ASN.1 encoding. More...

#include <stddef.h>
#include <stdint.h>
#include <stdarg.h>
#include <assert.h>
#include <time.h>
#include <ipxe/tables.h>

Data Structures
struct	asn1_cursor
	An ASN.1 object cursor. More...

struct	asn1_builder
	An ASN.1 object builder. More...

struct	asn1_builder_header
	An ASN.1 header. More...

struct	asn1_algorithm
	An ASN.1 OID-identified algorithm. More...

struct	asn1_bit_string
	An ASN.1 bit string. More...

Macros
#define	ASN1_MAX_LEN_LEN ( 1 + sizeof ( size_t ) )
	Maximum (viable) length of ASN.1 length. More...

#define	ASN1_END 0x00
	ASN.1 end. More...

#define	ASN1_BOOLEAN 0x01
	ASN.1 boolean. More...

#define	ASN1_INTEGER 0x02
	ASN.1 integer. More...

#define	ASN1_BIT_STRING 0x03
	ASN.1 bit string. More...

#define	ASN1_OCTET_STRING 0x04
	ASN.1 octet string. More...

#define	ASN1_NULL 0x05
	ASN.1 null. More...

#define	ASN1_OID 0x06
	ASN.1 object identifier. More...

#define	ASN1_ENUMERATED 0x0a
	ASN.1 enumeration. More...

#define	ASN1_UTF8_STRING 0x0c
	ASN.1 UTF-8 string. More...

#define	ASN1_UTC_TIME 0x17
	ASN.1 UTC time. More...

#define	ASN1_GENERALIZED_TIME 0x18
	ASN.1 generalized time. More...

#define	ASN1_SEQUENCE 0x30
	ASN.1 sequence. More...

#define	ASN1_SET 0x31
	ASN.1 set. More...

#define	ASN1_IMPLICIT_TAG(number) ( 0x80 \| (number) )
	ASN.1 implicit tag. More...

#define	ASN1_EXPLICIT_TAG(number) ( 0xa0 \| (number) )
	ASN.1 explicit tag. More...

#define	ASN1_ANY -1U
	ASN.1 "any tag" magic value. More...

#define	ASN1_SHORT(tag, ...) (tag), VA_ARG_COUNT ( __VA_ARGS__ ), __VA_ARGS__
	Construct a short ASN.1 value. More...

#define	ASN1_OID_INITIAL(first, second) ( ( (first) * 40 ) + (second) )
	Initial OID byte. More...

#define	ASN1_OID_SINGLE(value) ( (value) & 0x7f )
	Single-byte OID value. More...

#define	ASN1_OID_DOUBLE(value) ( 0x80 \| ( ( (value) >> 7 ) & 0x7f ) ), ASN1_OID_SINGLE ( (value) )
	Double-byte OID value. More...

#define	ASN1_OID_TRIPLE(value) ( 0x80 \| ( ( (value) >> 14 ) & 0x7f ) ), ASN1_OID_DOUBLE ( (value) )
	Double-byte OID value. More...

#define	ASN1_OID_RSAENCRYPTION
	ASN.1 OID for rsaEncryption (1.2.840.113549.1.1.1) More...

#define	ASN1_OID_MD5WITHRSAENCRYPTION
	ASN.1 OID for md5WithRSAEncryption (1.2.840.113549.1.1.4) More...

#define	ASN1_OID_SHA1WITHRSAENCRYPTION
	ASN.1 OID for sha1WithRSAEncryption (1.2.840.113549.1.1.5) More...

#define	ASN1_OID_SHA256WITHRSAENCRYPTION
	ASN.1 OID for sha256WithRSAEncryption (1.2.840.113549.1.1.11) More...

#define	ASN1_OID_SHA384WITHRSAENCRYPTION
	ASN.1 OID for sha384WithRSAEncryption (1.2.840.113549.1.1.12) More...

#define	ASN1_OID_SHA512WITHRSAENCRYPTION
	ASN.1 OID for sha512WithRSAEncryption (1.2.840.113549.1.1.13) More...

#define	ASN1_OID_SHA224WITHRSAENCRYPTION
	ASN.1 OID for sha224WithRSAEncryption (1.2.840.113549.1.1.14) More...

#define	ASN1_OID_MD4
	ASN.1 OID for id-md4 (1.2.840.113549.2.4) More...

#define	ASN1_OID_MD5
	ASN.1 OID for id-md5 (1.2.840.113549.2.5) More...

#define	ASN1_OID_SHA1
	ASN.1 OID for id-sha1 (1.3.14.3.2.26) More...

#define	ASN1_OID_SHA256
	ASN.1 OID for id-sha256 (2.16.840.1.101.3.4.2.1) More...

#define	ASN1_OID_SHA384
	ASN.1 OID for id-sha384 (2.16.840.1.101.3.4.2.2) More...

#define	ASN1_OID_SHA512
	ASN.1 OID for id-sha512 (2.16.840.1.101.3.4.2.3) More...

#define	ASN1_OID_SHA224
	ASN.1 OID for id-sha224 (2.16.840.1.101.3.4.2.4) More...

#define	ASN1_OID_SHA512_224
	ASN.1 OID for id-sha512-224 (2.16.840.1.101.3.4.2.5) More...

#define	ASN1_OID_SHA512_256
	ASN.1 OID for id-sha512-256 (2.16.840.1.101.3.4.2.6) More...

#define	ASN1_OID_COMMON_NAME
	ASN.1 OID for commonName (2.5.4.3) More...

#define	ASN1_OID_KEYUSAGE
	ASN.1 OID for id-ce-keyUsage (2.5.29.15) More...

#define	ASN1_OID_BASICCONSTRAINTS
	ASN.1 OID for id-ce-basicConstraints (2.5.29.19) More...

#define	ASN1_OID_EXTKEYUSAGE
	ASN.1 OID for id-ce-extKeyUsage (2.5.29.37) More...

#define	ASN1_OID_CODESIGNING
	ASN.1 OID for id-kp-codeSigning (1.3.6.1.5.5.7.3.3) More...

#define	ASN1_OID_SIGNEDDATA
	ASN.1 OID for pkcs-signedData (1.2.840.113549.1.7.2) More...

#define	ASN1_OID_AUTHORITYINFOACCESS
	ASN.1 OID for id-pe-authorityInfoAccess (1.3.6.1.5.5.7.1.1) More...

#define	ASN1_OID_OCSP
	ASN.1 OID for id-ad-ocsp (1.3.6.1.5.5.7.48.1) More...

#define	ASN1_OID_OCSP_BASIC
	ASN.1 OID for id-pkix-ocsp-basic ( 1.3.6.1.5.5.7.48.1.1) More...

#define	ASN1_OID_OCSPSIGNING
	ASN.1 OID for id-kp-OCSPSigning (1.3.6.1.5.5.7.3.9) More...

#define	ASN1_OID_SUBJECTALTNAME
	ASN.1 OID for id-ce-subjectAltName (2.5.29.17) More...

#define	ASN1_CURSOR(value)
	Define an ASN.1 cursor for a static value. More...

#define	ASN1_ALGORITHMS __table ( struct asn1_algorithm, "asn1_algorithms" )
	ASN.1 OID-identified algorithms. More...

#define	__asn1_algorithm __table_entry ( ASN1_ALGORITHMS, 01 )
	Declare an ASN.1 OID-identified algorithm. More...

