1/*
2 * Generic ASN.1 parsing
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19
20#include "common.h"
21
22#if defined(MBEDTLS_ASN1_PARSE_C)
23
24#include "mbedtls/asn1.h"
25#include "mbedtls/platform_util.h"
26#include "mbedtls/error.h"
27
28#include <string.h>
29
30#if defined(MBEDTLS_BIGNUM_C)
31#include "mbedtls/bignum.h"
32#endif
33
34#if defined(MBEDTLS_PLATFORM_C)
35#include "mbedtls/platform.h"
36#else
37#include <stdlib.h>
38#define mbedtls_calloc calloc
39#define mbedtls_free free
40#endif
41
42/*
43 * ASN.1 DER decoding routines
44 */
45int mbedtls_asn1_get_len( unsigned char **p,
46 const unsigned char *end,
47 size_t *len )
48{
49 if( ( end - *p ) < 1 )
50 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
51
52 if( ( **p & 0x80 ) == 0 )
53 *len = *(*p)++;
54 else
55 {
56 switch( **p & 0x7F )
57 {
58 case 1:
59 if( ( end - *p ) < 2 )
60 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
61
62 *len = (*p)[1];
63 (*p) += 2;
64 break;
65
66 case 2:
67 if( ( end - *p ) < 3 )
68 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
69
70 *len = ( (size_t)(*p)[1] << 8 ) | (*p)[2];
71 (*p) += 3;
72 break;
73
74 case 3:
75 if( ( end - *p ) < 4 )
76 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
77
78 *len = ( (size_t)(*p)[1] << 16 ) |
79 ( (size_t)(*p)[2] << 8 ) | (*p)[3];
80 (*p) += 4;
81 break;
82
83 case 4:
84 if( ( end - *p ) < 5 )
85 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
86
87 *len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) |
88 ( (size_t)(*p)[3] << 8 ) | (*p)[4];
89 (*p) += 5;
90 break;
91
92 default:
93 return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
94 }
95 }
96
97 if( *len > (size_t) ( end - *p ) )
98 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
99
100 return( 0 );
101}
102
103int mbedtls_asn1_get_tag( unsigned char **p,
104 const unsigned char *end,
105 size_t *len, int tag )
106{
107 if( ( end - *p ) < 1 )
108 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
109
110 if( **p != tag )
111 return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
112
113 (*p)++;
114
115 return( mbedtls_asn1_get_len( p, end, len ) );
116}
117
118int mbedtls_asn1_get_bool( unsigned char **p,
119 const unsigned char *end,
120 int *val )
121{
122 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
123 size_t len;
124
125 if( ( ret = mbedtls_asn1_get_tag( p, end, len: &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 )
126 return( ret );
127
128 if( len != 1 )
129 return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
130
131 *val = ( **p != 0 ) ? 1 : 0;
132 (*p)++;
133
134 return( 0 );
135}
136
137static int asn1_get_tagged_int( unsigned char **p,
138 const unsigned char *end,
139 int tag, int *val )
140{
141 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
142 size_t len;
143
144 if( ( ret = mbedtls_asn1_get_tag( p, end, len: &len, tag ) ) != 0 )
145 return( ret );
146
147 /*
148 * len==0 is malformed (0 must be represented as 020100 for INTEGER,
149 * or 0A0100 for ENUMERATED tags
150 */
151 if( len == 0 )
152 return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
153 /* This is a cryptography library. Reject negative integers. */
154 if( ( **p & 0x80 ) != 0 )
155 return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
156
157 /* Skip leading zeros. */
158 while( len > 0 && **p == 0 )
159 {
160 ++( *p );
161 --len;
162 }
163
164 /* Reject integers that don't fit in an int. This code assumes that
165 * the int type has no padding bit. */
166 if( len > sizeof( int ) )
167 return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
168 if( len == sizeof( int ) && ( **p & 0x80 ) != 0 )
169 return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
170
171 *val = 0;
172 while( len-- > 0 )
173 {
174 *val = ( *val << 8 ) | **p;
