/src/botan/build/include/public/botan/asn1_obj.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * (C) 1999-2007,2018,2020 Jack Lloyd |
3 | | * |
4 | | * Botan is released under the Simplified BSD License (see license.txt) |
5 | | */ |
6 | | |
7 | | #ifndef BOTAN_ASN1_OBJECT_TYPES_H_ |
8 | | #define BOTAN_ASN1_OBJECT_TYPES_H_ |
9 | | |
10 | | #include <botan/exceptn.h> |
11 | | #include <botan/secmem.h> |
12 | | #include <chrono> |
13 | | #include <iosfwd> |
14 | | #include <optional> |
15 | | #include <span> |
16 | | #include <string> |
17 | | #include <string_view> |
18 | | #include <unordered_map> |
19 | | #include <vector> |
20 | | |
21 | | namespace Botan { |
22 | | |
23 | | class BER_Decoder; |
24 | | class DER_Encoder; |
25 | | |
26 | | /** |
27 | | * ASN.1 Class Tags |
28 | | */ |
29 | | enum class ASN1_Class : uint32_t { |
30 | | Universal = 0b0000'0000, |
31 | | Application = 0b0100'0000, |
32 | | ContextSpecific = 0b1000'0000, |
33 | | Private = 0b1100'0000, |
34 | | |
35 | | Constructed = 0b0010'0000, |
36 | | ExplicitContextSpecific = Constructed | ContextSpecific, |
37 | | |
38 | | NoObject = 0xFF00 |
39 | | }; |
40 | | |
41 | | /** |
42 | | * ASN.1 Type Tags |
43 | | */ |
44 | | enum class ASN1_Type : uint32_t { |
45 | | Eoc = 0x00, |
46 | | Boolean = 0x01, |
47 | | Integer = 0x02, |
48 | | BitString = 0x03, |
49 | | OctetString = 0x04, |
50 | | Null = 0x05, |
51 | | ObjectId = 0x06, |
52 | | Enumerated = 0x0A, |
53 | | Sequence = 0x10, |
54 | | Set = 0x11, |
55 | | |
56 | | Utf8String = 0x0C, |
57 | | NumericString = 0x12, |
58 | | PrintableString = 0x13, |
59 | | TeletexString = 0x14, |
60 | | Ia5String = 0x16, |
61 | | VisibleString = 0x1A, |
62 | | UniversalString = 0x1C, |
63 | | BmpString = 0x1E, |
64 | | |
65 | | UtcTime = 0x17, |
66 | | GeneralizedTime = 0x18, |
67 | | |
68 | | NoObject = 0xFF00, |
69 | | }; |
70 | | |
71 | 0 | inline bool intersects(ASN1_Class x, ASN1_Class y) { |
72 | 0 | return static_cast<uint32_t>(x) & static_cast<uint32_t>(y); |
73 | 0 | } |
74 | | |
75 | 0 | inline ASN1_Type operator|(ASN1_Type x, ASN1_Type y) { |
76 | 0 | return static_cast<ASN1_Type>(static_cast<uint32_t>(x) | static_cast<uint32_t>(y)); |
77 | 0 | } |
78 | | |
79 | 242 | inline ASN1_Class operator|(ASN1_Class x, ASN1_Class y) { |
80 | 242 | return static_cast<ASN1_Class>(static_cast<uint32_t>(x) | static_cast<uint32_t>(y)); |
81 | 242 | } |
82 | | |
83 | 363 | inline uint32_t operator|(ASN1_Type x, ASN1_Class y) { |
84 | 363 | return static_cast<uint32_t>(x) | static_cast<uint32_t>(y); |
85 | 363 | } |
86 | | |
87 | 0 | inline uint32_t operator|(ASN1_Class x, ASN1_Type y) { |
88 | 0 | return static_cast<uint32_t>(x) | static_cast<uint32_t>(y); |
89 | 0 | } |
90 | | |
91 | | std::string BOTAN_UNSTABLE_API asn1_tag_to_string(ASN1_Type type); |
92 | | std::string BOTAN_UNSTABLE_API asn1_class_to_string(ASN1_Class type); |
93 | | |
94 | | /** |
95 | | * Basic ASN.1 Object Interface |
96 | | */ |
97 | | class BOTAN_PUBLIC_API(2, 0) ASN1_Object { |
98 | | public: |
99 | | /** |
100 | | * Encode whatever this object is into to |
101 | | * @param to the DER_Encoder that will be written to |
102 | | */ |
103 | | virtual void encode_into(DER_Encoder& to) const = 0; |
104 | | |
105 | | /** |
106 | | * Decode whatever this object is from from |
107 | | * @param from the BER_Decoder that will be read from |
108 | | */ |
109 | | virtual void decode_from(BER_Decoder& from) = 0; |
110 | | |
111 | | /** |
