/src/mozilla-central/security/nss/lib/util/secasn1e.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* This Source Code Form is subject to the terms of the Mozilla Public |
2 | | * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 | | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 | | |
5 | | /* |
6 | | * Support for ENcoding ASN.1 data based on BER/DER (Basic/Distinguished |
7 | | * Encoding Rules). |
8 | | */ |
9 | | |
10 | | #include "secasn1.h" |
11 | | |
12 | | typedef enum { |
13 | | beforeHeader, |
14 | | duringContents, |
15 | | duringGroup, |
16 | | duringSequence, |
17 | | afterContents, |
18 | | afterImplicit, |
19 | | afterInline, |
20 | | afterPointer, |
21 | | afterChoice, |
22 | | notInUse |
23 | | } sec_asn1e_parse_place; |
24 | | |
25 | | typedef enum { |
26 | | allDone, |
27 | | encodeError, |
28 | | keepGoing, |
29 | | needBytes |
30 | | } sec_asn1e_parse_status; |
31 | | |
32 | | typedef enum { |
33 | | hdr_normal = 0, /* encode header normally */ |
34 | | hdr_any = 1, /* header already encoded in content */ |
35 | | hdr_decoder = 2, /* template only used by decoder. skip it. */ |
36 | | hdr_optional = 3, /* optional component, to be omitted */ |
37 | | hdr_placeholder = 4 /* place holder for from_buf content */ |
38 | | } sec_asn1e_hdr_encoding; |
39 | | |
40 | | typedef struct sec_asn1e_state_struct { |
41 | | SEC_ASN1EncoderContext *top; |
42 | | const SEC_ASN1Template *theTemplate; |
43 | | void *src; |
44 | | |
45 | | struct sec_asn1e_state_struct *parent; /* aka prev */ |
46 | | struct sec_asn1e_state_struct *child; /* aka next */ |
47 | | |
48 | | sec_asn1e_parse_place place; /* where we are in encoding process */ |
49 | | |
50 | | /* |
51 | | * XXX explain the next fields as clearly as possible... |
52 | | */ |
53 | | unsigned char tag_modifiers; |
54 | | unsigned char tag_number; |
55 | | unsigned long underlying_kind; |
56 | | |
57 | | int depth; |
58 | | |
59 | | PRBool isExplicit, /* we are handling an isExplicit header */ |
60 | | indefinite, /* need end-of-contents */ |
61 | | is_string, /* encoding a simple string or an ANY */ |
62 | | may_stream, /* when streaming, do indefinite encoding */ |
63 | | optional, /* omit field if it has no contents */ |
64 | | disallowStreaming; /* disallow streaming in all sub-templates */ |
65 | | } sec_asn1e_state; |
66 | | |
67 | | /* |
68 | | * An "outsider" will have an opaque pointer to this, created by calling |
69 | | * SEC_ASN1EncoderStart(). It will be passed back in to all subsequent |
70 | | * calls to SEC_ASN1EncoderUpdate() and related routines, and when done |
71 | | * it is passed to SEC_ASN1EncoderFinish(). |
72 | | */ |
73 | | struct sec_EncoderContext_struct { |
74 | | PLArenaPool *our_pool; /* for our internal allocs */ |
75 | | |
76 | | sec_asn1e_state *current; |
77 | | sec_asn1e_parse_status status; |
78 | | |
79 | | PRBool streaming; |
80 | | PRBool from_buf; |
81 | | |
82 | | SEC_ASN1NotifyProc notify_proc; /* call before/after handling field */ |
83 | | void *notify_arg; /* argument to notify_proc */ |
84 | | PRBool during_notify; /* true during call to notify_proc */ |
85 | | |
86 | | SEC_ASN1WriteProc output_proc; /* pass encoded bytes to this */ |
87 | | void *output_arg; /* argument to that function */ |
88 | | }; |
89 | | |
90 | | static sec_asn1e_state * |
91 | | sec_asn1e_push_state(SEC_ASN1EncoderContext *cx, |
92 | | const SEC_ASN1Template *theTemplate, |
93 | | const void *src, PRBool new_depth) |
94 | 0 | { |
95 | 0 | sec_asn1e_state *state, *new_state; |
96 | 0 |
|
97 | 0 | state = cx->current; |
98 | 0 |
|
99 | 0 | new_state = (sec_asn1e_state *)PORT_ArenaZAlloc(cx->our_pool, |
100 | 0 | sizeof(*new_state)); |
101 | 0 | if (new_state == NULL) { |
102 | 0 | cx->status = encodeError; |
103 | 0 | return NULL; |
104 | 0 | } |
105 | 0 | |
106 | 0 | new_state->top = cx; |
107 | 0 | new_state->parent = state; |
108 | 0 | new_state->theTemplate = theTemplate; |
109 | 0 | new_state->place = notInUse; |
110 | 0 | if (src != NULL) |
111 | 0 | new_state->src = (char *)src + theTemplate->offset; |
112 | 0 |
|
113 | 0 | if (state != NULL) { |
114 | 0 | new_state->depth = state->depth; |
115 | 0 | if (new_depth) |
116 | 0 | new_state->depth++; |
117 | 0 | state->child = new_state; |
118 | 0 | } |
119 | 0 |
|
120 | 0 | cx->current = new_state; |
121 | 0 | return new_state; |
122 | 0 | } |
123 | | |
124 | | static void |
125 | | sec_asn1e_scrub_state(sec_asn1e_state *state) |
126 | 0 | { |
127 | 0 | /* |
128 | 0 | * Some default "scrubbing". |
129 | 0 | * XXX right set of initializations? |
130 | 0 | */ |
131 | 0 | state->place = beforeHeader; |
132 | 0 | state->indefinite = PR_FALSE; |
133 | 0 | } |
134 | | |
135 | | static void |
136 | | sec_asn1e_notify_before(SEC_ASN1EncoderContext *cx, void *src, int depth) |
137 | 0 | { |
138 | 0 | if (cx->notify_proc == NULL) |
139 | 0 | return; |
140 | 0 | |
141 | 0 | cx->during_notify = PR_TRUE; |
142 | 0 | (*cx->notify_proc)(cx->notify_arg, PR_TRUE, src, depth); |
143 | 0 | cx->during_notify = PR_FALSE; |
144 | 0 | } |
145 | | |
146 | | static void |
147 | | sec_asn1e_notify_after(SEC_ASN1EncoderContext *cx, void *src, int depth) |
148 | 0 | { |
149 | 0 | if (cx->notify_proc == NULL) |
150 | 0 | return; |
151 | 0 | |
152 | 0 | cx->during_notify = PR_TRUE; |
153 | 0 | (*cx->notify_proc)(cx->notify_arg, PR_FALSE, src, depth); |
154 | 0 | cx->during_notify = PR_FALSE; |
155 | 0 | } |
156 | | |
157 | | static sec_asn1e_state * |
158 | | sec_asn1e_init_state_based_on_template(sec_asn1e_state *state) |
159 | 0 | { |
160 | 0 | PRBool isExplicit, is_string, may_stream, optional, universal; |
161 | 0 | PRBool disallowStreaming; |
162 | 0 | unsigned char tag_modifiers; |
163 | 0 | unsigned long encode_kind, under_kind; |
164 | 0 | unsigned long tag_number; |
165 | 0 | PRBool isInline = PR_FALSE; |
166 | 0 |
|
167 | 0 | encode_kind = state->theTemplate->kind; |
168 | 0 |
|
169 | 0 | universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL) |
170 | 0 | ? PR_TRUE |
171 | 0 | : PR_FALSE; |
172 | 0 |
|
173 | 0 | isExplicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE; |
174 | 0 | encode_kind &= ~SEC_ASN1_EXPLICIT; |
175 | 0 |
|
176 | 0 | optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE; |
177 | 0 | encode_kind &= ~SEC_ASN1_OPTIONAL; |
178 | 0 |
|
179 | 0 | PORT_Assert(!(isExplicit && universal)); /* bad templates */ |
180 | 0 |
|
181 | 0 | may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE; |
182 | 0 | encode_kind &= ~SEC_ASN1_MAY_STREAM; |
183 | 0 |
|
184 | 0 | disallowStreaming = (encode_kind & SEC_ASN1_NO_STREAM) ? PR_TRUE : PR_FALSE; |
185 | 0 | encode_kind &= ~SEC_ASN1_NO_STREAM; |
186 | 0 |
|
187 | 0 | /* Just clear this to get it out of the way; we do not need it here */ |
188 | 0 | encode_kind &= ~SEC_ASN1_DYNAMIC; |
189 | 0 |
|
190 | 0 | if (encode_kind & SEC_ASN1_CHOICE) { |
191 | 0 | under_kind = SEC_ASN1_CHOICE; |
192 | 0 | } else if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || |
193 | 0 | (!universal && !isExplicit)) { |
194 | 0 | const SEC_ASN1Template *subt; |
195 | 0 | void *src = NULL; |
196 | 0 |
|
197 | 0 | PORT_Assert((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0); |
198 | 0 |
|
199 | 0 | sec_asn1e_scrub_state(state); |
