// Copyright (c) 2023 Intel Corporation

//

// SPDX-License-Identifier: Apache-2.0 or MIT

use crate::error::{SpdmResult, SPDM_STATUS_VERIF_FAIL};

use crate::protocol::SpdmBaseAsymAlgo;

// Key Usage: Digital Signature Bit;

const RFC_5280_KEY_USAGE_DIGITAL_SIGNATURE_BIT: u8 = 0x80;

// reference: https://www.itu.int/rec/T-REC-X.690/en

// TAG

const ASN1_TAG_CLASS_UNIVERSAL_MASK: u8 = 0x0;

const ASN1_TAG_CLASS_CONTEXT_SPECIFIC_MASK: u8 = 0x80;

const ASN1_FORM_CONSTRUCTED_MASK: u8 = 0x20;

const ASN1_TAG_BOOLEAN: u8 = 0x1;

const ASN1_TAG_NUMBER_INTEGER: u8 = 0x2;

const ASN1_TAG_BIT_STRING: u8 = 0x3;

const ASN1_TAG_OCTET_STRING: u8 = 0x4;

const ASN1_TAG_NUMBER_OBJECT_IDENTIFIER: u8 = 0x6;

const ASN1_TAG_NUMBER_SEQUENCE: u8 = 0x10;

const ASN1_TAG_SEQUENCE: u8 =

    ASN1_TAG_CLASS_UNIVERSAL_MASK | ASN1_FORM_CONSTRUCTED_MASK | ASN1_TAG_NUMBER_SEQUENCE;

const ASN1_TAG_EXPLICIT_EXTENSION: u8 = 0xA3;

const ASN1_TAG_EXTN_VALUE: u8 = 0x04;

const ASN1_LENGTH_MULTI_OCTET_MASK: u8 = 0x80;

const ASN1_LENGTH_ONE_OCTET: u8 = 0x81;

const ASN1_LENGTH_TWO_OCTET: u8 = 0x82;

const X509V3_VERSION: u8 = 2;

const OID_RSA_SHA256RSA: &[u8] = &[0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0bu8];

const OID_RSA_SHA384RSA: &[u8] = &[0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0cu8];

const OID_RSA_SHA512RSA: &[u8] = &[0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0du8];

const OID_ECDSA_SHA256: &[u8] = &[0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02u8];

const OID_ECDSA_SHA384: &[u8] = &[0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x03u8];

const OID_DMTF_SPDM_DEVICE_INFO: &[u8] =

    &[0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12, 0x01];

const OID_DMTF_SPDM_HARDWARE_IDENTITY: &[u8] =

    &[0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12, 0x02];

const OID_DMTF_SPDM_EKU_RESPONDER_AUTH: &[u8] =

    &[0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12, 0x03];

const OID_DMTF_SPDM_EKU_REQUESTER_AUTH: &[u8] =

    &[0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12, 0x04];

const OID_DMTF_MUTABLE_CERTIFICATE: &[u8] =

    &[0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12, 0x05];

const OID_DMTF_SPDM_EXTENSION: &[u8] =

    &[0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12, 0x06];

const OID_KEY_USAGE: &[u8] = &[0x55, 0x1D, 0x0F];

const OID_SUBJECT_ALTERNATIVE_NAME: &[u8] = &[0x55, 0x1D, 0x11];

const OID_EXT_KEY_USAGE: &[u8] = &[0x55, 0x1D, 0x25];

// reference: https://www.rfc-editor.org/rfc/rfc5280.txt

// IN DER encoded certificate chain slice

// OUT Ok certificate count

// OUT Error Mulformed certificate found

// checked:

// 1. version should be x509v3.

