michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: /* michael@0: * Support for ENcoding ASN.1 data based on BER/DER (Basic/Distinguished michael@0: * Encoding Rules). michael@0: */ michael@0: michael@0: #include "secasn1.h" michael@0: michael@0: typedef enum { michael@0: beforeHeader, michael@0: duringContents, michael@0: duringGroup, michael@0: duringSequence, michael@0: afterContents, michael@0: afterImplicit, michael@0: afterInline, michael@0: afterPointer, michael@0: afterChoice, michael@0: notInUse michael@0: } sec_asn1e_parse_place; michael@0: michael@0: typedef enum { michael@0: allDone, michael@0: encodeError, michael@0: keepGoing, michael@0: needBytes michael@0: } sec_asn1e_parse_status; michael@0: michael@0: typedef enum { michael@0: hdr_normal = 0, /* encode header normally */ michael@0: hdr_any = 1, /* header already encoded in content */ michael@0: hdr_decoder = 2, /* template only used by decoder. skip it. */ michael@0: hdr_optional = 3, /* optional component, to be omitted */ michael@0: hdr_placeholder = 4 /* place holder for from_buf content */ michael@0: } sec_asn1e_hdr_encoding; michael@0: michael@0: typedef struct sec_asn1e_state_struct { michael@0: SEC_ASN1EncoderContext *top; michael@0: const SEC_ASN1Template *theTemplate; michael@0: void *src; michael@0: michael@0: struct sec_asn1e_state_struct *parent; /* aka prev */ michael@0: struct sec_asn1e_state_struct *child; /* aka next */ michael@0: michael@0: sec_asn1e_parse_place place; /* where we are in encoding process */ michael@0: michael@0: /* michael@0: * XXX explain the next fields as clearly as possible... michael@0: */ michael@0: unsigned char tag_modifiers; michael@0: unsigned char tag_number; michael@0: unsigned long underlying_kind; michael@0: michael@0: int depth; michael@0: michael@0: PRBool isExplicit, /* we are handling an isExplicit header */ michael@0: indefinite, /* need end-of-contents */ michael@0: is_string, /* encoding a simple string or an ANY */ michael@0: may_stream, /* when streaming, do indefinite encoding */ michael@0: optional, /* omit field if it has no contents */ michael@0: disallowStreaming; /* disallow streaming in all sub-templates */ michael@0: } sec_asn1e_state; michael@0: michael@0: /* michael@0: * An "outsider" will have an opaque pointer to this, created by calling michael@0: * SEC_ASN1EncoderStart(). It will be passed back in to all subsequent michael@0: * calls to SEC_ASN1EncoderUpdate() and related routines, and when done michael@0: * it is passed to SEC_ASN1EncoderFinish(). michael@0: */ michael@0: struct sec_EncoderContext_struct { michael@0: PLArenaPool *our_pool; /* for our internal allocs */ michael@0: michael@0: sec_asn1e_state *current; michael@0: sec_asn1e_parse_status status; michael@0: michael@0: PRBool streaming; michael@0: PRBool from_buf; michael@0: michael@0: SEC_ASN1NotifyProc notify_proc; /* call before/after handling field */ michael@0: void *notify_arg; /* argument to notify_proc */ michael@0: PRBool during_notify; /* true during call to notify_proc */ michael@0: michael@0: SEC_ASN1WriteProc output_proc; /* pass encoded bytes to this */ michael@0: void *output_arg; /* argument to that function */ michael@0: }; michael@0: michael@0: michael@0: static sec_asn1e_state * michael@0: sec_asn1e_push_state (SEC_ASN1EncoderContext *cx, michael@0: const SEC_ASN1Template *theTemplate, michael@0: const void *src, PRBool new_depth) michael@0: { michael@0: sec_asn1e_state *state, *new_state; michael@0: michael@0: state = cx->current; michael@0: michael@0: new_state = (sec_asn1e_state*)PORT_ArenaZAlloc (cx->our_pool, michael@0: sizeof(*new_state)); michael@0: if (new_state == NULL) { michael@0: cx->status = encodeError; michael@0: return NULL; michael@0: } michael@0: michael@0: new_state->top = cx; michael@0: new_state->parent = state; michael@0: new_state->theTemplate = theTemplate; michael@0: new_state->place = notInUse; michael@0: if (src != NULL) michael@0: new_state->src = (char *)src + theTemplate->offset; michael@0: michael@0: if (state != NULL) { michael@0: new_state->depth = state->depth; michael@0: if (new_depth) michael@0: new_state->depth++; michael@0: state->child = new_state; michael@0: } michael@0: michael@0: cx->current = new_state; michael@0: return new_state; michael@0: } michael@0: michael@0: michael@0: static void michael@0: sec_asn1e_scrub_state (sec_asn1e_state *state) michael@0: { michael@0: /* michael@0: * Some default "scrubbing". michael@0: * XXX right set of initializations? michael@0: */ michael@0: state->place = beforeHeader; michael@0: state->indefinite = PR_FALSE; michael@0: } michael@0: michael@0: michael@0: static void michael@0: sec_asn1e_notify_before (SEC_ASN1EncoderContext *cx, void *src, int depth) michael@0: { michael@0: if (cx->notify_proc == NULL) michael@0: return; michael@0: michael@0: cx->during_notify = PR_TRUE; michael@0: (* cx->notify_proc) (cx->notify_arg, PR_TRUE, src, depth); michael@0: cx->during_notify = PR_FALSE; michael@0: } michael@0: michael@0: michael@0: static void michael@0: sec_asn1e_notify_after (SEC_ASN1EncoderContext *cx, void *src, int depth) michael@0: { michael@0: if (cx->notify_proc == NULL) michael@0: return; michael@0: michael@0: cx->during_notify = PR_TRUE; michael@0: (* cx->notify_proc) (cx->notify_arg, PR_FALSE, src, depth); michael@0: cx->during_notify = PR_FALSE; michael@0: } michael@0: michael@0: michael@0: static sec_asn1e_state * michael@0: sec_asn1e_init_state_based_on_template (sec_asn1e_state *state) michael@0: { michael@0: PRBool isExplicit, is_string, may_stream, optional, universal; michael@0: PRBool disallowStreaming; michael@0: unsigned char tag_modifiers; michael@0: unsigned long encode_kind, under_kind; michael@0: unsigned long tag_number; michael@0: PRBool isInline = PR_FALSE; michael@0: michael@0: michael@0: encode_kind = state->theTemplate->kind; michael@0: michael@0: universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL) michael@0: ? PR_TRUE : PR_FALSE; michael@0: michael@0: isExplicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE; michael@0: encode_kind &= ~SEC_ASN1_EXPLICIT; michael@0: michael@0: optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE; michael@0: encode_kind &= ~SEC_ASN1_OPTIONAL; michael@0: michael@0: PORT_Assert (!