File: | src/lib/libcrypto/asn1/tasn_dec.c |
Warning: | line 1199, column 7 Although the value stored to 'ret' is used in the enclosing expression, the value is never actually read from 'ret' |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: tasn_dec.c,v 1.88 2023/07/28 10:00:10 tb Exp $ */ |
2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 | * project 2000. |
4 | */ |
5 | /* ==================================================================== |
6 | * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. |
7 | * |
8 | * Redistribution and use in source and binary forms, with or without |
9 | * modification, are permitted provided that the following conditions |
10 | * are met: |
11 | * |
12 | * 1. Redistributions of source code must retain the above copyright |
13 | * notice, this list of conditions and the following disclaimer. |
14 | * |
15 | * 2. Redistributions in binary form must reproduce the above copyright |
16 | * notice, this list of conditions and the following disclaimer in |
17 | * the documentation and/or other materials provided with the |
18 | * distribution. |
19 | * |
20 | * 3. All advertising materials mentioning features or use of this |
21 | * software must display the following acknowledgment: |
22 | * "This product includes software developed by the OpenSSL Project |
23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
24 | * |
25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
26 | * endorse or promote products derived from this software without |
27 | * prior written permission. For written permission, please contact |
28 | * licensing@OpenSSL.org. |
29 | * |
30 | * 5. Products derived from this software may not be called "OpenSSL" |
31 | * nor may "OpenSSL" appear in their names without prior written |
32 | * permission of the OpenSSL Project. |
33 | * |
34 | * 6. Redistributions of any form whatsoever must retain the following |
35 | * acknowledgment: |
36 | * "This product includes software developed by the OpenSSL Project |
37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
38 | * |
39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
50 | * OF THE POSSIBILITY OF SUCH DAMAGE. |
51 | * ==================================================================== |
52 | * |
53 | * This product includes cryptographic software written by Eric Young |
54 | * (eay@cryptsoft.com). This product includes software written by Tim |
55 | * Hudson (tjh@cryptsoft.com). |
56 | * |
57 | */ |
58 | |
59 | #include <limits.h> |
60 | #include <stddef.h> |
61 | #include <string.h> |
62 | |
63 | #include <openssl/asn1.h> |
64 | #include <openssl/asn1t.h> |
65 | #include <openssl/buffer.h> |
66 | #include <openssl/err.h> |
67 | #include <openssl/objects.h> |
68 | |
69 | #include "asn1_local.h" |
70 | #include "bytestring.h" |
71 | |
72 | /* |
73 | * Constructed types with a recursive definition (such as can be found in PKCS7) |
74 | * could eventually exceed the stack given malicious input with excessive |
75 | * recursion. Therefore we limit the stack depth. |
76 | */ |
77 | #define ASN1_MAX_CONSTRUCTED_NEST30 30 |
78 | |
79 | #ifndef ASN1_MAX_STRING_NEST5 |
80 | /* |
81 | * This determines how many levels of recursion are permitted in ASN.1 string |
82 | * types. If it is not limited stack overflows can occur. If set to zero no |
83 | * recursion is allowed at all. |
84 | */ |
85 | #define ASN1_MAX_STRING_NEST5 5 |
86 | #endif |
87 | |
88 | static int asn1_template_d2i(ASN1_VALUE **pval, CBS *cbs, |
89 | const ASN1_TEMPLATE *at, int optional, int depth); |
90 | |
91 | static int |
92 | asn1_check_eoc(CBS *cbs) |
93 | { |
94 | uint16_t eoc; |
95 | |
96 | if (!CBS_peek_u16(cbs, &eoc)) |
97 | return 0; |
98 | if (eoc != 0) |
99 | return 0; |
100 | |
101 | return CBS_skip(cbs, 2); |
102 | } |
103 | |
104 | static int |
105 | asn1_check_tag(CBS *cbs, size_t *out_len, int *out_tag, uint8_t *out_class, |
106 | int *out_indefinite, int *out_constructed, int expected_tag, |
107 | int expected_class, int optional) |
108 | { |
109 | int constructed, indefinite; |
110 | uint32_t tag_number; |
111 | uint8_t tag_class; |
112 | size_t length; |
113 | |
114 | if (out_len != NULL((void *)0)) |
115 | *out_len = 0; |
116 | if (out_tag != NULL((void *)0)) |
117 | *out_tag = 0; |
118 | if (out_class != NULL((void *)0)) |
119 | *out_class = 0; |
120 | if (out_indefinite != NULL((void *)0)) |
121 | *out_indefinite = 0; |
122 | if (out_constructed != NULL((void *)0)) |
123 | *out_constructed = 0; |
124 | |
125 | if (!asn1_get_identifier_cbs(cbs, 0, &tag_class, &constructed, |
126 | &tag_number)) { |
127 | ASN1error(ASN1_R_BAD_OBJECT_HEADER)ERR_put_error(13,(0xfff),(102),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,127); |
128 | return 0; |
129 | } |
130 | if (expected_tag >= 0) { |
131 | if (expected_tag != tag_number || |
132 | expected_class != tag_class << 6) { |
133 | /* Indicate missing type if this is OPTIONAL. */ |
134 | if (optional) |
135 | return -1; |
136 | |
137 | ASN1error(ASN1_R_WRONG_TAG)ERR_put_error(13,(0xfff),(168),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,137); |
138 | return 0; |
139 | } |
140 | } |
141 | if (!asn1_get_length_cbs(cbs, 0, &indefinite, &length)) { |
142 | ASN1error(ASN1_R_BAD_OBJECT_HEADER)ERR_put_error(13,(0xfff),(102),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,142); |
143 | return 0; |
144 | } |
145 | |
146 | /* Indefinite length can only be used with constructed encoding. */ |
