/src/botan/src/lib/asn1/ber_dec.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * BER Decoder |
3 | | * (C) 1999-2008,2015,2017,2018 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/ber_dec.h> |
9 | | |
10 | | #include <botan/bigint.h> |
11 | | #include <botan/internal/loadstor.h> |
12 | | #include <botan/internal/safeint.h> |
13 | | #include <memory> |
14 | | |
15 | | namespace Botan { |
16 | | |
17 | | namespace { |
18 | | |
19 | | /* |
20 | | * This value is somewhat arbitrary. OpenSSL allows up to 128 nested |
21 | | * indefinite length sequences. If you increase this, also increase the |
22 | | * limit in the test in test_asn1.cpp |
23 | | */ |
24 | | const size_t ALLOWED_EOC_NESTINGS = 16; |
25 | | |
26 | | /* |
27 | | * BER decode an ASN.1 type tag |
28 | | */ |
29 | | size_t decode_tag(DataSource* ber, ASN1_Type& type_tag, ASN1_Class& class_tag) |
30 | 3.68M | { |
31 | 3.68M | uint8_t b; |
32 | 3.68M | if(!ber->read_byte(b)) |
33 | 330k | { |
34 | 330k | type_tag = ASN1_Type::NoObject; |
35 | 330k | class_tag = ASN1_Class::NoObject; |
36 | 330k | return 0; |
37 | 330k | } |
38 | | |
39 | 3.35M | if((b & 0x1F) != 0x1F) |
40 | 3.31M | { |
41 | 3.31M | type_tag = ASN1_Type(b & 0x1F); |
42 | 3.31M | class_tag = ASN1_Class(b & 0xE0); |
43 | 3.31M | return 1; |
44 | 3.31M | } |
45 | | |
46 | 37.6k | size_t tag_bytes = 1; |
47 | 37.6k | class_tag = ASN1_Class(b & 0xE0); |
48 | | |
49 | 37.6k | size_t tag_buf = 0; |
50 | 212k | while(true) |
51 | 212k | { |
52 | 212k | if(!ber->read_byte(b)) |
53 | 970 | throw BER_Decoding_Error("Long-form tag truncated"); |
54 | 211k | if(tag_buf & 0xFF000000) |
55 | 559 | throw BER_Decoding_Error("Long-form tag overflowed 32 bits"); |
56 | 210k | ++tag_bytes; |
57 | 210k | tag_buf = (tag_buf << 7) | (b & 0x7F); |
58 | 210k | if((b & 0x80) == 0) break; |
59 | 210k | } |
60 | 36.1k | type_tag = ASN1_Type(tag_buf); |
61 | 36.1k | return tag_bytes; |
62 | 37.6k | } |
63 | | |
64 | | /* |
65 | | * Find the EOC marker |
66 | | */ |
67 | | size_t find_eoc(DataSource* src, size_t allow_indef); |
68 | | |
69 | | /* |
70 | | * BER decode an ASN.1 length field |
71 | | */ |
72 | | size_t decode_length(DataSource* ber, size_t& field_size, size_t allow_indef) |
73 | 3.35M | { |
74 | 3.35M | uint8_t b; |
75 | 3.35M | if(!ber->read_byte(b)) |
76 | 3.42k | throw BER_Decoding_Error("Length field not found"); |
77 | 3.35M | field_size = 1; |
78 | 3.35M | if((b & 0x80) == 0) |
79 | 2.69M | return b; |
80 | | |
81 | 655k | field_size += (b & 0x7F); |
82 | 655k | if(field_size > 5) |
83 | 3.67k | throw BER_Decoding_Error("Length field is too large"); |
84 | | |
85 | 651k | if(field_size == 1) |
86 | 384k | { |
87 | 384k | if(allow_indef == 0) |
88 | 260 | { |
89 | 260 | throw BER_Decoding_Error("Nested EOC markers too deep, rejecting to avoid stack exhaustion"); |
90 | 260 | } |
91 | 384k | else |
92 | 384k | { |
93 | 384k | return find_eoc(ber, allow_indef - 1); |