// 2. the algorithm is match for leaf certificate

// 3. no more or less bytes found

pub fn check_cert_chain_format(

    cert_chain: &[u8],

    base_asym_algo: SpdmBaseAsymAlgo,

) -> SpdmResult<usize> {

    let mut cc_walker = 0usize;

    let mut cert_count = 0usize;

    let cert_chain_size = cert_chain.len();

    while cc_walker < cert_chain_size {

        cc_walker = cc_walker + check_cert_format(&cert_chain[cc_walker..], base_asym_algo)?;

        cert_count += 1;

    }

    if cc_walker == cert_chain_size {

        Ok(cert_count)

    } else {

        Err(SPDM_STATUS_VERIF_FAIL)

    }

}

// IN DER encoded certificate slice

// OUT Ok cert size

// OUT Error Mulformed certificate found

fn check_cert_format(cert: &[u8], base_asym_algo: SpdmBaseAsymAlgo) -> SpdmResult<usize> {

    let mut c_walker = 0usize;

    let len = cert.len();

    check_tag_is_sequence(cert)?;

    c_walker += 1;

    let (body_size, bytes_consumed) = check_length(&cert[c_walker..])?;

    c_walker += bytes_consumed;

    if len == c_walker + body_size {

        c_walker += check_tbs_certificate(&cert[c_walker..], base_asym_algo, true)?;

        c_walker += check_signature_algorithm(&cert[c_walker..], base_asym_algo, true)?;

    } else {

        c_walker += check_tbs_certificate(&cert[c_walker..], base_asym_algo, false)?;

        c_walker += check_signature_algorithm(&cert[c_walker..], base_asym_algo, false)?;

    }

    c_walker += check_signature_value(&cert[c_walker..], base_asym_algo)?;

    if c_walker == 1 + bytes_consumed + body_size {

        Ok(c_walker)

    } else {

        Err(SPDM_STATUS_VERIF_FAIL)

    }

}

fn check_tbs_certificate(

    data: &[u8],

    base_asym_algo: SpdmBaseAsymAlgo,

    is_leaf_cert: bool,

) -> SpdmResult<usize> {

    let mut t_walker = 0usize;

    let len = data.len();

    check_tag_is_sequence(data)?;

    t_walker += 1;

    let (tbs_length, bytes_consumed) = check_length(&data[t_walker..])?;

    t_walker += bytes_consumed;

    let length_before_tbs = t_walker;

    if len < t_walker + tbs_length {

        return Err(SPDM_STATUS_VERIF_FAIL);

    }

    // version         [0]  EXPLICIT Version DEFAULT v1,

    let bytes_consumed = check_version(&data[t_walker..])?;

    t_walker += bytes_consumed;

    // serialNumber         CertificateSerialNumber,

    let bytes_consumed = check_and_skip_common_tag(&data[t_walker..])?;

    t_walker += bytes_consumed;

    // signature            AlgorithmIdentifier,

    check_tag_is_sequence(&data[t_walker..])?;

    t_walker += 1;

    let (signature_id_length, bytes_consumed) = check_length(&data[t_walker..])?;

    t_walker += bytes_consumed;

    if is_leaf_cert {

        check_object_identifier(&data[t_walker..], get_oid_by_base_asym_algo(base_asym_algo))?;

    } else {

        check_object_identifier(&data[t_walker..], None)?;

    }

    t_walker += signature_id_length;

    // issuer               Name,

    let bytes_consumed = check_name(&data[t_walker..])?;

    t_walker += bytes_consumed;

    // validity             Validity,

    let bytes_consumed = check_validity(&data[t_walker..])?;

    t_walker += bytes_consumed;

    // subject              Name,

    let bytes_consumed = check_name(&data[t_walker..])?;

    t_walker += bytes_consumed;

    // subjectPublicKeyInfo SubjectPublicKeyInfo,

    let bytes_consumed = check_public_key_info(&data[t_walker..])?;

    t_walker += bytes_consumed;

    // issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,

    // subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,

    // extensions      [3]  EXPLICIT Extensions OPTIONAL

    // key_usage             EXTENSIONS,

    let (bytes_consumed, extension_data) = check_and_get_extensions(&data[t_walker..])?;

    let (find_key_usage, key_usage_value) = get_key_usage_value(extension_data)?;

    // The digitalSignature bit SHOULD asserted when subject public key is used for verifying digital signatures

    // in an entity authentication service, a data origin authentication service, and/or an integrity service.

    let check_extensions_success = !(find_key_usage

        && (RFC_5280_KEY_USAGE_DIGITAL_SIGNATURE_BIT & key_usage_value

            != RFC_5280_KEY_USAGE_DIGITAL_SIGNATURE_BIT));

    // when key usage digitalSignature bit unset, it SHOULD return false.

