michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: #include "secder.h" michael@0: #include "secerr.h" michael@0: michael@0: #if 0 michael@0: /* michael@0: * Generic templates for individual/simple items. michael@0: */ michael@0: michael@0: DERTemplate SECAnyTemplate[] = { michael@0: { DER_ANY, michael@0: 0, NULL, sizeof(SECItem) } michael@0: }; michael@0: michael@0: DERTemplate SECBitStringTemplate[] = { michael@0: { DER_BIT_STRING, michael@0: 0, NULL, sizeof(SECItem) } michael@0: }; michael@0: michael@0: DERTemplate SECBooleanTemplate[] = { michael@0: { DER_BOOLEAN, michael@0: 0, NULL, sizeof(SECItem) } michael@0: }; michael@0: michael@0: DERTemplate SECIA5StringTemplate[] = { michael@0: { DER_IA5_STRING, michael@0: 0, NULL, sizeof(SECItem) } michael@0: }; michael@0: michael@0: DERTemplate SECIntegerTemplate[] = { michael@0: { DER_INTEGER, michael@0: 0, NULL, sizeof(SECItem) } michael@0: }; michael@0: michael@0: DERTemplate SECNullTemplate[] = { michael@0: { DER_NULL, michael@0: 0, NULL, sizeof(SECItem) } michael@0: }; michael@0: michael@0: DERTemplate SECObjectIDTemplate[] = { michael@0: { DER_OBJECT_ID, michael@0: 0, NULL, sizeof(SECItem) } michael@0: }; michael@0: michael@0: DERTemplate SECOctetStringTemplate[] = { michael@0: { DER_OCTET_STRING, michael@0: 0, NULL, sizeof(SECItem) } michael@0: }; michael@0: michael@0: DERTemplate SECPrintableStringTemplate[] = { michael@0: { DER_PRINTABLE_STRING, michael@0: 0, NULL, sizeof(SECItem) } michael@0: }; michael@0: michael@0: DERTemplate SECT61StringTemplate[] = { michael@0: { DER_T61_STRING, michael@0: 0, NULL, sizeof(SECItem) } michael@0: }; michael@0: michael@0: DERTemplate SECUTCTimeTemplate[] = { michael@0: { DER_UTC_TIME, michael@0: 0, NULL, sizeof(SECItem) } michael@0: }; michael@0: michael@0: #endif michael@0: michael@0: static int michael@0: header_length(DERTemplate *dtemplate, PRUint32 contents_len) michael@0: { michael@0: PRUint32 len; michael@0: unsigned long encode_kind, under_kind; michael@0: PRBool explicit, optional, universal; michael@0: michael@0: encode_kind = dtemplate->kind; michael@0: michael@0: explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE; michael@0: optional = (encode_kind & DER_OPTIONAL) ? PR_TRUE : PR_FALSE; michael@0: universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL) michael@0: ? PR_TRUE : PR_FALSE; michael@0: michael@0: PORT_Assert (!(explicit && universal)); /* bad templates */ michael@0: michael@0: if (encode_kind & DER_POINTER) { michael@0: if (dtemplate->sub != NULL) { michael@0: under_kind = dtemplate->sub->kind; michael@0: if (universal) { michael@0: encode_kind = under_kind; michael@0: } michael@0: } else if (universal) { michael@0: under_kind = encode_kind & ~DER_POINTER; michael@0: } else { michael@0: under_kind = dtemplate->arg; michael@0: } michael@0: } else if (encode_kind & DER_INLINE) { michael@0: PORT_Assert (dtemplate->sub != NULL); michael@0: under_kind = dtemplate->sub->kind; michael@0: if (universal) { michael@0: encode_kind = under_kind; michael@0: } michael@0: } else if (universal) { michael@0: under_kind = encode_kind; michael@0: } else { michael@0: under_kind = dtemplate->arg; michael@0: } michael@0: michael@0: /* This is only used in decoding; it plays no part in encoding. */ michael@0: if (under_kind & DER_DERPTR) michael@0: return 0; michael@0: michael@0: /* No header at all for an "empty" optional. */ michael@0: if ((contents_len == 0) && optional) michael@0: return 0; michael@0: michael@0: /* And no header for a full DER_ANY. */ michael@0: if (encode_kind & DER_ANY) michael@0: return 0; michael@0: michael@0: /* michael@0: * The common case: one octet for identifier and as many octets michael@0: * as necessary to hold the content length. michael@0: */ michael@0: len = 1 + DER_LengthLength(contents_len); michael@0: michael@0: /* Account for the explicit wrapper, if necessary. */ michael@0: if (explicit) { michael@0: #if 0 /* michael@0: * Well, I was trying to do something useful, but these michael@0: * assertions are too restrictive on valid templates. michael@0: * I wanted to make sure that the top-level "kind" of michael@0: * a template does not also specify DER_EXPLICIT, which michael@0: * should only modify a component field. Maybe later michael@0: * I can figure out a better way to detect such a problem, michael@0: * but for now I must remove these checks altogether. michael@0: */ michael@0: /* michael@0: * This modifier applies only to components of a set or sequence; michael@0: * it should never be used on a set/sequence itself -- confirm. michael@0: */ michael@0: PORT_Assert (under_kind != DER_SEQUENCE); michael@0: PORT_Assert (under_kind != DER_SET); michael@0: #endif michael@0: michael@0: len += 1 + DER_LengthLength(len + contents_len); michael@0: } michael@0: michael@0: return len; michael@0: } michael@0: michael@0: michael@0: static PRUint32 michael@0: contents_length(DERTemplate *dtemplate, void *src) michael@0: { michael@0: PRUint32 len; michael@0: unsigned long encode_kind, under_kind; michael@0: PRBool universal; michael@0: michael@0: michael@0: PORT_Assert (src != NULL); michael@0: michael@0: encode_kind = dtemplate->kind; michael@0: michael@0: universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL) michael@0: ? PR_TRUE : PR_FALSE; michael@0: encode_kind &= ~DER_OPTIONAL; michael@0: michael@0: if (encode_kind & DER_POINTER) { michael@0: src = *(void **)src; michael@0: if (src == NULL) { michael@0: return 0; michael@0: } michael@0: if (dtemplate->sub != NULL) { michael@0: dtemplate = dtemplate->sub; michael@0: under_kind = dtemplate->kind; michael@0: src = (void *)((char *)src + dtemplate->offset); michael@0: } else if (universal) { michael@0: under_kind = encode_kind & ~DER_POINTER; michael@0: } else { michael@0: under_kind = dtemplate->arg; michael@0: } michael@0: } else if (encode_kind & DER_INLINE) { michael@0: PORT_Assert (dtemplate->sub != NULL); michael@0: dtemplate = dtemplate->sub; michael@0: under_kind = dtemplate->kind; michael@0: src = (void *)((char *)src + dtemplate->offset); michael@0: } else if (universal) { michael@0: under_kind = encode_kind; michael@0: } else { michael@0: under_kind = dtemplate->arg; michael@0: } michael@0: michael@0: /* Having any of these bits is not expected here... */ michael@0: PORT_Assert ((under_kind & (DER_EXPLICIT | DER_INLINE | DER_OPTIONAL michael@0: | DER_POINTER | DER_SKIP)) == 0); michael@0: michael@0: /* This is only used in decoding; it plays no part in encoding. */ michael@0: if (under_kind & DER_DERPTR) michael@0: return 0; michael@0: michael@0: if (under_kind & DER_INDEFINITE) { michael@0: PRUint32 sub_len; michael@0: void **indp = *(void ***)src; michael@0: michael@0: if (indp == NULL) michael@0: return 0; michael@0: michael@0: len = 0; michael@0: under_kind &= ~DER_INDEFINITE; michael@0: michael@0: if (under_kind == DER_SET || under_kind == DER_SEQUENCE) { michael@0: DERTemplate *tmpt = dtemplate->sub; michael@0: PORT_Assert (tmpt != NULL); michael@0: michael@0: for (; *indp != NULL; indp++) { michael@0: void *sub_src = (void *)((char *)(*indp) + tmpt->offset); michael@0: sub_len = contents_length (tmpt, sub_src); michael@0: len += sub_len + header_length (tmpt, sub_len); michael@0: } michael@0: } else { michael@0: /* michael@0: * XXX Lisa is not sure this code (for handling, for example, michael@0: * DER_INDEFINITE | DER_OCTET_STRING) is right. michael@0: */ michael@0: for (; *indp != NULL; indp++) { michael@0: SECItem *item = (SECItem *)(*indp); michael@0: sub_len = item->len; michael@0: if (under_kind == DER_BIT_STRING) { michael@0: sub_len = (sub_len + 7) >> 3; michael@0: /* bit string contents involve an extra octet */ michael@0: if (sub_len) michael@0: sub_len++; michael@0: } michael@0: if (under_kind != DER_ANY) michael@0: len += 1 + DER_LengthLength (sub_len); michael@0: } michael@0: } michael@0: michael@0: return len; michael@0: } michael@0: michael@0: switch (under_kind) { michael@0: case DER_SEQUENCE: michael@0: case DER_SET: michael@0: { michael@0: DERTemplate *tmpt; michael@0: void *sub_src; michael@0: PRUint32 sub_len; michael@0: michael@0: len = 0; michael@0: for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) { michael@0: sub_src = (void *)((char *)src + tmpt->offset); michael@0: sub_len = contents_length (tmpt, sub_src); michael@0: len += sub_len + header_length (tmpt, sub_len); michael@0: } michael@0: } michael@0: break; michael@0: michael@0: case DER_BIT_STRING: michael@0: len = (((SECItem *)src)->len + 7) >> 3; michael@0: /* bit string contents involve an extra octet */ michael@0: if (len) michael@0: len++; michael@0: break; michael@0: michael@0: default: michael@0: len = ((SECItem *)src)->len; michael@0: break; michael@0: } michael@0: michael@0: return len; michael@0: } michael@0: michael@0: michael@0: static unsigned char * michael@0: der_encode(unsigned char *buf, DERTemplate *dtemplate, void *src) michael@0: { michael@0: int header_len; michael@0: PRUint32 contents_len; michael@0: unsigned long encode_kind, under_kind; michael@0: PRBool explicit, optional, universal; michael@0: michael@0: michael@0: /* michael@0: * First figure out how long the encoding will be. Do this by michael@0: * traversing the template from top to bottom and accumulating michael@0: * the length of each leaf item. michael@0: */ michael@0: contents_len = contents_length (dtemplate, src); michael@0: header_len = header_length (dtemplate, contents_len); michael@0: michael@0: /* michael@0: * Enough smarts was involved already, so that if both the michael@0: * header and the contents have a length of zero, then we michael@0: * are not doing any encoding for this element. michael@0: */ michael@0: if (header_len == 0 && contents_len == 0) michael@0: return buf; michael@0: michael@0: encode_kind = dtemplate->kind; michael@0: michael@0: explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE; michael@0: optional = (encode_kind & DER_OPTIONAL) ? PR_TRUE : PR_FALSE; michael@0: encode_kind &= ~DER_OPTIONAL; michael@0: universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL) michael@0: ? PR_TRUE : PR_FALSE; michael@0: michael@0: if (encode_kind & DER_POINTER) { michael@0: if (contents_len) { michael@0: src = *(void **)src; michael@0: PORT_Assert (src != NULL); michael@0: } michael@0: if (dtemplate->sub != NULL) { michael@0: dtemplate = dtemplate->sub; michael@0: under_kind = dtemplate->kind; michael@0: if (universal) { michael@0: encode_kind = under_kind; michael@0: } michael@0: src = (void *)((char *)src + dtemplate->offset); michael@0: } else if (universal) { michael@0: under_kind = encode_kind & ~DER_POINTER; michael@0: } else { michael@0: under_kind = dtemplate->arg; michael@0: } michael@0: } else if (encode_kind & DER_INLINE) { michael@0: dtemplate = dtemplate->sub; michael@0: under_kind = dtemplate->kind; michael@0: if (universal) { michael@0: encode_kind = under_kind; michael@0: } michael@0: src = (void *)((char *)src + dtemplate->offset); michael@0: } else if (universal) { michael@0: under_kind = encode_kind; michael@0: } else { michael@0: under_kind = dtemplate->arg; michael@0: } michael@0: michael@0: if (explicit) { michael@0: buf = DER_StoreHeader (buf, encode_kind, michael@0: (1 + DER_LengthLength(contents_len) michael@0: + contents_len)); michael@0: encode_kind = under_kind; michael@0: } michael@0: michael@0: if ((encode_kind & DER_ANY) == 0) { /* DER_ANY already contains header */ michael@0: buf = DER_StoreHeader (buf, encode_kind, contents_len); michael@0: } michael@0: michael@0: /* If no real contents to encode, then we are done. */ michael@0: if (contents_len == 0) michael@0: return