_bit_der (const unsigned char *der, int der_len,
375 int *ret_len, unsigned char *str, int str_size,
378 int len_len = 0, len_byte;
381 return ASN1_GENERIC_ERROR;
383 len_byte = asn1_get_length_der (der, der_len, &len_len) - 1;
385 return ASN1_DER_ERROR;
387 *ret_len = len_byte + len_len + 1;
388 *bit_len = len_byte * 8 - der[len_len];
391 return ASN1_DER_ERROR;
393 if (str_size >= len_byte)
395 if (len_byte > 0 && str)
396 memcpy (str, der + len_len + 1, len_byte);
400 return ASN1_MEM_ERROR;
408 _asn1_extract_tag_der (asn1_node node, const unsigned char *der, int der_len,
412 int counter, len2, len3, is_tag_implicit;
414 unsigned long tag, tag_implicit = 0;
415 unsigned char class, class2, class_implicit = 0;
418 return ASN1_GENERIC_ERROR;
420 counter = is_tag_implicit = 0;
422 if (node->type & CONST_TAG)
427 if (type_field (p->type) == ASN1_ETYPE_TAG)
429 if (p->type & CONST_APPLICATION)
430 class2 = ASN1_CLASS_APPLICATION;
431 else if (p->type & CONST_UNIVERSAL)
432 class2 = ASN1_CLASS_UNIVERSAL;
433 else if (p->type & CONST_PRIVATE)
434 class2 = ASN1_CLASS_PRIVATE;
436 class2 = ASN1_CLASS_CONTEXT_SPECIFIC;
438 if (p->type & CONST_EXPLICIT)
441 (der + counter, der_len, &class, &len2,
442 &tag) != ASN1_SUCCESS)
443 return ASN1_DER_ERROR;
445 DECR_LEN(der_len, len2);
449 asn1_get_length_ber (der + counter, der_len,
452 return ASN1_DER_ERROR;
454 DECR_LEN(der_len, len2);
457 if (!is_tag_implicit)
459 if ((class != (class2 | ASN1_CLASS_STRUCTURED)) ||
460 (tag != strtoul ((char *) p->value, NULL, 10)))
461 return ASN1_TAG_ERROR;
464 { /* ASN1_TAG_IMPLICIT */
465 if ((class != class_implicit) || (tag != tag_implicit))
466 return ASN1_TAG_ERROR;
471 { /* ASN1_TAG_IMPLICIT */
472 if (!is_tag_implicit)
474 if ((type_field (node->type) == ASN1_ETYPE_SEQUENCE) ||
475 (type_field (node->type) == ASN1_ETYPE_SEQUENCE_OF)
476 || (type_field (node->type) == ASN1_ETYPE_SET)
477 || (type_field (node->type) == ASN1_ETYPE_SET_OF))
478 class2 |= ASN1_CLASS_STRUCTURED;
479 class_implicit = class2;
480 tag_implicit = strtoul ((char *) p->value, NULL, 10);
492 (der + counter, der_len, &class, &len2,
493 &tag) != ASN1_SUCCESS)
494 return ASN1_DER_ERROR;
496 DECR_LEN(der_len, len2);
498 if ((class != class_implicit) || (tag != tag_implicit))
500 if (type_field (node->type) == ASN1_ETYPE_OCTET_STRING)
502 class_implicit |= ASN1_CLASS_STRUCTURED;
503 if ((class != class_implicit) || (tag != tag_implicit))
504 return ASN1_TAG_ERROR;
507 return ASN1_TAG_ERROR;
512 unsigned type = type_field (node->type);
513 if (type == ASN1_ETYPE_TAG)
520 (der + counter, der_len, &class, &len2,
521 &tag) != ASN1_SUCCESS)
522 return ASN1_DER_ERROR;
524 DECR_LEN(der_len, len2);
528 case ASN1_ETYPE_NULL:
529 case ASN1_ETYPE_BOOLEAN:
530 case ASN1_ETYPE_INTEGER:
531 case ASN1_ETYPE_ENUMERATED:
532 case ASN1_ETYPE_OBJECT_ID:
533 case ASN1_ETYPE_GENERALSTRING:
534 case ASN1_ETYPE_NUMERIC_STRING:
535 case ASN1_ETYPE_IA5_STRING:
536 case ASN1_ETYPE_TELETEX_STRING:
537 case ASN1_ETYPE_PRINTABLE_STRING:
538 case ASN1_ETYPE_UNIVERSAL_STRING:
539 case ASN1_ETYPE_BMP_STRING:
540 case ASN1_ETYPE_UTF8_STRING:
541 case ASN1_ETYPE_VISIBLE_STRING:
542 case ASN1_ETYPE_BIT_STRING:
543 case ASN1_ETYPE_SEQUENCE:
544 case ASN1_ETYPE_SEQUENCE_OF:
546 case ASN1_ETYPE_SET_OF:
547 case ASN1_ETYPE_GENERALIZED_TIME:
548 case ASN1_ETYPE_UTC_TIME:
549 if ((class != _asn1_tags[type].class)
550 || (tag != _asn1_tags[type].tag))
551 return ASN1_DER_ERROR;
