2001-11-06 18:34:19 +00:00
|
|
|
/*
|
2002-01-08 13:56:50 +00:00
|
|
|
* asn1.c: ASN.1 decoding functions (DER)
|
2001-11-01 15:43:20 +00:00
|
|
|
*
|
2006-12-19 21:31:17 +00:00
|
|
|
* Copyright (C) 2001, 2002 Juha Yrjölä <juha.yrjola@iki.fi>
|
2001-11-06 18:34:19 +00:00
|
|
|
*
|
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
2001-11-01 15:43:20 +00:00
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
2001-11-06 18:34:19 +00:00
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
2001-11-01 15:43:20 +00:00
|
|
|
*
|
2001-11-06 18:34:19 +00:00
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
2001-11-01 15:43:20 +00:00
|
|
|
*/
|
|
|
|
|
|
2015-04-22 21:55:33 +00:00
|
|
|
#if HAVE_CONFIG_H
|
2010-03-04 08:14:36 +00:00
|
|
|
#include "config.h"
|
2015-04-22 21:55:33 +00:00
|
|
|
#endif
|
2010-03-04 08:14:36 +00:00
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
#include <assert.h>
|
2017-11-13 14:12:43 +00:00
|
|
|
#include <ctype.h>
|
|
|
|
|
#include <stddef.h>
|
|
|
|
|
#include <stdio.h>
|
2001-12-16 18:46:32 +00:00
|
|
|
#include <stdlib.h>
|
2017-11-13 14:12:43 +00:00
|
|
|
#include <string.h>
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2010-03-04 08:14:36 +00:00
|
|
|
#include "internal.h"
|
|
|
|
|
#include "asn1.h"
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
static int asn1_decode(sc_context_t *ctx, struct sc_asn1_entry *asn1,
|
2002-01-10 12:33:56 +00:00
|
|
|
const u8 *in, size_t len, const u8 **newp, size_t *len_left,
|
|
|
|
|
int choice, int depth);
|
2005-03-08 20:59:35 +00:00
|
|
|
static int asn1_encode(sc_context_t *ctx, const struct sc_asn1_entry *asn1,
|
2002-01-10 12:33:56 +00:00
|
|
|
u8 **ptr, size_t *size, int depth);
|
2012-07-29 10:56:03 +00:00
|
|
|
static int asn1_write_element(sc_context_t *ctx, unsigned int tag,
|
|
|
|
|
const u8 * data, size_t datalen, u8 ** out, size_t * outlen);
|
2001-12-19 21:58:04 +00:00
|
|
|
|
2004-09-20 09:47:35 +00:00
|
|
|
static const char *tag2str(unsigned int tag)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
2004-09-20 09:47:35 +00:00
|
|
|
static const char *tags[] = {
|
2001-11-01 15:43:20 +00:00
|
|
|
"EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */
|
2017-11-10 08:05:29 +00:00
|
|
|
"NULL", "OBJECT IDENTIFIER", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */
|
|
|
|
|
"ENUMERATED", "Universal 11", "UTF8String", "Universal 13", /* 10-13 */
|
|
|
|
|
"Universal 14", "Universal 15", "SEQUENCE", "SET", /* 15-17 */
|
|
|
|
|
"NumericString", "PrintableString", "T61String", /* 18-20 */
|
|
|
|
|
"VideotexString", "IA5String", "UTCTIME", "GENERALIZEDTIME", /* 21-24 */
|
|
|
|
|
"GraphicString", "VisibleString", "GeneralString", /* 25-27 */
|
|
|
|
|
"UniversalString", "Universal 29", "BMPString" /* 28-30 */
|
2001-11-01 15:43:20 +00:00
|
|
|
};
|
|
|
|
|
|
2004-09-20 09:47:35 +00:00
|
|
|
if (tag > 30)
|
2001-11-01 15:43:20 +00:00
|
|
|
return "(unknown)";
|
|
|
|
|
return tags[tag];
|
|
|
|
|
}
|
|
|
|
|
|
2002-08-21 10:02:55 +00:00
|
|
|
int sc_asn1_read_tag(const u8 ** buf, size_t buflen, unsigned int *cla_out,
|
|
|
|
|
unsigned int *tag_out, size_t *taglen)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
|
|
|
|
const u8 *p = *buf;
|
2002-01-01 18:25:11 +00:00
|
|
|
size_t left = buflen, len;
|
|
|
|
|
unsigned int cla, tag, i;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2001-12-19 21:58:04 +00:00
|
|
|
if (left < 2)
|
2006-02-12 18:29:52 +00:00
|
|
|
return SC_ERROR_INVALID_ASN1_OBJECT;
|
2001-11-01 15:43:20 +00:00
|
|
|
*buf = NULL;
|
2015-07-28 07:10:54 +00:00
|
|
|
if (*p == 0xff || *p == 0) {
|
2006-02-12 18:29:52 +00:00
|
|
|
/* end of data reached */
|
2015-07-28 07:10:54 +00:00
|
|
|
*taglen = 0;
|
|
|
|
|
*tag_out = SC_ASN1_TAG_EOC;
|
2006-02-12 18:29:52 +00:00
|
|
|
return SC_SUCCESS;
|
2015-07-28 07:10:54 +00:00
|
|
|
}
|
2016-03-09 17:38:31 +00:00
|
|
|
/* parse tag byte(s)
|
|
|
|
|
* Resulted tag is presented by integer that has not to be
|
|
|
|
|
* confused with the 'tag number' part of ASN.1 tag.
|
|
|
|
|
*/
|
2006-01-20 20:52:36 +00:00
|
|
|
cla = (*p & SC_ASN1_TAG_CLASS) | (*p & SC_ASN1_TAG_CONSTRUCTED);
|
|
|
|
|
tag = *p & SC_ASN1_TAG_PRIMITIVE;
|
2001-11-01 15:43:20 +00:00
|
|
|
p++;
|
2006-02-12 18:29:52 +00:00
|
|
|
left--;
|
|
|
|
|
if (tag == SC_ASN1_TAG_PRIMITIVE) {
|
|
|
|
|
/* high tag number */
|
2016-03-09 17:38:31 +00:00
|
|
|
size_t n = SC_ASN1_TAGNUM_SIZE - 1;
|
2006-02-12 18:29:52 +00:00
|
|
|
/* search the last tag octet */
|
|
|
|
|
while (left-- != 0 && n != 0) {
|
|
|
|
|
tag <<= 8;
|
|
|
|
|
tag |= *p;
|
|
|
|
|
if ((*p++ & 0x80) == 0)
|
|
|
|
|
break;
|
|
|
|
|
n--;
|
|
|
|
|
}
|
|
|
|
|
if (left == 0 || n == 0)
|
|
|
|
|
/* either an invalid tag or it doesn't fit in
|
|
|
|
|
* unsigned int */
|
|
|
|
|
return SC_ERROR_INVALID_ASN1_OBJECT;
|
|
|
|
|
}
|
2016-03-09 17:38:31 +00:00
|
|
|
|
2006-02-12 18:29:52 +00:00
|
|
|
/* parse length byte(s) */
|
2001-11-01 15:43:20 +00:00
|
|
|
len = *p & 0x7f;
|
|
|
|
|
if (*p++ & 0x80) {
|
2002-01-01 18:25:11 +00:00
|
|
|
unsigned int a = 0;
|
2006-02-12 18:29:52 +00:00
|
|
|
if (len > 4 || len > left)
|
|
|
|
|
return SC_ERROR_INVALID_ASN1_OBJECT;
|
2003-12-16 11:04:01 +00:00
|
|
|
left -= len;
|
2001-11-01 15:43:20 +00:00
|
|
|
for (i = 0; i < len; i++) {
|
|
|
|
|
a <<= 8;
|
|
|
|
|
a |= *p;
|
|
|
|
|
p++;
|
|
|
|
|
}
|
|
|
|
|
len = a;
|
|
|
|
|
}
|
2017-07-11 08:12:17 +00:00
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
*cla_out = cla;
|
|
|
|
|
*tag_out = tag;
|
|
|
|
|
*taglen = len;
|
|
|
|
|
*buf = p;
|
2017-07-11 08:12:17 +00:00
|
|
|
|
|
|
|
|
if (len > left)
|
|
|
|
|
return SC_ERROR_ASN1_END_OF_CONTENTS;
|
|
|
|
|
|
2006-02-12 18:29:52 +00:00
|
|
|
return SC_SUCCESS;
|
2001-11-01 15:43:20 +00:00
|
|
|
}
|
|
|
|
|
|
2002-01-10 12:33:56 +00:00
|
|
|
void sc_format_asn1_entry(struct sc_asn1_entry *entry, void *parm, void *arg,
|
|
|
|
|
int set_present)
|
|
|
|
|
{
|
|
|
|
|
entry->parm = parm;
|
|
|
|
|
entry->arg = arg;
|
|
|
|
|
if (set_present)
|
|
|
|
|
entry->flags |= SC_ASN1_PRESENT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void sc_copy_asn1_entry(const struct sc_asn1_entry *src,
|
|
|
|
|
struct sc_asn1_entry *dest)
|
|
|
|
|
{
|
2002-05-26 12:31:23 +00:00
|
|
|
while (src->name != NULL) {
|
2002-01-10 12:33:56 +00:00
|
|
|
*dest = *src;
|
|
|
|
|
dest++;
|
|
|
|
|
src++;
|
2002-05-26 12:31:23 +00:00
|
|
|
}
|
2002-01-10 12:33:56 +00:00
|
|
|
dest->name = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-13 14:12:43 +00:00
|
|
|
static void print_indent(size_t depth)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
2017-11-13 14:12:43 +00:00
|
|
|
for (; depth > 0; depth--) {
|
|
|
|
|
putchar(' ');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void print_hex(const u8 * buf, size_t buflen, size_t depth)
|
|
|
|
|
{
|
|
|
|
|
size_t lines_len = buflen * 5 + 128;
|
|
|
|
|
char *lines = malloc(lines_len);
|
|
|
|
|
char *line = lines;
|
|
|
|
|
|
2018-04-07 10:11:13 +00:00
|
|
|
if (buf == NULL || buflen == 0 || lines == NULL) {
|
|
|
|
|
free(lines);
|
2017-11-13 14:12:43 +00:00
|
|
|
return;
|
2018-04-07 10:11:13 +00:00
|
|
|
}
|
2017-11-13 14:12:43 +00:00
|
|
|
|
|
|
|
|
sc_hex_dump(buf, buflen, lines, lines_len);
|
|
|
|
|
|
|
|
|
|
while (*line != '\0') {
|
|
|
|
|
char *line_end = strchr(line, '\n');
|
|
|
|
|
ptrdiff_t width = line_end - line;
|
|
|
|
|
if (!line_end || width <= 1) {
|
|
|
|
|
/* don't print empty lines */
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (buflen > 8) {
|
|
|
|
|
putchar('\n');
|
|
|
|
|
print_indent(depth);
|
|
|
|
|
} else {
|
|
|
|
|
printf(": ");
|
|
|
|
|
}
|
|
|
|
|
printf("%.*s", (int) width, line);
|
|
|
|
|
line = line_end + 1;
|
|
|
|
|
}
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2017-11-13 14:12:43 +00:00
|
|
|
free(lines);
|
2001-11-01 15:43:20 +00:00
|
|
|
}
|
|
|
|
|
|
2017-11-13 14:12:43 +00:00
|
|
|
static void print_ascii(const u8 * buf, size_t buflen)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
2017-11-13 14:12:43 +00:00
|
|
|
for (; 0 < buflen; buflen--, buf++) {
|
|
|
|
|
if (isprint(*buf))
|
|
|
|
|
printf("%c", *buf);
|
|
|
|
|
else
|
|
|
|
|
putchar('.');
|
|
|
|
|
}
|
|
|
|
|
}
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2017-11-13 14:12:43 +00:00
|
|
|
static void sc_asn1_print_octet_string(const u8 * buf, size_t buflen, size_t depth)
|
|
|
|
|
{
|
|
|
|
|
print_hex(buf, buflen, depth);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void sc_asn1_print_utf8string(const u8 * buf, size_t buflen)
|
|
|
|
|
{
|
|
|
|
|
/* FIXME UTF-8 is not ASCII */
|
|
|
|
|
print_ascii(buf, buflen);
|
2001-11-01 15:43:20 +00:00
|
|
|
}
|
|
|
|
|
|
2002-01-01 18:25:11 +00:00
|
|
|
static void sc_asn1_print_integer(const u8 * buf, size_t buflen)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
2017-11-13 14:12:43 +00:00
|
|
|
size_t a = 0;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
|
|
|
if (buflen > sizeof(a)) {
|
2017-11-13 14:12:43 +00:00
|
|
|
printf("0x%s", sc_dump_hex(buf, buflen));
|
|
|
|
|
} else {
|
|
|
|
|
size_t i;
|
|
|
|
|
for (i = 0; i < buflen; i++) {
|
|
|
|
|
a <<= 8;
|
|
|
|
|
a |= buf[i];
|
|
|
|
|
}
|
|
|
|
|
printf("%"SC_FORMAT_LEN_SIZE_T"u", a);
|
2001-11-01 15:43:20 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-16 08:32:07 +00:00
|
|
|
static void sc_asn1_print_boolean(const u8 * buf, size_t buflen)
|
|
|
|
|
{
|
|
|
|
|
if (!buflen)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (buf[0])
|
|
|
|
|
printf("true");
|
|
|
|
|
else
|
|
|
|
|
printf("false");
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-13 14:12:43 +00:00
|
|
|
static void sc_asn1_print_bit_string(const u8 * buf, size_t buflen, size_t depth)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
2002-06-14 12:52:56 +00:00
|
|
|
#ifndef _WIN32
|
|
|
|
|
long long a = 0;
|
|
|
|
|
#else
|
2005-03-09 10:47:01 +00:00
|
|
|
__int64 a = 0;
|
2002-06-14 12:52:56 +00:00
|
|
|
#endif
|
2004-09-20 09:47:35 +00:00
|
|
|
int r, i;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
|
|
|
if (buflen > sizeof(a) + 1) {
|
2017-11-13 14:12:43 +00:00
|
|
|
print_hex(buf, buflen, depth);
|
|
|
|
|
} else {
|
|
|
|
|
r = sc_asn1_decode_bit_string(buf, buflen, &a, sizeof(a));
|
|
|
|
|
if (r < 0) {
|
|
|
|
|
printf("decode error");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
for (i = r - 1; i >= 0; i--) {
|
|
|
|
|
printf("%c", ((a >> i) & 1) ? '1' : '0');
|
|
|
|
|
}
|
2001-11-01 15:43:20 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-10 08:05:29 +00:00
|
|
|
#ifdef ENABLE_OPENSSL
|
|
|
|
|
#include <openssl/objects.h>
|
|
|
|
|
|
|
|
|
|
static void openssl_print_object_sn(const char *s)
|
|
|
|
|
{
|
|
|
|
|
ASN1_OBJECT *obj = OBJ_txt2obj(s, 0);
|
|
|
|
|
if (obj) {
|
|
|
|
|
int nid = OBJ_obj2nid(obj);
|
|
|
|
|
if (nid != NID_undef) {
|
2017-11-13 14:12:43 +00:00
|
|
|
printf(", %s", OBJ_nid2sn(nid));
|
2017-11-10 08:05:29 +00:00
|
|
|
}
|
|
|
|
|
ASN1_OBJECT_free(obj);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#else
|
|
|
|
|
static void openssl_print_object_sn(const char *s)
|
|
|
|
|
{
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2002-01-01 18:25:11 +00:00
|
|
|
static void sc_asn1_print_object_id(const u8 * buf, size_t buflen)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
|
|
|
|
struct sc_object_id oid;
|
2017-11-13 14:12:43 +00:00
|
|
|
const char *sbuf;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
|
|
|
if (sc_asn1_decode_object_id(buf, buflen, &oid)) {
|
|
|
|
|
printf("decode error");
|
|
|
|
|
return;
|
|
|
|
|
}
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
|
2017-11-13 14:12:43 +00:00
|
|
|
sbuf = sc_dump_oid(&oid);
|
|
|
|
|
printf(" %s", sbuf);
|
|
|
|
|
openssl_print_object_sn(sbuf);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void sc_asn1_print_utctime(const u8 * buf, size_t buflen)
|
|
|
|
|
{
|
|
|
|
|
if (buflen < 8) {
|
|
|
|
|
printf("Error in decoding.\n");
|
|
|
|
|
return;
|
|
|
|
|
}
