2 * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 RCSID("$Id: der_get.c,v 1.50 2006/10/19 16:27:44 lha Exp $");
41 * All decoding functions take a pointer `p' to first position in
42 * which to read, from the left, `len' which means the maximum number
43 * of characters we are able to read, `ret' were the value will be
44 * returned and `size' where the number of used bytes is stored.
45 * Either 0 or an error code is returned.
49 der_get_unsigned (const unsigned char *p, size_t len,
50 unsigned *ret, size_t *size)
55 if (len == sizeof(unsigned) + 1 && p[0] == 0)
57 else if (len > sizeof(unsigned))
61 val = val * 256 + *p++;
63 if(size) *size = oldlen;
68 der_get_integer (const unsigned char *p, size_t len,
69 int *ret, size_t *size)
74 if (len > sizeof(int))
78 val = (signed char)*p++;
80 val = val * 256 + *p++;
83 if(size) *size = oldlen;
88 der_get_length (const unsigned char *p, size_t len,
89 size_t *val, size_t *size)
106 *val = ASN1_INDEFINITE;
113 e = der_get_unsigned (p, v, &tmp, &l);
116 if(size) *size = l + 1;
122 der_get_boolean(const unsigned char *p, size_t len, int *data, size_t *size)
135 der_get_general_string (const unsigned char *p, size_t len,
136 heim_general_string *str, size_t *size)
141 return ASN1_BAD_LENGTH;
143 s = malloc (len + 1);
149 if(size) *size = len;
154 der_get_utf8string (const unsigned char *p, size_t len,
155 heim_utf8_string *str, size_t *size)
157 return der_get_general_string(p, len, str, size);
161 der_get_printable_string (const unsigned char *p, size_t len,
162 heim_printable_string *str, size_t *size)
164 return der_get_general_string(p, len, str, size);
168 der_get_ia5_string (const unsigned char *p, size_t len,
169 heim_ia5_string *str, size_t *size)
171 return der_get_general_string(p, len, str, size);
175 der_get_bmp_string (const unsigned char *p, size_t len,
176 heim_bmp_string *data, size_t *size)
181 return ASN1_BAD_FORMAT;
182 data->length = len / 2;
183 data->data = malloc(data->length * sizeof(data->data[0]));
184 if (data->data == NULL && data->length != 0)
187 for (i = 0; i < data->length; i++) {
188 data->data[i] = (p[0] << 8) | p[1];
191 if (size) *size = len;
197 der_get_universal_string (const unsigned char *p, size_t len,
198 heim_universal_string *data, size_t *size)
203 return ASN1_BAD_FORMAT;
204 data->length = len / 4;
205 data->data = malloc(data->length * sizeof(data->data[0]));
206 if (data->data == NULL && data->length != 0)
209 for (i = 0; i < data->length; i++) {
210 data->data[i] = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
213 if (size) *size = len;
218 der_get_octet_string (const unsigned char *p, size_t len,
219 heim_octet_string *data, size_t *size)
222 data->data = malloc(len);
223 if (data->data == NULL && data->length != 0)
225 memcpy (data->data, p, len);
226 if(size) *size = len;
231 der_get_heim_integer (const unsigned char *p, size_t len,
232 heim_integer *data, size_t *size)
254 data->data = malloc(data->length);
255 if (data->data == NULL) {
261 q = &((unsigned char*)data->data)[data->length - 1];
262 p += data->length - 1;
263 while (q >= (unsigned char*)data->data) {
278 data->data = malloc(data->length);
279 if (data->data == NULL && data->length != 0) {
285 memcpy(data->data, p, data->length);
293 generalizedtime2time (const char *s, time_t *t)
297 memset(&tm, 0, sizeof(tm));
298 if (sscanf (s, "%04d%02d%02d%02d%02d%02dZ",
299 &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour,
300 &tm.tm_min, &tm.tm_sec) != 6) {
301 if (sscanf (s, "%02d%02d%02d%02d%02d%02dZ",
