michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: /* michael@0: Optimized ASN.1 DER decoder michael@0: michael@0: */ michael@0: michael@0: #include "secerr.h" michael@0: #include "secasn1.h" /* for SEC_ASN1GetSubtemplate */ michael@0: #include "secitem.h" michael@0: michael@0: /* michael@0: * simple definite-length ASN.1 decoder michael@0: */ michael@0: michael@0: static unsigned char* definite_length_decoder(const unsigned char *buf, michael@0: const unsigned int length, michael@0: unsigned int *data_length, michael@0: PRBool includeTag) michael@0: { michael@0: unsigned char tag; michael@0: unsigned int used_length= 0; michael@0: unsigned int data_len; michael@0: michael@0: if (used_length >= length) michael@0: { michael@0: return NULL; michael@0: } michael@0: tag = buf[used_length++]; michael@0: michael@0: /* blow out when we come to the end */ michael@0: if (tag == 0) michael@0: { michael@0: return NULL; michael@0: } michael@0: michael@0: if (used_length >= length) michael@0: { michael@0: return NULL; michael@0: } michael@0: data_len = buf[used_length++]; michael@0: michael@0: if (data_len&0x80) michael@0: { michael@0: int len_count = data_len & 0x7f; michael@0: michael@0: data_len = 0; michael@0: michael@0: while (len_count-- > 0) michael@0: { michael@0: if (used_length >= length) michael@0: { michael@0: return NULL; michael@0: } michael@0: data_len = (data_len << 8) | buf[used_length++]; michael@0: } michael@0: } michael@0: michael@0: if (data_len > (length-used_length) ) michael@0: { michael@0: return NULL; michael@0: } michael@0: if (includeTag) data_len += used_length; michael@0: michael@0: *data_length = data_len; michael@0: return ((unsigned char*)buf + (includeTag ? 0 : used_length)); michael@0: } michael@0: michael@0: static SECStatus GetItem(SECItem* src, SECItem* dest, PRBool includeTag) michael@0: { michael@0: if ( (!src) || (!dest) || (!src->data && src->len) ) michael@0: { michael@0: PORT_SetError(SEC_ERROR_INVALID_ARGS); michael@0: return SECFailure; michael@0: } michael@0: michael@0: if (!src->len) michael@0: { michael@0: /* reaching the end of the buffer is not an error */ michael@0: dest->data = NULL; michael@0: dest->len = 0; michael@0: return SECSuccess; michael@0: } michael@0: michael@0: dest->data = definite_length_decoder(src->data, src->len, &dest->len, michael@0: includeTag); michael@0: if (dest->data == NULL) michael@0: { michael@0: PORT_SetError(SEC_ERROR_BAD_DER); michael@0: return SECFailure; michael@0: } michael@0: src->len -= (dest->data - src->data) + dest->len; michael@0: src->data = dest->data + dest->len; michael@0: return SECSuccess; michael@0: } michael@0: michael@0: /* check if the actual component's type matches the type in the template */ michael@0: michael@0: static SECStatus MatchComponentType(const SEC_ASN1Template* templateEntry, michael@0: SECItem* item, PRBool* match, void* dest) michael@0: { michael@0: unsigned long kind = 0; michael@0: unsigned char tag = 0; michael@0: michael@0: if ( (!item) || (!item->data && item->len) || (!templateEntry) || (!match) ) michael@0: { michael@0: PORT_SetError(SEC_ERROR_INVALID_ARGS); michael@0: return SECFailure; michael@0: } michael@0: michael@0: if (!item->len) michael@0: { michael@0: *match = PR_FALSE; michael@0: return SECSuccess; michael@0: } michael@0: michael@0: kind = templateEntry->kind; michael@0: tag = *(unsigned char*) item->data; michael@0: michael@0: if ( ( (kind & SEC_ASN1_INLINE) || michael@0: (kind & SEC_ASN1_POINTER) ) && michael@0: (0 == (kind & SEC_ASN1_TAG_MASK) ) ) michael@0: { michael@0: /* These cases are special because the template's "kind" does not michael@0: give us the information for the ASN.1 tag of the next item. It can michael@0: only be figured out from the subtemplate. */ michael@0: if (!