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2017-11-13 14:12:43 +00:00
|
|
|
print_ascii(buf, 2); /* YY */
|
|
|
|
|
putchar('-');
|
|
|
|
|
print_ascii(buf+2, 2); /* MM */
|
|
|
|
|
putchar('-');
|
|
|
|
|
print_ascii(buf+4, 2); /* DD */
|
|
|
|
|
putchar(' ');
|
|
|
|
|
print_ascii(buf+6, 2); /* hh */
|
|
|
|
|
buf += 8;
|
|
|
|
|
buflen -= 8;
|
|
|
|
|
if (buflen >= 2 && isdigit(buf[0]) && isdigit(buf[1])) {
|
|
|
|
|
putchar(':');
|
|
|
|
|
print_ascii(buf, 2); /* mm */
|
|
|
|
|
buf += 2;
|
|
|
|
|
buflen -= 2;
|
|
|
|
|
}
|
|
|
|
|
if (buflen >= 2 && isdigit(buf[0]) && isdigit(buf[1])) {
|
|
|
|
|
putchar(':');
|
|
|
|
|
print_ascii(buf, 2); /* ss */
|
|
|
|
|
buf += 2;
|
|
|
|
|
buflen -= 2;
|
|
|
|
|
}
|
|
|
|
|
if (buflen >= 4 && '.' == buf[0]) {
|
|
|
|
|
print_ascii(buf, 4); /* fff */
|
|
|
|
|
buf += 4;
|
|
|
|
|
buflen -= 4;
|
2001-11-01 15:43:20 +00:00
|
|
|
}
|
2017-11-10 08:05:29 +00:00
|
|
|
|
2017-11-13 14:12:43 +00:00
|
|
|
if (buflen >= 1 && 'Z' == buf[0]) {
|
|
|
|
|
printf(" UTC");
|
|
|
|
|
} else if (buflen >= 5 && ('-' == buf[0] || '+' == buf[0])) {
|
|
|
|
|
putchar(' ');
|
|
|
|
|
print_ascii(buf, 3); /* +/-hh */
|
|
|
|
|
putchar(':');
|
|
|
|
|
print_ascii(buf+3, 2); /* mm */
|
|
|
|
|
}
|
2001-11-01 15:43:20 +00:00
|
|
|
}
|
|
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
static void sc_asn1_print_generalizedtime(const u8 * buf, size_t buflen)
|
|
|
|
|
{
|
2017-11-13 14:12:43 +00:00
|
|
|
if (buflen < 8) {
|
|
|
|
|
printf("Error in decoding.\n");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
print_ascii(buf, 2);
|
|
|
|
|
sc_asn1_print_utctime(buf + 2, buflen - 2);
|
2012-05-27 19:20:22 +00:00
|
|
|
}
|
|
|
|
|
|
2002-01-01 18:25:11 +00:00
|
|
|
static void print_tags_recursive(const u8 * buf0, const u8 * buf,
|
2017-11-10 08:05:29 +00:00
|
|
|
size_t buflen, size_t depth)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
2017-11-10 08:05:29 +00:00
|
|
|
int r;
|
|
|
|
|
size_t i;
|
2002-01-01 18:25:11 +00:00
|
|
|
size_t bytesleft = buflen;
|
2001-11-01 15:43:20 +00:00
|
|
|
const char *classes[4] = {
|
2017-11-10 08:05:29 +00:00
|
|
|
"Universal",
|
|
|
|
|
"Application",
|
|
|
|
|
"Context",
|
|
|
|
|
"Private"
|
2001-11-01 15:43:20 +00:00
|
|
|
};
|
|
|
|
|
const u8 *p = buf;
|
|
|
|
|
|
|
|
|
|
while (bytesleft >= 2) {
|
2008-04-29 06:11:34 +00:00
|
|
|
unsigned int cla = 0, tag = 0, hlen;
|
2001-11-01 15:43:20 +00:00
|
|
|
const u8 *tagp = p;
|
2002-01-01 19:56:07 +00:00
|
|
|
size_t len;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2002-08-21 10:02:55 +00:00
|
|
|
r = sc_asn1_read_tag(&tagp, bytesleft, &cla, &tag, &len);
|
2018-03-19 14:25:14 +00:00
|
|
|
if (r != SC_SUCCESS || tagp == NULL) {
|
2001-11-01 15:43:20 +00:00
|
|
|
printf("Error in decoding.\n");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
hlen = tagp - p;
|
|
|
|
|
if (cla == 0 && tag == 0) {
|
|
|
|
|
printf("Zero tag, finishing\n");
|
|
|
|
|
break;
|
|
|
|
|
}
|
2017-11-13 14:12:43 +00:00
|
|
|
print_indent(depth);
|
2017-11-10 08:05:29 +00:00
|
|
|
/* let i be the length of the tag in bytes */
|
|
|
|
|
for (i = 1; i < sizeof tag - 1; i++) {
|
|
|
|
|
if (!(tag >> 8*i))
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
printf("%02X", cla<<(i-1)*8 | tag);
|
|
|
|
|
|
|
|
|
|
if ((cla & SC_ASN1_TAG_CLASS) == SC_ASN1_TAG_UNIVERSAL) {
|
|
|
|
|
printf(" %s", tag2str(tag));
|
|
|
|
|
} else {
|
|
|
|
|
printf(" %s %-2u",
|
|
|
|
|
classes[cla >> 6],
|
|
|
|
|
i == 1 ? tag & SC_ASN1_TAG_PRIMITIVE : tag & (((unsigned int) ~0) >> (i + 1) * 8));
|
|
|
|
|
}
|
2017-11-13 14:12:43 +00:00
|
|
|
if (!((cla & SC_ASN1_TAG_CLASS) == SC_ASN1_TAG_UNIVERSAL
|
|
|
|
|
&& tag == SC_ASN1_TAG_NULL && len == 0)) {
|
|
|
|
|
printf(" (%"SC_FORMAT_LEN_SIZE_T"u byte%s)",
|
|
|
|
|
len,
|
|
|
|
|
len != 1 ? "s" : "");
|
|
|
|
|
}
|
2017-11-10 08:05:29 +00:00
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
if (len + hlen > bytesleft) {
|
|
|
|
|
printf(" Illegal length!\n");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
p += hlen + len;
|
|
|
|
|
bytesleft -= hlen + len;
|
|
|
|
|
|
2006-01-20 20:52:36 +00:00
|
|
|
if (cla & SC_ASN1_TAG_CONSTRUCTED) {
|
2001-11-01 15:43:20 +00:00
|
|
|
putchar('\n');
|
2017-11-10 08:05:29 +00:00
|
|
|
print_tags_recursive(buf0, tagp, len, depth + 2*i + 1);
|
2001-11-01 15:43:20 +00:00
|
|
|
continue;
|
|
|
|
|
}
|
2017-11-10 08:05:29 +00:00
|
|
|
|
2017-11-13 14:12:43 +00:00
|
|
|
switch (tag) {
|
2006-01-20 20:52:36 +00:00
|
|
|
case SC_ASN1_TAG_BIT_STRING:
|
2017-11-13 14:12:43 +00:00
|
|
|
printf(": ");
|
|
|
|
|
sc_asn1_print_bit_string(tagp, len, depth + 2*i + 1);
|
2001-11-01 15:43:20 +00:00
|
|
|
break;
|
2006-01-20 20:52:36 +00:00
|
|
|
case SC_ASN1_TAG_OCTET_STRING:
|
2017-11-13 14:12:43 +00:00
|
|
|
sc_asn1_print_octet_string(tagp, len, depth + 2*i + 1);
|
2001-11-01 15:43:20 +00:00
|
|
|
break;
|
2006-01-20 20:52:36 +00:00
|
|
|
case SC_ASN1_TAG_OBJECT:
|
2017-11-13 14:12:43 +00:00
|
|
|
printf(": ");
|
2001-11-01 15:43:20 +00:00
|
|
|
sc_asn1_print_object_id(tagp, len);
|
|
|
|
|
break;
|
2006-01-20 20:52:36 +00:00
|
|
|
case SC_ASN1_TAG_INTEGER:
|
|
|
|
|
case SC_ASN1_TAG_ENUMERATED:
|
2017-11-13 14:12:43 +00:00
|
|
|
printf(": ");
|
2001-11-01 15:43:20 +00:00
|
|
|
sc_asn1_print_integer(tagp, len);
|
|
|
|
|
break;
|
2017-11-13 14:12:43 +00:00
|
|
|
case SC_ASN1_TAG_IA5STRING:
|
2006-01-20 20:52:36 +00:00
|
|
|
case SC_ASN1_TAG_PRINTABLESTRING:
|
2017-11-13 14:12:43 +00:00
|
|
|
case SC_ASN1_TAG_T61STRING:
|
2006-01-20 20:52:36 +00:00
|
|
|
case SC_ASN1_TAG_UTF8STRING:
|
2017-11-13 14:12:43 +00:00
|
|
|
printf(": ");
|
2001-11-01 15:43:20 +00:00
|
|
|
sc_asn1_print_utf8string(tagp, len);
|
|
|
|
|
break;
|
2011-05-16 08:32:07 +00:00
|
|
|
case SC_ASN1_TAG_BOOLEAN:
|
2017-11-13 14:12:43 +00:00
|
|
|
printf(": ");
|
2011-05-16 08:32:07 +00:00
|
|
|
sc_asn1_print_boolean(tagp, len);
|
|
|
|
|
break;
|
2012-05-27 19:20:22 +00:00
|
|
|
case SC_ASN1_GENERALIZEDTIME:
|
2017-11-13 14:12:43 +00:00
|
|
|
printf(": ");
|
2012-05-27 19:20:22 +00:00
|
|
|
sc_asn1_print_generalizedtime(tagp, len);
|
|
|
|
|
break;
|
2017-11-13 14:12:43 +00:00
|
|
|
case SC_ASN1_UTCTIME:
|
|
|
|
|
printf(": ");
|
|
|
|
|
sc_asn1_print_utctime(tagp, len);
|
|
|
|
|
break;
|
2001-11-01 15:43:20 +00:00
|
|
|
}
|
2011-01-07 09:00:39 +00:00
|
|
|
|
2017-11-13 14:12:43 +00:00
|
|
|
if ((cla & SC_ASN1_TAG_CLASS) == SC_ASN1_TAG_APPLICATION) {
|
|
|
|
|
print_hex(tagp, len, depth + 2*i + 1);
|
|
|
|
|
}
|
2011-01-07 09:00:39 +00:00
|
|
|
|
2017-11-13 14:12:43 +00:00
|
|
|
if ((cla & SC_ASN1_TAG_CLASS) == SC_ASN1_TAG_CONTEXT) {
|
|
|
|
|
print_hex(tagp, len, depth + 2*i + 1);
|
|
|
|
|
}
|
2011-01-07 15:47:58 +00:00
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
putchar('\n');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2002-01-01 18:25:11 +00:00
|
|
|
void sc_asn1_print_tags(const u8 * buf, size_t buflen)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
|
|
|
|
print_tags_recursive(buf, buf, buflen, 0);
|
|
|
|
|
}
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
const u8 *sc_asn1_find_tag(sc_context_t *ctx, const u8 * buf,
|
2006-02-12 18:29:52 +00:00
|
|
|
size_t buflen, unsigned int tag_in, size_t *taglen_in)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
2002-01-01 18:25:11 +00:00
|
|
|
size_t left = buflen, taglen;
|
2001-11-01 15:43:20 +00:00
|
|
|
const u8 *p = buf;
|
|
|
|
|
|
|
|
|
|
*taglen_in = 0;
|
|
|
|
|
while (left >= 2) {
|
2018-01-05 17:34:52 +00:00
|
|
|
unsigned int cla = 0, tag, mask = 0xff00;
|
2006-02-12 18:29:52 +00:00
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
buf = p;
|
2006-02-12 18:29:52 +00:00
|
|
|
/* read a tag */
|
2018-03-19 14:25:14 +00:00
|
|
|
if (sc_asn1_read_tag(&p, left, &cla, &tag, &taglen) != SC_SUCCESS
|
|
|
|
|
|| p == NULL)
|
2001-11-01 15:43:20 +00:00
|
|
|
return NULL;
|
2018-03-19 14:25:14 +00:00
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
left -= (p - buf);
|
2006-02-12 18:29:52 +00:00
|
|
|
/* we need to shift the class byte to the leftmost
|
|
|
|
|
* byte of the tag */
|
|
|
|
|
while ((tag & mask) != 0) {
|
|
|
|
|
cla <<= 8;
|
|
|
|
|
mask <<= 8;
|
|
|
|
|
}
|
|
|
|
|
/* compare the read tag with the given tag */
|
2001-11-01 15:43:20 +00:00
|
|
|
if ((tag | cla) == tag_in) {
|
2006-02-12 18:29:52 +00:00
|
|
|
/* we have a match => return length and value part */
|
2001-11-01 15:43:20 +00:00
|
|
|
if (taglen > left)
|
|
|
|
|
return NULL;
|
|
|
|
|
*taglen_in = taglen;
|
|
|
|
|
return p;
|
|
|
|
|
}
|
2006-02-12 18:29:52 +00:00
|
|
|
/* otherwise continue reading tags */
|
2001-11-01 15:43:20 +00:00
|
|
|
left -= taglen;
|
|
|
|
|
p += taglen;
|
|
|
|
|
}
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
const u8 *sc_asn1_skip_tag(sc_context_t *ctx, const u8 ** buf, size_t *buflen,
|
2001-12-29 19:03:46 +00:00
|
|
|
unsigned int tag_in, size_t *taglen_out)
|
2001-12-16 18:46:32 +00:00
|
|
|
{
|
|
|
|
|
const u8 *p = *buf;
|
2002-01-01 18:25:11 +00:00
|
|
|
size_t len = *buflen, taglen;
|
2018-01-05 17:34:52 +00:00
|
|
|
unsigned int cla = 0, tag;
|
2001-12-16 18:46:32 +00:00
|
|
|
|
2018-03-19 14:25:14 +00:00
|
|
|
if (sc_asn1_read_tag((const u8 **) &p, len, &cla, &tag, &taglen) != SC_SUCCESS
|
|
|
|
|
|| p == NULL)
|
2001-12-16 18:46:32 +00:00
|
|
|
return NULL;
|
|
|
|
|
switch (cla & 0xC0) {
|
2006-01-20 20:52:36 +00:00
|
|
|
case SC_ASN1_TAG_UNIVERSAL:
|
2001-12-16 18:46:32 +00:00
|
|
|
if ((tag_in & SC_ASN1_CLASS_MASK) != SC_ASN1_UNI)
|
|
|
|
|
return NULL;
|
|
|
|
|
break;
|
2006-01-20 20:52:36 +00:00
|
|
|
case SC_ASN1_TAG_APPLICATION:
|
2001-12-16 18:46:32 +00:00
|
|
|
if ((tag_in & SC_ASN1_CLASS_MASK) != SC_ASN1_APP)
|
|
|
|
|
return NULL;
|
|
|
|
|
break;
|
2006-01-20 20:52:36 +00:00
|
|
|
case SC_ASN1_TAG_CONTEXT:
|
2001-12-16 18:46:32 +00:00
|
|
|
if ((tag_in & SC_ASN1_CLASS_MASK) != SC_ASN1_CTX)
|
|
|
|
|
return NULL;
|
|
|
|
|
break;
|
2006-01-20 20:52:36 +00:00
|
|
|
case SC_ASN1_TAG_PRIVATE:
|
2001-12-16 18:46:32 +00:00
|
|
|
if ((tag_in & SC_ASN1_CLASS_MASK) != SC_ASN1_PRV)
|
|
|
|
|
return NULL;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2006-01-20 20:52:36 +00:00
|
|
|
if (cla & SC_ASN1_TAG_CONSTRUCTED) {
|
2001-12-16 18:46:32 +00:00
|
|
|
if ((tag_in & SC_ASN1_CONS) == 0)
|
|
|
|
|
return NULL;
|
|
|
|
|
} else
|
|
|
|
|
if (tag_in & SC_ASN1_CONS)
|
|
|
|
|
return NULL;
|
|
|
|
|
if ((tag_in & SC_ASN1_TAG_MASK) != tag)
|
|
|
|
|
return NULL;
|
|
|
|
|
len -= (p - *buf); /* header size */
|
|
|
|
|
if (taglen > len) {
|
2017-03-14 19:02:30 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1,
|
|
|
|
|
"too long ASN.1 object (size %"SC_FORMAT_LEN_SIZE_T"u while only %"SC_FORMAT_LEN_SIZE_T"u available)\n",
|
|
|
|
|
taglen, len);
|
2001-12-16 18:46:32 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
*buflen -= (p - *buf) + taglen;
|
|
|
|
|
*buf = p + taglen; /* point to next tag */
|
|
|
|
|
*taglen_out = taglen;
|
|
|
|
|
return p;
|
|
|
|
|
}
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
const u8 *sc_asn1_verify_tag(sc_context_t *ctx, const u8 * buf, size_t buflen,
|
2001-12-29 19:03:46 +00:00
|
|
|
unsigned int tag_in, size_t *taglen_out)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
2001-12-29 19:03:46 +00:00
|
|
|
return sc_asn1_skip_tag(ctx, &buf, &buflen, tag_in, taglen_out);
|
2001-11-01 15:43:20 +00:00
|
|
|
}
|
|
|
|
|
|
2002-01-01 18:25:11 +00:00
|
|
|
static int decode_bit_string(const u8 * inbuf, size_t inlen, void *outbuf,
|
|
|
|
|
size_t outlen, int invert)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
|
|
|
|
const u8 *in = inbuf;
|
|
|
|
|
u8 *out = (u8 *) outbuf;
|
|
|
|
|
int zero_bits = *in & 0x07;
|
2002-01-01 18:25:11 +00:00
|
|
|
size_t octets_left = inlen - 1;
|
2001-11-01 15:43:20 +00:00
|
|
|
int i, count = 0;
|
|
|
|
|
|
2001-12-21 23:34:47 +00:00
|
|
|
memset(outbuf, 0, outlen);
|
2001-11-01 15:43:20 +00:00
|
|
|
in++;
|
|
|
|
|
if (outlen < octets_left)
|
2001-12-16 18:46:32 +00:00
|
|
|