200 | 0 |
|
201 | 0 | if (encode_kind & SEC_ASN1_POINTER) { |
202 | 0 | src = *(void **)state->src; |
203 | 0 | state->place = afterPointer; |
204 | 0 |
|
205 | 0 | if (src == NULL) { |
206 | 0 | /* |
207 | 0 | * If this is optional, but NULL, then the field does |
208 | 0 | * not need to be encoded. In this case we are done; |
209 | 0 | * we do not want to push a subtemplate. |
210 | 0 | */ |
211 | 0 | if (optional) |
212 | 0 | return state; |
213 | 0 | |
214 | 0 | /* |
215 | 0 | * XXX this is an error; need to figure out |
216 | 0 | * how to handle this |
217 | 0 | */ |
218 | 0 | } |
219 | 0 | } else { |
220 | 0 | src = state->src; |
221 | 0 | if (encode_kind & SEC_ASN1_INLINE) { |
222 | 0 | /* check that there are no extraneous bits */ |
223 | 0 | /* PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional); */ |
224 | 0 | state->place = afterInline; |
225 | 0 | isInline = PR_TRUE; |
226 | 0 | } else { |
227 | 0 | /* |
228 | 0 | * Save the tag modifiers and tag number here before moving |
229 | 0 | * on to the next state in case this is a member of a |
230 | 0 | * SEQUENCE OF |
231 | 0 | */ |
232 | 0 | state->tag_modifiers = (unsigned char)(encode_kind & (SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK)); |
233 | 0 | state->tag_number = (unsigned char)(encode_kind & SEC_ASN1_TAGNUM_MASK); |
234 | 0 |
|
235 | 0 | state->place = afterImplicit; |
236 | 0 | state->optional = optional; |
237 | 0 | } |
238 | 0 | } |
239 | 0 |
|
240 | 0 | subt = SEC_ASN1GetSubtemplate(state->theTemplate, state->src, PR_TRUE); |
241 | 0 | if (isInline && optional) { |
242 | 0 | /* we only handle a very limited set of optional inline cases at |
243 | 0 | this time */ |
244 | 0 | if (PR_FALSE != SEC_ASN1IsTemplateSimple(subt)) { |
245 | 0 | /* we now know that the target is a SECItem*, so we can check |
246 | 0 | if the source contains one */ |
247 | 0 | SECItem *target = (SECItem *)state->src; |
248 | 0 | if (!target || !target->data || !target->len) { |
249 | 0 | /* no valid data to encode subtemplate */ |
250 | 0 | return state; |
251 | 0 | } |
252 | 0 | } else { |
253 | 0 | PORT_Assert(0); /* complex templates are not handled as |
254 | 0 | inline optional */ |
255 | 0 | } |
256 | 0 | } |
257 | 0 | state = sec_asn1e_push_state(state->top, subt, src, PR_FALSE); |
258 | 0 | if (state == NULL) |
259 | 0 | return state; |
260 | 0 | |
261 | 0 | if (universal) { |
262 | 0 | /* |
263 | 0 | * This is a POINTER or INLINE; just init based on that |
264 | 0 | * and we are done. |
265 | 0 | */ |
266 | 0 | return sec_asn1e_init_state_based_on_template(state); |
267 | 0 | } |
268 | 0 | |
269 | 0 | /* |
270 | 0 | * This is an implicit, non-universal (meaning, application-private |
271 | 0 | * or context-specific) field. This results in a "magic" tag but |
272 | 0 | * encoding based on the underlying type. We pushed a new state |
273 | 0 | * that is based on the subtemplate (the underlying type), but |
274 | 0 | * now we will sort of alias it to give it some of our properties |
275 | 0 | * (tag, optional status, etc.). |
276 | 0 | * |
277 | 0 | * NB: ALL the following flags in the subtemplate are disallowed |
278 | 0 | * and/or ignored: EXPLICIT, OPTIONAL, INNER, INLINE, POINTER. |
279 | 0 | */ |
280 | 0 | |
281 | 0 | under_kind = state->theTemplate->kind; |
282 | 0 | if ((under_kind & SEC_ASN1_MAY_STREAM) && !disallowStreaming) { |
283 | 0 | may_stream = PR_TRUE; |
284 | 0 | } |
285 | 0 | under_kind &= ~(SEC_ASN1_MAY_STREAM | SEC_ASN1_DYNAMIC); |
286 | 0 | } else { |
287 | 0 | under_kind = encode_kind; |
288 | 0 | } |
289 | 0 |
|
290 | 0 | /* |
291 | 0 | * Sanity check that there are no unwanted bits marked in under_kind. |
292 | 0 | * These bits were either removed above (after we recorded them) or |
293 | 0 | * they simply should not be found (signalling a bad/broken template). |
294 | 0 | * XXX is this the right set of bits to test here? (i.e. need to add |
295 | 0 | * or remove any?) |
296 | 0 | */ |
297 | 0 | #define UNEXPECTED_FLAGS \ |
298 | 0 | (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_SKIP | SEC_ASN1_INNER | \ |
299 | 0 | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM | SEC_ASN1_INLINE | SEC_ASN1_POINTER) |
300 | 0 |
|
301 | 0 | PORT_Assert((under_kind & UNEXPECTED_FLAGS) == 0); |
302 | 0 | under_kind &= ~UNEXPECTED_FLAGS; |
303 | 0 | #undef UNEXPECTED_FLAGS |
304 | 0 |
|
305 | 0 | if (encode_kind & SEC_ASN1_ANY) { |
306 | 0 | PORT_Assert(encode_kind == under_kind); |
307 | 0 | tag_modifiers = 0; |
308 | 0 | tag_number = 0; |
309 | 0 | is_string = PR_TRUE; |
310 | 0 | } else { |
311 | 0 | tag_modifiers = (unsigned char)(encode_kind & (SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK)); |
312 | 0 | /* |
313 | 0 | * XXX This assumes only single-octet identifiers. To handle |
314 | 0 | * the HIGH TAG form we would need to do some more work, especially |
315 | 0 | * in how to specify them in the template, because right now we |
316 | 0 | * do not provide a way to specify more *tag* bits in encode_kind. |
317 | 0 | */ |
318 | 0 | tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK; |
319 | 0 |
|
320 | 0 | is_string = PR_FALSE; |
321 | 0 | switch (under_kind & SEC_ASN1_TAGNUM_MASK) { |
322 | 0 | case SEC_ASN1_SET: |
323 | 0 | /* |
324 | 0 | * XXX A plain old SET (as opposed to a SET OF) is not implemented. |
325 | 0 | * If it ever is, remove this assert... |
326 | 0 | */ |
327 | 0 | PORT_Assert((under_kind & SEC_ASN1_GROUP) != 0); |
328 | 0 | /* fallthru */ |
329 | 0 | case SEC_ASN1_SEQUENCE: |
330 | 0 | tag_modifiers |= SEC_ASN1_CONSTRUCTED; |
331 | 0 | break; |
332 | 0 | case SEC_ASN1_BIT_STRING: |
333 | 0 | case SEC_ASN1_BMP_STRING: |
334 | 0 | case SEC_ASN1_GENERALIZED_TIME: |
335 | 0 | case SEC_ASN1_IA5_STRING: |
336 | 0 | case SEC_ASN1_OCTET_STRING: |
337 | 0 | case SEC_ASN1_PRINTABLE_STRING: |
338 | 0 | case SEC_ASN1_T61_STRING: |
339 | 0 | case SEC_ASN1_UNIVERSAL_STRING: |
340 | 0 | case SEC_ASN1_UTC_TIME: |
341 | 0 | case SEC_ASN1_UTF8_STRING: |
342 | 0 | case SEC_ASN1_VISIBLE_STRING: |
343 | 0 | /* |
344 | 0 | * We do not yet know if we will be constructing the string, |
345 | 0 | * so we have to wait to do this final tag modification. |
346 | 0 | */ |
347 | 0 | is_string = PR_TRUE; |
348 | 0 | break; |
349 | 0 | } |
350 | 0 | } |
351 | 0 |
|
352 | 0 | state->tag_modifiers = tag_modifiers; |
353 | 0 | state->tag_number = (unsigned char)tag_number; |
354 | 0 | state->underlying_kind = under_kind; |
355 | 0 | state->isExplicit = isExplicit; |
356 | 0 | state->may_stream = may_stream; |
357 | 0 | state->is_string = is_string; |
358 | 0 | state->optional = optional; |
359 | 0 | state->disallowStreaming = disallowStreaming; |
360 | 0 |
|
361 | 0 | sec_asn1e_scrub_state(state); |
362 | 0 |
|
363 | 0 | return state; |
364 | 0 | } |
365 | | |
366 | | static void |
367 | | sec_asn1e_write_part(sec_asn1e_state *state, |
368 | | const char *buf, unsigned long len, |
369 | | SEC_ASN1EncodingPart part) |
370 | 0 | { |
371 | 0 | SEC_ASN1EncoderContext *cx; |
372 | 0 |
|
373 | 0 | cx = state->top; |
374 | 0 | (*cx->output_proc)(cx->output_arg, buf, len, state->depth, part); |
375 | 0 | } |
376 | | |
377 | | /* |
378 | | * XXX This assumes only single-octet identifiers. To handle |
