2004-01-27 17:40:42 +01:00
|
|
|
/* tlv.c - Tag-Length-Value Utilities
|
2005-04-27 21:47:53 +02:00
|
|
|
* Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc.
|
2004-01-27 17:40:42 +01:00
|
|
|
*
|
|
|
|
|
* This file is part of GnuPG.
|
|
|
|
|
*
|
|
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
2007-07-04 21:49:40 +02:00
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
2004-01-27 17:40:42 +01:00
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2007-07-04 21:49:40 +02:00
|
|
|
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
2004-01-27 17:40:42 +01:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <assert.h>
|
|
|
|
|
|
2005-05-31 22:03:04 +02:00
|
|
|
#if GNUPG_MAJOR_VERSION == 1
|
|
|
|
|
#define GPG_ERR_EOF (-1)
|
|
|
|
|
#define GPG_ERR_BAD_BER (1) /*G10ERR_GENERAL*/
|
|
|
|
|
#define GPG_ERR_INV_SEXP (45) /*G10ERR_INV_ARG*/
|
|
|
|
|
typedef int gpg_error_t;
|
2007-08-10 18:52:05 +02:00
|
|
|
#define gpg_make_err(x,n) (n)
|
2005-05-31 22:03:04 +02:00
|
|
|
#else
|
2004-01-27 17:40:42 +01:00
|
|
|
#include <gpg-error.h>
|
2005-05-31 22:03:04 +02:00
|
|
|
#endif
|
2004-01-27 17:40:42 +01:00
|
|
|
|
|
|
|
|
#include "tlv.h"
|
|
|
|
|
|
|
|
|
|
static const unsigned char *
|
|
|
|
|
do_find_tlv (const unsigned char *buffer, size_t length,
|
|
|
|
|
int tag, size_t *nbytes, int nestlevel)
|
|
|
|
|
{
|
|
|
|
|
const unsigned char *s = buffer;
|
|
|
|
|
size_t n = length;
|
|
|
|
|
size_t len;
|
|
|
|
|
int this_tag;
|
|
|
|
|
int composite;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
2004-01-27 17:40:42 +01:00
|
|
|
for (;;)
|
|
|
|
|
{
|
|
|
|
|
buffer = s;
|
|
|
|
|
if (n < 2)
|
|
|
|
|
return NULL; /* Buffer definitely too short for tag and length. */
|
|
|
|
|
if (!*s || *s == 0xff)
|
|
|
|
|
{ /* Skip optional filler between TLV objects. */
|
|
|
|
|
s++;
|
|
|
|
|
n--;
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
composite = !!(*s & 0x20);
|
|
|
|
|
if ((*s & 0x1f) == 0x1f)
|
|
|
|
|
{ /* more tag bytes to follow */
|
|
|
|
|
s++;
|
|
|
|
|
n--;
|
|
|
|
|
if (n < 2)
|
|
|
|
|
return NULL; /* buffer definitely too short for tag and length. */
|
|
|
|
|
if ((*s & 0x1f) == 0x1f)
|
|
|
|
|
return NULL; /* We support only up to 2 bytes. */
|
|
|
|
|
this_tag = (s[-1] << 8) | (s[0] & 0x7f);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
this_tag = s[0];
|
|
|
|
|
len = s[1];
|
|
|
|
|
s += 2; n -= 2;
|
|
|
|
|
if (len < 0x80)
|
|
|
|
|
;
|
|
|
|
|
else if (len == 0x81)
|
|
|
|
|
{ /* One byte length follows. */
|
|
|
|
|
if (!n)
|
|
|
|
|
return NULL; /* we expected 1 more bytes with the length. */
|
|
|
|
|
len = s[0];
|
|
|
|
|
s++; n--;
|
|
|
|
|
}
|
|
|
|
|
else if (len == 0x82)
|
|
|
|
|
{ /* Two byte length follows. */
|
|
|
|
|
if (n < 2)
|
|
|
|
|
return NULL; /* We expected 2 more bytes with the length. */
|
|
|
|
|
len = (s[0] << 8) | s[1];
|
|
|
|
|
s += 2; n -= 2;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