Functions
	FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)

static void	asn1_invalidate_cursor (struct asn1_cursor *cursor)
	Invalidate ASN.1 object cursor. More...

static unsigned int	asn1_type (const struct asn1_cursor *cursor)
	Extract ASN.1 type. More...

static struct asn1_cursor *	asn1_built (struct asn1_builder *builder)
	Get cursor for built object. More...

int	asn1_start (struct asn1_cursor *cursor, unsigned int type, size_t extra)
	Start parsing ASN.1 object. More...

int	asn1_enter (struct asn1_cursor *cursor, unsigned int type)
	Enter ASN.1 object. More...

int	asn1_skip_if_exists (struct asn1_cursor *cursor, unsigned int type)
	Skip ASN.1 object if present. More...

int	asn1_skip (struct asn1_cursor *cursor, unsigned int type)
	Skip ASN.1 object. More...

int	asn1_shrink (struct asn1_cursor *cursor, unsigned int type)
	Shrink ASN.1 cursor to fit object. More...

int	asn1_enter_any (struct asn1_cursor *cursor)
	Enter ASN.1 object of any type. More...

int	asn1_skip_any (struct asn1_cursor *cursor)
	Skip ASN.1 object of any type. More...

int	asn1_shrink_any (struct asn1_cursor *cursor)
	Shrink ASN.1 object of any type. More...

int	asn1_boolean (const struct asn1_cursor *cursor)
	Parse value of ASN.1 boolean. More...

int	asn1_integer (const struct asn1_cursor cursor, int value)
	Parse value of ASN.1 integer. More...

int	asn1_bit_string (const struct asn1_cursor cursor, struct asn1_bit_string bits)
	Parse ASN.1 bit string. More...

int	asn1_integral_bit_string (const struct asn1_cursor cursor, struct asn1_bit_string bits)
	Parse ASN.1 bit string that must be an integral number of bytes. More...

int	asn1_compare (const struct asn1_cursor cursor1, const struct asn1_cursor cursor2)
	Compare two ASN.1 objects. More...

int	asn1_algorithm (const struct asn1_cursor cursor, struct asn1_algorithm *algorithm)
	Parse ASN.1 OID-identified algorithm. More...

int	asn1_pubkey_algorithm (const struct asn1_cursor cursor, struct asn1_algorithm *algorithm)
	Parse ASN.1 OID-identified public-key algorithm. More...

int	asn1_digest_algorithm (const struct asn1_cursor cursor, struct asn1_algorithm *algorithm)
	Parse ASN.1 OID-identified digest algorithm. More...

int	asn1_signature_algorithm (const struct asn1_cursor cursor, struct asn1_algorithm *algorithm)
	Parse ASN.1 OID-identified signature algorithm. More...

int	asn1_check_algorithm (const struct asn1_cursor cursor, struct asn1_algorithm expected)
	Check ASN.1 OID-identified algorithm. More...

int	asn1_generalized_time (const struct asn1_cursor cursor, time_t time)
	Parse ASN.1 GeneralizedTime. More...

int	asn1_grow (struct asn1_builder *builder, size_t extra)
	Grow ASN.1 builder. More...

int	asn1_prepend_raw (struct asn1_builder builder, const void data, size_t len)
	Prepend raw data to ASN.1 builder. More...

int	asn1_prepend (struct asn1_builder builder, unsigned int type, const void data, size_t len)
	Prepend data to ASN.1 builder. More...

int	asn1_wrap (struct asn1_builder *builder, unsigned int type)
	Wrap ASN.1 builder. More...

Variables
struct asn1_algorithm rsa_encryption_algorithm	__asn1_algorithm
	"md4" OID-identified algorithm More...

Detailed Description

ASN.1 encoding.

Definition in file asn1.h.

Macro Definition Documentation

◆ ASN1_MAX_LEN_LEN

#define ASN1_MAX_LEN_LEN ( 1 + sizeof ( size_t ) )

Maximum (viable) length of ASN.1 length.

While in theory unlimited, this length is sufficient to contain a size_t.

Definition at line 45 of file asn1.h.

◆ ASN1_END

#define ASN1_END 0x00

ASN.1 end.

Definition at line 56 of file asn1.h.

◆ ASN1_BOOLEAN

#define ASN1_BOOLEAN 0x01

ASN.1 boolean.

Definition at line 59 of file asn1.h.

◆ ASN1_INTEGER

#define ASN1_INTEGER 0x02

ASN.1 integer.

Definition at line 62 of file asn1.h.

◆ ASN1_BIT_STRING

#define ASN1_BIT_STRING 0x03

ASN.1 bit string.

Definition at line 65 of file asn1.h.

◆ ASN1_OCTET_STRING

#define ASN1_OCTET_STRING 0x04

ASN.1 octet string.

Definition at line 68 of file asn1.h.

◆ ASN1_NULL

#define ASN1_NULL 0x05

ASN.1 null.

Definition at line 71 of file asn1.h.

◆ ASN1_OID

#define ASN1_OID 0x06

ASN.1 object identifier.

Definition at line 74 of file asn1.h.

◆ ASN1_ENUMERATED

#define ASN1_ENUMERATED 0x0a

ASN.1 enumeration.

Definition at line 77 of file asn1.h.

◆ ASN1_UTF8_STRING

#define ASN1_UTF8_STRING 0x0c

ASN.1 UTF-8 string.

Definition at line 80 of file asn1.h.

◆ ASN1_UTC_TIME

#define ASN1_UTC_TIME 0x17

ASN.1 UTC time.

Definition at line 83 of file asn1.h.

◆ ASN1_GENERALIZED_TIME

#define ASN1_GENERALIZED_TIME 0x18

ASN.1 generalized time.

Definition at line 86 of file asn1.h.

◆ ASN1_SEQUENCE

#define ASN1_SEQUENCE 0x30

ASN.1 sequence.

Definition at line 89 of file asn1.h.

◆ ASN1_SET

#define ASN1_SET 0x31

ASN.1 set.

Definition at line 92 of file asn1.h.

◆ ASN1_IMPLICIT_TAG

#define ASN1_IMPLICIT_TAG ( number ) ( 0x80 | (number) )

ASN.1 implicit tag.

Definition at line 95 of file asn1.h.

◆ ASN1_EXPLICIT_TAG

#define ASN1_EXPLICIT_TAG ( number ) ( 0xa0 | (number) )

ASN.1 explicit tag.

Definition at line 98 of file asn1.h.

◆ ASN1_ANY

#define ASN1_ANY -1U

ASN.1 "any tag" magic value.

Definition at line 101 of file asn1.h.

◆ ASN1_SHORT

#define ASN1_SHORT	(	tag,
		...
	)	(tag), VA_ARG_COUNT ( __VA_ARGS__ ), __VA_ARGS__

Construct a short ASN.1 value.

Definition at line 104 of file asn1.h.

◆ ASN1_OID_INITIAL

#define ASN1_OID_INITIAL	(	first,
		second
	)	( ( (first) * 40 ) + (second) )

Initial OID byte.

Definition at line 108 of file asn1.h.

◆ ASN1_OID_SINGLE

#define ASN1_OID_SINGLE ( value ) ( (value) & 0x7f )

Single-byte OID value.

Valid for values up to 127

Definition at line 114 of file asn1.h.

◆ ASN1_OID_DOUBLE

#define ASN1_OID_DOUBLE ( value ) ( 0x80 | ( ( (value) >> 7 ) & 0x7f ) ), ASN1_OID_SINGLE ( (value) )

Double-byte OID value.

Valid for values up to 16383

Definition at line 120 of file asn1.h.

◆ ASN1_OID_TRIPLE

#define ASN1_OID_TRIPLE ( value ) ( 0x80 | ( ( (value) >> 14 ) & 0x7f ) ), ASN1_OID_DOUBLE ( (value) )

Double-byte OID value.

Valid for values up to 2097151

Definition at line 127 of file asn1.h.

◆ ASN1_OID_RSAENCRYPTION

#define ASN1_OID_RSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 1 )

ASN.1 OID for rsaEncryption (1.2.840.113549.1.1.1)

Definition at line 131 of file asn1.h.

