asn1.c revision 156067
1/* 2 * Copyright (c) 2001-2003 3 * Fraunhofer Institute for Open Communication Systems (FhG Fokus). 4 * All rights reserved. 5 * 6 * Author: Harti Brandt <harti@freebsd.org> 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $Begemot: bsnmp/lib/asn1.c,v 1.31 2005/10/06 07:14:58 brandt_h Exp $ 30 * 31 * ASN.1 for SNMP. 32 */ 33#include <sys/types.h> 34#include <stdio.h> 35#include <stdlib.h> 36#include <stdarg.h> 37#include <string.h> 38#ifdef HAVE_STDINT_H 39#include <stdint.h> 40#elif defined(HAVE_INTTYPES_H) 41#include <inttypes.h> 42#endif 43#include <assert.h> 44 45#include "support.h" 46#include "asn1.h" 47 48static void asn_error_func(const struct asn_buf *, const char *, ...); 49 50void (*asn_error)(const struct asn_buf *, const char *, ...) = asn_error_func; 51 52/* 53 * Read the next header. This reads the tag (note, that only single 54 * byte tags are supported for now) and the length field. The length field 55 * is restricted to a 32-bit value. 56 * All errors of this function stop the decoding. 57 */ 58enum asn_err 59asn_get_header(struct asn_buf *b, u_char *type, asn_len_t *len) 60{ 61 u_int length; 62 63 if (b->asn_len == 0) { 64 asn_error(b, "no identifier for header"); 65 return (ASN_ERR_EOBUF); 66 } 67 *type = *b->asn_cptr; 68 if ((*type & ASN_TYPE_MASK) > 0x30) { 69 asn_error(b, "types > 0x30 not supported (%u)", 70 *type & ASN_TYPE_MASK); 71 return (ASN_ERR_FAILED); 72 } 73 b->asn_cptr++; 74 b->asn_len--; 75 if (b->asn_len == 0) { 76 asn_error(b, "no length field"); 77 return (ASN_ERR_EOBUF); 78 } 79 if (*b->asn_cptr & 0x80) { 80 length = *b->asn_cptr++ & 0x7f; 81 b->asn_len--; 82 if (length == 0) { 83 asn_error(b, "indefinite length not supported"); 84 return (ASN_ERR_FAILED); 85 } 86 if (length > ASN_MAXLENLEN) { 87 asn_error(b, "long length too long (%u)", length); 88 return (ASN_ERR_FAILED); 89 } 90 if (length > b->asn_len) { 91 asn_error(b, "long length truncated"); 92 return (ASN_ERR_EOBUF); 93 } 94 *len = 0; 95 while (length--) { 96 *len = (*len << 8) | *b->asn_cptr++; 97 b->asn_len--; 98 } 99 } else { 100 *len = *b->asn_cptr++; 101 b->asn_len--; 102 } 103 return (ASN_ERR_OK); 104} 105 106/* 107 * Write a length field (restricted to values < 2^32-1) and return the 108 * number of bytes this field takes. If ptr is NULL, the length is computed 109 * but nothing is written. If the length would be too large return 0. 110 */ 111static u_int 112asn_put_len(u_char *ptr, asn_len_t len) 113{ 114 u_int lenlen, lenlen1; 115 asn_len_t tmp; 116 117 if (len > ASN_MAXLEN) { 118 asn_error(NULL, "encoding length too long: (%u)", len); 119 return (0); 120 } 121 122 if (len <= 127) { 123 if (ptr) 124 *ptr++ = (u_char)len; 125 return (1); 126 } else { 127 lenlen = 0; 128 /* compute number of bytes for value (is at least 1) */ 129 for (tmp = len; tmp != 0; tmp >>= 8) 130 lenlen++; 131 if (ptr != NULL) { 132 *ptr++ = (u_char)lenlen | 0x80; 133 lenlen1 = lenlen; 134 while (lenlen1-- > 0) { 135 ptr[lenlen1] = len & 0xff; 136 len >>= 8; 137 } 138 } 139 return (lenlen + 1); 140 } 141} 142 143/* 144 * Write a header (tag and length fields). 145 * Tags are restricted to one byte tags (value <= 0x30) and the 146 * lenght field to 16-bit. All errors stop the encoding. 