94 | 384k | } |
95 | 384k | } |
96 | | |
97 | 266k | size_t length = 0; |
98 | | |
99 | 720k | for(size_t i = 0; i != field_size - 1; ++i) |
100 | 454k | { |
101 | 454k | if(get_byte<0>(length) != 0) |
102 | 0 | throw BER_Decoding_Error("Field length overflow"); |
103 | 454k | if(!ber->read_byte(b)) |
104 | 836 | throw BER_Decoding_Error("Corrupted length field"); |
105 | 453k | length = (length << 8) | b; |
106 | 453k | } |
107 | 265k | return length; |
108 | 266k | } |
109 | | |
110 | | /* |
111 | | * Find the EOC marker |
112 | | */ |
113 | | size_t find_eoc(DataSource* ber, size_t allow_indef) |
114 | 384k | { |
115 | 384k | secure_vector<uint8_t> buffer(BOTAN_DEFAULT_BUFFER_SIZE), data; |
116 | | |
117 | 755k | while(true) |
118 | 755k | { |
119 | 755k | const size_t got = ber->peek(buffer.data(), buffer.size(), data.size()); |
120 | 755k | if(got == 0) |
121 | 384k | break; |
122 | | |
123 | 370k | data += std::make_pair(buffer.data(), got); |
124 | 370k | } |
125 | | |
126 | 384k | DataSource_Memory source(data); |
127 | 384k | data.clear(); |
128 | | |
129 | 384k | size_t length = 0; |
130 | 1.57M | while(true) |
131 | 1.56M | { |
132 | 1.56M | ASN1_Type type_tag; |
133 | 1.56M | ASN1_Class class_tag; |
134 | 1.56M | size_t tag_size = decode_tag(&source, type_tag, class_tag); |
135 | 1.56M | if(type_tag == ASN1_Type::NoObject) |
136 | 265k | break; |
137 | | |
138 | 1.29M | size_t length_size = 0; |
139 | 1.29M | size_t item_size = decode_length(&source, length_size, allow_indef); |
140 | 1.29M | source.discard_next(item_size); |
141 | | |
142 | 1.29M | length = BOTAN_CHECKED_ADD(length, item_size); |
143 | 1.29M | length = BOTAN_CHECKED_ADD(length, tag_size); |
144 | 1.29M | length = BOTAN_CHECKED_ADD(length, length_size); |
145 | | |
146 | 1.29M | if(type_tag == ASN1_Type::Eoc && class_tag == ASN1_Class::Universal) |
147 | 112k | break; |
148 | 1.29M | } |
149 | 384k | return length; |
150 | 384k | } |
151 | | |
152 | | class DataSource_BERObject final : public DataSource |
153 | | { |
154 | | public: |
155 | | size_t read(uint8_t out[], size_t length) override |
156 | 23.4M | { |
157 | 23.4M | BOTAN_ASSERT_NOMSG(m_offset <= m_obj.length()); |
158 | 23.4M | const size_t got = std::min<size_t>(m_obj.length() - m_offset, length); |
159 | 23.4M | copy_mem(out, m_obj.bits() + m_offset, got); |
160 | 23.4M | m_offset += got; |
161 | 23.4M | return got; |
162 | 23.4M | } |
163 | | |
164 | | size_t peek(uint8_t out[], size_t length, size_t peek_offset) const override |
165 | 103k | { |
166 | 103k | BOTAN_ASSERT_NOMSG(m_offset <= m_obj.length()); |
167 | 103k | const size_t bytes_left = m_obj.length() - m_offset; |
168 | | |
169 | 103k | if(peek_offset >= bytes_left) |
170 | 54.2k | return 0; |
171 | | |
172 | 49.7k | const size_t got = std::min(bytes_left - peek_offset, length); |
173 | 49.7k | copy_mem(out, m_obj.bits() + peek_offset, got); |
174 | 49.7k | return got; |
175 | 103k | } |
176 | | |