(kind & SEC_ASN1_OPTIONAL)) michael@0: { michael@0: /* This is a required component. If there is a type mismatch, michael@0: the decoding of the subtemplate will fail, so assume this michael@0: is a match at the parent level and let it fail later. This michael@0: avoids a redundant check in matching cases */ michael@0: *match = PR_TRUE; michael@0: return SECSuccess; michael@0: } michael@0: else michael@0: { michael@0: /* optional component. This is the hard case. Now we need to michael@0: look at the subtemplate to get the expected kind */ michael@0: const SEC_ASN1Template* subTemplate = michael@0: SEC_ASN1GetSubtemplate (templateEntry, dest, PR_FALSE); michael@0: if (!subTemplate) michael@0: { michael@0: PORT_SetError(SEC_ERROR_BAD_TEMPLATE); michael@0: return SECFailure; michael@0: } michael@0: if ( (subTemplate->kind & SEC_ASN1_INLINE) || michael@0: (subTemplate->kind & SEC_ASN1_POINTER) ) michael@0: { michael@0: /* disallow nesting SEC_ASN1_POINTER and SEC_ASN1_INLINE, michael@0: otherwise you may get a false positive due to the recursion michael@0: optimization above that always matches the type if the michael@0: component is required . Nesting these should never be michael@0: required, so that no one should miss this ability */ michael@0: PORT_SetError(SEC_ERROR_BAD_TEMPLATE); michael@0: return SECFailure; michael@0: } michael@0: return MatchComponentType(subTemplate, item, match, michael@0: (void*)((char*)dest + templateEntry->offset)); michael@0: } michael@0: } michael@0: michael@0: if (kind & SEC_ASN1_CHOICE) michael@0: { michael@0: /* we need to check the component's tag against each choice's tag */ michael@0: /* XXX it would be nice to save the index of the choice here so that michael@0: DecodeChoice wouldn't have to do this again. However, due to the michael@0: recursivity of MatchComponentType, we don't know if we are in a michael@0: required or optional component, so we can't write anywhere in michael@0: the destination within this function */ michael@0: unsigned choiceIndex = 1; michael@0: const SEC_ASN1Template* choiceEntry; michael@0: while ( (choiceEntry = &templateEntry[choiceIndex++]) && (choiceEntry->kind)) michael@0: { michael@0: if ( (SECSuccess == MatchComponentType(choiceEntry, item, match, michael@0: (void*)((char*)dest + choiceEntry->offset))) && michael@0: (PR_TRUE == *match) ) michael@0: { michael@0: return SECSuccess; michael@0: } michael@0: } michael@0: /* no match, caller must decide if this is BAD DER, or not. */ michael@0: *match = PR_FALSE; michael@0: return SECSuccess; michael@0: } michael@0: michael@0: if (kind & SEC_ASN1_ANY) michael@0: { michael@0: /* SEC_ASN1_ANY always matches */ michael@0: *match = PR_TRUE; michael@0: return SECSuccess; michael@0: } michael@0: michael@0: if ( (0 == ((unsigned char)kind & SEC_ASN1_TAGNUM_MASK)) && michael@0: (!(kind & SEC_ASN1_EXPLICIT)) && michael@0: ( ( (kind & SEC_ASN1_SAVE) || michael@0: (kind & SEC_ASN1_SKIP) ) && michael@0: (!(kind & SEC_ASN1_OPTIONAL)) michael@0: ) michael@0: ) michael@0: { michael@0: /* when saving or skipping a required component, a type is not michael@0: required in the template. This is for legacy support of michael@0: SEC_ASN1_SAVE and SEC_ASN1_SKIP only. XXX I would like to michael@0: deprecate these usages and always require a type, as this michael@0: disables type checking, and effectively forbids us from michael@0: transparently ignoring optional components we aren't aware of */ michael@0: *match = PR_TRUE; michael@0: return SECSuccess; michael@0: } michael@0: michael@0: /* first, do a class check */ michael@0: if ( (tag & SEC_ASN1_CLASS_MASK) != michael@0: (((unsigned char)kind) & SEC_ASN1_CLASS_MASK) ) michael@0: { michael@0: #ifdef DEBUG michael@0: /* this is only to help debugging of the decoder in case of problems */ michael@0: unsigned char tagclass = tag & SEC_ASN1_CLASS_MASK; michael@0: unsigned char expectedclass = (unsigned char)kind & SEC_ASN1_CLASS_MASK; michael@0: tagclass = tagclass; michael@0: expectedclass = expectedclass; michael@0: #endif michael@0: *match = PR_FALSE; michael@0: return SECSuccess; michael@0: } michael@0: michael@0: /* now do a tag check */ michael@0: if ( ((unsigned char)kind & SEC_ASN1_TAGNUM_MASK) != michael@0: (tag & SEC_ASN1_TAGNUM_MASK)) michael@0: { michael@0: *match = PR_FALSE; michael@0: return SECSuccess; michael@0: } michael@0: michael@0: /* now, do a method check. This depends on the class */ michael@0: switch (tag & SEC_ASN1_CLASS_MASK) michael@0: { michael@0: case SEC_ASN1_UNIVERSAL: michael@0: /* For types of the SEC_ASN1_UNIVERSAL class, we know which must be michael@0: primitive or constructed based on the tag */ michael@0: switch (tag & SEC_ASN1_TAGNUM_MASK) michael@0: { michael@0: case SEC_ASN1_SEQUENCE: michael@0: case SEC_ASN1_SET: michael@0: case SEC_ASN1_EMBEDDED_PDV: michael@0: /* this component must be a constructed type */ michael@0: /* XXX add any new universal constructed type here */ michael@0: if (tag & SEC_ASN1_CONSTRUCTED) michael@0: { michael@0: *match = PR_TRUE; michael@0: return SECSuccess; michael@0: } michael@0: break; michael@0: michael@0: default: michael@0: /* this component must be a primitive type */ michael@0: if (! (tag & SEC_ASN1_CONSTRUCTED)) michael@0: { michael@0: *match = PR_TRUE; michael@0: return SECSuccess; michael@0: } michael@0: break; michael@0: } michael@0: break; michael@0: michael@0: default: michael@0: /* for all other classes, we check the method based on the template */ michael@0: if ( (unsigned char)(kind & SEC_ASN1_METHOD_MASK) == michael@0: (tag & SEC_ASN1_METHOD_MASK) ) michael@0: { michael@0: *match = PR_TRUE; michael@0: return SECSuccess; michael@0: } michael@0: /* method does not match between template and component */ michael@0: break; michael@0: } michael@0: michael@0: *match = PR_FALSE; michael@0: return SECSuccess; michael@0: } michael@0: michael@0: #ifdef DEBUG michael@0: michael@0: static SECStatus CheckSequenceTemplate(const SEC_ASN1Template* sequenceTemplate) michael@0: { michael@0: SECStatus rv = SECSuccess; michael@0: const SEC_ASN1Template* sequenceEntry = NULL; michael@0: unsigned long seqIndex = 0; michael@0: unsigned long lastEntryIndex = 0; michael@0: unsigned long ambiguityIndex = 0; michael@0: PRBool foundAmbiguity = PR_FALSE; michael@0: michael@0: do michael@0: { michael@0: sequenceEntry = &sequenceTemplate[seqIndex++]; michael@0: if (sequenceEntry->kind) michael@0: { michael@0: /* ensure that we don't have an optional component of SEC_ASN1_ANY michael@0: in the middle of the sequence, since we could not handle it */ michael@0: /* XXX this function needs to dig into the subtemplates to find michael@0: the next tag */ michael@0: if ( (PR_FALSE == foundAmbiguity) && michael@0: (sequenceEntry->kind & SEC_ASN1_OPTIONAL) && michael@0: (sequenceEntry->kind & SEC_ASN1_ANY) ) michael@0: { michael@0: foundAmbiguity = PR_TRUE; michael@0: ambiguityIndex = seqIndex - 1; michael@0: } michael@0: } michael@0: } while (sequenceEntry->kind); michael@0: michael@0: lastEntryIndex = seqIndex - 2; michael@0: michael@0: if (PR_FALSE != foundAmbiguity) michael@0: { michael@0: if (ambiguityIndex < lastEntryIndex) michael@0: { michael@0: /* ambiguity can only be tolerated on the last entry */ michael@0: PORT_SetError(SEC_ERROR_BAD_TEMPLATE); michael@0: rv = SECFailure; michael@0: } michael@0: } michael@0: michael@0: /* XXX also enforce ASN.1 requirement that tags be michael@0: distinct for consecutive