554 case ASN1_ETYPE_OCTET_STRING:
555 /* OCTET STRING is handled differently to allow
556 * BER encodings (structured class). */
557 if (((class != ASN1_CLASS_UNIVERSAL)
558 && (class != (ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED)))
559 || (tag != ASN1_TAG_OCTET_STRING))
560 return ASN1_DER_ERROR;
565 case ASN1_ETYPE_CHOICE:
569 return ASN1_DER_ERROR;
583 extract_tag_der_recursive(asn1_node node, const unsigned char *der, int der_len,
587 int ris = ASN1_DER_ERROR;
589 if (type_field (node->type) == ASN1_ETYPE_CHOICE)
594 ris = _asn1_extract_tag_der (p, der, der_len, ret_len);
595 if (ris == ASN1_SUCCESS)
604 return _asn1_extract_tag_der (node, der, der_len, ret_len);
608 _asn1_delete_not_used (asn1_node node)
613 return ASN1_ELEMENT_NOT_FOUND;
618 if (p->type & CONST_NOT_USED)
623 p2 = _asn1_find_left (p);
625 p2 = _asn1_get_up (p);
627 asn1_delete_structure (&p);
632 break; /* reach node */
648 p = _asn1_get_up (p);
667 _asn1_extract_der_octet (asn1_node node, const unsigned char *der,
671 int counter, counter_end;
674 len2 = asn1_get_length_der (der, der_len, &len3);
676 return ASN1_DER_ERROR;
681 counter_end = der_len - 2;
683 counter_end = der_len;
685 while (counter < counter_end)
687 len2 = asn1_get_length_der (der + counter, der_len, &len3);
690 return ASN1_DER_ERROR;
694 DECR_LEN(der_len, len2+len3);
695 _asn1_append_value (node, der + counter + len3, len2);
699 DECR_LEN(der_len, len3);
701 _asn1_extract_der_octet (node, der + counter + len3,
703 if (result != ASN1_SUCCESS)
708 DECR_LEN(der_len, 1);
709 counter += len2 + len3 + 1;
719 _asn1_get_octet_string (asn1_node node, const unsigned char *der, int der_len, int *len)
721 int len2, len3, counter, tot_len, indefinite;
726 if (*(der - 1) & ASN1_CLASS_STRUCTURED)
729 indefinite = asn1_get_length_der (der, der_len, &len3);
731 return ASN1_DER_ERROR;
734 DECR_LEN(der_len, len3);
741 if (indefinite == -1)
743 if (HAVE_TWO(der_len) && (der[counter] == 0) && (der[counter + 1] == 0))
746 DECR_LEN(der_len, 2);
750 else if (counter >= indefinite)
753 DECR_LEN(der_len, 1);
754 if (der[counter] != ASN1_TAG_OCTET_STRING)
755 return ASN1_DER_ERROR;
759 len2 = asn1_get_length_der (der + counter, der_len, &len3);
761 return ASN1_DER_ERROR;
763 DECR_LEN(der_len, len3 + len2);
764 counter += len3 + len2;
772 unsigned char temp[ASN1_MAX_LENGTH_SIZE];
775 len2 = sizeof (temp);
777 asn1_length_der (tot_len, temp, &len2);
778 _asn1_set_value (node, temp, len2);
780 ret = _asn1_extract_der_octet (node, der, der_len);
781 if (ret != ASN1_SUCCESS)
787 { /* NOT STRUCTURED */
788 len2 = asn1_get_length_der (der, der_len, &len3);
790 return ASN1_DER_ERROR;
792 DECR_LEN(der_len, len3+len2);
793 counter = len3 + len2;
795 _asn1_set_value (node, der, counter);
806 _asn1_get_indefinite_length_string (const unsigned char *der,
807 int der_len, int *len)
809 int len2, len3, counter, indefinite;
814 counter = indefinite = 0;
818 if (HAVE_TWO(der_len) && (der[counter] == 0) && (der[counter + 1] == 0))
821 DECR_LEN(der_len, 2);
831 (der + counter, der_len, &class, &len2,
832 &tag) != ASN1_SUCCESS)
833 return ASN1_DER_ERROR;
835 DECR_LEN(der_len, len2);
838 len2 = asn1_get_length_der (der + counter, der_len, &len3);
840 return ASN1_DER_ERROR;
846 DECR_LEN(der_len, 1);
850 counter += len2 + len3;
851 DECR_LEN(der_len, len2+len3);
862 static void delete_unneeded_choice_fields(asn1_node p)
869 asn1_delete_structure (&p2);
877 * @element: pointer to an ASN1 structure.