(isExplicit && universal)); /* bad templates */ michael@0: michael@0: may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE; michael@0: encode_kind &= ~SEC_ASN1_MAY_STREAM; michael@0: michael@0: disallowStreaming = (encode_kind & SEC_ASN1_NO_STREAM) ? PR_TRUE : PR_FALSE; michael@0: encode_kind &= ~SEC_ASN1_NO_STREAM; michael@0: michael@0: /* Just clear this to get it out of the way; we do not need it here */ michael@0: encode_kind &= ~SEC_ASN1_DYNAMIC; michael@0: michael@0: if( encode_kind & SEC_ASN1_CHOICE ) { michael@0: under_kind = SEC_ASN1_CHOICE; michael@0: } else if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || michael@0: (!universal && !isExplicit)) { michael@0: const SEC_ASN1Template *subt; michael@0: void *src = NULL; michael@0: michael@0: PORT_Assert ((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0); michael@0: michael@0: sec_asn1e_scrub_state (state); michael@0: michael@0: if (encode_kind & SEC_ASN1_POINTER) { michael@0: src = *(void **)state->src; michael@0: state->place = afterPointer; michael@0: michael@0: if (src == NULL) { michael@0: /* michael@0: * If this is optional, but NULL, then the field does michael@0: * not need to be encoded. In this case we are done; michael@0: * we do not want to push a subtemplate. michael@0: */ michael@0: if (optional) michael@0: return state; michael@0: michael@0: /* michael@0: * XXX this is an error; need to figure out michael@0: * how to handle this michael@0: */ michael@0: } michael@0: } else { michael@0: src = state->src; michael@0: if (encode_kind & SEC_ASN1_INLINE) { michael@0: /* check that there are no extraneous bits */ michael@0: /* PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional); */ michael@0: state->place = afterInline; michael@0: isInline = PR_TRUE; michael@0: } else { michael@0: /* michael@0: * Save the tag modifiers and tag number here before moving michael@0: * on to the next state in case this is a member of a michael@0: * SEQUENCE OF michael@0: */ michael@0: state->tag_modifiers = (unsigned char) michael@0: (encode_kind & (SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK)); michael@0: state->tag_number = (unsigned char) michael@0: (encode_kind & SEC_ASN1_TAGNUM_MASK); michael@0: michael@0: state->place = afterImplicit; michael@0: state->optional = optional; michael@0: } michael@0: } michael@0: michael@0: subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->src, PR_TRUE); michael@0: if (isInline && optional) { michael@0: /* we only handle a very limited set of optional inline cases at michael@0: this time */ michael@0: if (PR_FALSE != SEC_ASN1IsTemplateSimple(subt)) { michael@0: /* we now know that the target is a SECItem*, so we can check michael@0: if the source contains one */ michael@0: SECItem* target = (SECItem*)state->src; michael@0: if (!target || !target->data || !target->len) { michael@0: /* no valid data to encode subtemplate */ michael@0: return state; michael@0: } michael@0: } else { michael@0: PORT_Assert(0); /* complex templates are not handled as michael@0: inline optional */ michael@0: } michael@0: } michael@0: state = sec_asn1e_push_state (state->top, subt, src, PR_FALSE); michael@0: if (state == NULL) michael@0: return state; michael@0: michael@0: if (universal) { michael@0: /* michael@0: * This is a POINTER or INLINE; just init based on that michael@0: * and we are done. michael@0: */ michael@0: return sec_asn1e_init_state_based_on_template (state); michael@0: } michael@0: michael@0: /* michael@0: * This is an implicit, non-universal (meaning, application-private michael@0: * or context-specific) field. This results in a "magic" tag but michael@0: * encoding based on the underlying type. We pushed a new state michael@0: * that is based on the subtemplate (the underlying type), but michael@0: * now we will sort of alias it to give it some of our properties michael@0: * (tag, optional status, etc.). michael@0: * michael@0: * NB: ALL the following flags in the subtemplate are disallowed michael@0: * and/or ignored: EXPLICIT, OPTIONAL, INNER, INLINE, POINTER. michael@0: */ michael@0: michael@0: under_kind = state->theTemplate->kind; michael@0: if ((under_kind & SEC_ASN1_MAY_STREAM) && !disallowStreaming) { michael@0: may_stream = PR_TRUE; michael@0: } michael@0: under_kind &= ~(SEC_ASN1_MAY_STREAM | SEC_ASN1_DYNAMIC); michael@0: } else { michael@0: under_kind = encode_kind; michael@0: } michael@0: michael@0: /* michael@0: * Sanity check that there are no unwanted bits marked in under_kind. michael@0: * These bits were either removed above (after we recorded them) or michael@0: * they simply should not be found (signalling a bad/broken template). michael@0: * XXX is this the right set of bits to test here? (i.e. need to add michael@0: * or remove any?) michael@0: */ michael@0: #define UNEXPECTED_FLAGS \ michael@0: (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_SKIP | SEC_ASN1_INNER | \ michael@0: SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM | SEC_ASN1_INLINE | SEC_ASN1_POINTER) michael@0: michael@0: PORT_Assert ((under_kind & UNEXPECTED_FLAGS) == 0); michael@0: under_kind &= ~UNEXPECTED_FLAGS; michael@0: #undef UNEXPECTED_FLAGS michael@0: michael@0: if (encode_kind & SEC_ASN1_ANY) { michael@0: PORT_Assert (encode_kind == under_kind); michael@0: tag_modifiers = 0; michael@0: tag_number = 0; michael@0: is_string = PR_TRUE; michael@0: } else { michael@0: tag_modifiers = (unsigned char) michael@0: (encode_kind & (SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK)); michael@0: /* michael@0: * XXX This assumes only single-octet identifiers. To handle michael@0: * the HIGH TAG form we would need to do some more work, especially michael@0: * in how to specify them in the template, because right now we michael@0: * do not provide a way to specify more *tag* bits in encode_kind. michael@0: */ michael@0: tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK; michael@0: michael@0: is_string = PR_FALSE; michael@0: switch (under_kind & SEC_ASN1_TAGNUM_MASK) { michael@0: case SEC_ASN1_SET: michael@0: /* michael@0: * XXX A plain old SET (as opposed to a SET OF) is not implemented. michael@0: * If it ever is, remove this assert... michael@0: */ michael@0: PORT_Assert ((under_kind & SEC_ASN1_GROUP) != 0); michael@0: /* fallthru */ michael@0: case SEC_ASN1_SEQUENCE: michael@0: tag_modifiers |= SEC_ASN1_CONSTRUCTED; michael@0: break; michael@0: case SEC_ASN1_BIT_STRING: michael@0: case SEC_ASN1_BMP_STRING: michael@0: case SEC_ASN1_GENERALIZED_TIME: michael@0: case SEC_ASN1_IA5_STRING: michael@0: case SEC_ASN1_OCTET_STRING: michael@0: case SEC_ASN1_PRINTABLE_STRING: michael@0: case SEC_ASN1_T61_STRING: michael@0: case SEC_ASN1_UNIVERSAL_STRING: michael@0: case SEC_ASN1_UTC_TIME: michael@0: case SEC_ASN1_UTF8_STRING: michael@0: case SEC_ASN1_VISIBLE_STRING: michael@0: /* michael@0: * We do not yet know if we will be constructing the string, michael@0: * so we have to wait to do this final tag modification. michael@0: */ michael@0: is_string = PR_TRUE; michael@0: break; michael@0: } michael@0: } michael@0: michael@0: state->tag_modifiers = tag_modifiers; michael@0: state->tag_number = (unsigned char)tag_number; michael@0: state->underlying_kind = under_kind; michael@0: state->isExplicit = isExplicit; michael@0: state->may_stream = may_stream; michael@0: state->is_string = is_string; michael@0: state->optional = optional; michael@0: state->disallowStreaming = disallowStreaming; michael@0: michael@0: sec_asn1e_scrub_state (state); michael@0: michael@0: return state; michael@0: } michael@0: michael@0: michael@0: static void michael@0: sec_asn1e_write_part (sec_asn1e_state *state, michael@0: const char *buf, unsigned long len, michael@0: SEC_ASN1EncodingPart part) michael@0: { michael@0: SEC_ASN1EncoderContext *cx; michael@0: michael@0: cx = state->top; michael@0: (* cx->output_proc) (cx->output_arg, buf, len, state->depth, part); michael@0: } michael@0: michael@0: michael@0: /* michael@0: * XXX This assumes only single-octet identifiers. To handle michael@0: * the HIGH TAG form we would need to modify this interface and michael@0: * teach it to properly encode the special form. michael@0: */ michael@0: static void michael@0: sec_asn1e_write_identifier_bytes (sec_asn1e_state *state, unsigned char value) michael@0: { michael@0: char byte; michael@0: michael@0: byte = (char) value; michael@0: sec_asn1e_write_part (state, &byte, 1, SEC_ASN1_Identifier); michael@0: } michael@0: michael@0: int michael@0: SEC_ASN1EncodeLength(unsigned char *buf,int value) { michael@0: int lenlen; michael@0: michael@0: lenlen = SEC_ASN1LengthLength (value); michael@0: if (lenlen == 1) { michael@0: buf[0] = value; michael@0: } else { michael@0: int i; michael@0: michael@0: i = lenlen - 1; michael@0: buf[0] = 0x80 | i; michael@0: while (i) { michael@0: buf[i--] = value; michael@0: value >>= 8; michael@0: } michael@0: PORT_Assert (value == 0); michael@0: } michael@0: return lenlen; michael@0: } michael@0: michael@0: static void michael@0: sec_asn1e_write_length_bytes (sec_asn1e_state *state, unsigned long value, michael@0: PRBool indefinite) michael@0: { michael@0: int lenlen; michael@0: unsigned char buf[sizeof(unsigned long) + 1]; michael@0: michael@0: if (indefinite) { michael@0: PORT_Assert (value == 0); michael@0: buf[0] = 0x80; michael@0: lenlen = 1; michael@0: } else { michael@0: lenlen = SEC_ASN1EncodeLength(buf,value); michael@0: } michael@0: michael@0: sec_asn1e_write_part (state, (char *) buf, lenlen, SEC_ASN1_Length); michael@0: } michael@0: michael@0: michael@0: static void michael@0: sec_asn1e_write_contents_bytes (sec_asn1e_state *state, michael@0: const char *buf, unsigned long len) michael@0: { michael@0: sec_asn1e_write_part (state, buf, len, SEC_ASN1_Contents); michael@0: } michael@0: michael@0: michael@0: static void michael@0: sec_asn1e_write_end_of_contents_bytes (sec_asn1e_state *state) michael@0: { michael@0: const char eoc[2] = {0, 0}; michael@0: michael@0: sec_asn1e_write_part (state, eoc, 2, SEC_ASN1_EndOfContents); michael@0: } michael@0: michael@0: static int michael@0: sec_asn1e_which_choice michael@0: ( michael@0: void *src, michael@0: const SEC_ASN1Template *theTemplate michael@0: ) michael@0: { michael@0: int rv; michael@0: unsigned int which = *(unsigned int *)src; michael@0: michael@0: for( rv = 1, theTemplate++; theTemplate->kind != 0; rv++, theTemplate++ ) { michael@0: if( which == theTemplate->size ) { michael@0: return rv; michael@0: } michael@0: } michael@0: michael@0: return 0; michael@0: } michael@0: michael@0: static unsigned long michael@0: sec_asn1e_contents_length (const SEC_ASN1Template *theTemplate, void *src, michael@0: PRBool disallowStreaming, PRBool insideIndefinite, michael@0: sec_asn1e_hdr_encoding *pHdrException) michael@0: { michael@0: unsigned long encode_kind, underlying_kind; michael@0: PRBool isExplicit, optional, universal, may_stream; michael@0: unsigned long len; michael@0: michael@0: /* michael@0: * This function currently calculates the length in all cases michael@0: * except the following: when writing out the contents of a michael@0: * template that belongs to a state where it was a sub-template michael@0: * with the SEC_ASN1_MAY_STREAM bit set and it's parent had the michael@0: * optional bit set. The information that the parent is optional michael@0: * and that we should return the length of 0 when that length is michael@0: * present since that means the optional field is no longer present. michael@0: * So we add the disallowStreaming flag which is passed in when michael@0: * writing the contents, but for all recursive calls to michael@0: * sec_asn1e_contents_length, we pass PR_FALSE, because this michael@0: * function correctly calculates the length for children templates michael@0: * from that point on. Confused yet? At least you didn't have michael@0: * to figure it out. ;) -javi michael@0: */ michael@0: encode_kind = theTemplate->kind; michael@0: michael@0: universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL) michael@0: ? PR_TRUE : PR_FALSE; michael@0: michael@0: isExplicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE; michael@0: encode_kind &= ~SEC_ASN1_EXPLICIT; michael@0: michael@0: optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE; michael@0: encode_kind &= ~SEC_ASN1_OPTIONAL; michael@0: michael@0: PORT_Assert (!(isExplicit && universal)); /* bad templates */ michael@0: michael@0: may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE; michael@0: encode_kind &= ~SEC_ASN1_MAY_STREAM; michael@0: michael@0: /* Just clear this to get it out of the way; we do not need it here */ michael@0: encode_kind &= ~SEC_ASN1_DYNAMIC; michael@0: michael@0: if (encode_kind & SEC_ASN1_NO_STREAM) { michael@0: disallowStreaming = PR_TRUE; michael@0: } michael@0: encode_kind &= ~SEC_ASN1_NO_STREAM; michael@0: michael@0: if (encode_kind & SEC_ASN1_CHOICE) { michael@0: void *src2; michael@0: int indx = sec_asn1e_which_choice(src, theTemplate); michael@0: if (0 == indx) { michael@0: /* XXX set an error? "choice not found" */ michael@0: /* state->top->status = encodeError; */ michael@0: return 0; michael@0: } michael@0: michael@0: src2 = (void *) michael@0: ((char *)src - theTemplate->offset + theTemplate[indx].offset); michael@0: michael@0: return sec_asn1e_contents_length(&theTemplate[indx], src2, michael@0: disallowStreaming, insideIndefinite, michael@0: pHdrException); michael@0: } michael@0: michael@0: if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || !universal) { michael@0: /* XXX any bits we want to disallow (PORT_Assert against) here? */ michael@0: theTemplate = SEC_ASN1GetSubtemplate (theTemplate, src, PR_TRUE); michael@0: if (encode_kind & SEC_ASN1_POINTER) { michael@0: src = *(void **)src; michael@0: if (src == NULL) { michael@0: *pHdrException = optional ? hdr_optional : hdr_normal; michael@0: return 0; michael@0: } michael@0: } else if (encode_kind & SEC_ASN1_INLINE) { michael@0: /* check that there are no extraneous bits */ michael@0: if (optional) { michael@0: if (PR_FALSE != SEC_ASN1IsTemplateSimple(theTemplate)) { michael@0: /* we now know that the target is a SECItem*, so we can check michael@0: if the source contains one */ michael@0: SECItem* target = (SECItem*)src; michael@0: if (!target || !target->data || !target->len) { michael@0: /* no valid data to encode subtemplate */ michael@0: *pHdrException = hdr_optional; michael@0: return 0; michael@0: } michael@0: } else { michael@0: PORT_Assert(0); /* complex templates not handled as inline michael@0: optional */ michael@0: } michael@0: } michael@0: } michael@0: michael@0: src = (char *)src + theTemplate->offset; michael@0: michael@0: /* recurse to find the length of the subtemplate */ michael@0: len = sec_asn1e_contents_length (theTemplate, src, disallowStreaming, michael@0: insideIndefinite, pHdrException); michael@0: if (len == 0 && optional) { michael@0: *pHdrException = hdr_optional; michael@0: } else if (isExplicit) { michael@0: if (*pHdrException == hdr_any) { michael@0: /* *we* do not want to add in a header, michael@0: ** but our caller still does. michael@0: */ michael@0: *pHdrException = hdr_normal; michael@0: } else if (*pHdrException == hdr_normal) { michael@0: /* if the inner content exists, our length is michael@0: * len(identifier) + len(length) + len(innercontent) michael@0: * XXX we currently assume len(identifier) == 1; michael@0: * to support a high-tag-number this would need to be smarter. michael@0: */ michael@0: len += 1 + SEC_ASN1LengthLength (len); michael@0: } michael@0: } michael@0: return len; michael@0: } michael@0: underlying_kind = encode_kind; michael@0: michael@0: /* This is only used in decoding; it plays no part in encoding. */ michael@0: if (underlying_kind & SEC_ASN1_SAVE) { michael@0: /* check that there are no extraneous bits */ michael@0: PORT_Assert (underlying_kind == SEC_ASN1_SAVE); michael@0: *pHdrException = hdr_decoder; michael@0: return 0; michael@0: } michael@0: michael@0: #define UNEXPECTED_FLAGS \ michael@0: (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_INLINE | SEC_ASN1_POINTER |\ michael@0: SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM | SEC_ASN1_SAVE | SEC_ASN1_SKIP) michael@0: michael@0: /* Having any of these bits is not expected here... */ michael@0: PORT_Assert ((underlying_kind & UNEXPECTED_FLAGS) == 0); michael@0: underlying_kind &= ~UNEXPECTED_FLAGS; michael@0: #undef UNEXPECTED_FLAGS michael@0: michael@0: if (underlying_kind & SEC_ASN1_CHOICE) { michael@0: void *src2; michael@0: int indx = sec_asn1e_which_choice(src, theTemplate); michael@0: if (0 == indx) { michael@0: /* XXX set an error? "choice not found" */ michael@0: /* state->top->status = encodeError; */ michael@0: return 0; michael@0: } michael@0: michael@0: src2 = (void *) michael@0: ((char *)src - theTemplate->offset + theTemplate[indx].offset); michael@0: len = sec_asn1e_contents_length(&theTemplate[indx], src2, michael@0: disallowStreaming, insideIndefinite, michael@0: pHdrException); michael@0: } else { michael@0: switch (underlying_kind) { michael@0: case SEC_ASN1_SEQUENCE_OF: michael@0: case SEC_ASN1_SET_OF: michael@0: { michael@0: const SEC_ASN1Template *tmpt; michael@0: void *sub_src; michael@0: unsigned long sub_len; michael@0: void **group; michael@0: michael@0: len = 0; michael@0: michael@0: group = *(void ***)src; michael@0: if (group == NULL) michael@0: break; michael@0: michael@0: tmpt = SEC_ASN1GetSubtemplate (theTemplate, src, PR_TRUE); michael@0: michael@0: for (; *group != NULL; group++) { michael@0: sub_src = (char *)(*group) + tmpt->offset; michael@0: sub_len = sec_asn1e_contents_length (tmpt, sub_src, michael@0: disallowStreaming, michael@0: insideIndefinite, michael@0: pHdrException); michael@0: len += sub_len; michael@0: /* michael@0: * XXX The 1 below is the presumed length of the identifier; michael@0: * to support a high-tag-number this would need to be smarter. michael@0: */ michael@0: if (*pHdrException == hdr_normal) michael@0: len += 1 + SEC_ASN1LengthLength (sub_len); michael@0: } michael@0: } michael@0: break; michael@0: michael@0: case SEC_ASN1_SEQUENCE: michael@0: case SEC_ASN1_SET: michael@0: { michael@0: const SEC_ASN1Template *tmpt; michael@0: void *sub_src; michael@0: unsigned long sub_len; michael@0: michael@0: len = 0; michael@0: for (tmpt = theTemplate + 1; tmpt->kind; tmpt++) { michael@0: sub_src = (char *)src + tmpt->offset; michael@0: sub_len = sec_asn1e_contents_length (tmpt, sub_src, michael@0: disallowStreaming, michael@0: insideIndefinite, michael@0: pHdrException); michael@0: len += sub_len; michael@0: /* michael@0: * XXX The 1 below is the presumed length of the identifier; michael@0: * to support a high-tag-number this would need to be smarter. michael@0: */ michael@0: if (*pHdrException == hdr_normal) michael@0: len += 1 + SEC_ASN1LengthLength (sub_len); michael@0: } michael@0: } michael@0: break; michael@0: michael@0: case SEC_ASN1_BIT_STRING: michael@0: /* convert bit length to byte */ michael@0: len = (((SECItem *)src)->len + 7) >> 3; michael@0: /* bit string contents involve an extra octet */ michael@0: if (len) michael@0: len++; michael@0: break; michael@0: michael@0: case SEC_ASN1_INTEGER: michael@0: /* ASN.1 INTEGERs are signed. michael@0: * If the source is an unsigned integer, the encoder will need michael@0: * to handle the conversion here. michael@0: */ michael@0: { michael@0: unsigned char *buf = ((SECItem *)src)->data; michael@0: SECItemType integerType = ((SECItem *)src)->type; michael@0: len = ((SECItem *)src)->len; michael@0: while (len > 0) { michael@0: if (*buf != 0) { michael@0: if (*buf & 0x80 && integerType == siUnsignedInteger) { michael@0: len++; /* leading zero needed to make number signed */ michael@0: } michael@0: break; /* reached beginning of number */ michael@0: } michael@0: if (len == 1) { michael@0: break; /* the number 0 */ michael@0: } michael@0: if (buf[1] & 0x80) { michael@0: break; /* leading zero already present */ michael@0: } michael@0: /* extraneous leading zero, keep going */ michael@0: buf++; michael@0: len--; michael@0: } michael@0: } michael@0: break; michael@0: michael@0: default: michael@0: len = ((SECItem *)src)->len; michael@0: break; michael@0: } /* end switch */ michael@0: michael@0: #ifndef WHAT_PROBLEM_DOES_THIS_SOLVE michael@0: /* if we're streaming, we may have a secitem w/len 0 as placeholder */ michael@0: if (!len && insideIndefinite && may_stream && !disallowStreaming) { michael@0: len = 1; michael@0: } michael@0: #endif michael@0: } /* end else */ michael@0: michael@0: if (len == 0 && optional) michael@0: *pHdrException = hdr_optional; michael@0: else if (underlying_kind == SEC_ASN1_ANY) michael@0: *pHdrException = hdr_any; michael@0: else michael@0: *pHdrException = hdr_normal; michael@0: michael@0: return len; michael@0: } michael@0: michael@0: michael@0: static void michael@0: sec_asn1e_write_header (sec_asn1e_state *state) michael@0: { michael@0: unsigned long contents_length; michael@0: unsigned char tag_number, tag_modifiers; michael@0: sec_asn1e_hdr_encoding hdrException = hdr_normal; michael@0: PRBool indefinite = PR_FALSE; michael@0: michael@0: PORT_Assert (state->place == beforeHeader); michael@0: michael@0: tag_number = state->tag_number; michael@0: tag_modifiers = state->tag_modifiers; michael@0: michael@0: if (state->underlying_kind == SEC_ASN1_ANY) { michael@0: state->place = duringContents; michael@0: return; michael@0: } michael@0: michael@0: if (state->underlying_kind & SEC_ASN1_CHOICE) { michael@0: int indx = sec_asn1e_which_choice(state->src, state->theTemplate); michael@0: if( 0 == indx ) { michael@0: /* XXX set an error? "choice not found" */ michael@0: state->top->status = encodeError; michael@0: return; michael@0: } michael@0: state->place = afterChoice; michael@0: state = sec_asn1e_push_state(state->top, &state->theTemplate[indx], michael@0: (char *)state->src - state->theTemplate->offset, michael@0: PR_TRUE); michael@0: if (state) { michael@0: /* michael@0: * Do the "before" field notification. michael@0: */ michael@0: sec_asn1e_notify_before (state->top, state->src, state->depth); michael@0: state = sec_asn1e_init_state_based_on_template (state); michael@0: } michael@0: return; michael@0: } michael@0: michael@0: /* The !isString test below is apparently intended to ensure that all michael@0: ** constructed types receive indefinite length encoding. michael@0: */ michael@0: indefinite = (PRBool) michael@0: (state->top->streaming && state->may_stream && michael@0: (state->top->from_buf || !state->is_string)); michael@0: michael@0: /* michael@0: * If we are doing a definite-length encoding, first we have to michael@0: * walk the data structure to calculate the entire contents length. michael@0: * If we are doing an indefinite-length encoding, we still need to michael@0: * know if the contents is: michael@0: * optional and to be omitted, or michael@0: * an ANY (header is pre-encoded), or michael@0: * a SAVE or some other kind of template used only by the decoder. michael@0: * So, we call this function either way. michael@0: */ michael@0: contents_length = sec_asn1e_contents_length (state->theTemplate, michael@0: state->src, michael@0: state->disallowStreaming, michael@0: indefinite, michael@0: &hdrException); michael@0: /* michael@0: * We might be told explicitly not to put out a header. michael@0: * But it can also be the case, via a pushed subtemplate, that michael@0: * sec_asn1e_contents_length could not know that this field is michael@0: * really optional. So check for that explicitly, too. michael@0: */ michael@0: if (hdrException != hdr_normal || michael@0: (contents_length == 0 && state->optional)) { michael@0: state->place = afterContents; michael@0: if (state->top->streaming && michael@0: state->may_stream && michael@0: state->top->from_buf) { michael@0: /* we did not find an optional indefinite string, so we michael@0: * don't encode it. However, if TakeFromBuf is on, we stop michael@0: * here anyway to give our caller a chance to intercept at the michael@0: * same point where we would stop if the field were present. michael@0: */ michael@0: state->top->status = needBytes; michael@0: } michael@0: return; michael@0: } michael@0: michael@0: if (indefinite) { michael@0: /* michael@0: * We need to put out an indefinite-length encoding. michael@0: * The only universal types that can be constructed are SETs, michael@0: * SEQUENCEs, and strings; so check that it is one of those, michael@0: * or that it is not universal (e.g. context-specific). michael@0: */ michael@0: state->indefinite = PR_TRUE; michael@0: PORT_Assert ((tag_number == SEC_ASN1_SET) michael@0: || (tag_number == SEC_ASN1_SEQUENCE) michael@0: || ((tag_modifiers & SEC_ASN1_CLASS_MASK) != 0) michael@0: || state->is_string); michael@0: tag_modifiers |= SEC_ASN1_CONSTRUCTED; michael@0: contents_length = 0; michael@0: } michael@0: michael@0: sec_asn1e_write_identifier_bytes (state, michael@0: (unsigned char)(tag_number | tag_modifiers)); michael@0: sec_asn1e_write_length_bytes (state, contents_length, state->indefinite); michael@0: michael@0: if (contents_length == 0 && !state->indefinite) { michael@0: /* michael@0: * If no real contents to encode, then we are done with this field. michael@0: */ michael@0: state->place = afterContents; michael@0: return; michael@0: } michael@0: michael@0: /* michael@0: * An EXPLICIT is nothing but an outer header, which we have already michael@0: * written. Now we need to do the inner header and contents. michael@0: */ michael@0: if (state->isExplicit) { michael@0: const SEC_ASN1Template *subt = michael@0: SEC_ASN1GetSubtemplate(state->theTemplate, state->src, PR_TRUE); michael@0: state->place = afterContents; michael@0: state = sec_asn1e_push_state (state->top, subt, state->src, PR_TRUE); michael@0: if (state != NULL) michael@0: state = sec_asn1e_init_state_based_on_template (state); michael@0: return; michael@0: } michael@0: michael@0: switch (state->underlying_kind) { michael@0: case SEC_ASN1_SET_OF: michael@0: case SEC_ASN1_SEQUENCE_OF: michael@0: /* michael@0: * We need to push a child to handle each member. michael@0: */ michael@0: { michael@0: void **group; michael@0: const SEC_ASN1Template *subt; michael@0: michael@0: group = *(void ***)state->src; michael@0: if (group == NULL || *group == NULL) { michael@0: /* michael@0: * Group is empty; we are done. michael@0: */ michael@0: state->place = afterContents; michael@0: return; michael@0: } michael@0: state->place = duringGroup; michael@0: subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->src, michael@0: PR_TRUE); michael@0: state = sec_asn1e_push_state (state->top, subt, *group, PR_TRUE); michael@0: if (state != NULL) michael@0: state = sec_asn1e_init_state_based_on_template (state); michael@0: } michael@0: break; michael@0: michael@0: case SEC_ASN1_SEQUENCE: michael@0: case SEC_ASN1_SET: michael@0: /* michael@0: * We need to push a child to handle the individual fields. michael@0: */ michael@0: state->place = duringSequence; michael@0: state = sec_asn1e_push_state (state->top, state->theTemplate + 1, michael@0: state->src, PR_TRUE); michael@0: if (state != NULL) { michael@0: /* michael@0: * Do the "before" field notification. michael@0: */ michael@0: sec_asn1e_notify_before (state->top, state->src, state->depth); michael@0: state = sec_asn1e_init_state_based_on_template (state); michael@0: } michael@0: break; michael@0: michael@0: default: michael@0: /* michael@0: * I think we do not need to do anything else. michael@0: * XXX Correct? michael@0: */ michael@0: state->place = duringContents; michael@0: break; michael@0: } michael@0: } michael@0: michael@0: michael@0: static void michael@0: sec_asn1e_write_contents_from_buf (sec_asn1e_state *state, michael@0: const char *buf, unsigned long len) michael@0: { michael@0: PORT_Assert (state->place == duringContents); michael@0: PORT_Assert (state->top->from_buf); michael@0: PORT_Assert (state->may_stream && !state->disallowStreaming); michael@0: michael@0: /* michael@0: * Probably they just turned on "take from buf", but have not michael@0: * yet given us any bytes. If there is nothing in the buffer michael@0: * then we have nothing to do but return and wait. michael@0: */ michael@0: if (buf == NULL || len == 0) { michael@0: state->top->status = needBytes; michael@0: return; michael@0: } michael@0: /* michael@0: * We are streaming, reading from a passed-in buffer. michael@0: * This means we are encoding a simple string or an ANY. michael@0: * For the former, we need to put out a substring, with its michael@0: * own identifier and length. For an ANY, we just write it michael@0: * out as is (our caller is required to ensure that it michael@0: * is a properly encoded entity). michael@0: */ michael@0: PORT_Assert (state->is_string); /* includes ANY */ michael@0: if (state->underlying_kind != SEC_ASN1_ANY) { michael@0: unsigned char identifier; michael@0: michael@0: /* michael@0: * Create the identifier based on underlying_kind. We cannot michael@0: * use tag_number and tag_modifiers because this can be an michael@0: * implicitly encoded field. In that case, the underlying michael@0: * substrings *are* encoded with their real tag. michael@0: */ michael@0: identifier = (unsigned char) michael@0: (state->underlying_kind & SEC_ASN1_TAG_MASK); michael@0: /* michael@0: * The underlying kind should just be a simple string; there michael@0: * should be no bits like CONTEXT_SPECIFIC or CONSTRUCTED set. michael@0: */ michael@0: PORT_Assert ((identifier & SEC_ASN1_TAGNUM_MASK) == identifier); michael@0: /* michael@0: * Write out the tag and length for the substring. michael@0: */ michael@0: sec_asn1e_write_identifier_bytes (state, identifier); michael@0: if (state->underlying_kind == SEC_ASN1_BIT_STRING) { michael@0: char byte; michael@0: /* michael@0: * Assume we have a length in bytes but we need to output michael@0: * a proper bit string. This interface only works for bit michael@0: * strings that are full multiples of 8. If support for michael@0: * real, variable length bit strings is needed then the michael@0: * caller will have to know to pass in a bit length instead michael@0: * of a byte length and then this code will have to michael@0: * perform the encoding necessary (length written is length michael@0: * in bytes plus 1, and the first octet of string is the michael@0: * number of bits remaining between the end of the bit michael@0: * string and the next byte boundary). michael@0: */ michael@0: sec_asn1e_write_length_bytes (state, len + 1, PR_FALSE); michael@0: byte = 0; michael@0: sec_asn1e_write_contents_bytes (state, &byte, 1); michael@0: } else { michael@0: sec_asn1e_write_length_bytes (state, len, PR_FALSE); michael@0: } michael@0: } michael@0: sec_asn1e_write_contents_bytes (state, buf, len); michael@0: state->top->status = needBytes; michael@0: } michael@0: michael@0: static void michael@0: sec_asn1e_write_contents (sec_asn1e_state *state) michael@0: { michael@0: unsigned long len = 0; michael@0: michael@0: PORT_Assert (state->place == duringContents); michael@0: michael@0: switch (state->underlying_kind) { michael@0: case SEC_ASN1_SET: michael@0: case SEC_ASN1_SEQUENCE: michael@0: PORT_Assert (0); michael@0: break; michael@0: michael@0: case SEC_ASN1_BIT_STRING: michael@0: { michael@0: SECItem *item; michael@0: char rem; michael@0: michael@0: item = (SECItem *)state->src; michael@0: len = (item->len + 7) >> 3; michael@0: rem = (unsigned char)((len << 3) - item->len); /* remaining bits */ michael@0: sec_asn1e_write_contents_bytes (state, &rem, 1); michael@0: sec_asn1e_write_contents_bytes (state, (char *) item->data, len); michael@0: } michael@0: break; michael@0: michael@0: case SEC_ASN1_BMP_STRING: michael@0: /* The number of bytes must be divisable by 2 */ michael@0: if ((((SECItem *)state->src)->len) % 2) { michael@0: SEC_ASN1EncoderContext *cx; michael@0: michael@0: cx = state->top; michael@0: cx->status = encodeError; michael@0: break; michael@0: } michael@0: /* otherwise, fall through to write the content */ michael@0: goto process_string; michael@0: michael@0: case SEC_ASN1_UNIVERSAL_STRING: michael@0: /* The number of bytes must be divisable by 4 */ michael@0: if ((((SECItem *)state->src)->len) % 4) { michael@0: SEC_ASN1EncoderContext *cx; michael@0: michael@0: cx = state->top; michael@0: cx->status = encodeError; michael@0: break; michael@0: } michael@0: /* otherwise, fall through to write the content */ michael@0: goto process_string; michael@0: michael@0: case SEC_ASN1_INTEGER: michael@0: /* ASN.1 INTEGERs are signed. If the source is an unsigned michael@0: * integer, the encoder will need to handle the conversion here. michael@0: */ michael@0: { michael@0: unsigned int blen; michael@0: unsigned char *buf; michael@0: SECItemType integerType; michael@0: blen = ((SECItem *)state->src)->len; michael@0: buf = ((SECItem *)state->src)->data; michael@0: integerType = ((SECItem *)state->src)->type; michael@0: while (blen > 0) { michael@0: if (*buf & 0x80 && integerType == siUnsignedInteger) { michael@0: char zero = 0; /* write a leading 0 */ michael@0: sec_asn1e_write_contents_bytes(state, &zero, 1); michael@0: /* and then the remaining buffer */ michael@0: sec_asn1e_write_contents_bytes(state, michael@0: (char *)buf, blen); michael@0: break; michael@0: } michael@0: /* Check three possibilities: michael@0: * 1. No leading zeros, msb of MSB is not 1; michael@0: * 2. The number is zero itself; michael@0: * 3. Encoding a signed integer with a leading zero, michael@0: * keep the zero so that the number is positive. michael@0: */ michael@0: if (*buf != 0 || michael@0: blen == 1 || michael@0: (buf[1] & 0x80 && integerType != siUnsignedInteger) ) michael@0: { michael@0: sec_asn1e_write_contents_bytes(state, michael@0: (char *)buf, blen); michael@0: break; michael@0: } michael@0: /* byte is 0, continue */ michael@0: buf++; michael@0: blen--; michael@0: } michael@0: } michael@0: /* done with this content */ michael@0: break; michael@0: michael@0: process_string: michael@0: default: michael@0: { michael@0: SECItem *item; michael@0: michael@0: item = (SECItem *)state->src; michael@0: sec_asn1e_write_contents_bytes (state, (char *) item->data, michael@0: item->len); michael@0: } michael@0: break; michael@0: } michael@0: state->place = afterContents; michael@0: } michael@0: michael@0: /* michael@0: * We are doing a SET OF or SEQUENCE OF, and have just finished an item. michael@0: */ michael@0: static void michael@0: sec_asn1e_next_in_group (sec_asn1e_state *state) michael@0: { michael@0: sec_asn1e_state *child; michael@0: void **group; michael@0: void *member; michael@0: michael@0: PORT_Assert (state->place == duringGroup); michael@0: PORT_Assert (state->child != NULL); michael@0: michael@0: child = state->child; michael@0: michael@0: group = *(void ***)state->src; michael@0: michael@0: /* michael@0: * Find placement of current item. michael@0: */ michael@0: member = (char *)(state->child->src) - child->theTemplate->offset; michael@0: while (*group != member) michael@0: group++; michael@0: michael@0: /* michael@0: * Move forward to next item. michael@0: */ michael@0: group++; michael@0: if (*group == NULL) { michael@0: /* michael@0: * That was our last one; we are done now. michael@0: */ michael@0: child->place = notInUse; michael@0: state->place = afterContents; michael@0: return; michael@0: } michael@0: child->src = (char *)(*group) + child->theTemplate->offset; michael@0: michael@0: /* michael@0: * Re-"push" child. michael@0: */ michael@0: sec_asn1e_scrub_state (child); michael@0: state->top->current = child; michael@0: } michael@0: michael@0: michael@0: /* michael@0: * We are moving along through a sequence; move forward by one, michael@0: * (detecting end-of-sequence when it happens). michael@0: */ michael@0: static void michael@0: sec_asn1e_next_in_sequence (sec_asn1e_state *state) michael@0: { michael@0: sec_asn1e_state *child; michael@0: michael@0: PORT_Assert (state->place == duringSequence); michael@0: PORT_Assert (state->child != NULL); michael@0: michael@0: child = state->child; michael@0: michael@0: /* michael@0: * Do the "after" field notification. michael@0: */ michael@0: sec_asn1e_notify_after (state->top, child->src, child->depth); michael@0: michael@0: /* michael@0: * Move forward. michael@0: */ michael@0: child->theTemplate++; michael@0: if (child->theTemplate->kind == 0) { michael@0: /* michael@0: * We are done with this sequence. michael@0: */ michael@0: child->place = notInUse; michael@0: state->place = afterContents; michael@0: return; michael@0: } michael@0: michael@0: /* michael@0: * Reset state and push. michael@0: */ michael@0: michael@0: child->src = (char *)state->src + child->theTemplate->offset; michael@0: michael@0: /* michael@0: * Do the "before" field notification. michael@0: */ michael@0: sec_asn1e_notify_before (state->top, child->src, child->depth); michael@0: michael@0: state->top->current = child; michael@0: (void) sec_asn1e_init_state_based_on_template (child); michael@0: } michael@0: michael@0: michael@0: static void michael@0: sec_asn1e_after_contents (sec_asn1e_state *state) michael@0: { michael@0: PORT_Assert (state->place == afterContents); michael@0: michael@0: if (state->indefinite) michael@0: sec_asn1e_write_end_of_contents_bytes (state); michael@0: michael@0: /* michael@0: * Just make my parent be the current state. It will then clean michael@0: * up after me and free me (or reuse me). michael@0: */ michael@0: state->top->current = state->parent; michael@0: } michael@0: michael@0: michael@0: /* michael@0: * This function is called whether or not we are streaming; if we michael@0: * *are* streaming, our caller can also instruct us to take bytes michael@0: * from the passed-in buffer (at buf, for length len, which is likely michael@0: * bytes but could even mean bits if the current field is a bit string). michael@0: * If we have been so instructed, we will gobble up bytes from there michael@0: * (rather than from our src structure) and output them, and then michael@0: * we will just return, expecting to be called again -- either with michael@0: * more bytes or after our caller has instructed us that we are done michael@0: * (for now) with the buffer. michael@0: */ michael@0: SECStatus michael@0: SEC_ASN1EncoderUpdate (SEC_ASN1EncoderContext *cx, michael@0: const char *buf, unsigned long len) michael@0: { michael@0: sec_asn1e_state *state; michael@0: michael@0: if (cx->status == needBytes) { michael@0: cx->status = keepGoing; michael@0: } michael@0: michael@0: while (cx->status == keepGoing) { michael@0: state = cx->current; michael@0: switch (state->place) { michael@0: case beforeHeader: michael@0: sec_asn1e_write_header (state); michael@0: break; michael@0: case duringContents: michael@0: if (cx->from_buf) michael@0: sec_asn1e_write_contents_from_buf (state, buf, len); michael@0: else michael@0: sec_asn1e_write_contents (state); michael@0: break; michael@0: case duringGroup: michael@0: sec_asn1e_next_in_group (state); michael@0: break; michael@0: case duringSequence: michael@0: sec_asn1e_next_in_sequence (state); michael@0: break; michael@0: case afterContents: michael@0: sec_asn1e_after_contents (state); michael@0: break; michael@0: case afterImplicit: michael@0: case afterInline: michael@0: case afterPointer: michael@0: case afterChoice: michael@0: /* michael@0: * These states are more documentation than anything. michael@0: * They just need to force a pop. michael@0: */ michael@0: PORT_Assert (!state->indefinite); michael@0: state->place = afterContents; michael@0: break; michael@0: case notInUse: michael@0: default: michael@0: /* This is not an error, but rather a plain old BUG! */ michael@0: PORT_Assert (0); michael@0: cx->status = encodeError; michael@0: break; michael@0: } michael@0: michael@0: if (cx->status == encodeError) michael@0: break; michael@0: michael@0: /* It might have changed, so we have to update our local copy. */ michael@0: state = cx->current; michael@0: michael@0: /* If it is NULL, we have popped all the way to the top. */ michael@0: if (state == NULL) { michael@0: cx->status = allDone; michael@0: break; michael@0: } michael@0: } michael@0: michael@0: if (cx->status == encodeError) { michael@0: return SECFailure; michael@0: } michael@0: michael@0: return SECSuccess; michael@0: } michael@0: michael@0: michael@0: void michael@0: SEC_ASN1EncoderFinish (SEC_ASN1EncoderContext *cx) michael@0: { michael@0: /* michael@0: * XXX anything else that needs to be finished? michael@0: */ michael@0: michael@0: PORT_FreeArena (cx->our_pool, PR_FALSE); michael@0: } michael@0: michael@0: michael@0: SEC_ASN1EncoderContext * michael@0: SEC_ASN1EncoderStart (const void *src, const SEC_ASN1Template *theTemplate, michael@0: SEC_ASN1WriteProc output_proc, void *output_arg) michael@0: { michael@0: PLArenaPool *our_pool; michael@0: SEC_ASN1EncoderContext *cx; michael@0: michael@0: our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE); michael@0: if (our_pool == NULL) michael@0: return NULL; michael@0: michael@0: cx = (SEC_ASN1EncoderContext*)PORT_ArenaZAlloc (our_pool, sizeof(*cx)); michael@0: if (cx == NULL) { michael@0: PORT_FreeArena (our_pool, PR_FALSE); michael@0: return NULL; michael@0: } michael@0: michael@0: cx->our_pool = our_pool; michael@0: cx->output_proc = output_proc; michael@0: cx->output_arg = output_arg; michael@0: michael@0: cx->status = keepGoing; michael@0: michael@0: if (sec_asn1e_push_state(cx, theTemplate, src, PR_FALSE) == NULL michael@0: || sec_asn1e_init_state_based_on_template (cx->current) == NULL) { michael@0: /* michael@0: * Trouble initializing (probably due to failed allocations) michael@0: * requires that we just give up. michael@0: */ michael@0: PORT_FreeArena (our_pool, PR_FALSE); michael@0: return NULL; michael@0: } michael@0: michael@0: return cx; michael@0: } michael@0: michael@0: michael@0: /* michael@0: * XXX Do we need a FilterProc, too? michael@0: */ michael@0: michael@0: michael@0: void michael@0: SEC_ASN1EncoderSetNotifyProc (SEC_ASN1EncoderContext *cx, michael@0: SEC_ASN1NotifyProc fn, void *arg) michael@0: { michael@0: cx->notify_proc = fn; michael@0: cx->notify_arg = arg; michael@0: } michael@0: michael@0: michael@0: void michael@0: SEC_ASN1EncoderClearNotifyProc (SEC_ASN1EncoderContext *cx) michael@0: { michael@0: cx->notify_proc = NULL; michael@0: cx->notify_arg = NULL; /* not necessary; just being clean */ michael@0: } michael@0: michael@0: void michael@0: SEC_ASN1EncoderAbort(SEC_ASN1EncoderContext *cx, int error) michael@0: { michael@0: PORT_Assert(cx); michael@0: PORT_SetError(error); michael@0: cx->status = encodeError; michael@0: } michael@0: michael@0: void michael@0: SEC_ASN1EncoderSetStreaming (SEC_ASN1EncoderContext *cx) michael@0: { michael@0: /* XXX is there a way to check that we are "between" fields here? */ michael@0: michael@0: cx->streaming = PR_TRUE; michael@0: } michael@0: michael@0: michael@0: void michael@0: SEC_ASN1EncoderClearStreaming (SEC_ASN1EncoderContext *cx) michael@0: { michael@0: /* XXX is there a way to check that we are "between" fields here? */ michael@0: michael@0: cx->streaming = PR_FALSE; michael@0: } michael@0: michael@0: michael@0: void michael@0: SEC_ASN1EncoderSetTakeFromBuf (SEC_ASN1EncoderContext *cx) michael@0: { michael@0: /* michael@0: * XXX is there a way to