return SC_ERROR_BUFFER_TOO_SMALL;
|
2002-01-01 18:25:11 +00:00
|
|
|
if (inlen < 1)
|
|
|
|
|
return SC_ERROR_INVALID_ASN1_OBJECT;
|
2001-11-01 15:43:20 +00:00
|
|
|
while (octets_left) {
|
|
|
|
|
/* 1st octet of input: ABCDEFGH, where A is the MSB */
|
|
|
|
|
/* 1st octet of output: HGFEDCBA, where A is the LSB */
|
|
|
|
|
/* first bit in bit string is the LSB in first resulting octet */
|
|
|
|
|
int bits_to_go;
|
|
|
|
|
|
|
|
|
|
*out = 0;
|
|
|
|
|
if (octets_left == 1)
|
|
|
|
|
bits_to_go = 8 - zero_bits;
|
|
|
|
|
else
|
|
|
|
|
bits_to_go = 8;
|
|
|
|
|
if (invert)
|
|
|
|
|
for (i = 0; i < bits_to_go; i++) {
|
|
|
|
|
*out |= ((*in >> (7 - i)) & 1) << i;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
*out = *in;
|
|
|
|
|
}
|
|
|
|
|
out++;
|
|
|
|
|
in++;
|
|
|
|
|
octets_left--;
|
|
|
|
|
count++;
|
|
|
|
|
}
|
2001-12-16 18:46:32 +00:00
|
|
|
return (count * 8) - zero_bits;
|
2001-11-01 15:43:20 +00:00
|
|
|
}
|
|
|
|
|
|
2002-01-01 18:25:11 +00:00
|
|
|
int sc_asn1_decode_bit_string(const u8 * inbuf, size_t inlen,
|
|
|
|
|
void *outbuf, size_t outlen)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
|
|
|
|
return decode_bit_string(inbuf, inlen, outbuf, outlen, 1);
|
|
|
|
|
}
|
|
|
|
|
|
2002-01-01 18:25:11 +00:00
|
|
|
int sc_asn1_decode_bit_string_ni(const u8 * inbuf, size_t inlen,
|
|
|
|
|
void *outbuf, size_t outlen)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
|
|
|
|
return decode_bit_string(inbuf, inlen, outbuf, outlen, 0);
|
|
|
|
|
}
|
|
|
|
|
|
2002-01-13 23:56:13 +00:00
|
|
|
static int encode_bit_string(const u8 * inbuf, size_t bits_left, u8 **outbuf,
|
2002-01-10 12:33:56 +00:00
|
|
|
size_t *outlen, int invert)
|
|
|
|
|
{
|
2002-01-13 23:56:13 +00:00
|
|
|
const u8 *in = inbuf;
|
|
|
|
|
u8 *out;
|
|
|
|
|
size_t bytes;
|
|
|
|
|
int skipped = 0;
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2002-01-13 23:56:13 +00:00
|
|
|
bytes = (bits_left + 7)/8 + 1;
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
*outbuf = out = malloc(bytes);
|
2002-01-13 23:56:13 +00:00
|
|
|
if (out == NULL)
|
|
|
|
|
return SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
*outlen = bytes;
|
|
|
|
|
out += 1;
|
|
|
|
|
while (bits_left) {
|
|
|
|
|
int i, bits_to_go = 8;
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2002-01-13 23:56:13 +00:00
|
|
|
*out = 0;
|
|
|
|
|
if (bits_left < 8) {
|
|
|
|
|
bits_to_go = bits_left;
|
|
|
|
|
skipped = 8 - bits_left;
|
|
|
|
|
}
|
|
|
|
|
if (invert) {
|
|
|
|
|
for (i = 0; i < bits_to_go; i++)
|
|
|
|
|
*out |= ((*in >> i) & 1) << (7 - i);
|
|
|
|
|
} else {
|
|
|
|
|
*out = *in;
|
|
|
|
|
if (bits_left < 8)
|
|
|
|
|
return SC_ERROR_NOT_SUPPORTED; /* FIXME */
|
|
|
|
|
}
|
|
|
|
|
bits_left -= bits_to_go;
|
2002-02-25 14:13:18 +00:00
|
|
|
out++, in++;
|
2002-01-13 23:56:13 +00:00
|
|
|
}
|
|
|
|
|
out = *outbuf;
|
|
|
|
|
out[0] = skipped;
|
|
|
|
|
return 0;
|
2002-01-10 12:33:56 +00:00
|
|
|
}
|
|
|
|
|
|
2003-04-16 20:52:26 +00:00
|
|
|
/*
|
|
|
|
|
* Bitfields are just bit strings, stored in an unsigned int
|
|
|
|
|
* (taking endianness into account)
|
|
|
|
|
*/
|
|
|
|
|
static int decode_bit_field(const u8 * inbuf, size_t inlen, void *outbuf, size_t outlen)
|
|
|
|
|
{
|
|
|
|
|
u8 data[sizeof(unsigned int)];
|
|
|
|
|
unsigned int field = 0;
|
|
|
|
|
int i, n;
|
|
|
|
|
|
|
|
|
|
if (outlen != sizeof(data))
|
|
|
|
|
return SC_ERROR_BUFFER_TOO_SMALL;
|
|
|
|
|
|
|
|
|
|
n = decode_bit_string(inbuf, inlen, data, sizeof(data), 1);
|
|
|
|
|
if (n < 0)
|
|
|
|
|
return n;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < n; i += 8) {
|
|
|
|
|
field |= (data[i/8] << i);
|
|
|
|
|
}
|
|
|
|
|
memcpy(outbuf, &field, outlen);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int encode_bit_field(const u8 *inbuf, size_t inlen,
|
|
|
|
|
u8 **outbuf, size_t *outlen)
|
|
|
|
|
{
|
|
|
|
|
u8 data[sizeof(unsigned int)];
|
|
|
|
|
unsigned int field = 0;
|
2004-09-20 09:47:35 +00:00
|
|
|
size_t i, bits;
|
2003-04-16 20:52:26 +00:00
|
|
|
|
|
|
|
|
if (inlen != sizeof(data))
|
|
|
|
|
return SC_ERROR_BUFFER_TOO_SMALL;
|
|
|
|
|
|
|
|
|
|
/* count the bits */
|
|
|
|
|
memcpy(&field, inbuf, inlen);
|
|
|
|
|
for (bits = 0; field; bits++)
|
|
|
|
|
field >>= 1;
|
|
|
|
|
|
|
|
|
|
memcpy(&field, inbuf, inlen);
|
|
|
|
|
for (i = 0; i < bits; i += 8)
|
|
|
|
|
data[i/8] = field >> i;
|
|
|
|
|
|
|
|
|
|
return encode_bit_string(data, bits, outbuf, outlen, 1);
|
|
|
|
|
}
|
|
|
|
|
|
2002-01-01 18:25:11 +00:00
|
|
|
int sc_asn1_decode_integer(const u8 * inbuf, size_t inlen, int *out)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
2003-05-30 08:54:42 +00:00
|
|
|
int a = 0;
|
|
|
|
|
size_t i;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2018-01-09 11:54:09 +00:00
|
|
|
if (inlen > sizeof(int) || inlen == 0)
|
2001-11-01 15:43:20 +00:00
|
|
|
return SC_ERROR_INVALID_ASN1_OBJECT;
|
2008-02-29 15:37:46 +00:00
|
|
|
if (inbuf[0] & 0x80)
|
|
|
|
|
a = -1;
|
2001-11-01 15:43:20 +00:00
|
|
|
for (i = 0; i < inlen; i++) {
|
|
|
|
|
a <<= 8;
|
|
|
|
|
a |= *inbuf++;
|
|
|
|
|
}
|
|
|
|
|
*out = a;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2002-01-10 12:33:56 +00:00
|
|
|
static int asn1_encode_integer(int in, u8 ** obj, size_t * objsize)
|
|
|
|
|
{
|
2008-02-29 15:37:46 +00:00
|
|
|
int i = sizeof(in) * 8, skip_zero, skip_sign;
|
2002-01-13 23:56:13 +00:00
|
|
|
u8 *p, b;
|
2002-01-10 12:33:56 +00:00
|
|
|
|
2008-02-29 15:37:46 +00:00
|
|
|
if (in < 0)
|
|
|
|
|
{
|
|
|
|
|
skip_sign = 1;
|
|
|
|
|
skip_zero= 0;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
skip_sign = 0;
|
|
|
|
|
skip_zero= 1;
|
|
|
|
|
}
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
*obj = p = malloc(sizeof(in)+1);
|
2002-01-10 12:33:56 +00:00
|
|
|
if (*obj == NULL)
|
|
|
|
|
return SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
do {
|
|
|
|
|
i -= 8;
|
2002-01-13 23:56:13 +00:00
|
|
|
b = in >> i;
|
2008-02-29 15:37:46 +00:00
|
|
|
if (skip_sign)
|
|
|
|
|
{
|
|
|
|
|
if (b != 0xff)
|
|
|
|
|
skip_sign = 0;
|
|
|
|
|
if (b & 0x80)
|
|
|
|
|
{
|
|
|
|
|
*p = b;
|
|
|
|
|
if (0xff == b)
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
p++;
|
|
|
|
|
skip_sign = 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (b == 0 && skip_zero)
|
2002-01-13 23:56:13 +00:00
|
|
|
continue;
|
2008-02-29 15:37:46 +00:00
|
|
|
if (skip_zero) {
|
|
|
|
|
skip_zero = 0;
|
|
|
|
|
/* prepend 0x00 if MSb is 1 and integer positive */
|
|
|
|
|
if ((b & 0x80) != 0 && in > 0)
|
|
|
|
|
*p++ = 0;
|
|
|
|
|
}
|
2002-01-13 23:56:13 +00:00
|
|
|
*p++ = b;
|
2002-01-10 12:33:56 +00:00
|
|
|
} while (i > 0);
|
2008-02-29 15:37:46 +00:00
|
|
|
if (skip_sign)
|
|
|
|
|
p++;
|
2002-01-13 23:56:13 +00:00
|
|
|
*objsize = p - *obj;
|
|
|
|
|
if (*objsize == 0) {
|
|
|
|
|
*objsize = 1;
|
|
|
|
|
(*obj)[0] = 0;
|
|
|
|
|
}
|
2002-01-10 12:33:56 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
int
|
|
|
|
|
sc_asn1_decode_object_id(const u8 *inbuf, size_t inlen, struct sc_object_id *id)
|
2001-11-01 15:43:20 +00:00
|
|
|
{
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
int a;
|
2001-11-01 15:43:20 +00:00
|
|
|
const u8 *p = inbuf;
|
2005-08-05 07:28:20 +00:00
|
|
|
int *octet;
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2005-08-05 07:28:20 +00:00
|
|
|
if (inlen == 0 || inbuf == NULL || id == NULL)
|
|
|
|
|
return SC_ERROR_INVALID_ARGUMENTS;
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
|
|
|
|
|
sc_init_oid(id);
|
2005-08-05 07:28:20 +00:00
|
|
|
octet = id->value;
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
a = *p;
|
|
|
|
|
*octet++ = a / 40;
|
|
|
|
|
*octet++ = a % 40;
|
|
|
|
|
inlen--;
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
while (inlen) {
|
|
|
|
|
p++;
|
|
|
|
|
a = *p & 0x7F;
|
|
|
|
|
inlen--;
|
|
|
|
|
while (inlen && *p & 0x80) {
|
|
|
|
|
p++;
|
|
|
|
|
a <<= 7;
|
|
|
|
|
a |= *p & 0x7F;
|
|
|
|
|
inlen--;
|
|
|
|
|
}
|
|
|
|
|
*octet++ = a;
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
if (octet - id->value >= SC_MAX_OBJECT_ID_OCTETS) {
|
|
|
|
|
sc_init_oid(id);
|
2001-11-01 15:43:20 +00:00
|
|
|
return SC_ERROR_INVALID_ASN1_OBJECT;
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
}
|
2001-11-01 15:43:20 +00:00
|
|
|
};
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
2001-11-17 00:11:29 +00:00
|
|
|
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
int
|
|
|
|
|
sc_asn1_encode_object_id(u8 **buf, size_t *buflen, const struct sc_object_id *id)
|
2002-01-10 12:33:56 +00:00
|
|
|
{
|
2002-04-17 08:54:36 +00:00
|
|
|
u8 temp[SC_MAX_OBJECT_ID_OCTETS*5], *p = temp;
|
2004-09-20 09:47:35 +00:00
|
|
|
int i;
|
2011-05-08 07:59:16 +00:00
|
|
|
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
if (!buflen || !id)
|
|
|
|
|
return SC_ERROR_INVALID_ARGUMENTS;
|
|
|
|
|
|
|
|
|
|
/* an OID must have at least two components */
|
|
|
|
|
if (id->value[0] == -1 || id->value[1] == -1)
|
|
|
|
|
return SC_ERROR_INVALID_ARGUMENTS;
|
2002-01-10 12:33:56 +00:00
|
|
|
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
for (i = 0; i < SC_MAX_OBJECT_ID_OCTETS; i++) {
|
2002-04-17 08:54:36 +00:00
|
|
|
unsigned int k, shift;
|
|
|
|
|
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
if (id->value[i] == -1)
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
k = id->value[i];
|
2002-01-10 12:33:56 +00:00
|
|
|
switch (i) {
|
|
|
|
|
case 0:
|
2002-04-17 08:54:36 +00:00
|
|
|
if (k > 2)
|
2002-01-10 12:33:56 +00:00
|
|
|
return SC_ERROR_INVALID_ARGUMENTS;
|
2002-04-17 08:54:36 +00:00
|
|
|
*p = k * 40;
|
2002-01-10 12:33:56 +00:00
|
|
|
break;
|
|
|
|
|
case 1:
|
2002-04-17 08:54:36 +00:00
|
|
|
if (k > 39)
|
2002-01-10 12:33:56 +00:00
|
|
|
return SC_ERROR_INVALID_ARGUMENTS;
|
2002-04-17 08:54:36 +00:00
|
|
|
*p++ += k;
|
2002-01-10 12:33:56 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2002-04-17 08:54:36 +00:00
|
|
|
shift = 28;
|
|
|
|
|
while (shift && (k >> shift) == 0)
|
|
|
|
|
shift -= 7;
|
|
|
|
|
while (shift) {
|
|
|
|
|
*p++ = 0x80 | ((k >> shift) & 0x7f);
|
|
|
|
|
shift -= 7;
|
|
|
|
|
}
|
|
|
|
|
*p++ = k & 0x7F;
|
|
|
|
|
break;
|
2002-01-10 12:33:56 +00:00
|
|
|
}
|
|
|
|
|
}
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
|
|
|
|
|
*buflen = p - temp;
|
|
|
|
|
|
|
|
|
|
if (buf) {
|
|
|
|
|
*buf = malloc(*buflen);
|
|
|
|
|
if (!*buf)
|
|
|
|
|
return SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
memcpy(*buf, temp, *buflen);
|
|
|
|
|
}
|
2002-01-10 12:33:56 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2004-09-20 09:47:35 +00:00
|
|
|
static int sc_asn1_decode_utf8string(const u8 *inbuf, size_t inlen,
|
2002-01-01 18:25:11 +00:00
|
|
|
u8 *out, size_t *outlen)
|
2001-12-16 18:46:32 +00:00
|
|
|
{
|
|
|
|
|
if (inlen+1 > *outlen)
|
|
|
|
|
return SC_ERROR_BUFFER_TOO_SMALL;
|
|
|
|
|
*outlen = inlen+1;
|
|
|
|
|
memcpy(out, inbuf, inlen);
|
|
|
|
|
out[inlen] = 0;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2014-10-28 08:05:02 +00:00
|
|
|
int sc_asn1_put_tag(unsigned int tag, const u8 * data, size_t datalen, u8 * out, size_t outlen, u8 **ptr)
|
2001-11-17 00:11:29 +00:00
|
|
|
{
|
2014-10-28 08:05:02 +00:00
|
|
|
size_t c = 0;
|
|
|
|
|
size_t tag_len;
|
|
|
|
|
size_t ii;
|
2001-11-17 00:11:29 +00:00
|
|
|
u8 *p = out;
|
2014-10-28 08:05:02 +00:00
|
|
|
u8 tag_char[4] = {0, 0, 0, 0};
|
2001-11-17 00:11:29 +00:00
|
|
|
|
2014-10-28 08:05:02 +00:00
|
|
|
/* Check tag */
|
|
|
|
|
if (tag == 0 || tag > 0xFFFFFFFF) {
|
|
|
|
|
/* A tag of 0x00 is not valid and at most 4-byte tag names are supported. */
|
|
|
|
|
return SC_ERROR_INVALID_DATA;
|
|
|
|
|
}
|
|
|
|
|
for (tag_len = 0; tag; tag >>= 8) {
|
|
|
|
|
/* Note: tag char will be reversed order. */
|
|
|
|
|
tag_char[tag_len++] = tag & 0xFF;
|
|
|
|
|
}
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2014-10-28 08:05:02 +00:00
|
|
|
if (tag_len > 1) {
|
|
|
|
|
if ((tag_char[tag_len - 1] & SC_ASN1_TAG_PRIMITIVE) != SC_ASN1_TAG_ESCAPE_MARKER) {
|
|
|
|
|
/* First byte is not escape marker. */
