X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/80e2389990082500d76eb566d4946be3e786c3ef..d8f41ccd20de16f8ebe2ccc84d47bf1cb2b26bbb:/Security/libsecurity_asn1/lib/secasn1e.c?ds=inline diff --git a/Security/libsecurity_asn1/lib/secasn1e.c b/Security/libsecurity_asn1/lib/secasn1e.c new file mode 100644 index 00000000..0dee92c6 --- /dev/null +++ b/Security/libsecurity_asn1/lib/secasn1e.c @@ -0,0 +1,1646 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +/* + * Support for ENcoding ASN.1 data based on BER/DER (Basic/Distinguished + * Encoding Rules). + * + * $Id: secasn1e.c,v 1.7 2004/05/13 15:29:13 dmitch Exp $ + */ + +#include "secasn1.h" + +typedef enum { + beforeHeader, + duringContents, + duringGroup, + duringSequence, + afterContents, + afterImplicit, + afterInline, + afterPointer, + afterChoice, + notInUse +} sec_asn1e_parse_place; + +typedef enum { + allDone, + encodeError, + keepGoing, + needBytes +} sec_asn1e_parse_status; + +typedef struct sec_asn1e_state_struct { + SEC_ASN1EncoderContext *top; + const SecAsn1Template *theTemplate; + void *src; + + struct sec_asn1e_state_struct *parent; /* aka prev */ + struct sec_asn1e_state_struct *child; /* aka next */ + + sec_asn1e_parse_place place; /* where we are in encoding process */ + + /* + * XXX explain the next fields as clearly as possible... + */ + unsigned char tag_modifiers; + unsigned char tag_number; + unsigned long underlying_kind; + + int depth; + + PRBool explicit, /* we are handling an explicit header */ + indefinite, /* need end-of-contents */ + is_string, /* encoding a simple string or an ANY */ + may_stream, /* when streaming, do indefinite encoding */ + optional, /* omit field if it has no contents */ + ignore_stream /* ignore streaming value of sub-template */ + #ifdef __APPLE__ + , + signedInt /* signed alternate to SEC_ASN1_INTEGER */ + #endif + ; +} sec_asn1e_state; + +/* + * An "outsider" will have an opaque pointer to this, created by calling + * SEC_ASN1EncoderStart(). It will be passed back in to all subsequent + * calls to SEC_ASN1EncoderUpdate() and related routines, and when done + * it is passed to SEC_ASN1EncoderFinish(). + */ +struct sec_EncoderContext_struct { + PRArenaPool *our_pool; /* for our internal allocs */ + + sec_asn1e_state *current; + sec_asn1e_parse_status status; + + PRBool streaming; + PRBool from_buf; + + SEC_ASN1NotifyProc notify_proc; /* call before/after handling field */ + void *notify_arg; /* argument to notify_proc */ + PRBool during_notify; /* true during call to notify_proc */ + + SEC_ASN1WriteProc output_proc; /* pass encoded bytes to this */ + void *output_arg; /* argument to that function */ +}; + + +static sec_asn1e_state * +sec_asn1e_push_state (SEC_ASN1EncoderContext *cx, + const SecAsn1Template *theTemplate, + const void *src, PRBool new_depth) +{ + sec_asn1e_state *state, *new_state; + + state = cx->current; + + new_state = (sec_asn1e_state*)PORT_ArenaZAlloc (cx->our_pool, + sizeof(*new_state)); + if (new_state == NULL) { + cx->status = encodeError; + return NULL; + } + + new_state->top = cx; + new_state->parent = state; + new_state->theTemplate = theTemplate; + new_state->place = notInUse; + if (src != NULL) + new_state->src = (char *)src + theTemplate->offset; + + if (state != NULL) { + new_state->depth = state->depth; + if (new_depth) + new_state->depth++; + state->child = new_state; + } + + cx->current = new_state; + return new_state; +} + + +static void +sec_asn1e_scrub_state (sec_asn1e_state *state) +{ + /* + * Some default "scrubbing". + * XXX right set of initializations? + */ + state->place = beforeHeader; + state->indefinite = PR_FALSE; +} + + +static void +sec_asn1e_notify_before (SEC_ASN1EncoderContext *cx, void *src, int depth) +{ + if (cx->notify_proc == NULL) + return; + + cx->during_notify = PR_TRUE; + (* cx->notify_proc) (cx->notify_arg, PR_TRUE, src, depth); + cx->during_notify = PR_FALSE; +} + + +static void +sec_asn1e_notify_after (SEC_ASN1EncoderContext *cx, void *src, int depth) +{ + if (cx->notify_proc == NULL) + return; + + cx->during_notify = PR_TRUE; + (* cx->notify_proc) (cx->notify_arg, PR_FALSE, src, depth); + cx->during_notify = PR_FALSE; +} + + +static sec_asn1e_state * +sec_asn1e_init_state_based_on_template (sec_asn1e_state *state) +{ + PRBool explicit, is_string, may_stream, optional, universal, ignore_stream; + unsigned char tag_modifiers; + unsigned long encode_kind, under_kind; + unsigned long tag_number; + #ifdef __APPLE__ + PRBool signedInt, dynamic; + #endif + + encode_kind = state->theTemplate->kind; + + universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL) + ? PR_TRUE : PR_FALSE; + + explicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE; + encode_kind &= ~SEC_ASN1_EXPLICIT; + + optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE; + encode_kind &= ~SEC_ASN1_OPTIONAL; + + PORT_Assert (!