379 | | * the HIGH TAG form we would need to modify this interface and |
380 | | * teach it to properly encode the special form. |
381 | | */ |
382 | | static void |
383 | | sec_asn1e_write_identifier_bytes(sec_asn1e_state *state, unsigned char value) |
384 | 0 | { |
385 | 0 | char byte; |
386 | 0 |
|
387 | 0 | byte = (char)value; |
388 | 0 | sec_asn1e_write_part(state, &byte, 1, SEC_ASN1_Identifier); |
389 | 0 | } |
390 | | |
391 | | int |
392 | | SEC_ASN1EncodeLength(unsigned char *buf, int value) |
393 | 0 | { |
394 | 0 | int lenlen; |
395 | 0 |
|
396 | 0 | lenlen = SEC_ASN1LengthLength(value); |
397 | 0 | if (lenlen == 1) { |
398 | 0 | buf[0] = value; |
399 | 0 | } else { |
400 | 0 | int i; |
401 | 0 |
|
402 | 0 | i = lenlen - 1; |
403 | 0 | buf[0] = 0x80 | i; |
404 | 0 | while (i) { |
405 | 0 | buf[i--] = value; |
406 | 0 | value >>= 8; |
407 | 0 | } |
408 | 0 | PORT_Assert(value == 0); |
409 | 0 | } |
410 | 0 | return lenlen; |
411 | 0 | } |
412 | | |
413 | | static void |
414 | | sec_asn1e_write_length_bytes(sec_asn1e_state *state, unsigned long value, |
415 | | PRBool indefinite) |
416 | 0 | { |
417 | 0 | int lenlen; |
418 | 0 | unsigned char buf[sizeof(unsigned long) + 1]; |
419 | 0 |
|
420 | 0 | if (indefinite) { |
421 | 0 | PORT_Assert(value == 0); |
422 | 0 | buf[0] = 0x80; |
423 | 0 | lenlen = 1; |
424 | 0 | } else { |
425 | 0 | lenlen = SEC_ASN1EncodeLength(buf, value); |
426 | 0 | } |
427 | 0 |
|
428 | 0 | sec_asn1e_write_part(state, (char *)buf, lenlen, SEC_ASN1_Length); |
429 | 0 | } |
430 | | |
431 | | static void |
432 | | sec_asn1e_write_contents_bytes(sec_asn1e_state *state, |
433 | | const char *buf, unsigned long len) |
434 | 0 | { |
435 | 0 | sec_asn1e_write_part(state, buf, len, SEC_ASN1_Contents); |
436 | 0 | } |
437 | | |
438 | | static void |
439 | | sec_asn1e_write_end_of_contents_bytes(sec_asn1e_state *state) |
440 | 0 | { |
441 | 0 | const char eoc[2] = { 0, 0 }; |
442 | 0 |
|
443 | 0 | sec_asn1e_write_part(state, eoc, 2, SEC_ASN1_EndOfContents); |
444 | 0 | } |
445 | | |
446 | | static int |
447 | | sec_asn1e_which_choice( |
448 | | void *src, |
449 | | const SEC_ASN1Template *theTemplate) |
450 | 0 | { |
451 | 0 | int rv; |
452 | 0 | unsigned int which = *(unsigned int *)src; |
453 | 0 |
|
454 | 0 | for (rv = 1, theTemplate++; theTemplate->kind != 0; rv++, theTemplate++) { |
455 | 0 | if (which == theTemplate->size) { |
456 | 0 | return rv; |
457 | 0 | } |
458 | 0 | } |
459 | 0 |
|
460 | 0 | return 0; |
461 | 0 | } |
462 | | |
463 | | static unsigned long |
464 | | sec_asn1e_contents_length(const SEC_ASN1Template *theTemplate, void *src, |
465 | | PRBool disallowStreaming, PRBool insideIndefinite, |
466 | | sec_asn1e_hdr_encoding *pHdrException) |
467 | 0 | { |
468 | 0 | unsigned long encode_kind, underlying_kind; |
469 | 0 | PRBool isExplicit, optional, universal, may_stream; |
470 | 0 | unsigned long len; |
471 | 0 |
|
472 | 0 | /* |
473 | 0 | * This function currently calculates the length in all cases |
474 | 0 | * except the following: when writing out the contents of a |
475 | 0 | * template that belongs to a state where it was a sub-template |
476 | 0 | * with the SEC_ASN1_MAY_STREAM bit set and it's parent had the |
477 | 0 | * optional bit set. The information that the parent is optional |
478 | 0 | * and that we should return the length of 0 when that length is |
479 | 0 | * present since that means the optional field is no longer present. |
480 | 0 | * So we add the disallowStreaming flag which is passed in when |
481 | 0 | * writing the contents, but for all recursive calls to |
482 | 0 | * sec_asn1e_contents_length, we pass PR_FALSE, because this |
483 | 0 | * function correctly calculates the length for children templates |
484 | 0 | * from that point on. Confused yet? At least you didn't have |
485 | 0 | * to figure it out. ;) -javi |
486 | 0 | */ |
487 | 0 | encode_kind = theTemplate->kind; |
488 | 0 |
|
489 | 0 | universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL) |
490 | 0 | ? PR_TRUE |
491 | 0 | : PR_FALSE; |
492 | 0 |
|
493 | 0 | isExplicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE; |
494 | 0 | encode_kind &= ~SEC_ASN1_EXPLICIT; |
495 | 0 |
|
496 | 0 | optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE; |
497 | 0 | encode_kind &= ~SEC_ASN1_OPTIONAL; |
498 | 0 |
|
499 | 0 | PORT_Assert(!(isExplicit && universal)); /* bad templates */ |
500 | 0 |
|
501 | 0 | may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE; |
502 | 0 | encode_kind &= ~SEC_ASN1_MAY_STREAM; |
503 | 0 |
|
504 | 0 | /* Just clear this to get it out of the way; we do not need it here */ |
505 | 0 | encode_kind &= ~SEC_ASN1_DYNAMIC; |
506 | 0 |
|
507 | 0 | if (encode_kind & SEC_ASN1_NO_STREAM) { |
508 | 0 | disallowStreaming = PR_TRUE; |
509 | 0 | } |
510 | 0 | encode_kind &= ~SEC_ASN1_NO_STREAM; |
511 | 0 |
|
512 | 0 | if (encode_kind & SEC_ASN1_CHOICE) { |
513 | 0 | void *src2; |
514 | 0 | int indx = sec_asn1e_which_choice(src, theTemplate); |
515 | 0 | if (0 == indx) { |
516 | 0 | /* XXX set an error? "choice not found" */ |
517 | 0 | /* state->top->status = encodeError; */ |
518 | 0 | return 0; |
519 | 0 | } |
520 | 0 | |
521 | 0 | src2 = (void *)((char *)src - theTemplate->offset + theTemplate[indx].offset); |
522 | 0 |
|
523 | 0 | return sec_asn1e_contents_length(&theTemplate[indx], src2, |
524 | 0 | disallowStreaming, insideIndefinite, |
525 | 0 | pHdrException); |
526 | 0 | } |
527 | 0 | |
528 | 0 | if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || !universal) { |
529 | 0 | /* XXX any bits we want to disallow (PORT_Assert against) here? */ |
530 | 0 | theTemplate = SEC_ASN1GetSubtemplate(theTemplate, src, PR_TRUE); |
531 | 0 | if (encode_kind & SEC_ASN1_POINTER) { |
532 | 0 | src = *(void **)src; |
533 | 0 | if (src == NULL) { |
534 | 0 | *pHdrException = optional ? hdr_optional : hdr_normal; |
535 | 0 | return 0; |
536 | 0 | } |
537 | 0 | } else if (encode_kind & SEC_ASN1_INLINE) { |
538 | 0 | /* check that there are no extraneous bits */ |
539 | 0 | if (optional) { |
540 | 0 | if (PR_FALSE != SEC_ASN1IsTemplateSimple(theTemplate)) { |
541 | 0 | /* we now know that the target is a SECItem*, so we can check |
542 | 0 | if the source contains one */ |
543 | 0 | SECItem *target = (SECItem *)src; |
544 | 0 | if (!target || !target->data || !target->len) { |
545 | 0 | /* no valid data to encode subtemplate */ |
546 | 0 | *pHdrException = hdr_optional; |
547 | 0 | return 0; |
548 | 0 | } |
549 | 0 | } else { |
550 | 0 | PORT_Assert(0); /* complex templates not handled as inline |
551 | 0 | optional */ |
552 | 0 | } |
553 | 0 | } |
554 | 0 | } |
555 | 0 |
|
556 | 0 | src = (char *)src + theTemplate->offset; |
557 | 0 |
|
558 | 0 | /* recurse to find the length of the subtemplate */ |
559 | 0 | len = sec_asn1e_contents_length(theTemplate, src, disallowStreaming, |
560 | 0 | insideIndefinite, pHdrException); |
561 | 0 | if (len == 0 && optional) { |
562 | 0 | *pHdrException = hdr_optional; |
563 | 0 | } else if (isExplicit) { |
564 | 0 | if (*pHdrException == hdr_any) { |
565 | 0 | /* *we* do not want to add in a header, |
566 | 0 | ** but our caller still does. |
567 | 0 | */ |
568 | 0 | *pHdrException = hdr_normal; |
