/src/botan/src/lib/asn1/ber_dec.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * BER Decoder |
3 | | * (C) 1999-2008,2015,2017,2018 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/ber_dec.h> |
9 | | #include <botan/bigint.h> |
10 | | #include <botan/internal/loadstor.h> |
11 | | #include <botan/internal/safeint.h> |
12 | | |
13 | | namespace Botan { |
14 | | |
15 | | namespace { |
16 | | |
17 | | /* |
18 | | * This value is somewhat arbitrary. OpenSSL allows up to 128 nested |
19 | | * indefinite length sequences. If you increase this, also increase the |
20 | | * limit in the test in test_asn1.cpp |
21 | | */ |
22 | | const size_t ALLOWED_EOC_NESTINGS = 16; |
23 | | |
24 | | /* |
25 | | * BER decode an ASN.1 type tag |
26 | | */ |
27 | | size_t decode_tag(DataSource* ber, ASN1_Type& type_tag, ASN1_Class& class_tag) |
28 | 3.17M | { |
29 | 3.17M | uint8_t b; |
30 | 3.17M | if(!ber->read_byte(b)) |
31 | 301k | { |
32 | 301k | type_tag = ASN1_Type::NoObject; |
33 | 301k | class_tag = ASN1_Class::NoObject; |
34 | 301k | return 0; |
35 | 301k | } |
36 | | |
37 | 2.87M | if((b & 0x1F) != 0x1F) |
38 | 2.83M | { |
39 | 2.83M | type_tag = ASN1_Type(b & 0x1F); |
40 | 2.83M | class_tag = ASN1_Class(b & 0xE0); |
41 | 2.83M | return 1; |
42 | 2.83M | } |
43 | | |
44 | 40.5k | size_t tag_bytes = 1; |
45 | 40.5k | class_tag = ASN1_Class(b & 0xE0); |
46 | | |
47 | 40.5k | size_t tag_buf = 0; |
48 | 314k | while(true) |
49 | 314k | { |
50 | 314k | if(!ber->read_byte(b)) |
51 | 924 | throw BER_Decoding_Error("Long-form tag truncated"); |
52 | 313k | if(tag_buf & 0xFF000000) |
53 | 564 | throw BER_Decoding_Error("Long-form tag overflowed 32 bits"); |
54 | 312k | ++tag_bytes; |
55 | 312k | tag_buf = (tag_buf << 7) | (b & 0x7F); |
56 | 312k | if((b & 0x80) == 0) break; |
57 | 312k | } |
58 | 39.0k | type_tag = ASN1_Type(tag_buf); |
59 | 39.0k | return tag_bytes; |
60 | 40.5k | } |
61 | | |
62 | | /* |
63 | | * Find the EOC marker |
64 | | */ |
65 | | size_t find_eoc(DataSource* src, size_t allow_indef); |
66 | | |
67 | | /* |
68 | | * BER decode an ASN.1 length field |
69 | | */ |
70 | | size_t decode_length(DataSource* ber, size_t& field_size, size_t allow_indef) |
71 | 2.87M | { |
72 | 2.87M | uint8_t b; |
73 | 2.87M | if(!ber->read_byte(b)) |
74 | 3.23k | throw BER_Decoding_Error("Length field not found"); |
75 | 2.87M | field_size = 1; |
76 | 2.87M | if((b & 0x80) == 0) |
77 | 2.33M | return b; |
78 | | |
79 | 534k | field_size += (b & 0x7F); |
80 | 534k | if(field_size > 5) |
81 | 3.03k | throw BER_Decoding_Error("Length field is too large"); |
82 | | |
83 | 531k | if(field_size == 1) |
84 | 349k | { |
85 | 349k | if(allow_indef == 0) |
86 | 256 | { |
87 | 256 | throw BER_Decoding_Error("Nested EOC markers too deep, rejecting to avoid stack exhaustion"); |
88 | 256 | } |
89 | 349k | else |
90 | 349k | { |
91 | 349k | return find_eoc(ber, allow_indef - 1); |
92 | 349k | } |
93 | 349k | } |