(explicit && universal)); /* bad templates */ + + may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE; + encode_kind &= ~SEC_ASN1_MAY_STREAM; + + ignore_stream = (encode_kind & SEC_ASN1_NO_STREAM) ? PR_TRUE : PR_FALSE; + encode_kind &= ~SEC_ASN1_NO_STREAM; + + #ifdef __APPLE__ + signedInt = (encode_kind & SEC_ASN1_SIGNED_INT) ? PR_TRUE : PR_FALSE; + encode_kind &= ~SEC_ASN1_SIGNED_INT; + #endif + + #ifdef __APPLE__ + dynamic = (encode_kind & SEC_ASN1_DYNAMIC) ? PR_TRUE : PR_FALSE; + #endif + encode_kind &= ~SEC_ASN1_DYNAMIC; + + if( encode_kind & SEC_ASN1_CHOICE ) { + under_kind = SEC_ASN1_CHOICE; + } else + + if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || (!universal + && !explicit)) { + const SecAsn1Template *subt; + void *src; + + PORT_Assert ((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0); + + sec_asn1e_scrub_state (state); + + if (encode_kind & SEC_ASN1_POINTER) { + /* + * XXX This used to PORT_Assert (encode_kind == SEC_ASN1_POINTER); + * but that was too restrictive. This needs to be fixed, + * probably copying what the decoder now checks for, and + * adding a big comment here to explain what the checks mean. + */ + src = *(void **)state->src; + state->place = afterPointer; + if (src == NULL) { + /* + * If this is optional, but NULL, then the field does + * not need to be encoded. In this case we are done; + * we do not want to push a subtemplate. + */ + if (optional) + return state; + + /* + * XXX this is an error; need to figure out + * how to handle this + */ + } + } else { + src = state->src; + if (encode_kind & SEC_ASN1_INLINE) { + /* check that there are no extraneous bits */ + PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional); + state->place = afterInline; + } else { + /* + * Save the tag modifiers and tag number here before moving + * on to the next state in case this is a member of a + * SEQUENCE OF + */ + state->tag_modifiers = (unsigned char)encode_kind & SEC_ASN1_TAG_MASK + & ~SEC_ASN1_TAGNUM_MASK; + state->tag_number = (unsigned char)encode_kind & SEC_ASN1_TAGNUM_MASK; + + state->place = afterImplicit; + state->optional = optional; + } + } + + subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->src, PR_TRUE, + NULL /* __APPLE__ */); + state = sec_asn1e_push_state (state->top, subt, src, PR_FALSE); + if (state == NULL) + return NULL; + + if (universal) { + /* + * This is a POINTER or INLINE; just init based on that + * and we are done. + */ + return sec_asn1e_init_state_based_on_template (state); + } + + /* + * This is an implicit, non-universal (meaning, application-private + * or context-specific) field. This results in a "magic" tag but + * encoding based on the underlying type. We pushed a new state + * that is based on the subtemplate (the underlying type), but + * now we will sort of alias it to give it some of our properties + * (tag, optional status, etc.). + */ + + under_kind = state->theTemplate->kind; + if (under_kind & SEC_ASN1_MAY_STREAM) { + if (!ignore_stream) + may_stream = PR_TRUE; + under_kind &= ~SEC_ASN1_MAY_STREAM; + } + } else { + under_kind = encode_kind; + } + + /* + * Sanity check that there are no unwanted bits marked in under_kind. + * These bits were either removed above (after we recorded them) or + * they simply should not be found (signalling a bad/broken template). + * XXX is this the right set of bits to test here? (i.e. need to add + * or remove any?) + */ + PORT_Assert ((under_kind & (/*SEC_ASN1_EXPLICIT | */SEC_ASN1_OPTIONAL + | SEC_ASN1_SKIP | SEC_ASN1_INNER + | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM + | SEC_ASN1_INLINE | SEC_ASN1_POINTER)) == 0); + + if (encode_kind & SEC_ASN1_ANY) { + PORT_Assert (encode_kind == under_kind); + tag_modifiers = 0; + tag_number = 0; + is_string = PR_TRUE; + } else { + tag_modifiers = (unsigned char)encode_kind & SEC_ASN1_TAG_MASK & + ~SEC_ASN1_TAGNUM_MASK; + /* + * XXX This assumes only single-octet identifiers. To handle + * the HIGH TAG form we would need to do some more work, especially + * in how to specify them in the template, because right now we + * do not provide a way to specify more *tag* bits in encode_kind. + */ + + #ifdef __APPLE__ + /* + * Apple change: if this is a DYNAMIC template, use the tag number + * from the subtemplate's kind + */ + if(dynamic) { + tag_number = state->theTemplate->kind & SEC_ASN1_TAGNUM_MASK; + explicit = (state->theTemplate->kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE; + tag_modifiers |= (state->theTemplate->kind & SEC_ASN1_CONSTRUCTED); + } + else + #endif /* __APPLE__ */ + tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK; + + is_string = PR_FALSE; + switch (under_kind & SEC_ASN1_TAGNUM_MASK) { + case SEC_ASN1_SET: + /* + * XXX A plain old SET (as opposed to a SET OF) is not implemented. + * If it ever is, remove this assert... + */ + PORT_Assert ((under_kind & SEC_ASN1_GROUP) != 0); + /* fallthru */ + case SEC_ASN1_SEQUENCE: + tag_modifiers |= SEC_ASN1_CONSTRUCTED; + break; + case SEC_ASN1_BIT_STRING: + case SEC_ASN1_BMP_STRING: + case SEC_ASN1_GENERALIZED_TIME: + case SEC_ASN1_IA5_STRING: + case SEC_ASN1_OCTET_STRING: + case SEC_ASN1_PRINTABLE_STRING: + case SEC_ASN1_T61_STRING: + case SEC_ASN1_UNIVERSAL_STRING: + case SEC_ASN1_UTC_TIME: + case SEC_ASN1_UTF8_STRING: + case SEC_ASN1_VISIBLE_STRING: + /* + * We do not yet know if we will be constructing the string, + * so we have to wait to do this final tag modification. + */ + is_string = PR_TRUE; + break; + } + } + + state->tag_modifiers = tag_modifiers; + state->tag_number = (unsigned char)tag_number; + state->underlying_kind = under_kind; + state->explicit = explicit; + state->may_stream = may_stream; + state->is_string = is_string; + state->optional = optional; + state->ignore_stream = ignore_stream; + #ifdef __APPLE__ + state->signedInt = signedInt; + #endif + + sec_asn1e_scrub_state (state); + + return state; +} + + +static void +sec_asn1e_write_part (sec_asn1e_state *state, + const char *buf, size_t len, + SEC_ASN1EncodingPart part) +{ + SEC_ASN1EncoderContext *cx; + + cx = state->top; + (* cx->output_proc) (cx->output_arg, buf, len, state->depth, part); +} + + +/* + * XXX This assumes only single-octet identifiers. To handle + * the HIGH TAG form we would need to modify this interface and + * teach it to properly encode the special form. + */ +static void +sec_asn1e_write_identifier_bytes (sec_asn1e_state *state, unsigned char value) +{ + char byte; + + byte = (char) value; + sec_asn1e_write_part (state, &byte, 1, SEC_ASN1_Identifier); +} + +int +SEC_ASN1EncodeLength(unsigned char *buf,unsigned long value) { + int lenlen; + + lenlen = SEC_ASN1LengthLength (value); + if (lenlen == 1) { + buf[0] = value; + } else { + int i; + + i = lenlen - 1; + buf[0] = 0x80 | i; + while (i) { + buf[i--] = value; + value >>= 8; + } + PORT_Assert (value == 0); + } + return lenlen; +} + +static void +sec_asn1e_write_length_bytes (sec_asn1e_state *state, unsigned long value, + PRBool indefinite) +{ + int lenlen; + unsigned char buf[sizeof(unsigned long) + 1]; + + if (indefinite) { + PORT_Assert (value == 0); + buf[0] = 0x80; + lenlen = 1; + } else { + lenlen = SEC_ASN1EncodeLength(buf,value); + } + + sec_asn1e_write_part (state, (char *) buf, lenlen, SEC_ASN1_Length); +} + + +static void +sec_asn1e_write_contents_bytes (sec_asn1e_state *state, + const char *buf, unsigned long len) +{ + sec_asn1e_write_part (state, buf, len, SEC_ASN1_Contents); +} + + +static void +sec_asn1e_write_end_of_contents_bytes (sec_asn1e_state *state) +{ + const char eoc[2] = {0, 0}; + + sec_asn1e_write_part (state, eoc, 2, SEC_ASN1_EndOfContents); +} + +static int +sec_asn1e_which_choice +( + void *src, + const SecAsn1Template *theTemplate +) +{ + int rv; + unsigned int which = *(unsigned int *)src; + + for( rv = 1, theTemplate++; theTemplate->kind != 0; rv++, theTemplate++ ) { + if( which == theTemplate->size ) { + return rv; + } + } + + return 0; +} + +static unsigned long +sec_asn1e_contents_length (const SecAsn1Template *theTemplate, void *src, + PRBool ignoresubstream, PRBool *noheaderp) +{ + unsigned long encode_kind, underlying_kind; + PRBool explicit, optional, universal, may_stream; + unsigned long len; + #ifdef __APPLE__ + PRBool signedInt; + #endif + + /* + * This function currently calculates the length in all cases + * except the following: when writing out the contents of a + * template that belongs to a state where it was a sub-template + * with the SEC_ASN1_MAY_STREAM bit set and it's parent had the + * optional bit set. The information that the parent is optional + * and that we should return the length of 0 when that length is + * present since that means the optional field is no longer present. + * So we add the ignoresubstream flag which is passed in when + * writing the contents, but for all recursive calls to + * sec_asn1e_contents_length, we pass PR_FALSE, because this + * function correctly calculates the length for children templates + * from that point on. Confused yet? At least you didn't have + * to figure it out. ;) -javi + */ + encode_kind = theTemplate->kind; + + universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL) + ? PR_TRUE : PR_FALSE; + + explicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE; + encode_kind &= ~SEC_ASN1_EXPLICIT; + + optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE; + encode_kind &= ~SEC_ASN1_OPTIONAL; + + PORT_Assert (!(explicit && universal)); /* bad templates */ + + may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE; + encode_kind &= ~SEC_ASN1_MAY_STREAM; + + /* Just clear this to get it out of the way; we do not need it here */ + encode_kind &= ~SEC_ASN1_DYNAMIC; + encode_kind &= ~SEC_ASN1_NO_STREAM; + + if( encode_kind & SEC_ASN1_CHOICE ) { + void *src2; + int indx = sec_asn1e_which_choice(src, theTemplate); + if( 0 == indx ) { + /* XXX set an error? "choice not found" */ + /* state->top->status = encodeError; */ + return 0; + } + + src2 = (void *)((char *)src - theTemplate->offset + theTemplate[indx].offset); + + return sec_asn1e_contents_length(&theTemplate[indx], src2, + PR_FALSE, noheaderp); + } + + if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || !universal) { + + /* XXX any bits we want to disallow (PORT_Assert against) here? */ + + theTemplate = SEC_ASN1GetSubtemplate (theTemplate, src, PR_TRUE, + NULL /* __APPLE__ */); + + if (encode_kind & SEC_ASN1_POINTER) { + /* + * XXX This used to PORT_Assert (encode_kind == SEC_ASN1_POINTER); + * but that was too restrictive. This needs to be fixed, + * probably copying what the decoder now checks for, and + * adding a big comment here to explain what the checks mean. + * Alternatively, the check here could be omitted altogether + * just letting sec_asn1e_init_state_based_on_template + * do it, since that routine can do better error handling, too. + */ + src = *(void **)src; + if (src == NULL) { + if (optional) + *noheaderp = PR_TRUE; + else + *noheaderp = PR_FALSE; + return 0; + } + } else if (encode_kind & SEC_ASN1_INLINE) { + /* check that there are no extraneous bits */ + PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional); + } + + src = (char *)src + theTemplate->offset; + + if (explicit) { + len = sec_asn1e_contents_length (theTemplate, src, PR_FALSE, + noheaderp); + if (len == 0 && optional) { + *noheaderp = PR_TRUE; + } else if (*noheaderp) { + /* Okay, *we* do not want to add in a header, but our caller still does. */ + *noheaderp = PR_FALSE; + } else { + /* if the inner content exists, our length is + * len(identifier) + len(length) + len(innercontent) + * XXX we currently assume len(identifier) == 1; + * to support a high-tag-number this would need to be smarter. + */ + len += 1 + SEC_ASN1LengthLength (len); + } + return len; + } + + underlying_kind = theTemplate->kind; + underlying_kind &= ~SEC_ASN1_MAY_STREAM; + /* XXX Should we recurse here? */ + } else { + underlying_kind = encode_kind; + } + + #ifdef __APPLE__ + signedInt = (underlying_kind & SEC_ASN1_SIGNED_INT) ? + PR_TRUE : PR_FALSE; + #endif + + /* This is only used in decoding; it plays no part in encoding. */ + if (underlying_kind & SEC_ASN1_SAVE) { + /* check that there are no extraneous bits */ + PORT_Assert (underlying_kind == SEC_ASN1_SAVE); + *noheaderp = PR_TRUE; + return 0; + } + + /* Having any of these bits is not expected here... */ + PORT_Assert ((underlying_kind & (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL + | SEC_ASN1_INLINE | SEC_ASN1_POINTER + | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM + | SEC_ASN1_SAVE | SEC_ASN1_SKIP)) == 0); + + if( underlying_kind & SEC_ASN1_CHOICE ) { + void *src2; + int indx = sec_asn1e_which_choice(src, theTemplate); + if( 0 == indx ) { + /* XXX set an error? "choice not found" */ + /* state->top->status = encodeError; */ + return 0; + } + + src2 = (void *)((char *)src - theTemplate->offset + theTemplate[indx].offset); + len = sec_asn1e_contents_length(&theTemplate[indx], src2, PR_FALSE, + noheaderp); + } else + + switch (underlying_kind) { + case SEC_ASN1_SEQUENCE_OF: + case SEC_ASN1_SET_OF: + { + const SecAsn1Template *tmpt; + void *sub_src; + unsigned long sub_len; + void **group; + + len = 0; + + group = *(void ***)src; + if (group == NULL) + break; + + tmpt = SEC_ASN1GetSubtemplate (theTemplate, src, PR_TRUE, + NULL /* __APPLE__ */); + + for (; *group != NULL; group++) { + sub_src = (char *)(*group) + tmpt->offset; + sub_len = sec_asn1e_contents_length (tmpt, sub_src, PR_FALSE, + noheaderp); + len += sub_len; + /* + * XXX The 1 below is the presumed length of the identifier; + * to support a high-tag-number this would need to be smarter. + */ + if (!*noheaderp) + len += 1 + SEC_ASN1LengthLength (sub_len); + } + } + break; + + case SEC_ASN1_SEQUENCE: + case SEC_ASN1_SET: + { + const SecAsn1Template *tmpt; + void *sub_src; + unsigned long sub_len; + + len = 0; + for (tmpt = theTemplate + 1; tmpt->kind; tmpt++) { + sub_src = (char *)src + tmpt->offset; + sub_len = sec_asn1e_contents_length (tmpt, sub_src, PR_FALSE, + noheaderp); + len += sub_len; + /* + * XXX The 1 below is the presumed length of the identifier; + * to support a high-tag-number this would need to be smarter. + */ + if (!*noheaderp) + len += 1 + SEC_ASN1LengthLength (sub_len); + } + } + break; + + case SEC_ASN1_BIT_STRING: + /* convert bit length to byte */ + len = (((SecAsn1Item *)src)->Length + 7) >> 3; + /* bit string contents involve an extra octet */ + if (len) + len++; + break; + + case SEC_ASN1_INTEGER: + /* ASN.1 INTEGERs are signed. + * If the source is an unsigned integer, the encoder will need + * to handle the conversion here. + */ + { + unsigned char *buf = ((SecAsn1Item *)src)->Data; + #ifndef __APPLE__ + SecAsn1ItemType integerType = ((SecAsn1Item *)src)->type; + #endif + len = ((SecAsn1Item *)src)->Length; + while (len > 0) { + if (*buf != 0) { + #ifdef __APPLE__ + if (*buf & 0x80 && !signedInt) { + #else + if (*buf & 0x80 && integerType == siUnsignedInteger) { + #endif // __APPLE__ + len++; /* leading zero needed to make number signed */ + } + break; /* reached beginning of number */ + } + if (len == 1) { + break; /* the number 0 */ + } + if (buf[1] & 0x80) { + break; /* leading zero already present */ + } + /* extraneous leading zero, keep going */ + buf++; + len--; + } + } + break; + + default: + len = ((SecAsn1Item *)src)->Length; + if (may_stream && len == 0 && !ignoresubstream) + len = 1; /* if we're streaming, we may have a secitem w/len 0 as placeholder */ + break; + } + + if ((len == 0 && optional) || underlying_kind == SEC_ASN1_ANY) + *noheaderp = PR_TRUE; + else + *noheaderp = PR_FALSE; + + return len; +} + + +static void +sec_asn1e_write_header (sec_asn1e_state *state) +{ + unsigned long contents_length; + unsigned char tag_number, tag_modifiers; + PRBool noheader; + + PORT_Assert (state->place == beforeHeader); + + tag_number = state->tag_number; + tag_modifiers = state->tag_modifiers; + + if (state->underlying_kind == SEC_ASN1_ANY) { + state->place = duringContents; + return; + } + + if( state->underlying_kind & SEC_ASN1_CHOICE ) { + int indx = sec_asn1e_which_choice(state->src, state->theTemplate); + if( 0 == indx ) { + /* XXX set an error? "choice not found" */ + state->top->status = encodeError; + return; + } + + state->place = afterChoice; + state = sec_asn1e_push_state(state->top, &state->theTemplate[indx], + (char *)state->src - state->theTemplate->offset, + PR_TRUE); + + if( (sec_asn1e_state *)NULL != state ) { + /* + * Do the "before" field notification. + */ + sec_asn1e_notify_before (state->top, state->src, state->depth); + state = sec_asn1e_init_state_based_on_template (state); + } + + (void) state; + + return; + } + + /* + * We are doing a definite-length encoding. First we have to + * walk the data structure to calculate the entire contents length. + */ + contents_length = sec_asn1e_contents_length (state->theTemplate, + state->src, + state->ignore_stream, + &noheader); + /* + * We might be told explicitly not to put out a header. + * But it can also be the case, via a pushed subtemplate, that + * sec_asn1e_contents_length could not know that this field is + * really optional. So check for that explicitly, too. + */ + if (noheader || (contents_length == 0 && state->optional)) { + state->place = afterContents; + if (state->top->streaming && state->may_stream && state->top->from_buf) + /* we did not find an optional indefinite string, so we don't encode it. + * However, if TakeFromBuf is on, we stop here anyway to give our caller + * a chance to intercept at the same point where we would stop if the + * field were present. */ + state->top->status = needBytes; + return; + } + + if (state->top->streaming && state->may_stream + && (state->top->from_buf || !state->is_string)) { + /* + * We need to put out an indefinite-length encoding. + */ + state->indefinite = PR_TRUE; + /* + * The only universal types that can be constructed are SETs, + * SEQUENCEs, and strings; so check that it is one of those, + * or that it is not universal (e.g. context-specific). + */ + PORT_Assert ((tag_number == SEC_ASN1_SET) + || (tag_number == SEC_ASN1_SEQUENCE) + || ((tag_modifiers & SEC_ASN1_CLASS_MASK) != 0) + || state->is_string); + tag_modifiers |= SEC_ASN1_CONSTRUCTED; + contents_length = 0; + } + + sec_asn1e_write_identifier_bytes (state, (unsigned char)(tag_number | tag_modifiers)); + sec_asn1e_write_length_bytes (state, contents_length, state->indefinite); + + if (contents_length == 0 && !state->indefinite) { + /* + * If no real contents to encode, then we are done with this field. + */ + state->place = afterContents; + return; + } + + /* + * An EXPLICIT is nothing but an outer header, which we have already + * written. Now we need to do the inner header and contents. + */ + if (state->explicit) { + state->place = afterContents; + state = sec_asn1e_push_state (state->top, + SEC_ASN1GetSubtemplate(state->theTemplate, + state->src, + PR_TRUE, + NULL /* __APPLE__ */), + state->src, PR_TRUE); + if (state != NULL) + state = sec_asn1e_init_state_based_on_template (state); + + (void) state; + + return; + } + + switch (state->underlying_kind) { + case SEC_ASN1_SET_OF: + case SEC_ASN1_SEQUENCE_OF: + /* + * We need to push a child to handle each member. + */ + { + void **group; + const SecAsn1Template *subt; + + group = *(void ***)state->src; + if (group == NULL || *group == NULL) { + /* + * Group is empty; we are done. + */ + state->place = afterContents; + return; + } + state->place = duringGroup; + subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->src, + PR_TRUE, NULL /* __APPLE__ */); + state = sec_asn1e_push_state (state->top, subt, *group, PR_TRUE); + if (state != NULL) + state = sec_asn1e_init_state_based_on_template (state); + } + break; + + case SEC_ASN1_SEQUENCE: + case SEC_ASN1_SET: + /* + * We need to push a child to handle the individual fields. + */ + state->place = duringSequence; + state = sec_asn1e_push_state (state->top, state->theTemplate + 1, + state->src, PR_TRUE); + if (state != NULL) { + /* + * Do the "before" field notification. + */ + sec_asn1e_notify_before (state->top, state->src, state->depth); + state = sec_asn1e_init_state_based_on_template (state); + } + break; + + default: + /* + * I think we do not need to do anything else. + * XXX Correct? + */ + state->place = duringContents; + break; + } + + (void) state; +} + + +static void +sec_asn1e_write_contents (sec_asn1e_state *state, + const char *buf, unsigned long len) +{ + PORT_Assert (state->place == duringContents); + + if (state->top->from_buf) { + /* + * Probably they just turned on "take from buf", but have not + * yet given us any bytes. If there is nothing in the buffer + * then we have nothing to do but return and wait. + */ + if (buf == NULL || len == 0) { + state->top->status = needBytes; + return; + } + /* + * We are streaming, reading from a passed-in buffer. + * This means we are encoding a simple string or an ANY. + * For the former, we need to put out a substring, with its + * own identifier and length. For an ANY, we just write it + * out as is (our caller is required to ensure that it + * is a properly encoded entity). + */ + PORT_Assert (state->is_string); /* includes ANY */ + if (state->underlying_kind != SEC_ASN1_ANY) { + unsigned char identifier; + + /* + * Create