147 */ 148enum asn_err 149asn_put_header(struct asn_buf *b, u_char type, asn_len_t len) 150{ 151 u_int lenlen; 152 153 /* tag field */ 154 if ((type & ASN_TYPE_MASK) > 0x30) { 155 asn_error(NULL, "types > 0x30 not supported (%u)", 156 type & ASN_TYPE_MASK); 157 return (ASN_ERR_FAILED); 158 } 159 if (b->asn_len == 0) 160 return (ASN_ERR_EOBUF); 161 162 *b->asn_ptr++ = type; 163 b->asn_len--; 164 165 /* length field */ 166 if ((lenlen = asn_put_len(NULL, len)) == 0) 167 return (ASN_ERR_FAILED); 168 if (b->asn_len < lenlen) 169 return (ASN_ERR_EOBUF); 170 171 (void)asn_put_len(b->asn_ptr, len); 172 b->asn_ptr += lenlen; 173 b->asn_len -= lenlen; 174 return (ASN_ERR_OK); 175} 176 177 178/* 179 * This constructs a temporary sequence header with space for the maximum 180 * length field (three byte). Set the pointer that ptr points to to the 181 * start of the encoded header. This is used for a later call to 182 * asn_commit_header which will fix-up the length field and move the 183 * value if needed. All errors should stop the encoding. 184 */ 185#define TEMP_LEN (1 + ASN_MAXLENLEN + 1) 186enum asn_err 187asn_put_temp_header(struct asn_buf *b, u_char type, u_char **ptr) 188{ 189 int ret; 190 191 if (b->asn_len < TEMP_LEN) 192 return (ASN_ERR_EOBUF); 193 *ptr = b->asn_ptr; 194 if ((ret = asn_put_header(b, type, ASN_MAXLEN)) == ASN_ERR_OK) 195 assert(b->asn_ptr == *ptr + TEMP_LEN); 196 return (ret); 197} 198enum asn_err 199asn_commit_header(struct asn_buf *b, u_char *ptr) 200{ 201 asn_len_t len; 202 u_int lenlen, shift; 203 204 /* compute length of encoded value without header */ 205 len = b->asn_ptr - (ptr + TEMP_LEN); 206 207 /* insert length. may not fail. */ 208 lenlen = asn_put_len(ptr + 1, len); 209 if (lenlen > TEMP_LEN - 1) 210 return (ASN_ERR_FAILED); 211 212 if (lenlen < TEMP_LEN - 1) { 213 /* shift value down */ 214 shift = (TEMP_LEN - 1) - lenlen; 215 memmove(ptr + 1 + lenlen, ptr + TEMP_LEN, len); 216 b->asn_ptr -= shift; 217 b->asn_len += shift; 218 } 219 return (ASN_ERR_OK); 220} 221#undef TEMP_LEN 222 223/* 224 * BER integer. This may be used to get a signed 64 bit integer at maximum. 225 * The maximum length should be checked by the caller. This cannot overflow 226 * if the caller ensures that len is at maximum 8. 227 * 228 * <bytes> 229 */ 230static enum asn_err 231asn_get_real_integer(struct asn_buf *b, asn_len_t len, int64_t *vp) 232{ 233 uint64_t val; 234 int neg = 0; 235 enum asn_err err; 236 237 if (b->asn_len < len) { 238 asn_error(b, "truncated integer"); 239 return (ASN_ERR_EOBUF); 240 } 241 if (len == 0) { 242 asn_error(b, "zero-length integer"); 243 *vp = 0; 244 return (ASN_ERR_BADLEN); 245 } 246 err = ASN_ERR_OK; 247 if (len > 8) 248 err = ASN_ERR_RANGE; 249 else if (len > 1 && 250 ((*b->asn_cptr == 0x00 && (b->asn_cptr[1] & 0x80) == 0) || 251 (*b->asn_cptr == 0xff && (b->asn_cptr[1] & 0x80) == 0x80))) { 252 asn_error(b, "non-minimal integer"); 253 err = ASN_ERR_BADLEN; 254 } 255 256 if (*b->asn_cptr & 0x80) 257 neg = 1; 258 val = 0; 259 while (len--) { 260 val <<= 8; 261 val |= neg ? (u_char)~*b->asn_cptr : *b->asn_cptr; 262 b->asn_len--; 263 b->asn_cptr++; 264 } 265 if (neg) { 266 *vp = -(int64_t)val - 1; 267 } else 268 *vp = (int64_t)val; 269 return (err); 270} 271 272/* 273 * Write a signed integer with the given type. The caller has to ensure 274 * that the actual value is ok for this type. 275 */ 276static enum