94 | | |
95 | 182k | size_t length = 0; |
96 | | |
97 | 517k | for(size_t i = 0; i != field_size - 1; ++i) |
98 | 335k | { |
99 | 335k | if(get_byte<0>(length) != 0) |
100 | 0 | throw BER_Decoding_Error("Field length overflow"); |
101 | 335k | if(!ber->read_byte(b)) |
102 | 713 | throw BER_Decoding_Error("Corrupted length field"); |
103 | 334k | length = (length << 8) | b; |
104 | 334k | } |
105 | 181k | return length; |
106 | 182k | } |
107 | | |
108 | | /* |
109 | | * Find the EOC marker |
110 | | */ |
111 | | size_t find_eoc(DataSource* ber, size_t allow_indef) |
112 | 349k | { |
113 | 349k | secure_vector<uint8_t> buffer(BOTAN_DEFAULT_BUFFER_SIZE), data; |
114 | | |
115 | 846k | while(true) |
116 | 846k | { |
117 | 846k | const size_t got = ber->peek(buffer.data(), buffer.size(), data.size()); |
118 | 846k | if(got == 0) |
119 | 349k | break; |
120 | | |
121 | 496k | data += std::make_pair(buffer.data(), got); |
122 | 496k | } |
123 | | |
124 | 349k | DataSource_Memory source(data); |
125 | 349k | data.clear(); |
126 | | |
127 | 349k | size_t length = 0; |
128 | 1.47M | while(true) |
129 | 1.47M | { |
130 | 1.47M | ASN1_Type type_tag; |
131 | 1.47M | ASN1_Class class_tag; |
132 | 1.47M | size_t tag_size = decode_tag(&source, type_tag, class_tag); |
133 | 1.47M | if(type_tag == ASN1_Type::NoObject) |
134 | 237k | break; |
135 | | |
136 | 1.23M | size_t length_size = 0; |
137 | 1.23M | size_t item_size = decode_length(&source, length_size, allow_indef); |
138 | 1.23M | source.discard_next(item_size); |
139 | | |
140 | 1.23M | length = BOTAN_CHECKED_ADD(length, item_size); |
141 | 1.23M | length = BOTAN_CHECKED_ADD(length, tag_size); |
142 | 1.23M | length = BOTAN_CHECKED_ADD(length, length_size); |
143 | | |
144 | 1.23M | if(type_tag == ASN1_Type::Eoc && class_tag == ASN1_Class::Universal) |
145 | 104k | break; |
146 | 1.23M | } |
147 | 349k | return length; |
148 | 349k | } |
149 | | |
150 | | class DataSource_BERObject final : public DataSource |
151 | | { |
152 | | public: |
153 | | size_t read(uint8_t out[], size_t length) override |
154 | 19.2M | { |
155 | 19.2M | BOTAN_ASSERT_NOMSG(m_offset <= m_obj.length()); |
156 | 19.2M | const size_t got = std::min<size_t>(m_obj.length() - m_offset, length); |
157 | 19.2M | copy_mem(out, m_obj.bits() + m_offset, got); |
158 | 19.2M | m_offset += got; |
159 | 19.2M | return got; |
160 | 19.2M | } |
161 | | |
162 | | size_t peek(uint8_t out[], size_t length, size_t peek_offset) const override |
163 | 116k | { |
164 | 116k | BOTAN_ASSERT_NOMSG(m_offset <= m_obj.length()); |
165 | 116k | const size_t bytes_left = m_obj.length() - m_offset; |
166 | | |
167 | 116k | if(peek_offset >= bytes_left) |
168 | 49.7k | return 0; |
169 | | |
170 | 66.7k | const size_t got = std::min(bytes_left - peek_offset, length); |
171 | 66.7k | copy_mem(out, m_obj.bits() + peek_offset, got); |
172 | 66.7k | return got; |
173 | 116k | } |
174 | | |
