/src/libressl/crypto/asn1/tasn_dec.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* $OpenBSD: tasn_dec.c,v 1.78 2022/06/29 08:56:44 beck Exp $ */ |
2 | | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 | | * project 2000. |
4 | | */ |
5 | | /* ==================================================================== |
6 | | * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. |
7 | | * |
8 | | * Redistribution and use in source and binary forms, with or without |
9 | | * modification, are permitted provided that the following conditions |
10 | | * are met: |
11 | | * |
12 | | * 1. Redistributions of source code must retain the above copyright |
13 | | * notice, this list of conditions and the following disclaimer. |
14 | | * |
15 | | * 2. Redistributions in binary form must reproduce the above copyright |
16 | | * notice, this list of conditions and the following disclaimer in |
17 | | * the documentation and/or other materials provided with the |
18 | | * distribution. |
19 | | * |
20 | | * 3. All advertising materials mentioning features or use of this |
21 | | * software must display the following acknowledgment: |
22 | | * "This product includes software developed by the OpenSSL Project |
23 | | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
24 | | * |
25 | | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
26 | | * endorse or promote products derived from this software without |
27 | | * prior written permission. For written permission, please contact |
28 | | * licensing@OpenSSL.org. |
29 | | * |
30 | | * 5. Products derived from this software may not be called "OpenSSL" |
31 | | * nor may "OpenSSL" appear in their names without prior written |
32 | | * permission of the OpenSSL Project. |
33 | | * |
34 | | * 6. Redistributions of any form whatsoever must retain the following |
35 | | * acknowledgment: |
36 | | * "This product includes software developed by the OpenSSL Project |
37 | | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
38 | | * |
39 | | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
40 | | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
41 | | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
42 | | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
43 | | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
44 | | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
45 | | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
46 | | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
47 | | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
48 | | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
49 | | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
50 | | * OF THE POSSIBILITY OF SUCH DAMAGE. |
51 | | * ==================================================================== |
52 | | * |
53 | | * This product includes cryptographic software written by Eric Young |
54 | | * (eay@cryptsoft.com). This product includes software written by Tim |
55 | | * Hudson (tjh@cryptsoft.com). |
56 | | * |
57 | | */ |
58 | | |
59 | | #include <limits.h> |
60 | | #include <stddef.h> |
61 | | #include <string.h> |
62 | | |
63 | | #include <openssl/asn1.h> |
64 | | #include <openssl/asn1t.h> |
65 | | #include <openssl/buffer.h> |
66 | | #include <openssl/err.h> |
67 | | #include <openssl/objects.h> |
68 | | |
69 | | #include "asn1_locl.h" |
70 | | #include "bytestring.h" |
71 | | |
72 | | /* |
73 | | * Constructed types with a recursive definition (such as can be found in PKCS7) |
74 | | * could eventually exceed the stack given malicious input with excessive |
75 | | * recursion. Therefore we limit the stack depth. |
76 | | */ |
77 | 0 | #define ASN1_MAX_CONSTRUCTED_NEST 30 |
78 | | |
79 | | #ifndef ASN1_MAX_STRING_NEST |
80 | | /* |
81 | | * This determines how many levels of recursion are permitted in ASN.1 string |
82 | | * types. If it is not limited stack overflows can occur. If set to zero no |
83 | | * recursion is allowed at all. |
84 | | */ |
85 | 0 | #define ASN1_MAX_STRING_NEST 5 |
86 | | #endif |
87 | | |
88 | | static int asn1_template_d2i(ASN1_VALUE **pval, CBS *cbs, |
89 | | const ASN1_TEMPLATE *at, int optional, int depth); |
90 | | |
91 | | static int |
92 | | asn1_check_eoc(CBS *cbs) |
93 | 0 | { |
94 | 0 | uint16_t eoc; |
95 | |
|
96 | 0 | if (!CBS_peek_u16(cbs, &eoc)) |
97 | 0 | return 0; |
98 | 0 | if (eoc != 0) |
99 | 0 | return 0; |
100 | | |
101 | 0 | return CBS_skip(cbs, 2); |
102 | 0 | } |
103 | | |
104 | | static int |
105 | | asn1_check_tag(CBS *cbs, size_t *out_len, int *out_tag, uint8_t *out_class, |
106 | | int *out_indefinite, int *out_constructed, int expected_tag, |
107 | | int expected_class, int optional) |
108 | 0 | { |
109 | 0 | int constructed, indefinite; |
110 | 0 | uint32_t tag_number; |
111 | 0 | uint8_t tag_class; |
112 | 0 | size_t length; |
113 | |
|
114 | 0 | if (out_len != NULL) |
115 | 0 | *out_len = 0; |
116 | 0 | if (out_tag != NULL) |
117 | 0 | *out_tag = 0; |
118 | 0 | if (out_class != NULL) |
119 | 0 | *out_class = 0; |
120 | 0 | if (out_indefinite != NULL) |
121 | 0 | *out_indefinite = 0; |
122 | 0 | if (out_constructed != NULL) |
123 | 0 | *out_constructed = 0; |
124 | |
|
125 | 0 | if (!asn1_get_identifier_cbs(cbs, 0, &tag_class, &constructed, |
126 | 0 | &tag_number)) { |
127 | 0 | ASN1error(ASN1_R_BAD_OBJECT_HEADER); |
128 | 0 | return 0; |
129 | 0 | } |