◆ ASN1_OID_MD5WITHRSAENCRYPTION

#define ASN1_OID_MD5WITHRSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 4 )

ASN.1 OID for md5WithRSAEncryption (1.2.840.113549.1.1.4)

Definition at line 137 of file asn1.h.

◆ ASN1_OID_SHA1WITHRSAENCRYPTION

#define ASN1_OID_SHA1WITHRSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 )

ASN.1 OID for sha1WithRSAEncryption (1.2.840.113549.1.1.5)

Definition at line 143 of file asn1.h.

◆ ASN1_OID_SHA256WITHRSAENCRYPTION

#define ASN1_OID_SHA256WITHRSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 11 )

ASN.1 OID for sha256WithRSAEncryption (1.2.840.113549.1.1.11)

Definition at line 149 of file asn1.h.

◆ ASN1_OID_SHA384WITHRSAENCRYPTION

#define ASN1_OID_SHA384WITHRSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 12 )

ASN.1 OID for sha384WithRSAEncryption (1.2.840.113549.1.1.12)

Definition at line 155 of file asn1.h.

◆ ASN1_OID_SHA512WITHRSAENCRYPTION

#define ASN1_OID_SHA512WITHRSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 13 )

ASN.1 OID for sha512WithRSAEncryption (1.2.840.113549.1.1.13)

Definition at line 161 of file asn1.h.

◆ ASN1_OID_SHA224WITHRSAENCRYPTION

#define ASN1_OID_SHA224WITHRSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 14 )

ASN.1 OID for sha224WithRSAEncryption (1.2.840.113549.1.1.14)

Definition at line 167 of file asn1.h.

◆ ASN1_OID_MD4

#define ASN1_OID_MD4

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 2 ),      \
        ASN1_OID_SINGLE ( 4 )

ASN.1 OID for id-md4 (1.2.840.113549.2.4)

Definition at line 173 of file asn1.h.

◆ ASN1_OID_MD5

#define ASN1_OID_MD5

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 2 ),      \
        ASN1_OID_SINGLE ( 5 )

ASN.1 OID for id-md5 (1.2.840.113549.2.5)

Definition at line 179 of file asn1.h.

◆ ASN1_OID_SHA1

#define ASN1_OID_SHA1

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 14 ),      \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 2 ),           \
        ASN1_OID_SINGLE ( 26 )

ASN.1 OID for id-sha1 (1.3.14.3.2.26)

Definition at line 185 of file asn1.h.

◆ ASN1_OID_SHA256

#define ASN1_OID_SHA256

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 1 )

ASN.1 OID for id-sha256 (2.16.840.1.101.3.4.2.1)

Definition at line 191 of file asn1.h.

◆ ASN1_OID_SHA384

#define ASN1_OID_SHA384

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 2 )

ASN.1 OID for id-sha384 (2.16.840.1.101.3.4.2.2)

Definition at line 198 of file asn1.h.

◆ ASN1_OID_SHA512

#define ASN1_OID_SHA512

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 3 )

ASN.1 OID for id-sha512 (2.16.840.1.101.3.4.2.3)

Definition at line 205 of file asn1.h.

◆ ASN1_OID_SHA224

#define ASN1_OID_SHA224

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 4 )

ASN.1 OID for id-sha224 (2.16.840.1.101.3.4.2.4)

Definition at line 212 of file asn1.h.

◆ ASN1_OID_SHA512_224

#define ASN1_OID_SHA512_224

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 5 )

ASN.1 OID for id-sha512-224 (2.16.840.1.101.3.4.2.5)

Definition at line 219 of file asn1.h.

◆ ASN1_OID_SHA512_256

#define ASN1_OID_SHA512_256

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 6 )

ASN.1 OID for id-sha512-256 (2.16.840.1.101.3.4.2.6)

Definition at line 226 of file asn1.h.

◆ ASN1_OID_COMMON_NAME

#define ASN1_OID_COMMON_NAME

Value:

ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 4 ), \

ASN1_OID_SINGLE ( 3 )

ASN1_OID_SINGLE

#define ASN1_OID_SINGLE(value)

Single-byte OID value.

Definition: asn1.h:114

ASN1_OID_INITIAL

#define ASN1_OID_INITIAL(first, second)

Initial OID byte.

Definition: asn1.h:108

ASN.1 OID for commonName (2.5.4.3)

Definition at line 233 of file asn1.h.

◆ ASN1_OID_KEYUSAGE

#define ASN1_OID_KEYUSAGE

Value:

ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 29 ), \

ASN1_OID_SINGLE ( 15 )

ASN1_OID_SINGLE

#define ASN1_OID_SINGLE(value)

Single-byte OID value.

Definition: asn1.h:114

ASN1_OID_INITIAL

#define ASN1_OID_INITIAL(first, second)

Initial OID byte.

Definition: asn1.h:108

ASN.1 OID for id-ce-keyUsage (2.5.29.15)

Definition at line 238 of file asn1.h.

◆ ASN1_OID_BASICCONSTRAINTS

#define ASN1_OID_BASICCONSTRAINTS

Value:

ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 29 ), \

ASN1_OID_SINGLE ( 19 )

ASN1_OID_SINGLE

#define ASN1_OID_SINGLE(value)

Single-byte OID value.

Definition: asn1.h:114

ASN1_OID_INITIAL

#define ASN1_OID_INITIAL(first, second)

Initial OID byte.

Definition: asn1.h:108

ASN.1 OID for id-ce-basicConstraints (2.5.29.19)

Definition at line 243 of file asn1.h.

◆ ASN1_OID_EXTKEYUSAGE

#define ASN1_OID_EXTKEYUSAGE

Value:

ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 29 ), \

ASN1_OID_SINGLE ( 37 )

ASN1_OID_SINGLE

#define ASN1_OID_SINGLE(value)

Single-byte OID value.

Definition: asn1.h:114

ASN1_OID_INITIAL

#define ASN1_OID_INITIAL(first, second)

Initial OID byte.

Definition: asn1.h:108

ASN.1 OID for id-ce-extKeyUsage (2.5.29.37)

Definition at line 248 of file asn1.h.

◆ ASN1_OID_CODESIGNING

#define ASN1_OID_CODESIGNING

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
        ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 3 )

ASN.1 OID for id-kp-codeSigning (1.3.6.1.5.5.7.3.3)

Definition at line 253 of file asn1.h.

◆ ASN1_OID_SIGNEDDATA

#define ASN1_OID_SIGNEDDATA

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 7 ), ASN1_OID_SINGLE ( 2 )

ASN.1 OID for pkcs-signedData (1.2.840.113549.1.7.2)

Definition at line 260 of file asn1.h.

◆ ASN1_OID_AUTHORITYINFOACCESS

#define ASN1_OID_AUTHORITYINFOACCESS

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
        ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 1 )

ASN.1 OID for id-pe-authorityInfoAccess (1.3.6.1.5.5.7.1.1)

Definition at line 266 of file asn1.h.

◆ ASN1_OID_OCSP

#define ASN1_OID_OCSP

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
        ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
        ASN1_OID_SINGLE ( 48 ), ASN1_OID_SINGLE ( 1 )

ASN.1 OID for id-ad-ocsp (1.3.6.1.5.5.7.48.1)

Definition at line 273 of file asn1.h.

◆ ASN1_OID_OCSP_BASIC

#define ASN1_OID_OCSP_BASIC

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
        ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
        ASN1_OID_SINGLE ( 48 ), ASN1_OID_SINGLE ( 1 ),          \
        ASN1_OID_SINGLE ( 1 )

ASN.1 OID for id-pkix-ocsp-basic ( 1.3.6.1.5.5.7.48.1.1)

Definition at line 280 of file asn1.h.

