asn1write.c 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480
  1. /*
  2. * ASN.1 buffer writing functionality
  3. *
  4. * Copyright The Mbed TLS Contributors
  5. * SPDX-License-Identifier: Apache-2.0
  6. *
  7. * Licensed under the Apache License, Version 2.0 (the "License"); you may
  8. * not use this file except in compliance with the License.
  9. * You may obtain a copy of the License at
  10. *
  11. * http://www.apache.org/licenses/LICENSE-2.0
  12. *
  13. * Unless required by applicable law or agreed to in writing, software
  14. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  15. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16. * See the License for the specific language governing permissions and
  17. * limitations under the License.
  18. */
  19. #include "common.h"
  20. #if defined(MBEDTLS_ASN1_WRITE_C)
  21. #include "mbedtls/asn1write.h"
  22. #include "mbedtls/error.h"
  23. #include <string.h>
  24. #if defined(MBEDTLS_PLATFORM_C)
  25. #include "mbedtls/platform.h"
  26. #else
  27. #include <stdlib.h>
  28. #define mbedtls_calloc calloc
  29. #define mbedtls_free free
  30. #endif
  31. int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
  32. {
  33. if( len < 0x80 )
  34. {
  35. if( *p - start < 1 )
  36. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  37. *--(*p) = (unsigned char) len;
  38. return( 1 );
  39. }
  40. if( len <= 0xFF )
  41. {
  42. if( *p - start < 2 )
  43. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  44. *--(*p) = (unsigned char) len;
  45. *--(*p) = 0x81;
  46. return( 2 );
  47. }
  48. if( len <= 0xFFFF )
  49. {
  50. if( *p - start < 3 )
  51. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  52. *--(*p) = MBEDTLS_BYTE_0( len );
  53. *--(*p) = MBEDTLS_BYTE_1( len );
  54. *--(*p) = 0x82;
  55. return( 3 );
  56. }
  57. if( len <= 0xFFFFFF )
  58. {
  59. if( *p - start < 4 )
  60. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  61. *--(*p) = MBEDTLS_BYTE_0( len );
  62. *--(*p) = MBEDTLS_BYTE_1( len );
  63. *--(*p) = MBEDTLS_BYTE_2( len );
  64. *--(*p) = 0x83;
  65. return( 4 );
  66. }
  67. #if SIZE_MAX > 0xFFFFFFFF
  68. if( len <= 0xFFFFFFFF )
  69. #endif
  70. {
  71. if( *p - start < 5 )
  72. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  73. *--(*p) = MBEDTLS_BYTE_0( len );
  74. *--(*p) = MBEDTLS_BYTE_1( len );
  75. *--(*p) = MBEDTLS_BYTE_2( len );
  76. *--(*p) = MBEDTLS_BYTE_3( len );
  77. *--(*p) = 0x84;
  78. return( 5 );
  79. }
  80. #if SIZE_MAX > 0xFFFFFFFF
  81. return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
  82. #endif
  83. }
  84. int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )
  85. {
  86. if( *p - start < 1 )
  87. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  88. *--(*p) = tag;
  89. return( 1 );
  90. }
  91. int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
  92. const unsigned char *buf, size_t size )
  93. {
  94. size_t len = 0;
  95. if( *p < start || (size_t)( *p - start ) < size )
  96. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  97. len = size;
  98. (*p) -= len;
  99. memcpy( *p, buf, len );
  100. return( (int) len );
  101. }
  102. #if defined(MBEDTLS_BIGNUM_C)
  103. int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X )
  104. {
  105. int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
  106. size_t len = 0;
  107. // Write the MPI
  108. //
  109. len = mbedtls_mpi_size( X );
  110. if( *p < start || (size_t)( *p - start ) < len )
  111. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  112. (*p) -= len;
  113. MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, *p, len ) );
  114. // DER format assumes 2s complement for numbers, so the leftmost bit
  115. // should be 0 for positive numbers and 1 for negative numbers.