130 | 0 | if (expected_tag >= 0) { |
131 | 0 | if (expected_tag != tag_number || |
132 | 0 | expected_class != tag_class << 6) { |
133 | | /* Indicate missing type if this is OPTIONAL. */ |
134 | 0 | if (optional) |
135 | 0 | return -1; |
136 | | |
137 | 0 | ASN1error(ASN1_R_WRONG_TAG); |
138 | 0 | return 0; |
139 | 0 | } |
140 | 0 | } |
141 | 0 | if (!asn1_get_length_cbs(cbs, 0, &indefinite, &length)) { |
142 | 0 | ASN1error(ASN1_R_BAD_OBJECT_HEADER); |
143 | 0 | return 0; |
144 | 0 | } |
145 | | |
146 | | /* Indefinite length can only be used with constructed encoding. */ |
147 | 0 | if (indefinite && !constructed) { |
148 | 0 | ASN1error(ASN1_R_BAD_OBJECT_HEADER); |
149 | 0 | return 0; |
150 | 0 | } |
151 | | |
152 | 0 | if (!indefinite && CBS_len(cbs) < length) { |
153 | 0 | ASN1error(ASN1_R_TOO_LONG); |
154 | 0 | return 0; |
155 | 0 | } |
156 | | |
157 | 0 | if (tag_number > INT_MAX) { |
158 | 0 | ASN1error(ASN1_R_TOO_LONG); |
159 | 0 | return 0; |
160 | 0 | } |
161 | | |
162 | 0 | if (indefinite) |
163 | 0 | length = CBS_len(cbs); |
164 | |
|
165 | 0 | if (out_len != NULL) |
166 | 0 | *out_len = length; |
167 | 0 | if (out_tag != NULL) |
168 | 0 | *out_tag = tag_number; |
169 | 0 | if (out_class != NULL) |
170 | 0 | *out_class = tag_class << 6; |
171 | 0 | if (out_indefinite != NULL) |
172 | 0 | *out_indefinite = indefinite; |
173 | 0 | if (out_constructed != NULL) |
174 | 0 | *out_constructed = constructed; |
175 | |
|
176 | 0 | return 1; |
177 | 0 | } |
178 | | |
179 | | /* Collect the contents from a constructed ASN.1 object. */ |
180 | | static int |
181 | | asn1_collect(CBB *cbb, CBS *cbs, int indefinite, int expected_tag, |
182 | | int expected_class, int depth) |
183 | 0 | { |
184 | 0 | int constructed; |
185 | 0 | size_t length; |
186 | 0 | CBS content; |
187 | 0 | int need_eoc; |
188 | |
|
189 | 0 | if (depth > ASN1_MAX_STRING_NEST) { |
190 | 0 | ASN1error(ASN1_R_NESTED_ASN1_STRING); |
191 | 0 | return 0; |
192 | 0 | } |
193 | | |
194 | 0 | need_eoc = indefinite; |
195 | |
|
196 | 0 | while (CBS_len(cbs) > 0) { |
197 | 0 | if (asn1_check_eoc(cbs)) { |
198 | 0 | if (!need_eoc) { |
199 | 0 | ASN1error(ASN1_R_UNEXPECTED_EOC); |
200 | 0 | return 0; |
201 | 0 | } |
202 | 0 | return 1; |
203 | 0 | } |
204 | 0 | if (!asn1_check_tag(cbs, &length, NULL, NULL, &indefinite, |
205 | 0 | &constructed, expected_tag, expected_class, 0)) { |
206 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
207 | 0 | return 0; |
208 | 0 | } |
209 | | |
210 | 0 | if (constructed) { |
211 | 0 | if (!asn1_collect(cbb, cbs, indefinite, expected_tag, |
212 | 0 | expected_class, depth + 1)) |
213 | 0 | return 0; |
214 | 0 | continue; |
215 | 0 | } |
216 | | |
217 | 0 | if (!CBS_get_bytes(cbs, &content, length)) { |
218 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
219 | 0 | return 0; |
220 | 0 | } |
221 | 0 | if (!CBB_add_bytes(cbb, CBS_data(&content), CBS_len(&content))) |
222 | 0 | return 0; |
223 | 0 | } |
224 | | |
225 | 0 | if (need_eoc) { |
226 | 0 | ASN1error(ASN1_R_MISSING_EOC); |
227 | 0 | return 0; |
228 | 0 | } |
229 | | |
230 | 0 | return 1; |
231 | 0 | } |
232 | | |
233 | | /* Find the end of an ASN.1 object. */ |
234 | | static int |
235 | | asn1_find_end(CBS *cbs, size_t length, int indefinite) |
236 | 0 | { |
237 | 0 | size_t eoc_count; |
238 | |
|
239 | 0 | if (!indefinite) { |
240 | 0 | if (!CBS_skip(cbs, length)) { |
241 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
242 | 0 | return 0; |
243 | 0 | } |
244 | 0 | return 1; |
245 | 0 | } |
246 | | |
247 | 0 | eoc_count = 1; |
248 | |
|
249 | 0 | while (CBS_len(cbs) > 0) { |
250 | 0 | if (asn1_check_eoc(cbs)) { |
251 | 0 | if (--eoc_count == 0) |
252 | 0 | break; |
253 | 0 | continue; |
254 | 0 | } |
255 | 0 | if (!asn1_check_tag(cbs, &length, NULL, NULL, |
256 | 0 | &indefinite, NULL, -1, 0, 0)) { |
257 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
258 | 0 | return 0; |
259 | 0 | } |
260 | 0 | if (indefinite) { |
261 | 0 | eoc_count++; |
262 | 0 | continue; |
263 | 0 | } |
264 | 0 | if (!CBS_skip(cbs, length)) |
265 | 0 | return 0; |
266 | 0 | } |
267 | | |
268 | 0 | if (eoc_count > 0) { |
269 | 0 | ASN1error(ASN1_R_MISSING_EOC); |
270 | 0 | return 0; |
271 | 0 | } |
272 | | |
273 | 0 | return 1; |
274 | 0 | } |
275 | | |
276 | | static int |
277 | | asn1_c2i_primitive(ASN1_VALUE **pval, CBS *content, int utype, const ASN1_ITEM *it) |
278 | 0 | { |
279 | 0 | ASN1_STRING *stmp; |
280 | 0 | ASN1_INTEGER **tint; |
281 | 0 | ASN1_BOOLEAN *tbool; |
282 | 0 | uint8_t u8val; |
283 | 0 | int ret = 0; |
284 | |
|
285 | 0 | if (it->funcs != NULL) |
286 | 0 | return 0; |
287 | | |
288 | 0 | if (CBS_len(content) > INT_MAX) |
289 | 0 | return 0; |
290 | | |
291 | 0 | switch (utype) { |
292 | 0 | case V_ASN1_OBJECT: |
293 | 0 | if (!c2i_ASN1_OBJECT_cbs((ASN1_OBJECT **)pval, content)) |
294 | 0 | goto err; |
295 | 0 | break; |
296 | | |
297 | 0 | case V_ASN1_NULL: |
298 | 0 | if (CBS_len(content) != 0) { |
299 | 0 | ASN1error(ASN1_R_NULL_IS_WRONG_LENGTH); |
300 | 0 | goto err; |
301 | 0 | } |
302 | 0 | *pval = (ASN1_VALUE *)1; |
303 | 0 | break; |
304 | | |
305 | 0 | case V_ASN1_BOOLEAN: |
306 | 0 | tbool = (ASN1_BOOLEAN *)pval; |
307 | 0 | if (CBS_len(content) != 1) { |
308 | 0 | ASN1error(ASN1_R_BOOLEAN_IS_WRONG_LENGTH); |
309 | 0 | goto err; |
310 | 0 | } |
311 | 0 | if (!CBS_get_u8(content, &u8val)) |