175 | | bool check_available(size_t n) override |
176 | 1.06M | { |
177 | 1.06M | BOTAN_ASSERT_NOMSG(m_offset <= m_obj.length()); |
178 | 1.06M | return (n <= (m_obj.length() - m_offset)); |
179 | 1.06M | } |
180 | | |
181 | | bool end_of_data() const override |
182 | 824k | { |
183 | 824k | return get_bytes_read() == m_obj.length(); |
184 | 824k | } |
185 | | |
186 | 824k | size_t get_bytes_read() const override { return m_offset; } |
187 | | |
188 | 585k | explicit DataSource_BERObject(BER_Object&& obj) : m_obj(std::move(obj)), m_offset(0) {} |
189 | | |
190 | | private: |
191 | | BER_Object m_obj; |
192 | | size_t m_offset; |
193 | | }; |
194 | | |
195 | | } |
196 | | |
197 | | /* |
198 | | * Check if more objects are there |
199 | | */ |
200 | | bool BER_Decoder::more_items() const |
201 | 542k | { |
202 | 542k | if(m_source->end_of_data() && !m_pushed.is_set()) |
203 | 154k | return false; |
204 | 387k | return true; |
205 | 542k | } |
206 | | |
207 | | /* |
208 | | * Verify that no bytes remain in the source |
209 | | */ |
210 | | BER_Decoder& BER_Decoder::verify_end() |
211 | 34.0k | { |
212 | 34.0k | return verify_end("BER_Decoder::verify_end called, but data remains"); |
213 | 34.0k | } |
214 | | |
215 | | /* |
216 | | * Verify that no bytes remain in the source |
217 | | */ |
218 | | BER_Decoder& BER_Decoder::verify_end(const std::string& err) |
219 | 49.2k | { |
220 | 49.2k | if(!m_source->end_of_data() || m_pushed.is_set()) |
221 | 390 | throw Decoding_Error(err); |
222 | 48.9k | return (*this); |
223 | 49.2k | } |
224 | | |
225 | | /* |
226 | | * Discard all the bytes remaining in the source |
227 | | */ |
228 | | BER_Decoder& BER_Decoder::discard_remaining() |
229 | 20.4k | { |
230 | 20.4k | uint8_t buf; |
231 | 3.35M | while(m_source->read_byte(buf)) |
232 | 3.33M | {} |
233 | 20.4k | return (*this); |
234 | 20.4k | } |
235 | | |
236 | | /* |
237 | | * Return the BER encoding of the next object |
238 | | */ |
239 | | BER_Object BER_Decoder::get_next_object() |
240 | 1.64M | { |
241 | 1.64M | BER_Object next; |
242 | | |
243 | 1.64M | if(m_pushed.is_set()) |
244 | 92.7k | { |
245 | 92.7k | std::swap(next, m_pushed); |
246 | 92.7k | return next; |
247 | 92.7k | } |
248 | | |
249 | 1.55M | for(;;) |
250 | 1.70M | { |
251 | 1.70M | ASN1_Type type_tag; |
252 | 1.70M | ASN1_Class class_tag; |
253 | 1.70M | decode_tag(m_source, type_tag, class_tag); |
254 | 1.70M | next.set_tagging(type_tag, class_tag); |
255 | 1.70M | if(next.is_set() == false) // no more objects |
256 | 64.4k | return next; |
257 | | |
258 | 1.64M | size_t field_size; |
259 | 1.64M | const size_t length = decode_length(m_source, field_size, ALLOWED_EOC_NESTINGS); |
260 | 1.64M | if(!m_source->check_available(length)) |
261 | 7.56k | throw BER_Decoding_Error("Value truncated"); |
262 | | |
263 | 1.63M | uint8_t* out = next.mutable_bits(length); |
264 | 1.63M | if(m_source->read(out, length) != length) |
265 | 0 | throw BER_Decoding_Error("Value truncated"); |