    //extensions            EXTENSIONS,

    let check_extn_spdm_success = check_extensions_spdm_oid(extension_data, is_leaf_cert)?;

    t_walker += bytes_consumed;

    if (t_walker == length_before_tbs + tbs_length)

        && check_extensions_success

        && check_extn_spdm_success

    {

        Ok(length_before_tbs + tbs_length)

    } else {

        Err(SPDM_STATUS_VERIF_FAIL)

    }

}

fn check_signature_algorithm(

    data: &[u8],

    base_asym_algo: SpdmBaseAsymAlgo,

    is_leaf_cert: bool,

) -> SpdmResult<usize> {

    let mut s_walker = 0usize;

    // signature            AlgorithmIdentifier,

    check_tag_is_sequence(&data[s_walker..])?;

    s_walker += 1;

    let (signature_id_length, bytes_consumed) = check_length(&data[s_walker..])?;

    s_walker += bytes_consumed;

    if is_leaf_cert {

        check_object_identifier(&data[s_walker..], get_oid_by_base_asym_algo(base_asym_algo))?;

    } else {

        check_object_identifier(&data[s_walker..], None)?;

    }

    Ok(s_walker + signature_id_length)

}

fn check_signature_value(data: &[u8], _base_asym_algo: SpdmBaseAsymAlgo) -> SpdmResult<usize> {

    check_and_skip_common_tag(data)

}

fn check_tag_is_sequence(data: &[u8]) -> SpdmResult {

    if data.is_empty() {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else if data[0] == ASN1_TAG_SEQUENCE {

        Ok(())

    } else {

        Err(SPDM_STATUS_VERIF_FAIL)

    }

}

fn check_tag_is_num_oid(data: &[u8]) -> SpdmResult {

    if data.is_empty() {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else if data[0] == ASN1_TAG_NUMBER_OBJECT_IDENTIFIER {

        Ok(())

    } else {

        Err(SPDM_STATUS_VERIF_FAIL)

    }

}

fn check_tag_is_bool(data: &[u8]) -> SpdmResult {

    if data.is_empty() {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else if data[0] == ASN1_TAG_BOOLEAN {

        Ok(())

    } else {

        Err(SPDM_STATUS_VERIF_FAIL)

    }

}

fn check_tag_is_octet_string(data: &[u8]) -> SpdmResult {

    if data.is_empty() {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else if data[0] == ASN1_TAG_OCTET_STRING {

        Ok(())

    } else {

        Err(SPDM_STATUS_VERIF_FAIL)

    }

}

// IN bytes slice

// OUT Ok (length, bytes consumed)

// OUT Error Mulformed certificate found

fn check_length(data: &[u8]) -> SpdmResult<(usize, usize)> {

    let len = data.len();

    if len < 1 {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else {

        let length_byte0 = data[0];

        let (length, byte_comsumed) = match length_byte0 {

            n if (n & ASN1_LENGTH_MULTI_OCTET_MASK) == 0 => (n as usize, 1),

            ASN1_LENGTH_ONE_OCTET => {

                if len < 2 {

                    return Err(SPDM_STATUS_VERIF_FAIL);

                } else {

                    let second_byte = data[1] as usize;

                    if second_byte < 0x80 {

                        return Err(SPDM_STATUS_VERIF_FAIL); // Not the canonical encoding.

                    } else {

                        (second_byte, 2)

                    }

                }

            }

            ASN1_LENGTH_TWO_OCTET => {

                if len < 3 {

                    return Err(SPDM_STATUS_VERIF_FAIL);

                } else {

                    let second_byte = data[1] as usize;

                    let third_byte = data[2] as usize;

                    let combined = (second_byte << 8) | third_byte;

                    if combined < 0x100 {

                        return Err(SPDM_STATUS_VERIF_FAIL); // Not the canonical encoding.

                    } else {

                        (combined, 3)

                    }

                }

            }

            _ => {

                return Err(SPDM_STATUS_VERIF_FAIL); // spdm-rs don't support longer lengths.

