1092 lines
31 KiB
C
1092 lines
31 KiB
C
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
#include <openssl/asn1.h>
|
|
#include <openssl/asn1t.h>
|
|
#include <openssl/bytestring.h>
|
|
#include <openssl/err.h>
|
|
#include <openssl/mem.h>
|
|
|
|
#include <limits.h>
|
|
#include <string.h>
|
|
|
|
#include "../internal.h"
|
|
#include "internal.h"
|
|
|
|
// Constructed types with a recursive definition (such as can be found in PKCS7)
|
|
// could eventually exceed the stack given malicious input with excessive
|
|
// recursion. Therefore we limit the stack depth. This is the maximum number of
|
|
// recursive invocations of asn1_item_embed_d2i().
|
|
#define ASN1_MAX_CONSTRUCTED_NEST 30
|
|
|
|
static int asn1_check_eoc(const unsigned char **in, long len);
|
|
static int asn1_find_end(const unsigned char **in, long len, char inf);
|
|
|
|
static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
|
|
char inf, int tag, int aclass, int depth);
|
|
|
|
static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen);
|
|
|
|
static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
|
|
char *inf, char *cst, const unsigned char **in,
|
|
long len, int exptag, int expclass, char opt);
|
|
|
|
static int asn1_template_ex_d2i(ASN1_VALUE **pval, const unsigned char **in,
|
|
long len, const ASN1_TEMPLATE *tt, char opt,
|
|
int depth);
|
|
static int asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in,
|
|
long len, const ASN1_TEMPLATE *tt, char opt,
|
|
int depth);
|
|
static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len,
|
|
int utype, const ASN1_ITEM *it);
|
|
static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const unsigned char **in,
|
|
long len, const ASN1_ITEM *it, int tag,
|
|
int aclass, char opt);
|
|
static int asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in,
|
|
long len, const ASN1_ITEM *it, int tag, int aclass,
|
|
char opt, int depth);
|
|
|
|
// Table to convert tags to bit values, used for MSTRING type
|
|
static const unsigned long tag2bit[31] = {
|
|
0, // (reserved)
|
|
0, // BOOLEAN
|
|
0, // INTEGER
|
|
B_ASN1_BIT_STRING,
|
|
B_ASN1_OCTET_STRING,
|
|
0, // NULL
|
|
0, // OBJECT IDENTIFIER
|
|
B_ASN1_UNKNOWN, // ObjectDescriptor
|
|
B_ASN1_UNKNOWN, // EXTERNAL
|
|
B_ASN1_UNKNOWN, // REAL
|
|
B_ASN1_UNKNOWN, // ENUMERATED
|
|
B_ASN1_UNKNOWN, // EMBEDDED PDV
|
|
B_ASN1_UTF8STRING,
|
|
B_ASN1_UNKNOWN, // RELATIVE-OID
|
|
B_ASN1_UNKNOWN, // TIME
|
|
B_ASN1_UNKNOWN, // (reserved)
|
|
B_ASN1_SEQUENCE,
|
|
0, // SET
|
|
B_ASN1_NUMERICSTRING,
|
|
B_ASN1_PRINTABLESTRING,
|
|
B_ASN1_T61STRING,
|
|
B_ASN1_VIDEOTEXSTRING,
|
|
B_ASN1_IA5STRING,
|
|
B_ASN1_UTCTIME,
|
|
B_ASN1_GENERALIZEDTIME,
|
|
B_ASN1_GRAPHICSTRING,
|
|
B_ASN1_ISO64STRING,
|
|
B_ASN1_GENERALSTRING,
|
|
B_ASN1_UNIVERSALSTRING,
|
|
B_ASN1_UNKNOWN, // CHARACTER STRING
|
|
B_ASN1_BMPSTRING,
|
|
};
|
|
|
|
unsigned long ASN1_tag2bit(int tag) {
|
|
if (tag < 0 || tag > 30) {
|
|
return 0;
|
|
}
|
|
return tag2bit[tag];
|
|
}
|
|
|
|
// Macro to initialize and invalidate the cache
|
|
|
|
// Decode an ASN1 item, this currently behaves just like a standard 'd2i'
|
|
// function. 'in' points to a buffer to read the data from, in future we
|
|
// will have more advanced versions that can input data a piece at a time and
|
|
// this will simply be a special case.
