robin.thoni
/
ipxe
Sledovat 1
Oblíbit 0
Rozštěpit 0
Zdrojový kód Úkoly 0 Požadavky na natažení 0 Vydání 11 Wiki Aktivita
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.
3996 Revize
2 Větve
Strom: dc87161c30
Větve Značky
${ item.name }
Vytvořit větev ${ searchTerm }
z „dc87161c30“
${ noResults }
ipxe/src/crypto/asn1.c

asn1.c 8.7KB
Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343 
  1. /*

  2.  * Copyright (C) 2007 Michael Brown <mbrown@fensystems.co.uk>.

  3.  *

  4.  * This program is free software; you can redistribute it and/or

  5.  * modify it under the terms of the GNU General Public License as

  6.  * published by the Free Software Foundation; either version 2 of the

  7.  * License, or any later version.

  8.  *

  9.  * This program is distributed in the hope that it will be useful, but

  10.  * WITHOUT ANY WARRANTY; without even the implied warranty of

  11.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  12.  * General Public License for more details.

  13.  *

  14.  * You should have received a copy of the GNU General Public License

  15.  * along with this program; if not, write to the Free Software

  16.  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

  17.  */

  18. 

  19. FILE_LICENCE ( GPL2_OR_LATER );

  20. 

  21. #include <stdint.h>

  22. #include <stddef.h>

  23. #include <string.h>

  24. #include <errno.h>

  25. #include <ipxe/asn1.h>

  26. 

  27. /** @file

  28.  *

  29.  * ASN.1 encoding

  30.  *

  31.  */

  32. 

  33. /* Disambiguate the various error causes */

  34. #define EINVAL_ASN1_EMPTY \

  35. 	__einfo_error ( EINFO_EINVAL_ASN1_EMPTY )

  36. #define EINFO_EINVAL_ASN1_EMPTY \

  37. 	__einfo_uniqify ( EINFO_EINVAL, 0x01, "Empty or underlength cursor" )

  38. #define EINVAL_ASN1_LEN_LEN \

  39. 	__einfo_error ( EINFO_EINVAL_ASN1_LEN_LEN )

  40. #define EINFO_EINVAL_ASN1_LEN_LEN \

  41. 	__einfo_uniqify ( EINFO_EINVAL, 0x02, "Length field overruns cursor" )

  42. #define EINVAL_ASN1_LEN \

  43. 	__einfo_error ( EINFO_EINVAL_ASN1_LEN )

  44. #define EINFO_EINVAL_ASN1_LEN \

  45. 	__einfo_uniqify ( EINFO_EINVAL, 0x03, "Field overruns cursor" )

  46. #define EINVAL_ASN1_BOOLEAN \

  47. 	__einfo_error ( EINFO_EINVAL_ASN1_BOOLEAN )

  48. #define EINFO_EINVAL_ASN1_BOOLEAN \

  49. 	__einfo_uniqify ( EINFO_EINVAL, 0x04, "Invalid boolean" )

  50. #define EINVAL_ASN1_INTEGER \

  51. 	__einfo_error ( EINFO_EINVAL_ASN1_INTEGER )

  52. #define EINFO_EINVAL_ASN1_INTEGER \

  53. 	__einfo_uniqify ( EINFO_EINVAL, 0x04, "Invalid integer" )

  54. 

  55. /**

  56.  * Invalidate ASN.1 object cursor

  57.  *

  58.  * @v cursor		ASN.1 object cursor

  59.  */

  60. void asn1_invalidate_cursor ( struct asn1_cursor *cursor ) {

  61. 	static uint8_t asn1_invalid_object[] = { ASN1_END, 0 };

  62. 

  63. 	cursor->data = asn1_invalid_object;

  64. 	cursor->len = 0;

  65. }

  66. 

  67. /**

  68.  * Start parsing ASN.1 object

  69.  *

  70.  * @v cursor		ASN.1 object cursor

  71.  * @v type		Expected type, or ASN1_ANY

  72.  * @ret len		Length of object body, or negative error

  73.  *

  74.  * The object cursor will be updated to point to the start of the

  75.  * object body (i.e. the first byte following the length byte(s)), and

  76.  * the length of the object body (i.e. the number of bytes until the

  77.  * following object tag, if any) is returned.

  78.  */

  79. static int asn1_start ( struct asn1_cursor *cursor, unsigned int type ) {

  80. 	unsigned int len_len;

  81. 	unsigned int len;

  82. 

  83. 	/* Sanity check */

  84. 	if ( cursor->len < 2 /* Tag byte and first length byte */ ) {

  85. 		if ( cursor->len )

  86. 			DBGC ( cursor, "ASN1 %p too short\n", cursor );

  87. 		return -EINVAL_ASN1_EMPTY;

  88. 	}

  89. 