312 | 0 | goto err; |
313 | 0 | *tbool = u8val; |
314 | 0 | break; |
315 | | |
316 | 0 | case V_ASN1_BIT_STRING: |
317 | 0 | if (!c2i_ASN1_BIT_STRING_cbs((ASN1_BIT_STRING **)pval, content)) |
318 | 0 | goto err; |
319 | 0 | break; |
320 | | |
321 | 0 | case V_ASN1_INTEGER: |
322 | 0 | case V_ASN1_ENUMERATED: |
323 | 0 | tint = (ASN1_INTEGER **)pval; |
324 | 0 | if (!c2i_ASN1_INTEGER_cbs(tint, content)) |
325 | 0 | goto err; |
326 | | /* Fixup type to match the expected form */ |
327 | 0 | (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG); |
328 | 0 | break; |
329 | | |
330 | 0 | case V_ASN1_OCTET_STRING: |
331 | 0 | case V_ASN1_NUMERICSTRING: |
332 | 0 | case V_ASN1_PRINTABLESTRING: |
333 | 0 | case V_ASN1_T61STRING: |
334 | 0 | case V_ASN1_VIDEOTEXSTRING: |
335 | 0 | case V_ASN1_IA5STRING: |
336 | 0 | case V_ASN1_UTCTIME: |
337 | 0 | case V_ASN1_GENERALIZEDTIME: |
338 | 0 | case V_ASN1_GRAPHICSTRING: |
339 | 0 | case V_ASN1_VISIBLESTRING: |
340 | 0 | case V_ASN1_GENERALSTRING: |
341 | 0 | case V_ASN1_UNIVERSALSTRING: |
342 | 0 | case V_ASN1_BMPSTRING: |
343 | 0 | case V_ASN1_UTF8STRING: |
344 | 0 | case V_ASN1_OTHER: |
345 | 0 | case V_ASN1_SET: |
346 | 0 | case V_ASN1_SEQUENCE: |
347 | 0 | default: |
348 | 0 | if (utype == V_ASN1_BMPSTRING && (CBS_len(content) & 1)) { |
349 | 0 | ASN1error(ASN1_R_BMPSTRING_IS_WRONG_LENGTH); |
350 | 0 | goto err; |
351 | 0 | } |
352 | 0 | if (utype == V_ASN1_UNIVERSALSTRING && (CBS_len(content) & 3)) { |
353 | 0 | ASN1error(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH); |
354 | 0 | goto err; |
355 | 0 | } |
356 | 0 | if (utype == V_ASN1_UTCTIME || utype == V_ASN1_GENERALIZEDTIME) { |
357 | 0 | if (!asn1_time_parse_cbs(content, |
358 | 0 | utype == V_ASN1_GENERALIZEDTIME, NULL)) { |
359 | 0 | ASN1error(ASN1_R_INVALID_TIME_FORMAT); |
360 | 0 | goto err; |
361 | 0 | } |
362 | 0 | } |
363 | | /* All based on ASN1_STRING and handled the same way. */ |
364 | 0 | if (*pval == NULL) { |
365 | 0 | if ((stmp = ASN1_STRING_type_new(utype)) == NULL) { |
366 | 0 | ASN1error(ERR_R_MALLOC_FAILURE); |
367 | 0 | goto err; |
368 | 0 | } |
369 | 0 | *pval = (ASN1_VALUE *)stmp; |
370 | 0 | } else { |
371 | 0 | stmp = (ASN1_STRING *)*pval; |
372 | 0 | stmp->type = utype; |
373 | 0 | } |
374 | 0 | if (!ASN1_STRING_set(stmp, CBS_data(content), CBS_len(content))) { |
375 | 0 | ASN1_STRING_free(stmp); |
376 | 0 | *pval = NULL; |
377 | 0 | goto err; |
378 | 0 | } |
379 | 0 | break; |
380 | 0 | } |
381 | | |
382 | 0 | ret = 1; |
383 | |
|
384 | 0 | err: |
385 | 0 | return ret; |
386 | 0 | } |
387 | | |
388 | | static int |
389 | | asn1_c2i_any(ASN1_VALUE **pval, CBS *content, int utype, const ASN1_ITEM *it) |
390 | 0 | { |
391 | 0 | ASN1_TYPE *atype; |
392 | |
|
393 | 0 | if (it->utype != V_ASN1_ANY || it->funcs != NULL) |
394 | 0 | return 0; |
395 | | |
396 | 0 | if (*pval != NULL) { |
397 | 0 | ASN1_TYPE_free((ASN1_TYPE *)*pval); |
398 | 0 | *pval = NULL; |
399 | 0 | } |
400 | |
|
401 | 0 | if ((atype = ASN1_TYPE_new()) == NULL) |
402 | 0 | return 0; |
403 | | |
404 | 0 | if (!asn1_c2i_primitive(&atype->value.asn1_value, content, utype, it)) { |
405 | 0 | ASN1_TYPE_free(atype); |
406 | 0 | return 0; |
407 | 0 | } |
408 | 0 | atype->type = utype; |
409 | | |
410 | | /* Fix up value for ASN.1 NULL. */ |
411 | 0 | if (atype->type == V_ASN1_NULL) |
412 | 0 | atype->value.ptr = NULL; |
413 | |
|
414 | 0 | *pval = (ASN1_VALUE *)atype; |
415 | |
|
416 | 0 | return 1; |
417 | 0 | } |
418 | | |
419 | | static int |
420 | | asn1_c2i(ASN1_VALUE **pval, CBS *content, int utype, const ASN1_ITEM *it) |
421 | 0 | { |
422 | 0 | if (CBS_len(content) > INT_MAX) |
423 | 0 | return 0; |
424 | | |
425 | 0 | if (it->funcs != NULL) { |
426 | 0 | const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; |
427 | 0 | char free_content = 0; |
428 | |
|
429 | 0 | if (pf->prim_c2i == NULL) |
430 | 0 | return 0; |
431 | | |
432 | 0 | return pf->prim_c2i(pval, CBS_data(content), CBS_len(content), |
433 | 0 | utype, &free_content, it); |
434 | 0 | } |
435 | | |
436 | 0 | if (it->utype == V_ASN1_ANY) |
437 | 0 | return asn1_c2i_any(pval, content, utype, it); |
438 | | |
439 | 0 | return asn1_c2i_primitive(pval, content, utype, it); |
440 | 0 | } |
441 | | |
442 | | /* |
443 | | * Decode ASN.1 content into a primitive type. There are three possible forms - |
444 | | * a SEQUENCE/SET/OTHER that is stored verbatim (including the ASN.1 tag and |
445 | | * length octets), constructed objects and non-constructed objects. In the |
446 | | * first two cases indefinite length is permitted, which we may need to handle. |
447 | | * When this function is called the *cbs should reference the start of the |
448 | | * ASN.1 object (i.e. the tag/length header), while *cbs_object should |
449 | | * reference the start of the object contents (i.e. after the tag/length |
450 | | * header. Additionally, the *cbs_object offset should be relative to the |
451 | | * ASN.1 object being parsed. On success the *cbs will point at the octet |
452 | | * after the object. |
453 | | */ |
454 | | static int |
455 | | asn1_d2i_primitive_content(ASN1_VALUE **pval, CBS *cbs, CBS *cbs_object, |
456 | | int utype, int constructed, int indefinite, size_t length, |
457 | | const ASN1_ITEM *it) |
458 | 0 | { |
459 | 0 | CBS cbs_content, cbs_initial; |
460 | 0 | uint8_t *data = NULL; |
