b7fe3c9c38
Rediff patch from PR 1453, lstrlenW is no longer used upstream so
that part of the patch was dropped.
(cherry picked from commit 1fde2092d0
)
496 lines
12 KiB
C
496 lines
12 KiB
C
/*
|
|
* Generic ASN.1 parsing
|
|
*
|
|
* Copyright The Mbed TLS Contributors
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
* not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#include "common.h"
|
|
|
|
#if defined(MBEDTLS_ASN1_PARSE_C)
|
|
|
|
#include "mbedtls/asn1.h"
|
|
#include "mbedtls/platform_util.h"
|
|
#include "mbedtls/error.h"
|
|
|
|
#include <string.h>
|
|
|
|
#if defined(MBEDTLS_BIGNUM_C)
|
|
#include "mbedtls/bignum.h"
|
|
#endif
|
|
|
|
#include "mbedtls/platform.h"
|
|
|
|
/*
|
|
* ASN.1 DER decoding routines
|
|
*/
|
|
int mbedtls_asn1_get_len(unsigned char **p,
|
|
const unsigned char *end,
|
|
size_t *len)
|
|
{
|
|
if ((end - *p) < 1) {
|
|
return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
|
|
}
|
|
|
|
if ((**p & 0x80) == 0) {
|
|
*len = *(*p)++;
|
|
} else {
|
|
switch (**p & 0x7F) {
|
|
case 1:
|
|
if ((end - *p) < 2) {
|
|
return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
|
|
}
|
|
|
|
*len = (*p)[1];
|
|
(*p) += 2;
|
|
break;
|
|
|
|
case 2:
|
|
if ((end - *p) < 3) {
|
|
return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
|
|
}
|
|
|
|
*len = ((size_t) (*p)[1] << 8) | (*p)[2];
|
|
(*p) += 3;
|
|
break;
|
|
|
|
case 3:
|
|
if ((end - *p) < 4) {
|
|
return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
|
|
}
|
|
|
|
*len = ((size_t) (*p)[1] << 16) |
|
|
((size_t) (*p)[2] << 8) | (*p)[3];
|
|
(*p) += 4;
|
|
break;
|
|
|
|
case 4:
|
|
if ((end - *p) < 5) {
|
|
return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
|
|
}
|
|
|
|
*len = ((size_t) (*p)[1] << 24) | ((size_t) (*p)[2] << 16) |
|
|
((size_t) (*p)[3] << 8) | (*p)[4];
|
|
(*p) += 5;
|
|
break;
|
|
|
|
default:
|
|
return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
|
|
}
|
|
}
|
|
|
|
if (*len > (size_t) (end - *p)) {
|
|
return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
int mbedtls_asn1_get_tag(unsigned char **p,
|
|
const unsigned char *end,
|
|
size_t *len, int tag)
|
|
{
|
|
if ((end - *p) < 1) {
|
|
return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
|
|
}
|
|
|
|
if (**p != tag) {
|
|
return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG;
|
|
}
|
|
|
|
(*p)++;
|
|
|
|
return mbedtls_asn1_get_len(p, end, len);
|
|
}
|
|
|
|
int mbedtls_asn1_get_bool(unsigned char **p,
|
|
const unsigned char *end,
|
|
int *val)
|
|
{
|
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
|
size_t len;
|
|
|
|
if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_BOOLEAN)) != 0) {
|
|
return ret;
|
|
}
|
|
|
|
if (len != 1) {
|
|
return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
|
|
}
|
|
|
|
*val = (**p != 0) ? 1 : 0;
|
|
(*p)++;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int asn1_get_tagged_int(unsigned char **p,
|
|
const unsigned char *end,
|
|
int tag, int *val)
|
|
{
|
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
|
size_t len;
|
|
|
|
if ((ret = mbedtls_asn1_get_tag(p, end, &len, tag)) != 0) {
|
|
return ret;
|
|
}
|
|
|
|
/*
|
|
* len==0 is malformed (0 must be represented as 020100 for INTEGER,
|
|
* or 0A0100 for ENUMERATED tags
|
|
*/
|
|
if (len == 0) {
|
|
return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
|
|
}
|
|
/* This is a cryptography library. Reject negative integers. */
|
|
if ((**p & 0x80) != 0) {
|
|
return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
|
|
}
|
|
|
|
/* Skip leading zeros. */
|
|
while (len > 0 && **p == 0) {
|
|
++(*p);
|
|
--len;
|
|
}
|
|
|
|
/* Reject integers that don't fit in an int. This code assumes that
|
|
* the int type has no padding bit. */
|
|
if (len > sizeof(int)) {