266 | | |
267 | 1.63M | if(next.tagging() == static_cast<uint32_t>(ASN1_Type::Eoc)) |
268 | 153k | continue; |
269 | 1.48M | else |
270 | 1.48M | break; |
271 | 1.63M | } |
272 | | |
273 | 1.48M | return next; |
274 | 1.55M | } |
275 | | |
276 | | /* |
277 | | * Push a object back into the stream |
278 | | */ |
279 | | void BER_Decoder::push_back(const BER_Object& obj) |
280 | 8.59k | { |
281 | 8.59k | if(m_pushed.is_set()) |
282 | 0 | throw Invalid_State("BER_Decoder: Only one push back is allowed"); |
283 | 8.59k | m_pushed = obj; |
284 | 8.59k | } |
285 | | |
286 | | void BER_Decoder::push_back(BER_Object&& obj) |
287 | 122k | { |
288 | 122k | if(m_pushed.is_set()) |
289 | 0 | throw Invalid_State("BER_Decoder: Only one push back is allowed"); |
290 | 122k | m_pushed = std::move(obj); |
291 | 122k | } |
292 | | |
293 | | BER_Decoder BER_Decoder::start_cons(ASN1_Type type_tag, ASN1_Class class_tag) |
294 | 594k | { |
295 | 594k | BER_Object obj = get_next_object(); |
296 | 594k | obj.assert_is_a(type_tag, class_tag | ASN1_Class::Constructed); |
297 | 594k | return BER_Decoder(std::move(obj), this); |
298 | 594k | } |
299 | | |
300 | | /* |
301 | | * Finish decoding a CONSTRUCTED type |
302 | | */ |
303 | | BER_Decoder& BER_Decoder::end_cons() |
304 | 418k | { |
305 | 418k | if(!m_parent) |
306 | 0 | throw Invalid_State("BER_Decoder::end_cons called with null parent"); |
307 | 418k | if(!m_source->end_of_data()) |
308 | 1.83k | throw Decoding_Error("BER_Decoder::end_cons called with data left"); |
309 | 417k | return (*m_parent); |
310 | 418k | } |
311 | | |
312 | | BER_Decoder::BER_Decoder(BER_Object&& obj, BER_Decoder* parent) |
313 | 585k | { |
314 | 585k | m_data_src.reset(new DataSource_BERObject(std::move(obj))); |
315 | 585k | m_source = m_data_src.get(); |
316 | 585k | m_parent = parent; |
317 | 585k | } |
318 | | |
319 | | /* |
320 | | * BER_Decoder Constructor |
321 | | */ |
322 | | BER_Decoder::BER_Decoder(DataSource& src) |
323 | 34.9k | { |
324 | 34.9k | m_source = &src; |
325 | 34.9k | } |
326 | | |
327 | | /* |
328 | | * BER_Decoder Constructor |
329 | | */ |
330 | | BER_Decoder::BER_Decoder(const uint8_t data[], size_t length) |
331 | 67.3k | { |
332 | 67.3k | m_data_src.reset(new DataSource_Memory(data, length)); |
333 | 67.3k | m_source = m_data_src.get(); |
334 | 67.3k | } |
335 | | |
336 | | /* |
337 | | * BER_Decoder Constructor |
338 | | */ |
339 | | BER_Decoder::BER_Decoder(const secure_vector<uint8_t>& data) |
340 | 8.04k | { |
341 | 8.04k | m_data_src.reset(new DataSource_Memory(data)); |
342 | 8.04k | m_source = m_data_src.get(); |
343 | 8.04k | } |
344 | | |
345 | | /* |
346 | | * BER_Decoder Constructor |
347 | | */ |
348 | | BER_Decoder::BER_Decoder(const std::vector<uint8_t>& data) |
349 | 221k | { |
350 | 221k | m_data_src.reset(new DataSource_Memory(data.data(), data.size())); |
351 | 221k | m_source = m_data_src.get(); |
352 | 221k | } |