◆ ASN1_OID_OCSPSIGNING

#define ASN1_OID_OCSPSIGNING

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
        ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 9 )

ASN.1 OID for id-kp-OCSPSigning (1.3.6.1.5.5.7.3.9)

Definition at line 288 of file asn1.h.

◆ ASN1_OID_SUBJECTALTNAME

#define ASN1_OID_SUBJECTALTNAME

Value:

ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 29 ), \

ASN1_OID_SINGLE ( 17 )

ASN1_OID_SINGLE

#define ASN1_OID_SINGLE(value)

Single-byte OID value.

Definition: asn1.h:114

ASN1_OID_INITIAL

#define ASN1_OID_INITIAL(first, second)

Initial OID byte.

Definition: asn1.h:108

ASN.1 OID for id-ce-subjectAltName (2.5.29.17)

Definition at line 295 of file asn1.h.

◆ ASN1_CURSOR

#define ASN1_CURSOR ( value )

Value:

{                                       \
                .data = value,                                  \
                .len = sizeof ( value ),                        \
        }

Define an ASN.1 cursor for a static value.

Definition at line 300 of file asn1.h.

◆ ASN1_ALGORITHMS

#define ASN1_ALGORITHMS __table ( struct asn1_algorithm, "asn1_algorithms" )

ASN.1 OID-identified algorithms.

Definition at line 318 of file asn1.h.

◆ __asn1_algorithm

struct asn1_algorithm oid_sha512_256_algorithm __asn1_algorithm __table_entry ( ASN1_ALGORITHMS, 01 )

Declare an ASN.1 OID-identified algorithm.

Definition at line 321 of file asn1.h.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )

◆ asn1_invalidate_cursor()

static void asn1_invalidate_cursor ( struct asn1_cursor * cursor )

inlinestatic

Invalidate ASN.1 object cursor.

Parameters

cursor ASN.1 object cursor

Definition at line 362 of file asn1.h.

                                                       {
         cursor->len = 0;
 }

References asn1_cursor::len.

Referenced by asn1_enter(), asn1_shrink(), and asn1_skip().

◆ asn1_type()

static unsigned int asn1_type ( const struct asn1_cursor * cursor )

inlinestatic

Extract ASN.1 type.

Parameters

cursor ASN.1 object cursor

Return values

type	Type, or ASN1_END if cursor is invalid

Definition at line 373 of file asn1.h.

                                                {
         const uint8_t *type = cursor->data;
 
         return ( ( cursor->len >= sizeof ( *type ) ) ? *type : ASN1_END );
 }

References ASN1_END, asn1_cursor::data, asn1_cursor::len, and type.

Referenced by asn1_generalized_time(), asn1_start(), ocsp_parse_basic_response(), ocsp_parse_responder_id(), ocsp_parse_responses(), rsa_parse_mod_exp(), x509_check_alt_name(), x509_parse_basic_constraints(), x509_parse_extension(), and x509_parse_tbscertificate().

◆ asn1_built()

static struct asn1_cursor* asn1_built ( struct asn1_builder * builder )

inlinestatic

Get cursor for built object.

Parameters

builder ASN.1 object builder

Return values

cursor ASN.1 object cursor

Definition at line 386 of file asn1.h.

                                             {
         union {
                 struct asn1_builder builder;
                 struct asn1_cursor cursor;
         } *u = container_of ( builder, typeof ( *u ), builder );
 
         /* Sanity check */
         linker_assert ( ( ( const void * ) &u->builder.data ) ==
                         &u->cursor.data, asn1_builder_cursor_data_mismatch );
         linker_assert ( &u->builder.len == &u->cursor.len,
                         asn1_builder_cursor_len_mismatch );
 
         return &u->cursor;
 }

References container_of, linker_assert, typeof(), and u.

Referenced by icert_certs(), and privkey_cursor().

◆ asn1_start()

int asn1_start	(	struct asn1_cursor *	cursor,
		unsigned int	type,
		size_t	extra
	)

Start parsing ASN.1 object.

Parameters

cursor	ASN.1 object cursor
type	Expected type, or ASN1_ANY
extra	Additional length not present within partial cursor

Return values

len	Length of object body, or negative error

The object cursor will be updated to point to the start of the object body (i.e. the first byte following the length byte(s)), and the length of the object body (i.e. the number of bytes until the following object tag, if any) is returned.

Definition at line 98 of file asn1.c.

                                                                                {
         unsigned int len_len;
         unsigned int len;
 
         /* Sanity check */
         if ( cursor->len < 2 /* Tag byte and first length byte */ ) {
                 if ( cursor->len )
                         DBGC ( cursor, "ASN1 %p too short\n", cursor );
                 return -EINVAL_ASN1_EMPTY;
         }
 
         /* Check the tag byte */
         if ( ( type != ASN1_ANY ) && ( type != asn1_type ( cursor ) ) ) {
                 DBGC ( cursor, "ASN1 %p type mismatch (expected %d, got %d)\n",
                        cursor, type, *( ( uint8_t * ) cursor->data ) );
                 return -ENXIO;
         }
         cursor->data++;
         cursor->len--;
 
         /* Extract length of the length field and sanity check */
         len_len = *( ( uint8_t * ) cursor->data );
         if ( len_len & 0x80 ) {
                 len_len = ( len_len & 0x7f );
                 cursor->data++;
                 cursor->len--;
         } else {
                 len_len = 1;
         }
         if ( cursor->len < len_len ) {
                 DBGC ( cursor, "ASN1 %p bad length field length %d (max "
                        "%zd)\n", cursor, len_len, cursor->len );
                 return -EINVAL_ASN1_LEN_LEN;
         }
 
         /* Extract the length and sanity check */
         for ( len = 0 ; len_len ; len_len-- ) {
                 len <<= 8;
                 len |= *( ( uint8_t * ) cursor->data );
                 cursor->data++;
                 cursor->len--;
         }
         if ( ( cursor->len + extra ) < len ) {
                 DBGC ( cursor, "ASN1 %p bad length %d (max %zd)\n",
                        cursor, len, ( cursor->len + extra ) );
                 return -EINVAL_ASN1_LEN;
         }
 
         return len;
 }

References ASN1_ANY, asn1_type(), asn1_cursor::data, DBGC, EINVAL_ASN1_EMPTY, EINVAL_ASN1_LEN, EINVAL_ASN1_LEN_LEN, ENXIO, extra, len, asn1_cursor::len, and type.

Referenced by asn1_enter(), asn1_shrink(), asn1_skip_if_exists(), and der_probe().

◆ asn1_enter()

int asn1_enter	(	struct asn1_cursor *	cursor,
		unsigned int	type
	)

Enter ASN.1 object.

Parameters

cursor	ASN.1 object cursor
type	Expected type, or ASN1_ANY

Return values

rc	Return status code

The object cursor will be updated to point to the body of the current ASN.1 object. If any error occurs, the object cursor will be invalidated.

Definition at line 160 of file asn1.c.

                                                                  {
         int len;
 
         len = asn1_start ( cursor, type, 0 );
         if ( len < 0 ) {
                 asn1_invalidate_cursor ( cursor );
                 return len;
         }
 
         cursor->len = len;
         DBGC ( cursor, "ASN1 %p entered object type %02x (len %x)\n",
                cursor, type, len );
 
         return 0;
 }

References asn1_invalidate_cursor(), asn1_start(), DBGC, len, asn1_cursor::len, and type.

Referenced by asn1_algorithm(), asn1_bit_string(), asn1_boolean(), asn1_enter_any(), asn1_generalized_time(), asn1_integer(), cms_parse(), cms_parse_certificates(), cms_parse_content_type(), cms_parse_signature_value(), cms_parse_signer_identifier(), cms_parse_signer_info(), ocsp_compare_responder_key_hash(), ocsp_parse_basic_response(), ocsp_parse_cert_id(), ocsp_parse_certs(), ocsp_parse_response(), ocsp_parse_response_bytes(), ocsp_parse_response_status(), ocsp_parse_response_type(), ocsp_parse_responses(), ocsp_parse_tbs_response_data(), ocsp_request(), rsa_parse_integer(), rsa_parse_mod_exp(), validator_append(), x509_parse(), x509_parse_access_description(), x509_parse_authority_info_access(), x509_parse_basic_constraints(), x509_parse_common_name(), x509_parse_extended_key_usage(), x509_parse_extension(), x509_parse_extensions(), x509_parse_key_purpose(), x509_parse_ocsp(), x509_parse_public_key(), x509_parse_subject_alt_name(), x509_parse_tbscertificate(), x509_parse_validity(), and x509_parse_version().

◆ asn1_skip_if_exists()

int asn1_skip_if_exists	(	struct asn1_cursor *	cursor,
		unsigned int	type
	)

Skip ASN.1 object if present.

Parameters

cursor	ASN.1 object cursor
type	Expected type, or ASN1_ANY

Return values

rc	Return status code

The object cursor will be updated to point to the next ASN.1 object. If any error occurs, the object cursor will not be modified.

Definition at line 187 of file asn1.c.

                                                                           {
         int len;
 
         len = asn1_start ( cursor, type, 0 );
         if ( len < 0 )
                 return len;
 
         cursor->data += len;
         cursor->len -= len;
         DBGC ( cursor, "ASN1 %p skipped object type %02x (len %x)\n",
                cursor, type, len );
 
         if ( ! cursor->len ) {
                 DBGC ( cursor, "ASN1 %p reached end of object\n", cursor );
                 return -ENOENT;
         }
 
         return 0;
 }

References asn1_start(), asn1_cursor::data, DBGC, ENOENT, len, asn1_cursor::len, and type.

Referenced by asn1_skip(), cms_parse(), cms_parse_signer_info(), and ocsp_parse_tbs_response_data().

◆ asn1_skip()

int asn1_skip	(	struct asn1_cursor *	cursor,
		unsigned int	type
	)

Skip ASN.1 object.

Parameters

cursor	ASN.1 object cursor
type	Expected type, or ASN1_ANY

Return values

rc	Return status code

The object cursor will be updated to point to the next ASN.1 object. If any error occurs, the object cursor will be invalidated.

Definition at line 218 of file asn1.c.

                                                                 {
         int rc;
 
         if ( ( rc = asn1_skip_if_exists ( cursor, type ) ) != 0 ) {
                 asn1_invalidate_cursor ( cursor );
                 return rc;
         }
 
         return 0;
 }

References asn1_invalidate_cursor(), asn1_skip_if_exists(), rc, and type.

Referenced by asn1_skip_any(), cms_parse(), cms_parse_signer_info(), ocsp_parse_cert_id(), ocsp_request(), and rsa_parse_mod_exp().

◆ asn1_shrink()

int asn1_shrink	(	struct asn1_cursor *	cursor,
		unsigned int	type
	)

Shrink ASN.1 cursor to fit object.

Parameters

cursor	ASN.1 object cursor
type	Expected type, or ASN1_ANY

Return values

rc	Return status code

The object cursor will be shrunk to contain only the current ASN.1 object. If any error occurs, the object cursor will be invalidated.

Definition at line 240 of file asn1.c.

                                                                   {
         struct asn1_cursor temp;
         const void *end;
         int len;
 
         /* Find end of object */
         memcpy ( &temp, cursor, sizeof ( temp ) );
         len = asn1_start ( &temp, type, 0 );
         if ( len < 0 ) {
                 asn1_invalidate_cursor ( cursor );
                 return len;
         }
         end = ( temp.data + len );
 
         /* Shrink original cursor to contain only its first object */
         cursor->len = ( end - cursor->data );
 
         return 0;
 }

References asn1_invalidate_cursor(), asn1_start(), asn1_cursor::data, end, len, asn1_cursor::len, memcpy(), and type.

Referenced by asn1_shrink_any(), cms_parse_signer_identifier(), ocsp_parse_cert_id(), x509_parse_issuer(), and x509_parse_serial().

◆ asn1_enter_any()

int asn1_enter_any ( struct asn1_cursor * cursor )

Enter ASN.1 object of any type.

Parameters

cursor ASN.1 object cursor

Return values

rc	Return status code

Definition at line 266 of file asn1.c.

                                                   {
         return asn1_enter ( cursor, ASN1_ANY );
 }

References ASN1_ANY, and asn1_enter().

Referenced by ocsp_parse_responder_id(), x509_check_alt_name(), and x509_parse_common_name().

◆ asn1_skip_any()

int asn1_skip_any ( struct asn1_cursor * cursor )

Skip ASN.1 object of any type.

Parameters

cursor ASN.1 object cursor

Return values

rc	Return status code

Definition at line 276 of file asn1.c.

                                                  {
         return asn1_skip ( cursor, ASN1_ANY );
 }

References ASN1_ANY, and asn1_skip().

Referenced by cms_parse(), cms_parse_certificates(), cms_parse_signer_identifier(), cms_parse_signer_info(), ocsp_parse_basic_response(), ocsp_parse_certs(), ocsp_parse_response(), ocsp_parse_response_bytes(), ocsp_parse_responses(), ocsp_parse_tbs_response_data(), rsa_parse_mod_exp(), validator_append(), x509_check_name(), x509_parse(), x509_parse_access_description(), x509_parse_authority_info_access(), x509_parse_basic_constraints(), x509_parse_common_name(), x509_parse_extended_key_usage(), x509_parse_extension(), x509_parse_extensions(), x509_parse_public_key(), x509_parse_tbscertificate(), and x509_parse_validity().

◆ asn1_shrink_any()

int asn1_shrink_any ( struct asn1_cursor * cursor )

Shrink ASN.1 object of any type.

Parameters

cursor ASN.1 object cursor

Return values

rc	Return status code

Definition at line 286 of file asn1.c.

                                                    {
         return asn1_shrink ( cursor, ASN1_ANY );
 }

References ASN1_ANY, and asn1_shrink().

Referenced by cms_signature(), ocsp_parse_tbs_response_data(), x509_certificate(), x509_parse_public_key(), x509_parse_subject(), and x509_parse_tbscertificate().

◆ asn1_boolean()

int asn1_boolean ( const struct asn1_cursor * cursor )

Parse value of ASN.1 boolean.

Parameters

cursor ASN.1 object cursor

Return values

value Value, or negative error

Definition at line 296 of file asn1.c.

                                                       {
         struct asn1_cursor contents;
         const struct {
                 uint8_t value;
         } __attribute__ (( packed )) *boolean;
 
         /* Enter boolean */
         memcpy ( &contents, cursor, sizeof ( contents ) );
         asn1_enter ( &contents, ASN1_BOOLEAN );
         if ( contents.len != sizeof ( *boolean ) )
                 return -EINVAL_ASN1_BOOLEAN;
 
         /* Extract value */
         boolean = contents.data;
         return boolean->value;
 }

References __attribute__, ASN1_BOOLEAN, asn1_enter(), asn1_cursor::data, EINVAL_ASN1_BOOLEAN, asn1_cursor::len, memcpy(), and value.

Referenced by x509_parse_basic_constraints(), and x509_parse_extension().

◆ asn1_integer()

int asn1_integer	(	const struct asn1_cursor *	cursor,
		int *	value
	)

Parse value of ASN.1 integer.

Parameters

cursor	ASN.1 object cursor
value	Value to fill in

Return values

rc	Return status code

Definition at line 320 of file asn1.c.

                                                                   {
         struct asn1_cursor contents;
         uint8_t high_byte;
         int rc;
 
         /* Enter integer */
         memcpy ( &contents, cursor, sizeof ( contents ) );
         if ( ( rc = asn1_enter ( &contents, ASN1_INTEGER ) ) != 0 )
                 return rc;
         if ( contents.len < 1 )
                 return -EINVAL_ASN1_INTEGER;
 
         /* Initialise value according to sign byte */
         *value = *( ( int8_t * ) contents.data );
         contents.data++;
         contents.len--;
 
         /* Process value */
         while ( contents.len ) {
                 high_byte = ( (*value) >> ( 8 * ( sizeof ( *value ) - 1 ) ) );
                 if ( ( high_byte != 0x00 ) && ( high_byte != 0xff ) ) {
                         DBGC ( cursor, "ASN1 %p integer overflow\n", cursor );
                         return -EINVAL_ASN1_INTEGER;
                 }
                 *value = ( ( *value << 8 ) | *( ( uint8_t * ) contents.data ) );
                 contents.data++;
                 contents.len--;
         }
 
         return 0;
 }

References asn1_enter(), ASN1_INTEGER, asn1_cursor::data, DBGC, EINVAL_ASN1_INTEGER, asn1_cursor::len, memcpy(), rc, and value.

Referenced by x509_parse_basic_constraints(), and x509_parse_version().

◆ asn1_bit_string()

int asn1_bit_string	(	const struct asn1_cursor *	cursor,
		struct asn1_bit_string *	bits
	)

Parse ASN.1 bit string.

Parameters

cursor	ASN.1 cursor
bits	Bit string to fill in

Return values

rc	Return status code

Definition at line 359 of file asn1.c.

                                                      {
         struct asn1_cursor contents;
         const struct {
                 uint8_t unused;
                 uint8_t data[0];
         } __attribute__ (( packed )) *bit_string;
         size_t len;
         unsigned int unused;
         uint8_t unused_mask;
         const uint8_t *last;
         int rc;
 
         /* Enter bit string */
         memcpy ( &contents, cursor, sizeof ( contents ) );
         if ( ( rc = asn1_enter ( &contents, ASN1_BIT_STRING ) ) != 0 ) {
                 DBGC ( cursor, "ASN1 %p cannot locate bit string:\n", cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return rc;
         }
 
         /* Validity checks */
         if ( contents.len < sizeof ( *bit_string ) ) {
                 DBGC ( cursor, "ASN1 %p invalid bit string:\n", cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -EINVAL_BIT_STRING;
         }
         bit_string = contents.data;
         len = ( contents.len - offsetof ( typeof ( *bit_string ), data ) );
         unused = bit_string->unused;
         unused_mask = ( 0xff >> ( 8 - unused ) );
         last = ( bit_string->data + len - 1 );
         if ( ( unused >= 8 ) ||
              ( ( unused > 0 ) && ( len == 0 ) ) ||
              ( ( *last & unused_mask ) != 0 ) ) {
                 DBGC ( cursor, "ASN1 %p invalid bit string:\n", cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -EINVAL_BIT_STRING;
         }
 
         /* Populate bit string */
         bits->data = &bit_string->data;
         bits->len = len;
         bits->unused = unused;
 
         return 0;
 }

References __attribute__, ASN1_BIT_STRING, asn1_enter(), bits, data, asn1_cursor::data, DBGC, DBGC_HDA, EINVAL_BIT_STRING, last, len, asn1_cursor::len, memcpy(), offsetof, rc, typeof(), and unused.

◆ asn1_integral_bit_string()

int asn1_integral_bit_string	(	const struct asn1_cursor *	cursor,
		struct asn1_bit_string *	bits
	)

Parse ASN.1 bit string that must be an integral number of bytes.

Parameters

cursor	ASN.1 cursor
bits	Bit string to fill in

Return values

rc	Return status code

Definition at line 414 of file asn1.c.

                                                               {
         int rc;
 
         /* Parse bit string */
         if ( ( rc = asn1_bit_string ( cursor, bits ) ) != 0 )
                 return rc;
 
         /* Check that there are no unused bits at end of string */
         if ( bits->unused ) {
                 DBGC ( cursor, "ASN1 %p invalid integral bit string:\n",
                        cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -EINVAL_BIT_STRING;
         }
 
         return 0;
 }

References bits, asn1_cursor::data, DBGC, DBGC_HDA, EINVAL_BIT_STRING, asn1_cursor::len, and rc.

Referenced by ocsp_parse_basic_response(), rsa_parse_mod_exp(), and x509_parse().

◆ asn1_compare()

int asn1_compare	(	const struct asn1_cursor *	cursor1,
		const struct asn1_cursor *	cursor2
	)

Compare two ASN.1 objects.

Parameters

cursor1	ASN.1 object cursor
cursor2	ASN.1 object cursor

Return values

difference Difference as returned by memcmp()

Note that invalid and empty cursors will compare as equal with each other.

Definition at line 443 of file asn1.c.

                                                        {
         int difference;
 
         difference = ( cursor2->len - cursor1->len );
         return ( difference ? difference :
                  memcmp ( cursor1->data, cursor2->data, cursor1->len ) );
 }

References asn1_cursor::data, asn1_cursor::len, and memcmp().

Referenced by asn1_find_algorithm(), certstore_find(), cms_find_issuer_serial(), cms_parse_content_type(), ocsp_compare_responder_name(), ocsp_parse_cert_id(), ocsp_parse_response_type(), rsa_match(), validator_step(), x509_check_issuer(), x509_find_access_method(), x509_find_extension(), x509_find_subject(), x509_parse_common_name(), and x509_parse_key_purpose().

◆ asn1_algorithm()

int asn1_algorithm	(	const struct asn1_cursor *	cursor,
		struct asn1_algorithm **	algorithm
	)

Parse ASN.1 OID-identified algorithm.

Parameters

cursor ASN.1 object cursor

Return values

algorithm	Algorithm
rc	Return status code

Definition at line 478 of file asn1.c.

                                                          {
         struct asn1_cursor contents;
         int rc;
 
         /* Enter signatureAlgorithm */
         memcpy ( &contents, cursor, sizeof ( contents ) );
         asn1_enter ( &contents, ASN1_SEQUENCE );
 
         /* Enter algorithm */
         if ( ( rc = asn1_enter ( &contents, ASN1_OID ) ) != 0 ) {
                 DBGC ( cursor, "ASN1 %p cannot locate algorithm OID:\n",
                        cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -EINVAL_ASN1_ALGORITHM;
         }
 
         /* Identify algorithm */
         *algorithm = asn1_find_algorithm ( &contents );
         if ( ! *algorithm ) {
                 DBGC ( cursor, "ASN1 %p unrecognised algorithm:\n", cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTSUP_ALGORITHM;
         }
 
         return 0;
 }

References algorithm, asn1_enter(), asn1_find_algorithm(), ASN1_OID, ASN1_SEQUENCE, asn1_cursor::data, DBGC, DBGC_HDA, EINVAL_ASN1_ALGORITHM, ENOTSUP_ALGORITHM, asn1_cursor::len, memcpy(), and rc.

◆ asn1_pubkey_algorithm()

int asn1_pubkey_algorithm	(	const struct asn1_cursor *	cursor,
		struct asn1_algorithm **	algorithm
	)

Parse ASN.1 OID-identified public-key algorithm.

Parameters

cursor ASN.1 object cursor

Return values

algorithm	Algorithm
rc	Return status code

Definition at line 513 of file asn1.c.

                                                                 {
         int rc;
 
         /* Parse algorithm */
         if ( ( rc = asn1_algorithm ( cursor, algorithm ) ) != 0 )
                 return rc;
 
         /* Check algorithm has a public key */
         if ( ! (*algorithm)->pubkey ) {
                 DBGC ( cursor, "ASN1 %p algorithm %s is not a public-key "
                        "algorithm:\n", cursor, (*algorithm)->name );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTTY_ALGORITHM;
         }
 
         return 0;
 }

References algorithm, asn1_cursor::data, DBGC, DBGC_HDA, ENOTTY_ALGORITHM, asn1_cursor::len, and rc.

Referenced by cms_parse_signature_algorithm(), and x509_parse_public_key().

◆ asn1_digest_algorithm()

int asn1_digest_algorithm	(	const struct asn1_cursor *	cursor,
		struct asn1_algorithm **	algorithm
	)

Parse ASN.1 OID-identified digest algorithm.

Parameters

cursor ASN.1 object cursor

Return values

algorithm	Algorithm
rc	Return status code

Definition at line 539 of file asn1.c.

                                                                 {
         int rc;
 
         /* Parse algorithm */
         if ( ( rc = asn1_algorithm ( cursor, algorithm ) ) != 0 )
                 return rc;
 
         /* Check algorithm has a digest */
         if ( ! (*algorithm)->digest ) {
                 DBGC ( cursor, "ASN1 %p algorithm %s is not a digest "
                        "algorithm:\n", cursor, (*algorithm)->name );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTTY_ALGORITHM;
         }
 
         return 0;
 }

References algorithm, asn1_cursor::data, DBGC, DBGC_HDA, ENOTTY_ALGORITHM, asn1_cursor::len, and rc.

Referenced by cms_parse_digest_algorithm().

◆ asn1_signature_algorithm()

int asn1_signature_algorithm	(	const struct asn1_cursor *	cursor,
		struct asn1_algorithm **	algorithm
	)

Parse ASN.1 OID-identified signature algorithm.

Parameters

cursor ASN.1 object cursor

Return values

algorithm	Algorithm
rc	Return status code

Definition at line 565 of file asn1.c.

                                                                    {
         int rc;
 
         /* Parse algorithm */
         if ( ( rc = asn1_algorithm ( cursor, algorithm ) ) != 0 )
                 return rc;
 
         /* Check algorithm has a public key */
         if ( ! (*algorithm)->pubkey ) {
                 DBGC ( cursor, "ASN1 %p algorithm %s is not a signature "
                        "algorithm:\n", cursor, (*algorithm)->name );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTTY_ALGORITHM;
         }
 
         /* Check algorithm has a digest */
         if ( ! (*algorithm)->digest ) {
                 DBGC ( cursor, "ASN1 %p algorithm %s is not a signature "
                        "algorithm:\n", cursor, (*algorithm)->name );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTTY_ALGORITHM;
         }
 
         return 0;
 }

References algorithm, asn1_cursor::data, DBGC, DBGC_HDA, ENOTTY_ALGORITHM, asn1_cursor::len, and rc.

Referenced by ocsp_parse_basic_response(), x509_parse(), and x509_parse_tbscertificate().

◆ asn1_check_algorithm()

int asn1_check_algorithm	(	const struct asn1_cursor *	cursor,
		struct asn1_algorithm *	expected
	)

Check ASN.1 OID-identified algorithm.

Parameters

cursor	ASN.1 object cursor
expected	Expected algorithm

Return values

rc	Return status code

Definition at line 599 of file asn1.c.

                                                              {
         struct asn1_algorithm *actual;
         int rc;
 
         /* Parse algorithm */
         if ( ( rc = asn1_algorithm ( cursor, &actual ) ) != 0 )
                 return rc;
 
         /* Check algorithm matches */
         if ( actual != expected ) {
                 DBGC ( cursor, "ASN1 %p algorithm %s does not match %s\n",
                        cursor, actual->name, expected->name );
                 return -ENOTTY_ALGORITHM;
         }
 
         return 0;
 }

References DBGC, ENOTTY_ALGORITHM, asn1_algorithm::name, and rc.

Referenced by rsa_parse_mod_exp().

◆ asn1_generalized_time()

int asn1_generalized_time	(	const struct asn1_cursor *	cursor,
		time_t *	time
	)

Parse ASN.1 GeneralizedTime.

Parameters

cursor	ASN.1 cursor
time	Time to fill in

Return values

rc	Return status code

RFC 5280 section 4.1.2.5 places several restrictions on the allowed formats for UTCTime and GeneralizedTime, and mandates the interpretation of centuryless year values.

Definition at line 629 of file asn1.c.

                                                                              {
         struct asn1_cursor contents;
         unsigned int have_century;
         unsigned int type;
         union {
                 struct {
                         uint8_t century;
                         uint8_t year;
                         uint8_t month;
                         uint8_t day;
                         uint8_t hour;
                         uint8_t minute;
                         uint8_t second;
                 } __attribute__ (( packed )) named;
                 uint8_t raw[7];
         } pairs;
         struct tm tm;
         const uint8_t *data;
         size_t remaining;
         unsigned int tens;
         unsigned int units;
         unsigned int i;
         int rc;
 
         /* Determine time format utcTime/generalizedTime */
         memcpy ( &contents, cursor, sizeof ( contents ) );
         type = asn1_type ( &contents );
         switch ( type ) {
         case ASN1_UTC_TIME:
                 have_century = 0;
                 break;
         case ASN1_GENERALIZED_TIME:
                 have_century = 1;
                 break;
         default:
                 DBGC ( cursor, "ASN1 %p invalid time type %02x\n",
                        cursor, type );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -EINVAL_ASN1_TIME;
         }
 
         /* Enter utcTime/generalizedTime */
         if ( ( rc = asn1_enter ( &contents, type ) ) != 0 ) {
                 DBGC ( cursor, "ASN1 %p cannot locate %s time:\n", cursor,
                        ( ( type == ASN1_UTC_TIME ) ? "UTC" : "generalized" ) );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return rc;
         }
 
         /* Parse digit string a pair at a time */
         memset ( &pairs, 0, sizeof ( pairs ) );
         data = contents.data;
         remaining = contents.len;
         for ( i = ( have_century ? 0 : 1 ) ; i < sizeof ( pairs.raw ) ; i++ ) {
                 if ( remaining < 2 ) {
                         /* Some certificates violate the X.509 RFC by
                          * omitting the "seconds" value.
                          */
                         if ( i == ( sizeof ( pairs.raw ) - 1 ) )
                                 break;
                         DBGC ( cursor, "ASN1 %p invalid time:\n", cursor );
                         DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                         return -EINVAL_ASN1_TIME;
                 }
                 tens = data[0];
                 units = data[1];
                 if ( ! ( isdigit ( tens ) && isdigit ( units ) ) ) {
                         DBGC ( cursor, "ASN1 %p invalid time:\n", cursor );
                         DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                         return -EINVAL_ASN1_TIME;
                 }
                 pairs.raw[i] = ( ( 10 * ( tens - '0' ) ) + ( units - '0' ) );
                 data += 2;
                 remaining -= 2;
         }
 
         /* Determine century if applicable */
         if ( ! have_century )
                 pairs.named.century = ( ( pairs.named.year >= 50 ) ? 19 : 20 );
 
         /* Check for trailing "Z" */
         if ( ( remaining != 1 ) || ( data[0] != 'Z' ) ) {
                 DBGC ( cursor, "ASN1 %p invalid time:\n", cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -EINVAL_ASN1_TIME;
         }
 
         /* Fill in time */
         tm.tm_year = ( ( ( pairs.named.century - 19 ) * 100 ) +
                        pairs.named.year );
         tm.tm_mon = ( pairs.named.month - 1 );
         tm.tm_mday = pairs.named.day;
         tm.tm_hour = pairs.named.hour;
         tm.tm_min = pairs.named.minute;
         tm.tm_sec = pairs.named.second;
 
         /* Convert to seconds since the Epoch */
         *time = mktime ( &tm );
 
         return 0;
 }

References __attribute__, asn1_enter(), ASN1_GENERALIZED_TIME, asn1_type(), ASN1_UTC_TIME, data, asn1_cursor::data, DBGC, DBGC_HDA, EINVAL_ASN1_TIME, isdigit(), asn1_cursor::len, memcpy(), memset(), mktime(), raw, rc, second, time, tm::tm_hour, tm::tm_mday, tm::tm_min, tm::tm_mon, tm::tm_sec, tm::tm_year, and type.

Referenced by ocsp_parse_responses(), and x509_parse_validity().

◆ asn1_grow()

int asn1_grow	(	struct asn1_builder *	builder,
		size_t	extra
	)

Grow ASN.1 builder.

Parameters

builder	ASN.1 builder
extra	Extra space to prepend

Return values

rc	Return status code

Definition at line 768 of file asn1.c.

                                                              {
         size_t new_len;
         void *new;
 
         /* As with the ASN1 parsing functions, make errors permanent */
         if ( builder->len && ! builder->data )
                 return -ENOMEM;
 
         /* Reallocate data buffer */
         new_len = ( builder->len + extra );
         new = realloc ( builder->data, new_len );
         if ( ! new ) {
                 free ( builder->data );
                 builder->data = NULL;
                 return -ENOMEM;
         }
         builder->data = new;
 
         /* Move existing data to end of buffer */
         memmove ( ( builder->data + extra ), builder->data, builder->len );
         builder->len = new_len;
 
         return 0;
 }

References asn1_builder::data, ENOMEM, extra, free, asn1_builder::len, memmove(), NULL, and realloc().

Referenced by asn1_prepend(), asn1_prepend_raw(), asn1_wrap(), and icert_cert().

◆ asn1_prepend_raw()

int asn1_prepend_raw	(	struct asn1_builder *	builder,
		const void *	data,
		size_t	len
	)

Prepend raw data to ASN.1 builder.

Parameters

builder	ASN.1 builder
data	Data to prepend
len	Length of data to prepend

Return values

rc	Return status code

Definition at line 801 of file asn1.c.

                                     {
         int rc;
 
         /* Grow buffer */
         if ( ( rc = asn1_grow ( builder, len ) ) != 0 )
                 return rc;
 
         /* Populate data buffer */
         memcpy ( builder->data, data, len );
 
         return 0;
 }

References asn1_grow(), data, asn1_builder::data, len, memcpy(), and rc.

Referenced by icert_cert(), icert_certs(), and ocsp_request().

◆ asn1_prepend()

int asn1_prepend	(	struct asn1_builder *	builder,
		unsigned int	type,
		const void *	data,
		size_t	len
	)

Prepend data to ASN.1 builder.

Parameters

builder	ASN.1 builder
type	Type
data	Data to prepend
len	Length of data to prepend

Return values

rc	Return status code

Definition at line 824 of file asn1.c.

                                                   {
         struct asn1_builder_header header;
         size_t header_len;
         int rc;
 
         /* Construct header */
         header_len = asn1_header ( &header, type, len );
 
         /* Grow buffer */
         if ( ( rc = asn1_grow ( builder, header_len + len ) ) != 0 )
                 return rc;
 
         /* Populate data buffer */
         memcpy ( builder->data, &header, header_len );
         memcpy ( ( builder->data + header_len ), data, len );
 
         return 0;
 }

References asn1_grow(), asn1_header(), data, asn1_builder::data, header, len, memcpy(), rc, and type.

Referenced by icert_certs(), and ocsp_request().

◆ asn1_wrap()

int asn1_wrap	(	struct asn1_builder *	builder,
		unsigned int	type
	)

Wrap ASN.1 builder.

Parameters

builder	ASN.1 builder
type	Type

Return values

rc	Return status code

Definition at line 851 of file asn1.c.

                                                                   {
         struct asn1_builder_header header;
         size_t header_len;
         int rc;
 
         /* Construct header */
         header_len = asn1_header ( &header, type, builder->len );
 
         /* Grow buffer */
         if ( ( rc = asn1_grow ( builder, header_len ) ) != 0 )
                 return rc;
 
         /* Populate data buffer */
         memcpy ( builder->data, &header, header_len );
 
         return 0;
 }

References asn1_grow(), asn1_header(), asn1_builder::data, header, asn1_builder::len, memcpy(), rc, and type.

Referenced by icert_cert(), icert_certs(), and ocsp_request().

Variable Documentation

◆ __asn1_algorithm

struct asn1_algorithm oid_sha512_256_algorithm __asn1_algorithm

"md4" OID-identified algorithm

Definition at line 325 of file asn1.h.

Data Structures

Macros

Functions

Variables

Detailed Description

Macro Definition Documentation

◆ ASN1_MAX_LEN_LEN

◆ ASN1_END

◆ ASN1_BOOLEAN

◆ ASN1_INTEGER

◆ ASN1_BIT_STRING

◆ ASN1_OCTET_STRING

◆ ASN1_NULL

◆ ASN1_OID

◆ ASN1_ENUMERATED

◆ ASN1_UTF8_STRING

◆ ASN1_UTC_TIME

◆ ASN1_GENERALIZED_TIME

◆ ASN1_SEQUENCE

◆ ASN1_SET

◆ ASN1_IMPLICIT_TAG

◆ ASN1_EXPLICIT_TAG

◆ ASN1_ANY

◆ ASN1_SHORT

◆ ASN1_OID_INITIAL

◆ ASN1_OID_SINGLE

◆ ASN1_OID_DOUBLE

◆ ASN1_OID_TRIPLE

◆ ASN1_OID_RSAENCRYPTION

◆ ASN1_OID_MD5WITHRSAENCRYPTION

◆ ASN1_OID_SHA1WITHRSAENCRYPTION

◆ ASN1_OID_SHA256WITHRSAENCRYPTION

◆ ASN1_OID_SHA384WITHRSAENCRYPTION

◆ ASN1_OID_SHA512WITHRSAENCRYPTION

◆ ASN1_OID_SHA224WITHRSAENCRYPTION

◆ ASN1_OID_MD4

◆ ASN1_OID_MD5

◆ ASN1_OID_SHA1

◆ ASN1_OID_SHA256

◆ ASN1_OID_SHA384

◆ ASN1_OID_SHA512

◆ ASN1_OID_SHA224

◆ ASN1_OID_SHA512_224

◆ ASN1_OID_SHA512_256

◆ ASN1_OID_COMMON_NAME

◆ ASN1_OID_KEYUSAGE

◆ ASN1_OID_BASICCONSTRAINTS

◆ ASN1_OID_EXTKEYUSAGE

◆ ASN1_OID_CODESIGNING

◆ ASN1_OID_SIGNEDDATA

◆ ASN1_OID_AUTHORITYINFOACCESS

◆ ASN1_OID_OCSP

◆ ASN1_OID_OCSP_BASIC

◆ ASN1_OID_OCSPSIGNING

◆ ASN1_OID_SUBJECTALTNAME

◆ ASN1_CURSOR

◆ ASN1_ALGORITHMS

◆ __asn1_algorithm

Function Documentation

◆ FILE_LICENCE()

◆ asn1_invalidate_cursor()

◆ asn1_type()

◆ asn1_built()

◆ asn1_start()

◆ asn1_enter()

◆ asn1_skip_if_exists()

◆ asn1_skip()

◆ asn1_shrink()

◆ asn1_enter_any()

◆ asn1_skip_any()

◆ asn1_shrink_any()

◆ asn1_boolean()

◆ asn1_integer()

◆ asn1_bit_string()

◆ asn1_integral_bit_string()

◆ asn1_compare()

◆ asn1_algorithm()

◆ asn1_pubkey_algorithm()

◆ asn1_digest_algorithm()

◆ asn1_signature_algorithm()