|
|
return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
|
|
}
|
|
if (len == sizeof(int) && (**p & 0x80) != 0) {
|
|
return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
|
|
}
|
|
|
|
*val = 0;
|
|
while (len-- > 0) {
|
|
*val = (*val << 8) | **p;
|
|
(*p)++;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
int mbedtls_asn1_get_int(unsigned char **p,
|
|
const unsigned char *end,
|
|
int *val)
|
|
{
|
|
return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_INTEGER, val);
|
|
}
|
|
|
|
int mbedtls_asn1_get_enum(unsigned char **p,
|
|
const unsigned char *end,
|
|
int *val)
|
|
{
|
|
return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_ENUMERATED, val);
|
|
}
|
|
|
|
#if defined(MBEDTLS_BIGNUM_C)
|
|
int mbedtls_asn1_get_mpi(unsigned char **p,
|
|
const unsigned char *end,
|
|
mbedtls_mpi *X)
|
|
{
|
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
|
size_t len;
|
|
|
|
if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) {
|
|
return ret;
|
|
}
|
|
|
|
ret = mbedtls_mpi_read_binary(X, *p, len);
|
|
|
|
*p += len;
|
|
|
|
return ret;
|
|
}
|
|
#endif /* MBEDTLS_BIGNUM_C */
|
|
|
|
int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end,
|
|
mbedtls_asn1_bitstring *bs)
|
|
{
|
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
|
|
|
/* Certificate type is a single byte bitstring */
|
|
if ((ret = mbedtls_asn1_get_tag(p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING)) != 0) {
|
|
return ret;
|
|
}
|
|
|
|
/* Check length, subtract one for actual bit string length */
|
|
if (bs->len < 1) {
|
|
return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
|
|
}
|
|
bs->len -= 1;
|
|
|
|
/* Get number of unused bits, ensure unused bits <= 7 */
|
|
bs->unused_bits = **p;
|
|
if (bs->unused_bits > 7) {
|
|
return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
|
|
}
|
|
(*p)++;
|
|
|
|
/* Get actual bitstring */
|
|
bs->p = *p;
|
|
*p += bs->len;
|
|
|
|
if (*p != end) {
|
|
return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* Traverse an ASN.1 "SEQUENCE OF <tag>"
|
|
* and call a callback for each entry found.
|
|
*/
|
|
int mbedtls_asn1_traverse_sequence_of(
|
|
unsigned char **p,
|
|
const unsigned char *end,
|
|
unsigned char tag_must_mask, unsigned char tag_must_val,
|
|
unsigned char tag_may_mask, unsigned char tag_may_val,
|
|
int (*cb)(void *ctx, int tag,
|
|
unsigned char *start, size_t len),
|
|
void *ctx)
|
|
{
|
|
int ret;
|
|
size_t len;
|
|
|
|
/* Get main sequence tag */
|
|
if ((ret = mbedtls_asn1_get_tag(p, end, &len,
|
|
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
|
|
return ret;
|
|
}
|
|
|
|
if (*p + len != end) {
|
|
return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
|
|
}
|
|
|
|
while (*p < end) {
|
|
unsigned char const tag = *(*p)++;
|
|
|
|
if ((tag & tag_must_mask) != tag_must_val) {
|
|
return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG;
|
|
}
|
|
|
|
if ((ret = mbedtls_asn1_get_len(p, end, &len)) != 0) {
|
|
return ret;
|
|
}
|
|
|
|
if ((tag & tag_may_mask) == tag_may_val) {
|
|
if (cb != NULL) {
|
|
ret = cb(ctx, tag, *p, len);
|
|
if (ret != 0) {
|
|
return ret;
|
|
}
|
|
}
|
|
}
|
|
|
|
*p += len;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* Get a bit string without unused bits
|
|
*/
|
|
int mbedtls_asn1_get_bitstring_null(unsigned char **p, const unsigned char *end,
|
|
size_t *len)
|
|
{
|
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
|
|
|
if ((ret = mbedtls_asn1_get_tag(p, end, len, MBEDTLS_ASN1_BIT_STRING)) != 0) {
|
|
return ret;
|
|
}
|
|
|
|
if (*len == 0) {
|
|
return MBEDTLS_ERR_ASN1_INVALID_DATA;
|
|
}
|
|
--(*len);
|
|
|
|
if (**p != 0) {
|
|
return MBEDTLS_ERR_ASN1_INVALID_DATA;
|
|
}
|
|
++(*p);
|
|
|
|
return 0;
|
|
}
|
|
|
|