353 | | |
354 | | /* |
355 | | * BER_Decoder Copy Constructor |
356 | | */ |
357 | | BER_Decoder::BER_Decoder(const BER_Decoder& other) |
358 | 0 | { |
359 | 0 | m_source = other.m_source; |
360 | | |
361 | | // take ownership |
362 | 0 | std::swap(m_data_src, other.m_data_src); |
363 | 0 | m_parent = other.m_parent; |
364 | 0 | } |
365 | | |
366 | | /* |
367 | | * Request for an object to decode itself |
368 | | */ |
369 | | BER_Decoder& BER_Decoder::decode(ASN1_Object& obj, |
370 | | ASN1_Type /*unused*/, ASN1_Class /*unused*/) |
371 | 634k | { |
372 | 634k | obj.decode_from(*this); |
373 | 634k | return (*this); |
374 | 634k | } |
375 | | |
376 | | /* |
377 | | * Decode a BER encoded NULL |
378 | | */ |
379 | | BER_Decoder& BER_Decoder::decode_null() |
380 | 0 | { |
381 | 0 | BER_Object obj = get_next_object(); |
382 | 0 | obj.assert_is_a(ASN1_Type::Null, ASN1_Class::Universal); |
383 | 0 | if(obj.length() > 0) |
384 | 0 | throw BER_Decoding_Error("NULL object had nonzero size"); |
385 | 0 | return (*this); |
386 | 0 | } |
387 | | |
388 | | BER_Decoder& BER_Decoder::decode_octet_string_bigint(BigInt& out) |
389 | 4.63k | { |
390 | 4.63k | secure_vector<uint8_t> out_vec; |
391 | 4.63k | decode(out_vec, ASN1_Type::OctetString); |
392 | 4.63k | out = BigInt::decode(out_vec.data(), out_vec.size()); |
393 | 4.63k | return (*this); |
394 | 4.63k | } |
395 | | |
396 | | /* |
397 | | * Decode a BER encoded BOOLEAN |
398 | | */ |
399 | | BER_Decoder& BER_Decoder::decode(bool& out, |
400 | | ASN1_Type type_tag, ASN1_Class class_tag) |
401 | 5.18k | { |
402 | 5.18k | BER_Object obj = get_next_object(); |
403 | 5.18k | obj.assert_is_a(type_tag, class_tag); |
404 | | |
405 | 5.18k | if(obj.length() != 1) |
406 | 507 | throw BER_Decoding_Error("BER boolean value had invalid size"); |
407 | | |
408 | 4.67k | out = (obj.bits()[0]) ? true : false; |
409 | 4.67k | return (*this); |
410 | 5.18k | } |
411 | | |
412 | | /* |
413 | | * Decode a small BER encoded INTEGER |
414 | | */ |
415 | | BER_Decoder& BER_Decoder::decode(size_t& out, |
416 | | ASN1_Type type_tag, |
417 | | ASN1_Class class_tag) |
418 | 27.0k | { |
419 | 27.0k | BigInt integer; |
420 | 27.0k | decode(integer, type_tag, class_tag); |
421 | | |
422 | 27.0k | if(integer.is_negative()) |
423 | 912 | throw BER_Decoding_Error("Decoded small integer value was negative"); |
424 | | |
425 | 26.1k | if(integer.bits() > 32) |
426 | 679 | throw BER_Decoding_Error("Decoded integer value larger than expected"); |
427 | | |
428 | 25.4k | out = 0; |
429 | 109k | for(size_t i = 0; i != 4; ++i) |
430 | 84.0k | out = (out << 8) | integer.byte_at(3-i); |
431 | | |
432 | 25.4k | return (*this); |
433 | 26.1k | } |
434 | | |
435 | | /* |
436 | | * Decode a small BER encoded INTEGER |
437 | | */ |
438 | | uint64_t BER_Decoder::decode_constrained_integer(ASN1_Type type_tag, |
439 | | ASN1_Class class_tag, |
440 | | size_t T_bytes) |
441 | 0 | { |