|
|
|
|
|
return SC_ERROR_INVALID_DATA;
|
|
|
|
|
}
|
|
|
|
|
for (ii = 1; ii < tag_len - 1; ii++) {
|
|
|
|
|
if ((tag_char[ii] & 0x80) != 0x80) {
|
|
|
|
|
/* MS bit is not 'one'. */
|
|
|
|
|
return SC_ERROR_INVALID_DATA;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ((tag_char[0] & 0x80) != 0x00) {
|
|
|
|
|
/* MS bit of the last byte is not 'zero'. */
|
|
|
|
|
return SC_ERROR_INVALID_DATA;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Calculate the number of additional bytes necessary to encode the length. */
|
|
|
|
|
/* c+1 is the size of the length field. */
|
|
|
|
|
if (datalen > 127) {
|
|
|
|
|
c = 1;
|
|
|
|
|
while (datalen >> (c << 3))
|
|
|
|
|
c++;
|
|
|
|
|
}
|
|
|
|
|
if (outlen == 0 || out == NULL) {
|
|
|
|
|
/* Caller only asks for the length that would be written. */
|
|
|
|
|
return tag_len + (c+1) + datalen;
|
|
|
|
|
}
|
|
|
|
|
/* We will write the tag, so check the length. */
|
|
|
|
|
if (outlen < tag_len + (c+1) + datalen)
|
|
|
|
|
return SC_ERROR_BUFFER_TOO_SMALL;
|
|
|
|
|
for (ii=0;ii<tag_len;ii++)
|
|
|
|
|
*p++ = tag_char[tag_len - ii - 1];
|
|
|
|
|
|
|
|
|
|
if (c > 0) {
|
|
|
|
|
*p++ = 0x80 | c;
|
|
|
|
|
while (c--)
|
|
|
|
|
*p++ = (datalen >> (c << 3)) & 0xFF;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
*p++ = datalen & 0x7F;
|
|
|
|
|
}
|
|
|
|
|
if(data && datalen > 0) {
|
|
|
|
|
memcpy(p, data, datalen);
|
|
|
|
|
p += datalen;
|
|
|
|
|
}
|
2001-11-17 00:11:29 +00:00
|
|
|
if (ptr != NULL)
|
|
|
|
|
*ptr = p;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2001-12-16 18:46:32 +00:00
|
|
|
|
2012-07-29 10:56:03 +00:00
|
|
|
int sc_asn1_write_element(sc_context_t *ctx, unsigned int tag,
|
|
|
|
|
const u8 * data, size_t datalen, u8 ** out, size_t * outlen)
|
|
|
|
|
{
|
|
|
|
|
return asn1_write_element(ctx, tag, data, datalen, out, outlen);
|
|
|
|
|
}
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
static int asn1_write_element(sc_context_t *ctx, unsigned int tag,
|
2004-09-20 09:47:35 +00:00
|
|
|
const u8 * data, size_t datalen, u8 ** out, size_t * outlen)
|
2002-01-10 12:33:56 +00:00
|
|
|
{
|
2011-01-13 13:59:22 +00:00
|
|
|
unsigned char t;
|
|
|
|
|
unsigned char *buf, *p;
|
2011-04-06 15:06:02 +00:00
|
|
|
int c = 0;
|
2011-01-13 13:59:22 +00:00
|
|
|
unsigned short_tag;
|
|
|
|
|
unsigned char tag_char[3] = {0, 0, 0};
|
2011-04-06 15:06:02 +00:00
|
|
|
size_t tag_len, ii;
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2011-01-13 13:59:22 +00:00
|
|
|
short_tag = tag & SC_ASN1_TAG_MASK;
|
|
|
|
|
for (tag_len = 0; short_tag >> (8 * tag_len); tag_len++)
|
|
|
|
|
tag_char[tag_len] = (short_tag >> (8 * tag_len)) & 0xFF;
|
|
|
|
|
if (!tag_len)
|
|
|
|
|
tag_len = 1;
|
|
|
|
|
|
|
|
|
|
if (tag_len > 1) {
|
|
|
|
|
if ((tag_char[tag_len - 1] & SC_ASN1_TAG_PRIMITIVE) != SC_ASN1_TAG_ESCAPE_MARKER)
|
2011-01-13 15:06:12 +00:00
|
|
|
SC_TEST_RET(ctx, SC_LOG_DEBUG_ASN1, SC_ERROR_INVALID_DATA, "First byte of the long tag is not 'escape marker'");
|
2011-01-13 13:59:22 +00:00
|
|
|
|
|
|
|
|
for (ii = 1; ii < tag_len - 1; ii++)
|
|
|
|
|
if (!(tag_char[ii] & 0x80))
|
2011-01-13 15:06:12 +00:00
|
|
|
SC_TEST_RET(ctx, SC_LOG_DEBUG_ASN1, SC_ERROR_INVALID_DATA, "MS bit expected to be 'one'");
|
2011-01-13 13:59:22 +00:00
|
|
|
|
|
|
|
|
if (tag_char[0] & 0x80)
|
2011-01-13 15:06:12 +00:00
|
|
|
SC_TEST_RET(ctx, SC_LOG_DEBUG_ASN1, SC_ERROR_INVALID_DATA, "MS bit of the last byte expected to be 'zero'");
|
2002-01-10 12:33:56 +00:00
|
|
|
}
|
2011-01-13 13:59:22 +00:00
|
|
|
|
|
|
|
|
t = tag_char[tag_len - 1] & 0x1F;
|
|
|
|
|
|
2002-01-10 12:33:56 +00:00
|
|
|
switch (tag & SC_ASN1_CLASS_MASK) {
|
|
|
|
|
case SC_ASN1_UNI:
|
|
|
|
|
break;
|
|
|
|
|
case SC_ASN1_APP:
|
2006-01-20 20:52:36 +00:00
|
|
|
t |= SC_ASN1_TAG_APPLICATION;
|
2002-01-10 12:33:56 +00:00
|
|
|
break;
|
|
|
|
|
case SC_ASN1_CTX:
|
2006-01-20 20:52:36 +00:00
|
|
|
t |= SC_ASN1_TAG_CONTEXT;
|
2002-01-10 12:33:56 +00:00
|
|
|
break;
|
|
|
|
|
case SC_ASN1_PRV:
|
2006-01-20 20:52:36 +00:00
|
|
|
t |= SC_ASN1_TAG_PRIVATE;
|
2002-01-10 12:33:56 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (tag & SC_ASN1_CONS)
|
2006-01-20 20:52:36 +00:00
|
|
|
t |= SC_ASN1_TAG_CONSTRUCTED;
|
2002-01-10 12:33:56 +00:00
|
|
|
if (datalen > 127) {
|
|
|
|
|
c = 1;
|
|
|
|
|
while (datalen >> (c << 3))
|
|
|
|
|
c++;
|
|
|
|
|
}
|
2011-01-13 13:59:22 +00:00
|
|
|
|
|
|
|
|
*outlen = tag_len + 1 + c + datalen;
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
buf = malloc(*outlen);
|
2002-01-10 12:33:56 +00:00
|
|
|
if (buf == NULL)
|
2010-03-15 12:17:13 +00:00
|
|
|
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_ASN1, SC_ERROR_OUT_OF_MEMORY);
|
2011-01-13 13:59:22 +00:00
|
|
|
|
2002-01-10 12:33:56 +00:00
|
|
|
*out = p = buf;
|
|
|
|
|
*p++ = t;
|
2011-01-13 13:59:22 +00:00
|
|
|
for (ii=1;ii<tag_len;ii++)
|
|
|
|
|
*p++ = tag_char[tag_len - ii - 1];
|
|
|
|
|
|
2002-01-10 12:33:56 +00:00
|
|
|
if (c) {
|
|
|
|
|
*p++ = 0x80 | c;
|
|
|
|
|
while (c--)
|
|
|
|
|
*p++ = (datalen >> (c << 3)) & 0xFF;
|
2012-05-27 19:20:22 +00:00
|
|
|
}
|
2011-01-13 13:59:22 +00:00
|
|
|
else {
|
2002-01-10 12:33:56 +00:00
|
|
|
*p++ = datalen & 0x7F;
|
2011-01-13 13:59:22 +00:00
|
|
|
}
|
2002-01-10 12:33:56 +00:00
|
|
|
memcpy(p, data, datalen);
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2011-01-13 13:59:22 +00:00
|
|
|
return SC_SUCCESS;
|
2002-01-10 12:33:56 +00:00
|
|
|
}
|
|
|
|
|
|
2011-01-09 17:25:09 +00:00
|
|
|
static const struct sc_asn1_entry c_asn1_path_ext[3] = {
|
|
|
|
|
{ "aid", SC_ASN1_OCTET_STRING, SC_ASN1_APP | 0x0F, 0, NULL, NULL },
|
|
|
|
|
{ "path", SC_ASN1_OCTET_STRING, SC_ASN1_TAG_OCTET_STRING, 0, NULL, NULL },
|
|
|
|
|
{ NULL, 0, 0, 0, NULL, NULL }
|
|
|
|
|
};
|
|
|
|
|
static const struct sc_asn1_entry c_asn1_path[5] = {
|
|
|
|
|
{ "path", SC_ASN1_OCTET_STRING, SC_ASN1_TAG_OCTET_STRING, SC_ASN1_OPTIONAL, NULL, NULL },
|
2006-01-20 20:52:36 +00:00
|
|
|
{ "index", SC_ASN1_INTEGER, SC_ASN1_TAG_INTEGER, SC_ASN1_OPTIONAL, NULL, NULL },
|
2005-08-05 07:28:20 +00:00
|
|
|
{ "length", SC_ASN1_INTEGER, SC_ASN1_CTX | 0, SC_ASN1_OPTIONAL, NULL, NULL },
|
2012-05-27 19:20:22 +00:00
|
|
|
/* For some multi-applications PKCS#15 card the ODF records can hold the references to
|
2011-01-09 17:25:09 +00:00
|
|
|
* the xDF files and objects placed elsewhere then under the application DF of the ODF itself.
|
|
|
|
|
* In such a case the 'path' ASN1 data includes also the ID of the target application (AID).
|
2012-05-27 19:20:22 +00:00
|
|
|
* This path extension do not make a part of PKCS#15 standard.
|
2011-01-09 17:25:09 +00:00
|
|
|
*/
|
|
|
|
|
{ "pathExtended", SC_ASN1_STRUCT, SC_ASN1_CTX | 1 | SC_ASN1_CONS, SC_ASN1_OPTIONAL, NULL, NULL },
|
2005-08-05 07:28:20 +00:00
|
|
|
{ NULL, 0, 0, 0, NULL, NULL }
|
2002-01-10 12:33:56 +00:00
|
|
|
};
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
static int asn1_decode_path(sc_context_t *ctx, const u8 *in, size_t len,
|
|
|
|
|
sc_path_t *path, int depth)
|
2001-12-16 18:46:32 +00:00
|
|
|
{
|
2002-12-02 13:38:09 +00:00
|
|
|
int idx, count, r;
|
2011-01-09 17:25:09 +00:00
|
|
|
struct sc_asn1_entry asn1_path_ext[3], asn1_path[5];
|
|
|
|
|
unsigned char path_value[SC_MAX_PATH_SIZE], aid_value[SC_MAX_AID_SIZE];
|
|
|
|
|
size_t path_len = sizeof(path_value), aid_len = sizeof(aid_value);
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2011-01-09 17:25:09 +00:00
|
|
|
memset(path, 0, sizeof(struct sc_path));
|
|
|
|
|
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_path_ext, asn1_path_ext);
|
2002-01-10 12:33:56 +00:00
|
|
|
sc_copy_asn1_entry(c_asn1_path, asn1_path);
|
2011-01-09 17:25:09 +00:00
|
|
|
|
|
|
|
|
sc_format_asn1_entry(asn1_path_ext + 0, aid_value, &aid_len, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_path_ext + 1, path_value, &path_len, 0);
|
|
|
|
|
|
|
|
|
|
sc_format_asn1_entry(asn1_path + 0, path_value, &path_len, 0);
|
2002-01-10 12:33:56 +00:00
|
|
|
sc_format_asn1_entry(asn1_path + 1, &idx, NULL, 0);
|
2002-12-02 13:38:09 +00:00
|
|
|
sc_format_asn1_entry(asn1_path + 2, &count, NULL, 0);
|
2011-01-09 17:25:09 +00:00
|
|
|
sc_format_asn1_entry(asn1_path + 3, asn1_path_ext, NULL, 0);
|
|
|
|
|
|
2002-01-07 18:32:13 +00:00
|
|
|
r = asn1_decode(ctx, asn1_path, in, len, NULL, NULL, 0, depth + 1);
|
2001-12-16 18:46:32 +00:00
|
|
|
if (r)
|
|
|
|
|
return r;
|
2011-01-09 17:25:09 +00:00
|
|
|
|
|
|
|
|
if (asn1_path[3].flags & SC_ASN1_PRESENT) {
|
|
|
|
|
/* extended path present: set 'path' and 'aid' */
|
|
|
|
|
memcpy(path->aid.value, aid_value, aid_len);
|
|
|
|
|
path->aid.len = aid_len;
|
|
|
|
|
|
|
|
|
|
memcpy(path->value, path_value, path_len);
|
|
|
|
|
path->len = path_len;
|
|
|
|
|
}
|
|
|
|
|
else if (asn1_path[0].flags & SC_ASN1_PRESENT) {
|
|
|
|
|
/* path present: set 'path' */
|
|
|
|
|
memcpy(path->value, path_value, path_len);
|
|
|
|
|
path->len = path_len;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
/* failed if both 'path' and 'pathExtended' are absent */
|
|
|
|
|
return SC_ERROR_ASN1_OBJECT_NOT_FOUND;
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-10 10:44:52 +00:00
|
|
|
if (path->len == 2)
|
2003-04-28 16:29:57 +00:00
|
|
|
path->type = SC_PATH_TYPE_FILE_ID;
|
2011-01-10 10:44:52 +00:00
|
|
|
else if (path->aid.len && path->len > 2)
|
2011-01-09 17:25:09 +00:00
|
|
|
path->type = SC_PATH_TYPE_FROM_CURRENT;
|
2003-04-28 16:29:57 +00:00
|
|
|
else
|
|
|
|
|
path->type = SC_PATH_TYPE_PATH;
|
2011-01-09 17:25:09 +00:00
|
|
|
|
|
|
|
|
if ((asn1_path[1].flags & SC_ASN1_PRESENT) && (asn1_path[2].flags & SC_ASN1_PRESENT)) {
|
2002-01-10 12:33:56 +00:00
|
|
|
path->index = idx;
|
2002-12-02 13:38:09 +00:00
|
|
|
path->count = count;
|
2012-05-27 19:20:22 +00:00
|
|
|
}
|
2011-01-09 17:25:09 +00:00
|
|
|
else {
|
2002-01-10 12:33:56 +00:00
|
|
|
path->index = 0;
|
2002-12-02 13:38:09 +00:00
|
|
|
path->count = -1;
|
|
|
|
|
}
|
2011-01-09 17:25:09 +00:00
|
|
|
|
|
|
|
|
return SC_SUCCESS;
|
2001-12-16 18:46:32 +00:00
|
|
|
}
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
static int asn1_encode_path(sc_context_t *ctx, const sc_path_t *path,
|
2011-01-02 14:14:24 +00:00
|
|
|
u8 **buf, size_t *bufsize, int depth, unsigned int parent_flags)
|
2002-01-10 12:33:56 +00:00
|
|
|
{
|
|
|
|
|
int r;
|
2011-01-10 10:44:52 +00:00
|
|
|
struct sc_asn1_entry asn1_path[5];
|
2005-03-08 20:59:35 +00:00
|
|
|
sc_path_t tpath = *path;
|
2002-01-10 12:33:56 +00:00
|
|
|
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_path, asn1_path);
|
2004-09-20 09:47:35 +00:00
|
|
|
sc_format_asn1_entry(asn1_path + 0, (void *) &tpath.value, (void *) &tpath.len, 1);
|
2011-01-02 14:14:24 +00:00
|
|
|
|
|
|
|
|
asn1_path[0].flags |= parent_flags;
|
2003-11-19 20:22:52 +00:00
|
|
|
if (path->count > 0) {
|
2004-09-20 09:47:35 +00:00
|
|
|
sc_format_asn1_entry(asn1_path + 1, (void *) &tpath.index, NULL, 1);
|
|
|
|
|
sc_format_asn1_entry(asn1_path + 2, (void *) &tpath.count, NULL, 1);
|
2003-11-19 20:22:52 +00:00
|
|
|
}
|
2002-01-10 12:33:56 +00:00
|
|
|
r = asn1_encode(ctx, asn1_path, buf, bufsize, depth + 1);
|
2012-05-27 19:20:22 +00:00
|
|
|
return r;
|
2002-01-10 12:33:56 +00:00
|
|
|
}
|
|
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
|
|
|
|
|
static const struct sc_asn1_entry c_asn1_se[2] = {
|
|
|
|
|
{ "seInfo", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, 0, NULL, NULL },
|
|
|
|
|
{ NULL, 0, 0, 0, NULL, NULL }
|
|
|
|
|
};
|
|
|
|
|
|
2006-10-30 18:51:48 +00:00
|
|
|
static const struct sc_asn1_entry c_asn1_se_info[4] = {
|
2012-05-27 19:20:22 +00:00
|
|
|
{ "se", SC_ASN1_INTEGER, SC_ASN1_TAG_INTEGER, 0, NULL, NULL },
|
|
|
|
|
{ "owner",SC_ASN1_OBJECT, SC_ASN1_TAG_OBJECT, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "aid", SC_ASN1_OCTET_STRING, SC_ASN1_TAG_OCTET_STRING, SC_ASN1_OPTIONAL, NULL, NULL },
|
2006-10-30 18:51:48 +00:00
|
|
|
{ NULL, 0, 0, 0, NULL, NULL }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static int asn1_decode_se_info(sc_context_t *ctx, const u8 *obj, size_t objlen,