302 &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour,
303 &tm.tm_min, &tm.tm_sec) != 6)
304 return ASN1_BAD_TIMEFORMAT;
312 *t = _der_timegm (&tm);
318 der_get_time (const unsigned char *p, size_t len,
319 time_t *data, size_t *size)
327 e = der_get_octet_string (p, len, &k, &l);
332 times = realloc(k.data, k.length + 1);
338 e = generalizedtime2time(times, data);
340 if(size) *size = ret;
345 der_get_generalized_time (const unsigned char *p, size_t len,
346 time_t *data, size_t *size)
348 return der_get_time(p, len, data, size);
352 der_get_utctime (const unsigned char *p, size_t len,
353 time_t *data, size_t *size)
355 return der_get_time(p, len, data, size);
359 der_get_oid (const unsigned char *p, size_t len,
360 heim_oid *data, size_t *size)
369 return ASN1_BAD_LENGTH;
371 data->components = malloc((len + 1) * sizeof(*data->components));
372 if (data->components == NULL)
374 data->components[0] = (*p) / 40;
375 data->components[1] = (*p) % 40;
378 for (n = 2; len > 0; ++n) {
383 u1 = u * 128 + (*p++ % 128);
384 /* check that we don't overflow the element */
390 } while (len > 0 && p[-1] & 0x80);
391 data->components[n] = u;
393 if (n > 2 && p[-1] & 0x80) {
404 der_get_tag (const unsigned char *p, size_t len,
405 Der_class *class, Der_type *type,
406 unsigned int *tag, size_t *size)
411 *class = (Der_class)(((*p) >> 6) & 0x03);
412 *type = (Der_type)(((*p) >> 5) & 0x01);
416 unsigned int continuation;
422 continuation = *p & 128;
423 tag1 = *tag * 128 + (*p % 128);
424 /* check that we don't overflow the tag */
426 return ASN1_OVERFLOW;
429 } while(continuation);
431 if(size) *size = ret;
436 der_match_tag (const unsigned char *p, size_t len,
437 Der_class class, Der_type type,
438 unsigned int tag, size_t *size)
443 unsigned int thistag;
446 e = der_get_tag (p, len, &thisclass, &thistype, &thistag, &l);
448 if (class != thisclass || type != thistype)
451 return ASN1_MISPLACED_FIELD;
453 return ASN1_MISSING_FIELD;
459 der_match_tag_and_length (const unsigned char *p, size_t len,
460 Der_class class, Der_type type, unsigned int tag,
461 size_t *length_ret, size_t *size)
466 e = der_match_tag (p, len, class, type, tag, &l);
471 e = der_get_length (p, len, length_ret, &l);
476 if(size) *size = ret;
481 * Old versions of DCE was based on a very early beta of the MIT code,
482 * which used MAVROS for ASN.1 encoding. MAVROS had the interesting
483 * feature that it encoded data in the forward direction, which has
484 * it's problems, since you have no idea how long the data will be
485 * until after you're done. MAVROS solved this by reserving one byte
486 * for length, and later, if the actual length was longer, it reverted
487 * to indefinite, BER style, lengths. The version of MAVROS used by
488 * the DCE people could apparently generate correct X.509 DER encodings, and
489 * did this by making space for the length after encoding, but
490 * unfortunately this feature wasn't used with Kerberos.
494 _heim_fix_dce(size_t reallen, size_t *len)
496 if(reallen == ASN1_INDEFINITE)
505 der_get_bit_string (const unsigned char *p, size_t len,
506 heim_bit_string *data, size_t *size)
511 return ASN1_BAD_FORMAT;
512 if (len - 1 == 0 && p[0] != 0)
513 return ASN1_BAD_FORMAT;
514 /* check if any of the three upper bits are set
515 * any of them will cause a interger overrun */
516 if ((len - 1) >> (sizeof(len) * 8 - 3))
518 data->length = (len - 1) * 8;
519 data->data = malloc(len - 1);
520 if (data->data == NULL && (len - 1) != 0)
522 memcpy (data->data, p + 1, len - 1);
523 data->length -= p[0];
524 if(size) *size = len;