optional components */ michael@0: michael@0: return rv; michael@0: } michael@0: michael@0: #endif michael@0: michael@0: static SECStatus DecodeItem(void* dest, michael@0: const SEC_ASN1Template* templateEntry, michael@0: SECItem* src, PLArenaPool* arena, PRBool checkTag); michael@0: michael@0: static SECStatus DecodeSequence(void* dest, michael@0: const SEC_ASN1Template* templateEntry, michael@0: SECItem* src, PLArenaPool* arena) michael@0: { michael@0: SECStatus rv = SECSuccess; michael@0: SECItem source; michael@0: SECItem sequence; michael@0: const SEC_ASN1Template* sequenceTemplate = &(templateEntry[1]); michael@0: const SEC_ASN1Template* sequenceEntry = NULL; michael@0: unsigned long seqindex = 0; michael@0: michael@0: #ifdef DEBUG michael@0: /* for a sequence, we need to validate the template. */ michael@0: rv = CheckSequenceTemplate(sequenceTemplate); michael@0: #endif michael@0: michael@0: source = *src; michael@0: michael@0: /* get the sequence */ michael@0: if (SECSuccess == rv) michael@0: { michael@0: rv = GetItem(&source, &sequence, PR_FALSE); michael@0: } michael@0: michael@0: /* process it */ michael@0: if (SECSuccess == rv) michael@0: do michael@0: { michael@0: sequenceEntry = &sequenceTemplate[seqindex++]; michael@0: if ( (sequenceEntry && sequenceEntry->kind) && michael@0: (sequenceEntry->kind != SEC_ASN1_SKIP_REST) ) michael@0: { michael@0: rv = DecodeItem(dest, sequenceEntry, &sequence, arena, PR_TRUE); michael@0: } michael@0: } while ( (SECSuccess == rv) && michael@0: (sequenceEntry->kind && michael@0: sequenceEntry->kind != SEC_ASN1_SKIP_REST) ); michael@0: /* we should have consumed all the bytes in the sequence by now michael@0: unless the caller doesn't care about the rest of the sequence */ michael@0: if (SECSuccess == rv && sequence.len && michael@0: sequenceEntry && sequenceEntry->kind != SEC_ASN1_SKIP_REST) michael@0: { michael@0: /* it isn't 100% clear whether this is a bad DER or a bad template. michael@0: The problem is that logically, they don't match - there is extra michael@0: data in the DER that the template doesn't know about */ michael@0: PORT_SetError(SEC_ERROR_BAD_DER); michael@0: rv = SECFailure; michael@0: } michael@0: michael@0: return rv; michael@0: } michael@0: michael@0: static SECStatus DecodeInline(void* dest, michael@0: const SEC_ASN1Template* templateEntry, michael@0: SECItem* src, PLArenaPool* arena, PRBool checkTag) michael@0: { michael@0: const SEC_ASN1Template* inlineTemplate = michael@0: SEC_ASN1GetSubtemplate (templateEntry, dest, PR_FALSE); michael@0: return DecodeItem((void*)((char*)dest + templateEntry->offset), michael@0: inlineTemplate, src, arena, checkTag); michael@0: } michael@0: michael@0: static SECStatus DecodePointer(void* dest, michael@0: const SEC_ASN1Template* templateEntry, michael@0: SECItem* src, PLArenaPool* arena, PRBool checkTag) michael@0: { michael@0: const SEC_ASN1Template* ptrTemplate = michael@0: SEC_ASN1GetSubtemplate (templateEntry, dest, PR_FALSE); michael@0: void* subdata = PORT_ArenaZAlloc(arena, ptrTemplate->size); michael@0: *(void**)((char*)dest + templateEntry->offset) = subdata; michael@0: if (subdata) michael@0: { michael@0: return DecodeItem(subdata, ptrTemplate, src, arena, checkTag); michael@0: } michael@0: else michael@0: { michael@0: PORT_SetError(SEC_ERROR_NO_MEMORY); michael@0: return SECFailure; michael@0: } michael@0: } michael@0: michael@0: static SECStatus DecodeImplicit(void* dest, michael@0: const SEC_ASN1Template* templateEntry, michael@0: SECItem* src, PLArenaPool* arena) michael@0: { michael@0: if (templateEntry->kind & SEC_ASN1_POINTER) michael@0: { michael@0: return DecodePointer((void*)((char*)dest ), michael@0: templateEntry, src, arena, PR_FALSE); michael@0: } michael@0: else michael@0: { michael@0: return DecodeInline((void*)((char*)dest ), michael@0: templateEntry, src, arena, PR_FALSE); michael@0: } michael@0: } michael@0: michael@0: static SECStatus DecodeChoice(void* dest, michael@0: const SEC_ASN1Template* templateEntry, michael@0: SECItem* src, PLArenaPool* arena) michael@0: { michael@0: SECStatus rv = SECSuccess; michael@0: SECItem choice; michael@0: const SEC_ASN1Template* choiceTemplate = &(templateEntry[1]); michael@0: const SEC_ASN1Template* choiceEntry = NULL; michael@0: unsigned long choiceindex = 0; michael@0: michael@0: /* XXX for a choice component, we should validate the template to make michael@0: sure the tags are distinct, in debug builds. This hasn't been michael@0: implemented yet */ michael@0: /* rv = CheckChoiceTemplate(sequenceTemplate); */ michael@0: michael@0: /* process it */ michael@0: do michael@0: { michael@0: choice = *src; michael@0: choiceEntry = &choiceTemplate[choiceindex++]; michael@0: if (choiceEntry->kind) michael@0: { michael@0: rv = DecodeItem(dest, choiceEntry, &choice, arena, PR_TRUE); michael@0: } michael@0: } while ( (SECFailure == rv) && (choiceEntry->kind)); michael@0: michael@0: if (SECFailure == rv) michael@0: { michael@0: /* the component didn't match any of the choices */ michael@0: PORT_SetError(SEC_ERROR_BAD_DER); michael@0: } michael@0: else michael@0: { michael@0: /* set the type in the union here */ michael@0: int *which = (int *)((char *)dest + templateEntry->offset); michael@0: *which = (int)choiceEntry->size; michael@0: } michael@0: michael@0: /* we should have consumed all the bytes by now */ michael@0: /* fail if we have not */ michael@0: if (SECSuccess == rv && choice.len) michael@0: { michael@0: /* there is extra data that isn't listed in the template */ michael@0: PORT_SetError(SEC_ERROR_BAD_DER); michael@0: rv = SECFailure; michael@0: } michael@0: return rv; michael@0: } michael@0: michael@0: static SECStatus DecodeGroup(void* dest, michael@0: const SEC_ASN1Template* templateEntry, michael@0: SECItem* src, PLArenaPool* arena) michael@0: { michael@0: SECStatus rv = SECSuccess; michael@0: SECItem source; michael@0: SECItem group; michael@0: PRUint32 totalEntries = 0; michael@0: PRUint32 entryIndex = 0; michael@0: void** entries = NULL; michael@0: michael@0: const SEC_ASN1Template* subTemplate = michael@0: SEC_ASN1GetSubtemplate (templateEntry, dest, PR_FALSE); michael@0: michael@0: source = *src; michael@0: michael@0: /* get the group */ michael@0: if (SECSuccess == rv) michael@0: { michael@0: rv = GetItem(&source, &group, PR_FALSE); michael@0: } michael@0: michael@0: /* XXX we should check the subtemplate in debug builds */ michael@0: if (SECSuccess == rv) michael@0: { michael@0: /* first, count the number of entries. Benchmarking showed that this michael@0: counting pass is more efficient than trying to allocate entries as michael@0: we read the DER, even if allocating many entries at a time michael@0: */ michael@0: SECItem counter = group; michael@0: do michael@0: { michael@0: SECItem anitem; michael@0: rv = GetItem(&counter, &anitem, PR_TRUE); michael@0: if (SECSuccess == rv && (anitem.len) ) michael@0: { michael@0: totalEntries++; michael@0: } michael@0: } while ( (SECSuccess == rv) && (counter.len) ); michael@0: michael@0: if (SECSuccess == rv) michael@0: { michael@0: /* allocate room for pointer array and entries */ michael@0: /* we want to allocate the array even if there is 0 entry */ michael@0: entries = (void**)PORT_ArenaZAlloc(arena, sizeof(void*)* michael@0: (totalEntries + 1 ) + /* the extra one is for NULL termination */ michael@0: subTemplate->size*totalEntries); michael@0: michael@0: if (entries) michael@0: { michael@0: entries[totalEntries] = NULL; /* terminate