175 (*p)++;
176 }
177
178 return( 0 );
179}
180
181int mbedtls_asn1_get_int( unsigned char **p,
182 const unsigned char *end,
183 int *val )
184{
185 return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_INTEGER, val) );
186}
187
188int mbedtls_asn1_get_enum( unsigned char **p,
189 const unsigned char *end,
190 int *val )
191{
192 return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_ENUMERATED, val) );
193}
194
195#if defined(MBEDTLS_BIGNUM_C)
196int mbedtls_asn1_get_mpi( unsigned char **p,
197 const unsigned char *end,
198 mbedtls_mpi *X )
199{
200 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
201 size_t len;
202
203 if( ( ret = mbedtls_asn1_get_tag( p, end, len: &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
204 return( ret );
205
206 ret = mbedtls_mpi_read_binary( X, buf: *p, buflen: len );
207
208 *p += len;
209
210 return( ret );
211}
212#endif /* MBEDTLS_BIGNUM_C */
213
214int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
215 mbedtls_asn1_bitstring *bs)
216{
217 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
218
219 /* Certificate type is a single byte bitstring */
220 if( ( ret = mbedtls_asn1_get_tag( p, end, len: &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
221 return( ret );
222
223 /* Check length, subtract one for actual bit string length */
224 if( bs->len < 1 )
225 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
226 bs->len -= 1;
227
228 /* Get number of unused bits, ensure unused bits <= 7 */
229 bs->unused_bits = **p;
230 if( bs->unused_bits > 7 )
231 return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
232 (*p)++;
233
234 /* Get actual bitstring */
235 bs->p = *p;
236 *p += bs->len;
237
238 if( *p != end )
239 return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
240
241 return( 0 );
242}
243
244/*
245 * Traverse an ASN.1 "SEQUENCE OF <tag>"
246 * and call a callback for each entry found.
247 */
248int mbedtls_asn1_traverse_sequence_of(
249 unsigned char **p,
250 const unsigned char *end,
251 unsigned char tag_must_mask, unsigned char tag_must_val,
252 unsigned char tag_may_mask, unsigned char tag_may_val,
253 int (*cb)( void *ctx, int tag,
254 unsigned char *start, size_t len ),
255 void *ctx )
256{
257 int ret;
258 size_t len;
259
260 /* Get main sequence tag */
261 if( ( ret = mbedtls_asn1_get_tag( p, end, len: &len,
262 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
263 {
264 return( ret );
265 }
266
267 if( *p + len != end )
268 return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
269
270 while( *p < end )
271 {
272 unsigned char const tag = *(*p)++;
273
274 if( ( tag & tag_must_mask ) != tag_must_val )
275 return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
276
277 if( ( ret = mbedtls_asn1_get_len( p, end, len: &len ) ) != 0 )
278 return( ret );
279
280 if( ( tag & tag_may_mask ) == tag_may_val )
281 {
282 if( cb != NULL )
283 {
284 ret = cb( ctx, tag, *p, len );
285 if( ret != 0 )
286 return( ret );
287 }
288 }
289
290 *p += len;
291 }
292
293 return( 0 );
294}
295
296/*
297 * Get a bit string without unused bits
298 */
299int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
300 size_t *len )
301{
302 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
303
304 if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
305 return( ret );
306
307 if( *len == 0 )
308 return( MBEDTLS_ERR_ASN1_INVALID_DATA );
309 --( *len );
310
311 if( **p != 0 )
312 return( MBEDTLS_ERR_ASN1_INVALID_DATA );
313 ++( *p );
314
315 return( 0 );
316}
317
318void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq )
319{
320 while( seq != NULL )
321 {
322 mbedtls_asn1_sequence *next = seq->next;
323 mbedtls_platform_zeroize( buf: seq, len: sizeof( *seq ) );
324 mbedtls_free( ptr: seq );
325 seq = next;
326 }
327}
328
329typedef struct
