summaryrefslogtreecommitdiffstats
path: root/third_party/heimdal/lib/asn1/der_get.c
diff options
context:
space:
mode:
Diffstat (limited to 'third_party/heimdal/lib/asn1/der_get.c')
-rw-r--r--third_party/heimdal/lib/asn1/der_get.c798
1 files changed, 798 insertions, 0 deletions
diff --git a/third_party/heimdal/lib/asn1/der_get.c b/third_party/heimdal/lib/asn1/der_get.c
new file mode 100644
index 0000000..c12f817
--- /dev/null
+++ b/third_party/heimdal/lib/asn1/der_get.c
@@ -0,0 +1,798 @@
+/*
+ * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+
+/*
+ * All decoding functions take a pointer `p' to first position in
+ * which to read, from the left, `len' which means the maximum number
+ * of characters we are able to read, `ret' were the value will be
+ * returned and `size' where the number of used bytes is stored.
+ * Either 0 or an error code is returned.
+ */
+
+int ASN1CALL
+der_get_unsigned (const unsigned char *p, size_t len,
+ unsigned *ret, size_t *size)
+{
+ unsigned val = 0;
+ size_t oldlen = len;
+
+ if (len == sizeof(val) + 1 && p[0] == 0)
+ ;
+ else if (len > sizeof(val))
+ return ASN1_OVERRUN;
+
+ while (len--)
+ val = val * 256 + *p++;
+ *ret = val;
+ if(size) *size = oldlen;
+ return 0;
+}
+
+int ASN1CALL
+der_get_unsigned64 (const unsigned char *p, size_t len,
+ uint64_t *ret, size_t *size)
+{
+ uint64_t val = 0;
+ size_t oldlen = len;
+
+ if (len == sizeof(val) + 1 && p[0] == 0)
+ ;
+ else if (len > sizeof(val))
+ return ASN1_OVERRUN;
+
+ while (len--)
+ val = val * 256 + *p++;
+ *ret = val;
+ if(size) *size = oldlen;
+ return 0;
+}
+
+int ASN1CALL
+der_get_integer (const unsigned char *p, size_t len,
+ int *ret, size_t *size)
+{
+ int val = 0;
+ size_t oldlen = len;
+
+ if (len > sizeof(val))
+ return ASN1_OVERRUN;
+
+ if (len > 0) {
+ val = (signed char)*p++;
+ while (--len)
+ val = val * 256 + *p++;
+ }
+ *ret = val;
+ if(size) *size = oldlen;
+ return 0;
+}
+
+int ASN1CALL
+der_get_integer64 (const unsigned char *p, size_t len,
+ int64_t *ret, size_t *size)
+{
+ int64_t val = 0;
+ size_t oldlen = len;
+
+ if (len > sizeof(val))
+ return ASN1_OVERRUN;
+
+ if (len > 0) {
+ val = (signed char)*p++;
+ while (--len)
+ val = val * 256 + *p++;
+ }
+ *ret = val;
+ if(size) *size = oldlen;
+ return 0;
+}
+
+
+int ASN1CALL
+der_get_length (const unsigned char *p, size_t len,
+ size_t *val, size_t *size)
+{
+ size_t v;
+
+ if (len <= 0)
+ return ASN1_OVERRUN;
+ --len;
+ v = *p++;
+ if (v < 128) {
+ *val = v;
+ if(size) *size = 1;
+ } else {
+ int e;
+ size_t l;
+ unsigned tmp;
+
+ if(v == 0x80){
+ *val = ASN1_INDEFINITE;
+ if(size) *size = 1;
+ return 0;
+ }
+ v &= 0x7F;
+ if (len < v)
+ return ASN1_OVERRUN;
+ e = der_get_unsigned (p, v, &tmp, &l);
+ if(e) return e;
+ *val = tmp;
+ if(size) *size = l + 1;
+ }
+ return 0;
+}
+
+int ASN1CALL
+der_get_boolean(const unsigned char *p, size_t len, int *data, size_t *size)
+{
+ if(len < 1)
+ return ASN1_OVERRUN;
+ if(*p != 0)
+ *data = 1;
+ else
+ *data = 0;
+ *size = 1;
+ return 0;
+}
+
+int ASN1CALL
+der_get_general_string (const unsigned char *p, size_t len,
+ heim_general_string *str, size_t *size)
+{
+ const unsigned char *p1;
+ char *s;
+
+ assert(p != NULL);
+
+ if (size)
+ *size = 0;
+
+ p1 = memchr(p, 0, len);
+ if (p1 != NULL) {
+ /*
+ * Allow trailing NULs. We allow this since MIT Kerberos sends
+ * an strings in the NEED_PREAUTH case that includes a
+ * trailing NUL.