|
|
|
|
ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|
const ASN1_ITEM *it) {
|
|
ASN1_VALUE *ptmpval = NULL;
|
|
if (!pval) {
|
|
pval = &ptmpval;
|
|
}
|
|
|
|
if (asn1_item_ex_d2i(pval, in, len, it, -1, 0, 0, 0) > 0) {
|
|
return *pval;
|
|
}
|
|
return NULL;
|
|
}
|
|
|
|
// Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and
|
|
// tag mismatch return -1 to handle OPTIONAL
|
|
|
|
static int asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in,
|
|
long len, const ASN1_ITEM *it, int tag, int aclass,
|
|
char opt, int depth) {
|
|
const ASN1_TEMPLATE *tt, *errtt = NULL;
|
|
const ASN1_EXTERN_FUNCS *ef;
|
|
const unsigned char *p = NULL, *q;
|
|
unsigned char oclass;
|
|
char seq_eoc, seq_nolen, cst, isopt;
|
|
int i;
|
|
int otag;
|
|
int ret = 0;
|
|
ASN1_VALUE **pchptr;
|
|
int combine = aclass & ASN1_TFLG_COMBINE;
|
|
aclass &= ~ASN1_TFLG_COMBINE;
|
|
if (pval == NULL || it == NULL) {
|
|
return 0;
|
|
}
|
|
|
|
// Bound |len| to comfortably fit in an int. Lengths in this module often
|
|
// switch between int and long without overflow checks.
|
|
if (len > INT_MAX / 2) {
|
|
len = INT_MAX / 2;
|
|
}
|
|
|
|
if (++depth > ASN1_MAX_CONSTRUCTED_NEST) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_TOO_DEEP);
|
|
goto err;
|
|
}
|
|
|
|
switch (it->itype) {
|
|
case ASN1_ITYPE_PRIMITIVE:
|
|
if (it->templates) {
|
|
// tagging or OPTIONAL is currently illegal on an item template
|
|
// because the flags can't get passed down. In practice this
|
|
// isn't a problem: we include the relevant flags from the item
|
|
// template in the template itself.
|
|
if ((tag != -1) || opt) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
|
|
goto err;
|
|
}
|
|
return asn1_template_ex_d2i(pval, in, len, it->templates, opt, depth);
|
|
}
|
|
return asn1_d2i_ex_primitive(pval, in, len, it, tag, aclass, opt);
|
|
break;
|
|
|
|
case ASN1_ITYPE_MSTRING:
|
|
// It never makes sense for multi-strings to have implicit tagging, so
|
|
// if tag != -1, then this looks like an error in the template.
|
|
if (tag != -1) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_TEMPLATE);
|
|
goto err;
|
|
}
|
|
|
|
p = *in;
|
|
// Just read in tag and class
|
|
ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, &p, len, -1, 0, 1);
|
|
if (!ret) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
goto err;
|
|
}
|
|
|
|
// Must be UNIVERSAL class
|
|
if (oclass != V_ASN1_UNIVERSAL) {
|
|
// If OPTIONAL, assume this is OK
|
|
if (opt) {
|
|
return -1;
|
|
}
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_MSTRING_NOT_UNIVERSAL);
|
|
goto err;
|
|
}
|
|
// Check tag matches bit map
|
|
if (!(ASN1_tag2bit(otag) & it->utype)) {
|
|
// If OPTIONAL, assume this is OK
|
|
if (opt) {
|
|
return -1;
|
|
}
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_MSTRING_WRONG_TAG);
|
|
goto err;
|
|
}
|
|
return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0);
|
|
|
|
case ASN1_ITYPE_EXTERN:
|
|
// Use new style d2i
|
|
ef = it->funcs;
|
|
return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, NULL);
|
|
|
|
case ASN1_ITYPE_CHOICE: {
|
|
// It never makes sense for CHOICE types to have implicit tagging, so if
|
|
// tag != -1, then this looks like an error in the template.
|
|
if (tag != -1) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_TEMPLATE);
|
|
goto err;
|
|
}
|
|
|
|
const ASN1_AUX *aux = it->funcs;
|
|
ASN1_aux_cb *asn1_cb = aux != NULL ? aux->asn1_cb : NULL;
|
|
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) {
|
|
goto auxerr;
|
|
}
|
|
|
|
if (*pval) {
|
|
// Free up and zero CHOICE value if initialised
|
|
i = asn1_get_choice_selector(pval, it);
|
|
if ((i >= 0) && (i < it->tcount)) {
|
|
tt = it->templates + i;
|
|
pchptr = asn1_get_field_ptr(pval, tt);
|
|
ASN1_template_free(pchptr, tt);
|
|
asn1_set_choice_selector(pval, -1, it);
|
|
}
|
|
} else if (!ASN1_item_ex_new(pval, it)) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
goto err;
|
|
}
|
|
// CHOICE type, try each possibility in turn
|
|
p = *in;
|
|
for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
|
|
pchptr = asn1_get_field_ptr(pval, tt);
|
|
// We mark field as OPTIONAL so its absence can be recognised.