return NULL; /* APDU limit is 65535, thus it does not make
|
|
|
|
|
sense to assume longer length fields. */
|
|
|
|
|
|
|
|
|
|
if (composite && nestlevel < 100)
|
|
|
|
|
{ /* Dive into this composite DO after checking for a too deep
|
|
|
|
|
nesting. */
|
|
|
|
|
const unsigned char *tmp_s;
|
|
|
|
|
size_t tmp_len;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
2004-01-27 17:40:42 +01:00
|
|
|
tmp_s = do_find_tlv (s, len, tag, &tmp_len, nestlevel+1);
|
|
|
|
|
if (tmp_s)
|
|
|
|
|
{
|
|
|
|
|
*nbytes = tmp_len;
|
|
|
|
|
return tmp_s;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (this_tag == tag)
|
|
|
|
|
{
|
|
|
|
|
*nbytes = len;
|
|
|
|
|
return s;
|
|
|
|
|
}
|
|
|
|
|
if (len > n)
|
|
|
|
|
return NULL; /* Buffer too short to skip to the next tag. */
|
|
|
|
|
s += len; n -= len;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Locate a TLV encoded data object in BUFFER of LENGTH and
|
|
|
|
|
return a pointer to value as well as its length in NBYTES. Return
|
2005-04-27 21:47:53 +02:00
|
|
|
NULL if it was not found or if the object does not fit into the buffer. */
|
2004-01-27 17:40:42 +01:00
|
|
|
const unsigned char *
|
|
|
|
|
find_tlv (const unsigned char *buffer, size_t length,
|
|
|
|
|
int tag, size_t *nbytes)
|
|
|
|
|
{
|
2005-04-27 21:47:53 +02:00
|
|
|
const unsigned char *p;
|
|
|
|
|
|
|
|
|
|
p = do_find_tlv (buffer, length, tag, nbytes, 0);
|
|
|
|
|
if (p && *nbytes > (length - (p-buffer)))
|
|
|
|
|
p = NULL; /* Object longer than buffer. */
|
|
|
|
|
return p;
|
2004-01-27 17:40:42 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2005-04-27 21:47:53 +02:00
|
|
|
/* Locate a TLV encoded data object in BUFFER of LENGTH and
|
|
|
|
|
return a pointer to value as well as its length in NBYTES. Return
|
|
|
|
|
NULL if it was not found. Note, that the function does not check
|
|
|
|
|
whether the value fits into the provided buffer. */
|
|
|
|
|
const unsigned char *
|
|
|
|
|
find_tlv_unchecked (const unsigned char *buffer, size_t length,
|
|
|
|
|
int tag, size_t *nbytes)
|
|
|
|
|
{
|
|
|
|
|
return do_find_tlv (buffer, length, tag, nbytes, 0);
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-27 17:40:42 +01:00
|
|
|
|
|
|
|
|
/* ASN.1 BER parser: Parse BUFFER of length SIZE and return the tag
|
|
|
|
|
and the length part from the TLV triplet. Update BUFFER and SIZE
|
|
|
|
|
on success. */
|
|
|
|
|
gpg_error_t
|
2007-08-10 18:52:05 +02:00
|
|
|
_parse_ber_header (unsigned char const **buffer, size_t *size,
|
2011-02-04 12:57:53 +01:00
|
|
|
int *r_class, int *r_tag,
|
2007-08-10 18:52:05 +02:00
|
|
|
int *r_constructed, int *r_ndef,
|
|
|
|
|
size_t *r_length, size_t *r_nhdr,
|
|
|
|
|
gpg_err_source_t errsource)
|
2004-01-27 17:40:42 +01:00
|
|
|
{
|
|
|
|
|
int c;
|
|
|
|
|
unsigned long tag;
|
|
|
|
|
const unsigned char *buf = *buffer;
|
|
|
|
|
size_t length = *size;
|
|
|
|
|
|
|
|
|
|
*r_ndef = 0;
|
|
|
|
|
*r_length = 0;
|
|
|
|
|