  90. 	/* Check the tag byte */

  91. 	if ( ( type != ASN1_ANY ) && ( type != asn1_type ( cursor ) ) ) {

  92. 		DBGC ( cursor, "ASN1 %p type mismatch (expected %d, got %d)\n",

  93. 		       cursor, type, *( ( uint8_t * ) cursor->data ) );

  94. 		return -ENXIO;

  95. 	}

  96. 	cursor->data++;

  97. 	cursor->len--;

  98. 

  99. 	/* Extract length of the length field and sanity check */

  100. 	len_len = *( ( uint8_t * ) cursor->data );

  101. 	if ( len_len & 0x80 ) {

  102. 		len_len = ( len_len & 0x7f );

  103. 		cursor->data++;

  104. 		cursor->len--;

  105. 	} else {

  106. 		len_len = 1;

  107. 	}

  108. 	if ( cursor->len < len_len ) {

  109. 		DBGC ( cursor, "ASN1 %p bad length field length %d (max "

  110. 		       "%zd)\n", cursor, len_len, cursor->len );

  111. 		return -EINVAL_ASN1_LEN_LEN;

  112. 	}

  113. 

  114. 	/* Extract the length and sanity check */

  115. 	for ( len = 0 ; len_len ; len_len-- ) {

  116. 		len <<= 8;

  117. 		len |= *( ( uint8_t * ) cursor->data );

  118. 		cursor->data++;

  119. 		cursor->len--;

  120. 	}

  121. 	if ( cursor->len < len ) {

  122. 		DBGC ( cursor, "ASN1 %p bad length %d (max %zd)\n",

  123. 		       cursor, len, cursor->len );

  124. 		return -EINVAL_ASN1_LEN;

  125. 	}

  126. 

  127. 	return len;

  128. }

  129. 

  130. /**

  131.  * Enter ASN.1 object

  132.  *

  133.  * @v cursor		ASN.1 object cursor

  134.  * @v type		Expected type, or ASN1_ANY

  135.  * @ret rc		Return status code

  136.  *

  137.  * The object cursor will be updated to point to the body of the

  138.  * current ASN.1 object.  If any error occurs, the object cursor will

  139.  * be invalidated.

  140.  */

  141. int asn1_enter ( struct asn1_cursor *cursor, unsigned int type ) {

  142. 	int len;

  143. 

  144. 	len = asn1_start ( cursor, type );

  145. 	if ( len < 0 ) {

  146. 		asn1_invalidate_cursor ( cursor );

  147. 		return len;

  148. 	}

  149. 

  150. 	cursor->len = len;

  151. 	DBGC ( cursor, "ASN1 %p entered object type %02x (len %x)\n",

  152. 	       cursor, type, len );

  153. 

  154. 	return 0;

  155. }

  156. 

  157. /**

  158.  * Skip ASN.1 object if present

  159.  *

  160.  * @v cursor		ASN.1 object cursor

  161.  * @v type		Expected type, or ASN1_ANY

  162.  * @ret rc		Return status code

  163.  *

  164.  * The object cursor will be updated to point to the next ASN.1

  165.  * object.  If any error occurs, the object cursor will not be

  166.  * modified.

  167.  */

  168. int asn1_skip_if_exists ( struct asn1_cursor *cursor, unsigned int type ) {

  169. 	int len;

  170. 

  171. 	len = asn1_start ( cursor, type );

  172. 	if ( len < 0 )

  173. 		return len;

  174. 

  175. 	cursor->data += len;

  176. 	cursor->len -= len;

  177. 	DBGC ( cursor, "ASN1 %p skipped object type %02x (len %x)\n",

  178. 	       cursor, type, len );

  179. 

  180. 	if ( ! cursor->len ) {

  181. 		DBGC ( cursor, "ASN1 %p reached end of object\n", cursor );

  182. 		return -ENOENT;

  183. 	}

  184. 

  185. 	return 0;

  186. }

  187. 

  188. /**

  189.  * Skip ASN.1 object

  190.  *

  191.  * @v cursor		ASN.1 object cursor

  192.  * @v type		Expected type, or ASN1_ANY

  193.  * @ret rc		Return status code

  194.  *

  195.  * The object cursor will be updated to point to the next ASN.1

  196.  * object.  If any error occurs, the object cursor will be

  197.  * invalidated.

  198.  */

  199. int asn1_skip ( struct asn1_cursor *cursor, unsigned int type ) {

  200. 	int rc;

  201. 

  202. 	if ( ( rc = asn1_skip_if_exists ( cursor, type ) ) != 0 ) {

  203. 		asn1_invalidate_cursor ( cursor );

  204. 		return rc;

  205. 	}

  206. 

  207. 	return 0;

  208. }

  209. 

  210. /**

  211.  * Shrink ASN.1 cursor to fit object

  212.  *

  213.  * @v cursor		ASN.1 object cursor

  214.  * @v type		Expected type, or ASN1_ANY

  215.  * @ret rc		Return status code

  216.  *

  217.  * The object cursor will be shrunk to contain only the current ASN.1

  218.  * object.  If any error occurs, the object cursor will be

  219.  * invalidated.

