1 // SPDX-License-Identifier: Apache-2.0 2 /* 3 * Generic ASN.1 parsing 4 * 5 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 6 * 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may 8 * not use this file except in compliance with the License. 9 * You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, software 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 * See the License for the specific language governing permissions and 17 * limitations under the License. 18 * 19 * This file is part of mbed TLS (https://tls.mbed.org) 20 */ 21 22 #if !defined(MBEDTLS_CONFIG_FILE) 23 #include "mbedtls/config.h" 24 #else 25 #include MBEDTLS_CONFIG_FILE 26 #endif 27 28 #if defined(MBEDTLS_ASN1_PARSE_C) 29 30 #include "mbedtls/asn1.h" 31 32 #include <string.h> 33 34 #if defined(MBEDTLS_BIGNUM_C) 35 #include "mbedtls/bignum.h" 36 #endif 37 38 #if defined(MBEDTLS_PLATFORM_C) 39 #include "mbedtls/platform.h" 40 #else 41 #include <stdlib.h> 42 #define mbedtls_calloc calloc 43 #define mbedtls_free free 44 #endif 45 46 /* Implementation that should never be optimized out by the compiler */ 47 static void mbedtls_zeroize( void *v, size_t n ) { 48 volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; 49 } 50 51 /* 52 * ASN.1 DER decoding routines 53 */ 54 int mbedtls_asn1_get_len( unsigned char **p, 55 const unsigned char *end, 56 size_t *len ) 57 { 58 if( ( end - *p ) < 1 ) 59 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); 60 61 if( ( **p & 0x80 ) == 0 ) 62 *len = *(*p)++; 63 else 64 { 65 switch( **p & 0x7F ) 66 { 67 case 1: 68 if( ( end - *p ) < 2 ) 69 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); 70 71 *len = (*p)[1]; 72 (*p) += 2; 73 break; 74 75 case 2: 76 if( ( end - *p ) < 3 ) 77 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); 78 79 *len = ( (size_t)(*p)[1] << 8 ) | (*p)[2]; 80 (*p) += 3; 81 break; 82 83 case 3: 84 if( ( end - *p ) < 4 ) 85 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); 86 87 *len = ( (size_t)(*p)[1] << 16 ) | 88 ( (size_t)(*p)[2] << 8 ) | (*p)[3]; 89 (*p) += 4; 90 break; 91 92 case 4: 93 if( ( end - *p ) < 5 ) 94 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); 95 96 *len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) | 97 ( (size_t)(*p)[3] << 8 ) | (*p)[4]; 98 (*p) += 5; 99 break; 100 101 default: 102 return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); 103 } 104 } 105 106 if( *len > (size_t) ( end - *p ) ) 107 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); 108 109 return( 0 ); 110 } 111 112 int mbedtls_asn1_get_tag( unsigned char **p, 113 const unsigned char *end, 114 size_t *len, int tag ) 115 { 116 if( ( end - *p ) < 1 ) 117 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); 118 119 if( **p != tag ) 120 return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); 121 122 (*p)++; 123 124 return( mbedtls_asn1_get_len( p, end, len ) ); 125 } 126 127 int mbedtls_asn1_get_bool( unsigned char **p, 128 const unsigned char *end, 129 int *val ) 130 { 131 int ret; 132 size_t len; 133 134 if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 ) 135 return( ret ); 136 137 if( len != 1 ) 138 return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); 139 140 *val = ( **p != 0 ) ? 1 : 0; 141 (*p)++; 142 143 return( 0 ); 144 } 145 146 int mbedtls_asn1_get_int( unsigned char **p, 147 const unsigned char *end, 148 int *val ) 149 { 150 int ret; 151 size_t len; 152 153 if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) 154 return( ret ); 155 156 if( len == 0 || len > sizeof( int ) || ( **p & 0x80 ) != 0 ) 157 return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); 158 159 *val = 0; 160 161 while( len-- > 0 ) 162 { 163 *val = ( *val << 8 ) | **p; 164 (*p)++; 165 } 166 167 return( 0 ); 168 } 169 170 #if defined(MBEDTLS_BIGNUM_C) 171 int mbedtls_asn1_get_mpi( unsigned char **p, 172 const unsigned char *end, 173 mbedtls_mpi *X ) 174 { 175 int ret; 176 size_t len; 177 178 if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) 179 return( ret ); 180 181 ret = mbedtls_mpi_read_binary( X, *p, len ); 182 183 *p += len; 184 185 return( ret ); 186 } 187 #endif /* MBEDTLS_BIGNUM_C */ 188 189 int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, 190 mbedtls_asn1_bitstring *bs) 191 { 192 int ret; 193 194 /* Certificate type is a single byte bitstring */ 195 if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) 196 return( ret ); 197 198 /* Check length, subtract