177 | | bool check_available(size_t n) override |
178 | 1.37M | { |
179 | 1.37M | BOTAN_ASSERT_NOMSG(m_offset <= m_obj.length()); |
180 | 1.37M | return (n <= (m_obj.length() - m_offset)); |
181 | 1.37M | } |
182 | | |
183 | | bool end_of_data() const override |
184 | 1.04M | { |
185 | 1.04M | return get_bytes_read() == m_obj.length(); |
186 | 1.04M | } |
187 | | |
188 | 1.04M | size_t get_bytes_read() const override { return m_offset; } |
189 | | |
190 | 743k | explicit DataSource_BERObject(BER_Object&& obj) : m_obj(std::move(obj)), m_offset(0) {} |
191 | | |
192 | | private: |
193 | | BER_Object m_obj; |
194 | | size_t m_offset; |
195 | | }; |
196 | | |
197 | | } |
198 | | |
199 | | /* |
200 | | * Check if more objects are there |
201 | | */ |
202 | | bool BER_Decoder::more_items() const |
203 | 704k | { |
204 | 704k | if(m_source->end_of_data() && !m_pushed.is_set()) |
205 | 209k | return false; |
206 | 494k | return true; |
207 | 704k | } |
208 | | |
209 | | /* |
210 | | * Verify that no bytes remain in the source |
211 | | */ |
212 | | BER_Decoder& BER_Decoder::verify_end() |
213 | 45.6k | { |
214 | 45.6k | return verify_end("BER_Decoder::verify_end called, but data remains"); |
215 | 45.6k | } |
216 | | |
217 | | /* |
218 | | * Verify that no bytes remain in the source |
219 | | */ |
220 | | BER_Decoder& BER_Decoder::verify_end(std::string_view err) |
221 | 65.2k | { |
222 | 65.2k | if(!m_source->end_of_data() || m_pushed.is_set()) |
223 | 567 | throw Decoding_Error(err); |
224 | 64.6k | return (*this); |
225 | 65.2k | } |
226 | | |
227 | | /* |
228 | | * Discard all the bytes remaining in the source |
229 | | */ |
230 | | BER_Decoder& BER_Decoder::discard_remaining() |
231 | 11.7k | { |
232 | 11.7k | uint8_t buf; |
233 | 32.3k | while(m_source->read_byte(buf)) |
234 | 20.5k | {} |
235 | 11.7k | return (*this); |
236 | 11.7k | } |
237 | | |
238 | | /* |
239 | | * Return the BER encoding of the next object |
240 | | */ |
241 | | BER_Object BER_Decoder::get_next_object() |
242 | 2.06M | { |
243 | 2.06M | BER_Object next; |
244 | | |
245 | 2.06M | if(m_pushed.is_set()) |
246 | 115k | { |
247 | 115k | std::swap(next, m_pushed); |
248 | 115k | return next; |
249 | 115k | } |
250 | | |
251 | 1.94M | for(;;) |
252 | 2.12M | { |
253 | 2.12M | ASN1_Type type_tag; |
254 | 2.12M | ASN1_Class class_tag; |
255 | 2.12M | decode_tag(m_source, type_tag, class_tag); |
256 | 2.12M | next.set_tagging(type_tag, class_tag); |
257 | 2.12M | if(next.is_set() == false) // no more objects |
258 | 66.1k | return next; |
259 | | |
260 | 2.05M | size_t field_size; |
261 | 2.05M | const size_t length = decode_length(m_source, field_size, ALLOWED_EOC_NESTINGS); |
262 | 2.05M | if(!m_source->check_available(length)) |
263 | 8.24k | throw BER_Decoding_Error("Value truncated"); |
264 | | |
265 | 2.04M | uint8_t* out = next.mutable_bits(length); |
266 | 2.04M | if(m_source->read(out, length) != length) |