+ */
+ while ((size_t)(p1 - p) < len && *p1 == '\0')
+ p1++;
+ if ((size_t)(p1 - p) != len) {
+ *str = NULL;
+ return ASN1_BAD_CHARACTER;
+ }
+ }
+ if (len == SIZE_MAX) {
+ *str = NULL;
+ return ASN1_BAD_LENGTH;
+ }
+
+ *str = s = malloc (len + 1);
+ if (s == NULL)
+ return ENOMEM;
+ memcpy (s, p, len);
+ s[len] = '\0';
+
+ if(size) *size = len;
+ return 0;
+}
+
+int ASN1CALL
+der_get_utf8string (const unsigned char *p, size_t len,
+ heim_utf8_string *str, size_t *size)
+{
+ return der_get_general_string(p, len, str, size);
+}
+
+#define gen_data_zero(_data) \
+ do { (_data)->length = 0; (_data)->data = NULL; } while(0)
+
+int ASN1CALL
+der_get_printable_string(const unsigned char *p, size_t len,
+ heim_printable_string *str, size_t *size)
+{
+ assert(p != NULL);
+
+ if (size)
+ *size = 0;
+
+ if (len == SIZE_MAX) {
+ gen_data_zero(str);
+ return ASN1_BAD_LENGTH;
+ }
+ str->length = len;
+ str->data = malloc(len + 1);
+ if (str->data == NULL) {
+ gen_data_zero(str);
+ return ENOMEM;
+ }
+
+ memcpy(str->data, p, len);
+ ((char *)str->data)[len] = '\0';
+ if(size) *size = len;
+ return 0;
+}
+
+int ASN1CALL
+der_get_ia5_string(const unsigned char *p, size_t len,
+ heim_ia5_string *str, size_t *size)
+{
+ return der_get_printable_string(p, len, str, size);
+}
+
+int ASN1CALL
+der_get_bmp_string (const unsigned char *p, size_t len,
+ heim_bmp_string *data, size_t *size)
+{
+ size_t i;
+
+ assert(p != NULL);
+
+ if (size)
+ *size = 0;
+
+ if (len & 1) {
+ gen_data_zero(data);
+ return ASN1_BAD_FORMAT;
+ }
+ data->length = len / 2;
+ if (data->length > UINT_MAX/sizeof(data->data[0])) {
+ gen_data_zero(data);
+ return ERANGE;
+ }
+ data->data = malloc(data->length * sizeof(data->data[0]));
+ if (data->data == NULL && data->length != 0) {
+ gen_data_zero(data);
+ return ENOMEM;
+ }
+
+ for (i = 0; i < data->length; i++) {
+ data->data[i] = (p[0] << 8) | p[1];
+ p += 2;
+ /* check for NUL in the middle of the string */
+ if (data->data[i] == 0 && i != (data->length - 1)) {
+ free(data->data);
+ gen_data_zero(data);
+ return ASN1_BAD_CHARACTER;
+ }
+ }
+ if (size) *size = len;
+
+ return 0;
+}
+
+int ASN1CALL
+der_get_universal_string (const unsigned char *p, size_t len,
+ heim_universal_string *data, size_t *size)
+{
+ size_t i;
+
+ assert(p != NULL);
+
+ if (size)
+ *size = 0;
+
+ if (len & 3) {
+ gen_data_zero(data);
+ return ASN1_BAD_FORMAT;
+ }
+ data->length = len / 4;
+ if (data->length > UINT_MAX/sizeof(data->data[0])) {
+ gen_data_zero(data);
+ return ERANGE;
+ }
+ data->data = malloc(data->length * sizeof(data->data[0]));
+ if (data->data == NULL && data->length != 0) {
+ gen_data_zero(data);
+ return ENOMEM;
+ }
+
+ for (i = 0; i < data->length; i++) {
+ data->data[i] = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
+ p += 4;
+ /* check for NUL in the middle of the string */
+ if (data->data[i] == 0 && i != (data->length - 1)) {
+ free(data->data);
+ gen_data_zero(data);
+ return ASN1_BAD_CHARACTER;
+ }
+ }
+ if (size) *size = len;
+ return 0;
+}
+
+int ASN1CALL
+der_get_visible_string (const unsigned char *p, size_t len,
+ heim_visible_string *str, size_t *size)
+{
+ return der_get_general_string(p, len, str, size);
+}
+
+int ASN1CALL
+der_get_octet_string (const unsigned char *p, size_t len,
+ heim_octet_string *data, size_t *size)
+{
+ assert(p != NULL);
+
+ if (size)
+ *size = 0;
+