|
|
ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, depth);
|
|
// If field not present, try the next one
|
|
if (ret == -1) {
|
|
continue;
|
|
}
|
|
// If positive return, read OK, break loop
|
|
if (ret > 0) {
|
|
break;
|
|
}
|
|
// Otherwise must be an ASN1 parsing error
|
|
errtt = tt;
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
goto err;
|
|
}
|
|
|
|
// Did we fall off the end without reading anything?
|
|
if (i == it->tcount) {
|
|
// If OPTIONAL, this is OK
|
|
if (opt) {
|
|
// Free and zero it
|
|
ASN1_item_ex_free(pval, it);
|
|
return -1;
|
|
}
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NO_MATCHING_CHOICE_TYPE);
|
|
goto err;
|
|
}
|
|
|
|
asn1_set_choice_selector(pval, i, it);
|
|
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL)) {
|
|
goto auxerr;
|
|
}
|
|
*in = p;
|
|
return 1;
|
|
}
|
|
|
|
case ASN1_ITYPE_SEQUENCE: {
|
|
p = *in;
|
|
|
|
// If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL
|
|
if (tag == -1) {
|
|
tag = V_ASN1_SEQUENCE;
|
|
aclass = V_ASN1_UNIVERSAL;
|
|
}
|
|
// Get SEQUENCE length and update len, p
|
|
ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, &p, len, tag, aclass, opt);
|
|
if (!ret) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
goto err;
|
|
} else if (ret == -1) {
|
|
return -1;
|
|
}
|
|
// If indefinite we don't do a length check.
|
|
seq_nolen = seq_eoc;
|
|
if (!cst) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
|
|
goto err;
|
|
}
|
|
|
|
if (!*pval && !ASN1_item_ex_new(pval, it)) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
goto err;
|
|
}
|
|
|
|
const ASN1_AUX *aux = it->funcs;
|
|
ASN1_aux_cb *asn1_cb = aux != NULL ? aux->asn1_cb : NULL;
|
|
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) {
|
|
goto auxerr;
|
|
}
|
|
|
|
// Free up and zero any ADB found
|
|
for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
|
|
if (tt->flags & ASN1_TFLG_ADB_MASK) {
|
|
const ASN1_TEMPLATE *seqtt;
|
|
ASN1_VALUE **pseqval;
|
|
seqtt = asn1_do_adb(pval, tt, 0);
|
|
if (seqtt == NULL) {
|
|
continue;
|
|
}
|
|
pseqval = asn1_get_field_ptr(pval, seqtt);
|
|
ASN1_template_free(pseqval, seqtt);
|
|
}
|
|
}
|
|
|
|
// Get each field entry
|
|
for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
|
|
const ASN1_TEMPLATE *seqtt;
|
|
ASN1_VALUE **pseqval;
|
|
seqtt = asn1_do_adb(pval, tt, 1);
|
|
if (seqtt == NULL) {
|
|
goto err;
|
|
}
|
|
pseqval = asn1_get_field_ptr(pval, seqtt);
|
|
// Have we ran out of data?
|
|
if (!len) {
|
|
break;
|
|
}
|
|
q = p;
|
|
// |asn1_check_eoc| does a check for eoc (the indefinite length
|
|
// terminator) here. |seq_eoc| determines if we had found "0x80" earlier
|
|
// to indicate indefinite length is being used and we error out if eoc
|
|
// wasn't expected.
|
|
if (asn1_check_eoc(&p, len)) {
|
|
if (!seq_eoc) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNEXPECTED_EOC);
|
|
goto err;
|
|
}
|
|
len -= p - q;
|
|
seq_eoc = 0;
|
|
break;
|
|
}
|
|
// This determines the OPTIONAL flag value. The field cannot be
|
|
// omitted if it is the last of a SEQUENCE and there is still
|
|
// data to be read. This isn't strictly necessary but it
|
|
// increases efficiency in some cases.
|
|
if (i == (it->tcount - 1)) {
|
|
isopt = 0;
|
|
} else {
|
|
isopt = (seqtt->flags & ASN1_TFLG_OPTIONAL) != 0;
|
|
}
|
|
// attempt to read in field, allowing each to be OPTIONAL
|
|
|
|
ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, depth);
|
|
if (!ret) {
|
|
errtt = seqtt;
|
|
goto err;
|
|
} else if (ret == -1) {
|
|
// OPTIONAL component absent. Free and zero the field.
|
|
ASN1_template_free(pseqval, seqtt);
|
|
continue;
|
|
}
|
|
// Update length
|
|
len -= p - q;
|
|
}
|
|
|
|
// Check for EOC if expecting one.