112 | | * Return the encoding of this object. This is a convenience |
113 | | * method when just one object needs to be serialized. Use |
114 | | * DER_Encoder for complicated encodings. |
115 | | */ |
116 | | std::vector<uint8_t> BER_encode() const; |
117 | | |
118 | 1.03k | ASN1_Object() = default; |
119 | 5.70k | ASN1_Object(const ASN1_Object&) = default; |
120 | 0 | ASN1_Object& operator=(const ASN1_Object&) = default; |
121 | 6.73k | virtual ~ASN1_Object() = default; |
122 | | }; |
123 | | |
124 | | /** |
125 | | * BER Encoded Object |
126 | | */ |
127 | | class BOTAN_PUBLIC_API(2, 0) BER_Object final { |
128 | | public: |
129 | 605 | BER_Object() : m_type_tag(ASN1_Type::NoObject), m_class_tag(ASN1_Class::Universal) {} |
130 | | |
131 | | BER_Object(const BER_Object& other) = default; |
132 | | |
133 | 0 | BER_Object& operator=(const BER_Object& other) = default; |
134 | | |
135 | 121 | BER_Object(BER_Object&& other) = default; |
136 | | |
137 | 0 | BER_Object& operator=(BER_Object&& other) = default; |
138 | | |
139 | 847 | bool is_set() const { return m_type_tag != ASN1_Type::NoObject; } |
140 | | |
141 | 363 | uint32_t tagging() const { return type_tag() | class_tag(); } |
142 | | |
143 | 363 | ASN1_Type type_tag() const { return m_type_tag; } |
144 | | |
145 | 363 | ASN1_Class class_tag() const { return m_class_tag; } |
146 | | |
147 | 0 | ASN1_Type type() const { return m_type_tag; } |
148 | | |
149 | 0 | ASN1_Class get_class() const { return m_class_tag; } |
150 | | |
151 | 968 | const uint8_t* bits() const { return m_value.data(); } |
152 | | |
153 | 2.54k | size_t length() const { return m_value.size(); } |
154 | | |
155 | 242 | std::span<const uint8_t> data() const { return std::span{m_value}; } |
156 | | |
157 | | void assert_is_a(ASN1_Type type_tag, ASN1_Class class_tag, std::string_view descr = "object") const; |
158 | | |
159 | | bool is_a(ASN1_Type type_tag, ASN1_Class class_tag) const; |
160 | | |
161 | | bool is_a(int type_tag, ASN1_Class class_tag) const; |
162 | | |
163 | | private: |
164 | | ASN1_Type m_type_tag; |
165 | | ASN1_Class m_class_tag; |
166 | | secure_vector<uint8_t> m_value; |
167 | | |
168 | | friend class BER_Decoder; |
169 | | |
170 | | void set_tagging(ASN1_Type type_tag, ASN1_Class class_tag); |
171 | | |
172 | 363 | uint8_t* mutable_bits(size_t length) { |
173 | 363 | m_value.resize(length); |
174 | 363 | return m_value.data(); |
175 | 363 | } |
176 | | }; |
177 | | |
178 | | /* |
179 | | * ASN.1 Utility Functions |
180 | | */ |
181 | | class DataSource; |
182 | | |
183 | | namespace ASN1 { |
184 | | |
185 | | std::vector<uint8_t> put_in_sequence(const std::vector<uint8_t>& val); |
186 | | std::vector<uint8_t> put_in_sequence(const uint8_t bits[], size_t len); |
187 | | std::string to_string(const BER_Object& obj); |
188 | | |
189 | | /** |
190 | | * Heuristics tests; is this object possibly BER? |
191 | | * @param src a data source that will be peeked at but not modified |
192 | | */ |
193 | | bool maybe_BER(DataSource& src); |
194 | | |
195 | | } // namespace ASN1 |
196 | | |
197 | | /** |
198 | | * General BER Decoding Error Exception |
199 | | */ |
200 | | class BOTAN_PUBLIC_API(2, 0) BER_Decoding_Error : public Decoding_Error { |
201 | | public: |
202 | | explicit BER_Decoding_Error(std::string_view); |
203 | | }; |
204 | | |
205 | | /** |
206 | | * Exception For Incorrect BER Taggings |
207 | | */ |
208 | | class BOTAN_PUBLIC_API(2, 0) BER_Bad_Tag final : public BER_Decoding_Error { |
209 | | public: |