267 | 0 | throw BER_Decoding_Error("Value truncated"); |
268 | | |
269 | 2.04M | if(next.tagging() == static_cast<uint32_t>(ASN1_Type::Eoc)) |
270 | 175k | continue; |
271 | 1.87M | else |
272 | 1.87M | break; |
273 | 2.04M | } |
274 | | |
275 | 1.87M | return next; |
276 | 1.94M | } |
277 | | |
278 | | /* |
279 | | * Push a object back into the stream |
280 | | */ |
281 | | void BER_Decoder::push_back(const BER_Object& obj) |
282 | 9.19k | { |
283 | 9.19k | if(m_pushed.is_set()) |
284 | 0 | throw Invalid_State("BER_Decoder: Only one push back is allowed"); |
285 | 9.19k | m_pushed = obj; |
286 | 9.19k | } |
287 | | |
288 | | void BER_Decoder::push_back(BER_Object&& obj) |
289 | 145k | { |
290 | 145k | if(m_pushed.is_set()) |
291 | 0 | throw Invalid_State("BER_Decoder: Only one push back is allowed"); |
292 | 145k | m_pushed = std::move(obj); |
293 | 145k | } |
294 | | |
295 | | BER_Decoder BER_Decoder::start_cons(ASN1_Type type_tag, ASN1_Class class_tag) |
296 | 751k | { |
297 | 751k | BER_Object obj = get_next_object(); |
298 | 751k | obj.assert_is_a(type_tag, class_tag | ASN1_Class::Constructed); |
299 | 751k | return BER_Decoder(std::move(obj), this); |
300 | 751k | } |
301 | | |
302 | | /* |
303 | | * Finish decoding a CONSTRUCTED type |
304 | | */ |
305 | | BER_Decoder& BER_Decoder::end_cons() |
306 | 528k | { |
307 | 528k | if(!m_parent) |
308 | 0 | throw Invalid_State("BER_Decoder::end_cons called with null parent"); |
309 | 528k | if(!m_source->end_of_data()) |
310 | 2.07k | throw Decoding_Error("BER_Decoder::end_cons called with data left"); |
311 | 526k | return (*m_parent); |
312 | 528k | } |
313 | | |
314 | | BER_Decoder::BER_Decoder(BER_Object&& obj, BER_Decoder* parent) |
315 | 743k | { |
316 | 743k | m_data_src = std::make_unique<DataSource_BERObject>(std::move(obj)); |
317 | 743k | m_source = m_data_src.get(); |
318 | 743k | m_parent = parent; |
319 | 743k | } |
320 | | |
321 | | /* |
322 | | * BER_Decoder Constructor |
323 | | */ |
324 | | BER_Decoder::BER_Decoder(DataSource& src) |
325 | 44.2k | { |
326 | 44.2k | m_source = &src; |
327 | 44.2k | } |
328 | | |
329 | | /* |
330 | | * BER_Decoder Constructor |
331 | | */ |
332 | | BER_Decoder::BER_Decoder(const uint8_t data[], size_t length) |
333 | 87.6k | { |
334 | 87.6k | m_data_src = std::make_unique<DataSource_Memory>(data, length); |
335 | 87.6k | m_source = m_data_src.get(); |
336 | 87.6k | } |
337 | | |
338 | | /* |
339 | | * BER_Decoder Constructor |
340 | | */ |
341 | | BER_Decoder::BER_Decoder(const secure_vector<uint8_t>& data) |
342 | 11.0k | { |
343 | 11.0k | m_data_src = std::make_unique<DataSource_Memory>(data); |
344 | 11.0k | m_source = m_data_src.get(); |
345 | 11.0k | } |
346 | | |
347 | | /* |
348 | | * BER_Decoder Constructor |
349 | | */ |
350 | | BER_Decoder::BER_Decoder(const std::vector<uint8_t>& data) |
351 | 236k | { |
352 | 236k | m_data_src = std::make_unique<DataSource_Memory>(data.data(), data.size()); |
353 | 236k | m_source = m_data_src.get(); |
354 | 236k | } |
355 | | |
356 | | /* |
357 | | * BER_Decoder Copy Constructor |
358 | | */ |
359 | | BER_Decoder::BER_Decoder(const BER_Decoder& other) |
360 | 0 | { |
361 | 0 | m_source = other.m_source; |
362 | | |
363 | | // take ownership |
364 | 0 | std::swap(m_data_src, other.m_data_src); |
365 | 0 | m_parent = other.m_parent; |
366 | 0 | } |
367 | | |
368 | | /* |
369 | | * Request for an object to decode itself |
370 | | */ |
371 | | BER_Decoder& BER_Decoder::decode(ASN1_Object& obj, |
372 | | ASN1_Type /*unused*/, ASN1_Class /*unused*/) |
373 | 772k | { |
374 | 772k | obj.decode_from(*this); |
375 | 772k | return (*this); |
376 | 772k | } |
377 | | |
378 | | /* |
379 | | * Decode a BER encoded NULL |
380 | | */ |
381 | | BER_Decoder& BER_Decoder::decode_null() |
382 | 0 | { |
383 | 0 | BER_Object obj = get_next_object(); |
384 | 0 | obj.assert_is_a(ASN1_Type::Null, ASN1_Class::Universal); |
385 | 0 | if(obj.length() > 0) |
386 | 0 | throw BER_Decoding_Error("NULL object had nonzero size"); |
387 | 0 | return (*this); |
388 | 0 | } |
389 | | |
390 | | BER_Decoder& BER_Decoder::decode_octet_string_bigint(BigInt& out) |
391 | 4.85k | { |
392 | 4.85k | secure_vector<uint8_t> out_vec; |
393 | 4.85k | decode(out_vec, ASN1_Type::OctetString); |
394 | 4.85k | out = BigInt::decode(out_vec.data(), out_vec.size()); |
395 | 4.85k | return (*this); |
396 | 4.85k | } |
397 | | |
398 | | /* |
399 | | * Decode a BER encoded BOOLEAN |
400 | | */ |
401 | | BER_Decoder& BER_Decoder::decode(bool& out, |
402 | | ASN1_Type type_tag, ASN1_Class class_tag) |
403 | 7.95k | { |
404 | 7.95k | BER_Object obj = get_next_object(); |
405 | 7.95k | obj.assert_is_a(type_tag, class_tag); |
406 | | |
407 | 7.95k | if(obj.length() != 1) |
408 | 751 | throw BER_Decoding_Error("BER boolean value had invalid size"); |
409 | | |
410 | 7.20k | out = (obj.bits()[0]) ? true : false; |
411 | 7.20k | return (*this); |
412 | 7.95k | } |
413 | | |
414 | | /* |
415 | | * Decode a small BER encoded INTEGER |
416 | | */ |
417 | | BER_Decoder& BER_Decoder::decode(size_t& out, |
418 | | ASN1_Type type_tag, |
419 | | ASN1_Class class_tag) |
420 | 43.0k | { |
421 | 43.0k | BigInt integer; |
422 | 43.0k | decode(integer, type_tag, class_tag); |
423 | | |
424 | 43.0k | if(integer.is_negative()) |
425 | 930 | throw BER_Decoding_Error("Decoded small integer value was negative"); |
426 | | |
427 | 42.1k | if(integer.bits() > 32) |
428 | 888 | throw BER_Decoding_Error("Decoded integer value larger than expected"); |
429 | | |
430 | 41.2k | out = 0; |
431 | 188k | for(size_t i = 0; i != 4; ++i) |
432 | 147k | out = (out << 8) | integer.byte_at(3-i); |
433 | | |
434 | 41.2k | return (*this); |
435 | 42.1k | } |
436 | | |
437 | | /* |
438 | | * Decode a small BER encoded INTEGER |
439 | | */ |
440 | | uint64_t BER_Decoder::decode_constrained_integer(ASN1_Type type_tag, |
441 | | ASN1_Class class_tag, |
442 | | size_t T_bytes) |
443 | 0 | { |
444 | 0 | if(T_bytes > 8) |
445 | 0 | throw BER_Decoding_Error("Can't decode small integer over 8 bytes"); |
446 | | |
447 | 0 | BigInt integer; |
448 | 0 | decode(integer, type_tag, class_tag); |
449 | |
|
450 | 0 | if(integer.bits() > 8*T_bytes) |
451 | 0 | throw BER_Decoding_Error("Decoded integer value larger than expected"); |
452 | | |
453 | 0 | uint64_t out = 0; |
454 | 0 | for(size_t i = 0; i != 8; ++i) |
455 | 0 | out = (out << 8) | integer.byte_at(7-i); |
456 | |
|
457 | 0 | return out; |
458 | 0 | } |
459 | | |
460 | | /* |
461 | | * Decode a BER encoded INTEGER |
462 | | */ |
463 | | BER_Decoder& BER_Decoder::decode(BigInt& out, |
464 | | ASN1_Type type_tag, |
465 | | ASN1_Class class_tag) |
466 | 151k | { |
467 | 151k | BER_Object obj = get_next_object(); |
468 | 151k | obj.assert_is_a(type_tag, class_tag); |
469 | | |
470 | 151k | if(obj.length() == 0) |
471 | 14.6k | { |
472 | 14.6k | out.clear(); |
473 | 14.6k | } |
474 | 136k | else |
475 | 136k | { |
476 | 136k | const bool negative = (obj.bits()[0] & 0x80) ? true : false; |
477 | | |
478 | 136k | if(negative) |
479 | 7.14k | { |
480 | 7.14k | secure_vector<uint8_t> vec(obj.bits(), obj.bits() + obj.length()); |
481 | 11.4k | for(size_t i = obj.length(); i > 0; --i) |
482 | 11.4k | if(vec[i-1]--) |
483 | 7.14k | break; |
484 | 372k | for(size_t i = 0; i != obj.length(); ++i) |
485 | 365k | vec[i] = ~vec[i]; |
486 | 7.14k | out = BigInt(vec.data(), vec.size()); |
487 | 7.14k | out.flip_sign(); |
488 | 7.14k | } |
489 | 129k | else |
490 | 129k | { |
491 | 129k | out = BigInt(obj.bits(), obj.length()); |
492 | 129k | } |
493 | 136k | } |
494 | | |
495 | 151k | return (*this); |
496 | 151k | } |
497 | | |
498 | | namespace { |
499 | | |
500 | | template<typename Alloc> |
501 | | void asn1_decode_binary_string(std::vector<uint8_t, Alloc>& buffer, |
502 | | const BER_Object& obj, |
503 | | ASN1_Type real_type, |
504 | | ASN1_Type type_tag, |
505 | | ASN1_Class class_tag) |
506 | 172k | { |
507 | 172k | obj.assert_is_a(type_tag, class_tag); |
508 | | |
509 | 172k | if(real_type == ASN1_Type::OctetString) |
510 | 101k | { |
511 | 101k | buffer.assign(obj.bits(), obj.bits() + obj.length()); |
512 | 101k | } |
513 | 71.5k | else |
514 | 71.5k | { |
515 | 71.5k | if(obj.length() == 0) |
516 | 397 | throw BER_Decoding_Error("Invalid BIT STRING"); |
517 | 71.1k | if(obj.bits()[0] >= 8) |
518 | 261 | throw BER_Decoding_Error("Bad number of unused bits in BIT STRING"); |
519 | | |
520 | 70.8k | buffer.resize(obj.length() - 1); |
521 | | |
522 | 70.8k | if(obj.length() > 1) |
523 | 53.0k | copy_mem(buffer.data(), obj.bits() + 1, obj.length() - 1); |
524 | 70.8k | } |