buf; michael@0: michael@0: if (under_kind & DER_INDEFINITE) { michael@0: void **indp; michael@0: michael@0: indp = *(void ***)src; michael@0: PORT_Assert (indp != NULL); michael@0: michael@0: under_kind &= ~DER_INDEFINITE; michael@0: if (under_kind == DER_SET || under_kind == DER_SEQUENCE) { michael@0: DERTemplate *tmpt = dtemplate->sub; michael@0: PORT_Assert (tmpt != NULL); michael@0: for (; *indp != NULL; indp++) { michael@0: void *sub_src = (void *)((char *)(*indp) + tmpt->offset); michael@0: buf = der_encode (buf, tmpt, sub_src); michael@0: } michael@0: } else { michael@0: for (; *indp != NULL; indp++) { michael@0: SECItem *item; michael@0: int sub_len; michael@0: michael@0: item = (SECItem *)(*indp); michael@0: sub_len = item->len; michael@0: if (under_kind == DER_BIT_STRING) { michael@0: if (sub_len) { michael@0: int rem; michael@0: michael@0: sub_len = (sub_len + 7) >> 3; michael@0: buf = DER_StoreHeader (buf, under_kind, sub_len + 1); michael@0: rem = (sub_len << 3) - item->len; michael@0: *buf++ = rem; /* remaining bits */ michael@0: } else { michael@0: buf = DER_StoreHeader (buf, under_kind, 0); michael@0: } michael@0: } else if (under_kind != DER_ANY) { michael@0: buf = DER_StoreHeader (buf, under_kind, sub_len); michael@0: } michael@0: PORT_Memcpy (buf, item->data, sub_len); michael@0: buf += sub_len; michael@0: } michael@0: } michael@0: return buf; michael@0: } michael@0: michael@0: switch (under_kind) { michael@0: case DER_SEQUENCE: michael@0: case DER_SET: michael@0: { michael@0: DERTemplate *tmpt; michael@0: void *sub_src; michael@0: michael@0: for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) { michael@0: sub_src = (void *)((char *)src + tmpt->offset); michael@0: buf = der_encode (buf, tmpt, sub_src); michael@0: } michael@0: } michael@0: break; michael@0: michael@0: case DER_BIT_STRING: michael@0: { michael@0: SECItem *item; michael@0: int rem; michael@0: michael@0: /* michael@0: * The contents length includes our extra octet; subtract michael@0: * it off so we just have the real string length there. michael@0: */ michael@0: contents_len--; michael@0: item = (SECItem *)src; michael@0: PORT_Assert (contents_len == ((item->len + 7) >> 3)); michael@0: rem = (contents_len << 3) - item->len; michael@0: *buf++ = rem; /* remaining bits */ michael@0: PORT_Memcpy (buf, item->data, contents_len); michael@0: buf += contents_len; michael@0: } michael@0: break; michael@0: michael@0: default: michael@0: { michael@0: SECItem *item; michael@0: michael@0: item = (SECItem *)src; michael@0: PORT_Assert (contents_len == item->len); michael@0: PORT_Memcpy (buf, item->data, contents_len); michael@0: buf += contents_len; michael@0: } michael@0: break; michael@0: } michael@0: michael@0: return buf; michael@0: } michael@0: michael@0: michael@0: SECStatus michael@0: DER_Encode(PLArenaPool *arena, SECItem *dest, DERTemplate *dtemplate, void *src) michael@0: { michael@0: unsigned int contents_len, header_len; michael@0: michael@0: src = (void **)((char *)src + dtemplate->offset); michael@0: michael@0: /* michael@0: * First figure out how long the encoding will be. Do this by michael@0: * traversing the template from top to bottom and accumulating michael@0: * the length of each leaf item. michael@0: */ michael@0: contents_len = contents_length (dtemplate, src); michael@0: header_len = header_length (dtemplate, contents_len); michael@0: michael@0: dest->len = contents_len + header_len; michael@0: michael@0: /* Allocate storage to hold the encoding */ michael@0: dest->data = (unsigned char*) PORT_ArenaAlloc(arena, dest->len); michael@0: if (dest->data == NULL) { michael@0: PORT_SetError(SEC_ERROR_NO_MEMORY); michael@0: return SECFailure; michael@0: } michael@0: michael@0: /* Now encode into the buffer */ michael@0: (void) der_encode (dest->data, dtemplate, src); michael@0: michael@0: return SECSuccess; michael@0: }