|
2015-02-15 12:56:51 +00:00
|
|
|
sc_pkcs15_sec_env_info_t ***se, size_t *num, int depth)
|
2006-10-30 18:51:48 +00:00
|
|
|
{
|
2012-05-27 19:20:22 +00:00
|
|
|
struct sc_pkcs15_sec_env_info **ses;
|
|
|
|
|
const unsigned char *ptr = obj;
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
size_t idx, ptrlen = objlen;
|
2012-05-27 19:20:22 +00:00
|
|
|
int ret;
|
2006-10-30 18:51:48 +00:00
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
ses = calloc(SC_MAX_SE_NUM, sizeof(sc_pkcs15_sec_env_info_t *));
|
2006-10-30 18:51:48 +00:00
|
|
|
if (ses == NULL)
|
|
|
|
|
return SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
for (idx=0; idx < SC_MAX_SE_NUM && ptrlen; ) {
|
|
|
|
|
struct sc_asn1_entry asn1_se[2];
|
2006-10-30 18:51:48 +00:00
|
|
|
struct sc_asn1_entry asn1_se_info[4];
|
2012-05-27 19:20:22 +00:00
|
|
|
struct sc_pkcs15_sec_env_info si;
|
2006-10-30 18:51:48 +00:00
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
sc_copy_asn1_entry(c_asn1_se, asn1_se);
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_se_info, asn1_se_info);
|
|
|
|
|
|
|
|
|
|
si.aid.len = sizeof(si.aid.value);
|
|
|
|
|
sc_format_asn1_entry(asn1_se_info + 0, &si.se, NULL, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_se_info + 1, &si.owner, NULL, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_se_info + 2, &si.aid.value, &si.aid.len, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_se + 0, asn1_se_info, NULL, 0);
|
|
|
|
|
|
|
|
|
|
ret = asn1_decode(ctx, asn1_se, ptr, ptrlen, &ptr, &ptrlen, 0, depth+1);
|
|
|
|
|
if (ret != SC_SUCCESS)
|
2006-10-30 18:51:48 +00:00
|
|
|
goto err;
|
2012-05-27 19:20:22 +00:00
|
|
|
if (!(asn1_se_info[1].flags & SC_ASN1_PRESENT))
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
sc_init_oid(&si.owner);
|
2006-10-30 18:51:48 +00:00
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
ses[idx] = calloc(1, sizeof(sc_pkcs15_sec_env_info_t));
|
|
|
|
|
if (ses[idx] == NULL) {
|
|
|
|
|
ret = SC_ERROR_OUT_OF_MEMORY;
|
2006-10-30 18:51:48 +00:00
|
|
|
goto err;
|
|
|
|
|
}
|
2012-05-27 19:20:22 +00:00
|
|
|
|
|
|
|
|
memcpy(ses[idx], &si, sizeof(struct sc_pkcs15_sec_env_info));
|
|
|
|
|
idx++;
|
2006-10-30 18:51:48 +00:00
|
|
|
}
|
2012-05-27 19:20:22 +00:00
|
|
|
|
|
|
|
|
*se = ses;
|
|
|
|
|
*num = idx;
|
|
|
|
|
ret = SC_SUCCESS;
|
2006-10-30 18:51:48 +00:00
|
|
|
err:
|
2012-05-27 19:20:22 +00:00
|
|
|
if (ret != SC_SUCCESS) {
|
2014-02-25 08:07:09 +00:00
|
|
|
size_t i;
|
2006-10-30 18:51:48 +00:00
|
|
|
for (i = 0; i < idx; i++)
|
2012-05-27 19:20:22 +00:00
|
|
|
if (ses[i])
|
|
|
|
|
free(ses[i]);
|
2006-10-30 18:51:48 +00:00
|
|
|
free(ses);
|
2012-05-27 19:20:22 +00:00
|
|
|
}
|
2006-10-30 18:51:48 +00:00
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
return ret;
|
2006-10-30 18:51:48 +00:00
|
|
|
}
|
|
|
|
|
|
2010-07-06 09:09:04 +00:00
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
static int asn1_encode_se_info(sc_context_t *ctx,
|
|
|
|
|
struct sc_pkcs15_sec_env_info **se, size_t se_num,
|
|
|
|
|
unsigned char **buf, size_t *bufsize, int depth)
|
|
|
|
|
{
|
2013-09-29 18:21:23 +00:00
|
|
|
unsigned char *ptr = NULL, *out = NULL, *p;
|
2012-05-27 19:20:22 +00:00
|
|
|
size_t ptrlen = 0, outlen = 0, idx;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
for (idx=0; idx < se_num; idx++) {
|
|
|
|
|
struct sc_asn1_entry asn1_se[2];
|
|
|
|
|
struct sc_asn1_entry asn1_se_info[4];
|
|
|
|
|
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_se, asn1_se);
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_se_info, asn1_se_info);
|
|
|
|
|
|
|
|
|
|
sc_format_asn1_entry(asn1_se_info + 0, &se[idx]->se, NULL, 1);
|
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
https://github.com/OpenSC/OpenSC/commit/8e75d971cb7eadfef9b5b50adb3cb6d18e641ed2#commitcomment-1792477
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-01 22:12:57 +00:00
|
|
|
if (sc_valid_oid(&se[idx]->owner))
|
2012-05-27 19:20:22 +00:00
|
|
|
sc_format_asn1_entry(asn1_se_info + 1, &se[idx]->owner, NULL, 1);
|
|
|
|
|
if (se[idx]->aid.len)
|
|
|
|
|
sc_format_asn1_entry(asn1_se_info + 2, &se[idx]->aid.value, &se[idx]->aid.len, 1);
|
|
|
|
|
sc_format_asn1_entry(asn1_se + 0, asn1_se_info, NULL, 1);
|
|
|
|
|
|
|
|
|
|
ret = sc_asn1_encode(ctx, asn1_se, &ptr, &ptrlen);
|
|
|
|
|
if (ret != SC_SUCCESS)
|
|
|
|
|
goto err;
|
|
|
|
|
|
2013-09-29 18:21:23 +00:00
|
|
|
p = (unsigned char *) realloc(out, outlen + ptrlen);
|
|
|
|
|
if (!p) {
|
2012-05-27 19:20:22 +00:00
|
|
|
ret = SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
goto err;
|
|
|
|
|
}
|
2013-09-29 18:21:23 +00:00
|
|
|
out = p;
|
2012-05-27 19:20:22 +00:00
|
|
|
memcpy(out + outlen, ptr, ptrlen);
|
|
|
|
|
outlen += ptrlen;
|
|
|
|
|
free(ptr);
|
|
|
|
|
ptr = NULL;
|
|
|
|
|
ptrlen = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*buf = out;
|
|
|
|
|
*bufsize = outlen;
|
|
|
|
|
ret = SC_SUCCESS;
|
|
|
|
|
err:
|
|
|
|
|
if (ret != SC_SUCCESS && out != NULL)
|
|
|
|
|
free(out);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* TODO: According to specification type of 'SecurityCondition' is 'CHOICE'.
|
|
|
|
|
* Do it at least for SC_ASN1_PKCS15_ID(authId), SC_ASN1_STRUCT(authReference) and NULL(always). */
|
2010-07-06 09:09:04 +00:00
|
|
|
static const struct sc_asn1_entry c_asn1_access_control_rule[3] = {
|
|
|
|
|
{ "accessMode", SC_ASN1_BIT_FIELD, SC_ASN1_TAG_BIT_STRING, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "securityCondition", SC_ASN1_PKCS15_ID, SC_ASN1_TAG_OCTET_STRING, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ NULL, 0, 0, 0, NULL, NULL }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* in src/libopensc/pkcs15.h SC_PKCS15_MAX_ACCESS_RULES defined as 8
|
|
|
|
|
*/
|
|
|
|
|
static const struct sc_asn1_entry c_asn1_access_control_rules[SC_PKCS15_MAX_ACCESS_RULES + 1] = {
|
|
|
|
|
{ "accessControlRule", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "accessControlRule", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "accessControlRule", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "accessControlRule", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "accessControlRule", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "accessControlRule", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "accessControlRule", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "accessControlRule", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ NULL, 0, 0, 0, NULL, NULL }
|
|
|
|
|
};
|
|
|
|
|
|
2002-01-10 12:33:56 +00:00
|
|
|
static const struct sc_asn1_entry c_asn1_com_obj_attr[6] = {
|
2006-01-20 20:52:36 +00:00
|
|
|
{ "label", SC_ASN1_UTF8STRING, SC_ASN1_TAG_UTF8STRING, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "flags", SC_ASN1_BIT_FIELD, SC_ASN1_TAG_BIT_STRING, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "authId", SC_ASN1_PKCS15_ID, SC_ASN1_TAG_OCTET_STRING, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "userConsent", SC_ASN1_INTEGER, SC_ASN1_TAG_INTEGER, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "accessControlRules", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, SC_ASN1_OPTIONAL, NULL, NULL },
|
2005-08-05 07:28:20 +00:00
|
|
|
{ NULL, 0, 0, 0, NULL, NULL }
|
2002-01-10 12:33:56 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static const struct sc_asn1_entry c_asn1_p15_obj[5] = {
|
2006-01-20 20:52:36 +00:00
|
|
|
{ "commonObjectAttributes", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, 0, NULL, NULL },
|
|
|
|
|
{ "classAttributes", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, 0, NULL, NULL },
|
2005-08-05 07:28:20 +00:00
|
|
|
{ "subClassAttributes", SC_ASN1_STRUCT, SC_ASN1_CTX | 0 | SC_ASN1_CONS, SC_ASN1_OPTIONAL, NULL, NULL },
|
|
|
|
|
{ "typeAttributes", SC_ASN1_STRUCT, SC_ASN1_CTX | 1 | SC_ASN1_CONS, 0, NULL, NULL },
|
|
|
|
|
{ NULL, 0, 0, 0, NULL, NULL }
|
2002-01-10 12:33:56 +00:00
|
|
|
};
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
static int asn1_decode_p15_object(sc_context_t *ctx, const u8 *in,
|
2002-01-16 23:59:18 +00:00
|
|
|
size_t len, struct sc_asn1_pkcs15_object *obj,
|
2002-01-07 18:32:13 +00:00
|
|
|
int depth)
|
2001-12-19 21:58:04 +00:00
|
|
|
{
|
2002-03-03 00:32:28 +00:00
|
|
|
struct sc_pkcs15_object *p15_obj = obj->p15_obj;
|
2002-01-10 12:33:56 +00:00
|
|
|
struct sc_asn1_entry asn1_c_attr[6], asn1_p15_obj[5];
|
2010-07-06 09:09:04 +00:00
|
|
|
struct sc_asn1_entry asn1_ac_rules[SC_PKCS15_MAX_ACCESS_RULES + 1], asn1_ac_rule[SC_PKCS15_MAX_ACCESS_RULES][3];
|
2002-03-03 00:32:28 +00:00
|
|
|
size_t flags_len = sizeof(p15_obj->flags);
|
|
|
|
|
size_t label_len = sizeof(p15_obj->label);
|
2010-07-06 09:09:04 +00:00
|
|
|
size_t access_mode_len = sizeof(p15_obj->access_rules[0].access_mode);
|
|
|
|
|
int r, ii;
|
|
|
|
|
|
|
|
|
|
for (ii=0; ii<SC_PKCS15_MAX_ACCESS_RULES; ii++)
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_access_control_rule, asn1_ac_rule[ii]);
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_access_control_rules, asn1_ac_rules);
|
|
|
|
|
|
2002-01-10 12:33:56 +00:00
|
|
|
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_com_obj_attr, asn1_c_attr);
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_p15_obj, asn1_p15_obj);
|
2002-03-03 00:32:28 +00:00
|
|
|
sc_format_asn1_entry(asn1_c_attr + 0, p15_obj->label, &label_len, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_c_attr + 1, &p15_obj->flags, &flags_len, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_c_attr + 2, &p15_obj->auth_id, NULL, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_c_attr + 3, &p15_obj->user_consent, NULL, 0);
|
2010-07-06 09:09:04 +00:00
|
|
|
|
|
|
|
|
for (ii=0; ii<SC_PKCS15_MAX_ACCESS_RULES; ii++) {
|
|
|
|
|
sc_format_asn1_entry(asn1_ac_rule[ii] + 0, &p15_obj->access_rules[ii].access_mode, &access_mode_len, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_ac_rule[ii] + 1, &p15_obj->access_rules[ii].auth_id, NULL, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_ac_rules + ii, asn1_ac_rule[ii], NULL, 0);
|
|
|
|
|
}
|
|
|
|
|
sc_format_asn1_entry(asn1_c_attr + 4, asn1_ac_rules, NULL, 0);
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2002-01-10 12:33:56 +00:00
|
|
|
sc_format_asn1_entry(asn1_p15_obj + 0, asn1_c_attr, NULL, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_p15_obj + 1, obj->asn1_class_attr, NULL, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_p15_obj + 2, obj->asn1_subclass_attr, NULL, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_p15_obj + 3, obj->asn1_type_attr, NULL, 0);
|
|
|
|
|
|
2002-01-07 18:32:13 +00:00
|
|
|
r = asn1_decode(ctx, asn1_p15_obj, in, len, NULL, NULL, 0, depth + 1);
|
2001-12-19 21:58:04 +00:00
|
|
|
return r;
|
|
|
|
|
}
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
static int asn1_encode_p15_object(sc_context_t *ctx, const struct sc_asn1_pkcs15_object *obj,
|
2002-01-10 12:33:56 +00:00
|
|
|
u8 **buf, size_t *bufsize, int depth)
|
|
|
|
|
{
|
2004-09-20 09:47:35 +00:00
|
|
|
struct sc_pkcs15_object p15_obj = *obj->p15_obj;
|
|
|
|
|
struct sc_asn1_entry asn1_c_attr[6], asn1_p15_obj[5];
|
2010-07-06 09:09:04 +00:00
|
|
|
struct sc_asn1_entry asn1_ac_rules[SC_PKCS15_MAX_ACCESS_RULES + 1], asn1_ac_rule[SC_PKCS15_MAX_ACCESS_RULES][3];
|
2004-09-20 09:47:35 +00:00
|
|
|
size_t label_len = strlen(p15_obj.label);
|
2003-04-16 20:52:26 +00:00
|
|
|
size_t flags_len;
|
2010-07-06 09:09:04 +00:00
|
|
|
size_t access_mode_len;
|
|
|
|
|
int r, ii;
|
|
|
|
|
|
|
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "encode p15 obj(type:0x%X,access_mode:0x%X)", p15_obj.type, p15_obj.access_rules[0].access_mode);
|
|
|
|
|
if (p15_obj.access_rules[0].access_mode) {
|
|
|
|
|
for (ii=0; ii<SC_PKCS15_MAX_ACCESS_RULES; ii++) {
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_access_control_rule, asn1_ac_rule[ii]);
|
|
|
|
|
if (p15_obj.access_rules[ii].auth_id.len == 0) {
|
|
|
|
|