461 | 0 | size_t data_len = 0; |
462 | 0 | CBB cbb; |
463 | 0 | int ret = 0; |
464 | |
|
465 | 0 | memset(&cbb, 0, sizeof(cbb)); |
466 | |
|
467 | 0 | CBS_dup(cbs, &cbs_initial); |
468 | 0 | CBS_init(&cbs_content, NULL, 0); |
469 | | |
470 | | /* XXX - check primitive vs constructed based on utype. */ |
471 | | |
472 | | /* SEQUENCE and SET must be constructed. */ |
473 | 0 | if ((utype == V_ASN1_SEQUENCE || utype == V_ASN1_SET) && !constructed) { |
474 | 0 | ASN1error(ASN1_R_TYPE_NOT_CONSTRUCTED); |
475 | 0 | goto err; |
476 | 0 | } |
477 | | |
478 | | /* SEQUENCE, SET and "OTHER" are left in encoded form. */ |
479 | 0 | if (utype == V_ASN1_SEQUENCE || utype == V_ASN1_SET || |
480 | 0 | utype == V_ASN1_OTHER) { |
481 | 0 | if (!asn1_find_end(cbs_object, length, indefinite)) |
482 | 0 | goto err; |
483 | 0 | if (!CBS_get_bytes(&cbs_initial, &cbs_content, |
484 | 0 | CBS_offset(cbs_object))) |
485 | 0 | goto err; |
486 | 0 | } else if (constructed) { |
487 | | /* |
488 | | * Should really check the internal tags are correct but |
489 | | * some things may get this wrong. The relevant specs |
490 | | * say that constructed string types should be OCTET STRINGs |
491 | | * internally irrespective of the type. So instead just check |
492 | | * for UNIVERSAL class and ignore the tag. |
493 | | */ |
494 | 0 | if (!CBB_init(&cbb, 0)) |
495 | 0 | goto err; |
496 | 0 | if (!asn1_collect(&cbb, cbs_object, indefinite, -1, |
497 | 0 | V_ASN1_UNIVERSAL, 0)) |
498 | 0 | goto err; |
499 | 0 | if (!CBB_finish(&cbb, &data, &data_len)) |
500 | 0 | goto err; |
501 | | |
502 | 0 | CBS_init(&cbs_content, data, data_len); |
503 | 0 | } else { |
504 | 0 | if (!CBS_get_bytes(cbs_object, &cbs_content, length)) |
505 | 0 | goto err; |
506 | 0 | } |
507 | | |
508 | 0 | if (!asn1_c2i(pval, &cbs_content, utype, it)) |
509 | 0 | goto err; |
510 | | |
511 | 0 | if (!CBS_skip(cbs, CBS_offset(cbs_object))) |
512 | 0 | goto err; |
513 | | |
514 | 0 | ret = 1; |
515 | |
|
516 | 0 | err: |
517 | 0 | CBB_cleanup(&cbb); |
518 | 0 | freezero(data, data_len); |
519 | |
|
520 | 0 | return ret; |
521 | 0 | } |
522 | | |
523 | | static int |
524 | | asn1_d2i_any(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
525 | | int tag_number, int tag_class, int optional) |
526 | 0 | { |
527 | 0 | int constructed, indefinite; |
528 | 0 | uint8_t object_class; |
529 | 0 | int object_type; |
530 | 0 | CBS cbs_object; |
531 | 0 | size_t length; |
532 | |
|
533 | 0 | CBS_init(&cbs_object, CBS_data(cbs), CBS_len(cbs)); |
534 | |
|
535 | 0 | if (it->utype != V_ASN1_ANY) |
536 | 0 | return 0; |
537 | | |
538 | 0 | if (tag_number >= 0) { |
539 | 0 | ASN1error(ASN1_R_ILLEGAL_TAGGED_ANY); |
540 | 0 | return 0; |
541 | 0 | } |
542 | 0 | if (optional) { |
543 | 0 | ASN1error(ASN1_R_ILLEGAL_OPTIONAL_ANY); |
544 | 0 | return 0; |
545 | 0 | } |
546 | | |
547 | | /* Determine type from ASN.1 tag. */ |
548 | 0 | if (asn1_check_tag(&cbs_object, &length, &object_type, &object_class, |
549 | 0 | &indefinite, &constructed, -1, 0, 0) != 1) { |
550 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
551 | 0 | return 0; |
552 | 0 | } |
553 | 0 | if (object_class != V_ASN1_UNIVERSAL) |
554 | 0 | object_type = V_ASN1_OTHER; |
555 | |
|
556 | 0 | return asn1_d2i_primitive_content(pval, cbs, &cbs_object, object_type, |
557 | 0 | constructed, indefinite, length, it); |
558 | 0 | } |
559 | | |
560 | | static int |
561 | | asn1_d2i_mstring(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
562 | | int tag_number, int tag_class, int optional) |
563 | 0 | { |
564 | 0 | int constructed, indefinite; |
565 | 0 | uint8_t object_class; |
566 | 0 | int object_tag; |
567 | 0 | CBS cbs_object; |
568 | 0 | size_t length; |
569 | |
|
570 | 0 | CBS_init(&cbs_object, CBS_data(cbs), CBS_len(cbs)); |
571 | | |
572 | | /* |
573 | | * It never makes sense for multi-strings to have implicit tagging, so |
574 | | * if tag_number != -1, then this looks like an error in the template. |
575 | | */ |
576 | 0 | if (tag_number != -1) { |
577 | 0 | ASN1error(ASN1_R_BAD_TEMPLATE); |
578 | 0 | return 0; |
579 | 0 | } |
580 | | |
581 | 0 | if (asn1_check_tag(&cbs_object, &length, &object_tag, &object_class, |
582 | 0 | &indefinite, &constructed, -1, 0, 1) != 1) { |
583 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
584 | 0 | return 0; |
585 | 0 | } |
586 | | |
587 | | /* Class must be UNIVERSAL. */ |
588 | 0 | if (object_class != V_ASN1_UNIVERSAL) { |
589 | 0 | if (optional) |
590 | 0 | return -1; |
591 | 0 | ASN1error(ASN1_R_MSTRING_NOT_UNIVERSAL); |
592 | 0 | return 0; |
593 | 0 | } |
594 | | /* Check tag matches bit map. */ |
595 | 0 | if ((ASN1_tag2bit(object_tag) & it->utype) == 0) { |
596 | 0 | if (optional) |
597 | 0 | return -1; |
598 | 0 | ASN1error(ASN1_R_MSTRING_WRONG_TAG); |
599 | 0 | return 0; |
600 | 0 | } |
601 | | |
602 | 0 | return asn1_d2i_primitive_content(pval, cbs, &cbs_object, |
603 | 0 | object_tag, constructed, indefinite, length, it); |
604 | 0 | } |
605 | | |
606 | | static int |
607 | | asn1_d2i_primitive(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
608 | | int tag_number, int tag_class, int optional) |
609 | 0 | { |
610 | 0 | CBS cbs_object; |
611 | 0 | int constructed, indefinite; |
612 | 0 | int utype = it->utype; |
613 | 0 | size_t length; |
614 | 0 | int ret; |
615 | |
|
616 | 0 | CBS_init(&cbs_object, CBS_data(cbs), CBS_len(cbs)); |