147 | if (indefinite && !constructed) { |
148 | ASN1error(ASN1_R_BAD_OBJECT_HEADER)ERR_put_error(13,(0xfff),(102),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,148); |
149 | return 0; |
150 | } |
151 | |
152 | if (!indefinite && CBS_len(cbs) < length) { |
153 | ASN1error(ASN1_R_TOO_LONG)ERR_put_error(13,(0xfff),(155),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,153); |
154 | return 0; |
155 | } |
156 | |
157 | if (tag_number > INT_MAX0x7fffffff) { |
158 | ASN1error(ASN1_R_TOO_LONG)ERR_put_error(13,(0xfff),(155),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,158); |
159 | return 0; |
160 | } |
161 | |
162 | if (indefinite) |
163 | length = CBS_len(cbs); |
164 | |
165 | if (out_len != NULL((void *)0)) |
166 | *out_len = length; |
167 | if (out_tag != NULL((void *)0)) |
168 | *out_tag = tag_number; |
169 | if (out_class != NULL((void *)0)) |
170 | *out_class = tag_class << 6; |
171 | if (out_indefinite != NULL((void *)0)) |
172 | *out_indefinite = indefinite; |
173 | if (out_constructed != NULL((void *)0)) |
174 | *out_constructed = constructed; |
175 | |
176 | return 1; |
177 | } |
178 | |
179 | /* Collect the contents from a constructed ASN.1 object. */ |
180 | static int |
181 | asn1_collect(CBB *cbb, CBS *cbs, int indefinite, int expected_tag, |
182 | int expected_class, int depth) |
183 | { |
184 | int constructed; |
185 | size_t length; |
186 | CBS content; |
187 | int need_eoc; |
188 | |
189 | if (depth > ASN1_MAX_STRING_NEST5) { |
190 | ASN1error(ASN1_R_NESTED_ASN1_STRING)ERR_put_error(13,(0xfff),(197),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,190); |
191 | return 0; |
192 | } |
193 | |
194 | need_eoc = indefinite; |
195 | |
196 | while (CBS_len(cbs) > 0) { |
197 | if (asn1_check_eoc(cbs)) { |
198 | if (!need_eoc) { |
199 | ASN1error(ASN1_R_UNEXPECTED_EOC)ERR_put_error(13,(0xfff),(159),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,199); |
200 | return 0; |
201 | } |
202 | return 1; |
203 | } |
204 | if (!asn1_check_tag(cbs, &length, NULL((void *)0), NULL((void *)0), &indefinite, |
205 | &constructed, expected_tag, expected_class, 0)) { |
206 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,206); |
207 | return 0; |
208 | } |
209 | |
210 | if (constructed) { |
211 | if (!asn1_collect(cbb, cbs, indefinite, expected_tag, |
212 | expected_class, depth + 1)) |
213 | return 0; |
214 | continue; |
215 | } |
216 | |
217 | if (!CBS_get_bytes(cbs, &content, length)) { |
218 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,218); |
219 | return 0; |
220 | } |
221 | if (!CBB_add_bytes(cbb, CBS_data(&content), CBS_len(&content))) |
222 | return 0; |
223 | } |
224 | |
225 | if (need_eoc) { |
226 | ASN1error(ASN1_R_MISSING_EOC)ERR_put_error(13,(0xfff),(137),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,226); |
227 | return 0; |
228 | } |
229 | |
230 | return 1; |
231 | } |
232 | |
233 | /* Find the end of an ASN.1 object. */ |
234 | static int |
235 | asn1_find_end(CBS *cbs, size_t length, int indefinite) |
236 | { |
237 | size_t eoc_count; |
238 | |
239 | if (!indefinite) { |
240 | if (!CBS_skip(cbs, length)) { |
241 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,241); |
242 | return 0; |
243 | } |
244 | return 1; |
245 | } |
246 | |
247 | eoc_count = 1; |
248 | |
249 | while (CBS_len(cbs) > 0) { |
250 | if (asn1_check_eoc(cbs)) { |
251 | if (--eoc_count == 0) |
252 | break; |
253 | continue; |
254 | } |
255 | if (!asn1_check_tag(cbs, &length, NULL((void *)0), NULL((void *)0), |
256 | &indefinite, NULL((void *)0), -1, 0, 0)) { |
257 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,257); |
258 | return 0; |
259 | } |
260 | if (indefinite) { |
261 | eoc_count++; |
262 | continue; |
263 | } |
264 | if (!CBS_skip(cbs, length)) |
265 | return 0; |
266 | } |
267 | |
268 | if (eoc_count > 0) { |
269 | ASN1error(ASN1_R_MISSING_EOC)ERR_put_error(13,(0xfff),(137),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,269); |
270 | return 0; |
271 | } |
272 | |
273 | return 1; |
274 | } |
275 | |
276 | static int |
277 | asn1_c2i_primitive(ASN1_VALUE **pval, CBS *content, int utype, const ASN1_ITEM *it) |
278 | { |
279 | ASN1_BOOLEAN *abool; |
280 | ASN1_STRING *astr; |
281 | uint8_t val; |
282 | int ret = 0; |
283 | |
284 | if (it->funcs != NULL((void *)0)) |
285 | goto err; |
286 | |
287 | if (CBS_len(content) > INT_MAX0x7fffffff) |
288 | goto err; |
289 | |
290 | switch (utype) { |
291 | case V_ASN1_OBJECT6: |
292 | if (!c2i_ASN1_OBJECT_cbs((ASN1_OBJECT **)pval, content)) |
293 | goto err; |
294 | break; |
295 | |
296 | case V_ASN1_NULL5: |
297 | if (CBS_len(content) != 0) { |
298 | ASN1error(ASN1_R_NULL_IS_WRONG_LENGTH)ERR_put_error(13,(0xfff),(144),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,298); |
299 | goto err; |
300 | } |
301 | *pval = (ASN1_VALUE *)1; |
302 | break; |
303 | |
304 | case V_ASN1_BOOLEAN1: |
305 | abool = (ASN1_BOOLEAN *)pval; |
306 | if (CBS_len(content) != 1) { |
307 | ASN1error(ASN1_R_BOOLEAN_IS_WRONG_LENGTH)ERR_put_error(13,(0xfff),(106),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,307); |
308 | goto err; |
309 | } |
310 | if (!CBS_get_u8(content, &val)) |
311 | goto err; |
312 | *abool = val; |
313 | break; |
314 | |
315 | case V_ASN1_BIT_STRING3: |
316 | if (!c2i_ASN1_BIT_STRING_cbs((ASN1_BIT_STRING **)pval, content)) |
317 | goto err; |
318 | break; |
319 | |
320 | case V_ASN1_ENUMERATED10: |
321 | if (!c2i_ASN1_ENUMERATED_cbs((ASN1_ENUMERATED **)pval, content)) |