the identifier based on underlying_kind. We cannot + * use tag_number and tag_modifiers because this can be an + * implicitly encoded field. In that case, the underlying + * substrings *are* encoded with their real tag. + */ + identifier = (unsigned char)state->underlying_kind & SEC_ASN1_TAG_MASK; + /* + * The underlying kind should just be a simple string; there + * should be no bits like CONTEXT_SPECIFIC or CONSTRUCTED set. + */ + PORT_Assert ((identifier & SEC_ASN1_TAGNUM_MASK) == identifier); + /* + * Write out the tag and length for the substring. + */ + sec_asn1e_write_identifier_bytes (state, identifier); + if (state->underlying_kind == SEC_ASN1_BIT_STRING) { + char byte; + /* + * Assume we have a length in bytes but we need to output + * a proper bit string. This interface only works for bit + * strings that are full multiples of 8. If support for + * real, variable length bit strings is needed then the + * caller will have to know to pass in a bit length instead + * of a byte length and then this code will have to + * perform the encoding necessary (length written is length + * in bytes plus 1, and the first octet of string is the + * number of bits remaining between the end of the bit + * string and the next byte boundary). + */ + sec_asn1e_write_length_bytes (state, len + 1, PR_FALSE); + byte = 0; + sec_asn1e_write_contents_bytes (state, &byte, 1); + } else { + sec_asn1e_write_length_bytes (state, len, PR_FALSE); + } + } + sec_asn1e_write_contents_bytes (state, buf, len); + state->top->status = needBytes; + } else { + switch (state->underlying_kind) { + case SEC_ASN1_SET: + case SEC_ASN1_SEQUENCE: + PORT_Assert (0); + break; + + case SEC_ASN1_BIT_STRING: + { + SecAsn1Item *item; + char rem; + + item = (SecAsn1Item *)state->src; + len = (item->Length + 7) >> 3; + rem = (unsigned char)((len << 3) - item->Length); /* remaining bits */ + sec_asn1e_write_contents_bytes (state, &rem, 1); + sec_asn1e_write_contents_bytes (state, (char *) item->Data, + len); + } + break; + + case SEC_ASN1_BMP_STRING: + /* The number of bytes must be divisable by 2 */ + if ((((SecAsn1Item *)state->src)->Length) % 2) { + SEC_ASN1EncoderContext *cx; + + cx = state->top; + cx->status = encodeError; + break; + } + /* otherwise, fall through to write the content */ + goto process_string; + + case SEC_ASN1_UNIVERSAL_STRING: + /* The number of bytes must be divisable by 4 */ + if ((((SecAsn1Item *)state->src)->Length) % 4) { + SEC_ASN1EncoderContext *cx; + + cx = state->top; + cx->status = encodeError; + break; + } + /* otherwise, fall through to write the content */ + goto process_string; + + case SEC_ASN1_INTEGER: + /* ASN.1 INTEGERs are signed. If the source is an unsigned + * integer, the encoder will need to handle the conversion here. + */ + { + size_t blen; + unsigned char *intbuf; + #ifdef __APPLE__ + PRBool signedInt = state->signedInt; + #else + SECItemType integerType = ((SecAsn1Item *)state->src)->type; + #endif + blen = ((SecAsn1Item *)state->src)->Length; + intbuf = ((SecAsn1Item *)state->src)->Data; + while (blen > 0) { + #ifdef __APPLE__ + if (*intbuf & 0x80 && !signedInt) { + #else + if (*intbuf & 0x80 && integerType == siUnsignedInteger) { + #endif + char zero = 0; /* write a leading 0 */ + sec_asn1e_write_contents_bytes(state, &zero, 1); + /* and then the remaining buffer */ + sec_asn1e_write_contents_bytes(state, + (char *)intbuf, blen); + break; + } + /* Check three possibilities: + * 1. No leading zeros, msb of MSB is not 1; + * 2. The number is zero itself; + * 3. Encoding a signed integer with a leading zero, + * keep the zero so that the number is positive. + */ + if (*intbuf != 0 || + blen == 1 || + #ifdef __APPLE__ + (intbuf[1] & 0x80 && signedInt) ) + #else + (intbuf[1] & 0x80 && integerType != siUnsignedInteger) ) + #endif + { + sec_asn1e_write_contents_bytes(state, + (char *)intbuf, blen); + break; + } + /* byte is 0, continue */ + intbuf++; + blen--; + } + } + /* done with this content */ + break; + +process_string: + default: + { + SecAsn1Item *item; + + item = (SecAsn1Item *)state->src; + sec_asn1e_write_contents_bytes (state, (char *) item->Data, + item->Length); + } + break; + } + state->place = afterContents; + } +} + + +/* + * We are doing a SET OF or SEQUENCE OF, and have just finished an item. + */ +static void +sec_asn1e_next_in_group (sec_asn1e_state *state) +{ + sec_asn1e_state *child; + void **group; + void *member; + + PORT_Assert (state->place == duringGroup); + PORT_Assert (state->child != NULL); + + child = state->child; + + group = *(void ***)state->src; + + /* + * Find placement of current item. + */ + member = (char *)(state->child->src) - child->theTemplate->offset; + while (*group != member) + group++; + + /* + * Move forward to next item. + */ + group++; + if (*group == NULL) { + /* + * That was our last one; we are done now. + */ + child->place = notInUse; + state->place = afterContents; + return; + } + child->src = (char *)(*group) + child->theTemplate->offset; + + /* + * Re-"push" child. + */ + sec_asn1e_scrub_state (child); + state->top->current = child; +} + + +/* + * We are moving along through a sequence; move forward by one, + * (detecting end-of-sequence when it happens). + */ +static void +sec_asn1e_next_in_sequence (sec_asn1e_state *state) +{ + sec_asn1e_state *child; + + PORT_Assert (state->place == duringSequence); + PORT_Assert (state->child != NULL); + + child = state->child; + + /* + * Do the "after" field notification. + */ + sec_asn1e_notify_after (state->top, child->src, child->depth); + + /* + * Move forward. + */ + child->theTemplate++; + if (child->theTemplate->kind == 0) { + /* + * We are done with this sequence. + */ + child->place = notInUse; + state->place = afterContents; + return; + } + + /* + * Reset state and push. + */ + + child->src = (char *)state->src + child->theTemplate->offset; + + /* + * Do the "before" field notification. + */ + sec_asn1e_notify_before (state->top, child->src, child->depth); + + state->top->current = child; + (void) sec_asn1e_init_state_based_on_template (child); +} + + +static void +sec_asn1e_after_contents (sec_asn1e_state *state) +{ + PORT_Assert (state->place == afterContents); + + if (state->indefinite) + sec_asn1e_write_end_of_contents_bytes (state); + + /* + * Just make my parent be the current state. It will then clean + * up after me and free me (or reuse me). + */ + state->top->current = state->parent; +} + + +/* + * This function is called whether or not we are streaming; if we + * *are* streaming, our caller can also instruct us to take bytes + * from the passed-in buffer (at buf, for length len, which is likely + * bytes but could even mean bits if the current field is a bit string). + * If we have been so instructed, we will gobble up bytes from there + * (rather than from our src structure) and output them, and then + * we will just return, expecting to be called again -- either with + * more bytes or after our caller has instructed us that we are done + * (for now) with the buffer. + */ +SECStatus +SEC_ASN1EncoderUpdate (SEC_ASN1EncoderContext *cx, + const char *buf, unsigned long len) +{ + sec_asn1e_state *state; + + if (cx->status == needBytes) { + PORT_Assert (buf != NULL && len != 0); + cx->status = keepGoing; + } + + while (cx->status == keepGoing) { + state = cx->current; + switch (state->place) { + case beforeHeader: + sec_asn1e_write_header (state); + break; + case duringContents: + sec_asn1e_write_contents (state, buf, len); + break; + case duringGroup: + sec_asn1e_next_in_group (state); + break; + case duringSequence: + sec_asn1e_next_in_sequence (state); + break; + case afterContents: + sec_asn1e_after_contents (state); + break; + case afterImplicit: + case afterInline: + case afterPointer: + case afterChoice: + /* + * These states are more documentation than anything. + * They just need to force a pop. + */ + PORT_Assert (!state->indefinite); + state->place = afterContents; + break; + case notInUse: + default: + /* This is not an error, but rather a plain old BUG! */ + PORT_Assert (0); + cx->status = encodeError; + break; + } + + if (cx->status == encodeError) + break; + + /* It might have changed, so we have to update our local copy. */ + state = cx->current; + + /* If it is NULL, we have popped all the way to the top. */ + if (state == NULL) { + cx->status = allDone; + break; + } + } + + if (cx->status == encodeError) { + return SECFailure; + } + + return SECSuccess; +} + + +void +SEC_ASN1EncoderFinish (SEC_ASN1EncoderContext *cx) +{ + /* + * XXX anything else that needs to be finished? + */ + + PORT_FreeArena (cx->our_pool, PR_FALSE); +} + + +SEC_ASN1EncoderContext * +SEC_ASN1EncoderStart (const void *src, const SecAsn1Template *theTemplate, + SEC_ASN1WriteProc output_proc, void *output_arg) +{ + PRArenaPool *our_pool; + SEC_ASN1EncoderContext *cx; + + our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE); + if (our_pool == NULL) + return NULL; + + cx = (SEC_ASN1EncoderContext*)PORT_ArenaZAlloc (our_pool, sizeof(*cx)); + if (cx == NULL) { + PORT_FreeArena (our_pool, PR_FALSE); + return NULL; + } + + cx->our_pool = our_pool; + cx->output_proc = output_proc; + cx->output_arg = output_arg; + + cx->status = keepGoing; + + if (sec_asn1e_push_state(cx, theTemplate, src, PR_FALSE) == NULL + || sec_asn1e_init_state_based_on_template (cx->current) == NULL) { + /* + * Trouble initializing (probably due to failed allocations) + * requires that we just give up. + */ + PORT_FreeArena (our_pool, PR_FALSE); + return NULL; + } + + return cx; +} + + +/* + * XXX Do we need a FilterProc, too? + */ + + +void +SEC_ASN1EncoderSetNotifyProc (SEC_ASN1EncoderContext *cx, + SEC_ASN1NotifyProc fn, void *arg) +{ + cx->notify_proc = fn; + cx->notify_arg = arg; +} + + +void +SEC_ASN1EncoderClearNotifyProc (SEC_ASN1EncoderContext *cx) +{ + cx->notify_proc = NULL; + cx->notify_arg = NULL; /* not necessary; just being clean */ +} + + +void +SEC_ASN1EncoderAbort(SEC_ASN1EncoderContext *cx, int error) +{ + PORT_Assert(cx); + PORT_SetError(error); + cx->status = encodeError; +} + + +void +SEC_ASN1EncoderSetStreaming (SEC_ASN1EncoderContext *cx) +{ + /* XXX is there a way to check that we are "between" fields here? */ + + cx->streaming = PR_TRUE; +} + + +void +SEC_ASN1EncoderClearStreaming (SEC_ASN1EncoderContext *cx) +{ + /* XXX is there a way to check that we are "between" fields here? */ + + cx->streaming = PR_FALSE; +} + + +void +SEC_ASN1EncoderSetTakeFromBuf (SEC_ASN1EncoderContext *cx) +{ + /* + * XXX is there a way to check that we are "between" fields here? this + * needs to include a check for being in between groups of items in + * a SET_OF or SEQUENCE_OF. + */ + PORT_Assert (cx->streaming); + + cx->from_buf = PR_TRUE; +} + + +void +SEC_ASN1EncoderClearTakeFromBuf (SEC_ASN1EncoderContext *cx) +{ + /* we should actually be taking from buf *now* */ + PORT_Assert (cx->from_buf); + if (! cx->from_buf) /* if not, just do nothing */ + return; + + cx->from_buf = PR_FALSE; + + if (cx->status == needBytes) { + cx->status = keepGoing; + cx->current->place = afterContents; + } +} + + +SECStatus +SEC_ASN1Encode (const void *src, const SecAsn1Template *theTemplate, + SEC_ASN1WriteProc output_proc, void *output_arg) +{ + SEC_ASN1EncoderContext *ecx; + SECStatus rv; + + ecx = SEC_ASN1EncoderStart (src, theTemplate, output_proc, output_arg); + if (ecx == NULL) + return SECFailure; + + rv = SEC_ASN1EncoderUpdate (ecx, NULL, 0); + + SEC_ASN1EncoderFinish (ecx); + return rv; +} + + +/* + * XXX depth and data_kind are unused; is there a PC way to silence warnings? + * (I mean "politically correct", not anything to do with intel/win platform) + */ +void +sec_asn1e_encode_item_count (void *arg, const char *buf, size_t len, + int depth, SEC_ASN1EncodingPart data_kind) +{ + size_t *count; + + count = (unsigned long*)arg; + PORT_Assert (count != NULL); + + *count += len; +} + + +/* XXX depth and data_kind are unused; is there a PC way to silence warnings? */ +void +sec_asn1e_encode_item_store (void *arg, const char *buf, size_t len, + int depth, SEC_ASN1EncodingPart data_kind) +{ + SecAsn1Item *dest; + + dest = (SecAsn1Item*)arg; + PORT_Assert (dest != NULL); + + PORT_Memcpy (dest->Data + dest->Length, buf, len); + dest->Length += len; +} + + +/* + * Allocate an entire SecAsn1Item, or just the data part of it, to hold + * "len" bytes of stuff. Allocate from the given pool, if specified, + * otherwise just do a vanilla PORT_Alloc. + * + * XXX This seems like a reasonable general-purpose function (for SECITEM_)? + */ +SecAsn1Item * +sec_asn1e_allocate_item (PRArenaPool *poolp, SecAsn1Item *dest, unsigned long len) +{ + if (poolp != NULL) { + void *release; + + release = PORT_ArenaMark (poolp); + if (dest == NULL) + dest = (SecAsn1Item*)PORT_ArenaAlloc (poolp, sizeof(SecAsn1Item)); + if (dest != NULL) { + dest->Data = (unsigned char*)PORT_ArenaAlloc (poolp, len); + if (dest->Data == NULL) { + dest = NULL; + } + } + if (dest == NULL) { + /* one or both allocations failed; release everything */ + PORT_ArenaRelease (poolp, release); + } else { + /* everything okay; unmark the arena */ + PORT_ArenaUnmark (poolp, release); + } + } else { + SecAsn1Item *indest; + + indest = dest; + if (dest == NULL) + dest = (SecAsn1Item*)PORT_Alloc (sizeof(SecAsn1Item)); + if (dest != NULL) { + #ifndef __APPLE__ + dest->type = siBuffer; + #endif + dest->Data = (unsigned char*)PORT_Alloc (len); + if (dest->Data == NULL) { + if (indest == NULL) + PORT_Free (dest); + dest = NULL; + } + } + } + + return dest; +} + + +SecAsn1Item * +SEC_ASN1EncodeItem (PRArenaPool *poolp, SecAsn1Item *dest, const void *src, + const SecAsn1Template *theTemplate) +{ + unsigned long encoding_length; + SECStatus rv; + + PORT_Assert (dest == NULL || dest->Data == NULL); + + encoding_length = 0; + rv = SEC_ASN1Encode (src, theTemplate, + sec_asn1e_encode_item_count, &encoding_length); + if (rv != SECSuccess) + return NULL; + + dest = sec_asn1e_allocate_item (poolp, dest, encoding_length); + if (dest == NULL) + return NULL; + + /* XXX necessary? This really just checks for a bug in the allocate fn */ + PORT_Assert (dest->Data != NULL); + if (dest->Data == NULL) + return NULL; + + dest->Length = 0; + (void) SEC_ASN1Encode (src, theTemplate, sec_asn1e_encode_item_store, dest); + + PORT_Assert (encoding_length == dest->Length); + return dest; +} + + +static SecAsn1Item * +sec_asn1e_integer(PRArenaPool *poolp, SecAsn1Item *dest, unsigned long value, + PRBool make_unsigned) +{ + unsigned long copy; + unsigned char sign; + int len = 0; + + /* + * Determine the length of the encoded value (minimum of 1). + */ + copy = value; + do { + len++; + sign = (unsigned char)(copy & 0x80); + copy >>= 8; + } while (copy); + + /* + * If this is an unsigned encoding, and the high bit of the last + * byte we counted was set, we need to add one to the length so + * we put a high-order zero byte in the encoding. + */ + if (sign && make_unsigned) + len++; + + /* + * Allocate the item (if necessary) and the data pointer within. + */ + dest = sec_asn1e_allocate_item (poolp, dest, len); + if (dest == NULL) + return NULL; + + /* + * Store the value, byte by byte, in the item. + */ + dest->Length = len; + while (len) { + dest->Data[--len] = (unsigned char)value; + value >>= 8; + } + PORT_Assert (value == 0); + + return dest; +} + + +SecAsn1Item * +SEC_ASN1EncodeInteger(PRArenaPool *poolp, SecAsn1Item *dest, long value) +{ + return sec_asn1e_integer (poolp, dest, (unsigned long) value, PR_FALSE); +} + + +extern SecAsn1Item * +SEC_ASN1EncodeUnsignedInteger(PRArenaPool *poolp, + SecAsn1Item *dest, unsigned long value) +{ + return sec_asn1e_integer (poolp, dest, value, PR_TRUE); +}