+ if (len == 0)
+ data->data = malloc(1);
+ else
+ data->data = malloc(len);
+ if (data->data == NULL) {
+ data->length = 0;
+ return ENOMEM;
+ }
+ data->length = len;
+ memcpy (data->data, p, len);
+ if (size)
+ *size = len;
+ return 0;
+}
+
+int ASN1CALL
+der_get_octet_string_ber (const unsigned char *p, size_t len,
+ heim_octet_string *data, size_t *size)
+{
+ int e;
+ Der_type type;
+ Der_class cls;
+ unsigned int tag, depth = 0;
+ size_t l, datalen, oldlen = len;
+
+ assert(p != NULL);
+
+ if (size)
+ *size = 0;
+
+ data->length = 0;
+ data->data = NULL;
+
+ while (len) {
+ e = der_get_tag (p, len, &cls, &type, &tag, &l);
+ if (e) goto out;
+ if (cls != ASN1_C_UNIV) {
+ e = ASN1_BAD_ID;
+ goto out;
+ }
+ if (type == PRIM && tag == UT_EndOfContent) {
+ if (depth == 0)
+ break;
+ depth--;
+ }
+ if (tag != UT_OctetString) {
+ e = ASN1_BAD_ID;
+ goto out;
+ }
+
+ p += l;
+ len -= l;
+ e = der_get_length (p, len, &datalen, &l);
+ if (e) goto out;
+ p += l;
+ len -= l;
+
+ if (datalen > len)
+ return ASN1_OVERRUN;
+
+ if (type == PRIM && datalen) {
+ void *ptr;
+
+ ptr = realloc(data->data, data->length + datalen);
+ if (ptr == NULL) {
+ e = ENOMEM;
+ goto out;
+ }
+ data->data = ptr;
+ memcpy(((unsigned char *)data->data) + data->length, p, datalen);
+ data->length += datalen;
+ } else if (type != PRIM)
+ depth++;
+
+ p += datalen;
+ len -= datalen;
+ }
+ if (depth != 0)
+ return ASN1_INDEF_OVERRUN;
+ if(size) *size = oldlen - len;
+ return 0;
+ out:
+ free(data->data);
+ data->data = NULL;
+ data->length = 0;
+ return e;
+}
+
+
+int ASN1CALL
+der_get_heim_integer (const unsigned char *p, size_t len,
+ heim_integer *data, size_t *size)
+{
+ data->length = 0;
+ data->negative = 0;
+ data->data = NULL;
+
+ if (size)
+ *size = 0;
+
+ if (len == 0)
+ return 0;
+
+ assert(p != NULL);
+
+ if (p[0] & 0x80) {
+ unsigned char *q;
+ int carry = 1;
+ data->negative = 1;
+
+ data->length = len;
+
+ if (p[0] == 0xff) {
+ p++;
+ data->length--;
+ }
+ data->data = malloc(data->length);
+ if (data->data == NULL) {
+ data->length = 0;
+ if (size)
+ *size = 0;
+ return ENOMEM;
+ }
+ q = &((unsigned char*)data->data)[data->length - 1];
+ p += data->length - 1;
+ while (q >= (unsigned char*)data->data) {
+ *q = *p ^ 0xff;
+ if (carry)
+ carry = !++*q;
+ p--;
+ q--;
+ }
+ } else {
+ data->negative = 0;
+ data->length = len;
+
+ if (p[0] == 0) {
+ p++;
+ data->length--;
+ }
+ data->data = malloc(data->length);
+ if (data->data == NULL && data->length != 0) {
+ data->length = 0;
+ if (size)
+ *size = 0;
+ return ENOMEM;
+ }
+ memcpy(data->data, p, data->length);
+ }
+ if (size)
+ *size = len;
+ return 0;
+}
+
+static int
+generalizedtime2time (const char *s, time_t *t)
+{
+ struct tm tm;
+
+ memset(&tm, 0, sizeof(tm));
+ if (sscanf (s, "%04d%02d%02d%02d%02d%02dZ",
+ &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour,
+ &tm.tm_min, &tm.tm_sec) != 6) {
+ if (sscanf (s, "%02d%02d%02d%02d%02d%02dZ",
+ &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour,
+ &tm.tm_min, &tm.tm_sec) != 6)
+ return ASN1_BAD_TIMEFORMAT;
+ if (tm.tm_year < 50)
+ tm.tm_year += 2000;
+ else
+ tm.tm_year += 1900;
+ }
+ tm.tm_year -= 1900;
+ tm.tm_mon -= 1;
+ *t = _der_timegm (&tm);
+ return 0;
+}
+
+static int ASN1CALL
+der_get_time (const unsigned char *p, size_t len,
+ time_t *data, size_t *size)
+{
+ char *times;
+ int e;
+
+ assert(p != NULL);