322 | goto err; |
323 | break; |
324 | |
325 | case V_ASN1_INTEGER2: |
326 | if (!c2i_ASN1_INTEGER_cbs((ASN1_INTEGER **)pval, content)) |
327 | goto err; |
328 | break; |
329 | |
330 | case V_ASN1_OCTET_STRING4: |
331 | case V_ASN1_NUMERICSTRING18: |
332 | case V_ASN1_PRINTABLESTRING19: |
333 | case V_ASN1_T61STRING20: |
334 | case V_ASN1_VIDEOTEXSTRING21: |
335 | case V_ASN1_IA5STRING22: |
336 | case V_ASN1_UTCTIME23: |
337 | case V_ASN1_GENERALIZEDTIME24: |
338 | case V_ASN1_GRAPHICSTRING25: |
339 | case V_ASN1_VISIBLESTRING26: |
340 | case V_ASN1_GENERALSTRING27: |
341 | case V_ASN1_UNIVERSALSTRING28: |
342 | case V_ASN1_BMPSTRING30: |
343 | case V_ASN1_UTF8STRING12: |
344 | case V_ASN1_OTHER-3: |
345 | case V_ASN1_SET17: |
346 | case V_ASN1_SEQUENCE16: |
347 | default: |
348 | if (utype == V_ASN1_BMPSTRING30 && (CBS_len(content) & 1)) { |
349 | ASN1error(ASN1_R_BMPSTRING_IS_WRONG_LENGTH)ERR_put_error(13,(0xfff),(214),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,349); |
350 | goto err; |
351 | } |
352 | if (utype == V_ASN1_UNIVERSALSTRING28 && (CBS_len(content) & 3)) { |
353 | ASN1error(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH)ERR_put_error(13,(0xfff),(215),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,353); |
354 | goto err; |
355 | } |
356 | if (utype == V_ASN1_UTCTIME23 || utype == V_ASN1_GENERALIZEDTIME24) { |
357 | if (!asn1_time_parse_cbs(content, |
358 | utype == V_ASN1_GENERALIZEDTIME24, NULL((void *)0))) { |
359 | ASN1error(ASN1_R_INVALID_TIME_FORMAT)ERR_put_error(13,(0xfff),(132),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,359); |
360 | goto err; |
361 | } |
362 | } |
363 | /* All based on ASN1_STRING and handled the same way. */ |
364 | if (*pval != NULL((void *)0)) { |
365 | ASN1_STRING_free((ASN1_STRING *)*pval); |
366 | *pval = NULL((void *)0); |
367 | } |
368 | if ((astr = ASN1_STRING_type_new(utype)) == NULL((void *)0)) { |
369 | ASN1error(ERR_R_MALLOC_FAILURE)ERR_put_error(13,(0xfff),((1|64)),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,369); |
370 | goto err; |
371 | } |
372 | if (!ASN1_STRING_set(astr, CBS_data(content), CBS_len(content))) { |
373 | ASN1_STRING_free(astr); |
374 | goto err; |
375 | } |
376 | *pval = (ASN1_VALUE *)astr; |
377 | break; |
378 | } |
379 | |
380 | ret = 1; |
381 | |
382 | err: |
383 | return ret; |
384 | } |
385 | |
386 | static int |
387 | asn1_c2i_any(ASN1_VALUE **pval, CBS *content, int utype, const ASN1_ITEM *it) |
388 | { |
389 | ASN1_TYPE *atype; |
390 | |
391 | if (it->utype != V_ASN1_ANY-4 || it->funcs != NULL((void *)0)) |
392 | return 0; |
393 | |
394 | if (*pval != NULL((void *)0)) { |
395 | ASN1_TYPE_free((ASN1_TYPE *)*pval); |
396 | *pval = NULL((void *)0); |
397 | } |
398 | |
399 | if ((atype = ASN1_TYPE_new()) == NULL((void *)0)) |
400 | return 0; |
401 | |
402 | if (!asn1_c2i_primitive(&atype->value.asn1_value, content, utype, it)) { |
403 | ASN1_TYPE_free(atype); |
404 | return 0; |
405 | } |
406 | atype->type = utype; |
407 | |
408 | /* Fix up value for ASN.1 NULL. */ |
409 | if (atype->type == V_ASN1_NULL5) |
410 | atype->value.ptr = NULL((void *)0); |
411 | |
412 | *pval = (ASN1_VALUE *)atype; |
413 | |
414 | return 1; |
415 | } |
416 | |
417 | static int |
418 | asn1_c2i(ASN1_VALUE **pval, CBS *content, int utype, const ASN1_ITEM *it) |
419 | { |
420 | if (CBS_len(content) > INT_MAX0x7fffffff) |
421 | return 0; |
422 | |
423 | if (it->funcs != NULL((void *)0)) { |
424 | const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; |
425 | char free_content = 0; |
426 | |
427 | if (pf->prim_c2i == NULL((void *)0)) |
428 | return 0; |
429 | |
430 | return pf->prim_c2i(pval, CBS_data(content), CBS_len(content), |
431 | utype, &free_content, it); |
432 | } |
433 | |
434 | if (it->utype == V_ASN1_ANY-4) |
435 | return asn1_c2i_any(pval, content, utype, it); |
436 | |
437 | return asn1_c2i_primitive(pval, content, utype, it); |
438 | } |
439 | |
440 | /* |
441 | * Decode ASN.1 content into a primitive type. There are three possible forms - |
442 | * a SEQUENCE/SET/OTHER that is stored verbatim (including the ASN.1 tag and |
443 | * length octets), constructed objects and non-constructed objects. In the |
444 | * first two cases indefinite length is permitted, which we may need to handle. |
445 | * When this function is called the *cbs should reference the start of the |
446 | * ASN.1 object (i.e. the tag/length header), while *cbs_object should |
447 | * reference the start of the object contents (i.e. after the tag/length |
448 | * header. Additionally, the *cbs_object offset should be relative to the |
449 | * ASN.1 object being parsed. On success the *cbs will point at the octet |
450 | * after the object. |
451 | */ |
452 | static int |
453 | asn1_d2i_primitive_content(ASN1_VALUE **pval, CBS *cbs, CBS *cbs_object, |
454 | int utype, int constructed, int indefinite, size_t length, |
455 | const ASN1_ITEM *it) |
456 | { |
457 | CBS cbs_content, cbs_initial; |
458 | uint8_t *data = NULL((void *)0); |
459 | size_t data_len = 0; |
460 | CBB cbb; |
461 | int ret = 0; |
462 | |
463 | memset(&cbb, 0, sizeof(cbb)); |
464 | |
465 | CBS_dup(cbs, &cbs_initial); |
466 | CBS_init(&cbs_content, NULL((void *)0), 0); |
467 | |
468 | if (asn1_must_be_constructed(utype) && !constructed) { |
469 | ASN1error(ASN1_R_TYPE_NOT_CONSTRUCTED)ERR_put_error(13,(0xfff),(156),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,469); |
470 | goto err; |
471 | } |
472 | if (asn1_must_be_primitive(utype) && constructed) { |
473 | ASN1error(ASN1_R_TYPE_NOT_PRIMITIVE)ERR_put_error(13,(0xfff),(231),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,473); |
474 | goto err; |
475 | } |
476 | |
477 | /* SEQUENCE, SET and "OTHER" are left in encoded form. */ |
478 | if (utype == V_ASN1_SEQUENCE16 || utype == V_ASN1_SET17 || |
479 | utype == V_ASN1_OTHER-3) { |
480 | if (!asn1_find_end(cbs_object, length, indefinite)) |
481 | goto err; |
482 | if (!CBS_get_bytes(&cbs_initial, &cbs_content, |
483 | CBS_offset(cbs_object))) |
484 | goto err; |
485 | } else if (constructed) { |
486 | /* |
487 | * Should really check the internal tags are correct but |
488 | * some things may get this wrong. The relevant specs |
489 | * say that constructed string types should be OCTET STRINGs |
490 | * internally irrespective of the type. So instead just check |
491 | * for UNIVERSAL class and ignore the tag. |
492 | */ |
493 | if (!CBB_init(&cbb, 0)) |
494 | goto err; |
495 | if (!asn1_collect(&cbb, cbs_object, indefinite, -1, |
496 | V_ASN1_UNIVERSAL0x00, 0)) |
497 | goto err; |
498 | if (!CBB_finish(&cbb, &data, &data_len)) |
499 | goto err; |
500 | |
501 | CBS_init(&cbs_content, data, data_len); |
502 | } else { |
503 | if (!CBS_get_bytes(cbs_object, &cbs_content, length)) |
504 | goto err; |
505 | } |
506 | |
507 | if (!asn1_c2i(pval, &cbs_content, utype, it)) |
508 | goto err; |
509 | |
510 | if (!CBS_skip(cbs, CBS_offset(cbs_object))) |
511 | goto err; |
512 | |
513 | ret = 1; |
514 | |
515 | err: |
516 | CBB_cleanup(&cbb); |
517 | freezero(data, data_len); |
518 | |
519 | return ret; |
520 | } |
521 | |
522 | static int |
523 | asn1_d2i_any(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
524 | int tag_number, int tag_class, int optional) |
525 | { |
526 | int constructed, indefinite; |
527 | uint8_t object_class; |
528 | int object_type; |
529 | CBS cbs_object; |
530 | size_t length; |
531 | |
532 | CBS_init(&cbs_object, CBS_data(cbs), CBS_len(cbs)); |
533 | |
534 | if (it->utype != V_ASN1_ANY-4) |
535 | return 0; |
536 | |
537 | if (tag_number >= 0) { |
538 | ASN1error(ASN1_R_ILLEGAL_TAGGED_ANY)ERR_put_error(13,(0xfff),(127),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,538); |
539 | return 0; |
540 | } |
541 | if (optional) { |
542 | ASN1error(ASN1_R_ILLEGAL_OPTIONAL_ANY)ERR_put_error(13,(0xfff),(126),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,542); |
543 | return 0; |
544 | } |
545 | |
546 | /* Determine type from ASN.1 tag. */ |
547 | if (asn1_check_tag(&cbs_object, &length, &object_type, &object_class, |
548 | &indefinite, &constructed, -1, 0, 0) != 1) { |
549 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,549); |
550 | return 0; |
551 | } |
552 | if (object_class != V_ASN1_UNIVERSAL0x00) |
553 | object_type = V_ASN1_OTHER-3; |
554 | |
555 | return asn1_d2i_primitive_content(pval, cbs, &cbs_object, object_type, |
556 | constructed, indefinite, length, it); |
557 | } |
558 | |
559 | static int |
560 | asn1_d2i_mstring(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
561 | int tag_number, int tag_class, int optional) |
562 | { |
563 | int constructed, indefinite; |
564 | uint8_t object_class; |
565 | int object_tag; |
566 | CBS cbs_object; |
567 | size_t length; |
568 | |
569 | CBS_init(&cbs_object, CBS_data(cbs), CBS_len(cbs)); |
570 | |
571 | /* |
572 | * It never makes sense for multi-strings to have implicit tagging, so |
573 | * if tag_number != -1, then this looks like an error in the template. |
574 | */ |
575 | if (tag_number != -1) { |
576 | ASN1error(ASN1_R_BAD_TEMPLATE)ERR_put_error(13,(0xfff),(230),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,576); |
577 | return 0; |
578 | } |
579 | |
580 | if (asn1_check_tag(&cbs_object, &length, &object_tag, &object_class, |
581 | &indefinite, &constructed, -1, 0, 1) != 1) { |
582 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,582); |
583 | return 0; |
584 | } |
585 | |
586 | /* Class must be UNIVERSAL. */ |
587 | if (object_class != V_ASN1_UNIVERSAL0x00) { |
588 | if (optional) |
589 | return -1; |
590 | ASN1error(ASN1_R_MSTRING_NOT_UNIVERSAL)ERR_put_error(13,(0xfff),(139),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,590); |
591 | return 0; |
592 | } |
593 | /* Check tag matches bit map. */ |
594 | if ((ASN1_tag2bit(object_tag) & it->utype) == 0) { |
595 | if (optional) |
596 | return -1; |
597 | ASN1error(ASN1_R_MSTRING_WRONG_TAG)ERR_put_error(13,(0xfff),(140),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,597); |
598 | return 0; |
599 | } |
600 | |
601 | return asn1_d2i_primitive_content(pval, cbs, &cbs_object, |
602 | object_tag, constructed, indefinite, length, it); |
603 | } |
604 | |
605 | static int |
606 | asn1_d2i_primitive(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
607 | int tag_number, int tag_class, int optional) |
608 | { |
609 | CBS cbs_object; |
610 | int constructed, indefinite; |
611 | int utype = it->utype; |
612 | size_t length; |
613 | int ret; |
614 | |
615 | CBS_init(&cbs_object, CBS_data(cbs), CBS_len(cbs)); |
616 | |
617 | if (it->itype == ASN1_ITYPE_MSTRING0x5) |
618 | return 0; |
619 | |
620 | if (it->utype == V_ASN1_ANY-4) |
621 | return asn1_d2i_any(pval, cbs, it, tag_number, tag_class, optional); |
622 | |
623 | if (tag_number == -1) { |
624 | tag_number = it->utype; |
625 | tag_class = V_ASN1_UNIVERSAL0x00; |
626 | } |
627 | |
628 | ret = asn1_check_tag(&cbs_object, &length, NULL((void *)0), NULL((void *)0), &indefinite, |
629 | &constructed, tag_number, tag_class, optional); |
630 | if (ret == -1) |
631 | return -1; |
632 | if (ret != 1) { |
633 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,633); |
634 | return 0; |
635 | } |
636 | |
637 | return asn1_d2i_primitive_content(pval, cbs, &cbs_object, utype, |
638 | constructed, indefinite, length, it); |
639 | } |
640 | |
641 | static int |
642 | asn1_item_d2i_choice(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
643 | int tag_number, int tag_class, int optional, int depth) |
644 | { |
645 | const ASN1_TEMPLATE *at, *errat = NULL((void *)0); |
646 | const ASN1_AUX *aux; |
647 | ASN1_aux_cb *asn1_cb = NULL((void *)0); |
648 | ASN1_VALUE *achoice = NULL((void *)0); |
649 | ASN1_VALUE **pchptr; |
650 | int i, ret; |
651 | |
652 | if ((aux = it->funcs) != NULL((void *)0)) |
653 | asn1_cb = aux->asn1_cb; |
654 | |
655 | if (it->itype != ASN1_ITYPE_CHOICE0x2) |
656 | goto err; |
657 | |
658 | /* |
659 | * It never makes sense for CHOICE types to have implicit tagging, so |
660 | * if tag_number != -1, then this looks like an error in the template. |
661 | */ |
662 | if (tag_number != -1) { |
663 | ASN1error(ASN1_R_BAD_TEMPLATE)ERR_put_error(13,(0xfff),(230),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,663); |
664 | goto err; |
665 | } |
666 | |
667 | if (*pval != NULL((void *)0)) { |
668 | ASN1_item_ex_free(pval, it); |
669 | *pval = NULL((void *)0); |
670 | } |
671 | |
672 | if (!ASN1_item_ex_new(&achoice, it)) { |
673 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,673); |
674 | goto err; |
675 | } |
676 | |
677 | if (asn1_cb != NULL((void *)0) && !asn1_cb(ASN1_OP_D2I_PRE4, &achoice, it, NULL((void *)0))) { |
678 | ASN1error(ASN1_R_AUX_ERROR)ERR_put_error(13,(0xfff),(100),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,678); |
679 | goto err; |
680 | } |
681 | |
682 | /* Try each possible CHOICE in turn. */ |
683 | for (i = 0; i < it->tcount; i++) { |
684 | at = &it->templates[i]; |
685 | |
686 | pchptr = asn1_get_field_ptr(&achoice, at); |
687 | |
688 | /* Mark field as OPTIONAL so its absence can be identified. */ |
689 | ret = asn1_template_d2i(pchptr, cbs, at, 1, depth); |
690 | if (ret == -1) |
691 | continue; |
692 | if (ret != 1) { |
693 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,693); |
694 | errat = at; |
695 | goto err; |
696 | } |
697 | |
698 | /* We've successfully decoded an ASN.1 object. */ |
699 | asn1_set_choice_selector(&achoice, i, it); |
700 | break; |
701 | } |
702 | |
703 | /* Did we fall off the end without reading anything? */ |
704 | if (i == it->tcount) { |
705 | if (optional) { |
706 | ASN1_item_ex_free(&achoice, it); |
707 | return -1; |
708 | } |
709 | ASN1error(ASN1_R_NO_MATCHING_CHOICE_TYPE)ERR_put_error(13,(0xfff),(143),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,709); |
710 | goto err; |
711 | } |
712 | |
713 | if (asn1_cb != NULL((void *)0) && !asn1_cb(ASN1_OP_D2I_POST5, &achoice, it, NULL((void *)0))) { |
714 | ASN1error(ASN1_R_AUX_ERROR)ERR_put_error(13,(0xfff),(100),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,714); |
715 | goto err; |
716 | } |
717 | |
718 | *pval = achoice; |
719 | achoice = NULL((void *)0); |
720 | |
721 | return 1; |
722 | |
723 | err: |
724 | ASN1_item_ex_free(&achoice, it); |
725 | |
726 | if (errat != NULL((void *)0)) |
727 | ERR_asprintf_error_data("Field=%s, Type=%s", errat->field_name, |
728 | it->sname); |
729 | else |
730 | ERR_asprintf_error_data("Type=%s", it->sname); |
731 | |
732 | return 0; |
733 | } |
734 | |
735 | static int |
736 | asn1_item_d2i_sequence(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
737 | int tag_number, int tag_class, int optional, int depth) |
738 | { |
739 | CBS cbs_seq, cbs_seq_content, cbs_object; |
740 | int constructed, indefinite, optional_field; |
741 | const ASN1_TEMPLATE *errat = NULL((void *)0); |
742 | const ASN1_TEMPLATE *seqat, *at; |
743 | ASN1_aux_cb *asn1_cb = NULL((void *)0); |
744 | const ASN1_AUX *aux; |
745 | ASN1_VALUE *aseq = NULL((void *)0); |
746 | ASN1_VALUE **pseqval; |
747 | int eoc_needed, i; |
748 | size_t length; |
749 | int ret = 0; |
750 | |
751 | CBS_init(&cbs_seq, CBS_data(cbs), CBS_len(cbs)); |
752 | |
753 | if ((aux = it->funcs) != NULL((void *)0)) |
754 | asn1_cb = aux->asn1_cb; |
755 | |
756 | if (it->itype != ASN1_ITYPE_NDEF_SEQUENCE0x6 && |
757 | it->itype != ASN1_ITYPE_SEQUENCE0x1) |
758 | goto err; |
759 | |
760 | if (*pval != NULL((void *)0)) { |
761 | ASN1_item_ex_free(pval, it); |
762 | *pval = NULL((void *)0); |
763 | } |
764 | |
765 | /* If no IMPLICIT tagging use UNIVERSAL/SEQUENCE. */ |
766 | if (tag_number == -1) { |
767 | tag_class = V_ASN1_UNIVERSAL0x00; |
768 | tag_number = V_ASN1_SEQUENCE16; |
769 | } |
770 | |
771 | /* Read ASN.1 SEQUENCE header. */ |
772 | ret = asn1_check_tag(&cbs_seq, &length, NULL((void *)0), NULL((void *)0), &indefinite, |
773 | &constructed, tag_number, tag_class, optional); |
774 | if (ret == -1) |
775 | return -1; |
776 | if (ret != 1) { |
777 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,777); |
778 | goto err; |
779 | } |
780 | |
781 | if (!constructed) { |
782 | ASN1error(ASN1_R_SEQUENCE_NOT_CONSTRUCTED)ERR_put_error(13,(0xfff),(149),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,782); |
783 | goto err; |
784 | } |
785 | |
786 | if (indefinite) { |
787 | eoc_needed = 1; |
788 | CBS_init(&cbs_seq_content, CBS_data(&cbs_seq), CBS_len(&cbs_seq)); |
789 | } else { |
790 | eoc_needed = 0; |
791 | if (!CBS_get_bytes(&cbs_seq, &cbs_seq_content, length)) |
792 | goto err; |
793 | } |
794 | |
795 | if (!ASN1_item_ex_new(&aseq, it)) { |
796 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,796); |
797 | goto err; |
798 | } |
799 | |
800 | if (asn1_cb != NULL((void *)0) && !asn1_cb(ASN1_OP_D2I_PRE4, &aseq, it, NULL((void *)0))) { |
801 | ASN1error(ASN1_R_AUX_ERROR)ERR_put_error(13,(0xfff),(100),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,801); |
802 | goto err; |
803 | } |
804 | |
805 | for (i = 0; i < it->tcount; i++) { |
806 | at = &it->templates[i]; |
807 | |
808 | if (asn1_check_eoc(&cbs_seq_content)) { |
809 | if (!indefinite) { |
810 | ASN1error(ASN1_R_UNEXPECTED_EOC)ERR_put_error(13,(0xfff),(159),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,810); |
811 | goto err; |
812 | } |
813 | eoc_needed = 0; |
814 | break; |
815 | } |
816 | if (CBS_len(&cbs_seq_content) == 0) |
817 | break; |
818 | |
819 | if ((seqat = asn1_do_adb(&aseq, at, 1)) == NULL((void *)0)) |
820 | goto err; |
821 | |
822 | pseqval = asn1_get_field_ptr(&aseq, seqat); |
823 | |
824 | /* |
825 | * This was originally implemented to "increase efficiency", |
826 | * however it currently needs to remain since it papers over |
827 | * the use of ASN.1 ANY with OPTIONAL in SEQUENCEs (which |
828 | * asn1_d2i_primitive() currently rejects). |
829 | */ |
830 | optional_field = (seqat->flags & ASN1_TFLG_OPTIONAL(0x1)) != 0; |
831 | if (i == it->tcount - 1) |
832 | optional_field = 0; |
833 | |
834 | ret = asn1_template_d2i(pseqval, &cbs_seq_content, |
835 | seqat, optional_field, depth); |
836 | if (ret == -1) { |
837 | /* Absent OPTIONAL component. */ |
838 | ASN1_template_free(pseqval, seqat); |
839 | continue; |
840 | } |
841 | if (ret != 1) { |
842 | errat = seqat; |
843 | goto err; |
844 | } |
845 | } |
846 | |
847 | if (eoc_needed && !asn1_check_eoc(&cbs_seq_content)) { |
848 | ASN1error(ASN1_R_MISSING_EOC)ERR_put_error(13,(0xfff),(137),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,848); |
849 | goto err; |
850 | } |
851 | |
852 | if (indefinite) { |
853 | if (!CBS_skip(&cbs_seq, CBS_offset(&cbs_seq_content))) |
854 | goto err; |
855 | } else if (CBS_len(&cbs_seq_content) != 0) { |
856 | ASN1error(ASN1_R_SEQUENCE_LENGTH_MISMATCH)ERR_put_error(13,(0xfff),(148),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,856); |
857 | goto err; |
858 | } |
859 | |
860 | /* |
861 | * There is no more data in the ASN.1 SEQUENCE, however we may not have |
862 | * populated all fields - check that any remaining are OPTIONAL. |
863 | */ |
864 | for (; i < it->tcount; i++) { |
865 | at = &it->templates[i]; |
866 | |
867 | if ((seqat = asn1_do_adb(&aseq, at, 1)) == NULL((void *)0)) |
868 | goto err; |
869 | |
870 | if ((seqat->flags & ASN1_TFLG_OPTIONAL(0x1)) == 0) { |
871 | ASN1error(ASN1_R_FIELD_MISSING)ERR_put_error(13,(0xfff),(121),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,871); |
872 | errat = seqat; |
873 | goto err; |
874 | } |
875 | |
876 | /* XXX - this is probably unnecessary with earlier free. */ |
877 | pseqval = asn1_get_field_ptr(&aseq, seqat); |
878 | ASN1_template_free(pseqval, seqat); |
879 | } |
880 | |
881 | if (!CBS_get_bytes(cbs, &cbs_object, CBS_offset(&cbs_seq))) |
882 | goto err; |
883 | |
884 | if (!asn1_enc_save(&aseq, &cbs_object, it)) { |
885 | ASN1error(ERR_R_MALLOC_FAILURE)ERR_put_error(13,(0xfff),((1|64)),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,885); |
886 | goto err; |
887 | } |
888 | |
889 | if (asn1_cb != NULL((void *)0) && !asn1_cb(ASN1_OP_D2I_POST5, &aseq, it, NULL((void *)0))) { |
890 | ASN1error(ASN1_R_AUX_ERROR)ERR_put_error(13,(0xfff),(100),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,890); |
891 | goto err; |
892 | } |
893 | |
894 | *pval = aseq; |
895 | aseq = NULL((void *)0); |
896 | |
897 | return 1; |
898 | |
899 | err: |
900 | ASN1_item_ex_free(&aseq, it); |
901 | |
902 | if (errat != NULL((void *)0)) |
903 | ERR_asprintf_error_data("Field=%s, Type=%s", errat->field_name, |
904 | it->sname); |
905 | else |
906 | ERR_asprintf_error_data("Type=%s", it->sname); |
907 | |
908 | return 0; |
909 | } |
910 | |
911 | static int |
912 | asn1_item_d2i_extern(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
913 | int tag_number, int tag_class, int optional) |
914 | { |
915 | const ASN1_EXTERN_FUNCS *ef = it->funcs; |
916 | const unsigned char *p = NULL((void *)0); |
917 | ASN1_TLC ctx = { 0 }; |
918 | int ret = 0; |
919 | |
920 | if (CBS_len(cbs) > LONG_MAX0x7fffffffffffffffL) |
921 | return 0; |
922 | |
923 | p = CBS_data(cbs); |
924 | |
925 | if ((ret = ef->asn1_ex_d2i(pval, &p, (long)CBS_len(cbs), it, |
926 | tag_number, tag_class, optional, &ctx)) == 1) { |
927 | if (!CBS_skip(cbs, p - CBS_data(cbs))) |
928 | goto err; |
929 | } |
930 | return ret; |
931 | |
932 | err: |
933 | ASN1_item_ex_free(pval, it); |
934 | |
935 | ERR_asprintf_error_data("Type=%s", it->sname); |
936 | |
937 | return 0; |
938 | } |
939 | |
940 | static int |
941 | asn1_item_d2i(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, |
942 | int tag_number, int tag_class, int optional, int depth) |
943 | { |
944 | if (pval == NULL((void *)0)) |
945 | return 0; |
946 | |
947 | if (++depth > ASN1_MAX_CONSTRUCTED_NEST30) { |
948 | ASN1error(ASN1_R_NESTED_TOO_DEEP)ERR_put_error(13,(0xfff),(219),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,948); |
949 | goto err; |
950 | } |
951 | |
952 | switch (it->itype) { |
953 | case ASN1_ITYPE_PRIMITIVE0x0: |
954 | if (it->templates != NULL((void *)0)) { |
955 | /* |
956 | * Tagging or OPTIONAL is currently illegal on an item |
957 | * template because the flags can't get passed down. |
958 | * In practice this isn't a problem: we include the |
959 | * relevant flags from the item template in the |
960 | * template itself. |
961 | */ |
962 | if (tag_number != -1 || optional) { |
963 | ASN1error(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE)ERR_put_error(13,(0xfff),(170),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,963); |
964 | goto err; |
965 | } |
966 | return asn1_template_d2i(pval, cbs, it->templates, |
967 | optional, depth); |
968 | } |
969 | return asn1_d2i_primitive(pval, cbs, it, tag_number, tag_class, |
970 | optional); |
971 | |
972 | case ASN1_ITYPE_MSTRING0x5: |
973 | return asn1_d2i_mstring(pval, cbs, it, tag_number, tag_class, |
974 | optional); |
975 | |
976 | case ASN1_ITYPE_EXTERN0x4: |
977 | return asn1_item_d2i_extern(pval, cbs, it, tag_number, |
978 | tag_class, optional); |
979 | |
980 | case ASN1_ITYPE_CHOICE0x2: |
981 | return asn1_item_d2i_choice(pval, cbs, it, tag_number, |
982 | tag_class, optional, depth); |
983 | |
984 | case ASN1_ITYPE_NDEF_SEQUENCE0x6: |
985 | case ASN1_ITYPE_SEQUENCE0x1: |
986 | return asn1_item_d2i_sequence(pval, cbs, it, tag_number, |
987 | tag_class, optional, depth); |
988 | |
989 | default: |
990 | return 0; |
991 | } |
992 | |
993 | err: |
994 | ASN1_item_ex_free(pval, it); |
995 | |
996 | ERR_asprintf_error_data("Type=%s", it->sname); |
997 | |
998 | return 0; |
999 | } |
1000 | |
1001 | static void |
1002 | asn1_template_stack_of_free(STACK_OF(ASN1_VALUE)struct stack_st_ASN1_VALUE *avals, |
1003 | const ASN1_TEMPLATE *at) |
1004 | { |
1005 | ASN1_VALUE *aval; |
1006 | |
1007 | if (avals == NULL((void *)0)) |
1008 | return; |
1009 | |
1010 | while (sk_ASN1_VALUE_num(avals)sk_num(((_STACK*) (1 ? (avals) : (struct stack_st_ASN1_VALUE* )0))) > 0) { |
1011 | aval = sk_ASN1_VALUE_pop(avals)(ASN1_VALUE *)sk_pop(((_STACK*) (1 ? (avals) : (struct stack_st_ASN1_VALUE *)0))); |
1012 | ASN1_item_ex_free(&aval, at->item); |
1013 | } |
1014 | sk_ASN1_VALUE_free(avals)sk_free(((_STACK*) (1 ? (avals) : (struct stack_st_ASN1_VALUE *)0))); |
1015 | } |
1016 | |
1017 | static int |
1018 | asn1_template_stack_of_d2i(ASN1_VALUE **pval, CBS *cbs, const ASN1_TEMPLATE *at, |
1019 | int optional, int depth) |
1020 | { |
1021 | CBS cbs_object, cbs_object_content; |
1022 | STACK_OF(ASN1_VALUE)struct stack_st_ASN1_VALUE *avals = NULL((void *)0); |
1023 | ASN1_VALUE *aval = NULL((void *)0); |
1024 | int tag_number, tag_class; |
1025 | int eoc_needed; |
1026 | int indefinite; |
1027 | size_t length; |
1028 | int ret; |
1029 | |
1030 | CBS_init(&cbs_object, CBS_data(cbs), CBS_len(cbs)); |
1031 | |
1032 | if (pval == NULL((void *)0)) |
1033 | return 0; |
1034 | |
1035 | asn1_template_stack_of_free((STACK_OF(ASN1_VALUE)struct stack_st_ASN1_VALUE *)*pval, at); |
1036 | *pval = NULL((void *)0); |
1037 | |
1038 | tag_number = at->tag; |
1039 | tag_class = at->flags & ASN1_TFLG_TAG_CLASS(0x3<<6); |
1040 | |
1041 | /* Determine the inner tag value for SET OF or SEQUENCE OF. */ |
1042 | if ((at->flags & ASN1_TFLG_IMPTAG(0x1 << 3)) == 0) { |
1043 | tag_number = V_ASN1_SEQUENCE16; |
1044 | tag_class = V_ASN1_UNIVERSAL0x00; |
1045 | if ((at->flags & ASN1_TFLG_SET_OF(0x1 << 1)) != 0) |
1046 | tag_number = V_ASN1_SET17; |
1047 | } |
1048 | |
1049 | ret = asn1_check_tag(&cbs_object, &length, NULL((void *)0), NULL((void *)0), &indefinite, |
1050 | NULL((void *)0), tag_number, tag_class, optional); |
1051 | if (ret == -1) |
1052 | return -1; |
1053 | if (ret != 1) { |
1054 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,1054); |
1055 | return 0; |
1056 | } |
1057 | |
1058 | if (indefinite) { |
1059 | eoc_needed = 1; |
1060 | CBS_init(&cbs_object_content, CBS_data(&cbs_object), |
1061 | CBS_len(&cbs_object)); |
1062 | } else { |
1063 | eoc_needed = 0; |
1064 | if (!CBS_get_bytes(&cbs_object, &cbs_object_content, |
1065 | length)) |
1066 | goto err; |
1067 | } |
1068 | |
1069 | if ((avals = sk_ASN1_VALUE_new_null()((struct stack_st_ASN1_VALUE *)sk_new_null())) == NULL((void *)0)) { |
1070 | ASN1error(ERR_R_MALLOC_FAILURE)ERR_put_error(13,(0xfff),((1|64)),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,1070); |
1071 | goto err; |
1072 | } |
1073 | |
1074 | /* Read as many items as possible. */ |
1075 | while (CBS_len(&cbs_object_content) > 0) { |
1076 | if (asn1_check_eoc(&cbs_object_content)) { |
1077 | if (!eoc_needed) { |
1078 | ASN1error(ASN1_R_UNEXPECTED_EOC)ERR_put_error(13,(0xfff),(159),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,1078); |
1079 | goto err; |
1080 | } |
1081 | eoc_needed = 0; |
1082 | break; |
1083 | } |
1084 | if (!asn1_item_d2i(&aval, &cbs_object_content, at->item, -1, 0, |
1085 | 0, depth)) { |
1086 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,1086); |
1087 | goto err; |
1088 | } |
1089 | if (!sk_ASN1_VALUE_push(avals, aval)sk_push(((_STACK*) (1 ? (avals) : (struct stack_st_ASN1_VALUE *)0)), ((void*) (1 ? (aval) : (ASN1_VALUE*)0)))) { |
1090 | ASN1error(ERR_R_MALLOC_FAILURE)ERR_put_error(13,(0xfff),((1|64)),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,1090); |
1091 | goto err; |
1092 | } |
1093 | aval = NULL((void *)0); |
1094 | } |
1095 | if (eoc_needed) { |
1096 | ASN1error(ASN1_R_MISSING_EOC)ERR_put_error(13,(0xfff),(137),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,1096); |
1097 | goto err; |
1098 | } |
1099 | |
1100 | if (indefinite) { |
1101 | if (!CBS_skip(&cbs_object, CBS_offset(&cbs_object_content))) |
1102 | goto err; |
1103 | } |
1104 | |
1105 | if (!CBS_skip(cbs, CBS_offset(&cbs_object))) |
1106 | goto err; |
1107 | |
1108 | *pval = (ASN1_VALUE *)avals; |
1109 | avals = NULL((void *)0); |
1110 | |
1111 | return 1; |
1112 | |
1113 | err: |
1114 | asn1_template_stack_of_free(avals, at); |
1115 | ASN1_item_ex_free(&aval, at->item); |
1116 | |
1117 | return 0; |
1118 | } |
1119 | |
1120 | static int |
1121 | asn1_template_noexp_d2i(ASN1_VALUE **pval, CBS *cbs, const ASN1_TEMPLATE *at, |
1122 | int optional, int depth) |
1123 | { |
1124 | int tag_number, tag_class; |
1125 | int ret; |
1126 | |
1127 | if (pval == NULL((void *)0)) |
1128 | return 0; |
1129 | |
1130 | if ((at->flags & ASN1_TFLG_SK_MASK(0x3 << 1)) != 0) |
1131 | return asn1_template_stack_of_d2i(pval, cbs, at, optional, depth); |
1132 | |
1133 | tag_number = -1; |
1134 | tag_class = V_ASN1_UNIVERSAL0x00; |
1135 | |
1136 | /* See if we need to use IMPLICIT tagging. */ |
1137 | if ((at->flags & ASN1_TFLG_IMPTAG(0x1 << 3)) != 0) { |
1138 | tag_number = at->tag; |
1139 | tag_class = at->flags & ASN1_TFLG_TAG_CLASS(0x3<<6); |
1140 | } |
1141 | |
1142 | ret = asn1_item_d2i(pval, cbs, at->item, tag_number, tag_class, |
1143 | optional, depth); |
1144 | if (ret == -1) |
1145 | return -1; |
1146 | if (ret != 1) { |
1147 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,1147); |
1148 | goto err; |
1149 | } |
1150 | |
1151 | return 1; |
1152 | |
1153 | err: |
1154 | /* XXX - The called function should have freed already. */ |
1155 | ASN1_template_free(pval, at); |
1156 | return 0; |
1157 | } |
1158 | |
1159 | static int |
1160 | asn1_template_d2i(ASN1_VALUE **pval, CBS *cbs, const ASN1_TEMPLATE *at, |
1161 | int optional, int depth) |
1162 | { |
1163 | CBS cbs_exp, cbs_exp_content; |
1164 | int constructed, indefinite; |
1165 | size_t length; |
1166 | int ret; |
1167 | |
1168 | if (pval == NULL((void *)0)) |
1169 | return 0; |
1170 | |
1171 | /* Check if EXPLICIT tag is expected. */ |
1172 | if ((at->flags & ASN1_TFLG_EXPTAG(0x2 << 3)) == 0) |
1173 | return asn1_template_noexp_d2i(pval, cbs, at, optional, depth); |
1174 | |
1175 | CBS_init(&cbs_exp, CBS_data(cbs), CBS_len(cbs)); |
1176 | |
1177 | /* Read ASN.1 header for EXPLICIT tagged object. */ |
1178 | ret = asn1_check_tag(&cbs_exp, &length, NULL((void *)0), NULL((void *)0), &indefinite, |
1179 | &constructed, at->tag, at->flags & ASN1_TFLG_TAG_CLASS(0x3<<6), optional); |
1180 | if (ret == -1) |
1181 | return -1; |
1182 | if (ret != 1) { |
1183 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,1183); |
1184 | return 0; |
1185 | } |
1186 | |
1187 | if (!constructed) { |
1188 | ASN1error(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED)ERR_put_error(13,(0xfff),(120),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,1188); |
1189 | return 0; |
1190 | } |
1191 | |
1192 | if (indefinite) { |
1193 | CBS_init(&cbs_exp_content, CBS_data(&cbs_exp), CBS_len(&cbs_exp)); |
1194 | } else { |
1195 | if (!CBS_get_bytes(&cbs_exp, &cbs_exp_content, length)) |
1196 | goto err; |
1197 | } |
1198 | |
1199 | if ((ret = asn1_template_noexp_d2i(pval, &cbs_exp_content, at, 0, |
Although the value stored to 'ret' is used in the enclosing expression, the value is never actually read from 'ret' | |
1200 | depth)) != 1) { |
1201 | ASN1error(ERR_R_NESTED_ASN1_ERROR)ERR_put_error(13,(0xfff),(58),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,1201); |
1202 | return 0; |
1203 | } |
1204 | |
1205 | if (indefinite) { |
1206 | if (!asn1_check_eoc(&cbs_exp_content)) { |
1207 | ASN1error(ASN1_R_MISSING_EOC)ERR_put_error(13,(0xfff),(137),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,1207); |
1208 | goto err; |
1209 | } |
1210 | if (!CBS_skip(&cbs_exp, CBS_offset(&cbs_exp_content))) |
1211 | goto err; |
1212 | } else if (CBS_len(&cbs_exp_content) != 0) { |
1213 | ASN1error(ASN1_R_SEQUENCE_LENGTH_MISMATCH)ERR_put_error(13,(0xfff),(148),"/usr/src/lib/libcrypto/asn1/tasn_dec.c" ,1213); |
1214 | goto err; |
1215 | } |
1216 | |
1217 | if (!CBS_skip(cbs, CBS_offset(&cbs_exp))) |
1218 | goto err; |
1219 | |
1220 | return 1; |
1221 | |
1222 | err: |
1223 | ASN1_template_free(pval, at); |
1224 | return 0; |
1225 | } |
1226 | |
1227 | ASN1_VALUE * |
1228 | ASN1_item_d2i(ASN1_VALUE **pval, const unsigned char **in, long inlen, |
1229 | const ASN1_ITEM *it) |
1230 | { |
1231 | ASN1_VALUE *ptmpval = NULL((void *)0); |
1232 | |
1233 | if (pval == NULL((void *)0)) |
1234 | pval = &ptmpval; |
1235 | if (ASN1_item_ex_d2i(pval, in, inlen, it, -1, 0, 0, NULL((void *)0)) <= 0) |
1236 | return NULL((void *)0); |
1237 | |
1238 | return *pval; |
1239 | } |
1240 | LCRYPTO_ALIAS(ASN1_item_d2i)asm(""); |
1241 | |
1242 | int |
1243 | ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long inlen, |
1244 | const ASN1_ITEM *it, int tag_number, int tag_class, char optional, |
1245 | ASN1_TLC *ctx) |
1246 | { |
1247 | CBS cbs; |
1248 | int ret; |
1249 | |
1250 | if (inlen < 0) |
1251 | return 0; |
1252 | |
1253 | CBS_init(&cbs, *in, inlen); |
1254 | if ((ret = asn1_item_d2i(pval, &cbs, it, tag_number, tag_class, |
1255 | (int)optional, 0)) == 1) |
1256 | *in = CBS_data(&cbs); |
1257 | |
1258 | return ret; |
1259 | } |
1260 | LCRYPTO_ALIAS(ASN1_item_ex_d2i)asm(""); |