210 | | BER_Bad_Tag(std::string_view msg, uint32_t tagging); |
211 | | }; |
212 | | |
213 | | /** |
214 | | * This class represents ASN.1 object identifiers. |
215 | | */ |
216 | | class BOTAN_PUBLIC_API(2, 0) OID final : public ASN1_Object { |
217 | | public: |
218 | | /** |
219 | | * Create an uninitialied OID object |
220 | | */ |
221 | 0 | explicit OID() = default; |
222 | | |
223 | | /** |
224 | | * Construct an OID from a string. |
225 | | * @param str a string in the form "a.b.c" etc., where a,b,c are integers |
226 | | * |
227 | | * Note: it is currently required that each integer fit into 32 bits |
228 | | */ |
229 | | explicit OID(std::string_view str); |
230 | | |
231 | | /** |
232 | | * Initialize an OID from a sequence of integer values |
233 | | */ |
234 | | explicit OID(std::initializer_list<uint32_t> init); |
235 | | |
236 | | /** |
237 | | * Initialize an OID from a vector of integer values |
238 | | */ |
239 | | BOTAN_DEPRECATED("Use another contructor") explicit OID(std::vector<uint32_t>&& init); |
240 | | |
241 | | /** |
242 | | * Construct an OID from a string. |
243 | | * @param str a string in the form "a.b.c" etc., where a,b,c are numbers |
244 | | * or any known OID name (for example "RSA" or "X509v3.SubjectKeyIdentifier") |
245 | | */ |
246 | | static OID from_string(std::string_view str); |
247 | | |
248 | | /** |
249 | | * Construct an OID from a name |
250 | | * @param name any known OID name (for example "RSA" or "X509v3.SubjectKeyIdentifier") |
251 | | */ |
252 | | static std::optional<OID> from_name(std::string_view name); |
253 | | |
254 | | /** |
255 | | * Register a new OID in the internal table |
256 | | */ |
257 | | static void register_oid(const OID& oid, std::string_view name); |
258 | | |
259 | | void encode_into(DER_Encoder&) const override; |
260 | | void decode_from(BER_Decoder&) override; |
261 | | |
262 | | /** |
263 | | * Find out whether this OID is empty |
264 | | * @return true is no OID value is set |
265 | | */ |
266 | 5.87k | bool empty() const { return m_id.empty(); } |
267 | | |
268 | | /** |
269 | | * Find out whether this OID has a value |
270 | | * @return true is this OID has a value |
271 | | */ |
272 | 4.52k | bool has_value() const { return !empty(); } |
273 | | |
274 | | /** |
275 | | * Get this OID as a dotted-decimal string |
276 | | * @return string representing this OID |
277 | | */ |
278 | | std::string to_string() const; |
279 | | |
280 | | /** |
281 | | * If there is a known name associated with this OID, return that. |
282 | | * Otherwise return the result of to_string |
283 | | */ |
284 | | std::string to_formatted_string() const; |
285 | | |
286 | | /** |
287 | | * If there is a known name associated with this OID, return that. |
288 | | * Otherwise return the empty string. |
289 | | */ |
290 | | std::string human_name_or_empty() const; |
291 | | |
292 | | /** |
293 | | * Return true if the OID in *this is registered in the internal |
294 | | * set of constants as a known OID. |
295 | | */ |
296 | | bool registered_oid() const; |
297 | | |
298 | | /** |
299 | | * Compare two OIDs. |
300 | | * @return true if they are equal, false otherwise |
301 | | */ |
302 | 25.6k | bool operator==(const OID& other) const { return m_id == other.m_id; } |
303 | | |
304 | | /** |
305 | | * Get this OID as list (vector) of its components. |
306 | | * @return vector representing this OID |
307 | | */ |
308 | | BOTAN_DEPRECATED("Do not access the integer values, use eg to_string") |