            }

        };

        if len < byte_comsumed + length {

            Err(SPDM_STATUS_VERIF_FAIL)

        } else {

            Ok((length, byte_comsumed))

        }

    }

}

fn check_version(data: &[u8]) -> SpdmResult<usize> {

    let len = data.len();

    if len < 5

        || data[0] != (ASN1_TAG_CLASS_CONTEXT_SPECIFIC_MASK | ASN1_FORM_CONSTRUCTED_MASK)

        || data[1] != 3

        || data[2] != ASN1_TAG_NUMBER_INTEGER

        || data[3] != 1

    {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else {

        let version = data[4];

        if version == X509V3_VERSION {

            Ok(5)

        } else {

            Err(SPDM_STATUS_VERIF_FAIL)

        }

    }

}

fn check_object_identifier(data: &[u8], oid: Option<&'static [u8]>) -> SpdmResult<usize> {

    let len = data.len();

    if len < 2 || data[0] != ASN1_TAG_NUMBER_OBJECT_IDENTIFIER {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else {

        let oid_length = data[1];

        if len < oid_length as usize + 2 || oid_length >= 0x80 {

            Err(SPDM_STATUS_VERIF_FAIL)

        } else if let Some(oid) = oid {

            if object_identifiers_are_same(&data[2..2 + oid_length as usize], oid) {

                Ok(oid_length as usize + 2)

            } else {

                Err(SPDM_STATUS_VERIF_FAIL)

            }

        } else {

            Ok(oid_length as usize + 2)

        }

    }

}

fn check_name(data: &[u8]) -> SpdmResult<usize> {

    check_and_skip_common_sequence(data)

}

fn check_validity(data: &[u8]) -> SpdmResult<usize> {

    check_and_skip_common_sequence(data)

}

fn check_public_key_info(data: &[u8]) -> SpdmResult<usize> {

    check_and_skip_common_sequence(data)

}

fn check_and_get_extensions(data: &[u8]) -> SpdmResult<(usize, &[u8])> {

    let len = data.len();

    if len < 1 || data[0] != ASN1_TAG_EXPLICIT_EXTENSION {

        Ok((len, &data[0..]))

    } else {

        let (payload_length, bytes_consumed) = check_length(&data[1..])?;

        if len < 1 + bytes_consumed + payload_length {

            Err(SPDM_STATUS_VERIF_FAIL)

        } else {

            Ok((

                1 + bytes_consumed + payload_length,

                &data[1 + bytes_consumed..1 + bytes_consumed + payload_length],

            ))

        }

    }

}

fn get_key_usage_value(data: &[u8]) -> SpdmResult<(bool, u8)> {

    let mut find_key_usage = false;

    let len = data.len();

    let key_usage_oid_len = OID_KEY_USAGE.len();

    if len < 1 || data[0] != ASN1_TAG_SEQUENCE {

        return Err(SPDM_STATUS_VERIF_FAIL);

    }

    let (data_length, bytes_consumed) = check_length(&data[1..])?;

    if len < 1 + data_length + bytes_consumed {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else {

        let mut index = 1 + bytes_consumed;

        // search KEY_Usage OID in Extensions Sequence

        while index < len {

            if index + 1 >= len {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            let (payload_length, bytes_consumed) = check_length(&data[index + 1..])?;

            if bytes_consumed + payload_length > len - (index + 1) {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            // search in sequence, skip bytes consumed

            if data[index] == ASN1_TAG_SEQUENCE {

                index += 1 + bytes_consumed;

                continue;

            } else if data[index] == ASN1_TAG_NUMBER_OBJECT_IDENTIFIER

                && payload_length == key_usage_oid_len

                && object_identifiers_are_same(

                    &data[index + 1 + bytes_consumed..index + 1 + bytes_consumed + payload_length],

                    OID_KEY_USAGE,

                )

            {

                index += 1 + bytes_consumed + payload_length;

                if index >= len {

                    return Err(SPDM_STATUS_VERIF_FAIL);

                }

                if data[index] == ASN1_TAG_EXTN_VALUE {

                    if index + 1 >= len {

                        return Err(SPDM_STATUS_VERIF_FAIL);

