1 /* $OpenBSD: bs_cbs.c,v 1.18 2019/01/23 22:20:40 beck Exp $ */
3 * Copyright (c) 2014, Google Inc.
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
12 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
14 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
15 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
20 #include <openssl/opensslconf.h>
21 #include <openssl/buffer.h>
22 #include <openssl/crypto.h>
24 #include "bytestring.h"
27 CBS_init(CBS *cbs, const uint8_t *data, size_t len)
30 cbs->initial_len = len;
35 CBS_dup(const CBS *cbs, CBS *out)
37 CBS_init(out, CBS_data(cbs), CBS_len(cbs));
38 out->initial_len = cbs->initial_len;
42 cbs_get(CBS *cbs, const uint8_t **p, size_t n)
54 CBS_offset(const CBS *cbs)
56 return cbs->initial_len - cbs->len;
60 CBS_skip(CBS *cbs, size_t len)
63 return cbs_get(cbs, &dummy, len);
67 CBS_data(const CBS *cbs)
73 CBS_len(const CBS *cbs)
79 CBS_stow(const CBS *cbs, uint8_t **out_ptr, size_t *out_len)
88 if ((*out_ptr = malloc(cbs->len)) == NULL)
91 memcpy(*out_ptr, cbs->data, cbs->len);
98 CBS_strdup(const CBS *cbs, char **out_ptr)
101 *out_ptr = strndup((const char *)cbs->data, cbs->len);
102 return (*out_ptr != NULL);
106 CBS_write_bytes(const CBS *cbs, uint8_t *dst, size_t dst_len, size_t *copied)
108 if (dst_len < cbs->len)
111 memmove(dst, cbs->data, cbs->len);
120 CBS_contains_zero_byte(const CBS *cbs)
122 return memchr(cbs->data, 0, cbs->len) != NULL;
126 CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len)
131 return timingsafe_memcmp(cbs->data, data, len) == 0;
135 cbs_get_u(CBS *cbs, uint32_t *out, size_t len)
141 if (len < 1 || len > 4)
144 if (!cbs_get(cbs, &data, len))
147 for (i = 0; i < len; i++) {
156 CBS_get_u8(CBS *cbs, uint8_t *out)
160 if (!cbs_get(cbs, &v, 1))
168 CBS_get_u16(CBS *cbs, uint16_t *out)
172 if (!cbs_get_u(cbs, &v, 2))
180 CBS_get_u24(CBS *cbs, uint32_t *out)
182 return cbs_get_u(cbs, out, 3);
186 CBS_get_u32(CBS *cbs, uint32_t *out)
188 return cbs_get_u(cbs, out, 4);
192 CBS_get_bytes(CBS *cbs, CBS *out, size_t len)
196 if (!cbs_get(cbs, &v, len))
199 CBS_init(out, v, len);
204 cbs_get_length_prefixed(CBS *cbs, CBS *out, size_t len_len)
208 if (!cbs_get_u(cbs, &len, len_len))
211 return CBS_get_bytes(cbs, out, len);
215 CBS_get_u8_length_prefixed(CBS *cbs, CBS *out)
217 return cbs_get_length_prefixed(cbs, out, 1);
221 CBS_get_u16_length_prefixed(CBS *cbs, CBS *out)
223 return cbs_get_length_prefixed(cbs, out, 2);
227 CBS_get_u24_length_prefixed(CBS *cbs, CBS *out)
229 return cbs_get_length_prefixed(cbs, out, 3);
233 CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned int *out_tag,
234 size_t *out_header_len)
236 return cbs_get_any_asn1_element_internal(cbs, out, out_tag,
241 * Review X.690 for details on ASN.1 DER encoding.
243 * If non-strict mode is enabled, then DER rules are relaxed
244 * for indefinite constructs (violates DER but a little closer to BER).
245 * Non-strict mode should only be used by bs_ber.c
247 * Sections 8, 10 and 11 for DER encoding
250 cbs_get_any_asn1_element_internal(CBS *cbs, CBS *out, unsigned int *out_tag,
251 size_t *out_header_len, int strict)
253 uint8_t tag, length_byte;
262 * Get identifier octet and length octet. Only 1 octet for each
263 * is a CBS limitation.