309 | 0 | const std::vector<uint32_t>& get_components() const { |
310 | 0 | return m_id; |
311 | 0 | } |
312 | | |
313 | | BOTAN_DEPRECATED("Do not access the integer values, use eg to_string") |
314 | 0 | const std::vector<uint32_t>& get_id() const { |
315 | 0 | return m_id; |
316 | 0 | } |
317 | | |
318 | | private: |
319 | | std::vector<uint32_t> m_id; |
320 | | }; |
321 | | |
322 | 0 | inline std::ostream& operator<<(std::ostream& out, const OID& oid) { |
323 | 0 | out << oid.to_string(); |
324 | 0 | return out; |
325 | 0 | } |
326 | | |
327 | | /** |
328 | | * Compare two OIDs. |
329 | | * @param a the first OID |
330 | | * @param b the second OID |
331 | | * @return true if a is not equal to b |
332 | | */ |
333 | 12 | inline bool operator!=(const OID& a, const OID& b) { |
334 | 12 | return !(a == b); |
335 | 12 | } |
336 | | |
337 | | /** |
338 | | * Compare two OIDs. |
339 | | * @param a the first OID |
340 | | * @param b the second OID |
341 | | * @return true if a is lexicographically smaller than b |
342 | | */ |
343 | | BOTAN_PUBLIC_API(2, 0) bool operator<(const OID& a, const OID& b); |
344 | | |
345 | | /** |
346 | | * Time (GeneralizedTime/UniversalTime) |
347 | | */ |
348 | | class BOTAN_PUBLIC_API(2, 0) ASN1_Time final : public ASN1_Object { |
349 | | public: |
350 | | /// DER encode a ASN1_Time |
351 | | void encode_into(DER_Encoder&) const override; |
352 | | |
353 | | // Decode a BER encoded ASN1_Time |
354 | | void decode_from(BER_Decoder&) override; |
355 | | |
356 | | /// Return an internal string representation of the time |
357 | | std::string to_string() const; |
358 | | |
359 | | /// Returns a human friendly string replesentation of no particular formatting |
360 | | std::string readable_string() const; |
361 | | |
362 | | /// Return if the time has been set somehow |
363 | | bool time_is_set() const; |
364 | | |
365 | | /// Compare this time against another |
366 | | int32_t cmp(const ASN1_Time& other) const; |
367 | | |
368 | | /// Create an invalid ASN1_Time |
369 | | ASN1_Time() = default; |
370 | | |
371 | | /// Create a ASN1_Time from a time point |
372 | | explicit ASN1_Time(const std::chrono::system_clock::time_point& time); |
373 | | |
374 | | /// Create an ASN1_Time from string |
375 | | ASN1_Time(std::string_view t_spec); |
376 | | |
377 | | /// Create an ASN1_Time from string and a specified tagging (Utc or Generalized) |
378 | | ASN1_Time(std::string_view t_spec, ASN1_Type tag); |
379 | | |
380 | | /// Returns a STL timepoint object |
381 | | std::chrono::system_clock::time_point to_std_timepoint() const; |
382 | | |
383 | | /// Return time since epoch |
384 | | uint64_t time_since_epoch() const; |
385 | | |
386 | | private: |
387 | | void set_to(std::string_view t_spec, ASN1_Type type); |
388 | | bool passes_sanity_check() const; |
389 | | |
390 | | uint32_t m_year = 0; |
391 | | uint32_t m_month = 0; |
392 | | uint32_t m_day = 0; |
393 | | uint32_t m_hour = 0; |
394 | | uint32_t m_minute = 0; |
395 | | uint32_t m_second = 0; |
396 | | ASN1_Type m_tag = ASN1_Type::NoObject; |
397 | | }; |
398 | | |
399 | | /* |
400 | | * Comparison Operations |
401 | | */ |
402 | | BOTAN_PUBLIC_API(2, 0) bool operator==(const ASN1_Time&, const ASN1_Time&); |
403 | | BOTAN_PUBLIC_API(2, 0) bool operator!=(const ASN1_Time&, const ASN1_Time&); |
404 | | BOTAN_PUBLIC_API(2, 0) bool operator<=(const ASN1_Time&, const ASN1_Time&); |
405 | | BOTAN_PUBLIC_API(2, 0) bool operator>=(const ASN1_Time&, const ASN1_Time&); |