878 * @ider: vector that contains the DER encoding.
879 * @ider_len: number of bytes of *@ider: @ider[0]..@ider[len-1].
880 * @errorDescription: null-terminated string contains details when an
883 * Fill the structure *@element with values of a DER encoding
884 * string. The structure must just be created with function
885 * asn1_create_element().
887 * Note that the *@element variable is provided as a pointer for
888 * historical reasons.
890 * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND
891 * if @ELEMENT is %NULL, and %ASN1_TAG_ERROR or
892 * %ASN1_DER_ERROR if the der encoding doesn't match the structure
893 * name (*@ELEMENT deleted).
896 asn1_der_decoding (asn1_node * element, const void *ider, int ider_len,
897 char *errorDescription)
899 asn1_node node, p, p2, p3;
901 int counter, len2, len3, len4, move, ris, tlen;
902 asn1_node ptail = NULL;
905 int indefinite, result, total_len = ider_len;
906 const unsigned char *der = ider;
910 if (errorDescription != NULL)
911 errorDescription[0] = 0;
914 return ASN1_ELEMENT_NOT_FOUND;
916 if (node->type & CONST_OPTION)
918 result = ASN1_GENERIC_ERROR;
931 if (p->type & CONST_SET)
933 p2 = _asn1_get_up (p);
937 if (HAVE_TWO(ider_len) && !der[counter] && !der[counter + 1])
942 DECR_LEN(ider_len, 2);
946 else if (counter == len2)
952 else if (counter > len2)
954 result = ASN1_DER_ERROR;
961 if ((p2->type & CONST_SET) && (p2->type & CONST_NOT_USED))
964 extract_tag_der_recursive (p2, der + counter,
966 if (ris == ASN1_SUCCESS)
968 p2->type &= ~CONST_NOT_USED;
977 result = ASN1_DER_ERROR;
983 /* the position in the DER structure this starts */
987 if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT))
989 p2 = _asn1_get_up (p);
1001 if (p->type & CONST_OPTION)
1002 asn1_delete_structure (&p);
1009 if (type_field (p->type) == ASN1_ETYPE_CHOICE)
1014 extract_tag_der_recursive (p->down, der + counter,
1017 if (ris == ASN1_SUCCESS)
1019 delete_unneeded_choice_fields(p->down);
1022 else if (ris == ASN1_ERROR_TYPE_ANY)
1024 result = ASN1_ERROR_TYPE_ANY;
1031 asn1_delete_structure (&p2);
1035 if (p->down == NULL)
1037 if (!(p->type & CONST_OPTION))
1039 result = ASN1_DER_ERROR;
1044 else if (type_field (p->type) != ASN1_ETYPE_CHOICE)
1050 if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT))
1052 p2 = _asn1_get_up (p);
1053 len2 = p2->tmp_ival;
1055 if ((len2 != -1) && (counter > len2))
1056 ris = ASN1_TAG_ERROR;
1059 if (ris == ASN1_SUCCESS)
1061 extract_tag_der_recursive (p, der + counter, ider_len, &len2);
1063 if (ris != ASN1_SUCCESS)
1065 if (p->type & CONST_OPTION)
1067 p->type |= CONST_NOT_USED;
1070 else if (p->type & CONST_DEFAULT)
1072 _asn1_set_value (p, NULL, 0);
1077 if (errorDescription != NULL)
1078 _asn1_error_description_tag_error (p, errorDescription);
1080 result = ASN1_TAG_ERROR;
1087 DECR_LEN(ider_len, len2);
1092 if (ris == ASN1_SUCCESS)
1094 switch (type_field (p->type))
1096 case ASN1_ETYPE_NULL:
1097 DECR_LEN(ider_len, 1);
1100 result = ASN1_DER_ERROR;
1107 case ASN1_ETYPE_BOOLEAN:
1108 DECR_LEN(ider_len, 2);
1110 if (der[counter++] != 1)
1112 result = ASN1_DER_ERROR;
1116 if (der[counter++] == 0)
1117 _asn1_set_value (p, "F", 1);
1119 _asn1_set_value (p, "T", 1);
1122 case ASN1_ETYPE_INTEGER:
1123 case ASN1_ETYPE_ENUMERATED:
1125 asn1_get_length_der (der + counter, ider_len, &len3);
1128 result = ASN1_DER_ERROR;
1133 DECR_LEN(ider_len, len3+len2);
1135 _asn1_set_value (p, der + counter, len3 + len2);
1136 counter += len3 + len2;
1139 case ASN1_ETYPE_OBJECT_ID:
1141 _asn1_get_objectid_der (der + counter, ider_len, &len2,
1142 temp, sizeof (temp));
1143 if (result != ASN1_SUCCESS)
1149 DECR_LEN(ider_len, len2);
1151 tlen = strlen (temp);
1153 _asn1_set_value (p, temp, tlen + 1);
1158 case ASN1_ETYPE_GENERALIZED_TIME:
1159 case ASN1_ETYPE_UTC_TIME:
1161 _asn1_get_time_der (der + counter, ider_len, &len2, temp,
1163 if (result != ASN1_SUCCESS)
1169 DECR_LEN(ider_len, len2);
1171 tlen = strlen (temp);
1173 _asn1_set_value (p, temp, tlen);
1178 case ASN1_ETYPE_OCTET_STRING:
1179 result = _asn1_get_octet_string (p, der + counter, ider_len, &len3);
1180 if (result != ASN1_SUCCESS)
1186 DECR_LEN(ider_len, len3);
1190 case ASN1_ETYPE_GENERALSTRING:
1191 case ASN1_ETYPE_NUMERIC_STRING:
1192 case ASN1_ETYPE_IA5_STRING:
1193 case ASN1_ETYPE_TELETEX_STRING:
1194 case ASN1_ETYPE_PRINTABLE_STRING:
1195 case ASN1_ETYPE_UNIVERSAL_STRING:
1196 case ASN1_ETYPE_BMP_STRING:
1197 case ASN1_ETYPE_UTF8_STRING:
1198 case ASN1_ETYPE_VISIBLE_STRING:
1199 case ASN1_ETYPE_BIT_STRING:
1201 asn1_get_length_der (der + counter, ider_len, &len3);
1204 result = ASN1_DER_ERROR;
1209 DECR_LEN(ider_len, len3+len2);
1211 _asn1_set_value (p, der + counter, len3 + len2);
1212 counter += len3 + len2;
1215 case ASN1_ETYPE_SEQUENCE:
1216 case ASN1_ETYPE_SET:
1222 { /* indefinite length method */
1223 DECR_LEN(ider_len, 2);
1224 if ((der[counter]) || der[counter + 1])
1226 result = ASN1_DER_ERROR;
1233 { /* definite length method */
1234 if (len2 != counter)
1236 result = ASN1_DER_ERROR;
1244 { /* move==DOWN || move==RIGHT */
1246 asn1_get_length_der (der + counter, ider_len, &len2);
1249 result = ASN1_DER_ERROR;
1254 DECR_LEN(ider_len, len2);
1259 p->tmp_ival = counter + len3;
1267 if (type_field (p2->type) != ASN1_ETYPE_TAG)
1270 asn1_delete_structure (&p2);
1279 { /* indefinite length method */
1285 case ASN1_ETYPE_SEQUENCE_OF:
1286 case ASN1_ETYPE_SET_OF:
1291 { /* indefinite length method */
1292 if (!HAVE_TWO(ider_len) || ((der[counter]) || der[counter + 1]))
1294 _asn1_append_sequence_set (p, &ptail);
1301 ptail = NULL; /* finished decoding this structure */
1302 DECR_LEN(ider_len, 2);
1306 { /* definite length method */
1309 _asn1_append_sequence_set (p, &ptail);
1316 ptail = NULL; /* finished decoding this structure */
1318 if (len2 != counter)
1320 result = ASN1_DER_ERROR;