265 if (!CBS_get_u8(&header, &tag) || !CBS_get_u8(&header, &length_byte))
268 /* CBS limitation: long form tags are not supported. */
269 if ((tag & 0x1f) == 0x1f)
275 if ((length_byte & 0x80) == 0) {
276 /* Short form length. */
277 len = ((size_t) length_byte) + 2;
278 if (out_header_len != NULL)
282 /* Long form length. */
283 const size_t num_bytes = length_byte & 0x7f;
286 /* ASN.1 reserved value for future extensions */
287 if (num_bytes == 0x7f)
290 /* Handle indefinite form length */
291 if (num_bytes == 0) {
292 /* DER encoding doesn't allow for indefinite form. */
296 /* Primitive cannot use indefinite in BER or DER. */
297 if ((tag & CBS_ASN1_CONSTRUCTED) == 0)
300 /* Constructed, indefinite length allowed in BER. */
301 if (out_header_len != NULL)
303 return CBS_get_bytes(cbs, out, 2);
306 /* CBS limitation. */
310 if (!cbs_get_u(&header, &len32, num_bytes))
313 /* DER has a minimum length octet requirement. */
315 /* Should have used short form instead */
318 if ((len32 >> ((num_bytes - 1) * 8)) == 0)
319 /* Length should have been at least one byte shorter. */
323 if (len + 2 + num_bytes < len)
327 len += 2 + num_bytes;
328 if (out_header_len != NULL)
329 *out_header_len = 2 + num_bytes;
332 return CBS_get_bytes(cbs, out, len);
336 cbs_get_asn1(CBS *cbs, CBS *out, unsigned int tag_value, int skip_header)
345 if (!CBS_get_any_asn1_element(cbs, out, &tag, &header_len) ||
349 if (skip_header && !CBS_skip(out, header_len))
356 CBS_get_asn1(CBS *cbs, CBS *out, unsigned int tag_value)
358 return cbs_get_asn1(cbs, out, tag_value, 1 /* skip header */);
362 CBS_get_asn1_element(CBS *cbs, CBS *out, unsigned int tag_value)
364 return cbs_get_asn1(cbs, out, tag_value, 0 /* include header */);
368 CBS_peek_asn1_tag(const CBS *cbs, unsigned int tag_value)
370 if (CBS_len(cbs) < 1)
374 * Tag number 31 indicates the start of a long form number.
375 * This is valid in ASN.1, but CBS only supports short form.
377 if ((tag_value & 0x1f) == 0x1f)
380 return CBS_data(cbs)[0] == tag_value;
383 /* Encoding details are in ASN.1: X.690 section 8.3 */
385 CBS_get_asn1_uint64(CBS *cbs, uint64_t *out)
391 if (!CBS_get_asn1(cbs, &bytes, CBS_ASN1_INTEGER))
395 data = CBS_data(&bytes);
396 len = CBS_len(&bytes);
399 /* An INTEGER is encoded with at least one content octet. */
402 if ((data[0] & 0x80) != 0)
403 /* Negative number. */
406 if (data[0] == 0 && len > 1 && (data[1] & 0x80) == 0)
407 /* Violates smallest encoding rule: excessive leading zeros. */
410 for (i = 0; i < len; i++) {
411 if ((*out >> 56) != 0)
412 /* Too large to represent as a uint64_t. */
423 CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present, unsigned int tag)
425 if (CBS_peek_asn1_tag(cbs, tag)) {
426 if (!CBS_get_asn1(cbs, out, tag))
437 CBS_get_optional_asn1_octet_string(CBS *cbs, CBS *out, int *out_present,
443 if (!CBS_get_optional_asn1(cbs, &child, &present, tag))
447 if (!CBS_get_asn1(&child, out, CBS_ASN1_OCTETSTRING) ||
448 CBS_len(&child) != 0)
451 CBS_init(out, NULL, 0);
454 *out_present = present;
460 CBS_get_optional_asn1_uint64(CBS *cbs, uint64_t *out, unsigned int tag,
461 uint64_t default_value)
466 if (!CBS_get_optional_asn1(cbs, &child, &present, tag))
470 if (!CBS_get_asn1_uint64(&child, out) ||
471 CBS_len(&child) != 0)
474 *out = default_value;
480 CBS_get_optional_asn1_bool(CBS *cbs, int *out, unsigned int tag,
486 if (!CBS_get_optional_asn1(cbs, &child, &present, tag))
492 if (!CBS_get_asn1(&child, &child2, CBS_ASN1_BOOLEAN) ||
493 CBS_len(&child2) != 1 || CBS_len(&child) != 0)
496 boolean = CBS_data(&child2)[0];
499 else if (boolean == 0xff)
505 *out = default_value;