406 | | BOTAN_PUBLIC_API(2, 0) bool operator<(const ASN1_Time&, const ASN1_Time&); |
407 | | BOTAN_PUBLIC_API(2, 0) bool operator>(const ASN1_Time&, const ASN1_Time&); |
408 | | |
409 | | typedef ASN1_Time X509_Time; |
410 | | |
411 | | /** |
412 | | * ASN.1 string type |
413 | | * This class normalizes all inputs to a UTF-8 std::string |
414 | | */ |
415 | | class BOTAN_PUBLIC_API(2, 0) ASN1_String final : public ASN1_Object { |
416 | | public: |
417 | | void encode_into(DER_Encoder&) const override; |
418 | | void decode_from(BER_Decoder&) override; |
419 | | |
420 | 0 | ASN1_Type tagging() const { return m_tag; } |
421 | | |
422 | 0 | const std::string& value() const { return m_utf8_str; } |
423 | | |
424 | 0 | size_t size() const { return value().size(); } |
425 | | |
426 | 0 | bool empty() const { return m_utf8_str.empty(); } |
427 | | |
428 | | /** |
429 | | * Return true iff this is a tag for a known string type we can handle. |
430 | | */ |
431 | | static bool is_string_type(ASN1_Type tag); |
432 | | |
433 | 0 | bool operator==(const ASN1_String& other) const { return value() == other.value(); } |
434 | | |
435 | 0 | friend bool operator<(const ASN1_String& a, const ASN1_String& b) { return a.value() < b.value(); } |
436 | | |
437 | | explicit ASN1_String(std::string_view utf8 = ""); |
438 | | ASN1_String(std::string_view utf8, ASN1_Type tag); |
439 | | |
440 | | private: |
441 | | std::vector<uint8_t> m_data; |
442 | | std::string m_utf8_str; |
443 | | ASN1_Type m_tag; |
444 | | }; |
445 | | |
446 | | /** |
447 | | * Algorithm Identifier |
448 | | */ |
449 | | class BOTAN_PUBLIC_API(2, 0) AlgorithmIdentifier final : public ASN1_Object { |
450 | | public: |
451 | | enum Encoding_Option { USE_NULL_PARAM, USE_EMPTY_PARAM }; |
452 | | |
453 | | void encode_into(DER_Encoder&) const override; |
454 | | void decode_from(BER_Decoder&) override; |
455 | | |
456 | | AlgorithmIdentifier() = default; |
457 | | |
458 | | AlgorithmIdentifier(const OID& oid, Encoding_Option enc); |
459 | | AlgorithmIdentifier(std::string_view oid_name, Encoding_Option enc); |
460 | | |
461 | | AlgorithmIdentifier(const OID& oid, const std::vector<uint8_t>& params); |
462 | | AlgorithmIdentifier(std::string_view oid_name, const std::vector<uint8_t>& params); |
463 | | |
464 | 0 | const OID& oid() const { return m_oid; } |
465 | | |
466 | 0 | const std::vector<uint8_t>& parameters() const { return m_parameters; } |
467 | | |
468 | 0 | BOTAN_DEPRECATED("Use AlgorithmIdentifier::oid") const OID& get_oid() const { return m_oid; } |
469 | | |
470 | 0 | BOTAN_DEPRECATED("Use AlgorithmIdentifier::parameters") const std::vector<uint8_t>& get_parameters() const { |
471 | 0 | return m_parameters; |
472 | 0 | } |
473 | | |
474 | | bool parameters_are_null() const; |
475 | | |
476 | 0 | bool parameters_are_empty() const { return m_parameters.empty(); } |
477 | | |
478 | 0 | bool parameters_are_null_or_empty() const { return parameters_are_empty() || parameters_are_null(); } |
479 | | |
480 | 0 | bool empty() const { return m_oid.empty() && m_parameters.empty(); } |
481 | | |
482 | | private: |
483 | | OID m_oid; |
484 | | std::vector<uint8_t> m_parameters; |
485 | | }; |
486 | | |
487 | | /* |
488 | | * Comparison Operations |
489 | | */ |
490 | | BOTAN_PUBLIC_API(2, 0) bool operator==(const AlgorithmIdentifier&, const AlgorithmIdentifier&); |
491 | | BOTAN_PUBLIC_API(2, 0) bool operator!=(const AlgorithmIdentifier&, const AlgorithmIdentifier&); |
492 | | |
493 | | } // namespace Botan |
494 | | |
495 | | #endif |