                    }

                    let (_, extnvalue_consumed) = check_length(&data[index + 1..])?;

                    index += 1 + extnvalue_consumed;

                    if index >= len {

                        return Err(SPDM_STATUS_VERIF_FAIL);

                    }

                    if data[index] == ASN1_TAG_BIT_STRING {

                        if index + 1 >= len {

                            return Err(SPDM_STATUS_VERIF_FAIL);

                        }

                        let (string_length, string_consumed) = check_length(&data[index + 1..])?;

                        index += string_consumed + string_length;

                        if index >= len {

                            return Err(SPDM_STATUS_VERIF_FAIL);

                        }

                        find_key_usage = true;

                    } else {

                        find_key_usage = false;

                    }

                    break;

                } else {

                    return Err(SPDM_STATUS_VERIF_FAIL);

                }

            } else {

                // if not Sequence or OID tag, skip

                index += 1 + bytes_consumed + payload_length;

                continue;

            }

        }

        if find_key_usage {

            Ok((true, data[index]))

        } else {

            Ok((false, 0x00))

        }

    }

}

fn check_extensions_spdm_oid(extensions: &[u8], is_leaf_cert: bool) -> SpdmResult<bool> {

    let mut responder_auth_oid_find_success = false;

    let mut requester_auth_oid_find_success = false;

    let len = extensions.len();

    if len < 1 || extensions[0] != ASN1_TAG_SEQUENCE {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else {

        let (payload_length, sequences_bytes_consumed) = check_length(&extensions[1..])?;

        let extn_sequences = &extensions[1 + sequences_bytes_consumed..];

        let sequences_len = extn_sequences.len();

        if sequences_len < payload_length {

            Err(SPDM_STATUS_VERIF_FAIL)

        } else {

            let mut index = 0;

            while index < payload_length {

                let (extnid, extn_sequence_len) = check_and_get_extn_id(&extn_sequences[index..])?;

                if extn_sequence_len > payload_length - index {

                    return Err(SPDM_STATUS_VERIF_FAIL);

                }

                // find the first level extension identifiy from extensions sequence

                if object_identifiers_are_same(extnid, OID_SUBJECT_ALTERNATIVE_NAME) {

                    if find_target_object_identifier_in_single_extension(

                        &extn_sequences[index..index + extn_sequence_len],

                        OID_DMTF_SPDM_DEVICE_INFO,

                    )? {

                        info!("find id-DMTF-device-info OID\n");

                    }

                    index += extn_sequence_len;

                    continue;

                } else if object_identifiers_are_same(extnid, OID_EXT_KEY_USAGE) {

                    if find_target_object_identifier_in_single_extension(

                        &extn_sequences[index..index + extn_sequence_len],

                        OID_DMTF_SPDM_EKU_RESPONDER_AUTH,

                    )? {

                        responder_auth_oid_find_success = true;

                        info!("find id-DMTF-eku-responder-auth OID\n");

                    } else if find_target_object_identifier_in_single_extension(

                        &extn_sequences[index..index + extn_sequence_len],

                        OID_DMTF_SPDM_EKU_REQUESTER_AUTH,

                    )? {

                        requester_auth_oid_find_success = true;

                        info!("find id-DMTF-eku-requester-auth OID\n");

                    }

                    index += extn_sequence_len;

                    continue;

                } else if object_identifiers_are_same(extnid, OID_DMTF_SPDM_EXTENSION) {

                    if find_target_object_identifier_in_single_extension(

                        &extn_sequences[index..index + extn_sequence_len],

                        OID_DMTF_MUTABLE_CERTIFICATE,

                    )? {

                        info!("find id-DMTF-mutable-certificate OID\n");

                    } else if find_target_object_identifier_in_single_extension(

                        &extn_sequences[index..index + extn_sequence_len],

                        OID_DMTF_SPDM_HARDWARE_IDENTITY,

                    )? {

                        info!("find id-DMTF-hardware-identity OID\n");

                    }

                    index += extn_sequence_len;

                    continue;

                } else {

                    index += extn_sequence_len;

                    continue;

                }

            }

            // if not the leaf certificate, reuester/responder auth OIDs SHOULD not be presented.