  220.  */

  221. int asn1_shrink ( struct asn1_cursor *cursor, unsigned int type ) {

  222. 	struct asn1_cursor next;

  223. 	int rc;

  224. 

  225. 	/* Skip to next object */

  226. 	memcpy ( &next, cursor, sizeof ( next ) );

  227. 	if ( ( rc = asn1_skip ( &next, type ) ) != 0 )

  228. 		return rc;

  229. 

  230. 	/* Shrink original cursor to contain only its first object */

  231. 	cursor->len = ( next.data - cursor->data );

  232. 

  233. 	return 0;

  234. }

  235. 

  236. /**

  237.  * Enter ASN.1 object of any type

  238.  *

  239.  * @v cursor		ASN.1 object cursor

  240.  * @ret rc		Return status code

  241.  */

  242. int asn1_enter_any ( struct asn1_cursor *cursor ) {

  243. 	return asn1_enter ( cursor, ASN1_ANY );

  244. }

  245. 

  246. /**

  247.  * Skip ASN.1 object of any type

  248.  *

  249.  * @v cursor		ASN.1 object cursor

  250.  * @ret rc		Return status code

  251.  */

  252. int asn1_skip_any ( struct asn1_cursor *cursor ) {

  253. 	return asn1_skip ( cursor, ASN1_ANY );

  254. }

  255. 

  256. /**

  257.  * Shrink ASN.1 object of any type

  258.  *

  259.  * @v cursor		ASN.1 object cursor

  260.  * @ret rc		Return status code

  261.  */

  262. int asn1_shrink_any ( struct asn1_cursor *cursor ) {

  263. 	return asn1_shrink ( cursor, ASN1_ANY );

  264. }

  265. 

  266. /**

  267.  * Parse value of ASN.1 boolean

  268.  *

  269.  * @v cursor		ASN.1 object cursor

  270.  * @ret value		Value, or negative error

  271.  */

  272. int asn1_boolean ( const struct asn1_cursor *cursor ) {

  273. 	struct asn1_cursor contents;

  274. 	const struct asn1_boolean *boolean;

  275. 

  276. 	/* Enter boolean */

  277. 	memcpy ( &contents, cursor, sizeof ( contents ) );

  278. 	asn1_enter ( &contents, ASN1_BOOLEAN );

  279. 	if ( contents.len != sizeof ( *boolean ) )

  280. 		return -EINVAL_ASN1_BOOLEAN;

  281. 

  282. 	/* Extract value */

  283. 	boolean = contents.data;

  284. 	return boolean->value;

  285. }

  286. 

  287. /**

  288.  * Parse value of ASN.1 integer

  289.  *

  290.  * @v cursor		ASN.1 object cursor

  291.  * @v value		Value to fill in

  292.  * @ret rc		Return status code

  293.  */

  294. int asn1_integer ( const struct asn1_cursor *cursor, int *value ) {

  295. 	struct asn1_cursor contents;

  296. 	uint8_t high_byte;

  297. 	int rc;

  298. 

  299. 	/* Enter integer */

  300. 	memcpy ( &contents, cursor, sizeof ( contents ) );

  301. 	if ( ( rc = asn1_enter ( &contents, ASN1_INTEGER ) ) != 0 )

  302. 		return rc;

  303. 	if ( contents.len < 1 )

  304. 		return -EINVAL_ASN1_INTEGER;

  305. 

  306. 	/* Initialise value according to sign byte */

  307. 	*value = *( ( int8_t * ) contents.data );

  308. 	contents.data++;

  309. 	contents.len--;

  310. 

  311. 	/* Process value */

  312. 	while ( contents.len ) {

  313. 		high_byte = ( (*value) >> ( 8 * ( sizeof ( *value ) - 1 ) ) );

  314. 		if ( ( high_byte != 0x00 ) && ( high_byte != 0xff ) ) {

  315. 			DBGC ( cursor, "ASN1 %p integer overflow\n", cursor );

  316. 			return -EINVAL_ASN1_INTEGER;

  317. 		}

  318. 		*value = ( ( *value << 8 ) | *( ( uint8_t * ) contents.data ) );

  319. 		contents.data++;

  320. 		contents.len--;

  321. 	}

  322. 

  323. 	return 0;

  324. }

  325. 

  326. /**

  327.  * Compare two ASN.1 objects

  328.  *

  329.  * @v cursor1		ASN.1 object cursor

  330.  * @v cursor2		ASN.1 object cursor

  331.  * @ret difference	Difference as returned by memcmp()

  332.  *

  333.  * Note that invalid and empty cursors will compare as equal with each

  334.  * other.

  335.  */

  336. int asn1_compare ( const struct asn1_cursor *cursor1,

  337. 		   const struct asn1_cursor *cursor2 ) {

  338. 	int difference;

  339. 

  340. 	difference = ( cursor2->len - cursor1->len );

  341. 	return ( difference ? difference :

  342. 		 memcmp ( cursor1->data, cursor2->data, cursor1->len ) );

  343. }