|
|
if (seq_eoc && !asn1_check_eoc(&p, len)) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC);
|
|
goto err;
|
|
}
|
|
// Check all data read
|
|
if (!seq_nolen && len) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_LENGTH_MISMATCH);
|
|
goto err;
|
|
}
|
|
|
|
// If we get here we've got no more data in the SEQUENCE, however we
|
|
// may not have read all fields so check all remaining are OPTIONAL
|
|
// and clear any that are.
|
|
for (; i < it->tcount; tt++, i++) {
|
|
const ASN1_TEMPLATE *seqtt;
|
|
seqtt = asn1_do_adb(pval, tt, 1);
|
|
if (seqtt == NULL) {
|
|
goto err;
|
|
}
|
|
if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
|
|
ASN1_VALUE **pseqval;
|
|
pseqval = asn1_get_field_ptr(pval, seqtt);
|
|
ASN1_template_free(pseqval, seqtt);
|
|
} else {
|
|
errtt = seqtt;
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_FIELD_MISSING);
|
|
goto err;
|
|
}
|
|
}
|
|
// Save encoding
|
|
if (!asn1_enc_save(pval, *in, p - *in, it)) {
|
|
goto auxerr;
|
|
}
|
|
if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL)) {
|
|
goto auxerr;
|
|
}
|
|
*in = p;
|
|
return 1;
|
|
}
|
|
|
|
default:
|
|
return 0;
|
|
}
|
|
auxerr:
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_AUX_ERROR);
|
|
err:
|
|
if (combine == 0) {
|
|
ASN1_item_ex_free(pval, it);
|
|
}
|
|
if (errtt) {
|
|
ERR_add_error_data(4, "Field=", errtt->field_name, ", Type=", it->sname);
|
|
} else {
|
|
ERR_add_error_data(2, "Type=", it->sname);
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|
const ASN1_ITEM *it, int tag, int aclass, char opt,
|
|
ASN1_TLC *ctx) {
|
|
return asn1_item_ex_d2i(pval, in, len, it, tag, aclass, opt, 0);
|
|
}
|
|
|
|
// Templates are handled with two separate functions. One handles any
|
|
// EXPLICIT tag and the other handles the rest.
|
|
|
|
static int asn1_template_ex_d2i(ASN1_VALUE **val, const unsigned char **in,
|
|
long inlen, const ASN1_TEMPLATE *tt, char opt,
|
|
int depth) {
|
|
int aclass;
|
|
int ret;
|
|
long len;
|
|
const unsigned char *p, *q;
|
|
char exp_eoc;
|
|
if (!val) {
|
|
return 0;
|
|
}
|
|
uint32_t flags = tt->flags;
|
|
aclass = flags & ASN1_TFLG_TAG_CLASS;
|
|
|
|
p = *in;
|
|
|
|
// Check if EXPLICIT tag expected
|
|
if (flags & ASN1_TFLG_EXPTAG) {
|
|
char cst;
|
|
// Need to work out amount of data available to the inner content and
|
|
// where it starts: so read in EXPLICIT header to get the info.
|
|
ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, &p, inlen, tt->tag, aclass,
|
|
opt);
|
|
q = p;
|
|
if (!ret) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
return 0;
|
|
} else if (ret == -1) {
|
|
return -1;
|
|
}
|
|
if (!cst) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
|
|
return 0;
|
|
}
|
|
// We've found the field so it can't be OPTIONAL now
|
|
ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, depth);
|
|
if (!ret) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
return 0;
|
|
}
|
|
// We read the field in OK so update length
|
|
len -= p - q;
|
|
if (exp_eoc) {
|
|
// If NDEF we must have an EOC here.