            Ok(!(!is_leaf_cert

                && (responder_auth_oid_find_success || requester_auth_oid_find_success)))

        }

    }

}

// IN  (sequences slice, target oid)

// OUT true when find target oid

// OUT false when not find target oid

fn find_target_object_identifier_in_single_extension(

    data: &[u8],

    target_oid: &[u8],

) -> SpdmResult<bool> {

    let mut target_oid_find_success = false;

    let len = data.len();

    let target_oid_len = target_oid.len();

    if len < 1 {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else if len < target_oid_len {

        target_oid_find_success = false;

        Ok(target_oid_find_success)

    } else {

        let mut index = 0;

        while index < len - target_oid_len {

            if index + 1 >= len {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            let (payload_length, bytes_consumed) = check_length(&data[index + 1..])?;

            if bytes_consumed + payload_length > len - (index + 1) {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            if data[index] == ASN1_TAG_NUMBER_OBJECT_IDENTIFIER {

                if object_identifiers_are_same(

                    &data[index + 1 + bytes_consumed..index + 1 + bytes_consumed + payload_length],

                    target_oid,

                ) && payload_length == target_oid_len

                {

                    target_oid_find_success = true;

                    break;

                } else {

                    index += 1 + bytes_consumed + payload_length;

                    continue;

                }

            } else if data[index] == ASN1_TAG_SEQUENCE || data[index] == ASN1_TAG_EXTN_VALUE {

                index += 1 + bytes_consumed;

                continue;

            } else {

                index += 1 + bytes_consumed + payload_length;

                continue;

            }

        }

        Ok(target_oid_find_success)

    }

}

// IN  extension sequences slice

// OUT true when find hardware oid

// OUT false when not find hardware oid

fn find_target_object_identifier_in_extensions(data: &[u8], target_oid: &[u8]) -> SpdmResult<bool> {

    let len = data.len();

    let mut walker = 0usize;

    if walker >= len {

        return Err(SPDM_STATUS_VERIF_FAIL);

    }

    check_tag_is_sequence(&data[walker..])?;

    walker += 1;

    if walker >= len {

        return Err(SPDM_STATUS_VERIF_FAIL);

    }

    let (payload_length, bytes_consumed) = check_length(&data[walker..])?;

    walker += bytes_consumed;

    if payload_length > len - walker {

        return Err(SPDM_STATUS_VERIF_FAIL);

    }

    let data = &data[walker..walker + payload_length];

    let len = payload_length;

    walker = 0;

    while walker < len {

        check_tag_is_sequence(&data[walker..])?;

        walker += 1;

        if walker >= len {

            return Err(SPDM_STATUS_VERIF_FAIL);

        }

        let (extension_length, bytes_consumed) = check_length(&data[walker..])?;

        walker += bytes_consumed;

        if walker >= len {

            return Err(SPDM_STATUS_VERIF_FAIL);

        }

        let next_ext_walker = walker + extension_length;

        check_tag_is_num_oid(&data[walker..])?;

        walker += 1;

        if walker >= len {

            return Err(SPDM_STATUS_VERIF_FAIL);

        }

        let (payload_length, bytes_consumed) = check_length(&data[walker..])?;

        walker += bytes_consumed;

        if walker >= len {

            return Err(SPDM_STATUS_VERIF_FAIL);

        }

        if walker + payload_length < len

            && object_identifiers_are_same(

                &data[walker..walker + payload_length],

                OID_DMTF_SPDM_EXTENSION,

            )

        {

            walker += payload_length;

            if walker >= len {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            // check critical, it is optional

            if check_tag_is_bool(&data[walker..]).is_ok() {

                walker += 3; // tag, length, value

                if walker >= len {

                    return Err(SPDM_STATUS_VERIF_FAIL);