617 | |
|
618 | 0 | if (it->itype == ASN1_ITYPE_MSTRING) |
619 | 0 | return 0; |
620 | | |
621 | 0 | if (it->utype == V_ASN1_ANY) |
622 | 0 | return asn1_d2i_any(pval, cbs, it, tag_number, tag_class, optional); |
623 | | |
624 | 0 | if (tag_number == -1) { |
625 | 0 | tag_number = it->utype; |
626 | 0 | tag_class = V_ASN1_UNIVERSAL; |
627 | 0 | } |
628 | |
|
629 | 0 | ret = asn1_check_tag(&cbs_object, &length, NULL, NULL, &indefinite, |
630 | 0 | &constructed, tag_number, tag_class, optional); |
631 | 0 | if (ret == -1) |
632 | 0 | return -1; |
633 | 0 | if (ret != 1) { |
634 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
635 | 0 | return 0; |
636 | 0 | } |
637 | | |
638 | 0 | return asn1_d2i_primitive_content(pval, cbs, &cbs_object, utype, |
639 | 0 | constructed, indefinite, length, it); |
640 | 0 | } |
641 | | |
642 | | static int |
643 | | asn1_item_d2i_choice(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
644 | | int tag_number, int tag_class, int optional, int depth) |
645 | 0 | { |
646 | 0 | const ASN1_TEMPLATE *at, *errat = NULL; |
647 | 0 | const ASN1_AUX *aux; |
648 | 0 | ASN1_aux_cb *asn1_cb = NULL; |
649 | 0 | ASN1_VALUE *achoice = NULL; |
650 | 0 | ASN1_VALUE **pchptr; |
651 | 0 | int i, ret; |
652 | |
|
653 | 0 | if ((aux = it->funcs) != NULL) |
654 | 0 | asn1_cb = aux->asn1_cb; |
655 | |
|
656 | 0 | if (it->itype != ASN1_ITYPE_CHOICE) |
657 | 0 | goto err; |
658 | | |
659 | | /* |
660 | | * It never makes sense for CHOICE types to have implicit tagging, so |
661 | | * if tag_number != -1, then this looks like an error in the template. |
662 | | */ |
663 | 0 | if (tag_number != -1) { |
664 | 0 | ASN1error(ASN1_R_BAD_TEMPLATE); |
665 | 0 | goto err; |
666 | 0 | } |
667 | | |
668 | 0 | if (*pval != NULL) { |
669 | 0 | ASN1_item_ex_free(pval, it); |
670 | 0 | *pval = NULL; |
671 | 0 | } |
672 | |
|
673 | 0 | if (!ASN1_item_ex_new(&achoice, it)) { |
674 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
675 | 0 | goto err; |
676 | 0 | } |
677 | | |
678 | 0 | if (asn1_cb != NULL && !asn1_cb(ASN1_OP_D2I_PRE, &achoice, it, NULL)) { |
679 | 0 | ASN1error(ASN1_R_AUX_ERROR); |
680 | 0 | goto err; |
681 | 0 | } |
682 | | |
683 | | /* Try each possible CHOICE in turn. */ |
684 | 0 | for (i = 0; i < it->tcount; i++) { |
685 | 0 | at = &it->templates[i]; |
686 | |
|
687 | 0 | pchptr = asn1_get_field_ptr(&achoice, at); |
688 | | |
689 | | /* Mark field as OPTIONAL so its absence can be identified. */ |
690 | 0 | ret = asn1_template_d2i(pchptr, cbs, at, 1, depth); |
691 | 0 | if (ret == -1) |
692 | 0 | continue; |
693 | 0 | if (ret != 1) { |
694 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
695 | 0 | errat = at; |
696 | 0 | goto err; |
697 | 0 | } |
698 | | |
699 | | /* We've successfully decoded an ASN.1 object. */ |
700 | 0 | asn1_set_choice_selector(&achoice, i, it); |
701 | 0 | break; |
702 | 0 | } |
703 | | |
704 | | /* Did we fall off the end without reading anything? */ |
705 | 0 | if (i == it->tcount) { |
706 | 0 | if (optional) { |
707 | 0 | ASN1_item_ex_free(&achoice, it); |
708 | 0 | return -1; |
709 | 0 | } |
710 | 0 | ASN1error(ASN1_R_NO_MATCHING_CHOICE_TYPE); |
711 | 0 | goto err; |
712 | 0 | } |
713 | | |
714 | 0 | if (asn1_cb != NULL && !asn1_cb(ASN1_OP_D2I_POST, &achoice, it, NULL)) { |
715 | 0 | ASN1error(ASN1_R_AUX_ERROR); |
716 | 0 | goto err; |
717 | 0 | } |
718 | | |
719 | 0 | *pval = achoice; |
720 | 0 | achoice = NULL; |
721 | |
|
722 | 0 | return 1; |
723 | | |
724 | 0 | err: |
725 | 0 | ASN1_item_ex_free(&achoice, it); |
726 | |
|
727 | 0 | if (errat != NULL) |
728 | 0 | ERR_asprintf_error_data("Field=%s, Type=%s", errat->field_name, |
729 | 0 | it->sname); |
730 | 0 | else |
731 | 0 | ERR_asprintf_error_data("Type=%s", it->sname); |
732 | |
|
733 | 0 | return 0; |
734 | 0 | } |
735 | | |
736 | | static int |
737 | | asn1_item_d2i_sequence(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
738 | | int tag_number, int tag_class, int optional, int depth) |
739 | 0 | { |
740 | 0 | CBS cbs_seq, cbs_seq_content, cbs_object; |
741 | 0 | int constructed, indefinite, optional_field; |
742 | 0 | const ASN1_TEMPLATE *errat = NULL; |
743 | 0 | const ASN1_TEMPLATE *seqat, *at; |
744 | 0 | ASN1_aux_cb *asn1_cb = NULL; |
745 | 0 | const ASN1_AUX *aux; |
746 | 0 | ASN1_VALUE *aseq = NULL; |
747 | 0 | ASN1_VALUE **pseqval; |
748 | 0 | int eoc_needed, i; |
749 | 0 | size_t length; |
750 | 0 | int ret = 0; |
751 | |
|
752 | 0 | CBS_init(&cbs_seq, CBS_data(cbs), CBS_len(cbs)); |
753 | |
|
754 | 0 | if ((aux = it->funcs) != NULL) |
755 | 0 | asn1_cb = aux->asn1_cb; |
756 | |
|
757 | 0 | if (it->itype != ASN1_ITYPE_NDEF_SEQUENCE && |
758 | 0 | it->itype != ASN1_ITYPE_SEQUENCE) |
759 | 0 | goto err; |
760 | | |
761 | 0 | if (*pval != NULL) { |
762 | 0 | ASN1_item_ex_free(pval, it); |
763 | 0 | *pval = NULL; |
764 | 0 | } |
765 | | |
766 | | /* If no IMPLICIT tagging use UNIVERSAL/SEQUENCE. */ |
767 | 0 | if (tag_number == -1) { |
768 | 0 | tag_class = V_ASN1_UNIVERSAL; |
769 | 0 | tag_number = V_ASN1_SEQUENCE; |
770 | 0 | } |
771 | | |
772 | | /* Read ASN.1 SEQUENCE header. */ |
773 | 0 | ret = asn1_check_tag(&cbs_seq, &length, NULL, NULL, &indefinite, |
774 | 0 | &constructed, tag_number, tag_class, optional); |
775 | 0 | if (ret == -1) |
776 | 0 | return -1; |
777 | 0 | if (ret != 1) { |