|
|
if (!asn1_check_eoc(&p, len)) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC);
|
|
goto err;
|
|
}
|
|
} else {
|
|
// Otherwise we must hit the EXPLICIT tag end or its an error
|
|
if (len) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_EXPLICIT_LENGTH_MISMATCH);
|
|
goto err;
|
|
}
|
|
}
|
|
} else {
|
|
return asn1_template_noexp_d2i(val, in, inlen, tt, opt, depth);
|
|
}
|
|
|
|
*in = p;
|
|
return 1;
|
|
|
|
err:
|
|
ASN1_template_free(val, tt);
|
|
return 0;
|
|
}
|
|
|
|
static int asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in,
|
|
long len, const ASN1_TEMPLATE *tt, char opt,
|
|
int depth) {
|
|
int aclass;
|
|
int ret;
|
|
const unsigned char *p;
|
|
if (!val) {
|
|
return 0;
|
|
}
|
|
uint32_t flags = tt->flags;
|
|
aclass = flags & ASN1_TFLG_TAG_CLASS;
|
|
|
|
p = *in;
|
|
|
|
if (flags & ASN1_TFLG_SK_MASK) {
|
|
// SET OF, SEQUENCE OF
|
|
int sktag, skaclass;
|
|
char sk_eoc;
|
|
// First work out expected inner tag value
|
|
if (flags & ASN1_TFLG_IMPTAG) {
|
|
sktag = tt->tag;
|
|
skaclass = aclass;
|
|
} else {
|
|
skaclass = V_ASN1_UNIVERSAL;
|
|
if (flags & ASN1_TFLG_SET_OF) {
|
|
sktag = V_ASN1_SET;
|
|
} else {
|
|
sktag = V_ASN1_SEQUENCE;
|
|
}
|
|
}
|
|
// Get the tag
|
|
ret =
|
|
asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, &p, len, sktag, skaclass, opt);
|
|
if (!ret) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
return 0;
|
|
} else if (ret == -1) {
|
|
return -1;
|
|
}
|
|
if (!*val) {
|
|
*val = (ASN1_VALUE *)sk_ASN1_VALUE_new_null();
|
|
} else {
|
|
// We've got a valid STACK: free up any items present
|
|
STACK_OF(ASN1_VALUE) *sktmp = (STACK_OF(ASN1_VALUE) *)*val;
|
|
ASN1_VALUE *vtmp;
|
|
while (sk_ASN1_VALUE_num(sktmp) > 0) {
|
|
vtmp = sk_ASN1_VALUE_pop(sktmp);
|
|
ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item));
|
|
}
|
|
}
|
|
|
|
if (!*val) {
|
|
goto err;
|
|
}
|
|
|
|
// Read as many items as we can
|
|
while (len > 0) {
|
|
ASN1_VALUE *skfield;
|
|
const unsigned char *q = p;
|
|
// See if EOC found.
|
|
if (asn1_check_eoc(&p, len)) {
|
|
if (!sk_eoc) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNEXPECTED_EOC);
|
|
goto err;
|
|
}
|
|
len -= p - q;
|
|
sk_eoc = 0;
|
|
break;
|
|
}
|
|
skfield = NULL;
|
|
if (!asn1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0,
|
|
0, depth)) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
goto err;
|
|
}
|
|
len -= p - q;
|
|
if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) {
|
|
ASN1_item_ex_free(&skfield, ASN1_ITEM_ptr(tt->item));
|
|
goto err;
|
|
}
|
|
}
|
|
if (sk_eoc) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC);
|
|
goto err;
|
|
}
|
|
} else if (flags & ASN1_TFLG_IMPTAG) {
|
|
// IMPLICIT tagging
|
|
ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag,
|
|
aclass, opt, depth);
|
|
if (!ret) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
goto err;
|
|
} else if (ret == -1) {
|
|
return -1;
|
|
}
|
|
} else {
|
|
// Nothing special
|
|
ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), -1,
|
|
tt->flags & ASN1_TFLG_COMBINE, opt, depth);
|
|
if (!ret) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
goto err;
|
|
} else if (ret == -1) {
|
|
return -1;
|
|
}
|
|
}
|
|
|
|
*in = p;
|
|
return 1;
|
|
|
|
err:
|
|
ASN1_template_free(val, tt);
|
|
return 0;
|
|
}
|
|
|
|
static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const unsigned char **in,
|
|
long inlen, const ASN1_ITEM *it, int tag,
|
|
int aclass, char opt) {
|
|
int ret = 0, utype;
|
|
long plen;
|
|
char cst, inf;
|
|
const unsigned char *p;
|
|
BUF_MEM buf = {0, NULL, 0 };
|
|
const unsigned char *cont = NULL;
|
|
long len;
|
|
if (!pval) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_NULL);
|
|
return 0; // Should never happen
|
|
}
|
|
|
|
if (it->itype == ASN1_ITYPE_MSTRING) {
|
|
utype = tag;
|
|
tag = -1;
|
|
} else {
|
|
utype = it->utype;
|
|
}
|
|
|
|
if (utype == V_ASN1_ANY) {
|
|
// If type is ANY need to figure out type from tag
|
|
unsigned char oclass;
|
|
if (tag >= 0) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_TAGGED_ANY);
|
|
return 0;
|
|
}
|
|
if (opt) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OPTIONAL_ANY);
|
|
return 0;
|
|
}
|
|
p = *in;
|
|
ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, &p, inlen, -1, 0, 0);
|
|
if (!ret) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
return 0;
|
|
}
|
|
if (oclass != V_ASN1_UNIVERSAL) {
|
|
utype = V_ASN1_OTHER;
|
|
}
|
|
}
|
|
if (tag == -1) {
|
|
tag = utype;
|
|
aclass = V_ASN1_UNIVERSAL;
|
|
}
|
|
p = *in;
|
|
// Check header
|
|
ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, &p, inlen, tag, aclass, opt);
|
|
if (!ret) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
return 0;
|
|
} else if (ret == -1) {
|
|
return -1;
|
|
}
|
|
ret = 0;
|
|
// SEQUENCE, SET and "OTHER" are left in encoded form
|
|
if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
|
|
(utype == V_ASN1_OTHER)) {
|
|
// SEQUENCE and SET must be constructed
|
|
if (utype != V_ASN1_OTHER && !cst) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_TYPE_NOT_CONSTRUCTED);
|
|
return 0;
|
|
}
|
|
|
|
cont = *in;
|
|
// If indefinite length constructed, find the real end.