1327 { /* move==DOWN || move==RIGHT */
1329 asn1_get_length_der (der + counter, ider_len, &len2);
1332 result = ASN1_DER_ERROR;
1337 DECR_LEN(ider_len, len2);
1342 { /* definite length method */
1343 p->tmp_ival = counter + len3;
1346 { /* indefinite length method */
1350 while ((type_field (p2->type) == ASN1_ETYPE_TAG)
1351 || (type_field (p2->type) == ASN1_ETYPE_SIZE))
1353 if (p2->right == NULL)
1354 _asn1_append_sequence_set (p, &ptail);
1360 case ASN1_ETYPE_ANY:
1361 if (asn1_get_tag_der
1362 (der + counter, ider_len, &class, &len2,
1363 &tag) != ASN1_SUCCESS)
1365 result = ASN1_DER_ERROR;
1370 DECR_LEN(ider_len, len2);
1373 asn1_get_length_der (der + counter + len2,
1377 result = ASN1_DER_ERROR;
1381 if (len4 != -1) /* definite */
1385 DECR_LEN(ider_len, len4+len3);
1386 _asn1_set_value_lv (p, der + counter, len2 + len3);
1387 counter += len2 + len3;
1390 { /* indefinite length */
1391 ider_len += len2; /* undo DECR_LEN */
1395 result = ASN1_DER_ERROR;
1400 /* Check indefinite lenth method in an EXPLICIT TAG */
1401 if ((p->type & CONST_TAG) && (der[counter - 1] == 0x80))
1407 _asn1_get_indefinite_length_string (der + counter, ider_len, &len2);
1408 if (result != ASN1_SUCCESS)
1414 DECR_LEN(ider_len, len2);
1415 _asn1_set_value_lv (p, der + counter, len2);
1418 /* Check if a couple of 0x00 are present due to an EXPLICIT TAG with
1419 an indefinite length method. */
1422 DECR_LEN(ider_len, 2);
1423 if (!der[counter] && !der[counter + 1])
1429 result = ASN1_DER_ERROR;
1438 move = (move == UP) ? RIGHT : DOWN;
1445 p->end = counter - 1;
1448 if (p == node && move != DOWN)
1458 if ((move == RIGHT) && !(p->type & CONST_SET))
1466 p = _asn1_get_up (p);
1469 _asn1_delete_not_used (*element);
1474 result = ASN1_DER_ERROR;
1478 return ASN1_SUCCESS;
1481 asn1_delete_structure (element);
1486 #define SAME_BRANCH 2
1487 #define OTHER_BRANCH 3
1491 * asn1_der_decoding_element:
1492 * @structure: pointer to an ASN1 structure
1493 * @elementName: name of the element to fill
1494 * @ider: vector that contains the DER encoding of the whole structure.
1495 * @len: number of bytes of *der: der[0]..der[len-1]
1496 * @errorDescription: null-terminated string contains details when an
1499 * Fill the element named @ELEMENTNAME with values of a DER encoding
1500 * string. The structure must just be created with function
1501 * asn1_create_element(). The DER vector must contain the encoding
1502 * string of the whole @STRUCTURE. If an error occurs during the
1503 * decoding procedure, the *@STRUCTURE is deleted and set equal to
1506 * This function is deprecated and may just be an alias to asn1_der_decoding
1507 * in future versions. Use asn1_der_decoding() instead.
1509 * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND
1510 * if ELEMENT is %NULL or @elementName == NULL, and
1511 * %ASN1_TAG_ERROR or %ASN1_DER_ERROR if the der encoding doesn't
1512 * match the structure @structure (*ELEMENT deleted).