*r_nhdr = 0;
|
|
|
|
|
|
|
|
|
|
/* Get the tag. */
|
|
|
|
|
if (!length)
|
2007-08-10 18:52:05 +02:00
|
|
|
return gpg_err_make (errsource, GPG_ERR_EOF);
|
2004-01-27 17:40:42 +01:00
|
|
|
c = *buf++; length--; ++*r_nhdr;
|
|
|
|
|
|
|
|
|
|
*r_class = (c & 0xc0) >> 6;
|
|
|
|
|
*r_constructed = !!(c & 0x20);
|
|
|
|
|
tag = c & 0x1f;
|
|
|
|
|
|
|
|
|
|
if (tag == 0x1f)
|
|
|
|
|
{
|
|
|
|
|
tag = 0;
|
|
|
|
|
do
|
|
|
|
|
{
|
|
|
|
|
tag <<= 7;
|
|
|
|
|
if (!length)
|
2007-08-10 18:52:05 +02:00
|
|
|
return gpg_err_make (errsource, GPG_ERR_EOF);
|
2004-01-27 17:40:42 +01:00
|
|
|
c = *buf++; length--; ++*r_nhdr;
|
|
|
|
|
tag |= c & 0x7f;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
while (c & 0x80);
|
|
|
|
|
}
|
|
|
|
|
*r_tag = tag;
|
|
|
|
|
|
|
|
|
|
/* Get the length. */
|
|
|
|
|
if (!length)
|
2007-08-10 18:52:05 +02:00
|
|
|
return gpg_err_make (errsource, GPG_ERR_EOF);
|
2004-01-27 17:40:42 +01:00
|
|
|
c = *buf++; length--; ++*r_nhdr;
|
|
|
|
|
|
|
|
|
|
if ( !(c & 0x80) )
|
|
|
|
|
*r_length = c;
|
|
|
|
|
else if (c == 0x80)
|
|
|
|
|
*r_ndef = 1;
|
|
|
|
|
else if (c == 0xff)
|
2007-08-10 18:52:05 +02:00
|
|
|
return gpg_err_make (errsource, GPG_ERR_BAD_BER);
|
2004-01-27 17:40:42 +01:00
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
unsigned long len = 0;
|
|
|
|
|
int count = c & 0x7f;
|
|
|
|
|
|
2004-03-23 13:33:20 +01:00
|
|
|
if (count > sizeof (len) || count > sizeof (size_t))
|
2007-08-10 18:52:05 +02:00
|
|
|
return gpg_err_make (errsource, GPG_ERR_BAD_BER);
|
2004-03-23 13:33:20 +01:00
|
|
|
|
2004-01-27 17:40:42 +01:00
|
|
|
for (; count; count--)
|
|
|
|
|
{
|
|
|
|
|
len <<= 8;
|
|
|
|
|
if (!length)
|
2007-08-10 18:52:05 +02:00
|
|
|
return gpg_err_make (errsource, GPG_ERR_EOF);
|
2004-01-27 17:40:42 +01:00
|
|
|
c = *buf++; length--; ++*r_nhdr;
|
|
|
|
|
len |= c & 0xff;
|
|
|
|
|
}
|
|
|
|
|
*r_length = len;
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
2004-01-27 17:40:42 +01:00
|
|
|
/* Without this kludge some example certs can't be parsed. */
|
|
|
|
|
if (*r_class == CLASS_UNIVERSAL && !*r_tag)
|
|
|
|
|
*r_length = 0;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
2004-01-27 17:40:42 +01:00
|
|
|
*buffer = buf;
|
|
|
|
|
*size = length;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2005-05-20 22:39:36 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/* FIXME: The following function should not go into this file but for
|
|
|
|
|
now it is easier to keep it here. */
|
|
|
|
|
|
2010-02-26 11:52:05 +01:00
|
|
|
/* Return the next token of an canonical encoded S-expression. BUF
|
2005-05-20 22:39:36 +02:00
|
|
|
is the pointer to the S-expression and BUFLEN is a pointer to the
|
|
|
|
|
length of this S-expression (used to validate the syntax). Both
|
|
|
|
|
are updated to reflect the new position. The token itself is
|
2011-03-01 14:22:41 +01:00
|
|
|
returned as a pointer into the original buffer at TOK and TOKLEN.