one for actual bit string length */ 199 if( bs->len < 1 ) 200 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); 201 bs->len -= 1; 202 203 /* Get number of unused bits, ensure unused bits <= 7 */ 204 bs->unused_bits = **p; 205 if( bs->unused_bits > 7 ) 206 return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); 207 (*p)++; 208 209 /* Get actual bitstring */ 210 bs->p = *p; 211 *p += bs->len; 212 213 if( *p != end ) 214 return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); 215 216 return( 0 ); 217 } 218 219 /* 220 * Get a bit string without unused bits 221 */ 222 int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, 223 size_t *len ) 224 { 225 int ret; 226 227 if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) 228 return( ret ); 229 230 if( (*len)-- < 2 || *(*p)++ != 0 ) 231 return( MBEDTLS_ERR_ASN1_INVALID_DATA ); 232 233 return( 0 ); 234 } 235 236 237 238 /* 239 * Parses and splits an ASN.1 "SEQUENCE OF <tag>" 240 */ 241 int mbedtls_asn1_get_sequence_of( unsigned char **p, 242 const unsigned char *end, 243 mbedtls_asn1_sequence *cur, 244 int tag) 245 { 246 int ret; 247 size_t len; 248 mbedtls_asn1_buf *buf; 249 250 /* Get main sequence tag */ 251 if( ( ret = mbedtls_asn1_get_tag( p, end, &len, 252 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) 253 return( ret ); 254 255 if( *p + len != end ) 256 return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); 257 258 while( *p < end ) 259 { 260 buf = &(cur->buf); 261 buf->tag = **p; 262 263 if( ( ret = mbedtls_asn1_get_tag( p, end, &buf->len, tag ) ) != 0 ) 264 return( ret ); 265 266 buf->p = *p; 267 *p += buf->len; 268 269 /* Allocate and assign next pointer */ 270 if( *p < end ) 271 { 272 cur->next = (mbedtls_asn1_sequence*)mbedtls_calloc( 1, 273 sizeof( mbedtls_asn1_sequence ) ); 274 275 if( cur->next == NULL ) 276 return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); 277 278 cur = cur->next; 279 } 280 } 281 282 /* Set final sequence entry's next pointer to NULL */ 283 cur->next = NULL; 284 285 if( *p != end ) 286 return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); 287 288 return( 0 ); 289 } 290 291 int mbedtls_asn1_get_alg( unsigned char **p, 292 const unsigned char *end, 293 mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ) 294 { 295 int ret; 296 size_t len; 297 298 if( ( ret = mbedtls_asn1_get_tag( p, end, &len, 299 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) 300 return( ret ); 301 302 if( ( end - *p ) < 1 ) 303 return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); 304 305 alg->tag = **p; 306 end = *p + len; 307 308 if( ( ret = mbedtls_asn1_get_tag( p, end, &alg->len, MBEDTLS_ASN1_OID ) ) != 0 ) 309 return( ret ); 310 311 alg->p = *p; 312 *p += alg->len; 313 314 if( *p == end ) 315 { 316 mbedtls_zeroize( params, sizeof(mbedtls_asn1_buf) ); 317 return( 0 ); 318 } 319 320 params->tag = **p; 321 (*p)++; 322 323 if( ( ret = mbedtls_asn1_get_len( p, end, ¶ms->len ) ) != 0 ) 324 return( ret ); 325 326 params->p = *p; 327 *p += params->len; 328 329 if( *p != end ) 330 return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); 331 332 return( 0 ); 333 } 334 335 int mbedtls_asn1_get_alg_null( unsigned char **p, 336 const unsigned char *end, 337 mbedtls_asn1_buf *alg ) 338 { 339 int ret; 340 mbedtls_asn1_buf params; 341 342 memset( ¶ms, 0, sizeof(mbedtls_asn1_buf) ); 343 344 if( ( ret = mbedtls_asn1_get_alg( p, end, alg, ¶ms ) ) != 0 ) 345 return( ret ); 346 347 if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 ) 348 return( MBEDTLS_ERR_ASN1_INVALID_DATA ); 349 350 return( 0 ); 351 } 352 353 void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur ) 354 { 355 if( cur == NULL ) 356 return; 357 358 mbedtls_free( cur->oid.p ); 359 mbedtls_free( cur->val.p ); 360 361 mbedtls_zeroize( cur, sizeof( mbedtls_asn1_named_data ) ); 362 } 363 364 void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ) 365 { 366 mbedtls_asn1_named_data *cur; 367 368 while( ( cur = *head ) != NULL ) 369 { 370 *head = cur->next; 371 mbedtls_asn1_free_named_data( cur ); 372 mbedtls_free( cur ); 373 } 374 } 375 376 mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list, 377 const char *oid, size_t len ) 378 { 379 while( list != NULL ) 380 { 381 if( list->oid.len == len && 382 memcmp( list->oid.p, oid, len ) == 0 ) 383 { 384 break; 385 } 386 387 list = list->next; 388 } 389 390 return( list ); 391 } 392 393 #endif /* MBEDTLS_ASN1_PARSE_C */ 394