442 | 0 | if(T_bytes > 8) |
443 | 0 | throw BER_Decoding_Error("Can't decode small integer over 8 bytes"); |
444 | | |
445 | 0 | BigInt integer; |
446 | 0 | decode(integer, type_tag, class_tag); |
447 | |
|
448 | 0 | if(integer.bits() > 8*T_bytes) |
449 | 0 | throw BER_Decoding_Error("Decoded integer value larger than expected"); |
450 | | |
451 | 0 | uint64_t out = 0; |
452 | 0 | for(size_t i = 0; i != 8; ++i) |
453 | 0 | out = (out << 8) | integer.byte_at(7-i); |
454 | |
|
455 | 0 | return out; |
456 | 0 | } |
457 | | |
458 | | /* |
459 | | * Decode a BER encoded INTEGER |
460 | | */ |
461 | | BER_Decoder& BER_Decoder::decode(BigInt& out, |
462 | | ASN1_Type type_tag, |
463 | | ASN1_Class class_tag) |
464 | 80.0k | { |
465 | 80.0k | BER_Object obj = get_next_object(); |
466 | 80.0k | obj.assert_is_a(type_tag, class_tag); |
467 | | |
468 | 80.0k | if(obj.length() == 0) |
469 | 13.6k | { |
470 | 13.6k | out.clear(); |
471 | 13.6k | } |
472 | 66.3k | else |
473 | 66.3k | { |
474 | 66.3k | const bool negative = (obj.bits()[0] & 0x80) ? true : false; |
475 | | |
476 | 66.3k | if(negative) |
477 | 6.16k | { |
478 | 6.16k | secure_vector<uint8_t> vec(obj.bits(), obj.bits() + obj.length()); |
479 | 10.4k | for(size_t i = obj.length(); i > 0; --i) |
480 | 10.4k | if(vec[i-1]--) |
481 | 6.16k | break; |
482 | 341k | for(size_t i = 0; i != obj.length(); ++i) |
483 | 335k | vec[i] = ~vec[i]; |
484 | 6.16k | out = BigInt(vec.data(), vec.size()); |
485 | 6.16k | out.flip_sign(); |
486 | 6.16k | } |
487 | 60.2k | else |
488 | 60.2k | { |
489 | 60.2k | out = BigInt(obj.bits(), obj.length()); |
490 | 60.2k | } |
491 | 66.3k | } |
492 | | |
493 | 80.0k | return (*this); |
494 | 80.0k | } |
495 | | |
496 | | namespace { |
497 | | |
498 | | template<typename Alloc> |
499 | | void asn1_decode_binary_string(std::vector<uint8_t, Alloc>& buffer, |
500 | | const BER_Object& obj, |
501 | | ASN1_Type real_type, |
502 | | ASN1_Type type_tag, |
503 | | ASN1_Class class_tag) |
504 | 142k | { |
505 | 142k | obj.assert_is_a(type_tag, class_tag); |
506 | | |
507 | 142k | if(real_type == ASN1_Type::OctetString) |
508 | 83.0k | { |
509 | 83.0k | buffer.assign(obj.bits(), obj.bits() + obj.length()); |
510 | 83.0k | } |
511 | 59.6k | else |
512 | 59.6k | { |
513 | 59.6k | if(obj.length() == 0) |
514 | 471 | throw BER_Decoding_Error("Invalid BIT STRING"); |
515 | 59.1k | if(obj.bits()[0] >= 8) |
516 | 282 | throw BER_Decoding_Error("Bad number of unused bits in BIT STRING"); |
517 | | |
518 | 58.8k | buffer.resize(obj.length() - 1); |
519 | | |
520 | 58.8k | if(obj.length() > 1) |
521 | 44.0k | copy_mem(buffer.data(), obj.bits() + 1, obj.length() - 1); |
522 | 58.8k | } |