  116. //
  117. if( X->s ==1 && **p & 0x80 )
  118. {
  119. if( *p - start < 1 )
  120. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  121. *--(*p) = 0x00;
  122. len += 1;
  123. }
  124. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
  125. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) );
  126. ret = (int) len;
  127. cleanup:
  128. return( ret );
  129. }
  130. #endif /* MBEDTLS_BIGNUM_C */
  131. int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start )
  132. {
  133. int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
  134. size_t len = 0;
  135. // Write NULL
  136. //
  137. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, 0) );
  138. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_NULL ) );
  139. return( (int) len );
  140. }
  141. int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
  142. const char *oid, size_t oid_len )
  143. {
  144. int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
  145. size_t len = 0;
  146. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
  147. (const unsigned char *) oid, oid_len ) );
  148. MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_len( p, start, len ) );
  149. MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) );
  150. return( (int) len );
  151. }
  152. int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
  153. const char *oid, size_t oid_len,
  154. size_t par_len )
  155. {
  156. int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
  157. size_t len = 0;
  158. if( par_len == 0 )
  159. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) );
  160. else
  161. len += par_len;
  162. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
  163. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
  164. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
  165. MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
  166. return( (int) len );
  167. }
  168. int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean )
  169. {
  170. int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
  171. size_t len = 0;
  172. if( *p - start < 1 )
  173. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  174. *--(*p) = (boolean) ? 255 : 0;
  175. len++;
  176. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
  177. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BOOLEAN ) );
  178. return( (int) len );
  179. }
  180. static int asn1_write_tagged_int( unsigned char **p, unsigned char *start, int val, int tag )
  181. {
  182. int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
  183. size_t len = 0;
  184. do
  185. {
  186. if( *p - start < 1 )
  187. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  188. len += 1;
  189. *--(*p) = val & 0xff;
  190. val >>= 8;
  191. }
  192. while( val > 0 );
  193. if( **p & 0x80 )
  194. {
  195. if( *p - start < 1 )
  196. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  197. *--(*p) = 0x00;
  198. len += 1;
  199. }
  200. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
  201. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) );
  202. return( (int) len );
  203. }
  204. int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
  205. {
  206. return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_INTEGER ) );
  207. }
  208. int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val )
  209. {
  210. return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_ENUMERATED ) );
  211. }
  212. int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, int tag,
  213. const char *text, size_t text_len )
  214. {
  215. int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
  216. size_t len = 0;
  217. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
  218. (const unsigned char *) text, text_len ) );
  219. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
  220. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) );
  221. return( (int) len );
  222. }
  223. int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start,
  224. const char *text, size_t text_len )
  225. {
  226. return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len) );
  227. }
  228. int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start,
  229. const char *text, size_t text_len )
  230. {
  231. return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text, text_len) );
  232. }
  233. int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
  234. const char *text, size_t text_len )
  235. {
  236. return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len) );
  237. }
  238. int mbedtls_asn1_write_named_bitstring( unsigned char **p,
  239. unsigned char *start,
  240. const unsigned char *buf,
  241. size_t bits )
  242. {
  243. size_t unused_bits, byte_len;
  244. const unsigned char *cur_byte;
  245. unsigned char cur_byte_shifted;
  246. unsigned char bit;
  247. byte_len = ( bits + 7 ) / 8;
  248. unused_bits = ( byte_len * 8 ) - bits;
  249. /*
  250. * Named bitstrings require that trailing 0s are excluded in the encoding
  251. * of the bitstring. Trailing 0s are considered part of the 'unused' bits
  252. * when encoding this value in the first content octet
  253. */
  254. if( bits != 0 )
  255. {
  256. cur_byte = buf + byte_len - 1;
  257. cur_byte_shifted = *cur_byte >> unused_bits;
  258. for( ; ; )
  259. {
  260. bit = cur_byte_shifted & 0x1;
  261. cur_byte_shifted >>= 1;
  262. if( bit != 0 )
  263. break;
  264. bits--;
  265. if( bits == 0 )
  266. break;
  267. if( bits % 8 == 0 )
  268. cur_byte_shifted = *--cur_byte;
  269. }
  270. }
  271. return( mbedtls_asn1_write_bitstring( p, start, buf, bits ) );
  272. }
  273. int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
  274. const unsigned char *buf, size_t bits )
  275. {
  276. int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
  277. size_t len = 0;
  278. size_t unused_bits, byte_len;
  279. byte_len = ( bits + 7 ) / 8;
  280. unused_bits = ( byte_len * 8 ) - bits;
  281. if( *p < start || (size_t)( *p - start ) < byte_len + 1 )
  282. return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
  283. len = byte_len + 1;
  284. /* Write the bitstring. Ensure the unused bits are zeroed */
  285. if( byte_len > 0 )
  286. {
  287. byte_len--;
  288. *--( *p ) = buf[byte_len] & ~( ( 0x1 << unused_bits ) - 1 );
  289. ( *p ) -= byte_len;
  290. memcpy( *p, buf, byte_len );
  291. }
  292. /* Write unused bits */
  293. *--( *p ) = (unsigned char)unused_bits;
  294. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
  295. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
  296. return( (int) len );
  297. }
  298. int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
  299. const unsigned char *buf, size_t size )
  300. {
  301. int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
  302. size_t len = 0;
  303. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) );
  304. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
  305. MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) );
  306. return( (int) len );
  307. }
  308. /* This is a copy of the ASN.1 parsing function mbedtls_asn1_find_named_data(),
  309. * which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */
  310. static mbedtls_asn1_named_data *asn1_find_named_data(
  311. mbedtls_asn1_named_data *list,
  312. const char *oid, size_t len )
  313. {
  314. while( list != NULL )
  315. {
  316. if( list->oid.len == len &&
  317. memcmp( list->oid.p, oid, len ) == 0 )
  318. {
  319. break;
  320. }
  321. list = list->next;
  322. }
  323. return( list );
  324. }
  325. mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(
  326. mbedtls_asn1_named_data **head,
  327. const char *oid, size_t oid_len,
  328. const unsigned char *val,
  329. size_t val_len )
  330. {
  331. mbedtls_asn1_named_data *cur;
  332. if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL )
  333. {
  334. // Add new entry if not present yet based on OID
  335. //
  336. cur = (mbedtls_asn1_named_data*)mbedtls_calloc( 1,
  337. sizeof(mbedtls_asn1_named_data) );
  338. if( cur == NULL )
  339. return( NULL );
  340. cur->oid.len = oid_len;
  341. cur->oid.p = mbedtls_calloc( 1, oid_len );
  342. if( cur->oid.p == NULL )
  343. {
  344. mbedtls_free( cur );
  345. return( NULL );
  346. }
  347. memcpy( cur->oid.p, oid, oid_len );
  348. cur->val.len = val_len;
  349. if( val_len != 0 )
  350. {
  351. cur->val.p = mbedtls_calloc( 1, val_len );
  352. if( cur->val.p == NULL )
  353. {
  354. mbedtls_free( cur->oid.p );
  355. mbedtls_free( cur );
  356. return( NULL );
  357. }
  358. }
  359. cur->next = *head;
  360. *head = cur;
  361. }
  362. else if( val_len == 0 )
  363. {
  364. mbedtls_free( cur->val.p );
  365. cur->val.p = NULL;
  366. }
  367. else if( cur->val.len != val_len )
  368. {
  369. /*
  370. * Enlarge existing value buffer if needed
  371. * Preserve old data until the allocation succeeded, to leave list in
  372. * a consistent state in case allocation fails.
  373. */
  374. void *p = mbedtls_calloc( 1, val_len );
  375. if( p == NULL )
  376. return( NULL );
  377. mbedtls_free( cur->val.p );
  378. cur->val.p = p;
  379. cur->val.len = val_len;
  380. }
  381. if( val != NULL )
  382. memcpy( cur->val.p, val, val_len );
  383. return( cur );
  384. }
  385. #endif /* MBEDTLS_ASN1_WRITE_C */