|
|
if (inf) {
|
|
if (!asn1_find_end(&p, plen, inf)) {
|
|
goto err;
|
|
}
|
|
len = p - cont;
|
|
} else {
|
|
len = p - cont + plen;
|
|
p += plen;
|
|
}
|
|
} else if (cst) {
|
|
if (utype == V_ASN1_NULL || utype == V_ASN1_BOOLEAN
|
|
|| utype == V_ASN1_OBJECT || utype == V_ASN1_INTEGER
|
|
|| utype == V_ASN1_ENUMERATED) {
|
|
// These types only have primitive encodings.
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_TYPE_NOT_PRIMITIVE);
|
|
return 0;
|
|
}
|
|
|
|
// Should really check the internal tags are correct but some things
|
|
// may get this wrong. The relevant specs say that constructed string
|
|
// types should be OCTET STRINGs internally irrespective of the type.
|
|
// So instead just check for UNIVERSAL class and ignore the tag.
|
|
if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) {
|
|
goto err;
|
|
}
|
|
len = buf.length;
|
|
// Append a final null to string.
|
|
if (!BUF_MEM_grow_clean(&buf, len + 1)) {
|
|
goto err;
|
|
}
|
|
buf.data[len] = 0;
|
|
cont = (const unsigned char *)buf.data;
|
|
} else {
|
|
cont = p;
|
|
len = plen;
|
|
p += plen;
|
|
}
|
|
|
|
// We now have content length and type: translate into a structure
|
|
if (!asn1_ex_c2i(pval, cont, len, utype, it)) {
|
|
goto err;
|
|
}
|
|
|
|
*in = p;
|
|
ret = 1;
|
|
err:
|
|
OPENSSL_free(buf.data);
|
|
return ret;
|
|
}
|
|
|
|
// Translate ASN1 content octets into a structure
|
|
|
|
static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len,
|
|
int utype, const ASN1_ITEM *it) {
|
|
ASN1_VALUE **opval = NULL;
|
|
ASN1_STRING *stmp;
|
|
ASN1_TYPE *typ = NULL;
|
|
int ret = 0;
|
|
ASN1_INTEGER **tint;
|
|
|
|
// Historically, |it->funcs| for primitive types contained an
|
|
// |ASN1_PRIMITIVE_FUNCS| table of callbacks.
|
|
assert(it->funcs == NULL);
|
|
|
|
// If ANY type clear type and set pointer to internal value
|
|
if (it->utype == V_ASN1_ANY) {
|
|
if (!*pval) {
|
|
typ = ASN1_TYPE_new();
|
|
if (typ == NULL) {
|
|
goto err;
|
|
}
|
|
*pval = (ASN1_VALUE *)typ;
|
|
} else {
|
|
typ = (ASN1_TYPE *)*pval;
|
|
}
|
|
|
|
if (utype != typ->type) {
|
|
ASN1_TYPE_set(typ, utype, NULL);
|
|
}
|
|
opval = pval;
|
|
pval = &typ->value.asn1_value;
|
|
}
|
|
switch (utype) {
|
|
case V_ASN1_OBJECT:
|
|
if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) {
|
|
goto err;
|
|
}
|
|
break;
|
|
|
|
case V_ASN1_NULL:
|
|
if (len) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NULL_IS_WRONG_LENGTH);
|
|
goto err;
|
|
}
|
|
*pval = (ASN1_VALUE *)1;
|
|
break;
|
|
|
|
case V_ASN1_BOOLEAN:
|
|
if (len != 1) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
|
|
goto err;
|
|
} else {
|
|
ASN1_BOOLEAN *tbool;
|
|
tbool = (ASN1_BOOLEAN *)pval;
|
|
*tbool = *cont;
|
|
}
|
|
break;
|
|
|
|
case V_ASN1_BIT_STRING:
|
|
if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) {
|
|
goto err;
|
|
}
|
|
break;
|
|
|
|
case V_ASN1_INTEGER:
|
|
case V_ASN1_ENUMERATED:
|
|
tint = (ASN1_INTEGER **)pval;
|
|
if (!c2i_ASN1_INTEGER(tint, &cont, len)) {
|
|
goto err;
|
|
}
|
|
// Fixup type to match the expected form
|
|
(*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
|
|
break;
|
|
|
|
case V_ASN1_OCTET_STRING:
|
|
case V_ASN1_NUMERICSTRING:
|
|
case V_ASN1_PRINTABLESTRING:
|
|
case V_ASN1_T61STRING:
|
|
case V_ASN1_VIDEOTEXSTRING:
|
|
case V_ASN1_IA5STRING:
|
|
case V_ASN1_UTCTIME:
|
|
case V_ASN1_GENERALIZEDTIME:
|
|
case V_ASN1_GRAPHICSTRING:
|
|
case V_ASN1_VISIBLESTRING:
|
|