330{
331 int tag;
332 mbedtls_asn1_sequence *cur;
333} asn1_get_sequence_of_cb_ctx_t;
334
335static int asn1_get_sequence_of_cb( void *ctx,
336 int tag,
337 unsigned char *start,
338 size_t len )
339{
340 asn1_get_sequence_of_cb_ctx_t *cb_ctx =
341 (asn1_get_sequence_of_cb_ctx_t *) ctx;
342 mbedtls_asn1_sequence *cur =
343 cb_ctx->cur;
344
345 if( cur->buf.p != NULL )
346 {
347 cur->next =
348 (struct mbedtls_asn1_sequence *) mbedtls_calloc( nmemb: 1, size: sizeof( mbedtls_asn1_sequence ) );
349
350 if( cur->next == NULL )
351 return( MBEDTLS_ERR_ASN1_ALLOC_FAILED );
352
353 cur = cur->next;
354 }
355
356 cur->buf.p = start;
357 cur->buf.len = len;
358 cur->buf.tag = tag;
359
360 cb_ctx->cur = cur;
361 return( 0 );
362}
363
364/*
365 * Parses and splits an ASN.1 "SEQUENCE OF <tag>"
366 */
367int mbedtls_asn1_get_sequence_of( unsigned char **p,
368 const unsigned char *end,
369 mbedtls_asn1_sequence *cur,
370 int tag)
371{
372 asn1_get_sequence_of_cb_ctx_t cb_ctx = { .tag: tag, .cur: cur };
373 memset( s: cur, c: 0, n: sizeof( mbedtls_asn1_sequence ) );
374 return( mbedtls_asn1_traverse_sequence_of(
375 p, end, tag_must_mask: 0xFF, tag_must_val: tag, tag_may_mask: 0, tag_may_val: 0,
376 cb: asn1_get_sequence_of_cb, ctx: &cb_ctx ) );
377}
378
379int mbedtls_asn1_get_alg( unsigned char **p,
380 const unsigned char *end,
381 mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params )
382{
383 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
384 size_t len;
385
386 if( ( ret = mbedtls_asn1_get_tag( p, end, len: &len,
387 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
388 return( ret );
389
390 if( ( end - *p ) < 1 )
391 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
392
393 alg->tag = **p;
394 end = *p + len;
395
396 if( ( ret = mbedtls_asn1_get_tag( p, end, len: &alg->len, MBEDTLS_ASN1_OID ) ) != 0 )
397 return( ret );
398
399 alg->p = *p;
400 *p += alg->len;
401
402 if( *p == end )
403 {
404 mbedtls_platform_zeroize( buf: params, len: sizeof(mbedtls_asn1_buf) );
405 return( 0 );
406 }
407
408 params->tag = **p;
409 (*p)++;
410
411 if( ( ret = mbedtls_asn1_get_len( p, end, len: &params->len ) ) != 0 )
412 return( ret );
413
414 params->p = *p;
415 *p += params->len;
416
417 if( *p != end )
418 return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
419
420 return( 0 );
421}
422
423int mbedtls_asn1_get_alg_null( unsigned char **p,
424 const unsigned char *end,
425 mbedtls_asn1_buf *alg )
426{
427 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
428 mbedtls_asn1_buf params;
429
430 memset( s: &params, c: 0, n: sizeof(mbedtls_asn1_buf) );
431
432 if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params: &params ) ) != 0 )
433 return( ret );
434
435 if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 )
436 return( MBEDTLS_ERR_ASN1_INVALID_DATA );
437
438 return( 0 );
439}
440
441void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur )
442{
443 if( cur == NULL )
444 return;
445
446 mbedtls_free( ptr: cur->oid.p );
447 mbedtls_free( ptr: cur->val.p );
448
449 mbedtls_platform_zeroize( buf: cur, len: sizeof( mbedtls_asn1_named_data ) );
450}
451
452void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head )
453{
454 mbedtls_asn1_named_data *cur;
455
456 while( ( cur = *head ) != NULL )
457 {
458 *head = cur->next;
459 mbedtls_asn1_free_named_data( cur );
460 mbedtls_free( ptr: cur );
461 }
462}
463
464const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( const mbedtls_asn1_named_data *list,
465 const char *oid, size_t len )
466{
467 while( list != NULL )
468 {
469 if( list->oid.len == len &&
470 memcmp( s1: list->oid.p, s2: oid, n: len ) == 0 )
471 {
472 break;
473 }
474
475 list = list->next;
476 }
477
478 return( list );
479}
480
481#endif /* MBEDTLS_ASN1_PARSE_C */
482