523 | 142k | } ber_dec.cpp:void Botan::(anonymous namespace)::asn1_decode_binary_string<Botan::secure_allocator<unsigned char> >(std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> >&, Botan::BER_Object const&, Botan::ASN1_Type, Botan::ASN1_Type, Botan::ASN1_Class) Line | Count | Source | 504 | 9.98k | { | 505 | 9.98k | obj.assert_is_a(type_tag, class_tag); | 506 | | | 507 | 9.98k | if(real_type == ASN1_Type::OctetString) | 508 | 8.58k | { | 509 | 8.58k | buffer.assign(obj.bits(), obj.bits() + obj.length()); | 510 | 8.58k | } | 511 | 1.40k | else | 512 | 1.40k | { | 513 | 1.40k | if(obj.length() == 0) | 514 | 1 | throw BER_Decoding_Error("Invalid BIT STRING"); | 515 | 1.40k | if(obj.bits()[0] >= 8) | 516 | 8 | throw BER_Decoding_Error("Bad number of unused bits in BIT STRING"); | 517 | | | 518 | 1.39k | buffer.resize(obj.length() - 1); | 519 | | | 520 | 1.39k | if(obj.length() > 1) | 521 | 1.27k | copy_mem(buffer.data(), obj.bits() + 1, obj.length() - 1); | 522 | 1.39k | } | 523 | 9.98k | } |
ber_dec.cpp:void Botan::(anonymous namespace)::asn1_decode_binary_string<std::__1::allocator<unsigned char> >(std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >&, Botan::BER_Object const&, Botan::ASN1_Type, Botan::ASN1_Type, Botan::ASN1_Class) Line | Count | Source | 504 | 132k | { | 505 | 132k | obj.assert_is_a(type_tag, class_tag); | 506 | | | 507 | 132k | if(real_type == ASN1_Type::OctetString) | 508 | 74.4k | { | 509 | 74.4k | buffer.assign(obj.bits(), obj.bits() + obj.length()); | 510 | 74.4k | } | 511 | 58.2k | else | 512 | 58.2k | { | 513 | 58.2k | if(obj.length() == 0) | 514 | 470 | throw BER_Decoding_Error("Invalid BIT STRING"); | 515 | 57.7k | if(obj.bits()[0] >= 8) | 516 | 274 | throw BER_Decoding_Error("Bad number of unused bits in BIT STRING"); | 517 | | | 518 | 57.4k | buffer.resize(obj.length() - 1); | 519 | | | 520 | 57.4k | if(obj.length() > 1) | 521 | 42.7k | copy_mem(buffer.data(), obj.bits() + 1, obj.length() - 1); | 522 | 57.4k | } | 523 | 132k | } |
|
524 | | |
525 | | } |
526 | | |
527 | | /* |
528 | | * BER decode a BIT STRING or OCTET STRING |
529 | | */ |
530 | | BER_Decoder& BER_Decoder::decode(secure_vector<uint8_t>& buffer, |
531 | | ASN1_Type real_type, |
532 | | ASN1_Type type_tag, ASN1_Class class_tag) |
533 | 9.99k | { |
534 | 9.99k | if(real_type != ASN1_Type::OctetString && real_type != ASN1_Type::BitString) |
535 | 0 | throw BER_Bad_Tag("Bad tag for {BIT,OCTET} STRING", static_cast<uint32_t>(real_type)); |
536 | | |
537 | 9.99k | asn1_decode_binary_string(buffer, get_next_object(), real_type, type_tag, class_tag); |
538 | 9.99k | return (*this); |
539 | 9.99k | } |
540 | | |
541 | | BER_Decoder& BER_Decoder::decode(std::vector<uint8_t>& buffer, |
542 | | ASN1_Type real_type, |
543 | | ASN1_Type type_tag, ASN1_Class class_tag) |
544 | 135k | { |
545 | 135k | if(real_type != ASN1_Type::OctetString && real_type != ASN1_Type::BitString) |
546 | 2.15k | throw BER_Bad_Tag("Bad tag for {BIT,OCTET} STRING", static_cast<uint32_t>(real_type)); |
547 | | |
548 | 132k | asn1_decode_binary_string(buffer, get_next_object(), real_type, type_tag, class_tag); |
549 | 132k | return (*this); |
550 | 135k | } |
551 | | |
552 | | } |