case V_ASN1_GENERALSTRING:
|
|
case V_ASN1_UNIVERSALSTRING:
|
|
case V_ASN1_BMPSTRING:
|
|
case V_ASN1_UTF8STRING:
|
|
case V_ASN1_OTHER:
|
|
case V_ASN1_SET:
|
|
case V_ASN1_SEQUENCE:
|
|
default:
|
|
if (utype == V_ASN1_BMPSTRING && (len & 1)) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
|
|
goto err;
|
|
}
|
|
if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
|
|
goto err;
|
|
}
|
|
if (utype == V_ASN1_UTCTIME) {
|
|
CBS cbs;
|
|
CBS_init(&cbs, cont, (size_t)len);
|
|
if (!CBS_parse_utc_time(&cbs, NULL, /*allow_timezone_offset=*/1)) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_TIME_FORMAT);
|
|
goto err;
|
|
}
|
|
}
|
|
if (utype == V_ASN1_GENERALIZEDTIME) {
|
|
CBS cbs;
|
|
CBS_init(&cbs, cont, (size_t)len);
|
|
if (!CBS_parse_generalized_time(&cbs, NULL,
|
|
/*allow_timezone_offset=*/0)) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_TIME_FORMAT);
|
|
goto err;
|
|
}
|
|
}
|
|
// All based on ASN1_STRING and handled the same
|
|
if (!*pval) {
|
|
stmp = ASN1_STRING_type_new(utype);
|
|
if (!stmp) {
|
|
goto err;
|
|
}
|
|
*pval = (ASN1_VALUE *)stmp;
|
|
} else {
|
|
stmp = (ASN1_STRING *)*pval;
|
|
stmp->type = utype;
|
|
}
|
|
if (!ASN1_STRING_set(stmp, cont, len)) {
|
|
ASN1_STRING_free(stmp);
|
|
*pval = NULL;
|
|
goto err;
|
|
}
|
|
break;
|
|
}
|
|
// If ASN1_ANY and NULL type fix up value
|
|
if (typ && (utype == V_ASN1_NULL)) {
|
|
typ->value.ptr = NULL;
|
|
}
|
|
|
|
ret = 1;
|
|
err:
|
|
if (!ret) {
|
|
ASN1_TYPE_free(typ);
|
|
if (opval) {
|
|
*opval = NULL;
|
|
}
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
// This function finds the end of an ASN1 structure when passed its maximum
|
|
// length, whether it is indefinite length and a pointer to the content. This
|
|
// is more efficient than calling asn1_collect because it does not recurse on
|
|
// each indefinite length header.
|
|
static int asn1_find_end(const unsigned char **in, long len, char inf) {
|
|
uint32_t expected_eoc;
|
|
long plen;
|
|
const unsigned char *p = *in, *q;
|
|
// If not indefinite length constructed just add length.
|
|
if (inf == 0) {
|
|
*in += len;
|
|
return 1;
|
|
}
|
|
expected_eoc = 1;
|
|
// Indefinite length constructed form. Find the end when enough EOCs are
|
|
// found. If more indefinite length constructed headers are encountered
|
|
// increment the expected eoc count otherwise just skip to the end of the
|
|
// data.
|
|
while (len > 0) {
|
|
if (asn1_check_eoc(&p, len)) {
|
|
expected_eoc--;
|
|
if (expected_eoc == 0) {
|
|
break;
|
|
}
|
|
len -= 2;
|
|
continue;
|
|
}
|
|
q = p;
|
|
// Just read in a header: only care about the length.
|
|
if (!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
|
|
-1, 0, 0)) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
return 0;
|
|
}
|
|
if (inf) {
|
|
// This checks for an underflow due to the loop subtraction done on
|
|
// |expected_eoc| above.
|
|
if (expected_eoc == UINT32_MAX) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
return 0;
|
|
}
|
|
expected_eoc++;
|
|
}
|
|
else {
|
|
p += plen;
|
|
}
|
|
len -= p - q;
|
|
}
|
|
if (expected_eoc) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC);
|
|
return 0;
|
|
}
|
|
*in = p;
|
|
return 1;
|
|
}
|
|
|
|
// This function collects the asn1 data from a constructed string type into
|
|
// a buffer. The values of 'in' and 'len' should refer to the contents of the
|
|
// constructed type and 'inf' should be set if it is indefinite length.