1515 asn1_der_decoding_element (asn1_node * structure, const char *elementName,
1516 const void *ider, int len, char *errorDescription)
1518 return asn1_der_decoding(structure, ider, len, errorDescription);
1522 * asn1_der_decoding_startEnd:
1523 * @element: pointer to an ASN1 element
1524 * @ider: vector that contains the DER encoding.
1525 * @ider_len: number of bytes of *@ider: @ider[0]..@ider[len-1]
1526 * @name_element: an element of NAME structure.
1527 * @start: the position of the first byte of NAME_ELEMENT decoding
1529 * @end: the position of the last byte of NAME_ELEMENT decoding
1532 * Find the start and end point of an element in a DER encoding
1533 * string. I mean that if you have a der encoding and you have already
1534 * used the function asn1_der_decoding() to fill a structure, it may
1535 * happen that you want to find the piece of string concerning an
1536 * element of the structure.
1538 * One example is the sequence "tbsCertificate" inside an X509
1541 * Note that since libtasn1 3.7 the @ider and @ider_len parameters
1542 * can be omitted, if the element is already decoded using asn1_der_decoding().
1544 * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND
1545 * if ELEMENT is %asn1_node EMPTY or @name_element is not a valid
1546 * element, %ASN1_TAG_ERROR or %ASN1_DER_ERROR if the der encoding
1547 * doesn't match the structure ELEMENT.
1550 asn1_der_decoding_startEnd (asn1_node element, const void *ider, int ider_len,
1551 const char *name_element, int *start, int *end)
1553 asn1_node node, node_to_find;
1554 int result = ASN1_DER_ERROR;
1559 return ASN1_ELEMENT_NOT_FOUND;
1561 node_to_find = asn1_find_node (node, name_element);
1563 if (node_to_find == NULL)
1564 return ASN1_ELEMENT_NOT_FOUND;
1566 *start = node_to_find->start;
1567 *end = node_to_find->end;
1569 if (*start == 0 && *end == 0)
1571 if (ider == NULL || ider_len == 0)
1572 return ASN1_GENERIC_ERROR;
1574 /* it seems asn1_der_decoding() wasn't called before. Do it now */
1575 result = asn1_der_decoding (&node, ider, ider_len, NULL);
1576 if (result != ASN1_SUCCESS)
1582 node_to_find = asn1_find_node (node, name_element);
1583 if (node_to_find == NULL)
1584 return ASN1_ELEMENT_NOT_FOUND;
1586 *start = node_to_find->start;
1587 *end = node_to_find->end;
1591 return ASN1_GENERIC_ERROR;
1593 return ASN1_SUCCESS;
1597 * asn1_expand_any_defined_by:
1598 * @definitions: ASN1 definitions
1599 * @element: pointer to an ASN1 structure
1601 * Expands every "ANY DEFINED BY" element of a structure created from
1602 * a DER decoding process (asn1_der_decoding function). The element
1603 * ANY must be defined by an OBJECT IDENTIFIER. The type used to
1604 * expand the element ANY is the first one following the definition of
1605 * the actual value of the OBJECT IDENTIFIER.
1607 * Returns: %ASN1_SUCCESS if Substitution OK, %ASN1_ERROR_TYPE_ANY if
1608 * some "ANY DEFINED BY" element couldn't be expanded due to a
1609 * problem in OBJECT_ID -> TYPE association, or other error codes
1610 * depending on DER decoding.