the array */ michael@0: } michael@0: else michael@0: { michael@0: PORT_SetError(SEC_ERROR_NO_MEMORY); michael@0: rv = SECFailure; michael@0: } michael@0: if (SECSuccess == rv) michael@0: { michael@0: void* entriesData = (unsigned char*)entries + (unsigned long)(sizeof(void*)*(totalEntries + 1 )); michael@0: /* and fix the pointers in the array */ michael@0: PRUint32 entriesIndex = 0; michael@0: for (entriesIndex = 0;entriesIndexsize*entriesIndex); michael@0: } michael@0: } michael@0: } michael@0: } michael@0: michael@0: if (SECSuccess == rv && totalEntries) michael@0: do michael@0: { michael@0: if (!(entryIndexoffset), &entries, sizeof(void**)); michael@0: michael@0: return rv; michael@0: } michael@0: michael@0: static SECStatus DecodeExplicit(void* dest, michael@0: const SEC_ASN1Template* templateEntry, michael@0: SECItem* src, PLArenaPool* arena) michael@0: { michael@0: SECStatus rv = SECSuccess; michael@0: SECItem subItem; michael@0: SECItem constructed = *src; michael@0: michael@0: rv = GetItem(&constructed, &subItem, PR_FALSE); michael@0: michael@0: if (SECSuccess == rv) michael@0: { michael@0: if (templateEntry->kind & SEC_ASN1_POINTER) michael@0: { michael@0: rv = DecodePointer(dest, templateEntry, &subItem, arena, PR_TRUE); michael@0: } michael@0: else michael@0: { michael@0: rv = DecodeInline(dest, templateEntry, &subItem, arena, PR_TRUE); michael@0: } michael@0: } michael@0: michael@0: return rv; michael@0: } michael@0: michael@0: /* new decoder implementation. This is a recursive function */ michael@0: michael@0: static SECStatus DecodeItem(void* dest, michael@0: const SEC_ASN1Template* templateEntry, michael@0: SECItem* src, PLArenaPool* arena, PRBool checkTag) michael@0: { michael@0: SECStatus rv = SECSuccess; michael@0: SECItem temp; michael@0: SECItem mark; michael@0: PRBool pop = PR_FALSE; michael@0: PRBool decode = PR_TRUE; michael@0: PRBool save = PR_FALSE; michael@0: unsigned long kind; michael@0: PRBool match = PR_TRUE; michael@0: PRBool optional = PR_FALSE; michael@0: michael@0: PR_ASSERT(src && dest && templateEntry && arena); michael@0: #if 0 michael@0: if (!src || !dest || !templateEntry || !arena) michael@0: { michael@0: PORT_SetError(SEC_ERROR_INVALID_ARGS); michael@0: rv = SECFailure; michael@0: } michael@0: #endif michael@0: michael@0: if (SECSuccess == rv) michael@0: { michael@0: /* do the template validation */ michael@0: kind = templateEntry->kind; michael@0: optional = (0 != (kind & SEC_ASN1_OPTIONAL)); michael@0: if (!kind) michael@0: { michael@0: PORT_SetError(SEC_ERROR_BAD_TEMPLATE); michael@0: rv = SECFailure; michael@0: } michael@0: } michael@0: michael@0: if (SECSuccess == rv) michael@0: { michael@0: #ifdef DEBUG michael@0: if (kind & SEC_ASN1_DEBUG_BREAK) michael@0: { michael@0: /* when debugging the decoder or a template that fails to michael@0: decode, put SEC_ASN1_DEBUG in the component that gives you michael@0: trouble. The decoder will then get to this block and assert. michael@0: If you want to debug the rest of the code, you can set a michael@0: breakpoint and set dontassert to PR_TRUE, which will let michael@0: you skip over the assert and continue the debugging session michael@0: past it. */ michael@0: PRBool dontassert = PR_FALSE; michael@0: PR_ASSERT(dontassert); /* set bkpoint here & set dontassert*/ michael@0: } michael@0: #endif michael@0: michael@0: if ((kind & SEC_ASN1_SKIP) || michael@0: (kind & SEC_ASN1_SAVE)) michael@0: { michael@0: /* if skipping or saving this component, don't decode it */ michael@0: decode = PR_FALSE; michael@0: } michael@0: michael@0: if (kind & (SEC_ASN1_SAVE | SEC_ASN1_OPTIONAL)) michael@0: { michael@0: /* if saving this component, or if it is optional, we may not want to