+
+ if (size)
+ *size = 0;
+
+ if (len == SIZE_MAX || len == 0)
+ return ASN1_BAD_LENGTH;
+
+ times = malloc(len + 1);
+ if (times == NULL)
+ return ENOMEM;
+ memcpy(times, p, len);
+ times[len] = '\0';
+ e = generalizedtime2time(times, data);
+ free (times);
+ if(size) *size = len;
+ return e;
+}
+
+int ASN1CALL
+der_get_generalized_time (const unsigned char *p, size_t len,
+ time_t *data, size_t *size)
+{
+ return der_get_time(p, len, data, size);
+}
+
+int ASN1CALL
+der_get_utctime (const unsigned char *p, size_t len,
+ time_t *data, size_t *size)
+{
+ return der_get_time(p, len, data, size);
+}
+
+int ASN1CALL
+der_get_oid (const unsigned char *p, size_t len,
+ heim_oid *data, size_t *size)
+{
+ size_t n;
+ size_t oldlen = len;
+
+ assert(p != NULL);
+
+ if (size)
+ *size = 0;
+
+ if (len < 1)
+ return ASN1_OVERRUN;
+
+ if (len == SIZE_MAX)
+ return ASN1_BAD_LENGTH;
+
+ if (len + 1 > UINT_MAX/sizeof(data->components[0]))
+ return ERANGE;
+
+ data->components = malloc((len + 1) * sizeof(data->components[0]));
+ if (data->components == NULL) {
+ data->length = 0;
+ return ENOMEM;
+ }
+ data->components[0] = (*p) / 40;
+ data->components[1] = (*p) % 40;
+ --len;
+ ++p;
+ for (n = 2; len > 0; ++n) {
+ unsigned u = 0, u1;
+
+ do {
+ --len;
+ u1 = u * 128 + (*p++ % 128);
+ /* check that we don't overflow the element */
+ if (u1 < u) {
+ der_free_oid(data);
+ return ASN1_OVERRUN;
+ }
+ u = u1;
+ } while (len > 0 && p[-1] & 0x80);
+ data->components[n] = u;
+ }
+ if (n > 2 && p[-1] & 0x80) {
+ der_free_oid (data);
+ return ASN1_OVERRUN;
+ }
+ data->length = n;
+ if (size)
+ *size = oldlen;
+ return 0;
+}
+
+int ASN1CALL
+der_get_tag (const unsigned char *p, size_t len,
+ Der_class *cls, Der_type *type,
+ unsigned int *tag, size_t *size)
+{
+ size_t ret = 0;
+
+ if (size)
+ *size = 0;
+
+ if (len < 1)
+ return ASN1_MISSING_FIELD;
+
+ assert(p != NULL);
+
+ *cls = (Der_class)(((*p) >> 6) & 0x03);
+ *type = (Der_type)(((*p) >> 5) & 0x01);
+ *tag = (*p) & 0x1f;
+ p++; len--; ret++;
+ if(*tag == 0x1f) {
+ unsigned int continuation;
+ unsigned int tag1;
+ *tag = 0;
+ do {
+ if(len < 1)
+ return ASN1_OVERRUN;
+ continuation = *p & 128;
+ tag1 = *tag * 128 + (*p % 128);
+ /* check that we don't overflow the tag */
+ if (tag1 < *tag)
+ return ASN1_OVERFLOW;
+ *tag = tag1;
+ p++; len--; ret++;
+ } while(continuation);
+ }
+ if(size) *size = ret;
+ return 0;
+}
+
+int ASN1CALL
+der_match_tag (const unsigned char *p, size_t len,
+ Der_class cls, Der_type type,
+ unsigned int tag, size_t *size)
+{
+ Der_type thistype;
+ int e;
+
+ e = der_match_tag2(p, len, cls, &thistype, tag, size);
+ if (e) return e;
+ if (thistype != type) return ASN1_BAD_ID;
+ return 0;
+}
+
+int ASN1CALL
+der_match_tag2 (const unsigned char *p, size_t len,
+ Der_class cls, Der_type *type,
+ unsigned int tag, size_t *size)
+{
+ size_t l;
+ Der_class thisclass;
+ unsigned int thistag;
+ int e;
+
+ if (size)
+ *size = 0;
+
+ e = der_get_tag(p, len, &thisclass, type, &thistag, &l);
+ if (e) return e;
+ /*
+ * We do depend on ASN1_BAD_ID being returned in places where we're
+ * essentially implementing an application-level CHOICE where we try to
+ * decode one way then the other. In Heimdal this happens only in lib/hdb/
+ * where we try to decode a blob as an hdb_entry, then as an
+ * hdb_entry_alias. Applications should really not depend on this.