|
|
|
|
// This determines how many levels of recursion are permitted in ASN1 string
|
|
// types. If it is not limited stack overflows can occur. If set to zero no
|
|
// recursion is allowed at all. Although zero should be adequate examples
|
|
// exist that require a value of 1. So 5 should be more than enough.
|
|
|
|
#define ASN1_MAX_STRING_NEST 5
|
|
|
|
static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
|
|
char inf, int tag, int aclass, int depth) {
|
|
const unsigned char *p, *q;
|
|
long plen;
|
|
char cst, ininf;
|
|
p = *in;
|
|
inf &= 1;
|
|
// If no buffer and not indefinite length constructed just pass over the
|
|
// encoded data
|
|
if (!buf && !inf) {
|
|
*in += len;
|
|
return 1;
|
|
}
|
|
while (len > 0) {
|
|
q = p;
|
|
// Check for EOC.
|
|
if (asn1_check_eoc(&p, len)) {
|
|
// EOC is illegal outside indefinite length constructed form
|
|
if (!inf) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNEXPECTED_EOC);
|
|
return 0;
|
|
}
|
|
inf = 0;
|
|
break;
|
|
}
|
|
|
|
if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p,
|
|
len, tag, aclass, 0)) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR);
|
|
return 0;
|
|
}
|
|
|
|
// If indefinite length constructed, update max length.
|
|
if (cst) {
|
|
if (depth >= ASN1_MAX_STRING_NEST) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_STRING);
|
|
return 0;
|
|
}
|
|
if (!asn1_collect(buf, &p, plen, ininf, tag, aclass, depth + 1)) {
|
|
return 0;
|
|
}
|
|
} else if (plen && !collect_data(buf, &p, plen)) {
|
|
return 0;
|
|
}
|
|
len -= p - q;
|
|
}
|
|
if (inf) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_EOC);
|
|
return 0;
|
|
}
|
|
*in = p;
|
|
return 1;
|
|
}
|
|
|
|
static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen) {
|
|
int len;
|
|
if (buf) {
|
|
len = buf->length;
|
|
if (!BUF_MEM_grow_clean(buf, len + plen)) {
|
|
return 0;
|
|
}
|
|
OPENSSL_memcpy(buf->data + len, *p, plen);
|
|
}
|
|
*p += plen;
|
|
return 1;
|
|
}
|
|
|
|
// Check for ASN1 EOC and swallow it if found. Returns 1 if found and 0 if none.
|
|
static int asn1_check_eoc(const unsigned char **in, long len) {
|
|
const unsigned char *p;
|
|
if (len < 2) {
|
|
return 0;
|
|
}
|
|
p = *in;
|
|
if (p[0] == '\0' && p[1] == '\0') {
|
|
*in += 2;
|
|
return 1;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
// Check an ASN1 tag and length: a bit like ASN1_get_object but it sets the
|
|
// length for indefinite length constructed form, we don't know the exact
|
|
// length, but we can set an upper bound to the amount of data available minus
|
|
// the header length just read.
|
|
static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
|
|
char *inf, char *cst, const unsigned char **in,
|
|
long len, int exptag, int expclass, char opt) {
|
|
int i;
|
|
int ptag, pclass;
|
|
long plen;
|
|
const unsigned char *p, *q;
|
|
p = *in;
|
|
q = p;
|
|
|
|
i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
|
|
if (i & 0x80) {
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_OBJECT_HEADER);
|
|
return 0;
|
|
}
|
|
if (exptag >= 0) {
|
|
if ((exptag != ptag) || (expclass != pclass)) {
|
|
// If type is OPTIONAL, not an error: indicate missing type.
|
|
if (opt) {
|
|
return -1;
|
|
}
|
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_TAG);
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
// If indefinite, this sets an upper bound to the amount of data available
|
|
// minus the header length just read.
|
|
if (i & 1) {
|
|
plen = len - (p - q);
|
|
}
|
|
|
|
// Indicate whether indefinite.
|
|
if (inf != NULL) {
|
|
*inf = i & 1;
|
|
}
|
|
|
|
if (cst) {
|
|
*cst = i & V_ASN1_CONSTRUCTED;
|
|
}
|
|
|
|
if (olen) {
|
|
*olen = plen;
|
|
}
|
|
|
|
if (oclass) {
|
|
*oclass = pclass;
|
|
}
|
|
|
|
if (otag) {
|
|
*otag = ptag;
|
|
}
|
|
|
|
*in = p;
|
|
return 1;
|
|
}
|