michael@0: move past it, so save the position in case we have to rewind */ michael@0: mark = *src; michael@0: if (kind & SEC_ASN1_SAVE) michael@0: { michael@0: save = PR_TRUE; michael@0: if (0 == (kind & SEC_ASN1_SKIP)) michael@0: { michael@0: /* we will for sure have to rewind when saving this michael@0: component and not skipping it. This is true for all michael@0: legacy uses of SEC_ASN1_SAVE where the following entry michael@0: in the template would causes the same component to be michael@0: processed again */ michael@0: pop = PR_TRUE; michael@0: } michael@0: } michael@0: } michael@0: michael@0: rv = GetItem(src, &temp, PR_TRUE); michael@0: } michael@0: michael@0: if (SECSuccess == rv) michael@0: { michael@0: /* now check if the component matches what we expect in the template */ michael@0: michael@0: if (PR_TRUE == checkTag) michael@0: michael@0: { michael@0: rv = MatchComponentType(templateEntry, &temp, &match, dest); michael@0: } michael@0: michael@0: if ( (SECSuccess == rv) && (PR_TRUE != match) ) michael@0: { michael@0: if (kind & SEC_ASN1_OPTIONAL) michael@0: { michael@0: michael@0: /* the optional component is missing. This is not fatal. */ michael@0: /* Rewind, don't decode, and don't save */ michael@0: pop = PR_TRUE; michael@0: decode = PR_FALSE; michael@0: save = PR_FALSE; michael@0: } michael@0: else michael@0: { michael@0: /* a required component is missing. abort */ michael@0: PORT_SetError(SEC_ERROR_BAD_DER); michael@0: rv = SECFailure; michael@0: } michael@0: } michael@0: } michael@0: michael@0: if ((SECSuccess == rv) && (PR_TRUE == decode)) michael@0: { michael@0: /* the order of processing here is is the tricky part */ michael@0: /* we start with our special cases */ michael@0: /* first, check the component class */ michael@0: if (kind & SEC_ASN1_INLINE) michael@0: { michael@0: /* decode inline template */ michael@0: rv = DecodeInline(dest, templateEntry, &temp , arena, PR_TRUE); michael@0: } michael@0: michael@0: else michael@0: if (kind & SEC_ASN1_EXPLICIT) michael@0: { michael@0: rv = DecodeExplicit(dest, templateEntry, &temp, arena); michael@0: } michael@0: else michael@0: if ( (SEC_ASN1_UNIVERSAL != (kind & SEC_ASN1_CLASS_MASK)) && michael@0: michael@0: (!(kind & SEC_ASN1_EXPLICIT))) michael@0: { michael@0: michael@0: /* decode implicitly tagged components */ michael@0: rv = DecodeImplicit(dest, templateEntry, &temp , arena); michael@0: } michael@0: else michael@0: if (kind & SEC_ASN1_POINTER) michael@0: { michael@0: rv = DecodePointer(dest, templateEntry, &temp, arena, PR_TRUE); michael@0: } michael@0: else michael@0: if (kind & SEC_ASN1_CHOICE) michael@0: { michael@0: rv = DecodeChoice(dest, templateEntry, &temp, arena); michael@0: } michael@0: else michael@0: if (kind & SEC_ASN1_ANY) michael@0: { michael@0: /* catch-all ANY type, don't decode */ michael@0: save = PR_TRUE; michael@0: if (kind & SEC_ASN1_INNER) michael@0: { michael@0: /* skip the tag and length */ michael@0: SECItem newtemp = temp; michael@0: rv = GetItem(&newtemp, &temp, PR_FALSE); michael@0: } michael@0: } michael@0: else michael@0: if (kind & SEC_ASN1_GROUP) michael@0: { michael@0: if ( (SEC_ASN1_SEQUENCE == (kind & SEC_ASN1_TAGNUM_MASK)) || michael@0: (SEC_ASN1_SET == (kind & SEC_ASN1_TAGNUM_MASK)) ) michael@0: { michael@0: rv = DecodeGroup(dest, templateEntry, &temp , arena); michael@0: } michael@0: else michael@0: { michael@0: /* a group can only be a SET OF or SEQUENCE OF */ michael@0: PORT_SetError(SEC_ERROR_BAD_TEMPLATE); michael@0: rv = SECFailure; michael@0: } michael@0: } michael@0: else michael@0: if (SEC_ASN1_SEQUENCE == (kind & SEC_ASN1_TAGNUM_MASK)) michael@0: { michael@0: /* plain SEQUENCE */ michael@0: rv = DecodeSequence(dest, templateEntry, &temp , arena); michael@0: } michael@0: else michael@0: { michael@0: /* handle all other types as "save" */ michael@0: /* we should only get here for primitive universal types */ michael@0: SECItem newtemp = temp; michael@0: rv = GetItem(&newtemp, &temp, PR_FALSE); michael@0: save = PR_TRUE; michael@0: if ((SECSuccess == rv) && michael@0: SEC_ASN1_UNIVERSAL == (kind & SEC_ASN1_CLASS_MASK)) michael@0: { michael@0: unsigned long tagnum = kind & SEC_ASN1_TAGNUM_MASK; michael@0: if ( temp.len == 0 && (tagnum == SEC_ASN1_BOOLEAN || michael@0: tagnum == SEC_ASN1_INTEGER || michael@0: tagnum == SEC_ASN1_BIT_STRING || michael@0: tagnum == SEC_ASN1_OBJECT_ID || michael@0: tagnum == SEC_ASN1_ENUMERATED || michael@0: tagnum == SEC_ASN1_UTC_TIME || michael@0: tagnum == SEC_ASN1_GENERALIZED_TIME) ) michael@0: { michael@0: /* these types MUST have at least one content octet */ michael@0: PORT_SetError(SEC_ERROR_BAD_DER); michael@0: rv = SECFailure; michael@0: } michael@0: else michael@0: switch (tagnum) michael@0: { michael@0: /* special cases of primitive types */ michael@0: case SEC_ASN1_INTEGER: michael@0: { michael@0: /* remove leading zeroes if the caller requested michael@0: siUnsignedInteger michael@0: This is to allow RSA key operations to work */ michael@0: SECItem* destItem = (SECItem*) ((char*)dest + michael@0: templateEntry->offset); michael@0: if (destItem && (siUnsignedInteger == destItem->type)) michael@0: { michael@0: while (temp.len > 1 && temp.data[0] == 0) michael@0: { /* leading 0 */ michael@0: temp.data++; michael@0: temp.len--; michael@0: } michael@0: } michael@0: break; michael@0: } michael@0: michael@0: case SEC_ASN1_BIT_STRING: michael@0: { michael@0: /* change the length in the SECItem to be the number michael@0: of bits */ michael@0: temp.len = (temp.len-1)*8 - (temp.data[0] & 0x7); michael@0: temp.data++; michael@0: break; michael@0: } michael@0: michael@0: default: michael@0: { michael@0: break; michael@0: } michael@0: } michael@0: } michael@0: } michael@0: } michael@0: michael@0: if ((SECSuccess == rv) && (PR_TRUE == save)) michael@0: { michael@0: SECItem* destItem = (SECItem*) ((char*)dest + templateEntry->offset); michael@0: if (destItem) michael@0: { michael@0: /* we leave the type alone in the destination SECItem. michael@0: If part of the destination was allocated by the decoder, in michael@0: cases of POINTER, SET OF and SEQUENCE OF, then type is set to michael@0: siBuffer due to the use of PORT_ArenaZAlloc*/ michael@0: destItem->data = temp.len ? temp.data : NULL; michael@0: destItem->len = temp.len; michael@0: } michael@0: else michael@0: { michael@0: PORT_SetError(SEC_ERROR_INVALID_ARGS); michael@0: rv = SECFailure; michael@0: } michael@0: } michael@0: michael@0: if (PR_TRUE == pop) michael@0: { michael@0: /* we don't want to move ahead, so restore the position */ michael@0: *src = mark; michael@0: } michael@0: return rv; michael@0: } michael@0: michael@0: /* the function below is the public one */ michael@0: michael@0: SECStatus SEC_QuickDERDecodeItem(PLArenaPool* arena, void* dest, michael@0: const SEC_ASN1Template* templateEntry, michael@0: const SECItem* src) michael@0: { michael@0: SECStatus rv = SECSuccess; michael@0: SECItem newsrc; michael@0: michael@0: if (!arena || !templateEntry || !src) michael@0: { michael@0: PORT_SetError(SEC_ERROR_INVALID_ARGS); michael@0: rv = SECFailure; michael@0: } michael@0: michael@0: if (SECSuccess == rv) michael@0: { michael@0: newsrc = *src; michael@0: rv = DecodeItem(dest, templateEntry, &newsrc, arena, PR_TRUE); michael@0: if (SECSuccess == rv && newsrc.len) michael@0: { michael@0: rv = SECFailure; michael@0: PORT_SetError(SEC_ERROR_EXTRA_INPUT); michael@0: } michael@0: } michael@0: michael@0: return rv; michael@0: } michael@0: