iPXE
Macros | Functions
asn1.c File Reference

ASN.1 encoding. More...

#include <stdint.h>
#include <stddef.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <errno.h>
#include <time.h>
#include <ipxe/tables.h>
#include <ipxe/image.h>
#include <ipxe/asn1.h>

Go to the source code of this file.

Macros

#define EINVAL_ASN1_EMPTY   __einfo_error ( EINFO_EINVAL_ASN1_EMPTY )
 
#define EINFO_EINVAL_ASN1_EMPTY   __einfo_uniqify ( EINFO_EINVAL, 0x01, "Empty or underlength cursor" )
 
#define EINVAL_ASN1_LEN_LEN   __einfo_error ( EINFO_EINVAL_ASN1_LEN_LEN )
 
#define EINFO_EINVAL_ASN1_LEN_LEN   __einfo_uniqify ( EINFO_EINVAL, 0x02, "Length field overruns cursor" )
 
#define EINVAL_ASN1_LEN   __einfo_error ( EINFO_EINVAL_ASN1_LEN )
 
#define EINFO_EINVAL_ASN1_LEN   __einfo_uniqify ( EINFO_EINVAL, 0x03, "Field overruns cursor" )
 
#define EINVAL_ASN1_BOOLEAN   __einfo_error ( EINFO_EINVAL_ASN1_BOOLEAN )
 
#define EINFO_EINVAL_ASN1_BOOLEAN   __einfo_uniqify ( EINFO_EINVAL, 0x04, "Invalid boolean" )
 
#define EINVAL_ASN1_INTEGER   __einfo_error ( EINFO_EINVAL_ASN1_INTEGER )
 
#define EINFO_EINVAL_ASN1_INTEGER   __einfo_uniqify ( EINFO_EINVAL, 0x04, "Invalid integer" )
 
#define EINVAL_ASN1_TIME   __einfo_error ( EINFO_EINVAL_ASN1_TIME )
 
#define EINFO_EINVAL_ASN1_TIME   __einfo_uniqify ( EINFO_EINVAL, 0x05, "Invalid time" )
 
#define EINVAL_ASN1_ALGORITHM   __einfo_error ( EINFO_EINVAL_ASN1_ALGORITHM )
 
#define EINFO_EINVAL_ASN1_ALGORITHM   __einfo_uniqify ( EINFO_EINVAL, 0x06, "Invalid algorithm" )
 
#define EINVAL_BIT_STRING   __einfo_error ( EINFO_EINVAL_BIT_STRING )
 
#define EINFO_EINVAL_BIT_STRING   __einfo_uniqify ( EINFO_EINVAL, 0x07, "Invalid bit string" )
 
#define ENOTSUP_ALGORITHM   __einfo_error ( EINFO_ENOTSUP_ALGORITHM )
 
#define EINFO_ENOTSUP_ALGORITHM   __einfo_uniqify ( EINFO_ENOTSUP, 0x01, "Unsupported algorithm" )
 
#define ENOTTY_ALGORITHM   __einfo_error ( EINFO_ENOTTY_ALGORITHM )
 
#define EINFO_ENOTTY_ALGORITHM   __einfo_uniqify ( EINFO_ENOTTY, 0x01, "Inappropriate algorithm" )
 

Functions

 FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)
 
int asn1_start (struct asn1_cursor *cursor, unsigned int type, size_t extra)
 Start parsing ASN.1 object. More...
 
int asn1_enter (struct asn1_cursor *cursor, unsigned int type)
 Enter ASN.1 object. More...
 
int asn1_skip_if_exists (struct asn1_cursor *cursor, unsigned int type)
 Skip ASN.1 object if present. More...
 
int asn1_skip (struct asn1_cursor *cursor, unsigned int type)
 Skip ASN.1 object. More...
 
int asn1_shrink (struct asn1_cursor *cursor, unsigned int type)
 Shrink ASN.1 cursor to fit object. More...
 
int asn1_enter_any (struct asn1_cursor *cursor)
 Enter ASN.1 object of any type. More...
 
int asn1_skip_any (struct asn1_cursor *cursor)
 Skip ASN.1 object of any type. More...
 
int asn1_shrink_any (struct asn1_cursor *cursor)
 Shrink ASN.1 object of any type. More...
 
int asn1_boolean (const struct asn1_cursor *cursor)
 Parse value of ASN.1 boolean. More...
 
int asn1_integer (const struct asn1_cursor *cursor, int *value)
 Parse value of ASN.1 integer. More...
 
int asn1_bit_string (const struct asn1_cursor *cursor, struct asn1_bit_string *bits)
 Parse ASN.1 bit string. More...
 
int asn1_integral_bit_string (const struct asn1_cursor *cursor, struct asn1_bit_string *bits)
 Parse ASN.1 bit string that must be an integral number of bytes. More...
 
int asn1_compare (const struct asn1_cursor *cursor1, const struct asn1_cursor *cursor2)
 Compare two ASN.1 objects. More...
 
static struct asn1_algorithmasn1_find_algorithm (const struct asn1_cursor *cursor)
 Identify ASN.1 algorithm by OID. More...
 
int asn1_algorithm (const struct asn1_cursor *cursor, struct asn1_algorithm **algorithm)
 Parse ASN.1 OID-identified algorithm. More...
 
int asn1_pubkey_algorithm (const struct asn1_cursor *cursor, struct asn1_algorithm **algorithm)
 Parse ASN.1 OID-identified public-key algorithm. More...
 
int asn1_digest_algorithm (const struct asn1_cursor *cursor, struct asn1_algorithm **algorithm)
 Parse ASN.1 OID-identified digest algorithm. More...
 
int asn1_signature_algorithm (const struct asn1_cursor *cursor, struct asn1_algorithm **algorithm)
 Parse ASN.1 OID-identified signature algorithm. More...
 
int asn1_check_algorithm (const struct asn1_cursor *cursor, struct asn1_algorithm *expected)
 Check ASN.1 OID-identified algorithm. More...
 
int asn1_generalized_time (const struct asn1_cursor *cursor, time_t *time)
 Parse ASN.1 GeneralizedTime. More...
 
static size_t asn1_header (struct asn1_builder_header *header, unsigned int type, size_t len)
 Construct ASN.1 header. More...
 
int asn1_grow (struct asn1_builder *builder, size_t extra)
 Grow ASN.1 builder. More...
 
int asn1_prepend_raw (struct asn1_builder *builder, const void *data, size_t len)
 Prepend raw data to ASN.1 builder. More...
 
int asn1_prepend (struct asn1_builder *builder, unsigned int type, const void *data, size_t len)
 Prepend data to ASN.1 builder. More...
 
int asn1_wrap (struct asn1_builder *builder, unsigned int type)
 Wrap ASN.1 builder. More...
 
int image_asn1 (struct image *image, size_t offset, struct asn1_cursor **cursor)
 Extract ASN.1 object from image. More...
 
 REQUIRING_SYMBOL (image_asn1)
 
 REQUIRE_OBJECT (config_asn1)
 

Detailed Description

ASN.1 encoding.

Definition in file asn1.c.

Macro Definition Documentation

◆ EINVAL_ASN1_EMPTY

#define EINVAL_ASN1_EMPTY   __einfo_error ( EINFO_EINVAL_ASN1_EMPTY )

Definition at line 44 of file asn1.c.

◆ EINFO_EINVAL_ASN1_EMPTY

#define EINFO_EINVAL_ASN1_EMPTY   __einfo_uniqify ( EINFO_EINVAL, 0x01, "Empty or underlength cursor" )

Definition at line 46 of file asn1.c.

◆ EINVAL_ASN1_LEN_LEN

#define EINVAL_ASN1_LEN_LEN   __einfo_error ( EINFO_EINVAL_ASN1_LEN_LEN )

Definition at line 48 of file asn1.c.

◆ EINFO_EINVAL_ASN1_LEN_LEN

#define EINFO_EINVAL_ASN1_LEN_LEN   __einfo_uniqify ( EINFO_EINVAL, 0x02, "Length field overruns cursor" )

Definition at line 50 of file asn1.c.

◆ EINVAL_ASN1_LEN

#define EINVAL_ASN1_LEN   __einfo_error ( EINFO_EINVAL_ASN1_LEN )

Definition at line 52 of file asn1.c.

◆ EINFO_EINVAL_ASN1_LEN

#define EINFO_EINVAL_ASN1_LEN   __einfo_uniqify ( EINFO_EINVAL, 0x03, "Field overruns cursor" )

Definition at line 54 of file asn1.c.

◆ EINVAL_ASN1_BOOLEAN

#define EINVAL_ASN1_BOOLEAN   __einfo_error ( EINFO_EINVAL_ASN1_BOOLEAN )

Definition at line 56 of file asn1.c.

◆ EINFO_EINVAL_ASN1_BOOLEAN

#define EINFO_EINVAL_ASN1_BOOLEAN   __einfo_uniqify ( EINFO_EINVAL, 0x04, "Invalid boolean" )

Definition at line 58 of file asn1.c.

◆ EINVAL_ASN1_INTEGER

#define EINVAL_ASN1_INTEGER   __einfo_error ( EINFO_EINVAL_ASN1_INTEGER )

Definition at line 60 of file asn1.c.

◆ EINFO_EINVAL_ASN1_INTEGER

#define EINFO_EINVAL_ASN1_INTEGER   __einfo_uniqify ( EINFO_EINVAL, 0x04, "Invalid integer" )

Definition at line 62 of file asn1.c.

◆ EINVAL_ASN1_TIME

#define EINVAL_ASN1_TIME   __einfo_error ( EINFO_EINVAL_ASN1_TIME )

Definition at line 64 of file asn1.c.

◆ EINFO_EINVAL_ASN1_TIME

#define EINFO_EINVAL_ASN1_TIME   __einfo_uniqify ( EINFO_EINVAL, 0x05, "Invalid time" )

Definition at line 66 of file asn1.c.

◆ EINVAL_ASN1_ALGORITHM

#define EINVAL_ASN1_ALGORITHM   __einfo_error ( EINFO_EINVAL_ASN1_ALGORITHM )

Definition at line 68 of file asn1.c.

◆ EINFO_EINVAL_ASN1_ALGORITHM

#define EINFO_EINVAL_ASN1_ALGORITHM   __einfo_uniqify ( EINFO_EINVAL, 0x06, "Invalid algorithm" )

Definition at line 70 of file asn1.c.

◆ EINVAL_BIT_STRING

#define EINVAL_BIT_STRING   __einfo_error ( EINFO_EINVAL_BIT_STRING )

Definition at line 72 of file asn1.c.

◆ EINFO_EINVAL_BIT_STRING

#define EINFO_EINVAL_BIT_STRING   __einfo_uniqify ( EINFO_EINVAL, 0x07, "Invalid bit string" )

Definition at line 74 of file asn1.c.

◆ ENOTSUP_ALGORITHM

#define ENOTSUP_ALGORITHM   __einfo_error ( EINFO_ENOTSUP_ALGORITHM )

Definition at line 76 of file asn1.c.

◆ EINFO_ENOTSUP_ALGORITHM

#define EINFO_ENOTSUP_ALGORITHM   __einfo_uniqify ( EINFO_ENOTSUP, 0x01, "Unsupported algorithm" )

Definition at line 78 of file asn1.c.

◆ ENOTTY_ALGORITHM

#define ENOTTY_ALGORITHM   __einfo_error ( EINFO_ENOTTY_ALGORITHM )

Definition at line 80 of file asn1.c.

◆ EINFO_ENOTTY_ALGORITHM

#define EINFO_ENOTTY_ALGORITHM   __einfo_uniqify ( EINFO_ENOTTY, 0x01, "Inappropriate algorithm" )

Definition at line 82 of file asn1.c.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL  )

◆ asn1_start()

int asn1_start ( struct asn1_cursor cursor,
unsigned int  type,
size_t  extra 
)

Start parsing ASN.1 object.

Parameters
cursorASN.1 object cursor
typeExpected type, or ASN1_ANY
extraAdditional length not present within partial cursor
Return values
lenLength of object body, or negative error

The object cursor will be updated to point to the start of the object body (i.e. the first byte following the length byte(s)), and the length of the object body (i.e. the number of bytes until the following object tag, if any) is returned.

Definition at line 98 of file asn1.c.

98  {
99  unsigned int len_len;
100  unsigned int len;
101 
102  /* Sanity check */
103  if ( cursor->len < 2 /* Tag byte and first length byte */ ) {
104  if ( cursor->len )
105  DBGC ( cursor, "ASN1 %p too short\n", cursor );
106  return -EINVAL_ASN1_EMPTY;
107  }
108 
109  /* Check the tag byte */
110  if ( ( type != ASN1_ANY ) && ( type != asn1_type ( cursor ) ) ) {
111  DBGC ( cursor, "ASN1 %p type mismatch (expected %d, got %d)\n",
112  cursor, type, *( ( uint8_t * ) cursor->data ) );
113  return -ENXIO;
114  }
115  cursor->data++;
116  cursor->len--;
117 
118  /* Extract length of the length field and sanity check */
119  len_len = *( ( uint8_t * ) cursor->data );
120  if ( len_len & 0x80 ) {
121  len_len = ( len_len & 0x7f );
122  cursor->data++;
123  cursor->len--;
124  } else {
125  len_len = 1;
126  }
127  if ( cursor->len < len_len ) {
128  DBGC ( cursor, "ASN1 %p bad length field length %d (max "
129  "%zd)\n", cursor, len_len, cursor->len );
130  return -EINVAL_ASN1_LEN_LEN;
131  }
132 
133  /* Extract the length and sanity check */
134  for ( len = 0 ; len_len ; len_len-- ) {
135  len <<= 8;
136  len |= *( ( uint8_t * ) cursor->data );
137  cursor->data++;
138  cursor->len--;
139  }
140  if ( ( cursor->len + extra ) < len ) {
141  DBGC ( cursor, "ASN1 %p bad length %d (max %zd)\n",
142  cursor, len, ( cursor->len + extra ) );
143  return -EINVAL_ASN1_LEN;
144  }
145 
146  return len;
147 }
EINVAL_ASN1_LEN_LEN
#define EINVAL_ASN1_LEN_LEN
Definition: asn1.c:48
extra
uint8_t extra
Signature extra byte.
Definition: smbios.h:17
type
uint32_t type
Operating system type.
Definition: ena.h:12
asn1_cursor::data
const void * data
Start of data.
Definition: asn1.h:22
DBGC
#define DBGC(...)
Definition: compiler.h:505
EINVAL_ASN1_LEN
#define EINVAL_ASN1_LEN
Definition: asn1.c:52
asn1_type
static unsigned int asn1_type(const struct asn1_cursor *cursor)
Extract ASN.1 type.
Definition: asn1.h:373
ASN1_ANY
#define ASN1_ANY
ASN.1 "any tag" magic value.
Definition: asn1.h:101
asn1_cursor::len
size_t len
Length of data.
Definition: asn1.h:24
uint8_t
unsigned char uint8_t
Definition: stdint.h:10
ENXIO
#define ENXIO
No such device or address.
Definition: errno.h:599
len
uint32_t len
Length.
Definition: ena.h:14
EINVAL_ASN1_EMPTY
#define EINVAL_ASN1_EMPTY
Definition: asn1.c:44

References ASN1_ANY, asn1_type(), asn1_cursor::data, DBGC, EINVAL_ASN1_EMPTY, EINVAL_ASN1_LEN, EINVAL_ASN1_LEN_LEN, ENXIO, extra, len, asn1_cursor::len, and type.

Referenced by asn1_enter(), asn1_shrink(), asn1_skip_if_exists(), and der_probe().

◆ asn1_enter()

int asn1_enter ( struct asn1_cursor cursor,
unsigned int  type 
)

Enter ASN.1 object.

Parameters
cursorASN.1 object cursor
typeExpected type, or ASN1_ANY
Return values
rcReturn status code

The object cursor will be updated to point to the body of the current ASN.1 object. If any error occurs, the object cursor will be invalidated.

Definition at line 160 of file asn1.c.

160  {
161  int len;
162 
163  len = asn1_start ( cursor, type, 0 );
164  if ( len < 0 ) {
165  asn1_invalidate_cursor ( cursor );
166  return len;
167  }
168 
169  cursor->len = len;
170  DBGC ( cursor, "ASN1 %p entered object type %02x (len %x)\n",
171  cursor, type, len );
172 
173  return 0;
174 }
type
uint32_t type
Operating system type.
Definition: ena.h:12
DBGC
#define DBGC(...)
Definition: compiler.h:505
asn1_start
int asn1_start(struct asn1_cursor *cursor, unsigned int type, size_t extra)
Start parsing ASN.1 object.
Definition: asn1.c:98
asn1_cursor::len
size_t len
Length of data.
Definition: asn1.h:24
asn1_invalidate_cursor
static void asn1_invalidate_cursor(struct asn1_cursor *cursor)
Invalidate ASN.1 object cursor.
Definition: asn1.h:362
len
uint32_t len
Length.
Definition: ena.h:14

References asn1_invalidate_cursor(), asn1_start(), DBGC, len, asn1_cursor::len, and type.

Referenced by asn1_algorithm(), asn1_bit_string(), asn1_boolean(), asn1_enter_any(), asn1_generalized_time(), asn1_integer(), cms_parse(), cms_parse_certificates(), cms_parse_content_type(), cms_parse_signature_value(), cms_parse_signer_identifier(), cms_parse_signer_info(), ocsp_compare_responder_key_hash(), ocsp_parse_basic_response(), ocsp_parse_cert_id(), ocsp_parse_certs(), ocsp_parse_response(), ocsp_parse_response_bytes(), ocsp_parse_response_status(), ocsp_parse_response_type(), ocsp_parse_responses(), ocsp_parse_tbs_response_data(), ocsp_request(), rsa_parse_integer(), rsa_parse_mod_exp(), validator_append(), x509_parse(), x509_parse_access_description(), x509_parse_authority_info_access(), x509_parse_basic_constraints(), x509_parse_common_name(), x509_parse_extended_key_usage(), x509_parse_extension(), x509_parse_extensions(), x509_parse_key_purpose(), x509_parse_ocsp(), x509_parse_public_key(), x509_parse_subject_alt_name(), x509_parse_tbscertificate(), x509_parse_validity(), and x509_parse_version().

◆ asn1_skip_if_exists()

int asn1_skip_if_exists ( struct asn1_cursor cursor,
unsigned int  type 
)

Skip ASN.1 object if present.

Parameters
cursorASN.1 object cursor
typeExpected type, or ASN1_ANY
Return values
rcReturn status code

The object cursor will be updated to point to the next ASN.1 object. If any error occurs, the object cursor will not be modified.

Definition at line 187 of file asn1.c.

187  {
188  int len;
189 
190  len = asn1_start ( cursor, type, 0 );
191  if ( len < 0 )
192  return len;
193 
194  cursor->data += len;
195  cursor->len -= len;
196  DBGC ( cursor, "ASN1 %p skipped object type %02x (len %x)\n",
197  cursor, type, len );
198 
199  if ( ! cursor->len ) {
200  DBGC ( cursor, "ASN1 %p reached end of object\n", cursor );
201  return -ENOENT;
202  }
203 
204  return 0;
205 }
type
uint32_t type
Operating system type.
Definition: ena.h:12
asn1_cursor::data
const void * data
Start of data.
Definition: asn1.h:22
DBGC
#define DBGC(...)
Definition: compiler.h:505
ENOENT
#define ENOENT
No such file or directory.
Definition: errno.h:514
asn1_start
int asn1_start(struct asn1_cursor *cursor, unsigned int type, size_t extra)
Start parsing ASN.1 object.
Definition: asn1.c:98
asn1_cursor::len
size_t len
Length of data.
Definition: asn1.h:24
len
uint32_t len
Length.
Definition: ena.h:14

References asn1_start(), asn1_cursor::data, DBGC, ENOENT, len, asn1_cursor::len, and type.

Referenced by asn1_skip(), cms_parse(), cms_parse_signer_info(), and ocsp_parse_tbs_response_data().

◆ asn1_skip()

int asn1_skip ( struct asn1_cursor cursor,
unsigned int  type 
)

Skip ASN.1 object.

Parameters
cursorASN.1 object cursor
typeExpected type, or ASN1_ANY
Return values
rcReturn status code

The object cursor will be updated to point to the next ASN.1 object. If any error occurs, the object cursor will be invalidated.

Definition at line 218 of file asn1.c.

218  {
219  int rc;
220 
221  if ( ( rc = asn1_skip_if_exists ( cursor, type ) ) != 0 ) {
222  asn1_invalidate_cursor ( cursor );
223  return rc;
224  }
225 
226  return 0;
227 }
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
type
uint32_t type
Operating system type.
Definition: ena.h:12
asn1_invalidate_cursor
static void asn1_invalidate_cursor(struct asn1_cursor *cursor)
Invalidate ASN.1 object cursor.
Definition: asn1.h:362
asn1_skip_if_exists
int asn1_skip_if_exists(struct asn1_cursor *cursor, unsigned int type)
Skip ASN.1 object if present.
Definition: asn1.c:187

References asn1_invalidate_cursor(), asn1_skip_if_exists(), rc, and type.

Referenced by asn1_skip_any(), cms_parse(), cms_parse_signer_info(), ocsp_parse_cert_id(), ocsp_request(), and rsa_parse_mod_exp().

◆ asn1_shrink()

int asn1_shrink ( struct asn1_cursor cursor,
unsigned int  type 
)

Shrink ASN.1 cursor to fit object.

Parameters
cursorASN.1 object cursor
typeExpected type, or ASN1_ANY
Return values
rcReturn status code

The object cursor will be shrunk to contain only the current ASN.1 object. If any error occurs, the object cursor will be invalidated.

Definition at line 240 of file asn1.c.

240  {
241  struct asn1_cursor temp;
242  const void *end;
243  int len;
244 
245  /* Find end of object */
246  memcpy ( &temp, cursor, sizeof ( temp ) );
247  len = asn1_start ( &temp, type, 0 );
248  if ( len < 0 ) {
249  asn1_invalidate_cursor ( cursor );
250  return len;
251  }
252  end = ( temp.data + len );
253 
254  /* Shrink original cursor to contain only its first object */
255  cursor->len = ( end - cursor->data );
256 
257  return 0;
258 }
type
uint32_t type
Operating system type.
Definition: ena.h:12
asn1_cursor::data
const void * data
Start of data.
Definition: asn1.h:22
asn1_start
int asn1_start(struct asn1_cursor *cursor, unsigned int type, size_t extra)
Start parsing ASN.1 object.
Definition: asn1.c:98
asn1_cursor::len
size_t len
Length of data.
Definition: asn1.h:24
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
asn1_invalidate_cursor
static void asn1_invalidate_cursor(struct asn1_cursor *cursor)
Invalidate ASN.1 object cursor.
Definition: asn1.h:362
len
uint32_t len
Length.
Definition: ena.h:14
end
uint32_t end
Ending offset.
Definition: netvsc.h:18
asn1_cursor
An ASN.1 object cursor.
Definition: asn1.h:20

References asn1_invalidate_cursor(), asn1_start(), asn1_cursor::data, end, len, asn1_cursor::len, memcpy(), and type.

Referenced by asn1_shrink_any(), cms_parse_signer_identifier(), ocsp_parse_cert_id(), x509_parse_issuer(), and x509_parse_serial().

◆ asn1_enter_any()

int asn1_enter_any ( struct asn1_cursor cursor)

Enter ASN.1 object of any type.

Parameters
cursorASN.1 object cursor
Return values
rcReturn status code

Definition at line 266 of file asn1.c.

266  {
267  return asn1_enter ( cursor, ASN1_ANY );
268 }
asn1_enter
int asn1_enter(struct asn1_cursor *cursor, unsigned int type)
Enter ASN.1 object.
Definition: asn1.c:160
ASN1_ANY
#define ASN1_ANY
ASN.1 "any tag" magic value.
Definition: asn1.h:101

References ASN1_ANY, and asn1_enter().

Referenced by ocsp_parse_responder_id(), x509_check_alt_name(), and x509_parse_common_name().

◆ asn1_skip_any()

int asn1_skip_any ( struct asn1_cursor cursor)

Skip ASN.1 object of any type.

Parameters
cursorASN.1 object cursor
Return values
rcReturn status code

Definition at line 276 of file asn1.c.

276  {
277  return asn1_skip ( cursor, ASN1_ANY );
278 }
ASN1_ANY
#define ASN1_ANY
ASN.1 "any tag" magic value.
Definition: asn1.h:101
asn1_skip
int asn1_skip(struct asn1_cursor *cursor, unsigned int type)
Skip ASN.1 object.
Definition: asn1.c:218

References ASN1_ANY, and asn1_skip().

Referenced by cms_parse(), cms_parse_certificates(), cms_parse_signer_identifier(), cms_parse_signer_info(), ocsp_parse_basic_response(), ocsp_parse_certs(), ocsp_parse_response(), ocsp_parse_response_bytes(), ocsp_parse_responses(), ocsp_parse_tbs_response_data(), rsa_parse_mod_exp(), validator_append(), x509_check_name(), x509_parse(), x509_parse_access_description(), x509_parse_authority_info_access(), x509_parse_basic_constraints(), x509_parse_common_name(), x509_parse_extended_key_usage(), x509_parse_extension(), x509_parse_extensions(), x509_parse_public_key(), x509_parse_tbscertificate(), and x509_parse_validity().

◆ asn1_shrink_any()

int asn1_shrink_any ( struct asn1_cursor cursor)

Shrink ASN.1 object of any type.

Parameters
cursorASN.1 object cursor
Return values
rcReturn status code

Definition at line 286 of file asn1.c.

286  {
287  return asn1_shrink ( cursor, ASN1_ANY );
288 }
ASN1_ANY
#define ASN1_ANY
ASN.1 "any tag" magic value.
Definition: asn1.h:101
asn1_shrink
int asn1_shrink(struct asn1_cursor *cursor, unsigned int type)
Shrink ASN.1 cursor to fit object.
Definition: asn1.c:240

References ASN1_ANY, and asn1_shrink().

Referenced by cms_signature(), ocsp_parse_tbs_response_data(), x509_certificate(), x509_parse_public_key(), x509_parse_subject(), and x509_parse_tbscertificate().

◆ asn1_boolean()

int asn1_boolean ( const struct asn1_cursor cursor)

Parse value of ASN.1 boolean.

Parameters
cursorASN.1 object cursor
Return values
valueValue, or negative error

Definition at line 296 of file asn1.c.

296  {
297  struct asn1_cursor contents;
298  const struct {
299  uint8_t value;
300  } __attribute__ (( packed )) *boolean;
301 
302  /* Enter boolean */
303  memcpy ( &contents, cursor, sizeof ( contents ) );
304  asn1_enter ( &contents, ASN1_BOOLEAN );
305  if ( contents.len != sizeof ( *boolean ) )
306  return -EINVAL_ASN1_BOOLEAN;
307 
308  /* Extract value */
309  boolean = contents.data;
310  return boolean->value;
311 }
__attribute__
#define __attribute__(x)
Definition: compiler.h:10
asn1_enter
int asn1_enter(struct asn1_cursor *cursor, unsigned int type)
Enter ASN.1 object.
Definition: asn1.c:160
ASN1_BOOLEAN
#define ASN1_BOOLEAN
ASN.1 boolean.
Definition: asn1.h:59
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
value
pseudo_bit_t value[0x00020]
Definition: arbel.h:13
uint8_t
unsigned char uint8_t
Definition: stdint.h:10
EINVAL_ASN1_BOOLEAN
#define EINVAL_ASN1_BOOLEAN
Definition: asn1.c:56
asn1_cursor
An ASN.1 object cursor.
Definition: asn1.h:20

References __attribute__, ASN1_BOOLEAN, asn1_enter(), asn1_cursor::data, EINVAL_ASN1_BOOLEAN, asn1_cursor::len, memcpy(), and value.

Referenced by x509_parse_basic_constraints(), and x509_parse_extension().

◆ asn1_integer()

int asn1_integer ( const struct asn1_cursor cursor,
int *  value 
)

Parse value of ASN.1 integer.

Parameters
cursorASN.1 object cursor
valueValue to fill in
Return values
rcReturn status code

Definition at line 320 of file asn1.c.

320  {
321  struct asn1_cursor contents;
322  uint8_t high_byte;
323  int rc;
324 
325  /* Enter integer */
326  memcpy ( &contents, cursor, sizeof ( contents ) );
327  if ( ( rc = asn1_enter ( &contents, ASN1_INTEGER ) ) != 0 )
328  return rc;
329  if ( contents.len < 1 )
330  return -EINVAL_ASN1_INTEGER;
331 
332  /* Initialise value according to sign byte */
333  *value = *( ( int8_t * ) contents.data );
334  contents.data++;
335  contents.len--;
336 
337  /* Process value */
338  while ( contents.len ) {
339  high_byte = ( (*value) >> ( 8 * ( sizeof ( *value ) - 1 ) ) );
340  if ( ( high_byte != 0x00 ) && ( high_byte != 0xff ) ) {
341  DBGC ( cursor, "ASN1 %p integer overflow\n", cursor );
342  return -EINVAL_ASN1_INTEGER;
343  }
344  *value = ( ( *value << 8 ) | *( ( uint8_t * ) contents.data ) );
345  contents.data++;
346  contents.len--;
347  }
348 
349  return 0;
350 }
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
asn1_enter
int asn1_enter(struct asn1_cursor *cursor, unsigned int type)
Enter ASN.1 object.
Definition: asn1.c:160
DBGC
#define DBGC(...)
Definition: compiler.h:505
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
EINVAL_ASN1_INTEGER
#define EINVAL_ASN1_INTEGER
Definition: asn1.c:60
int8_t
signed char int8_t
Definition: stdint.h:15
value
pseudo_bit_t value[0x00020]
Definition: arbel.h:13
uint8_t
unsigned char uint8_t
Definition: stdint.h:10
ASN1_INTEGER
#define ASN1_INTEGER
ASN.1 integer.
Definition: asn1.h:62
asn1_cursor
An ASN.1 object cursor.
Definition: asn1.h:20

References asn1_enter(), ASN1_INTEGER, asn1_cursor::data, DBGC, EINVAL_ASN1_INTEGER, asn1_cursor::len, memcpy(), rc, and value.

Referenced by x509_parse_basic_constraints(), and x509_parse_version().

◆ asn1_bit_string()

int asn1_bit_string ( const struct asn1_cursor cursor,
struct asn1_bit_string bits 
)

Parse ASN.1 bit string.

Parameters
cursorASN.1 cursor
bitsBit string to fill in
Return values
rcReturn status code

Definition at line 359 of file asn1.c.

360  {
361  struct asn1_cursor contents;
362  const struct {
363  uint8_t unused;
364  uint8_t data[0];
365  } __attribute__ (( packed )) *bit_string;
366  size_t len;
367  unsigned int unused;
368  uint8_t unused_mask;
369  const uint8_t *last;
370  int rc;
371 
372  /* Enter bit string */
373  memcpy ( &contents, cursor, sizeof ( contents ) );
374  if ( ( rc = asn1_enter ( &contents, ASN1_BIT_STRING ) ) != 0 ) {
375  DBGC ( cursor, "ASN1 %p cannot locate bit string:\n", cursor );
376  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
377  return rc;
378  }
379 
380  /* Validity checks */
381  if ( contents.len < sizeof ( *bit_string ) ) {
382  DBGC ( cursor, "ASN1 %p invalid bit string:\n", cursor );
383  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
384  return -EINVAL_BIT_STRING;
385  }
386  bit_string = contents.data;
387  len = ( contents.len - offsetof ( typeof ( *bit_string ), data ) );
388  unused = bit_string->unused;
389  unused_mask = ( 0xff >> ( 8 - unused ) );
390  last = ( bit_string->data + len - 1 );
391  if ( ( unused >= 8 ) ||
392  ( ( unused > 0 ) && ( len == 0 ) ) ||
393  ( ( *last & unused_mask ) != 0 ) ) {
394  DBGC ( cursor, "ASN1 %p invalid bit string:\n", cursor );
395  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
396  return -EINVAL_BIT_STRING;
397  }
398 
399  /* Populate bit string */
400  bits->data = &bit_string->data;
401  bits->len = len;
402  bits->unused = unused;
403 
404  return 0;
405 }
__attribute__
#define __attribute__(x)
Definition: compiler.h:10
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
EINVAL_BIT_STRING
#define EINVAL_BIT_STRING
Definition: asn1.c:72
asn1_enter
int asn1_enter(struct asn1_cursor *cursor, unsigned int type)
Enter ASN.1 object.
Definition: asn1.c:160
asn1_cursor::data
const void * data
Start of data.
Definition: asn1.h:22
DBGC
#define DBGC(...)
Definition: compiler.h:505
offsetof
#define offsetof(type, field)
Get offset of a field within a structure.
Definition: stddef.h:24
asn1_cursor::len
size_t len
Length of data.
Definition: asn1.h:24
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
DBGC_HDA
#define DBGC_HDA(...)
Definition: compiler.h:506
uint8_t
unsigned char uint8_t
Definition: stdint.h:10
last
uint32_t last
Length to read in last segment, or zero.
Definition: pccrc.h:30
bits
static volatile void * bits
Definition: bitops.h:27
len
uint32_t len
Length.
Definition: ena.h:14
unused
uint8_t unused[32]
Unused.
Definition: eltorito.h:15
data
uint8_t data[48]
Additional event data.
Definition: ena.h:22
typeof
typeof(acpi_finder=acpi_find)
ACPI table finder.
Definition: acpi.c:45
asn1_cursor
An ASN.1 object cursor.
Definition: asn1.h:20
ASN1_BIT_STRING
#define ASN1_BIT_STRING
ASN.1 bit string.
Definition: asn1.h:65

References __attribute__, ASN1_BIT_STRING, asn1_enter(), bits, data, asn1_cursor::data, DBGC, DBGC_HDA, EINVAL_BIT_STRING, last, len, asn1_cursor::len, memcpy(), offsetof, rc, typeof(), and unused.

◆ asn1_integral_bit_string()

int asn1_integral_bit_string ( const struct asn1_cursor cursor,
struct asn1_bit_string bits 
)

Parse ASN.1 bit string that must be an integral number of bytes.

Parameters
cursorASN.1 cursor
bitsBit string to fill in
Return values
rcReturn status code

Definition at line 414 of file asn1.c.

415  {
416  int rc;
417 
418  /* Parse bit string */
419  if ( ( rc = asn1_bit_string ( cursor, bits ) ) != 0 )
420  return rc;
421 
422  /* Check that there are no unused bits at end of string */
423  if ( bits->unused ) {
424  DBGC ( cursor, "ASN1 %p invalid integral bit string:\n",
425  cursor );
426  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
427  return -EINVAL_BIT_STRING;
428  }
429 
430  return 0;
431 }
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
EINVAL_BIT_STRING
#define EINVAL_BIT_STRING
Definition: asn1.c:72
asn1_cursor::data
const void * data
Start of data.
Definition: asn1.h:22
DBGC
#define DBGC(...)
Definition: compiler.h:505
asn1_cursor::len
size_t len
Length of data.
Definition: asn1.h:24
DBGC_HDA
#define DBGC_HDA(...)
Definition: compiler.h:506
bits
static volatile void * bits
Definition: bitops.h:27
asn1_bit_string
An ASN.1 bit string.
Definition: asn1.h:347

References bits, asn1_cursor::data, DBGC, DBGC_HDA, EINVAL_BIT_STRING, asn1_cursor::len, and rc.

Referenced by ocsp_parse_basic_response(), rsa_parse_mod_exp(), and x509_parse().

◆ asn1_compare()

int asn1_compare ( const struct asn1_cursor cursor1,
const struct asn1_cursor cursor2 
)

Compare two ASN.1 objects.

Parameters
cursor1ASN.1 object cursor
cursor2ASN.1 object cursor
Return values
differenceDifference as returned by memcmp()

Note that invalid and empty cursors will compare as equal with each other.

Definition at line 443 of file asn1.c.

444  {
445  int difference;
446 
447  difference = ( cursor2->len - cursor1->len );
448  return ( difference ? difference :
449  memcmp ( cursor1->data, cursor2->data, cursor1->len ) );
450 }
asn1_cursor::data
const void * data
Start of data.
Definition: asn1.h:22
asn1_cursor::len
size_t len
Length of data.
Definition: asn1.h:24
memcmp
int memcmp(const void *first, const void *second, size_t len)
Compare memory regions.
Definition: string.c:114

References asn1_cursor::data, asn1_cursor::len, and memcmp().

Referenced by asn1_find_algorithm(), certstore_find(), cms_find_issuer_serial(), cms_parse_content_type(), ocsp_compare_responder_name(), ocsp_parse_cert_id(), ocsp_parse_response_type(), rsa_match(), validator_step(), x509_check_issuer(), x509_find_access_method(), x509_find_extension(), x509_find_subject(), x509_parse_common_name(), and x509_parse_key_purpose().

◆ asn1_find_algorithm()

static struct asn1_algorithm* asn1_find_algorithm ( const struct asn1_cursor cursor)
static

Identify ASN.1 algorithm by OID.

Parameters
cursorASN.1 object cursor
Return values
algorithmAlgorithm, or NULL

Definition at line 460 of file asn1.c.

460  {
461  struct asn1_algorithm *algorithm;
462 
463  for_each_table_entry ( algorithm, ASN1_ALGORITHMS ) {
464  if ( asn1_compare ( &algorithm->oid, cursor ) == 0 )
465  return algorithm;
466  }
467 
468  return NULL;
469 }
asn1_algorithm
An ASN.1 OID-identified algorithm.
Definition: asn1.h:306
asn1_compare
int asn1_compare(const struct asn1_cursor *cursor1, const struct asn1_cursor *cursor2)
Compare two ASN.1 objects.
Definition: asn1.c:443
for_each_table_entry
#define for_each_table_entry(pointer, table)
Iterate through all entries within a linker table.
Definition: tables.h:385
algorithm
u16 algorithm
Authentication algorithm (Open System or Shared Key)
Definition: ieee80211.h:1030
ASN1_ALGORITHMS
#define ASN1_ALGORITHMS
ASN.1 OID-identified algorithms.
Definition: asn1.h:318
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321

References algorithm, ASN1_ALGORITHMS, asn1_compare(), for_each_table_entry, and NULL.

Referenced by asn1_algorithm().

◆ asn1_algorithm()

int asn1_algorithm ( const struct asn1_cursor cursor,
struct asn1_algorithm **  algorithm 
)

Parse ASN.1 OID-identified algorithm.

Parameters
cursorASN.1 object cursor
Return values
algorithmAlgorithm
rcReturn status code

Definition at line 478 of file asn1.c.

479  {
480  struct asn1_cursor contents;
481  int rc;
482 
483  /* Enter signatureAlgorithm */
484  memcpy ( &contents, cursor, sizeof ( contents ) );
485  asn1_enter ( &contents, ASN1_SEQUENCE );
486 
487  /* Enter algorithm */
488  if ( ( rc = asn1_enter ( &contents, ASN1_OID ) ) != 0 ) {
489  DBGC ( cursor, "ASN1 %p cannot locate algorithm OID:\n",
490  cursor );
491  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
492  return -EINVAL_ASN1_ALGORITHM;
493  }
494 
495  /* Identify algorithm */
496  *algorithm = asn1_find_algorithm ( &contents );
497  if ( ! *algorithm ) {
498  DBGC ( cursor, "ASN1 %p unrecognised algorithm:\n", cursor );
499  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
500  return -ENOTSUP_ALGORITHM;
501  }
502 
503  return 0;
504 }
EINVAL_ASN1_ALGORITHM
#define EINVAL_ASN1_ALGORITHM
Definition: asn1.c:68
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
asn1_enter
int asn1_enter(struct asn1_cursor *cursor, unsigned int type)
Enter ASN.1 object.
Definition: asn1.c:160
asn1_cursor::data
const void * data
Start of data.
Definition: asn1.h:22
DBGC
#define DBGC(...)
Definition: compiler.h:505
asn1_cursor::len
size_t len
Length of data.
Definition: asn1.h:24
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
DBGC_HDA
#define DBGC_HDA(...)
Definition: compiler.h:506
ASN1_SEQUENCE
#define ASN1_SEQUENCE
ASN.1 sequence.
Definition: asn1.h:89
algorithm
u16 algorithm
Authentication algorithm (Open System or Shared Key)
Definition: ieee80211.h:1030
asn1_find_algorithm
static struct asn1_algorithm * asn1_find_algorithm(const struct asn1_cursor *cursor)
Identify ASN.1 algorithm by OID.
Definition: asn1.c:460
ASN1_OID
#define ASN1_OID
ASN.1 object identifier.
Definition: asn1.h:74
ENOTSUP_ALGORITHM
#define ENOTSUP_ALGORITHM
Definition: asn1.c:76
asn1_cursor
An ASN.1 object cursor.
Definition: asn1.h:20

References algorithm, asn1_enter(), asn1_find_algorithm(), ASN1_OID, ASN1_SEQUENCE, asn1_cursor::data, DBGC, DBGC_HDA, EINVAL_ASN1_ALGORITHM, ENOTSUP_ALGORITHM, asn1_cursor::len, memcpy(), and rc.

◆ asn1_pubkey_algorithm()

int asn1_pubkey_algorithm ( const struct asn1_cursor cursor,
struct asn1_algorithm **  algorithm 
)

Parse ASN.1 OID-identified public-key algorithm.

Parameters
cursorASN.1 object cursor
Return values
algorithmAlgorithm
rcReturn status code

Definition at line 513 of file asn1.c.

514  {
515  int rc;
516 
517  /* Parse algorithm */
518  if ( ( rc = asn1_algorithm ( cursor, algorithm ) ) != 0 )
519  return rc;
520 
521  /* Check algorithm has a public key */
522  if ( ! (*algorithm)->pubkey ) {
523  DBGC ( cursor, "ASN1 %p algorithm %s is not a public-key "
524  "algorithm:\n", cursor, (*algorithm)->name );
525  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
526  return -ENOTTY_ALGORITHM;
527  }
528 
529  return 0;
530 }
asn1_algorithm
An ASN.1 OID-identified algorithm.
Definition: asn1.h:306
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
ENOTTY_ALGORITHM
#define ENOTTY_ALGORITHM
Definition: asn1.c:80
asn1_cursor::data
const void * data
Start of data.
Definition: asn1.h:22
DBGC
#define DBGC(...)
Definition: compiler.h:505
asn1_cursor::len
size_t len
Length of data.
Definition: asn1.h:24
DBGC_HDA
#define DBGC_HDA(...)
Definition: compiler.h:506
algorithm
u16 algorithm
Authentication algorithm (Open System or Shared Key)
Definition: ieee80211.h:1030

References algorithm, asn1_cursor::data, DBGC, DBGC_HDA, ENOTTY_ALGORITHM, asn1_cursor::len, and rc.

Referenced by cms_parse_signature_algorithm(), and x509_parse_public_key().

◆ asn1_digest_algorithm()

int asn1_digest_algorithm ( const struct asn1_cursor cursor,
struct asn1_algorithm **  algorithm 
)

Parse ASN.1 OID-identified digest algorithm.

Parameters
cursorASN.1 object cursor
Return values
algorithmAlgorithm
rcReturn status code

Definition at line 539 of file asn1.c.

540  {
541  int rc;
542 
543  /* Parse algorithm */
544  if ( ( rc = asn1_algorithm ( cursor, algorithm ) ) != 0 )
545  return rc;
546 
547  /* Check algorithm has a digest */
548  if ( ! (*algorithm)->digest ) {
549  DBGC ( cursor, "ASN1 %p algorithm %s is not a digest "
550  "algorithm:\n", cursor, (*algorithm)->name );
551  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
552  return -ENOTTY_ALGORITHM;
553  }
554 
555  return 0;
556 }
asn1_algorithm
An ASN.1 OID-identified algorithm.
Definition: asn1.h:306
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
ENOTTY_ALGORITHM
#define ENOTTY_ALGORITHM
Definition: asn1.c:80
asn1_cursor::data
const void * data
Start of data.
Definition: asn1.h:22
DBGC
#define DBGC(...)
Definition: compiler.h:505
asn1_cursor::len
size_t len
Length of data.
Definition: asn1.h:24
DBGC_HDA
#define DBGC_HDA(...)
Definition: compiler.h:506
algorithm
u16 algorithm
Authentication algorithm (Open System or Shared Key)
Definition: ieee80211.h:1030

References algorithm, asn1_cursor::data, DBGC, DBGC_HDA, ENOTTY_ALGORITHM, asn1_cursor::len, and rc.

Referenced by cms_parse_digest_algorithm().

◆ asn1_signature_algorithm()

int asn1_signature_algorithm ( const struct asn1_cursor cursor,
struct asn1_algorithm **  algorithm 
)

Parse ASN.1 OID-identified signature algorithm.

Parameters
cursorASN.1 object cursor
Return values
algorithmAlgorithm
rcReturn status code

Definition at line 565 of file asn1.c.

566  {
567  int rc;
568 
569  /* Parse algorithm */
570  if ( ( rc = asn1_algorithm ( cursor, algorithm ) ) != 0 )
571  return rc;
572 
573  /* Check algorithm has a public key */
574  if ( ! (*algorithm)->pubkey ) {
575  DBGC ( cursor, "ASN1 %p algorithm %s is not a signature "
576  "algorithm:\n", cursor, (*algorithm)->name );
577  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
578  return -ENOTTY_ALGORITHM;
579  }
580 
581  /* Check algorithm has a digest */
582  if ( ! (*algorithm)->digest ) {
583  DBGC ( cursor, "ASN1 %p algorithm %s is not a signature "
584  "algorithm:\n", cursor, (*algorithm)->name );
585  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
586  return -ENOTTY_ALGORITHM;
587  }
588 
589  return 0;
590 }
asn1_algorithm
An ASN.1 OID-identified algorithm.
Definition: asn1.h:306
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
ENOTTY_ALGORITHM
#define ENOTTY_ALGORITHM
Definition: asn1.c:80
asn1_cursor::data
const void * data
Start of data.
Definition: asn1.h:22
DBGC
#define DBGC(...)
Definition: compiler.h:505
asn1_cursor::len
size_t len
Length of data.
Definition: asn1.h:24
DBGC_HDA
#define DBGC_HDA(...)
Definition: compiler.h:506
algorithm
u16 algorithm
Authentication algorithm (Open System or Shared Key)
Definition: ieee80211.h:1030

References algorithm, asn1_cursor::data, DBGC, DBGC_HDA, ENOTTY_ALGORITHM, asn1_cursor::len, and rc.

Referenced by ocsp_parse_basic_response(), x509_parse(), and x509_parse_tbscertificate().

◆ asn1_check_algorithm()

int asn1_check_algorithm ( const struct asn1_cursor cursor,
struct asn1_algorithm expected 
)

Check ASN.1 OID-identified algorithm.

Parameters
cursorASN.1 object cursor
expectedExpected algorithm
Return values
rcReturn status code

Definition at line 599 of file asn1.c.

600  {
601  struct asn1_algorithm *actual;
602  int rc;
603 
604  /* Parse algorithm */
605  if ( ( rc = asn1_algorithm ( cursor, &actual ) ) != 0 )
606  return rc;
607 
608  /* Check algorithm matches */
609  if ( actual != expected ) {
610  DBGC ( cursor, "ASN1 %p algorithm %s does not match %s\n",
611  cursor, actual->name, expected->name );
612  return -ENOTTY_ALGORITHM;
613  }
614 
615  return 0;
616 }
asn1_algorithm
An ASN.1 OID-identified algorithm.
Definition: asn1.h:306
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
ENOTTY_ALGORITHM
#define ENOTTY_ALGORITHM
Definition: asn1.c:80
DBGC
#define DBGC(...)
Definition: compiler.h:505
asn1_algorithm::name
const char * name
Name.
Definition: asn1.h:308

References DBGC, ENOTTY_ALGORITHM, asn1_algorithm::name, and rc.

Referenced by rsa_parse_mod_exp().

◆ asn1_generalized_time()

int asn1_generalized_time ( const struct asn1_cursor cursor,
time_t time 
)

Parse ASN.1 GeneralizedTime.

Parameters
cursorASN.1 cursor
timeTime to fill in
Return values
rcReturn status code

RFC 5280 section 4.1.2.5 places several restrictions on the allowed formats for UTCTime and GeneralizedTime, and mandates the interpretation of centuryless year values.

Definition at line 629 of file asn1.c.

629  {
630  struct asn1_cursor contents;
631  unsigned int have_century;
632  unsigned int type;
633  union {
634  struct {
635  uint8_t century;
636  uint8_t year;
637  uint8_t month;
638  uint8_t day;
639  uint8_t hour;
640  uint8_t minute;
641  uint8_t second;
642  } __attribute__ (( packed )) named;
643  uint8_t raw[7];
644  } pairs;
645  struct tm tm;
646  const uint8_t *data;
647  size_t remaining;
648  unsigned int tens;
649  unsigned int units;
650  unsigned int i;
651  int rc;
652 
653  /* Determine time format utcTime/generalizedTime */
654  memcpy ( &contents, cursor, sizeof ( contents ) );
655  type = asn1_type ( &contents );
656  switch ( type ) {
657  case ASN1_UTC_TIME:
658  have_century = 0;
659  break;
660  case ASN1_GENERALIZED_TIME:
661  have_century = 1;
662  break;
663  default:
664  DBGC ( cursor, "ASN1 %p invalid time type %02x\n",
665  cursor, type );
666  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
667  return -EINVAL_ASN1_TIME;
668  }
669 
670  /* Enter utcTime/generalizedTime */
671  if ( ( rc = asn1_enter ( &contents, type ) ) != 0 ) {
672  DBGC ( cursor, "ASN1 %p cannot locate %s time:\n", cursor,
673  ( ( type == ASN1_UTC_TIME ) ? "UTC" : "generalized" ) );
674  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
675  return rc;
676  }
677 
678  /* Parse digit string a pair at a time */
679  memset ( &pairs, 0, sizeof ( pairs ) );
680  data = contents.data;
681  remaining = contents.len;
682  for ( i = ( have_century ? 0 : 1 ) ; i < sizeof ( pairs.raw ) ; i++ ) {
683  if ( remaining < 2 ) {
684  /* Some certificates violate the X.509 RFC by
685  * omitting the "seconds" value.
686  */
687  if ( i == ( sizeof ( pairs.raw ) - 1 ) )
688  break;
689  DBGC ( cursor, "ASN1 %p invalid time:\n", cursor );
690  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
691  return -EINVAL_ASN1_TIME;
692  }
693  tens = data[0];
694  units = data[1];
695  if ( ! ( isdigit ( tens ) && isdigit ( units ) ) ) {
696  DBGC ( cursor, "ASN1 %p invalid time:\n", cursor );
697  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
698  return -EINVAL_ASN1_TIME;
699  }
700  pairs.raw[i] = ( ( 10 * ( tens - '0' ) ) + ( units - '0' ) );
701  data += 2;
702  remaining -= 2;
703  }
704 
705  /* Determine century if applicable */
706  if ( ! have_century )
707  pairs.named.century = ( ( pairs.named.year >= 50 ) ? 19 : 20 );
708 
709  /* Check for trailing "Z" */
710  if ( ( remaining != 1 ) || ( data[0] != 'Z' ) ) {
711  DBGC ( cursor, "ASN1 %p invalid time:\n", cursor );
712  DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
713  return -EINVAL_ASN1_TIME;
714  }
715 
716  /* Fill in time */
717  tm.tm_year = ( ( ( pairs.named.century - 19 ) * 100 ) +
718  pairs.named.year );
719  tm.tm_mon = ( pairs.named.month - 1 );
720  tm.tm_mday = pairs.named.day;
721  tm.tm_hour = pairs.named.hour;
722  tm.tm_min = pairs.named.minute;
723  tm.tm_sec = pairs.named.second;
724 
725  /* Convert to seconds since the Epoch */
726  *time = mktime ( &tm );
727 
728  return 0;
729 }
__attribute__
#define __attribute__(x)
Definition: compiler.h:10
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
tm::tm_min
int tm_min
Minutes [0,59].
Definition: time.h:19
EINVAL_ASN1_TIME
#define EINVAL_ASN1_TIME
Definition: asn1.c:64
asn1_enter
int asn1_enter(struct asn1_cursor *cursor, unsigned int type)
Enter ASN.1 object.
Definition: asn1.c:160
second
static __always_inline int off_t userptr_t second
Definition: efi_uaccess.h:80
type
uint32_t type
Operating system type.
Definition: ena.h:12
tm::tm_mday
int tm_mday
Day of month [1,31].
Definition: time.h:23
asn1_cursor::data
const void * data
Start of data.
Definition: asn1.h:22
DBGC
#define DBGC(...)
Definition: compiler.h:505
tm::tm_year
int tm_year
Years since 1900.
Definition: time.h:27
asn1_type
static unsigned int asn1_type(const struct asn1_cursor *cursor)
Extract ASN.1 type.
Definition: asn1.h:373
asn1_cursor::len
size_t len
Length of data.
Definition: asn1.h:24
isdigit
static int isdigit(int character)
Check if character is a decimal digit.
Definition: ctype.h:18
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
DBGC_HDA
#define DBGC_HDA(...)
Definition: compiler.h:506
tm::tm_mon
int tm_mon
Month of year [0,11].
Definition: time.h:25
mktime
time_t mktime(struct tm *tm)
Calculate seconds since the Epoch.
Definition: time.c:117
ASN1_GENERALIZED_TIME
#define ASN1_GENERALIZED_TIME
ASN.1 generalized time.
Definition: asn1.h:86
uint8_t
unsigned char uint8_t
Definition: stdint.h:10
tm
Broken-down time.
Definition: time.h:15
data
uint8_t data[48]
Additional event data.
Definition: ena.h:22
tm::tm_sec
int tm_sec
Seconds [0,60].
Definition: time.h:17
raw
__be32 raw[7]
Definition: CIB_PRM.h:28
ASN1_UTC_TIME
#define ASN1_UTC_TIME
ASN.1 UTC time.
Definition: asn1.h:83
tm::tm_hour
int tm_hour
Hour [0,23].
Definition: time.h:21
time
uint64_t time
Current time.
Definition: ntlm.h:20
asn1_cursor
An ASN.1 object cursor.
Definition: asn1.h:20
memset
void * memset(void *dest, int character, size_t len) __nonnull

References __attribute__, asn1_enter(), ASN1_GENERALIZED_TIME, asn1_type(), ASN1_UTC_TIME, data, asn1_cursor::data, DBGC, DBGC_HDA, EINVAL_ASN1_TIME, isdigit(), asn1_cursor::len, memcpy(), memset(), mktime(), raw, rc, second, time, tm::tm_hour, tm::tm_mday, tm::tm_min, tm::tm_mon, tm::tm_sec, tm::tm_year, and type.

Referenced by ocsp_parse_responses(), and x509_parse_validity().

◆ asn1_header()

static size_t asn1_header ( struct asn1_builder_header header,
unsigned int  type,
size_t  len 
)
static

Construct ASN.1 header.

Parameters
headerASN.1 builder header
typeType
lenContent length
Return values
header_lenHeader length

Definition at line 739 of file asn1.c.

740  {
741  unsigned int header_len = 2;
742  unsigned int len_len = 0;
743  size_t temp;
744 
745  /* Construct header */
746  header->type = type;
747  if ( len < 0x80 ) {
748  header->length[0] = len;
749  } else {
750  for ( temp = len ; temp ; temp >>= 8 )
751  len_len++;
752  header->length[0] = ( 0x80 | len_len );
753  header_len += len_len;
754  for ( temp = len ; temp ; temp >>= 8 )
755  header->length[len_len--] = ( temp & 0xff );
756  }
757 
758  return header_len;
759 }
type
uint32_t type
Operating system type.
Definition: ena.h:12
len
uint32_t len
Length.
Definition: ena.h:14
header
struct ena_aq_header header
Header.
Definition: ena.h:12

References header, len, and type.

Referenced by asn1_prepend(), and asn1_wrap().

◆ asn1_grow()

int asn1_grow ( struct asn1_builder builder,
size_t  extra 
)

Grow ASN.1 builder.

Parameters
builderASN.1 builder
extraExtra space to prepend
Return values
rcReturn status code

Definition at line 768 of file asn1.c.

768  {
769  size_t new_len;
770  void *new;
771 
772  /* As with the ASN1 parsing functions, make errors permanent */
773  if ( builder->len && ! builder->data )
774  return -ENOMEM;
775 
776  /* Reallocate data buffer */
777  new_len = ( builder->len + extra );
778  new = realloc ( builder->data, new_len );
779  if ( ! new ) {
780  free ( builder->data );
781  builder->data = NULL;
782  return -ENOMEM;
783  }
784  builder->data = new;
785 
786  /* Move existing data to end of buffer */
787  memmove ( ( builder->data + extra ), builder->data, builder->len );
788  builder->len = new_len;
789 
790  return 0;
791 }
asn1_builder::data
void * data
Data.
Definition: asn1.h:35
extra
uint8_t extra
Signature extra byte.
Definition: smbios.h:17
ENOMEM
#define ENOMEM
Not enough space.
Definition: errno.h:534
free
static void(* free)(struct refcnt *refcnt))
Definition: refcnt.h:54
memmove
void * memmove(void *dest, const void *src, size_t len) __nonnull
realloc
void * realloc(void *old_ptr, size_t new_size)
Reallocate memory.
Definition: malloc.c:521
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321
asn1_builder::len
size_t len
Length of data.
Definition: asn1.h:37

References asn1_builder::data, ENOMEM, extra, free, asn1_builder::len, memmove(), NULL, and realloc().

Referenced by asn1_prepend(), asn1_prepend_raw(), asn1_wrap(), and icert_cert().

◆ asn1_prepend_raw()

int asn1_prepend_raw ( struct asn1_builder builder,
const void *  data,
size_t  len 
)

Prepend raw data to ASN.1 builder.

Parameters
builderASN.1 builder
dataData to prepend
lenLength of data to prepend
Return values
rcReturn status code

Definition at line 801 of file asn1.c.

802  {
803  int rc;
804 
805  /* Grow buffer */
806  if ( ( rc = asn1_grow ( builder, len ) ) != 0 )
807  return rc;
808 
809  /* Populate data buffer */
810  memcpy ( builder->data, data, len );
811 
812  return 0;
813 }
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
asn1_builder::data
void * data
Data.
Definition: asn1.h:35
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
asn1_grow
int asn1_grow(struct asn1_builder *builder, size_t extra)
Grow ASN.1 builder.
Definition: asn1.c:768
len
uint32_t len
Length.
Definition: ena.h:14
data
uint8_t data[48]
Additional event data.
Definition: ena.h:22

References asn1_grow(), data, asn1_builder::data, len, memcpy(), and rc.

Referenced by icert_cert(), icert_certs(), and ocsp_request().

◆ asn1_prepend()

int asn1_prepend ( struct asn1_builder builder,
unsigned int  type,
const void *  data,
size_t  len 
)

Prepend data to ASN.1 builder.

Parameters
builderASN.1 builder
typeType
dataData to prepend
lenLength of data to prepend
Return values
rcReturn status code

Definition at line 824 of file asn1.c.

825  {
826  struct asn1_builder_header header;
827  size_t header_len;
828  int rc;
829 
830  /* Construct header */
831  header_len = asn1_header ( &header, type, len );
832 
833  /* Grow buffer */
834  if ( ( rc = asn1_grow ( builder, header_len + len ) ) != 0 )
835  return rc;
836 
837  /* Populate data buffer */
838  memcpy ( builder->data, &header, header_len );
839  memcpy ( ( builder->data + header_len ), data, len );
840 
841  return 0;
842 }
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
asn1_builder::data
void * data
Data.
Definition: asn1.h:35
type
uint32_t type
Operating system type.
Definition: ena.h:12
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
asn1_grow
int asn1_grow(struct asn1_builder *builder, size_t extra)
Grow ASN.1 builder.
Definition: asn1.c:768
asn1_header
static size_t asn1_header(struct asn1_builder_header *header, unsigned int type, size_t len)
Construct ASN.1 header.
Definition: asn1.c:739
asn1_builder_header
An ASN.1 header.
Definition: asn1.h:48
len
uint32_t len
Length.
Definition: ena.h:14
header
struct ena_aq_header header
Header.
Definition: ena.h:12
data
uint8_t data[48]
Additional event data.
Definition: ena.h:22

References asn1_grow(), asn1_header(), data, asn1_builder::data, header, len, memcpy(), rc, and type.

Referenced by icert_certs(), and ocsp_request().

◆ asn1_wrap()

int asn1_wrap ( struct asn1_builder builder,
unsigned int  type 
)

Wrap ASN.1 builder.

Parameters
builderASN.1 builder
typeType
Return values
rcReturn status code

Definition at line 851 of file asn1.c.

851  {
852  struct asn1_builder_header header;
853  size_t header_len;
854  int rc;
855 
856  /* Construct header */
857  header_len = asn1_header ( &header, type, builder->len );
858 
859  /* Grow buffer */
860  if ( ( rc = asn1_grow ( builder, header_len ) ) != 0 )
861  return rc;
862 
863  /* Populate data buffer */
864  memcpy ( builder->data, &header, header_len );
865 
866  return 0;
867 }
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
asn1_builder::data
void * data
Data.
Definition: asn1.h:35
type
uint32_t type
Operating system type.
Definition: ena.h:12
memcpy
void * memcpy(void *dest, const void *src, size_t len) __nonnull
asn1_grow
int asn1_grow(struct asn1_builder *builder, size_t extra)
Grow ASN.1 builder.
Definition: asn1.c:768
asn1_header
static size_t asn1_header(struct asn1_builder_header *header, unsigned int type, size_t len)
Construct ASN.1 header.
Definition: asn1.c:739
asn1_builder_header
An ASN.1 header.
Definition: asn1.h:48
header
struct ena_aq_header header
Header.
Definition: ena.h:12
asn1_builder::len
size_t len
Length of data.
Definition: asn1.h:37

References asn1_grow(), asn1_header(), asn1_builder::data, header, asn1_builder::len, memcpy(), rc, and type.

Referenced by icert_cert(), icert_certs(), and ocsp_request().

◆ image_asn1()

int image_asn1 ( struct image image,
size_t  offset,
struct asn1_cursor **  cursor 
)

Extract ASN.1 object from image.

Parameters
imageImage
offsetOffset within image
cursorASN.1 cursor to fill in
Return values
nextOffset to next image, or negative error

The caller is responsible for eventually calling free() on the allocated ASN.1 cursor.

Definition at line 880 of file asn1.c.

881  {
882  int next;
883  int rc;
884 
885  /* Sanity check */
886  assert ( offset <= image->len );
887 
888  /* Check that this image can be used to extract an ASN.1 object */
889  if ( ! ( image->type && image->type->asn1 ) )
890  return -ENOTSUP;
891 
892  /* Try creating ASN.1 cursor */
893  next = image->type->asn1 ( image, offset, cursor );
894  if ( next < 0 ) {
895  rc = next;
896  DBGC ( image, "IMAGE %s could not extract ASN.1 object: %s\n",
897  image->name, strerror ( rc ) );
898  return rc;
899  }
900 
901  return next;
902 }
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
next
uint32_t next
Next descriptor address.
Definition: myson.h:18
image::type
struct image_type * type
Image type, if known.
Definition: image.h:46
DBGC
#define DBGC(...)
Definition: compiler.h:505
image
An executable image.
Definition: image.h:24
ENOTSUP
#define ENOTSUP
Operation not supported.
Definition: errno.h:589
assert
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
offset
static userptr_t size_t offset
Offset of the first segment within the content.
Definition: deflate.h:259
image_type::asn1
int(* asn1)(struct image *image, size_t offset, struct asn1_cursor **cursor)
Extract ASN.1 object from image.
Definition: image.h:114
strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition: strerror.c:78
len
uint32_t len
Length.
Definition: ena.h:14
image::name
char * name
Name.
Definition: image.h:34

References image_type::asn1, assert(), DBGC, ENOTSUP, len, image::name, next, offset, rc, strerror(), and image::type.

Referenced by asn1_okx(), image_x509(), and imgverify().

◆ REQUIRING_SYMBOL()

REQUIRING_SYMBOL ( image_asn1  )

◆ REQUIRE_OBJECT()

REQUIRE_OBJECT ( config_asn1  )
Generated by   doxygen 1.8.15