569 | 0 | } else if (*pHdrException == hdr_normal) { |
570 | 0 | /* if the inner content exists, our length is |
571 | 0 | * len(identifier) + len(length) + len(innercontent) |
572 | 0 | * XXX we currently assume len(identifier) == 1; |
573 | 0 | * to support a high-tag-number this would need to be smarter. |
574 | 0 | */ |
575 | 0 | len += 1 + SEC_ASN1LengthLength(len); |
576 | 0 | } |
577 | 0 | } |
578 | 0 | return len; |
579 | 0 | } |
580 | 0 | underlying_kind = encode_kind; |
581 | 0 |
|
582 | 0 | /* This is only used in decoding; it plays no part in encoding. */ |
583 | 0 | if (underlying_kind & SEC_ASN1_SAVE) { |
584 | 0 | /* check that there are no extraneous bits */ |
585 | 0 | PORT_Assert(underlying_kind == SEC_ASN1_SAVE); |
586 | 0 | *pHdrException = hdr_decoder; |
587 | 0 | return 0; |
588 | 0 | } |
589 | 0 |
|
590 | 0 | #define UNEXPECTED_FLAGS \ |
591 | 0 | (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_INLINE | SEC_ASN1_POINTER | \ |
592 | 0 | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM | SEC_ASN1_SAVE | SEC_ASN1_SKIP) |
593 | 0 |
|
594 | 0 | /* Having any of these bits is not expected here... */ |
595 | 0 | PORT_Assert((underlying_kind & UNEXPECTED_FLAGS) == 0); |
596 | 0 | underlying_kind &= ~UNEXPECTED_FLAGS; |
597 | 0 | #undef UNEXPECTED_FLAGS |
598 | 0 |
|
599 | 0 | if (underlying_kind & SEC_ASN1_CHOICE) { |
600 | 0 | void *src2; |
601 | 0 | int indx = sec_asn1e_which_choice(src, theTemplate); |
602 | 0 | if (0 == indx) { |
603 | 0 | /* XXX set an error? "choice not found" */ |
604 | 0 | /* state->top->status = encodeError; */ |
605 | 0 | return 0; |
606 | 0 | } |
607 | 0 | |
608 | 0 | src2 = (void *)((char *)src - theTemplate->offset + theTemplate[indx].offset); |
609 | 0 | len = sec_asn1e_contents_length(&theTemplate[indx], src2, |
610 | 0 | disallowStreaming, insideIndefinite, |
611 | 0 | pHdrException); |
612 | 0 | } else { |
613 | 0 | switch (underlying_kind) { |
614 | 0 | case SEC_ASN1_SEQUENCE_OF: |
615 | 0 | case SEC_ASN1_SET_OF: { |
616 | 0 | const SEC_ASN1Template *tmpt; |
617 | 0 | void *sub_src; |
618 | 0 | unsigned long sub_len; |
619 | 0 | void **group; |
620 | 0 |
|
621 | 0 | len = 0; |
622 | 0 |
|
623 | 0 | group = *(void ***)src; |
624 | 0 | if (group == NULL) |
625 | 0 | break; |
626 | 0 | |
627 | 0 | tmpt = SEC_ASN1GetSubtemplate(theTemplate, src, PR_TRUE); |
628 | 0 |
|
629 | 0 | for (; *group != NULL; group++) { |
630 | 0 | sub_src = (char *)(*group) + tmpt->offset; |
631 | 0 | sub_len = sec_asn1e_contents_length(tmpt, sub_src, |
632 | 0 | disallowStreaming, |
633 | 0 | insideIndefinite, |
634 | 0 | pHdrException); |
635 | 0 | len += sub_len; |
636 | 0 | /* |
637 | 0 | * XXX The 1 below is the presumed length of the identifier; |
638 | 0 | * to support a high-tag-number this would need to be smarter. |
639 | 0 | */ |
640 | 0 | if (*pHdrException == hdr_normal) |
641 | 0 | len += 1 + SEC_ASN1LengthLength(sub_len); |
642 | 0 | } |
643 | 0 | } break; |
644 | 0 |
|
645 | 0 | case SEC_ASN1_SEQUENCE: |
646 | 0 | case SEC_ASN1_SET: { |
647 | 0 | const SEC_ASN1Template *tmpt; |
648 | 0 | void *sub_src; |
649 | 0 | unsigned long sub_len; |
650 | 0 |
|
651 | 0 | len = 0; |
652 | 0 | for (tmpt = theTemplate + 1; tmpt->kind; tmpt++) { |
653 | 0 | sub_src = (char *)src + tmpt->offset; |
654 | 0 | sub_len = sec_asn1e_contents_length(tmpt, sub_src, |
655 | 0 | disallowStreaming, |
656 | 0 | insideIndefinite, |
657 | 0 | pHdrException); |
658 | 0 | len += sub_len; |
659 | 0 | /* |
660 | 0 | * XXX The 1 below is the presumed length of the identifier; |
661 | 0 | * to support a high-tag-number this would need to be smarter. |
662 | 0 | */ |
663 | 0 | if (*pHdrException == hdr_normal) |
664 | 0 | len += 1 + SEC_ASN1LengthLength(sub_len); |
665 | 0 | } |
666 | 0 | } break; |
667 | 0 |
|
668 | 0 | case SEC_ASN1_BIT_STRING: |
669 | 0 | /* convert bit length to byte */ |
670 | 0 | len = (((SECItem *)src)->len + 7) >> 3; |
671 | 0 | /* bit string contents involve an extra octet */ |
672 | 0 | if (len) |
673 | 0 | len++; |
674 | 0 | break; |
675 | 0 |
|
676 | 0 | case SEC_ASN1_INTEGER: |
677 | 0 | /* ASN.1 INTEGERs are signed. |
678 | 0 | * If the source is an unsigned integer, the encoder will need |
679 | 0 | * to handle the conversion here. |
680 | 0 | */ |
681 | 0 | { |
682 | 0 | unsigned char *buf = ((SECItem *)src)->data; |
683 | 0 | SECItemType integerType = ((SECItem *)src)->type; |
684 | 0 | len = ((SECItem *)src)->len; |
685 | 0 | while (len > 0) { |
686 | 0 | if (*buf != 0) { |
687 | 0 | if (*buf & 0x80 && integerType == siUnsignedInteger) { |
688 | 0 | len++; /* leading zero needed to make number signed */ |
689 | 0 | } |
690 | 0 | break; /* reached beginning of number */ |
691 | 0 | } |
692 | 0 | if (len == 1) { |
693 | 0 | break; /* the number 0 */ |
694 | 0 | } |
695 | 0 | if (buf[1] & 0x80) { |
696 | 0 | break; /* leading zero already present */ |
697 | 0 | } |
698 | 0 | /* extraneous leading zero, keep going */ |
699 | 0 | buf++; |
700 | 0 | len--; |
701 | 0 | } |
702 | 0 | } |
703 | 0 | break; |
704 | 0 |
|
705 | 0 | default: |
706 | 0 | len = ((SECItem *)src)->len; |
707 | 0 | break; |
708 | 0 | } /* end switch */ |
709 | 0 | |
710 | 0 | #ifndef WHAT_PROBLEM_DOES_THIS_SOLVE |
711 | 0 | /* if we're streaming, we may have a secitem w/len 0 as placeholder */ |
712 | 0 | if (!len && insideIndefinite && may_stream && !disallowStreaming) { |
713 | 0 | len = 1; |
714 | 0 | } |
715 | 0 | #endif |
716 | 0 | } /* end else */ |
717 | 0 |
|
718 | 0 | if (len == 0 && optional) |
719 | 0 | *pHdrException = hdr_optional; |
720 | 0 | else if (underlying_kind == SEC_ASN1_ANY) |
721 | 0 | *pHdrException = hdr_any; |
722 | 0 | else |
723 | 0 | *pHdrException = hdr_normal; |
724 | 0 |
|
725 | 0 | return len; |
726 | 0 | } |
727 | | |
728 | | static void |
729 | | sec_asn1e_write_header(sec_asn1e_state *state) |
730 | 0 | { |
731 | 0 | unsigned long contents_length; |
732 | 0 | unsigned char tag_number, tag_modifiers; |
733 | 0 | sec_asn1e_hdr_encoding hdrException = hdr_normal; |
734 | 0 | PRBool indefinite = PR_FALSE; |
735 | 0 |
|
736 | 0 | PORT_Assert(state->place == beforeHeader); |
737 | 0 |
|
738 | 0 | tag_number = state->tag_number; |
739 | 0 | tag_modifiers = state->tag_modifiers; |
740 | 0 |
|
741 | 0 | if (state->underlying_kind == SEC_ASN1_ANY) { |
742 | 0 | state->place = duringContents; |
743 | 0 | return; |
744 | 0 | } |
745 | 0 | |
746 | 0 | if (state->underlying_kind & SEC_ASN1_CHOICE) { |
747 | 0 | int indx = sec_asn1e_which_choice(state->src, state->theTemplate); |
748 | 0 | if (0 == indx) { |
749 | 0 | /* XXX set an error? "choice not found" */ |
750 | 0 | state->top->status = encodeError; |
751 | 0 | return; |
752 | 0 | } |
753 | 0 | state->place = afterChoice; |
754 | 0 | state = sec_asn1e_push_state(state->top, &state->theTemplate[indx], |
755 | 0 | (char *)state->src - state->theTemplate->offset, |
756 | 0 | PR_TRUE); |
757 | 0 | if (state) { |
758 | 0 | /* |
759 | 0 | * Do the "before" field notification. |
760 | 0 | */ |
761 | 0 | sec_asn1e_notify_before(state->top, state->src, state->depth); |
762 | 0 | (void)sec_asn1e_init_state_based_on_template(state); |
763 | 0 | } |
764 | 0 | return; |
765 | 0 | } |
766 | 0 |
|
767 | 0 | /* The !isString test below is apparently intended to ensure that all |