1613 asn1_expand_any_defined_by (asn1_node definitions, asn1_node * element)
1615 char name[2 * ASN1_MAX_NAME_SIZE + 1],
1616 value[ASN1_MAX_NAME_SIZE];
1617 int retCode = ASN1_SUCCESS, result;
1618 int len, len2, len3;
1619 asn1_node p, p2, p3, aux = NULL;
1620 char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
1621 const char *definitionsName;
1623 if ((definitions == NULL) || (*element == NULL))
1624 return ASN1_ELEMENT_NOT_FOUND;
1626 definitionsName = definitions->name;
1632 switch (type_field (p->type))
1634 case ASN1_ETYPE_ANY:
1635 if ((p->type & CONST_DEFINED_BY) && (p->value))
1637 /* search the "DEF_BY" element */
1639 while ((p2) && (type_field (p2->type) != ASN1_ETYPE_CONSTANT))
1644 retCode = ASN1_ERROR_TYPE_ANY;
1648 p3 = _asn1_get_up (p);
1652 retCode = ASN1_ERROR_TYPE_ANY;
1659 if (!(strcmp (p3->name, p2->name)))
1664 if ((!p3) || (type_field (p3->type) != ASN1_ETYPE_OBJECT_ID) ||
1665 (p3->value == NULL))
1668 p3 = _asn1_get_up (p);
1669 p3 = _asn1_get_up (p3);
1673 retCode = ASN1_ERROR_TYPE_ANY;
1681 if (!(strcmp (p3->name, p2->name)))
1686 if ((!p3) || (type_field (p3->type) != ASN1_ETYPE_OBJECT_ID)
1687 || (p3->value == NULL))
1689 retCode = ASN1_ERROR_TYPE_ANY;
1694 /* search the OBJECT_ID into definitions */
1695 p2 = definitions->down;
1698 if ((type_field (p2->type) == ASN1_ETYPE_OBJECT_ID) &&
1699 (p2->type & CONST_ASSIGN))
1701 snprintf(name, sizeof(name), "%s.%s", definitionsName, p2->name);
1703 len = ASN1_MAX_NAME_SIZE;
1705 asn1_read_value (definitions, name, value, &len);
1707 if ((result == ASN1_SUCCESS)
1708 && (!_asn1_strcmp (p3->value, value)))
1710 p2 = p2->right; /* pointer to the structure to
1711 use for expansion */
1712 while ((p2) && (p2->type & CONST_ASSIGN))
1717 snprintf(name, sizeof(name), "%s.%s", definitionsName, p2->name);
1720 asn1_create_element (definitions, name, &aux);
1721 if (result == ASN1_SUCCESS)
1723 _asn1_cpy_name (aux, p);
1725 asn1_get_length_der (p->value,
1726 p->value_len, &len3);
1728 return ASN1_DER_ERROR;
1731 asn1_der_decoding (&aux, p->value + len3,
1734 if (result == ASN1_SUCCESS)
1737 _asn1_set_right (aux, p->right);
1738 _asn1_set_right (p, aux);
1740 result = asn1_delete_structure (&p);
1741 if (result == ASN1_SUCCESS)
1748 { /* error with asn1_delete_structure */
1749 asn1_delete_structure (&aux);
1755 { /* error with asn1_der_decoding */
1761 { /* error with asn1_create_element */
1767 { /* error with the pointer to the structure to exapand */
1768 retCode = ASN1_ERROR_TYPE_ANY;
1778 retCode = ASN1_ERROR_TYPE_ANY;
1793 else if (p == *element)
1804 p = _asn1_get_up (p);
1823 * asn1_expand_octet_string:
1824 * @definitions: ASN1 definitions
1825 * @element: pointer to an ASN1 structure
1826 * @octetName: name of the OCTECT STRING field to expand.
1827 * @objectName: name of the OBJECT IDENTIFIER field to use to define
1828 * the type for expansion.
1830 * Expands an "OCTET STRING" element of a structure created from a DER
1831 * decoding process (the asn1_der_decoding() function). The type used
1832 * for expansion is the first one following the definition of the
1833 * actual value of the OBJECT IDENTIFIER indicated by OBJECTNAME.
1835 * Returns: %ASN1_SUCCESS if substitution OK, %ASN1_ELEMENT_NOT_FOUND
1836 * if @objectName or @octetName are not correct,
1837 * %ASN1_VALUE_NOT_VALID if it wasn't possible to find the type to
1838 * use for expansion, or other errors depending on DER decoding.