asn_err 277asn_put_real_integer(struct asn_buf *b, u_char type, int64_t ival) 278{ 279 int i, neg = 0; 280# define OCTETS 8 281 u_char buf[OCTETS]; 282 uint64_t val; 283 enum asn_err ret; 284 285 if (ival < 0) { 286 /* this may fail if |INT64_MIN| > |INT64_MAX| and 287 * the value is between * INT64_MIN <= ival < -(INT64_MAX+1) */ 288 val = (uint64_t)-(ival + 1); 289 neg = 1; 290 } else 291 val = (uint64_t)ival; 292 293 /* split the value into octets */ 294 for (i = OCTETS - 1; i >= 0; i--) { 295 buf[i] = val & 0xff; 296 if (neg) 297 buf[i] = ~buf[i]; 298 val >>= 8; 299 } 300 /* no leading 9 zeroes or ones */ 301 for (i = 0; i < OCTETS - 1; i++) 302 if (!((buf[i] == 0xff && (buf[i + 1] & 0x80) != 0) || 303 (buf[i] == 0x00 && (buf[i + 1] & 0x80) == 0))) 304 break; 305 if ((ret = asn_put_header(b, type, OCTETS - i))) 306 return (ret); 307 if (OCTETS - (u_int)i > b->asn_len) 308 return (ASN_ERR_EOBUF); 309 310 while (i < OCTETS) { 311 *b->asn_ptr++ = buf[i++]; 312 b->asn_len--; 313 } 314 return (ASN_ERR_OK); 315# undef OCTETS 316} 317 318 319/* 320 * The same for unsigned 64-bitters. Here we have the problem, that overflow 321 * can happen, because the value maybe 9 bytes long. In this case the 322 * first byte must be 0. 323 */ 324static enum asn_err 325asn_get_real_unsigned(struct asn_buf *b, asn_len_t len, uint64_t *vp) 326{ 327 enum asn_err err; 328 329 if (b->asn_len < len) { 330 asn_error(b, "truncated integer"); 331 return (ASN_ERR_EOBUF); 332 } 333 if (len == 0) { 334 asn_error(b, "zero-length integer"); 335 *vp = 0; 336 return (ASN_ERR_BADLEN); 337 } 338 err = ASN_ERR_OK; 339 *vp = 0; 340 if ((*b->asn_cptr & 0x80) || (len == 9 && *b->asn_cptr != 0)) { 341 /* negative integer or too larger */ 342 *vp = 0xffffffffffffffffULL; 343 err = ASN_ERR_RANGE; 344 } else if (len > 1 && 345 *b->asn_cptr == 0x00 && (b->asn_cptr[1] & 0x80) == 0) { 346 asn_error(b, "non-minimal unsigned"); 347 err = ASN_ERR_BADLEN; 348 } 349 350 while (len--) { 351 *vp = (*vp << 8) | *b->asn_cptr++; 352 b->asn_len--; 353 } 354 return (err); 355} 356 357 358/* 359 * Values with the msb on need 9 octets. 360 */ 361static int 362asn_put_real_unsigned(struct asn_buf *b, u_char type, uint64_t val) 363{ 364 int i; 365# define OCTETS 9 366 u_char buf[OCTETS]; 367 enum asn_err ret; 368 369 /* split the value into octets */ 370 for (i = OCTETS - 1; i >= 0; i--) { 371 buf[i] = val & 0xff; 372 val >>= 8; 373 } 374 /* no leading 9 zeroes */ 375 for (i = 0; i < OCTETS - 1; i++) 376 if (!(buf[i] == 0x00 && (buf[i + 1] & 0x80) == 0)) 377 break; 378 if ((ret = asn_put_header(b, type, OCTETS - i))) 379 return (ret); 380 if (OCTETS - (u_int)i > b->asn_len) 381 return (ASN_ERR_EOBUF); 382 383 while (i < OCTETS) { 384 *b->asn_ptr++ = buf[i++]; 385 b->asn_len--; 386 } 387#undef OCTETS 388 return (ASN_ERR_OK); 389} 390 391/* 392 * The ASN.1 INTEGER type is restricted to 32-bit signed by the SMI. 393 */ 394enum asn_err 395asn_get_integer_raw(struct asn_buf *b, asn_len_t len, int32_t *vp) 396{ 397 int64_t val; 398 enum asn_err ret; 399 400 if ((ret = asn_get_real_integer(b, len, &val)) == ASN_ERR_OK) { 401 if (len > 4) 402 ret = ASN_ERR_BADLEN; 403 else if (val > INT32_MAX || val < INT32_MIN) 404 /* may not happen */ 405 ret = ASN_ERR_RANGE; 406 *vp = (int32_t)val; 407 } 408 return (ret); 409} 410 411enum asn_err 