768 | 0 | ** constructed types receive indefinite length encoding. |
769 | 0 | */ |
770 | 0 | indefinite = (PRBool)(state->top->streaming && state->may_stream && |
771 | 0 | (state->top->from_buf || !state->is_string)); |
772 | 0 |
|
773 | 0 | /* |
774 | 0 | * If we are doing a definite-length encoding, first we have to |
775 | 0 | * walk the data structure to calculate the entire contents length. |
776 | 0 | * If we are doing an indefinite-length encoding, we still need to |
777 | 0 | * know if the contents is: |
778 | 0 | * optional and to be omitted, or |
779 | 0 | * an ANY (header is pre-encoded), or |
780 | 0 | * a SAVE or some other kind of template used only by the decoder. |
781 | 0 | * So, we call this function either way. |
782 | 0 | */ |
783 | 0 | contents_length = sec_asn1e_contents_length(state->theTemplate, |
784 | 0 | state->src, |
785 | 0 | state->disallowStreaming, |
786 | 0 | indefinite, |
787 | 0 | &hdrException); |
788 | 0 | /* |
789 | 0 | * We might be told explicitly not to put out a header. |
790 | 0 | * But it can also be the case, via a pushed subtemplate, that |
791 | 0 | * sec_asn1e_contents_length could not know that this field is |
792 | 0 | * really optional. So check for that explicitly, too. |
793 | 0 | */ |
794 | 0 | if (hdrException != hdr_normal || |
795 | 0 | (contents_length == 0 && state->optional)) { |
796 | 0 | state->place = afterContents; |
797 | 0 | if (state->top->streaming && |
798 | 0 | state->may_stream && |
799 | 0 | state->top->from_buf) { |
800 | 0 | /* we did not find an optional indefinite string, so we |
801 | 0 | * don't encode it. However, if TakeFromBuf is on, we stop |
802 | 0 | * here anyway to give our caller a chance to intercept at the |
803 | 0 | * same point where we would stop if the field were present. |
804 | 0 | */ |
805 | 0 | state->top->status = needBytes; |
806 | 0 | } |
807 | 0 | return; |
808 | 0 | } |
809 | 0 |
|
810 | 0 | if (indefinite) { |
811 | 0 | /* |
812 | 0 | * We need to put out an indefinite-length encoding. |
813 | 0 | * The only universal types that can be constructed are SETs, |
814 | 0 | * SEQUENCEs, and strings; so check that it is one of those, |
815 | 0 | * or that it is not universal (e.g. context-specific). |
816 | 0 | */ |
817 | 0 | state->indefinite = PR_TRUE; |
818 | 0 | PORT_Assert((tag_number == SEC_ASN1_SET) || (tag_number == SEC_ASN1_SEQUENCE) || ((tag_modifiers & SEC_ASN1_CLASS_MASK) != 0) || state->is_string); |
819 | 0 | tag_modifiers |= SEC_ASN1_CONSTRUCTED; |
820 | 0 | contents_length = 0; |
821 | 0 | } |
822 | 0 |
|
823 | 0 | sec_asn1e_write_identifier_bytes(state, |
824 | 0 | (unsigned char)(tag_number | tag_modifiers)); |
825 | 0 | sec_asn1e_write_length_bytes(state, contents_length, state->indefinite); |
826 | 0 |
|
827 | 0 | if (contents_length == 0 && !state->indefinite) { |
828 | 0 | /* |
829 | 0 | * If no real contents to encode, then we are done with this field. |
830 | 0 | */ |
831 | 0 | state->place = afterContents; |
832 | 0 | return; |
833 | 0 | } |
834 | 0 | |
835 | 0 | /* |
836 | 0 | * An EXPLICIT is nothing but an outer header, which we have already |
837 | 0 | * written. Now we need to do the inner header and contents. |
838 | 0 | */ |
839 | 0 | if (state->isExplicit) { |
840 | 0 | const SEC_ASN1Template *subt = |
841 | 0 | SEC_ASN1GetSubtemplate(state->theTemplate, state->src, PR_TRUE); |
842 | 0 | state->place = afterContents; |
843 | 0 | state = sec_asn1e_push_state(state->top, subt, state->src, PR_TRUE); |
844 | 0 | if (state != NULL) { |
845 | 0 | (void)sec_asn1e_init_state_based_on_template(state); |
846 | 0 | } |
847 | 0 | return; |
848 | 0 | } |
849 | 0 |
|
850 | 0 | switch (state->underlying_kind) { |
851 | 0 | case SEC_ASN1_SET_OF: |
852 | 0 | case SEC_ASN1_SEQUENCE_OF: |
853 | 0 | /* |
854 | 0 | * We need to push a child to handle each member. |
855 | 0 | */ |
856 | 0 | { |
857 | 0 | void **group; |
858 | 0 | const SEC_ASN1Template *subt; |
859 | 0 |
|
860 | 0 | group = *(void ***)state->src; |
861 | 0 | if (group == NULL || *group == NULL) { |
862 | 0 | /* |
863 | 0 | * Group is empty; we are done. |
864 | 0 | */ |
865 | 0 | state->place = afterContents; |
866 | 0 | return; |
867 | 0 | } |
868 | 0 | state->place = duringGroup; |
869 | 0 | subt = SEC_ASN1GetSubtemplate(state->theTemplate, state->src, |
870 | 0 | PR_TRUE); |
871 | 0 | state = sec_asn1e_push_state(state->top, subt, *group, PR_TRUE); |
872 | 0 | if (state != NULL) { |
873 | 0 | (void)sec_asn1e_init_state_based_on_template(state); |
874 | 0 | } |
875 | 0 | } |
876 | 0 | break; |
877 | 0 |
|
878 | 0 | case SEC_ASN1_SEQUENCE: |
879 | 0 | case SEC_ASN1_SET: |
880 | 0 | /* |
881 | 0 | * We need to push a child to handle the individual fields. |
882 | 0 | */ |
883 | 0 | state->place = duringSequence; |
884 | 0 | state = sec_asn1e_push_state(state->top, state->theTemplate + 1, |
885 | 0 | state->src, PR_TRUE); |
886 | 0 | if (state != NULL) { |
887 | 0 | /* |
888 | 0 | * Do the "before" field notification. |
889 | 0 | */ |
890 | 0 | sec_asn1e_notify_before(state->top, state->src, state->depth); |
891 | 0 | (void)sec_asn1e_init_state_based_on_template(state); |
892 | 0 | } |
893 | 0 | break; |
894 | 0 |
|
895 | 0 | default: |
896 | 0 | /* |
897 | 0 | * I think we do not need to do anything else. |
898 | 0 | * XXX Correct? |
899 | 0 | */ |
900 | 0 | state->place = duringContents; |
901 | 0 | break; |
902 | 0 | } |
903 | 0 | } |
904 | | |
905 | | static void |
906 | | sec_asn1e_write_contents_from_buf(sec_asn1e_state *state, |
907 | | const char *buf, unsigned long len) |
908 | 0 | { |
909 | 0 | PORT_Assert(state->place == duringContents); |
910 | 0 | PORT_Assert(state->top->from_buf); |
911 | 0 | PORT_Assert(state->may_stream && !state->disallowStreaming); |
912 | 0 |
|
913 | 0 | /* |
914 | 0 | * Probably they just turned on "take from buf", but have not |
915 | 0 | * yet given us any bytes. If there is nothing in the buffer |
916 | 0 | * then we have nothing to do but return and wait. |
917 | 0 | */ |
918 | 0 | if (buf == NULL || len == 0) { |
919 | 0 | state->top->status = needBytes; |
920 | 0 | return; |
921 | 0 | } |
922 | 0 | /* |
923 | 0 | * We are streaming, reading from a passed-in buffer. |
924 | 0 | * This means we are encoding a simple string or an ANY. |
925 | 0 | * For the former, we need to put out a substring, with its |
926 | 0 | * own identifier and length. For an ANY, we just write it |
927 | 0 | * out as is (our caller is required to ensure that it |
928 | 0 | * is a properly encoded entity). |
929 | 0 | */ |
930 | 0 | PORT_Assert(state->is_string); /* includes ANY */ |
931 | 0 | if (state->underlying_kind != SEC_ASN1_ANY) { |
932 | 0 | unsigned char identifier; |
933 | 0 |
|
934 | 0 | /* |
935 | 0 | * Create the identifier based on underlying_kind. We cannot |
936 | 0 | * use tag_number and tag_modifiers because this can be an |
937 | 0 | * implicitly encoded field. In that case, the underlying |
938 | 0 | * substrings *are* encoded with their real tag. |
939 | 0 | */ |
940 | 0 | identifier = (unsigned char)(state->underlying_kind & SEC_ASN1_TAG_MASK); |
941 | 0 | /* |
942 | 0 | * The underlying kind should just be a simple string; there |