778 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
779 | 0 | goto err; |
780 | 0 | } |
781 | | |
782 | 0 | if (!constructed) { |
783 | 0 | ASN1error(ASN1_R_SEQUENCE_NOT_CONSTRUCTED); |
784 | 0 | goto err; |
785 | 0 | } |
786 | | |
787 | 0 | if (indefinite) { |
788 | 0 | eoc_needed = 1; |
789 | 0 | CBS_init(&cbs_seq_content, CBS_data(&cbs_seq), CBS_len(&cbs_seq)); |
790 | 0 | } else { |
791 | 0 | eoc_needed = 0; |
792 | 0 | if (!CBS_get_bytes(&cbs_seq, &cbs_seq_content, length)) |
793 | 0 | goto err; |
794 | 0 | } |
795 | | |
796 | 0 | if (!ASN1_item_ex_new(&aseq, it)) { |
797 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
798 | 0 | goto err; |
799 | 0 | } |
800 | | |
801 | 0 | if (asn1_cb != NULL && !asn1_cb(ASN1_OP_D2I_PRE, &aseq, it, NULL)) { |
802 | 0 | ASN1error(ASN1_R_AUX_ERROR); |
803 | 0 | goto err; |
804 | 0 | } |
805 | | |
806 | 0 | for (i = 0; i < it->tcount; i++) { |
807 | 0 | at = &it->templates[i]; |
808 | |
|
809 | 0 | if (asn1_check_eoc(&cbs_seq_content)) { |
810 | 0 | if (!indefinite) { |
811 | 0 | ASN1error(ASN1_R_UNEXPECTED_EOC); |
812 | 0 | goto err; |
813 | 0 | } |
814 | 0 | eoc_needed = 0; |
815 | 0 | break; |
816 | 0 | } |
817 | 0 | if (CBS_len(&cbs_seq_content) == 0) |
818 | 0 | break; |
819 | | |
820 | 0 | if ((seqat = asn1_do_adb(&aseq, at, 1)) == NULL) |
821 | 0 | goto err; |
822 | | |
823 | 0 | pseqval = asn1_get_field_ptr(&aseq, seqat); |
824 | | |
825 | | /* |
826 | | * This was originally implemented to "increase efficiency", |
827 | | * however it currently needs to remain since it papers over |
828 | | * the use of ASN.1 ANY with OPTIONAL in SEQUENCEs (which |
829 | | * asn1_d2i_primitive() currently rejects). |
830 | | */ |
831 | 0 | optional_field = (seqat->flags & ASN1_TFLG_OPTIONAL) != 0; |
832 | 0 | if (i == it->tcount - 1) |
833 | 0 | optional_field = 0; |
834 | |
|
835 | 0 | ret = asn1_template_d2i(pseqval, &cbs_seq_content, |
836 | 0 | seqat, optional_field, depth); |
837 | 0 | if (ret == -1) { |
838 | | /* Absent OPTIONAL component. */ |
839 | 0 | ASN1_template_free(pseqval, seqat); |
840 | 0 | continue; |
841 | 0 | } |
842 | 0 | if (ret != 1) { |
843 | 0 | errat = seqat; |
844 | 0 | goto err; |
845 | 0 | } |
846 | 0 | } |
847 | | |
848 | 0 | if (eoc_needed && !asn1_check_eoc(&cbs_seq_content)) { |
849 | 0 | ASN1error(ASN1_R_MISSING_EOC); |
850 | 0 | goto err; |
851 | 0 | } |
852 | | |
853 | 0 | if (indefinite) { |
854 | 0 | if (!CBS_skip(&cbs_seq, CBS_offset(&cbs_seq_content))) |
855 | 0 | goto err; |
856 | 0 | } else if (CBS_len(&cbs_seq_content) != 0) { |
857 | 0 | ASN1error(ASN1_R_SEQUENCE_LENGTH_MISMATCH); |
858 | 0 | goto err; |
859 | 0 | } |
860 | | |
861 | | /* |
862 | | * There is no more data in the ASN.1 SEQUENCE, however we may not have |
863 | | * populated all fields - check that any remaining are OPTIONAL. |
864 | | */ |
865 | 0 | for (; i < it->tcount; i++) { |
866 | 0 | at = &it->templates[i]; |
867 | |
|
868 | 0 | if ((seqat = asn1_do_adb(&aseq, at, 1)) == NULL) |
869 | 0 | goto err; |
870 | | |
871 | 0 | if ((seqat->flags & ASN1_TFLG_OPTIONAL) == 0) { |
872 | 0 | ASN1error(ASN1_R_FIELD_MISSING); |
873 | 0 | errat = seqat; |
874 | 0 | goto err; |
875 | 0 | } |
876 | | |
877 | | /* XXX - this is probably unnecessary with earlier free. */ |
878 | 0 | pseqval = asn1_get_field_ptr(&aseq, seqat); |
879 | 0 | ASN1_template_free(pseqval, seqat); |
880 | 0 | } |
881 | | |
882 | 0 | if (!CBS_get_bytes(cbs, &cbs_object, CBS_offset(&cbs_seq))) |
883 | 0 | goto err; |
884 | | |
885 | 0 | if (!asn1_enc_save(&aseq, &cbs_object, it)) { |
886 | 0 | ASN1error(ERR_R_MALLOC_FAILURE); |
887 | 0 | goto err; |
888 | 0 | } |
889 | | |
890 | 0 | if (asn1_cb != NULL && !asn1_cb(ASN1_OP_D2I_POST, &aseq, it, NULL)) { |
891 | 0 | ASN1error(ASN1_R_AUX_ERROR); |
892 | 0 | goto err; |
893 | 0 | } |
894 | | |
895 | 0 | *pval = aseq; |
896 | 0 | aseq = NULL; |
897 | |
|
898 | 0 | return 1; |
899 | | |
900 | 0 | err: |
901 | 0 | ASN1_item_ex_free(&aseq, it); |
902 | |
|
903 | 0 | if (errat != NULL) |
904 | 0 | ERR_asprintf_error_data("Field=%s, Type=%s", errat->field_name, |
905 | 0 | it->sname); |
906 | 0 | else |
907 | 0 | ERR_asprintf_error_data("Type=%s", it->sname); |
908 | |
|
909 | 0 | return 0; |
910 | 0 | } |
911 | | |
912 | | static int |
913 | | asn1_item_d2i_extern(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
914 | | int tag_number, int tag_class, int optional) |
915 | 0 | { |
916 | 0 | const ASN1_EXTERN_FUNCS *ef = it->funcs; |
917 | 0 | const unsigned char *p = NULL; |
918 | 0 | ASN1_TLC ctx = { 0 }; |
919 | 0 | int ret = 0; |
920 | |
|
921 | 0 | if (CBS_len(cbs) > LONG_MAX) |
922 | 0 | return 0; |
923 | | |
924 | 0 | p = CBS_data(cbs); |
925 | |
|
926 | 0 | if ((ret = ef->asn1_ex_d2i(pval, &p, (long)CBS_len(cbs), it, |
927 | 0 | tag_number, tag_class, optional, &ctx)) == 1) { |
928 | 0 | if (!CBS_skip(cbs, p - CBS_data(cbs))) |
929 | 0 | goto err; |
930 | 0 | } |
931 | 0 | return ret; |
932 | | |
933 | 0 | err: |
934 | 0 | ASN1_item_ex_free(pval, it); |
935 | |
|
936 | 0 | ERR_asprintf_error_data("Type=%s", it->sname); |
937 | |
|
938 | 0 | return 0; |
939 | 0 | } |
940 | | |
941 | | static int |
942 | | asn1_item_d2i(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
943 | | int tag_number, int tag_class, int optional, int depth) |
944 | 0 | { |
945 | 0 | if (pval == NULL) |
946 | 0 | return 0; |