|
2005-05-20 22:39:36 +02:00
|
|
|
If a parentheses is the next token, TOK will be set to NULL.
|
2011-03-01 14:22:41 +01:00
|
|
|
TOKLEN is checked to be within the bounds. On error an error code
|
|
|
|
|
is returned and no pointer is not guaranteed to point to
|
|
|
|
|
a meaningful value. DEPTH should be initialized to 0 and will
|
2005-05-20 22:39:36 +02:00
|
|
|
reflect on return the actual depth of the tree. To detect the end
|
|
|
|
|
of the S-expression it is advisable to check DEPTH after a
|
2011-03-01 14:22:41 +01:00
|
|
|
successful return.
|
2005-05-20 22:39:36 +02:00
|
|
|
|
|
|
|
|
depth = 0;
|
|
|
|
|
while (!(err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen))
|
|
|
|
|
&& depth)
|
|
|
|
|
process_token (tok, toklen);
|
2011-02-04 12:57:53 +01:00
|
|
|
if (err)
|
2005-05-20 22:39:36 +02:00
|
|
|
handle_error ();
|
|
|
|
|
*/
|
|
|
|
|
gpg_error_t
|
2007-08-10 18:52:05 +02:00
|
|
|
_parse_sexp (unsigned char const **buf, size_t *buflen,
|
|
|
|
|
int *depth, unsigned char const **tok, size_t *toklen,
|
|
|
|
|
gpg_err_source_t errsource)
|
2005-05-20 22:39:36 +02:00
|
|
|
{
|
|
|
|
|
const unsigned char *s;
|
|
|
|
|
size_t n, vlen;
|
|
|
|
|
|
|
|
|
|
s = *buf;
|
|
|
|
|
n = *buflen;
|
|
|
|
|
*tok = NULL;
|
|
|
|
|
*toklen = 0;
|
|
|
|
|
if (!n)
|
2007-08-10 18:52:05 +02:00
|
|
|
return *depth ? gpg_err_make (errsource, GPG_ERR_INV_SEXP) : 0;
|
2005-05-20 22:39:36 +02:00
|
|
|
if (*s == '(')
|
|
|
|
|
{
|
|
|
|
|
s++; n--;
|
|
|
|
|
(*depth)++;
|
|
|
|
|
*buf = s;
|
|
|
|
|
*buflen = n;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
if (*s == ')')
|
|
|
|
|
{
|
|
|
|
|
if (!*depth)
|
2007-08-10 18:52:05 +02:00
|
|
|
return gpg_err_make (errsource, GPG_ERR_INV_SEXP);
|
2005-05-20 22:39:36 +02:00
|
|
|
*toklen = 1;
|
|
|
|
|
s++; n--;
|
|
|
|
|
(*depth)--;
|
|
|
|
|
*buf = s;
|
|
|
|
|
*buflen = n;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
for (vlen=0; n && *s && *s != ':' && (*s >= '0' && *s <= '9'); s++, n--)
|
|
|
|
|
vlen = vlen*10 + (*s - '0');
|
|
|
|
|
if (!n || *s != ':')
|
2007-08-10 18:52:05 +02:00
|
|
|
return gpg_err_make (errsource, GPG_ERR_INV_SEXP);
|
2005-05-20 22:39:36 +02:00
|
|
|
s++; n--;
|
|
|
|
|
if (vlen > n)
|
2007-08-10 18:52:05 +02:00
|
|
|
return gpg_err_make (errsource, GPG_ERR_INV_SEXP);
|
2005-05-20 22:39:36 +02:00
|
|
|
*tok = s;
|
|
|
|
|
*toklen = vlen;
|
|
|
|
|
s += vlen;
|
|
|
|
|
n -= vlen;
|
|
|
|
|
*buf = s;
|
|
|
|
|
*buflen = n;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