asn1_ac_rule[ii][1].type = SC_ASN1_NULL;
|
|
|
|
|
asn1_ac_rule[ii][1].tag = SC_ASN1_TAG_NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_access_control_rules, asn1_ac_rules);
|
|
|
|
|
}
|
2002-01-10 12:33:56 +00:00
|
|
|
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_com_obj_attr, asn1_c_attr);
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_p15_obj, asn1_p15_obj);
|
|
|
|
|
if (label_len != 0)
|
2004-09-20 09:47:35 +00:00
|
|
|
sc_format_asn1_entry(asn1_c_attr + 0, (void *) p15_obj.label, &label_len, 1);
|
|
|
|
|
if (p15_obj.flags) {
|
|
|
|
|
flags_len = sizeof(p15_obj.flags);
|
|
|
|
|
sc_format_asn1_entry(asn1_c_attr + 1, (void *) &p15_obj.flags, &flags_len, 1);
|
2002-01-13 23:56:13 +00:00
|
|
|
}
|
2004-09-20 09:47:35 +00:00
|
|
|
if (p15_obj.auth_id.len)
|
|
|
|
|
sc_format_asn1_entry(asn1_c_attr + 2, (void *) &p15_obj.auth_id, NULL, 1);
|
|
|
|
|
if (p15_obj.user_consent)
|
|
|
|
|
sc_format_asn1_entry(asn1_c_attr + 3, (void *) &p15_obj.user_consent, NULL, 1);
|
2010-07-06 09:09:04 +00:00
|
|
|
|
|
|
|
|
if (p15_obj.access_rules[0].access_mode) {
|
|
|
|
|
for (ii=0; p15_obj.access_rules[ii].access_mode; ii++) {
|
|
|
|
|
access_mode_len = sizeof(p15_obj.access_rules[ii].access_mode);
|
|
|
|
|
sc_format_asn1_entry(asn1_ac_rule[ii] + 0, (void *) &p15_obj.access_rules[ii].access_mode, &access_mode_len, 1);
|
|
|
|
|
sc_format_asn1_entry(asn1_ac_rule[ii] + 1, (void *) &p15_obj.access_rules[ii].auth_id, NULL, 1);
|
|
|
|
|
sc_format_asn1_entry(asn1_ac_rules + ii, asn1_ac_rule[ii], NULL, 1);
|
|
|
|
|
}
|
|
|
|
|
sc_format_asn1_entry(asn1_c_attr + 4, asn1_ac_rules, NULL, 1);
|
|
|
|
|
}
|
|
|
|
|
|
2002-01-10 12:33:56 +00:00
|
|
|
sc_format_asn1_entry(asn1_p15_obj + 0, asn1_c_attr, NULL, 1);
|
|
|
|
|
sc_format_asn1_entry(asn1_p15_obj + 1, obj->asn1_class_attr, NULL, 1);
|
2012-05-27 19:20:22 +00:00
|
|
|
if (obj->asn1_subclass_attr != NULL && obj->asn1_subclass_attr->name)
|
2002-01-10 12:33:56 +00:00
|
|
|
sc_format_asn1_entry(asn1_p15_obj + 2, obj->asn1_subclass_attr, NULL, 1);
|
|
|
|
|
sc_format_asn1_entry(asn1_p15_obj + 3, obj->asn1_type_attr, NULL, 1);
|
|
|
|
|
|
|
|
|
|
r = asn1_encode(ctx, asn1_p15_obj, buf, bufsize, depth + 1);
|
|
|
|
|
return r;
|
|
|
|
|
}
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
static int asn1_decode_entry(sc_context_t *ctx,struct sc_asn1_entry *entry,
|
2002-01-01 18:25:11 +00:00
|
|
|
const u8 *obj, size_t objlen, int depth)
|
2001-12-16 18:46:32 +00:00
|
|
|
{
|
|
|
|
|
void *parm = entry->parm;
|
2005-03-08 20:59:35 +00:00
|
|
|
int (*callback_func)(sc_context_t *nctx, void *arg, const u8 *nobj,
|
2012-05-27 19:20:22 +00:00
|
|
|
size_t nobjlen, int ndepth);
|
2002-01-01 18:25:11 +00:00
|
|
|
size_t *len = (size_t *) entry->arg;
|
2001-12-16 18:46:32 +00:00
|
|
|
int r = 0;
|
|
|
|
|
|
2010-04-02 13:12:53 +00:00
|
|
|
callback_func = parm;
|
2005-09-12 21:09:12 +00:00
|
|
|
|
2017-01-01 12:55:25 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "%*.*sdecoding '%s', raw data:%s%s\n",
|
|
|
|
|
depth, depth, "", entry->name,
|
|
|
|
|
sc_dump_hex(obj, objlen > 16 ? 16 : objlen),
|
|
|
|
|
objlen > 16 ? "..." : "");
|
2003-11-19 20:22:52 +00:00
|
|
|
|
2001-12-16 18:46:32 +00:00
|
|
|
switch (entry->type) {
|
|
|
|
|
case SC_ASN1_STRUCT:
|
2001-12-19 21:58:04 +00:00
|
|
|
if (parm != NULL)
|
2002-01-10 12:33:56 +00:00
|
|
|
r = asn1_decode(ctx, (struct sc_asn1_entry *) parm, obj,
|
2001-12-19 21:58:04 +00:00
|
|
|
objlen, NULL, NULL, 0, depth + 1);
|
|
|
|
|
break;
|
2002-04-17 12:19:57 +00:00
|
|
|
case SC_ASN1_NULL:
|
|
|
|
|
break;
|
2001-12-19 21:58:04 +00:00
|
|
|
case SC_ASN1_BOOLEAN:
|
|
|
|
|
if (parm != NULL) {
|
|
|
|
|
if (objlen != 1) {
|
2017-03-14 19:02:30 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1,
|
|
|
|
|
"invalid ASN.1 object length: %"SC_FORMAT_LEN_SIZE_T"u\n",
|
|
|
|
|
objlen);
|
2001-12-19 21:58:04 +00:00
|
|
|
r = SC_ERROR_INVALID_ASN1_OBJECT;
|
|
|
|
|
} else
|
2005-03-30 16:40:01 +00:00
|
|
|
*((int *) parm) = obj[0] ? 1 : 0;
|
2001-12-19 21:58:04 +00:00
|
|
|
}
|
2001-12-16 18:46:32 +00:00
|
|
|
break;
|
|
|
|
|
case SC_ASN1_INTEGER:
|
2001-12-21 23:34:47 +00:00
|
|
|
case SC_ASN1_ENUMERATED:
|
2010-05-31 16:49:55 +00:00
|
|
|
if (parm != NULL) {
|
2001-12-16 18:46:32 +00:00
|
|
|
r = sc_asn1_decode_integer(obj, objlen, (int *) entry->parm);
|
2012-05-27 19:20:22 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "%*.*sdecoding '%s' returned %d\n", depth, depth, "",
|
2010-07-06 09:09:04 +00:00
|
|
|
entry->name, *((int *) entry->parm));
|
2010-05-31 16:49:55 +00:00
|
|
|
}
|
2001-12-16 18:46:32 +00:00
|
|
|
break;
|
2001-12-29 19:03:46 +00:00
|
|
|
case SC_ASN1_BIT_STRING_NI:
|
2001-12-16 18:46:32 +00:00
|
|
|
case SC_ASN1_BIT_STRING:
|
2001-12-29 19:03:46 +00:00
|
|
|
if (parm != NULL) {
|
|
|
|
|
int invert = entry->type == SC_ASN1_BIT_STRING ? 1 : 0;
|
|
|
|
|
assert(len != NULL);
|
2002-01-01 18:25:11 +00:00
|
|
|
if (objlen < 1) {
|
|
|
|
|
r = SC_ERROR_INVALID_ASN1_OBJECT;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2001-12-29 19:03:46 +00:00
|
|
|
if (entry->flags & SC_ASN1_ALLOC) {
|
|
|
|
|
u8 **buf = (u8 **) parm;
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
*buf = malloc(objlen-1);
|
2001-12-29 19:03:46 +00:00
|
|
|
if (*buf == NULL) {
|
|
|
|
|
r = SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
*len = objlen-1;
|
|
|
|
|
parm = *buf;
|
|
|
|
|
}
|
|
|
|
|
r = decode_bit_string(obj, objlen, (u8 *) parm, *len, invert);
|
2001-12-16 18:46:32 +00:00
|
|
|
if (r >= 0) {
|
|
|
|
|
*len = r;
|
|
|
|
|
r = 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
break;
|
2003-04-16 20:52:26 +00:00
|
|
|
case SC_ASN1_BIT_FIELD:
|
|
|
|
|
if (parm != NULL)
|
|
|
|
|
r = decode_bit_field(obj, objlen, (u8 *) parm, *len);
|
|
|
|
|
break;
|
2001-12-16 18:46:32 +00:00
|
|
|
case SC_ASN1_OCTET_STRING:
|
2001-12-19 21:58:04 +00:00
|
|
|
if (parm != NULL) {
|
2004-09-20 09:47:35 +00:00
|
|
|
size_t c;
|
2001-12-19 21:58:04 +00:00
|
|
|
assert(len != NULL);
|
2003-02-03 12:17:12 +00:00
|
|
|
|
|
|
|
|
/* Strip off padding zero */
|
|
|
|
|
if ((entry->flags & SC_ASN1_UNSIGNED)
|
|
|
|
|
&& obj[0] == 0x00 && objlen > 1) {
|
|
|
|
|
objlen--;
|
|
|
|
|
obj++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Allocate buffer if needed */
|
2001-12-29 19:03:46 +00:00
|
|
|
if (entry->flags & SC_ASN1_ALLOC) {
|
|
|
|
|
u8 **buf = (u8 **) parm;
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
*buf = malloc(objlen);
|
2001-12-29 19:03:46 +00:00
|
|
|
if (*buf == NULL) {
|
|
|
|
|
r = SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
c = *len = objlen;
|
|
|
|
|
parm = *buf;
|
|
|
|
|
} else
|
|
|
|
|
c = objlen > *len ? *len : objlen;
|
2001-12-19 21:58:04 +00:00
|
|
|
|
2001-12-16 18:46:32 +00:00
|
|
|
memcpy(parm, obj, c);
|
|
|
|
|
*len = c;
|
|
|
|
|
}
|
|
|
|
|
break;
|
2002-08-21 10:02:55 +00:00
|
|
|
case SC_ASN1_GENERALIZEDTIME:
|
|
|
|
|
if (parm != NULL) {
|
2004-09-20 09:47:35 +00:00
|
|
|
size_t c;
|
2002-08-21 10:02:55 +00:00
|
|
|
assert(len != NULL);
|
|
|
|
|
if (entry->flags & SC_ASN1_ALLOC) {
|
|
|
|
|
u8 **buf = (u8 **) parm;
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
*buf = malloc(objlen);
|
2002-08-21 10:02:55 +00:00
|
|
|
if (*buf == NULL) {
|
|
|
|
|
r = SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
c = *len = objlen;
|
|
|
|
|
parm = *buf;
|
|
|
|
|
} else
|
|
|
|
|
c = objlen > *len ? *len : objlen;
|
|
|
|
|
|
|
|
|
|
memcpy(parm, obj, c);
|
|
|
|
|
*len = c;
|
|
|
|
|
}
|
|
|
|
|
break;
|
2001-12-16 18:46:32 +00:00
|
|
|
case SC_ASN1_OBJECT:
|
|
|
|
|
if (parm != NULL)
|
|
|
|
|
r = sc_asn1_decode_object_id(obj, objlen, (struct sc_object_id *) parm);
|
|
|
|
|
break;
|
2005-08-24 08:00:44 +00:00
|
|
|
case SC_ASN1_PRINTABLESTRING:
|
2001-12-16 18:46:32 +00:00
|
|
|
case SC_ASN1_UTF8STRING:
|
2001-12-19 21:58:04 +00:00
|
|
|
if (parm != NULL) {
|
|
|
|
|
assert(len != NULL);
|
2001-12-29 19:03:46 +00:00
|
|
|
if (entry->flags & SC_ASN1_ALLOC) {
|
|
|
|
|
u8 **buf = (u8 **) parm;
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
*buf = malloc(objlen+1);
|
2001-12-29 19:03:46 +00:00
|
|
|
if (*buf == NULL) {
|
|
|
|
|
r = SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2007-07-20 12:30:59 +00:00
|
|
|
*len = objlen+1;
|
2001-12-29 19:03:46 +00:00
|
|
|
parm = *buf;
|
|
|
|
|
}
|
2002-04-19 14:23:31 +00:00
|
|
|
r = sc_asn1_decode_utf8string(obj, objlen, (u8 *) parm, len);
|
2007-07-20 12:30:59 +00:00
|
|
|
if (entry->flags & SC_ASN1_ALLOC) {
|
|
|
|
|
*len -= 1;
|
|
|
|
|
}
|
2001-12-19 21:58:04 +00:00
|
|
|
}
|
2001-12-16 18:46:32 +00:00
|
|
|
break;
|
|
|
|
|
case SC_ASN1_PATH:
|
|
|
|
|
if (entry->parm != NULL)
|
2005-03-08 20:59:35 +00:00
|
|
|
r = asn1_decode_path(ctx, obj, objlen, (sc_path_t *) parm, depth);
|
2001-12-19 21:58:04 +00:00
|
|
|
break;
|
|
|
|
|
case SC_ASN1_PKCS15_ID:
|
|
|
|
|
if (entry->parm != NULL) {
|
2002-04-19 14:23:31 +00:00
|
|
|
struct sc_pkcs15_id *id = (struct sc_pkcs15_id *) parm;
|
2004-09-20 09:47:35 +00:00
|
|
|
size_t c = objlen > sizeof(id->value) ? sizeof(id->value) : objlen;
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2001-12-19 21:58:04 +00:00
|
|
|
memcpy(id->value, obj, c);
|
|
|
|
|
id->len = c;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case SC_ASN1_PKCS15_OBJECT:
|
|
|
|
|
if (entry->parm != NULL)
|
2002-01-16 23:59:18 +00:00
|
|
|
r = asn1_decode_p15_object(ctx, obj, objlen, (struct sc_asn1_pkcs15_object *) parm, depth);
|
2001-12-16 18:46:32 +00:00
|
|
|
break;
|
2002-03-08 05:59:57 +00:00
|
|
|
case SC_ASN1_ALGORITHM_ID:
|
|
|
|
|
if (entry->parm != NULL)
|
2002-04-17 08:54:36 +00:00
|
|
|
r = sc_asn1_decode_algorithm_id(ctx, obj, objlen, (struct sc_algorithm_id *) parm, depth);
|
2005-03-09 10:47:01 +00:00
|
|
|
break;
|
2006-10-30 18:51:48 +00:00
|
|
|
case SC_ASN1_SE_INFO:
|
|
|
|
|
if (entry->parm != NULL)
|
|
|
|
|
r = asn1_decode_se_info(ctx, obj, objlen, (sc_pkcs15_sec_env_info_t ***)entry->parm, len, depth);
|
|
|
|
|
break;
|
2001-12-29 19:03:46 +00:00
|
|
|
case SC_ASN1_CALLBACK:
|
|
|
|
|
if (entry->parm != NULL)
|
|
|
|
|
r = callback_func(ctx, entry->arg, obj, objlen, depth);
|
|
|
|
|
break;
|
2001-12-16 18:46:32 +00:00
|
|
|
default:
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "invalid ASN.1 type: %d\n", entry->type);
|
2005-08-05 07:28:20 +00:00
|
|
|
return SC_ERROR_INVALID_ASN1_OBJECT;
|
2001-12-16 18:46:32 +00:00
|
|
|
}
|
|
|
|
|
if (r) {
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "decoding of ASN.1 object '%s' failed: %s\n", entry->name,
|
2001-12-19 21:58:04 +00:00
|
|
|
sc_strerror(r));
|
2001-12-16 18:46:32 +00:00
|
|
|
return r;
|
|
|
|
|
}
|
|
|
|
|
entry->flags |= SC_ASN1_PRESENT;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
static int asn1_decode(sc_context_t *ctx, struct sc_asn1_entry *asn1,
|
2002-01-07 18:32:13 +00:00
|
|
|
const u8 *in, size_t len, const u8 **newp, size_t *len_left,
|
|
|
|
|
int choice, int depth)
|
2001-12-16 18:46:32 +00:00
|
|
|
{
|
2001-12-19 21:58:04 +00:00
|
|
|
int r, idx = 0;
|
2001-12-16 18:46:32 +00:00
|
|
|
const u8 *p = in, *obj;
|
2002-01-10 12:33:56 +00:00
|
|
|
struct sc_asn1_entry *entry = asn1;
|
2001-12-30 21:17:34 +00:00
|
|
|
size_t left = len, objlen;
|
2001-12-16 18:46:32 +00:00
|
|
|
|
2017-03-14 19:02:30 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1,
|
|
|
|
|
"%*.*scalled, left=%"SC_FORMAT_LEN_SIZE_T"u, depth %d%s\n",
|
|
|
|
|
depth, depth, "", left, depth, choice ? ", choice" : "");
|
2003-11-26 15:35:17 +00:00
|
|
|
|
2015-02-05 16:43:14 +00:00
|
|
|
if (!p)
|
|
|
|
|
return SC_ERROR_ASN1_OBJECT_NOT_FOUND;
|
2002-01-17 23:47:03 +00:00
|
|
|
if (left < 2) {
|
2003-08-21 05:39:51 +00:00
|
|
|
while (asn1->name && (asn1->flags & SC_ASN1_OPTIONAL))
|
|
|
|
|
asn1++;
|
|
|
|
|
/* If all elements were optional, there's nothing
|
|
|
|
|
* to complain about */
|
|
|
|
|
if (asn1->name == NULL)
|
2002-01-17 23:47:03 +00:00
|
|
|
return 0;
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "End of ASN.1 stream, "
|
2003-11-19 20:22:52 +00:00
|
|
|
"non-optional field \"%s\" not found\n",
|
2003-10-30 11:38:05 +00:00
|
|
|
asn1->name);
|
|
|
|
|
return SC_ERROR_ASN1_OBJECT_NOT_FOUND;
|
2002-01-17 23:47:03 +00:00
|
|
|
}
|
2005-01-27 21:35:23 +00:00
|
|
|
if (p[0] == 0 || p[0] == 0xFF || len == 0)
|
2001-12-20 13:57:58 +00:00
|
|
|
return SC_ERROR_ASN1_END_OF_CONTENTS;
|
2003-11-26 15:35:17 +00:00
|
|
|
|
2001-12-19 21:58:04 +00:00
|
|
|
for (idx = 0; asn1[idx].name != NULL; idx++) {
|
|
|
|
|
entry = &asn1[idx];
|
2002-04-17 08:54:36 +00:00
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "Looking for '%s', tag 0x%x%s%s\n",
|
2010-03-15 12:17:13 +00:00
|
|
|
entry->name, entry->tag, choice? ", CHOICE" : "",
|
|
|
|
|
(entry->flags & SC_ASN1_OPTIONAL)? ", OPTIONAL": "");
|
2003-11-26 15:35:17 +00:00
|
|
|
|
2002-04-17 08:54:36 +00:00
|
|
|
/* Special case CHOICE has no tag */
|
|
|
|
|
if (entry->type == SC_ASN1_CHOICE) {
|
|
|
|
|
r = asn1_decode(ctx,
|
|
|
|
|
(struct sc_asn1_entry *) entry->parm,
|
|
|
|
|
p, left, &p, &left, 1, depth + 1);
|
2002-04-17 20:43:12 +00:00
|
|
|
if (r >= 0)
|
|
|
|
|
r = 0;
|
2002-04-17 08:54:36 +00:00
|
|
|
goto decode_ok;
|
|
|
|
|
}
|
|
|
|
|
|
2001-12-29 19:03:46 +00:00
|
|
|
obj = sc_asn1_skip_tag(ctx, &p, &left, entry->tag, &objlen);
|
2001-12-16 18:46:32 +00:00
|
|
|
if (obj == NULL) {
|
2017-01-01 12:55:25 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "'%s' not present\n", entry->name);
|
2001-12-19 21:58:04 +00:00
|
|
|
if (choice)
|
2001-12-16 18:46:32 +00:00
|
|
|
continue;
|
2003-11-26 15:35:17 +00:00
|
|
|
if (entry->flags & SC_ASN1_OPTIONAL)
|
2001-12-19 21:58:04 +00:00
|
|
|
continue;
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "mandatory ASN.1 object '%s' not found\n", entry->name);
|
|
|
|
|
if (left) {
|
2001-12-19 21:58:04 +00:00
|
|
|
u8 line[128], *linep = line;
|
2002-12-02 13:38:09 +00:00
|
|
|
size_t i;
|
2001-12-19 21:58:04 +00:00
|
|
|
|
|
|
|
|
line[0] = 0;
|
|
|
|
|
for (i = 0; i < 10 && i < left; i++) {
|
2001-12-30 21:17:34 +00:00
|
|
|
sprintf((char *) linep, "%02X ", p[i]);
|
2001-12-19 21:58:04 +00:00
|
|
|
linep += 3;
|
|
|
|
|
}
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "next tag: %s\n", line);
|
2001-12-16 18:46:32 +00:00
|
|
|
}
|
2010-03-15 12:17:13 +00:00
|
|
|
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_ASN1, SC_ERROR_ASN1_OBJECT_NOT_FOUND);
|
2001-12-16 18:46:32 +00:00
|
|
|
}
|
2001-12-19 21:58:04 +00:00
|
|
|
r = asn1_decode_entry(ctx, entry, obj, objlen, depth);
|
2002-04-17 08:54:36 +00:00
|
|
|
|
|
|
|
|
decode_ok:
|
2001-12-16 18:46:32 +00:00
|
|
|
if (r)
|
|
|
|
|
return r;
|
2001-12-19 21:58:04 +00:00
|
|
|
if (choice)
|
|
|
|
|
break;
|
2001-12-16 18:46:32 +00:00
|
|
|
}
|
2001-12-19 21:58:04 +00:00
|
|
|
if (choice && asn1[idx].name == NULL) /* No match */
|
2010-03-15 12:17:13 +00:00
|
|
|
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_ASN1, SC_ERROR_ASN1_OBJECT_NOT_FOUND);
|
2001-12-16 18:46:32 +00:00
|
|
|
if (newp != NULL)
|
2001-12-19 21:58:04 +00:00
|
|
|
*newp = p;
|
2001-12-16 18:46:32 +00:00
|
|
|
if (len_left != NULL)
|
2001-12-19 21:58:04 +00:00
|
|
|
*len_left = left;
|
|
|
|
|
if (choice)
|
2010-03-15 12:17:13 +00:00
|
|
|
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_ASN1, idx);
|
|
|
|
|
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_ASN1, 0);
|
2001-12-19 21:58:04 +00:00
|
|
|
}
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
int sc_asn1_decode(sc_context_t *ctx, struct sc_asn1_entry *asn1,
|
2002-01-07 18:32:13 +00:00
|
|
|
const u8 *in, size_t len, const u8 **newp, size_t *len_left)
|
2001-12-19 21:58:04 +00:00
|
|
|
{
|
2002-01-07 18:32:13 +00:00
|
|
|
return asn1_decode(ctx, asn1, in, len, newp, len_left, 0, 0);
|
2001-12-16 18:46:32 +00:00
|
|
|
}
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
int sc_asn1_decode_choice(sc_context_t *ctx, struct sc_asn1_entry *asn1,
|
2002-01-07 18:32:13 +00:00
|
|
|
const u8 *in, size_t len, const u8 **newp, size_t *len_left)
|
2001-12-16 18:46:32 +00:00
|
|
|
{
|
2002-01-07 18:32:13 +00:00
|
|
|
return asn1_decode(ctx, asn1, in, len, newp, len_left, 1, 0);
|
2001-12-16 18:46:32 +00:00
|
|
|
}
|
2002-01-07 18:23:34 +00:00
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
static int asn1_encode_entry(sc_context_t *ctx, const struct sc_asn1_entry *entry,
|
2002-01-10 12:33:56 +00:00
|
|
|
u8 **obj, size_t *objlen, int depth)
|
|
|
|
|
{
|
|
|
|
|
void *parm = entry->parm;
|
2005-03-08 20:59:35 +00:00
|
|
|
int (*callback_func)(sc_context_t *nctx, void *arg, u8 **nobj,
|
2005-09-12 21:09:12 +00:00
|
|
|
size_t *nobjlen, int ndepth);
|
2002-01-10 12:33:56 +00:00
|
|
|
const size_t *len = (const size_t *) entry->arg;
|
|
|
|
|
int r = 0;
|
|
|
|
|
u8 * buf = NULL;
|
|
|
|
|
size_t buflen = 0;
|
|
|
|
|
|
2010-04-02 13:12:53 +00:00
|
|
|
callback_func = parm;
|
2005-09-12 21:09:12 +00:00
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "%*.*sencoding '%s'%s\n",
|
|
|
|
|
depth, depth, "", entry->name,
|
|
|
|
|
(entry->flags & SC_ASN1_PRESENT)? "" : " (not present)");
|
2003-11-19 20:22:52 +00:00
|
|
|
if (!(entry->flags & SC_ASN1_PRESENT))
|
|
|
|
|
goto no_object;
|
2017-03-14 19:02:30 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1,
|
|
|
|
|
"%*.*stype=%d, tag=0x%02x, parm=%p, len=%"SC_FORMAT_LEN_SIZE_T"u\n",
|
|
|
|
|
depth, depth, "", entry->type, entry->tag, parm,
|
|
|
|
|
len ? *len : 0);
|
2003-11-19 20:22:52 +00:00
|
|
|
|
2003-11-26 15:35:17 +00:00
|
|
|
if (entry->type == SC_ASN1_CHOICE) {
|
|
|
|
|
const struct sc_asn1_entry *list, *choice = NULL;
|
|
|
|
|
|
|
|
|
|
list = (const struct sc_asn1_entry *) parm;
|
|
|
|
|
while (list->name != NULL) {
|
|
|
|
|
if (list->flags & SC_ASN1_PRESENT) {
|
|
|
|
|
if (choice) {
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1,
|
2003-11-26 15:35:17 +00:00
|
|
|
"ASN.1 problem: more than "
|
|
|
|
|
"one CHOICE when encoding %s: "
|
|
|
|
|
"%s and %s both present\n",
|
|
|
|
|
entry->name,
|
|
|
|
|
choice->name,
|
|
|
|
|
list->name);
|
|
|
|
|
return SC_ERROR_INVALID_ASN1_OBJECT;
|
|
|
|
|
}
|
|
|
|
|
choice = list;
|
|
|
|
|
}
|
|
|
|
|
list++;
|
|
|
|
|
}
|
|
|
|
|
if (choice == NULL)
|
|
|
|
|
goto no_object;
|
|
|
|
|
return asn1_encode_entry(ctx, choice, obj, objlen, depth + 1);
|
|
|
|
|
}
|
|
|
|
|
|
2005-08-05 07:28:20 +00:00
|
|
|
if (entry->type != SC_ASN1_NULL && parm == NULL) {
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "unexpected parm == NULL\n");
|
2005-08-05 07:28:20 +00:00
|
|
|
return SC_ERROR_INVALID_ASN1_OBJECT;
|
|
|
|
|
}
|
|
|
|
|
|
2002-01-10 12:33:56 +00:00
|
|
|
switch (entry->type) {
|
|
|
|
|
case SC_ASN1_STRUCT:
|
|
|
|
|
r = asn1_encode(ctx, (const struct sc_asn1_entry *) parm, &buf,
|
|
|
|
|
&buflen, depth + 1);
|
|
|
|
|
break;
|
2002-04-17 12:19:57 +00:00
|
|
|
case SC_ASN1_NULL:
|
|
|
|
|
buf = NULL;
|
|
|
|
|
buflen = 0;
|
|
|
|
|
break;
|
2002-01-10 12:33:56 +00:00
|
|
|
case SC_ASN1_BOOLEAN:
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
buf = malloc(1);
|
2002-01-10 12:33:56 +00:00
|
|
|
if (buf == NULL) {
|
|
|
|
|
r = SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2005-03-30 16:40:01 +00:00
|
|
|
buf[0] = *((int *) parm) ? 0xFF : 0;
|
2002-01-10 12:33:56 +00:00
|
|
|
buflen = 1;
|
|
|
|
|
break;
|
|
|
|
|
case SC_ASN1_INTEGER:
|
|
|
|
|
case SC_ASN1_ENUMERATED:
|
|
|
|
|
r = asn1_encode_integer(*((int *) entry->parm), &buf, &buflen);
|
|
|
|
|
break;
|
|
|
|
|
case SC_ASN1_BIT_STRING_NI:
|
|
|
|
|
case SC_ASN1_BIT_STRING:
|
2017-10-30 15:32:57 +00:00
|
|
|
if (len != NULL) {
|
|
|
|
|
if (entry->type == SC_ASN1_BIT_STRING)
|
|
|
|
|
r = encode_bit_string((const u8 *) parm, *len, &buf, &buflen, 1);
|
|
|
|
|
else
|
|
|
|
|
r = encode_bit_string((const u8 *) parm, *len, &buf, &buflen, 0);
|
|
|
|
|
} else {
|
|
|
|
|
r = SC_ERROR_INVALID_ARGUMENTS;
|
|
|
|
|
}
|
2002-01-10 12:33:56 +00:00
|
|
|
break;
|
2003-04-16 20:52:26 +00:00
|
|
|
case SC_ASN1_BIT_FIELD:
|
2017-10-30 15:32:57 +00:00
|
|
|
if (len != NULL) {
|
|
|
|
|
r = encode_bit_field((const u8 *) parm, *len, &buf, &buflen);
|
|
|
|
|
} else {
|
|
|
|
|
r = SC_ERROR_INVALID_ARGUMENTS;
|
|
|
|
|
}
|
2003-04-16 20:52:26 +00:00
|
|
|
break;
|
2005-08-24 08:00:44 +00:00
|
|
|
case SC_ASN1_PRINTABLESTRING:
|
2002-01-10 12:33:56 +00:00
|
|
|
case SC_ASN1_OCTET_STRING:
|
|
|
|
|
case SC_ASN1_UTF8STRING:
|
2017-10-30 15:32:57 +00:00
|
|
|
if (len != NULL) {
|
|
|
|
|
buf = malloc(*len + 1);
|
|
|
|
|
if (buf == NULL) {
|
|
|
|
|
r = SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
buflen = 0;
|
|
|
|
|
/* If the integer is supposed to be unsigned, insert
|
|
|
|
|
* a padding byte if the MSB is one */
|
|
|
|
|
if ((entry->flags & SC_ASN1_UNSIGNED)
|
|
|
|
|
&& (((u8 *) parm)[0] & 0x80)) {
|
|
|
|
|
buf[buflen++] = 0x00;
|
|
|
|
|
}
|
|
|
|
|
memcpy(buf + buflen, parm, *len);
|
|
|
|
|
buflen += *len;
|
|
|
|
|
} else {
|
|
|
|
|
r = SC_ERROR_INVALID_ARGUMENTS;
|
2003-02-03 12:17:12 +00:00
|
|
|
}
|
2002-01-10 12:33:56 +00:00
|
|
|
break;
|
2005-08-05 07:28:20 +00:00
|
|
|
case SC_ASN1_GENERALIZEDTIME:
|
2017-10-30 15:32:57 +00:00
|
|
|
if (len != NULL) {
|
|
|
|
|
buf = malloc(*len);
|
|
|
|
|
if (buf == NULL) {
|
|
|
|
|
r = SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
memcpy(buf, parm, *len);
|
|
|
|
|
buflen = *len;
|
|
|
|
|
} else {
|
|
|
|
|
r = SC_ERROR_INVALID_ARGUMENTS;
|
2005-08-05 07:28:20 +00:00
|
|
|
}
|
|
|
|
|
break;
|
2002-01-13 23:56:13 +00:00
|
|
|
case SC_ASN1_OBJECT:
|
2005-08-05 07:28:20 +00:00
|
|
|
r = sc_asn1_encode_object_id(&buf, &buflen, (struct sc_object_id *) parm);
|
2002-01-10 12:33:56 +00:00
|
|
|
break;
|
|
|
|
|
case SC_ASN1_PATH:
|
2011-01-02 14:14:24 +00:00
|
|
|
r = asn1_encode_path(ctx, (const sc_path_t *) parm, &buf, &buflen, depth, entry->flags);
|
2002-01-10 12:33:56 +00:00
|
|
|
break;
|
|
|
|
|
case SC_ASN1_PKCS15_ID:
|
2005-08-05 07:28:20 +00:00
|
|
|
{
|
2002-04-19 14:23:31 +00:00
|
|
|
const struct sc_pkcs15_id *id = (const struct sc_pkcs15_id *) parm;
|
2002-01-10 12:33:56 +00:00
|
|
|
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
buf = malloc(id->len);
|
2002-01-10 12:33:56 +00:00
|
|
|
if (buf == NULL) {
|
|
|
|
|
r = SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
memcpy(buf, id->value, id->len);
|
|
|
|
|
buflen = id->len;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case SC_ASN1_PKCS15_OBJECT:
|
2002-01-16 23:59:18 +00:00
|
|
|
r = asn1_encode_p15_object(ctx, (const struct sc_asn1_pkcs15_object *) parm, &buf, &buflen, depth);
|
2002-01-10 12:33:56 +00:00
|
|
|
break;
|
2002-03-08 05:59:57 +00:00
|
|
|
case SC_ASN1_ALGORITHM_ID:
|
2002-04-17 08:54:36 +00:00
|
|
|
r = sc_asn1_encode_algorithm_id(ctx, &buf, &buflen, (const struct sc_algorithm_id *) parm, depth);
|
2002-03-08 05:59:57 +00:00
|
|
|
break;
|
2012-05-27 19:20:22 +00:00
|
|
|
case SC_ASN1_SE_INFO:
|
|
|
|
|
if (!len)
|
|
|
|
|
return SC_ERROR_INVALID_ASN1_OBJECT;
|
|
|
|
|
r = asn1_encode_se_info(ctx, (struct sc_pkcs15_sec_env_info **)parm, *len, &buf, &buflen, depth);
|
|
|
|
|
break;
|
2002-01-10 12:33:56 +00:00
|
|
|
case SC_ASN1_CALLBACK:
|
|
|
|
|
r = callback_func(ctx, entry->arg, &buf, &buflen, depth);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "invalid ASN.1 type: %d\n", entry->type);
|
2005-08-05 07:28:20 +00:00
|
|
|
return SC_ERROR_INVALID_ASN1_OBJECT;
|
2002-01-10 12:33:56 +00:00
|
|
|
}
|
|
|
|
|
if (r) {
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "encoding of ASN.1 object '%s' failed: %s\n", entry->name,
|
2002-01-10 12:33:56 +00:00
|
|
|
sc_strerror(r));
|
|
|
|
|
if (buf)
|
|
|
|
|
free(buf);
|
|
|
|
|
return r;
|
|
|
|
|
}
|
2003-01-20 09:53:10 +00:00
|
|
|
|
2003-06-12 21:14:04 +00:00
|
|
|
/* Treatment of OPTIONAL elements:
|
|
|
|
|
* - if the encoding has 0 length, and the element is OPTIONAL,
|
2004-07-23 16:11:23 +00:00
|
|
|
* we don't write anything (unless it's an ASN1 NULL and the
|
|
|
|
|
* SC_ASN1_PRESENT flag is set).