check that we are "between" fields here? this michael@0: * needs to include a check for being in between groups of items in michael@0: * a SET_OF or SEQUENCE_OF. michael@0: */ michael@0: PORT_Assert (cx->streaming); michael@0: michael@0: cx->from_buf = PR_TRUE; michael@0: } michael@0: michael@0: michael@0: void michael@0: SEC_ASN1EncoderClearTakeFromBuf (SEC_ASN1EncoderContext *cx) michael@0: { michael@0: /* we should actually be taking from buf *now* */ michael@0: PORT_Assert (cx->from_buf); michael@0: if (! cx->from_buf) /* if not, just do nothing */ michael@0: return; michael@0: michael@0: cx->from_buf = PR_FALSE; michael@0: michael@0: if (cx->status == needBytes) { michael@0: cx->status = keepGoing; michael@0: cx->current->place = afterContents; michael@0: } michael@0: } michael@0: michael@0: michael@0: SECStatus michael@0: SEC_ASN1Encode (const void *src, const SEC_ASN1Template *theTemplate, michael@0: SEC_ASN1WriteProc output_proc, void *output_arg) michael@0: { michael@0: SEC_ASN1EncoderContext *ecx; michael@0: SECStatus rv; michael@0: michael@0: ecx = SEC_ASN1EncoderStart (src, theTemplate, output_proc, output_arg); michael@0: if (ecx == NULL) michael@0: return SECFailure; michael@0: michael@0: rv = SEC_ASN1EncoderUpdate (ecx, NULL, 0); michael@0: michael@0: SEC_ASN1EncoderFinish (ecx); michael@0: return rv; michael@0: } michael@0: michael@0: michael@0: /* michael@0: * XXX depth and data_kind are unused; is there a PC way to silence warnings? michael@0: * (I mean "politically correct", not anything to do with intel/win platform) michael@0: */ michael@0: static void michael@0: sec_asn1e_encode_item_count (void *arg, const char *buf, unsigned long len, michael@0: int depth, SEC_ASN1EncodingPart data_kind) michael@0: { michael@0: unsigned long *count; michael@0: michael@0: count = (unsigned long*)arg; michael@0: PORT_Assert (count != NULL); michael@0: michael@0: *count += len; michael@0: } michael@0: michael@0: michael@0: /* XXX depth and data_kind are unused; is there a PC way to silence warnings? */ michael@0: static void michael@0: sec_asn1e_encode_item_store (void *arg, const char *buf, unsigned long len, michael@0: int depth, SEC_ASN1EncodingPart data_kind) michael@0: { michael@0: SECItem *dest; michael@0: michael@0: dest = (SECItem*)arg; michael@0: PORT_Assert (dest != NULL); michael@0: michael@0: PORT_Memcpy (dest->data + dest->len, buf, len); michael@0: dest->len += len; michael@0: } michael@0: michael@0: michael@0: /* michael@0: * Allocate an entire SECItem, or just the data part of it, to hold michael@0: * "len" bytes of stuff. Allocate from the given pool, if specified, michael@0: * otherwise just do a vanilla PORT_Alloc. michael@0: * michael@0: * XXX This seems like a reasonable general-purpose function (for SECITEM_)? michael@0: */ michael@0: static SECItem * michael@0: sec_asn1e_allocate_item (PLArenaPool *poolp, SECItem *dest, unsigned long len) michael@0: { michael@0: if (poolp != NULL) { michael@0: void *release; michael@0: michael@0: release = PORT_ArenaMark (poolp); michael@0: if (dest == NULL) michael@0: dest = (SECItem*)PORT_ArenaAlloc (poolp, sizeof(SECItem)); michael@0: if (dest != NULL) { michael@0: dest->data = (unsigned char*)PORT_ArenaAlloc (poolp, len); michael@0: if (dest->data == NULL) { michael@0: dest = NULL; michael@0: } michael@0: } michael@0: if (dest == NULL) { michael@0: /* one or both allocations failed; release everything */ michael@0: PORT_ArenaRelease (poolp, release); michael@0: } else { michael@0: /* everything okay; unmark the arena */ michael@0: PORT_ArenaUnmark (poolp, release); michael@0: } michael@0: } else { michael@0: SECItem *indest; michael@0: michael@0: indest = dest; michael@0: if (dest == NULL) michael@0: dest = (SECItem*)PORT_Alloc (sizeof(SECItem)); michael@0: if (dest != NULL) { michael@0: dest->type = siBuffer; michael@0: dest->data = (unsigned char*)PORT_Alloc (len); michael@0: if (dest->data == NULL) { michael@0: if (indest == NULL) michael@0: PORT_Free (dest); michael@0: dest = NULL; michael@0: } michael@0: } michael@0: } michael@0: michael@0: return dest; michael@0: } michael@0: michael@0: michael@0: SECItem * michael@0: SEC_ASN1EncodeItem (PLArenaPool *poolp, SECItem *dest, const void *src, michael@0: const SEC_ASN1Template *theTemplate) michael@0: { michael@0: unsigned long encoding_length; michael@0: SECStatus rv; michael@0: michael@0: PORT_Assert (dest == NULL || dest->data == NULL); michael@0: michael@0: encoding_length = 0; michael@0: rv = SEC_ASN1Encode (src, theTemplate, michael@0: sec_asn1e_encode_item_count, &encoding_length); michael@0: if (rv != SECSuccess) michael@0: return NULL; michael@0: michael@0: dest = sec_asn1e_allocate_item (poolp, dest, encoding_length); michael@0: if (dest == NULL) michael@0: return NULL; michael@0: michael@0: /* XXX necessary? This really just checks for a bug in the allocate fn */ michael@0: PORT_Assert (dest->data != NULL); michael@0: if (dest->data == NULL) michael@0: return NULL; michael@0: michael@0: dest->len = 0; michael@0: (void) SEC_ASN1Encode (src, theTemplate, sec_asn1e_encode_item_store, dest); michael@0: michael@0: PORT_Assert (encoding_length == dest->len); michael@0: return dest; michael@0: } michael@0: michael@0: michael@0: static SECItem * michael@0: sec_asn1e_integer(PLArenaPool *poolp, SECItem *dest, unsigned long value, michael@0: PRBool is_unsigned) michael@0: { michael@0: unsigned long copy; michael@0: unsigned char sign; michael@0: int len = 0; michael@0: michael@0: /* michael@0: * Determine the length of the encoded value (minimum of 1). michael@0: */ michael@0: copy = value; michael@0: do { michael@0: len++; michael@0: sign = (unsigned char)(copy & 0x80); michael@0: copy >>= 8; michael@0: } while (copy); michael@0: michael@0: /* michael@0: * If 'value' is non-negative, and the high bit of the last michael@0: * byte we counted was set, we need to add one to the length so michael@0: * we put a high-order zero byte in the encoding. michael@0: */ michael@0: if (sign && (is_unsigned || (long)value >= 0)) michael@0: len++; michael@0: michael@0: /* michael@0: * Allocate the item (if necessary) and the data pointer within. michael@0: */ michael@0: dest = sec_asn1e_allocate_item (poolp, dest, len); michael@0: if (dest == NULL) michael@0: return NULL; michael@0: michael@0: /* michael@0: * Store the value, byte by byte, in the item. michael@0: */ michael@0: dest->len = len; michael@0: while (len) { michael@0: dest->data[--len] = (unsigned char)value; michael@0: value >>= 8; michael@0: } michael@0: PORT_Assert (value == 0); michael@0: michael@0: return dest; michael@0: } michael@0: michael@0: michael@0: SECItem * michael@0: SEC_ASN1EncodeInteger(PLArenaPool *poolp, SECItem *dest, long value) michael@0: { michael@0: return sec_asn1e_integer (poolp, dest, (unsigned long) value, PR_FALSE); michael@0: } michael@0: michael@0: michael@0: SECItem * michael@0: SEC_ASN1EncodeUnsignedInteger(PLArenaPool *poolp, michael@0: SECItem *dest, unsigned long value) michael@0: { michael@0: return sec_asn1e_integer (poolp, dest, value, PR_TRUE); michael@0: }