947 | | |
948 | 0 | if (++depth > ASN1_MAX_CONSTRUCTED_NEST) { |
949 | 0 | ASN1error(ASN1_R_NESTED_TOO_DEEP); |
950 | 0 | goto err; |
951 | 0 | } |
952 | | |
953 | 0 | switch (it->itype) { |
954 | 0 | case ASN1_ITYPE_PRIMITIVE: |
955 | 0 | if (it->templates != NULL) { |
956 | | /* |
957 | | * Tagging or OPTIONAL is currently illegal on an item |
958 | | * template because the flags can't get passed down. |
959 | | * In practice this isn't a problem: we include the |
960 | | * relevant flags from the item template in the |
961 | | * template itself. |
962 | | */ |
963 | 0 | if (tag_number != -1 || optional) { |
964 | 0 | ASN1error(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); |
965 | 0 | goto err; |
966 | 0 | } |
967 | 0 | return asn1_template_d2i(pval, cbs, it->templates, |
968 | 0 | optional, depth); |
969 | 0 | } |
970 | 0 | return asn1_d2i_primitive(pval, cbs, it, tag_number, tag_class, |
971 | 0 | optional); |
972 | | |
973 | 0 | case ASN1_ITYPE_MSTRING: |
974 | 0 | return asn1_d2i_mstring(pval, cbs, it, tag_number, tag_class, |
975 | 0 | optional); |
976 | | |
977 | 0 | case ASN1_ITYPE_EXTERN: |
978 | 0 | return asn1_item_d2i_extern(pval, cbs, it, tag_number, |
979 | 0 | tag_class, optional); |
980 | | |
981 | 0 | case ASN1_ITYPE_CHOICE: |
982 | 0 | return asn1_item_d2i_choice(pval, cbs, it, tag_number, |
983 | 0 | tag_class, optional, depth); |
984 | | |
985 | 0 | case ASN1_ITYPE_NDEF_SEQUENCE: |
986 | 0 | case ASN1_ITYPE_SEQUENCE: |
987 | 0 | return asn1_item_d2i_sequence(pval, cbs, it, tag_number, |
988 | 0 | tag_class, optional, depth); |
989 | | |
990 | 0 | default: |
991 | 0 | return 0; |
992 | 0 | } |
993 | | |
994 | 0 | err: |
995 | 0 | ASN1_item_ex_free(pval, it); |
996 | |
|
997 | 0 | ERR_asprintf_error_data("Type=%s", it->sname); |
998 | |
|
999 | 0 | return 0; |
1000 | 0 | } |
1001 | | |
1002 | | static void |
1003 | 0 | asn1_template_stack_of_free(STACK_OF(ASN1_VALUE) *avals, const ASN1_TEMPLATE *at) { |
1004 | 0 | ASN1_VALUE *aval; |
1005 | |
|
1006 | 0 | if (avals == NULL) |
1007 | 0 | return; |
1008 | | |
1009 | 0 | while (sk_ASN1_VALUE_num(avals) > 0) { |
1010 | 0 | aval = sk_ASN1_VALUE_pop(avals); |
1011 | 0 | ASN1_item_ex_free(&aval, at->item); |
1012 | 0 | } |
1013 | 0 | sk_ASN1_VALUE_free(avals); |
1014 | 0 | } |
1015 | | |
1016 | | static int |
1017 | | asn1_template_stack_of_d2i(ASN1_VALUE **pval, CBS *cbs, const ASN1_TEMPLATE *at, |
1018 | | int optional, int depth) |
1019 | 0 | { |
1020 | 0 | CBS cbs_object, cbs_object_content; |
1021 | 0 | STACK_OF(ASN1_VALUE) *avals = NULL; |
1022 | 0 | ASN1_VALUE *aval = NULL; |
1023 | 0 | int tag_number, tag_class; |
1024 | 0 | int eoc_needed; |
1025 | 0 | int indefinite; |
1026 | 0 | size_t length; |
1027 | 0 | int ret; |
1028 | |
|
1029 | 0 | CBS_init(&cbs_object, CBS_data(cbs), CBS_len(cbs)); |
1030 | |
|
1031 | 0 | if (pval == NULL) |
1032 | 0 | return 0; |
1033 | | |
1034 | 0 | asn1_template_stack_of_free((STACK_OF(ASN1_VALUE) *)*pval, at); |
1035 | 0 | *pval = NULL; |
1036 | |
|
1037 | 0 | tag_number = at->tag; |
1038 | 0 | tag_class = at->flags & ASN1_TFLG_TAG_CLASS; |
1039 | | |
1040 | | /* Determine the inner tag value for SET OF or SEQUENCE OF. */ |
1041 | 0 | if ((at->flags & ASN1_TFLG_IMPTAG) == 0) { |
1042 | 0 | tag_number = V_ASN1_SEQUENCE; |
1043 | 0 | tag_class = V_ASN1_UNIVERSAL; |
1044 | 0 | if ((at->flags & ASN1_TFLG_SET_OF) != 0) |
1045 | 0 | tag_number = V_ASN1_SET; |
1046 | 0 | } |
1047 | |
|
1048 | 0 | ret = asn1_check_tag(&cbs_object, &length, NULL, NULL, &indefinite, |
1049 | 0 | NULL, tag_number, tag_class, optional); |
1050 | 0 | if (ret == -1) |
1051 | 0 | return -1; |
1052 | 0 | if (ret != 1) { |
1053 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
1054 | 0 | return 0; |
1055 | 0 | } |
1056 | | |
1057 | 0 | if (indefinite) { |
1058 | 0 | eoc_needed = 1; |
1059 | 0 | CBS_init(&cbs_object_content, CBS_data(&cbs_object), |
1060 | 0 | CBS_len(&cbs_object)); |
1061 | 0 | } else { |
1062 | 0 | eoc_needed = 0; |
1063 | 0 | if (!CBS_get_bytes(&cbs_object, &cbs_object_content, |
1064 | 0 | length)) |
1065 | 0 | goto err; |
1066 | 0 | } |
1067 | | |
1068 | 0 | if ((avals = sk_ASN1_VALUE_new_null()) == NULL) { |
1069 | 0 | ASN1error(ERR_R_MALLOC_FAILURE); |
1070 | 0 | goto err; |
1071 | 0 | } |
1072 | | |
1073 | | /* Read as many items as possible. */ |
1074 | 0 | while (CBS_len(&cbs_object_content) > 0) { |
1075 | 0 | if (asn1_check_eoc(&cbs_object_content)) { |
1076 | 0 | if (!eoc_needed) { |
1077 | 0 | ASN1error(ASN1_R_UNEXPECTED_EOC); |
1078 | 0 | goto err; |
1079 | 0 | } |
1080 | 0 | eoc_needed = 0; |
1081 | 0 | break; |
1082 | 0 | } |
1083 | 0 | if (!asn1_item_d2i(&aval, &cbs_object_content, at->item, |
1084 | 0 | -1, 0, 0, depth)) { |
1085 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
1086 | 0 | goto err; |
1087 | 0 | } |
1088 | 0 | if (!sk_ASN1_VALUE_push(avals, aval)) { |
1089 | 0 | ASN1error(ERR_R_MALLOC_FAILURE); |
1090 | 0 | goto err; |
1091 | 0 | } |
1092 | 0 | aval = NULL; |
1093 | 0 | } |
1094 | 0 | if (eoc_needed) { |
1095 | 0 | ASN1error(ASN1_R_MISSING_EOC); |
1096 | 0 | goto err; |
1097 | 0 | } |
1098 | | |
1099 | 0 | if (indefinite) { |
1100 | 0 | if (!CBS_skip(&cbs_object, CBS_offset(&cbs_object_content))) |
1101 | 0 | goto err; |
1102 | 0 | } |
1103 | | |
1104 | 0 | if (!CBS_skip(cbs, CBS_offset(&cbs_object))) |
1105 | 0 | goto err; |