void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq)
|
|
{
|
|
while (seq != NULL) {
|
|
mbedtls_asn1_sequence *next = seq->next;
|
|
mbedtls_platform_zeroize(seq, sizeof(*seq));
|
|
mbedtls_free(seq);
|
|
seq = next;
|
|
}
|
|
}
|
|
|
|
typedef struct {
|
|
int tag;
|
|
mbedtls_asn1_sequence *cur;
|
|
} asn1_get_sequence_of_cb_ctx_t;
|
|
|
|
static int asn1_get_sequence_of_cb(void *ctx,
|
|
int tag,
|
|
unsigned char *start,
|
|
size_t len)
|
|
{
|
|
asn1_get_sequence_of_cb_ctx_t *cb_ctx =
|
|
(asn1_get_sequence_of_cb_ctx_t *) ctx;
|
|
mbedtls_asn1_sequence *cur =
|
|
cb_ctx->cur;
|
|
|
|
if (cur->buf.p != NULL) {
|
|
cur->next =
|
|
mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence));
|
|
|
|
if (cur->next == NULL) {
|
|
return MBEDTLS_ERR_ASN1_ALLOC_FAILED;
|
|
}
|
|
|
|
cur = cur->next;
|
|
}
|
|
|
|
cur->buf.p = start;
|
|
cur->buf.len = len;
|
|
cur->buf.tag = tag;
|
|
|
|
cb_ctx->cur = cur;
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* Parses and splits an ASN.1 "SEQUENCE OF <tag>"
|
|
*/
|
|
int mbedtls_asn1_get_sequence_of(unsigned char **p,
|
|
const unsigned char *end,
|
|
mbedtls_asn1_sequence *cur,
|
|
int tag)
|
|
{
|
|
asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur };
|
|
memset(cur, 0, sizeof(mbedtls_asn1_sequence));
|
|
return mbedtls_asn1_traverse_sequence_of(
|
|
p, end, 0xFF, tag, 0, 0,
|
|
asn1_get_sequence_of_cb, &cb_ctx);
|
|
}
|
|
|
|
int mbedtls_asn1_get_alg(unsigned char **p,
|
|
const unsigned char *end,
|
|
mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params)
|
|
{
|
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
|
size_t len;
|
|
|
|
if ((ret = mbedtls_asn1_get_tag(p, end, &len,
|
|
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
|
|
return ret;
|
|
}
|
|
|
|
if ((end - *p) < 1) {
|
|
return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
|
|
}
|
|
|
|
alg->tag = **p;
|
|
end = *p + len;
|
|
|
|
if ((ret = mbedtls_asn1_get_tag(p, end, &alg->len, MBEDTLS_ASN1_OID)) != 0) {
|
|
return ret;
|
|
}
|
|
|
|
alg->p = *p;
|
|
*p += alg->len;
|
|
|
|
if (*p == end) {
|
|
mbedtls_platform_zeroize(params, sizeof(mbedtls_asn1_buf));
|
|
return 0;
|
|
}
|
|
|
|
params->tag = **p;
|
|
(*p)++;
|
|
|
|
if ((ret = mbedtls_asn1_get_len(p, end, ¶ms->len)) != 0) {
|
|
return ret;
|
|
}
|
|
|
|
params->p = *p;
|
|
*p += params->len;
|
|
|
|
if (*p != end) {
|
|
return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
int mbedtls_asn1_get_alg_null(unsigned char **p,
|
|
const unsigned char *end,
|
|
mbedtls_asn1_buf *alg)
|
|
{
|
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
|
mbedtls_asn1_buf params;
|
|
|
|
memset(¶ms, 0, sizeof(mbedtls_asn1_buf));
|
|
|
|
if ((ret = mbedtls_asn1_get_alg(p, end, alg, ¶ms)) != 0) {
|
|
return ret;
|
|
}
|
|
|
|
if ((params.tag != MBEDTLS_ASN1_NULL && params.tag != 0) || params.len != 0) {
|
|
return MBEDTLS_ERR_ASN1_INVALID_DATA;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
void mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *cur)
|
|
{
|
|
if (cur == NULL) {
|
|
return;
|
|
}
|
|
|
|
mbedtls_free(cur->oid.p);
|
|
mbedtls_free(cur->val.p);
|
|
|
|
mbedtls_platform_zeroize(cur, sizeof(mbedtls_asn1_named_data));
|
|
}
|
|
|
|
void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head)
|
|
{
|
|
mbedtls_asn1_named_data *cur;
|
|
|
|
while ((cur = *head) != NULL) {
|
|
*head = cur->next;
|
|
mbedtls_asn1_free_named_data(cur);
|
|
mbedtls_free(cur);
|
|
}
|
|
}
|
|
|
|
mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(mbedtls_asn1_named_data *list,
|
|
const char *oid, size_t len)
|
|
{
|
|
while (list != NULL) {
|
|
if (list->oid.len == len &&
|
|
memcmp(list->oid.p, oid, len) == 0) {
|
|
break;
|
|
}
|
|
|
|
list = list->next;
|
|
}
|
|
|
|
return list;
|
|
}
|
|
|
|
#endif /* MBEDTLS_ASN1_PARSE_C */
|