525 | 172k | } ber_dec.cpp:void Botan::(anonymous namespace)::asn1_decode_binary_string<Botan::secure_allocator<unsigned char> >(std::__1::vector<unsigned char, Botan::secure_allocator<unsigned char> >&, Botan::BER_Object const&, Botan::ASN1_Type, Botan::ASN1_Type, Botan::ASN1_Class) Line | Count | Source | 506 | 16.3k | { | 507 | 16.3k | obj.assert_is_a(type_tag, class_tag); | 508 | | | 509 | 16.3k | if(real_type == ASN1_Type::OctetString) | 510 | 14.9k | { | 511 | 14.9k | buffer.assign(obj.bits(), obj.bits() + obj.length()); | 512 | 14.9k | } | 513 | 1.41k | else | 514 | 1.41k | { | 515 | 1.41k | if(obj.length() == 0) | 516 | 2 | throw BER_Decoding_Error("Invalid BIT STRING"); | 517 | 1.40k | if(obj.bits()[0] >= 8) | 518 | 6 | throw BER_Decoding_Error("Bad number of unused bits in BIT STRING"); | 519 | | | 520 | 1.40k | buffer.resize(obj.length() - 1); | 521 | | | 522 | 1.40k | if(obj.length() > 1) | 523 | 1.27k | copy_mem(buffer.data(), obj.bits() + 1, obj.length() - 1); | 524 | 1.40k | } | 525 | 16.3k | } |
ber_dec.cpp:void Botan::(anonymous namespace)::asn1_decode_binary_string<std::__1::allocator<unsigned char> >(std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >&, Botan::BER_Object const&, Botan::ASN1_Type, Botan::ASN1_Type, Botan::ASN1_Class) Line | Count | Source | 506 | 156k | { | 507 | 156k | obj.assert_is_a(type_tag, class_tag); | 508 | | | 509 | 156k | if(real_type == ASN1_Type::OctetString) | 510 | 86.0k | { | 511 | 86.0k | buffer.assign(obj.bits(), obj.bits() + obj.length()); | 512 | 86.0k | } | 513 | 70.1k | else | 514 | 70.1k | { | 515 | 70.1k | if(obj.length() == 0) | 516 | 395 | throw BER_Decoding_Error("Invalid BIT STRING"); | 517 | 69.7k | if(obj.bits()[0] >= 8) | 518 | 255 | throw BER_Decoding_Error("Bad number of unused bits in BIT STRING"); | 519 | | | 520 | 69.4k | buffer.resize(obj.length() - 1); | 521 | | | 522 | 69.4k | if(obj.length() > 1) | 523 | 51.7k | copy_mem(buffer.data(), obj.bits() + 1, obj.length() - 1); | 524 | 69.4k | } | 525 | 156k | } |
|
526 | | |
527 | | } |
528 | | |
529 | | /* |
530 | | * BER decode a BIT STRING or OCTET STRING |
531 | | */ |
532 | | BER_Decoder& BER_Decoder::decode(secure_vector<uint8_t>& buffer, |
533 | | ASN1_Type real_type, |
534 | | ASN1_Type type_tag, ASN1_Class class_tag) |
535 | 16.3k | { |
536 | 16.3k | if(real_type != ASN1_Type::OctetString && real_type != ASN1_Type::BitString) |
537 | 0 | throw BER_Bad_Tag("Bad tag for {BIT,OCTET} STRING", static_cast<uint32_t>(real_type)); |
538 | | |
539 | 16.3k | asn1_decode_binary_string(buffer, get_next_object(), real_type, type_tag, class_tag); |
540 | 16.3k | return (*this); |
541 | 16.3k | } |
542 | | |
543 | | BER_Decoder& BER_Decoder::decode(std::vector<uint8_t>& buffer, |
544 | | ASN1_Type real_type, |
545 | | ASN1_Type type_tag, ASN1_Class class_tag) |
546 | 158k | { |
547 | 158k | if(real_type != ASN1_Type::OctetString && real_type != ASN1_Type::BitString) |
548 | 1.59k | throw BER_Bad_Tag("Bad tag for {BIT,OCTET} STRING", static_cast<uint32_t>(real_type)); |
549 | | |
550 | 156k | asn1_decode_binary_string(buffer, get_next_object(), real_type, type_tag, class_tag); |
551 | 156k | return (*this); |
552 | 158k | } |
553 | | |
554 | | } |