943 | 0 | * should be no bits like CONTEXT_SPECIFIC or CONSTRUCTED set. |
944 | 0 | */ |
945 | 0 | PORT_Assert((identifier & SEC_ASN1_TAGNUM_MASK) == identifier); |
946 | 0 | /* |
947 | 0 | * Write out the tag and length for the substring. |
948 | 0 | */ |
949 | 0 | sec_asn1e_write_identifier_bytes(state, identifier); |
950 | 0 | if (state->underlying_kind == SEC_ASN1_BIT_STRING) { |
951 | 0 | char byte; |
952 | 0 | /* |
953 | 0 | * Assume we have a length in bytes but we need to output |
954 | 0 | * a proper bit string. This interface only works for bit |
955 | 0 | * strings that are full multiples of 8. If support for |
956 | 0 | * real, variable length bit strings is needed then the |
957 | 0 | * caller will have to know to pass in a bit length instead |
958 | 0 | * of a byte length and then this code will have to |
959 | 0 | * perform the encoding necessary (length written is length |
960 | 0 | * in bytes plus 1, and the first octet of string is the |
961 | 0 | * number of bits remaining between the end of the bit |
962 | 0 | * string and the next byte boundary). |
963 | 0 | */ |
964 | 0 | sec_asn1e_write_length_bytes(state, len + 1, PR_FALSE); |
965 | 0 | byte = 0; |
966 | 0 | sec_asn1e_write_contents_bytes(state, &byte, 1); |
967 | 0 | } else { |
968 | 0 | sec_asn1e_write_length_bytes(state, len, PR_FALSE); |
969 | 0 | } |
970 | 0 | } |
971 | 0 | sec_asn1e_write_contents_bytes(state, buf, len); |
972 | 0 | state->top->status = needBytes; |
973 | 0 | } |
974 | | |
975 | | static void |
976 | | sec_asn1e_write_contents(sec_asn1e_state *state) |
977 | 0 | { |
978 | 0 | unsigned long len = 0; |
979 | 0 |
|
980 | 0 | PORT_Assert(state->place == duringContents); |
981 | 0 |
|
982 | 0 | switch (state->underlying_kind) { |
983 | 0 | case SEC_ASN1_SET: |
984 | 0 | case SEC_ASN1_SEQUENCE: |
985 | 0 | PORT_Assert(0); |
986 | 0 | break; |
987 | 0 |
|
988 | 0 | case SEC_ASN1_BIT_STRING: { |
989 | 0 | SECItem *item; |
990 | 0 | char rem; |
991 | 0 |
|
992 | 0 | item = (SECItem *)state->src; |
993 | 0 | len = (item->len + 7) >> 3; |
994 | 0 | rem = (unsigned char)((len << 3) - item->len); /* remaining bits */ |
995 | 0 | sec_asn1e_write_contents_bytes(state, &rem, 1); |
996 | 0 | sec_asn1e_write_contents_bytes(state, (char *)item->data, len); |
997 | 0 | } break; |
998 | 0 |
|
999 | 0 | case SEC_ASN1_BMP_STRING: |
1000 | 0 | /* The number of bytes must be divisable by 2 */ |
1001 | 0 | if ((((SECItem *)state->src)->len) % 2) { |
1002 | 0 | SEC_ASN1EncoderContext *cx; |
1003 | 0 |
|
1004 | 0 | cx = state->top; |
1005 | 0 | cx->status = encodeError; |
1006 | 0 | break; |
1007 | 0 | } |
1008 | 0 | /* otherwise, fall through to write the content */ |
1009 | 0 | goto process_string; |
1010 | 0 |
|
1011 | 0 | case SEC_ASN1_UNIVERSAL_STRING: |
1012 | 0 | /* The number of bytes must be divisable by 4 */ |
1013 | 0 | if ((((SECItem *)state->src)->len) % 4) { |
1014 | 0 | SEC_ASN1EncoderContext *cx; |
1015 | 0 |
|
1016 | 0 | cx = state->top; |
1017 | 0 | cx->status = encodeError; |
1018 | 0 | break; |
1019 | 0 | } |
1020 | 0 | /* otherwise, fall through to write the content */ |
1021 | 0 | goto process_string; |
1022 | 0 |
|
1023 | 0 | case SEC_ASN1_INTEGER: |
1024 | 0 | /* ASN.1 INTEGERs are signed. If the source is an unsigned |
1025 | 0 | * integer, the encoder will need to handle the conversion here. |
1026 | 0 | */ |
1027 | 0 | { |
1028 | 0 | unsigned int blen; |
1029 | 0 | unsigned char *buf; |
1030 | 0 | SECItemType integerType; |
1031 | 0 | blen = ((SECItem *)state->src)->len; |
1032 | 0 | buf = ((SECItem *)state->src)->data; |
1033 | 0 | integerType = ((SECItem *)state->src)->type; |
1034 | 0 | while (blen > 0) { |
1035 | 0 | if (*buf & 0x80 && integerType == siUnsignedInteger) { |
1036 | 0 | char zero = 0; /* write a leading 0 */ |
1037 | 0 | sec_asn1e_write_contents_bytes(state, &zero, 1); |
1038 | 0 | /* and then the remaining buffer */ |
1039 | 0 | sec_asn1e_write_contents_bytes(state, |
1040 | 0 | (char *)buf, blen); |
1041 | 0 | break; |
1042 | 0 | } |
1043 | 0 | /* Check three possibilities: |
1044 | 0 | * 1. No leading zeros, msb of MSB is not 1; |
1045 | 0 | * 2. The number is zero itself; |
1046 | 0 | * 3. Encoding a signed integer with a leading zero, |
1047 | 0 | * keep the zero so that the number is positive. |
1048 | 0 | */ |
1049 | 0 | if (*buf != 0 || |
1050 | 0 | blen == 1 || |
1051 | 0 | (buf[1] & 0x80 && integerType != siUnsignedInteger)) { |
1052 | 0 | sec_asn1e_write_contents_bytes(state, |
1053 | 0 | (char *)buf, blen); |
1054 | 0 | break; |
1055 | 0 | } |
1056 | 0 | /* byte is 0, continue */ |
1057 | 0 | buf++; |
1058 | 0 | blen--; |
1059 | 0 | } |
1060 | 0 | } |
1061 | 0 | /* done with this content */ |
1062 | 0 | break; |
1063 | 0 |
|
1064 | 0 | process_string: |
1065 | 0 | default: { |
1066 | 0 | SECItem *item; |
1067 | 0 |
|
1068 | 0 | item = (SECItem *)state->src; |
1069 | 0 | sec_asn1e_write_contents_bytes(state, (char *)item->data, |
1070 | 0 | item->len); |
1071 | 0 | } break; |
1072 | 0 | } |
1073 | 0 | state->place = afterContents; |
1074 | 0 | } |
1075 | | |
1076 | | /* |
1077 | | * We are doing a SET OF or SEQUENCE OF, and have just finished an item. |
1078 | | */ |
1079 | | static void |
1080 | | sec_asn1e_next_in_group(sec_asn1e_state *state) |
1081 | 0 | { |
1082 | 0 | sec_asn1e_state *child; |
1083 | 0 | void **group; |
1084 | 0 | void *member; |
1085 | 0 |
|
1086 | 0 | PORT_Assert(state->place == duringGroup); |
1087 | 0 | PORT_Assert(state->child != NULL); |
1088 | 0 |
|
1089 | 0 | child = state->child; |
1090 | 0 |
|
1091 | 0 | group = *(void ***)state->src; |
1092 | 0 |
|
1093 | 0 | /* |
1094 | 0 | * Find placement of current item. |
1095 | 0 | */ |
1096 | 0 | member = (char *)(state->child->src) - child->theTemplate->offset; |
1097 | 0 | while (*group != member) |
1098 | 0 | group++; |
1099 | 0 |
|
1100 | 0 | /* |
1101 | 0 | * Move forward to next item. |
1102 | 0 | */ |
1103 | 0 | group++; |
1104 | 0 | if (*group == NULL) { |
1105 | 0 | /* |
1106 | 0 | * That was our last one; we are done now. |
1107 | 0 | */ |
1108 | 0 | child->place = notInUse; |
1109 | 0 | state->place = afterContents; |
1110 | 0 | return; |
1111 | 0 | } |
1112 | 0 | child->src = (char *)(*group) + child->theTemplate->offset; |
1113 | 0 |
|
1114 | 0 | /* |
1115 | 0 | * Re-"push" child. |
1116 | 0 | */ |
1117 | 0 | sec_asn1e_scrub_state(child); |
1118 | 0 | state->top->current = child; |
1119 | 0 | } |
1120 | | |
1121 | | /* |
1122 | | * We are moving along through a sequence; move forward by one, |
1123 | | * (detecting end-of-sequence when it happens). |
1124 | | */ |
1125 | | static void |
1126 | | sec_asn1e_next_in_sequence(sec_asn1e_state *state) |
1127 | 0 | { |
1128 | 0 | sec_asn1e_state *child; |
1129 | 0 |
|
1130 | 0 | PORT_Assert(state->place == duringSequence); |
1131 | 0 | PORT_Assert(state->child != NULL); |
1132 | 0 |
|
1133 | 0 | child = state->child; |
1134 | 0 |
|
1135 | 0 | /* |
1136 | 0 | * Do the "after" field notification. |
1137 | 0 | */ |
1138 | 0 | sec_asn1e_notify_after(state->top, child->src, child->depth); |
1139 | 0 |
|
1140 | 0 | /* |
1141 | 0 | * Move forward. |
1142 | 0 | */ |
1143 | 0 | child->theTemplate++; |
1144 | 0 | if (child->theTemplate->kind == 0) { |
1145 | 0 | /* |