1841 asn1_expand_octet_string (asn1_node definitions, asn1_node * element,
1842 const char *octetName, const char *objectName)
1844 char name[2 * ASN1_MAX_NAME_SIZE + 1], value[ASN1_MAX_NAME_SIZE];
1845 int retCode = ASN1_SUCCESS, result;
1846 int len, len2, len3;
1847 asn1_node p2, aux = NULL;
1848 asn1_node octetNode = NULL, objectNode = NULL;
1849 char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
1851 if ((definitions == NULL) || (*element == NULL))
1852 return ASN1_ELEMENT_NOT_FOUND;
1854 octetNode = asn1_find_node (*element, octetName);
1855 if (octetNode == NULL)
1856 return ASN1_ELEMENT_NOT_FOUND;
1857 if (type_field (octetNode->type) != ASN1_ETYPE_OCTET_STRING)
1858 return ASN1_ELEMENT_NOT_FOUND;
1859 if (octetNode->value == NULL)
1860 return ASN1_VALUE_NOT_FOUND;
1862 objectNode = asn1_find_node (*element, objectName);
1863 if (objectNode == NULL)
1864 return ASN1_ELEMENT_NOT_FOUND;
1866 if (type_field (objectNode->type) != ASN1_ETYPE_OBJECT_ID)
1867 return ASN1_ELEMENT_NOT_FOUND;
1869 if (objectNode->value == NULL)
1870 return ASN1_VALUE_NOT_FOUND;
1873 /* search the OBJECT_ID into definitions */
1874 p2 = definitions->down;
1877 if ((type_field (p2->type) == ASN1_ETYPE_OBJECT_ID) &&
1878 (p2->type & CONST_ASSIGN))
1880 strcpy (name, definitions->name);
1882 strcat (name, p2->name);
1884 len = sizeof (value);
1885 result = asn1_read_value (definitions, name, value, &len);
1887 if ((result == ASN1_SUCCESS)
1888 && (!_asn1_strcmp (objectNode->value, value)))
1891 p2 = p2->right; /* pointer to the structure to
1892 use for expansion */
1893 while ((p2) && (p2->type & CONST_ASSIGN))
1898 strcpy (name, definitions->name);
1900 strcat (name, p2->name);
1902 result = asn1_create_element (definitions, name, &aux);
1903 if (result == ASN1_SUCCESS)
1905 _asn1_cpy_name (aux, octetNode);
1907 asn1_get_length_der (octetNode->value,
1908 octetNode->value_len, &len3);
1910 return ASN1_DER_ERROR;
1913 asn1_der_decoding (&aux, octetNode->value + len3,
1914 len2, errorDescription);
1915 if (result == ASN1_SUCCESS)
1918 _asn1_set_right (aux, octetNode->right);
1919 _asn1_set_right (octetNode, aux);
1921 result = asn1_delete_structure (&octetNode);
1922 if (result == ASN1_SUCCESS)
1928 { /* error with asn1_delete_structure */
1929 asn1_delete_structure (&aux);
1935 { /* error with asn1_der_decoding */
1941 { /* error with asn1_create_element */
1947 { /* error with the pointer to the structure to exapand */
1948 retCode = ASN1_VALUE_NOT_VALID;
1959 retCode = ASN1_VALUE_NOT_VALID;
1965 * asn1_decode_simple_der:
1966 * @etype: The type of the string to be encoded (ASN1_ETYPE_)
1967 * @der: the encoded string
1968 * @der_len: the bytes of the encoded string
1969 * @str: a pointer to the data
1970 * @str_len: the length of the data
1972 * Decodes a simple DER encoded type (e.g. a string, which is not constructed).
1973 * The output is a pointer inside the @der.
1975 * Returns: %ASN1_SUCCESS if successful or an error value.
1978 asn1_decode_simple_der (unsigned int etype, const unsigned char *der,
1979 unsigned int der_len, const unsigned char **str,
1980 unsigned int *str_len)
1982 int tag_len, len_len;
1983 const unsigned char *p;
1984 unsigned char class;
1988 if (der == NULL || der_len == 0)
1989 return ASN1_VALUE_NOT_VALID;
1991 if (ETYPE_OK (etype) == 0)
1992 return ASN1_VALUE_NOT_VALID;
1994 /* doesn't handle constructed classes */
1995 if (ETYPE_CLASS (etype) != ASN1_CLASS_UNIVERSAL)
1996 return ASN1_VALUE_NOT_VALID;
1999 ret = asn1_get_tag_der (p, der_len, &class, &tag_len, &tag);
2000 if (ret != ASN1_SUCCESS)
2003 if (class != ETYPE_CLASS (etype) || tag != ETYPE_TAG (etype))
2004 return ASN1_DER_ERROR;
2009 ret = asn1_get_length_der (p, der_len, &len_len);
2011 return ASN1_DER_ERROR;
2019 return ASN1_SUCCESS;