                }

            }

            // next find hardware oid

            check_tag_is_octet_string(&data[walker..])?;

            walker += 1;

            if walker >= len {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            let (_, bytes_consumed) = check_length(&data[walker..])?;

            walker += bytes_consumed;

            if walker >= len {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            // sequence

            check_tag_is_sequence(&data[walker..])?;

            walker += 1;

            if walker >= len {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            let (_, bytes_consumed) = check_length(&data[walker..])?;

            walker += bytes_consumed;

            if walker >= len {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            // sequence

            check_tag_is_sequence(&data[walker..])?;

            walker += 1;

            if walker >= len {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            let (_, bytes_consumed) = check_length(&data[walker..])?;

            walker += bytes_consumed;

            if walker >= len {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            check_tag_is_num_oid(&data[walker..])?;

            walker += 1;

            if walker >= len {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            let (target_oid_length, bytes_consumed) = check_length(&data[walker..])?;

            walker += bytes_consumed;

            if walker >= len {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            if target_oid_length != target_oid.len() {

                return Err(SPDM_STATUS_VERIF_FAIL);

            }

            if walker + target_oid_length <= len

                && object_identifiers_are_same(

                    &data[walker..walker + target_oid_length],

                    target_oid,

                )

            {

                return Ok(true);

            }

        }

        walker = next_ext_walker;

    }

    Ok(false)

}

// IN extension sequence slice

// OUT Ok (extnID, extn sequence length)

// OUT Error not found extnID, verify fail

fn check_and_get_extn_id(extn_sequences: &[u8]) -> SpdmResult<(&[u8], usize)> {

    let len = extn_sequences.len();

    if len < 1 || extn_sequences[0] != ASN1_TAG_SEQUENCE {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else {

        let (extn_payload_length, extn_bytes_consumed) = check_length(&extn_sequences[1..])?;

        if len < 1 + extn_bytes_consumed + extn_payload_length {

            Err(SPDM_STATUS_VERIF_FAIL)

        } else {

            // extnID is the first item in the extension sequence and the tag is Object identifier

            let extn_id = &extn_sequences[1 + extn_bytes_consumed..];

            if extn_id.is_empty() || extn_id[0] != ASN1_TAG_NUMBER_OBJECT_IDENTIFIER {

                Err(SPDM_STATUS_VERIF_FAIL)

            } else {

                let (extn_id_length, extn_id_bytes_consumed) = check_length(&extn_id[1..])?;

                Ok((

                    &extn_id

                        [1 + extn_id_bytes_consumed..1 + extn_id_bytes_consumed + extn_id_length],

                    1 + extn_bytes_consumed + extn_payload_length,

                ))

            }

        }

    }

}

fn check_and_skip_common_sequence(data: &[u8]) -> SpdmResult<usize> {

    let len = data.len();

    if len < 1 || data[0] != ASN1_TAG_SEQUENCE {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else {

        let (payload_length, bytes_consumed) = check_length(&data[1..])?;

        if len < 1 + bytes_consumed + payload_length {

            Err(SPDM_STATUS_VERIF_FAIL)

        } else {

            Ok(1 + bytes_consumed + payload_length)

        }

    }

}

fn check_and_skip_common_tag(data: &[u8]) -> SpdmResult<usize> {

    let len = data.len();

    if len < 1 {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else {

        let (payload_length, bytes_consumed) = check_length(&data[1..])?;

        if len < 1 + bytes_consumed + payload_length {

            Err(SPDM_STATUS_VERIF_FAIL)

        } else {

            Ok(1 + bytes_consumed + payload_length)

        }

    }

}

fn check_and_get_common_tag(data: &[u8]) -> SpdmResult<(usize, &[u8])> {

    let len = data.len();

    if len < 1 {

        Err(SPDM_STATUS_VERIF_FAIL)

    } else {

        let (payload_length, bytes_consumed) = check_length(&data[1..])?;

        if len < 1 + bytes_consumed + payload_length {

            Err(SPDM_STATUS_VERIF_FAIL)

        } else {

            Ok((

                1 + bytes_consumed + payload_length,

                &data[1 + bytes_consumed..1 + bytes_consumed + payload_length],

            ))