1146 | 0 | * We are done with this sequence. |
1147 | 0 | */ |
1148 | 0 | child->place = notInUse; |
1149 | 0 | state->place = afterContents; |
1150 | 0 | return; |
1151 | 0 | } |
1152 | 0 | |
1153 | 0 | /* |
1154 | 0 | * Reset state and push. |
1155 | 0 | */ |
1156 | 0 | |
1157 | 0 | child->src = (char *)state->src + child->theTemplate->offset; |
1158 | 0 |
|
1159 | 0 | /* |
1160 | 0 | * Do the "before" field notification. |
1161 | 0 | */ |
1162 | 0 | sec_asn1e_notify_before(state->top, child->src, child->depth); |
1163 | 0 |
|
1164 | 0 | state->top->current = child; |
1165 | 0 | (void)sec_asn1e_init_state_based_on_template(child); |
1166 | 0 | } |
1167 | | |
1168 | | static void |
1169 | | sec_asn1e_after_contents(sec_asn1e_state *state) |
1170 | 0 | { |
1171 | 0 | PORT_Assert(state->place == afterContents); |
1172 | 0 |
|
1173 | 0 | if (state->indefinite) |
1174 | 0 | sec_asn1e_write_end_of_contents_bytes(state); |
1175 | 0 |
|
1176 | 0 | /* |
1177 | 0 | * Just make my parent be the current state. It will then clean |
1178 | 0 | * up after me and free me (or reuse me). |
1179 | 0 | */ |
1180 | 0 | state->top->current = state->parent; |
1181 | 0 | } |
1182 | | |
1183 | | /* |
1184 | | * This function is called whether or not we are streaming; if we |
1185 | | * *are* streaming, our caller can also instruct us to take bytes |
1186 | | * from the passed-in buffer (at buf, for length len, which is likely |
1187 | | * bytes but could even mean bits if the current field is a bit string). |
1188 | | * If we have been so instructed, we will gobble up bytes from there |
1189 | | * (rather than from our src structure) and output them, and then |
1190 | | * we will just return, expecting to be called again -- either with |
1191 | | * more bytes or after our caller has instructed us that we are done |
1192 | | * (for now) with the buffer. |
1193 | | */ |
1194 | | SECStatus |
1195 | | SEC_ASN1EncoderUpdate(SEC_ASN1EncoderContext *cx, |
1196 | | const char *buf, unsigned long len) |
1197 | 0 | { |
1198 | 0 | sec_asn1e_state *state; |
1199 | 0 |
|
1200 | 0 | if (cx->status == needBytes) { |
1201 | 0 | cx->status = keepGoing; |
1202 | 0 | } |
1203 | 0 |
|
1204 | 0 | while (cx->status == keepGoing) { |
1205 | 0 | state = cx->current; |
1206 | 0 | switch (state->place) { |
1207 | 0 | case beforeHeader: |
1208 | 0 | sec_asn1e_write_header(state); |
1209 | 0 | break; |
1210 | 0 | case duringContents: |
1211 | 0 | if (cx->from_buf) |
1212 | 0 | sec_asn1e_write_contents_from_buf(state, buf, len); |
1213 | 0 | else |
1214 | 0 | sec_asn1e_write_contents(state); |
1215 | 0 | break; |
1216 | 0 | case duringGroup: |
1217 | 0 | sec_asn1e_next_in_group(state); |
1218 | 0 | break; |
1219 | 0 | case duringSequence: |
1220 | 0 | sec_asn1e_next_in_sequence(state); |
1221 | 0 | break; |
1222 | 0 | case afterContents: |
1223 | 0 | sec_asn1e_after_contents(state); |
1224 | 0 | break; |
1225 | 0 | case afterImplicit: |
1226 | 0 | case afterInline: |
1227 | 0 | case afterPointer: |
1228 | 0 | case afterChoice: |
1229 | 0 | /* |
1230 | 0 | * These states are more documentation than anything. |
1231 | 0 | * They just need to force a pop. |
1232 | 0 | */ |
1233 | 0 | PORT_Assert(!state->indefinite); |
1234 | 0 | state->place = afterContents; |
1235 | 0 | break; |
1236 | 0 | case notInUse: |
1237 | 0 | default: |
1238 | 0 | /* This is not an error, but rather a plain old BUG! */ |
1239 | 0 | PORT_Assert(0); |
1240 | 0 | cx->status = encodeError; |
1241 | 0 | break; |
1242 | 0 | } |
1243 | 0 |
|
1244 | 0 | if (cx->status == encodeError) |
1245 | 0 | break; |
1246 | 0 | |
1247 | 0 | /* It might have changed, so we have to update our local copy. */ |
1248 | 0 | state = cx->current; |
1249 | 0 |
|
1250 | 0 | /* If it is NULL, we have popped all the way to the top. */ |
1251 | 0 | if (state == NULL) { |
1252 | 0 | cx->status = allDone; |
1253 | 0 | break; |
1254 | 0 | } |
1255 | 0 | } |
1256 | 0 |
|
1257 | 0 | if (cx->status == encodeError) { |
1258 | 0 | return SECFailure; |
1259 | 0 | } |
1260 | 0 | |
1261 | 0 | return SECSuccess; |
1262 | 0 | } |
1263 | | |
1264 | | void |
1265 | | SEC_ASN1EncoderFinish(SEC_ASN1EncoderContext *cx) |
1266 | 0 | { |
1267 | 0 | /* |
1268 | 0 | * XXX anything else that needs to be finished? |
1269 | 0 | */ |
1270 | 0 |
|
1271 | 0 | PORT_FreeArena(cx->our_pool, PR_FALSE); |
1272 | 0 | } |
1273 | | |
1274 | | SEC_ASN1EncoderContext * |
1275 | | SEC_ASN1EncoderStart(const void *src, const SEC_ASN1Template *theTemplate, |
1276 | | SEC_ASN1WriteProc output_proc, void *output_arg) |
1277 | 0 | { |
1278 | 0 | PLArenaPool *our_pool; |
1279 | 0 | SEC_ASN1EncoderContext *cx; |
1280 | 0 |
|
1281 | 0 | our_pool = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE); |
1282 | 0 | if (our_pool == NULL) |
1283 | 0 | return NULL; |
1284 | 0 | |
1285 | 0 | cx = (SEC_ASN1EncoderContext *)PORT_ArenaZAlloc(our_pool, sizeof(*cx)); |
1286 | 0 | if (cx == NULL) { |
1287 | 0 | PORT_FreeArena(our_pool, PR_FALSE); |
1288 | 0 | return NULL; |
1289 | 0 | } |
1290 | 0 |
|
1291 | 0 | cx->our_pool = our_pool; |
1292 | 0 | cx->output_proc = output_proc; |
1293 | 0 | cx->output_arg = output_arg; |
1294 | 0 |
|
1295 | 0 | cx->status = keepGoing; |
1296 | 0 |
|
1297 | 0 | if (sec_asn1e_push_state(cx, theTemplate, src, PR_FALSE) == NULL || |
1298 | 0 | sec_asn1e_init_state_based_on_template(cx->current) == NULL) { |
1299 | 0 | /* |
1300 | 0 | * Trouble initializing (probably due to failed allocations) |
1301 | 0 | * requires that we just give up. |
1302 | 0 | */ |
1303 | 0 | PORT_FreeArena(our_pool, PR_FALSE); |
1304 | 0 | return NULL; |
1305 | 0 | } |
1306 | 0 |
|
1307 | 0 | return cx; |
1308 | 0 | } |
1309 | | |
1310 | | /* |
1311 | | * XXX Do we need a FilterProc, too? |
1312 | | */ |
1313 | | |
1314 | | void |
1315 | | SEC_ASN1EncoderSetNotifyProc(SEC_ASN1EncoderContext *cx, |
1316 | | SEC_ASN1NotifyProc fn, void *arg) |
1317 | 0 | { |
1318 | 0 | cx->notify_proc = fn; |
1319 | 0 | cx->notify_arg = arg; |
1320 | 0 | } |
1321 | | |
1322 | | void |
1323 | | SEC_ASN1EncoderClearNotifyProc(SEC_ASN1EncoderContext *cx) |
1324 | 0 | { |
1325 | 0 | cx->notify_proc = NULL; |
1326 | 0 | cx->notify_arg = NULL; /* not necessary; just being clean */ |
1327 | 0 | } |
1328 | | |
1329 | | void |
1330 | | SEC_ASN1EncoderAbort(SEC_ASN1EncoderContext *cx, int error) |
1331 | 0 | { |
1332 | 0 | PORT_Assert(cx); |
1333 | 0 | PORT_SetError(error); |
1334 | 0 | cx->status = encodeError; |
1335 | 0 | } |
1336 | | |
1337 | | void |
1338 | | SEC_ASN1EncoderSetStreaming(SEC_ASN1EncoderContext *cx) |
1339 | 0 | { |
1340 | 0 | /* XXX is there a way to check that we are "between" fields here? */ |
1341 | 0 |
|
1342 | 0 | cx->streaming = PR_TRUE; |
1343 | 0 | } |
1344 | | |
1345 | | void |
1346 | | SEC_ASN1EncoderClearStreaming(SEC_ASN1EncoderContext *cx) |
1347 | 0 | { |
1348 | 0 | /* XXX is there a way to check that we are "between" fields here? */ |
1349 | 0 |
|
1350 | 0 | cx->streaming = PR_FALSE; |
1351 | 0 | } |
1352 | | |
1353 | | void |
1354 | | SEC_ASN1EncoderSetTakeFromBuf(SEC_ASN1EncoderContext *cx) |
1355 | 0 | { |
1356 | 0 | /* |
1357 | 0 | * XXX is there a way to check that we are "between" fields here? this |
1358 | 0 | * needs to include a check for being in between groups of items in |