1106 | | |
1107 | 0 | *pval = (ASN1_VALUE *)avals; |
1108 | 0 | avals = NULL; |
1109 | |
|
1110 | 0 | return 1; |
1111 | | |
1112 | 0 | err: |
1113 | 0 | asn1_template_stack_of_free(avals, at); |
1114 | 0 | ASN1_item_ex_free(&aval, at->item); |
1115 | |
|
1116 | 0 | return 0; |
1117 | 0 | } |
1118 | | |
1119 | | static int |
1120 | | asn1_template_noexp_d2i(ASN1_VALUE **pval, CBS *cbs, const ASN1_TEMPLATE *at, |
1121 | | int optional, int depth) |
1122 | 0 | { |
1123 | 0 | int tag_number, tag_class; |
1124 | 0 | int ret; |
1125 | |
|
1126 | 0 | if (pval == NULL) |
1127 | 0 | return 0; |
1128 | | |
1129 | 0 | if ((at->flags & ASN1_TFLG_SK_MASK) != 0) |
1130 | 0 | return asn1_template_stack_of_d2i(pval, cbs, at, optional, depth); |
1131 | | |
1132 | 0 | tag_number = -1; |
1133 | 0 | tag_class = V_ASN1_UNIVERSAL; |
1134 | | |
1135 | | /* See if we need to use IMPLICIT tagging. */ |
1136 | 0 | if ((at->flags & ASN1_TFLG_IMPTAG) != 0) { |
1137 | 0 | tag_number = at->tag; |
1138 | 0 | tag_class = at->flags & ASN1_TFLG_TAG_CLASS; |
1139 | 0 | } |
1140 | |
|
1141 | 0 | ret = asn1_item_d2i(pval, cbs, at->item, tag_number, tag_class, |
1142 | 0 | optional, depth); |
1143 | 0 | if (ret == -1) |
1144 | 0 | return -1; |
1145 | 0 | if (ret != 1) { |
1146 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
1147 | 0 | goto err; |
1148 | 0 | } |
1149 | | |
1150 | 0 | return 1; |
1151 | | |
1152 | 0 | err: |
1153 | | /* XXX - The called function should have freed already. */ |
1154 | 0 | ASN1_template_free(pval, at); |
1155 | 0 | return 0; |
1156 | 0 | } |
1157 | | |
1158 | | static int |
1159 | | asn1_template_d2i(ASN1_VALUE **pval, CBS *cbs, const ASN1_TEMPLATE *at, |
1160 | | int optional, int depth) |
1161 | 0 | { |
1162 | 0 | CBS cbs_exp, cbs_exp_content; |
1163 | 0 | int constructed, indefinite; |
1164 | 0 | size_t length; |
1165 | 0 | int ret; |
1166 | |
|
1167 | 0 | if (pval == NULL) |
1168 | 0 | return 0; |
1169 | | |
1170 | | /* Check if EXPLICIT tag is expected. */ |
1171 | 0 | if ((at->flags & ASN1_TFLG_EXPTAG) == 0) |
1172 | 0 | return asn1_template_noexp_d2i(pval, cbs, at, optional, depth); |
1173 | | |
1174 | 0 | CBS_init(&cbs_exp, CBS_data(cbs), CBS_len(cbs)); |
1175 | | |
1176 | | /* Read ASN.1 header for EXPLICIT tagged object. */ |
1177 | 0 | ret = asn1_check_tag(&cbs_exp, &length, NULL, NULL, &indefinite, |
1178 | 0 | &constructed, at->tag, at->flags & ASN1_TFLG_TAG_CLASS, optional); |
1179 | 0 | if (ret == -1) |
1180 | 0 | return -1; |
1181 | 0 | if (ret != 1) { |
1182 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
1183 | 0 | return 0; |
1184 | 0 | } |
1185 | | |
1186 | 0 | if (!constructed) { |
1187 | 0 | ASN1error(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); |
1188 | 0 | return 0; |
1189 | 0 | } |
1190 | | |
1191 | 0 | if (indefinite) { |
1192 | 0 | CBS_init(&cbs_exp_content, CBS_data(&cbs_exp), CBS_len(&cbs_exp)); |
1193 | 0 | } else { |
1194 | 0 | if (!CBS_get_bytes(&cbs_exp, &cbs_exp_content, length)) |
1195 | 0 | goto err; |
1196 | 0 | } |
1197 | | |
1198 | 0 | if ((ret = asn1_template_noexp_d2i(pval, &cbs_exp_content, at, 0, |
1199 | 0 | depth)) != 1) { |
1200 | 0 | ASN1error(ERR_R_NESTED_ASN1_ERROR); |
1201 | 0 | return 0; |
1202 | 0 | } |
1203 | | |
1204 | 0 | if (indefinite) { |
1205 | 0 | if (!asn1_check_eoc(&cbs_exp_content)) { |
1206 | 0 | ASN1error(ASN1_R_MISSING_EOC); |
1207 | 0 | goto err; |
1208 | 0 | } |
1209 | 0 | if (!CBS_skip(&cbs_exp, CBS_offset(&cbs_exp_content))) |
1210 | 0 | goto err; |
1211 | 0 | } else if (CBS_len(&cbs_exp_content) != 0) { |
1212 | 0 | ASN1error(ASN1_R_SEQUENCE_LENGTH_MISMATCH); |
1213 | 0 | goto err; |
1214 | 0 | } |
1215 | | |
1216 | 0 | if (!CBS_skip(cbs, CBS_offset(&cbs_exp))) |
1217 | 0 | goto err; |
1218 | | |
1219 | 0 | return 1; |
1220 | | |
1221 | 0 | err: |
1222 | 0 | ASN1_template_free(pval, at); |
1223 | 0 | return 0; |
1224 | 0 | } |
1225 | | |
1226 | | ASN1_VALUE * |
1227 | | ASN1_item_d2i(ASN1_VALUE **pval, const unsigned char **in, long inlen, |
1228 | | const ASN1_ITEM *it) |
1229 | 0 | { |
1230 | 0 | ASN1_VALUE *ptmpval = NULL; |
1231 | |
|
1232 | 0 | if (pval == NULL) |
1233 | 0 | pval = &ptmpval; |
1234 | 0 | if (ASN1_item_ex_d2i(pval, in, inlen, it, -1, 0, 0, NULL) <= 0) |
1235 | 0 | return NULL; |
1236 | | |
1237 | 0 | return *pval; |
1238 | 0 | } |
1239 | | |
1240 | | int |
1241 | | ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long inlen, |
1242 | | const ASN1_ITEM *it, int tag_number, int tag_class, char optional, |
1243 | | ASN1_TLC *ctx) |
1244 | 0 | { |
1245 | 0 | CBS cbs; |
1246 | 0 | int ret; |
1247 | |
|
1248 | 0 | if (inlen < 0) |
1249 | 0 | return 0; |
1250 | | |
1251 | 0 | CBS_init(&cbs, *in, inlen); |
1252 | 0 | if ((ret = asn1_item_d2i(pval, &cbs, it, tag_number, tag_class, |
1253 | 0 | (int)optional, 0)) == 1) |
1254 | 0 | *in = CBS_data(&cbs); |
1255 | |
|
1256 | 0 | return ret; |
1257 | 0 | } |
1258 | | |
1259 | | int |
1260 | | ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, |
1261 | | const ASN1_TEMPLATE *at) |
1262 | 0 | { |
1263 | 0 | CBS cbs; |
1264 | 0 | int ret; |
1265 | |
|
1266 | 0 | if (len < 0) |
1267 | 0 | return 0; |
1268 | | |
1269 | 0 | CBS_init(&cbs, *in, len); |
1270 | 0 | if ((ret = asn1_template_d2i(pval, &cbs, at, 0, 0)) == 1) |
1271 | 0 | *in = CBS_data(&cbs); |
1272 | |
|
1273 | 0 | return ret; |
1274 | 0 | } |