|
2003-06-12 21:14:04 +00:00
|
|
|
* - if the encoding has 0 length, but the element is non-OPTIONAL,
|
2004-07-23 16:11:23 +00:00
|
|
|
* constructed, we write a empty element (e.g. a SEQUENCE of
|
|
|
|
|
* length 0). In case of an ASN1 NULL just write the tag and
|
|
|
|
|
* length (i.e. 0x05,0x00).
|
2003-06-12 21:14:04 +00:00
|
|
|
* - any other empty objects are considered bogus
|
|
|
|
|
*/
|
2003-11-19 20:22:52 +00:00
|
|
|
no_object:
|
2012-05-27 19:20:22 +00:00
|
|
|
if (!buflen && entry->flags & SC_ASN1_OPTIONAL && !(entry->flags & SC_ASN1_PRESENT)) {
|
2003-01-20 09:53:10 +00:00
|
|
|
/* This happens when we try to encode e.g. the
|
|
|
|
|
* subClassAttributes, which may be empty */
|
2003-02-03 12:17:12 +00:00
|
|
|
*obj = NULL;
|
|
|
|
|
*objlen = 0;
|
2003-01-20 09:53:10 +00:00
|
|
|
r = 0;
|
2010-07-05 13:29:10 +00:00
|
|
|
} else if (!buflen && (entry->flags & SC_ASN1_EMPTY_ALLOWED)) {
|
|
|
|
|
*obj = NULL;
|
|
|
|
|
*objlen = 0;
|
|
|
|
|
r = asn1_write_element(ctx, entry->tag, buf, buflen, obj, objlen);
|
|
|
|
|
if (r)
|
2012-05-27 19:20:22 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "error writing ASN.1 tag and length: %s\n", sc_strerror(r));
|
|
|
|
|
} else if (buflen || entry->type == SC_ASN1_NULL || entry->tag & SC_ASN1_CONS) {
|
|
|
|
|
r = asn1_write_element(ctx, entry->tag, buf, buflen, obj, objlen);
|
2003-06-12 21:14:04 +00:00
|
|
|
if (r)
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "error writing ASN.1 tag and length: %s\n",
|
2003-06-12 21:14:04 +00:00
|
|
|
sc_strerror(r));
|
2003-11-19 20:22:52 +00:00
|
|
|
} else if (!(entry->flags & SC_ASN1_PRESENT)) {
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "cannot encode non-optional ASN.1 object: not given by caller\n");
|
2003-11-19 20:22:52 +00:00
|
|
|
r = SC_ERROR_INVALID_ASN1_OBJECT;
|
2003-01-20 09:53:10 +00:00
|
|
|
} else {
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1, "cannot encode empty non-optional ASN.1 object\n");
|
2003-01-20 09:53:10 +00:00
|
|
|
r = SC_ERROR_INVALID_ASN1_OBJECT;
|
|
|
|
|
}
|
2002-01-20 21:20:09 +00:00
|
|
|
if (buf)
|
|
|
|
|
free(buf);
|
2010-03-15 12:17:13 +00:00
|
|
|
if (r >= 0)
|
2017-03-14 19:02:30 +00:00
|
|
|
sc_debug(ctx, SC_LOG_DEBUG_ASN1,
|
|
|
|
|
"%*.*slength of encoded item=%"SC_FORMAT_LEN_SIZE_T"u\n",
|
|
|
|
|
depth, depth, "", *objlen);
|
2003-01-20 09:53:10 +00:00
|
|
|
return r;
|
2002-01-10 12:33:56 +00:00
|
|
|
}
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
static int asn1_encode(sc_context_t *ctx, const struct sc_asn1_entry *asn1,
|
2002-01-10 12:33:56 +00:00
|
|
|
u8 **ptr, size_t *size, int depth)
|
2002-01-07 18:23:34 +00:00
|
|
|
{
|
|
|
|
|
int r, idx = 0;
|
2004-04-21 18:10:58 +00:00
|
|
|
u8 *obj = NULL, *buf = NULL, *tmp;
|
2002-01-07 18:23:34 +00:00
|
|
|
size_t total = 0, objsize;
|
|
|
|
|
|
|
|
|
|
for (idx = 0; asn1[idx].name != NULL; idx++) {
|
2003-11-19 20:22:52 +00:00
|
|
|
r = asn1_encode_entry(ctx, &asn1[idx], &obj, &objsize, depth);
|
2002-01-10 12:33:56 +00:00
|
|
|
if (r) {
|
2004-04-21 18:10:58 +00:00
|
|
|
if (obj)
|
|
|
|
|
free(obj);
|
|
|
|
|
if (buf)
|
2002-01-10 12:33:56 +00:00
|
|
|
free(buf);
|
2002-01-07 18:23:34 +00:00
|
|
|
return r;
|
2002-01-10 12:33:56 +00:00
|
|
|
}
|
2004-07-23 16:11:23 +00:00
|
|
|
/* in case of an empty (optional) element continue with
|
|
|
|
|
* the next asn1 element */
|
|
|
|
|
if (!objsize)
|
|
|
|
|
continue;
|
2004-04-21 18:10:58 +00:00
|
|
|
tmp = (u8 *) realloc(buf, total + objsize);
|
|
|
|
|
if (!tmp) {
|
|
|
|
|
if (obj)
|
|
|
|
|
free(obj);
|
|
|
|
|
if (buf)
|
|
|
|
|
free(buf);
|
|
|
|
|
return SC_ERROR_OUT_OF_MEMORY;
|
|
|
|
|
}
|
|
|
|
|
buf = tmp;
|
2002-01-10 12:33:56 +00:00
|
|
|
memcpy(buf + total, obj, objsize);
|
|
|
|
|
free(obj);
|
2005-08-10 21:00:52 +00:00
|
|
|
obj = NULL;
|
2002-01-07 18:23:34 +00:00
|
|
|
total += objsize;
|
|
|
|
|
}
|
2002-01-10 12:33:56 +00:00
|
|
|
*ptr = buf;
|
|
|
|
|
*size = total;
|
2003-11-19 20:22:52 +00:00
|
|
|
return 0;
|
2002-01-10 12:33:56 +00:00
|
|
|
}
|
|
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
int sc_asn1_encode(sc_context_t *ctx, const struct sc_asn1_entry *asn1,
|
2002-01-10 12:33:56 +00:00
|
|
|
u8 **ptr, size_t *size)
|
|
|
|
|
{
|
|
|
|
|
return asn1_encode(ctx, asn1, ptr, size, 0);
|
2002-01-07 18:23:34 +00:00
|
|
|
}
|
2002-04-17 08:54:36 +00:00
|
|
|
|
2005-03-08 20:59:35 +00:00
|
|
|
int _sc_asn1_encode(sc_context_t *ctx, const struct sc_asn1_entry *asn1,
|
2003-11-19 20:22:52 +00:00
|
|
|
u8 **ptr, size_t *size, int depth)
|
2002-04-17 08:54:36 +00:00
|
|
|
{
|
|
|
|
|
return asn1_encode(ctx, asn1, ptr, size, depth);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int
|
2005-03-08 20:59:35 +00:00
|
|
|
_sc_asn1_decode(sc_context_t *ctx, struct sc_asn1_entry *asn1,
|
2002-04-17 08:54:36 +00:00
|
|
|
const u8 *in, size_t len, const u8 **newp, size_t *left,
|
|
|
|
|
int choice, int depth)
|
|
|
|
|
{
|
|
|
|
|
return asn1_decode(ctx, asn1, in, len, newp, left, choice, depth);
|
|
|
|
|
}
|
2003-11-19 20:22:52 +00:00
|
|
|
|
2011-04-21 13:46:28 +00:00
|
|
|
int
|
2003-11-19 20:22:52 +00:00
|
|
|
sc_der_copy(sc_pkcs15_der_t *dst, const sc_pkcs15_der_t *src)
|
|
|
|
|
{
|
2015-02-05 16:43:14 +00:00
|
|
|
if (!dst)
|
|
|
|
|
return SC_ERROR_INVALID_ARGUMENTS;
|
2003-11-19 20:22:52 +00:00
|
|
|
memset(dst, 0, sizeof(*dst));
|
|
|
|
|
if (src->len) {
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
dst->value = malloc(src->len);
|
2005-01-03 17:20:17 +00:00
|
|
|
if (!dst->value)
|
2011-04-21 13:46:28 +00:00
|
|
|
return SC_ERROR_OUT_OF_MEMORY;
|
2005-01-03 17:20:17 +00:00
|
|
|
dst->len = src->len;
|
2003-11-19 20:22:52 +00:00
|
|
|
memcpy(dst->value, src->value, src->len);
|
|
|
|
|
}
|
2011-04-21 13:46:28 +00:00
|
|
|
return SC_SUCCESS;
|
2003-11-19 20:22:52 +00:00
|
|
|
}
|
|
|
|
|
|
2011-04-21 14:12:03 +00:00
|
|
|
int
|
2012-05-27 19:20:22 +00:00
|
|
|
sc_encode_oid (struct sc_context *ctx, struct sc_object_id *id,
|
2011-04-21 14:12:03 +00:00
|
|
|
unsigned char **out, size_t *size)
|
|
|
|
|
{
|
|
|
|
|
static const struct sc_asn1_entry c_asn1_object_id[2] = {
|
2015-02-14 16:47:59 +00:00
|
|
|
{ "oid", SC_ASN1_OBJECT, SC_ASN1_TAG_OBJECT, SC_ASN1_ALLOC, NULL, NULL },
|
2011-04-21 14:12:03 +00:00
|
|
|
{ NULL, 0, 0, 0, NULL, NULL }
|
|
|
|
|
};
|
|
|
|
|
struct sc_asn1_entry asn1_object_id[2];
|
|
|
|
|
int rv;
|
|
|
|
|
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_object_id, asn1_object_id);
|
|
|
|
|
sc_format_asn1_entry(asn1_object_id + 0, id, NULL, 1);
|
|
|
|
|
|
|
|
|
|
rv = _sc_asn1_encode(ctx, asn1_object_id, out, size, 1);
|
|
|
|
|
LOG_TEST_RET(ctx, rv, "Cannot encode object ID");
|
|
|
|
|
|
|
|
|
|
return SC_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
2015-02-15 12:56:51 +00:00
|
|
|
|
|
|
|
|
#define C_ASN1_SIG_VALUE_SIZE 2
|
|
|
|
|
static struct sc_asn1_entry c_asn1_sig_value[C_ASN1_SIG_VALUE_SIZE] = {
|
|
|
|
|
{ "ECDSA-Sig-Value", SC_ASN1_STRUCT, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, 0, NULL, NULL },
|
|
|
|
|
{ NULL, 0, 0, 0, NULL, NULL }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#define C_ASN1_SIG_VALUE_COEFFICIENTS_SIZE 3
|
|
|
|
|
static struct sc_asn1_entry c_asn1_sig_value_coefficients[C_ASN1_SIG_VALUE_COEFFICIENTS_SIZE] = {
|
|
|
|
|
{ "r", SC_ASN1_OCTET_STRING, SC_ASN1_TAG_INTEGER, SC_ASN1_ALLOC|SC_ASN1_UNSIGNED, NULL, NULL },
|
|
|
|
|
{ "s", SC_ASN1_OCTET_STRING, SC_ASN1_TAG_INTEGER, SC_ASN1_ALLOC|SC_ASN1_UNSIGNED, NULL, NULL },
|
|
|
|
|
{ NULL, 0, 0, 0, NULL, NULL }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
sc_asn1_sig_value_rs_to_sequence(struct sc_context *ctx, unsigned char *in, size_t inlen,
|
|
|
|
|
unsigned char **buf, size_t *buflen)
|
|
|
|
|
{
|
|
|
|
|
struct sc_asn1_entry asn1_sig_value[C_ASN1_SIG_VALUE_SIZE];
|
|
|
|
|
struct sc_asn1_entry asn1_sig_value_coefficients[C_ASN1_SIG_VALUE_COEFFICIENTS_SIZE];
|
|
|
|
|
unsigned char *r = in, *s = in + inlen/2;
|
|
|
|
|
size_t r_len = inlen/2, s_len = inlen/2;
|
|
|
|
|
int rv;
|
|
|
|
|
|
|
|
|
|
LOG_FUNC_CALLED(ctx);
|
2015-09-18 15:37:36 +00:00
|
|
|
|
|
|
|
|
/* R/S are filled up with zeroes, we do not want that in sequence format */
|
|
|
|
|
while(r_len > 1 && *r == 0x00) {
|
|
|
|
|
r++;
|
|
|
|
|
r_len--;
|
|
|
|
|
}
|
|
|
|
|
while(s_len > 1 && *s == 0x00) {
|
|
|
|
|
s++;
|
|
|
|
|
s_len--;
|
|
|
|
|
}
|
|
|
|
|
|
2015-02-15 12:56:51 +00:00
|
|
|
sc_copy_asn1_entry(c_asn1_sig_value, asn1_sig_value);
|
|
|
|
|
sc_format_asn1_entry(asn1_sig_value + 0, asn1_sig_value_coefficients, NULL, 1);
|
|
|
|
|
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_sig_value_coefficients, asn1_sig_value_coefficients);
|
|
|
|
|
sc_format_asn1_entry(asn1_sig_value_coefficients + 0, r, &r_len, 1);
|
|
|
|
|
sc_format_asn1_entry(asn1_sig_value_coefficients + 1, s, &s_len, 1);
|
|
|
|
|
|
|
|
|
|
rv = sc_asn1_encode(ctx, asn1_sig_value, buf, buflen);
|
|
|
|
|
LOG_TEST_RET(ctx, rv, "ASN.1 encoding ECDSA-SIg-Value failed");
|
|
|
|
|
|
|
|
|
|
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
sc_asn1_sig_value_sequence_to_rs(struct sc_context *ctx, unsigned char *in, size_t inlen,
|
2015-03-07 20:36:16 +00:00
|
|
|
unsigned char *buf, size_t buflen)
|
2015-02-15 12:56:51 +00:00
|
|
|
{
|
|
|
|
|
struct sc_asn1_entry asn1_sig_value[C_ASN1_SIG_VALUE_SIZE];
|
|
|
|
|
struct sc_asn1_entry asn1_sig_value_coefficients[C_ASN1_SIG_VALUE_COEFFICIENTS_SIZE];
|
|
|
|
|
unsigned char *r, *s;
|
2015-03-07 20:36:16 +00:00
|
|
|
size_t r_len, s_len, halflen = buflen/2;
|
2015-02-15 12:56:51 +00:00
|
|
|
int rv;
|
|
|
|
|
|
|
|
|
|
LOG_FUNC_CALLED(ctx);
|
2015-03-07 20:36:16 +00:00
|
|
|
if (!buf || !buflen)
|
|
|
|
|
LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_ARGUMENTS);
|
|
|
|
|
|
2015-02-15 12:56:51 +00:00
|
|
|
sc_copy_asn1_entry(c_asn1_sig_value, asn1_sig_value);
|
|
|
|
|
sc_format_asn1_entry(asn1_sig_value + 0, asn1_sig_value_coefficients, NULL, 0);
|
|
|
|
|
|
|
|
|
|
sc_copy_asn1_entry(c_asn1_sig_value_coefficients, asn1_sig_value_coefficients);
|
|
|
|
|
sc_format_asn1_entry(asn1_sig_value_coefficients + 0, &r, &r_len, 0);
|
|
|
|
|
sc_format_asn1_entry(asn1_sig_value_coefficients + 1, &s, &s_len, 0);
|
|
|
|
|
|
|
|
|
|
rv = sc_asn1_decode(ctx, asn1_sig_value, in, inlen, NULL, NULL);
|
|
|
|
|
LOG_TEST_RET(ctx, rv, "ASN.1 decoding ECDSA-Sig-Value failed");
|
|
|
|
|
|
2015-03-07 20:36:16 +00:00
|
|
|
if (halflen < r_len || halflen < s_len) {
|
|
|
|
|
rv = SC_ERROR_BUFFER_TOO_SMALL;
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
2015-02-15 12:56:51 +00:00
|
|
|
|
2015-03-07 20:36:16 +00:00
|
|
|
memset(buf, 0, buflen);
|
|
|
|
|
memcpy(buf + (halflen - r_len), r, r_len);
|
|
|
|
|
memcpy(buf + (buflen - s_len), s, s_len);
|
2015-03-04 18:20:12 +00:00
|
|
|
|
2017-03-14 19:02:30 +00:00
|
|
|
sc_log(ctx, "r(%"SC_FORMAT_LEN_SIZE_T"u): %s", halflen,
|
|
|
|
|
sc_dump_hex(buf, halflen));
|
|
|
|
|
sc_log(ctx, "s(%"SC_FORMAT_LEN_SIZE_T"u): %s", halflen,
|
|
|
|
|
sc_dump_hex(buf + halflen, halflen));
|
2015-02-15 12:56:51 +00:00
|
|
|
|
2015-03-07 20:36:16 +00:00
|
|
|
rv = SC_SUCCESS;
|
|
|
|
|
done:
|
2015-02-15 12:56:51 +00:00
|
|
|
free(r);
|
|
|
|
|
free(s);
|
|
|
|
|
|
2015-03-07 20:36:16 +00:00
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
2015-02-15 12:56:51 +00:00
|
|
|
}
|