+ */
+ if (cls != thisclass && (cls == ASN1_C_APPL || thisclass == ASN1_C_APPL))
+ return ASN1_BAD_ID;
+ if (cls != thisclass || tag != thistag)
+ return ASN1_MISSING_FIELD;
+ if (size) *size = l;
+ return 0;
+}
+
+/*
+ * Returns 0 if the encoded data at `p' of length `len' starts with the tag of
+ * class `cls`, type `type', and tag value `tag', and puts the length of the
+ * payload (i.e., the length of V in TLV, not the length of TLV) in
+ * `*length_ret', and the size of the whole thing (the TLV) in `*size' if
+ * `size' is not NULL.
+ *
+ * Else returns an error.
+ */
+int ASN1CALL
+der_match_tag_and_length (const unsigned char *p, size_t len,
+ Der_class cls, Der_type *type, unsigned int tag,
+ size_t *length_ret, size_t *size)
+{
+ size_t l, ret = 0;
+ int e;
+
+ e = der_match_tag2 (p, len, cls, type, tag, &l);
+ if (e) return e;
+ p += l;
+ len -= l;
+ ret += l;
+ e = der_get_length (p, len, length_ret, &l);
+ if (e) return e;
+ if(size) *size = ret + l;
+ return 0;
+}
+
+
+
+/*
+ * Old versions of DCE was based on a very early beta of the MIT code,
+ * which used MAVROS for ASN.1 encoding. MAVROS had the interesting
+ * feature that it encoded data in the forward direction, which has
+ * it's problems, since you have no idea how long the data will be
+ * until after you're done. MAVROS solved this by reserving one byte
+ * for length, and later, if the actual length was longer, it reverted
+ * to indefinite, BER style, lengths. The version of MAVROS used by
+ * the DCE people could apparently generate correct X.509 DER encodings, and
+ * did this by making space for the length after encoding, but
+ * unfortunately this feature wasn't used with Kerberos.
+ */
+
+int
+_heim_fix_dce(size_t reallen, size_t *len)
+{
+ if(reallen == ASN1_INDEFINITE)
+ return 1;
+ if(*len < reallen)
+ return -1;
+ *len = reallen;
+ return 0;
+}
+
+int ASN1CALL
+der_get_bit_string (const unsigned char *p, size_t len,
+ heim_bit_string *data, size_t *size)
+{
+ assert(p != NULL);
+
+ if (size)
+ *size = 0;
+
+ if (len < 1)
+ return ASN1_OVERRUN;
+ if (p[0] > 7)
+ return ASN1_BAD_FORMAT;
+ if (len - 1 == 0 && p[0] != 0)
+ return ASN1_BAD_FORMAT;
+ /* check if any of the three upper bits are set
+ * any of them will cause a interger overrun */
+ if ((len - 1) >> (sizeof(len) * 8 - 3))
+ return ASN1_OVERRUN;
+ /*
+ * If there is data to copy, do that now.
+ */
+ if (len - 1 > 0) {
+ data->length = (len - 1) * 8;
+ data->data = malloc(len - 1);
+ if (data->data == NULL) {
+ data->length = 0;
+ return ENOMEM;
+ }
+ memcpy (data->data, p + 1, len - 1);
+ data->length -= p[0];
+ } else {
+ data->data = NULL;
+ data->length = 0;
+ }
+ if(size) *size = len;
+ return 0;
+}