1359 | 0 | * a SET_OF or SEQUENCE_OF. |
1360 | 0 | */ |
1361 | 0 | PORT_Assert(cx->streaming); |
1362 | 0 |
|
1363 | 0 | cx->from_buf = PR_TRUE; |
1364 | 0 | } |
1365 | | |
1366 | | void |
1367 | | SEC_ASN1EncoderClearTakeFromBuf(SEC_ASN1EncoderContext *cx) |
1368 | 0 | { |
1369 | 0 | /* we should actually be taking from buf *now* */ |
1370 | 0 | PORT_Assert(cx->from_buf); |
1371 | 0 | if (!cx->from_buf) /* if not, just do nothing */ |
1372 | 0 | return; |
1373 | 0 | |
1374 | 0 | cx->from_buf = PR_FALSE; |
1375 | 0 |
|
1376 | 0 | if (cx->status == needBytes) { |
1377 | 0 | cx->status = keepGoing; |
1378 | 0 | cx->current->place = afterContents; |
1379 | 0 | } |
1380 | 0 | } |
1381 | | |
1382 | | SECStatus |
1383 | | SEC_ASN1Encode(const void *src, const SEC_ASN1Template *theTemplate, |
1384 | | SEC_ASN1WriteProc output_proc, void *output_arg) |
1385 | 0 | { |
1386 | 0 | SEC_ASN1EncoderContext *ecx; |
1387 | 0 | SECStatus rv; |
1388 | 0 |
|
1389 | 0 | ecx = SEC_ASN1EncoderStart(src, theTemplate, output_proc, output_arg); |
1390 | 0 | if (ecx == NULL) |
1391 | 0 | return SECFailure; |
1392 | 0 | |
1393 | 0 | rv = SEC_ASN1EncoderUpdate(ecx, NULL, 0); |
1394 | 0 |
|
1395 | 0 | SEC_ASN1EncoderFinish(ecx); |
1396 | 0 | return rv; |
1397 | 0 | } |
1398 | | |
1399 | | /* |
1400 | | * XXX depth and data_kind are unused; is there a PC way to silence warnings? |
1401 | | * (I mean "politically correct", not anything to do with intel/win platform) |
1402 | | */ |
1403 | | static void |
1404 | | sec_asn1e_encode_item_count(void *arg, const char *buf, unsigned long len, |
1405 | | int depth, SEC_ASN1EncodingPart data_kind) |
1406 | 0 | { |
1407 | 0 | unsigned long *count; |
1408 | 0 |
|
1409 | 0 | count = (unsigned long *)arg; |
1410 | 0 | PORT_Assert(count != NULL); |
1411 | 0 |
|
1412 | 0 | *count += len; |
1413 | 0 | } |
1414 | | |
1415 | | /* XXX depth and data_kind are unused; is there a PC way to silence warnings? */ |
1416 | | static void |
1417 | | sec_asn1e_encode_item_store(void *arg, const char *buf, unsigned long len, |
1418 | | int depth, SEC_ASN1EncodingPart data_kind) |
1419 | 0 | { |
1420 | 0 | SECItem *dest; |
1421 | 0 |
|
1422 | 0 | dest = (SECItem *)arg; |
1423 | 0 | PORT_Assert(dest != NULL); |
1424 | 0 |
|
1425 | 0 | if (len > 0) { |
1426 | 0 | PORT_Memcpy(dest->data + dest->len, buf, len); |
1427 | 0 | dest->len += len; |
1428 | 0 | } |
1429 | 0 | } |
1430 | | |
1431 | | /* |
1432 | | * Allocate an entire SECItem, or just the data part of it, to hold |
1433 | | * "len" bytes of stuff. Allocate from the given pool, if specified, |
1434 | | * otherwise just do a vanilla PORT_Alloc. |
1435 | | * |
1436 | | * XXX This seems like a reasonable general-purpose function (for SECITEM_)? |
1437 | | */ |
1438 | | static SECItem * |
1439 | | sec_asn1e_allocate_item(PLArenaPool *poolp, SECItem *dest, unsigned long len) |
1440 | 0 | { |
1441 | 0 | if (poolp != NULL) { |
1442 | 0 | void *release; |
1443 | 0 |
|
1444 | 0 | release = PORT_ArenaMark(poolp); |
1445 | 0 | if (dest == NULL) |
1446 | 0 | dest = (SECItem *)PORT_ArenaAlloc(poolp, sizeof(SECItem)); |
1447 | 0 | if (dest != NULL) { |
1448 | 0 | dest->data = (unsigned char *)PORT_ArenaAlloc(poolp, len); |
1449 | 0 | if (dest->data == NULL) { |
1450 | 0 | dest = NULL; |
1451 | 0 | } |
1452 | 0 | } |
1453 | 0 | if (dest == NULL) { |
1454 | 0 | /* one or both allocations failed; release everything */ |
1455 | 0 | PORT_ArenaRelease(poolp, release); |
1456 | 0 | } else { |
1457 | 0 | /* everything okay; unmark the arena */ |
1458 | 0 | PORT_ArenaUnmark(poolp, release); |
1459 | 0 | } |
1460 | 0 | } else { |
1461 | 0 | SECItem *indest; |
1462 | 0 |
|
1463 | 0 | indest = dest; |
1464 | 0 | if (dest == NULL) |
1465 | 0 | dest = (SECItem *)PORT_Alloc(sizeof(SECItem)); |
1466 | 0 | if (dest != NULL) { |
1467 | 0 | dest->type = siBuffer; |
1468 | 0 | dest->data = (unsigned char *)PORT_Alloc(len); |
1469 | 0 | if (dest->data == NULL) { |
1470 | 0 | if (indest == NULL) |
1471 | 0 | PORT_Free(dest); |
1472 | 0 | dest = NULL; |
1473 | 0 | } |
1474 | 0 | } |
1475 | 0 | } |
1476 | 0 |
|
1477 | 0 | return dest; |
1478 | 0 | } |
1479 | | |
1480 | | SECItem * |
1481 | | SEC_ASN1EncodeItem(PLArenaPool *poolp, SECItem *dest, const void *src, |
1482 | | const SEC_ASN1Template *theTemplate) |
1483 | 0 | { |
1484 | 0 | unsigned long encoding_length; |
1485 | 0 | SECStatus rv; |
1486 | 0 |
|
1487 | 0 | PORT_Assert(dest == NULL || dest->data == NULL); |
1488 | 0 |
|
1489 | 0 | encoding_length = 0; |
1490 | 0 | rv = SEC_ASN1Encode(src, theTemplate, |
1491 | 0 | sec_asn1e_encode_item_count, &encoding_length); |
1492 | 0 | if (rv != SECSuccess) |
1493 | 0 | return NULL; |
1494 | 0 | |
1495 | 0 | dest = sec_asn1e_allocate_item(poolp, dest, encoding_length); |
1496 | 0 | if (dest == NULL) |
1497 | 0 | return NULL; |
1498 | 0 | |
1499 | 0 | /* XXX necessary? This really just checks for a bug in the allocate fn */ |
1500 | 0 | PORT_Assert(dest->data != NULL); |
1501 | 0 | if (dest->data == NULL) |
1502 | 0 | return NULL; |
1503 | 0 | |
1504 | 0 | dest->len = 0; |
1505 | 0 | (void)SEC_ASN1Encode(src, theTemplate, sec_asn1e_encode_item_store, dest); |
1506 | 0 |
|
1507 | 0 | PORT_Assert(encoding_length == dest->len); |
1508 | 0 | return dest; |
1509 | 0 | } |
1510 | | |
1511 | | static SECItem * |
1512 | | sec_asn1e_integer(PLArenaPool *poolp, SECItem *dest, unsigned long value, |
1513 | | PRBool is_unsigned) |
1514 | 0 | { |
1515 | 0 | unsigned long copy; |
1516 | 0 | unsigned char sign; |
1517 | 0 | int len = 0; |
1518 | 0 |
|
1519 | 0 | /* |
1520 | 0 | * Determine the length of the encoded value (minimum of 1). |
1521 | 0 | */ |
1522 | 0 | copy = value; |
1523 | 0 | do { |
1524 | 0 | len++; |
1525 | 0 | sign = (unsigned char)(copy & 0x80); |
1526 | 0 | copy >>= 8; |
1527 | 0 | } while (copy); |
1528 | 0 |
|
1529 | 0 | /* |
1530 | 0 | * If 'value' is non-negative, and the high bit of the last |
1531 | 0 | * byte we counted was set, we need to add one to the length so |
1532 | 0 | * we put a high-order zero byte in the encoding. |
1533 | 0 | */ |
1534 | 0 | if (sign && (is_unsigned || (long)value >= 0)) |
1535 | 0 | len++; |
1536 | 0 |
|
1537 | 0 | /* |
1538 | 0 | * Allocate the item (if necessary) and the data pointer within. |
1539 | 0 | */ |
1540 | 0 | dest = sec_asn1e_allocate_item(poolp, dest, len); |
1541 | 0 | if (dest == NULL) |
1542 | 0 | return NULL; |
1543 | 0 | |
1544 | 0 | /* |
1545 | 0 | * Store the value, byte by byte, in the item. |
1546 | 0 | */ |
1547 | 0 | dest->len = len; |
1548 | 0 | while (len) { |
1549 | 0 | dest->data[--len] = (unsigned char)value; |
1550 | 0 | value >>= 8; |
1551 | 0 | } |
1552 | 0 | PORT_Assert(value == 0); |
1553 | 0 |
|
1554 | 0 | return dest; |
1555 | 0 | } |
1556 | | |
1557 | | SECItem * |
1558 | | SEC_ASN1EncodeInteger(PLArenaPool *poolp, SECItem *dest, long value) |
1559 | 0 | { |
1560 | 0 | return sec_asn1e_integer(poolp, dest, (unsigned long)value, PR_FALSE); |
1561 | 0 | } |
1562 | | |
1563 | | SECItem * |
1564 | | SEC_ASN1EncodeUnsignedInteger(PLArenaPool *poolp, |
1565 | | SECItem *dest, unsigned long value) |
1566 | 0 | { |
1567 | 0 | return sec_asn1e_integer(poolp, dest, value, PR_TRUE); |
1568 | 0 | } |