        }

    }

}

fn get_oid_by_base_asym_algo(base_asym_algo: SpdmBaseAsymAlgo) -> Option<&'static [u8]> {

    match base_asym_algo {

        SpdmBaseAsymAlgo::TPM_ALG_RSASSA_2048 => Some(OID_RSA_SHA256RSA),

        SpdmBaseAsymAlgo::TPM_ALG_RSAPSS_2048 => Some(OID_RSA_SHA256RSA),

        SpdmBaseAsymAlgo::TPM_ALG_RSASSA_3072 => Some(OID_RSA_SHA384RSA),

        SpdmBaseAsymAlgo::TPM_ALG_RSAPSS_3072 => Some(OID_RSA_SHA384RSA),

        SpdmBaseAsymAlgo::TPM_ALG_ECDSA_ECC_NIST_P256 => Some(OID_ECDSA_SHA256),

        SpdmBaseAsymAlgo::TPM_ALG_RSASSA_4096 => Some(OID_RSA_SHA512RSA),

        SpdmBaseAsymAlgo::TPM_ALG_RSAPSS_4096 => Some(OID_RSA_SHA512RSA),

        SpdmBaseAsymAlgo::TPM_ALG_ECDSA_ECC_NIST_P384 => Some(OID_ECDSA_SHA384),

        _ => None,

    }

}

fn object_identifiers_are_same(a: &[u8], b: &[u8]) -> bool {

    if a.len() != b.len() {

        false

    } else {

        for (ai, bi) in a.iter().zip(b.iter()) {

            match ai.cmp(bi) {

                core::cmp::Ordering::Equal => continue,

                _ => return false,

            }

        }

        true

    }

}

// test root cert by checking issuer name == subject name

pub fn is_root_certificate(cert: &[u8]) -> SpdmResult {

    let mut c_walker = 0usize;

    check_tag_is_sequence(cert)?;

    c_walker += 1;

    let (_, bytes_consumed) = check_length(&cert[c_walker..])?;

    c_walker += bytes_consumed;

    // tbs

    let data = &cert[c_walker..];

    let mut t_walker = 0usize;

    let len = data.len();

    check_tag_is_sequence(data)?;

    t_walker += 1;

    let (tbs_length, bytes_consumed) = check_length(&data[t_walker..])?;

    t_walker += bytes_consumed;

    if len < t_walker + tbs_length {

        return Err(SPDM_STATUS_VERIF_FAIL);

    }

    // version         [0]  EXPLICIT Version DEFAULT v1,

    let bytes_consumed = check_version(&data[t_walker..])?;

    t_walker += bytes_consumed;

    // serialNumber         CertificateSerialNumber,

    let bytes_consumed = check_and_skip_common_tag(&data[t_walker..])?;

    t_walker += bytes_consumed;

    // signature            AlgorithmIdentifier,

    check_tag_is_sequence(&data[t_walker..])?;

    t_walker += 1;

    let (signature_id_length, bytes_consumed) = check_length(&data[t_walker..])?;

    t_walker += bytes_consumed;

    check_object_identifier(&data[t_walker..], None)?;

    t_walker += signature_id_length;

    // issuer               Name,

    let (bytes_consumed, issuer) = check_and_get_common_tag(&data[t_walker..])?;

    t_walker += bytes_consumed;

    // validity             Validity,

    let bytes_consumed = check_validity(&data[t_walker..])?;

    t_walker += bytes_consumed;

    // subject              Name,

    let (_, subject) = check_and_get_common_tag(&data[t_walker..])?;

    if subject == issuer {

        Ok(())

    } else {

        Err(SPDM_STATUS_VERIF_FAIL)

    }

}

// verify alias and device model by searching hardware oid in leaf cert

pub fn check_leaf_certificate(cert: &[u8], is_alias_cert_model: bool) -> SpdmResult {

    let mut c_walker = 0usize;

    check_tag_is_sequence(cert)?;

    c_walker += 1;

    let (_, bytes_consumed) = check_length(&cert[c_walker..])?;

    c_walker += bytes_consumed;

    // tbs

    let data = &cert[c_walker..];

    let mut t_walker = 0usize;

    let len = data.len();

    check_tag_is_sequence(data)?;

    t_walker += 1;

    let (tbs_length, bytes_consumed) = check_length(&data[t_walker..])?;

    t_walker += bytes_consumed;

    if len < t_walker + tbs_length {

        return Err(SPDM_STATUS_VERIF_FAIL);

    }

    // version         [0]  EXPLICIT Version DEFAULT v1,

    let bytes_consumed = check_version(&data[t_walker..])?;

    t_walker += bytes_consumed;