412asn_get_integer(struct asn_buf *b, int32_t *vp) 413{ 414 asn_len_t len; 415 u_char type; 416 enum asn_err err; 417 418 if ((err = asn_get_header(b, &type, &len)) != ASN_ERR_OK) 419 return (err); 420 if (type != ASN_TYPE_INTEGER) { 421 asn_error(b, "bad type for integer (%u)", type); 422 return (ASN_ERR_TAG); 423 } 424 425 return (asn_get_integer_raw(b, len, vp)); 426} 427 428enum asn_err 429asn_put_integer(struct asn_buf *b, int32_t val) 430{ 431 return (asn_put_real_integer(b, ASN_TYPE_INTEGER, val)); 432} 433 434/* 435 * OCTETSTRING 436 * 437 * <0x04> <len> <data ...> 438 * 439 * Get an octetstring. noctets must point to the buffer size and on 440 * return will contain the size of the octetstring, regardless of the 441 * buffer size. 442 */ 443enum asn_err 444asn_get_octetstring_raw(struct asn_buf *b, asn_len_t len, u_char *octets, 445 u_int *noctets) 446{ 447 enum asn_err err = ASN_ERR_OK; 448 449 if (*noctets < len) { 450 asn_error(b, "octetstring truncated"); 451 err = ASN_ERR_RANGE; 452 } 453 if (b->asn_len < len) { 454 asn_error(b, "truncatet octetstring"); 455 return (ASN_ERR_EOBUF); 456 } 457 if (*noctets < len) 458 memcpy(octets, b->asn_cptr, *noctets); 459 else 460 memcpy(octets, b->asn_cptr, len); 461 *noctets = len; 462 b->asn_cptr += len; 463 b->asn_len -= len; 464 return (err); 465} 466 467enum asn_err 468asn_get_octetstring(struct asn_buf *b, u_char *octets, u_int *noctets) 469{ 470 enum asn_err err; 471 u_char type; 472 asn_len_t len; 473 474 if ((err = asn_get_header(b, &type, &len)) != ASN_ERR_OK) 475 return (err); 476 if (type != ASN_TYPE_OCTETSTRING) { 477 asn_error(b, "bad type for octetstring (%u)", type); 478 return (ASN_ERR_TAG); 479 } 480 return (asn_get_octetstring_raw(b, len, octets, noctets)); 481} 482 483enum asn_err 484asn_put_octetstring(struct asn_buf *b, const u_char *octets, u_int noctets) 485{ 486 enum asn_err ret; 487 488 if ((ret = asn_put_header(b, ASN_TYPE_OCTETSTRING, noctets)) != ASN_ERR_OK) 489 return (ret); 490 if (b->asn_len < noctets) 491 return (ASN_ERR_EOBUF); 492 493 memcpy(b->asn_ptr, octets, noctets); 494 b->asn_ptr += noctets; 495 b->asn_len -= noctets; 496 return (ASN_ERR_OK); 497} 498 499/* 500 * NULL 501 * 502 * <0x05> <0x00> 503 */ 504enum asn_err 505asn_get_null_raw(struct asn_buf *b, asn_len_t len) 506{ 507 if (len != 0) { 508 if (b->asn_len < len) { 509 asn_error(b, "truncated NULL"); 510 return (ASN_ERR_EOBUF); 511 } 512 asn_error(b, "bad length for NULL (%u)", len); 513 b->asn_len -= len; 514 b->asn_ptr += len; 515 return (ASN_ERR_BADLEN); 516 } 517 return (ASN_ERR_OK); 518} 519 520enum asn_err 521asn_get_null(struct asn_buf *b) 522{ 523 u_char type; 524 asn_len_t len; 525 enum asn_err err; 526 527 if ((err = asn_get_header(b, &type, &len)) != ASN_ERR_OK) 528 return (err); 529 if (type != ASN_TYPE_NULL) { 530 asn_error(b, "bad type for NULL (%u)", type); 531 return (ASN_ERR_TAG); 532 } 533 return (asn_get_null_raw(b, len)); 534} 535 536enum asn_err 537asn_put_null(struct asn_buf *b) 538{ 539 return (asn_put_header(b, ASN_TYPE_NULL, 0)); 540} 541 542enum asn_err 543asn_put_exception(struct asn_buf *b, u_int except) 544{ 545 return (asn_put_header(b, ASN_CLASS_CONTEXT | except, 0)); 546} 547 548/* 549 * OBJID 550 * 551 * <0x06> <len> <subid...> 552 */ 553enum asn_err 554asn_get_objid_raw(struct asn_buf *b, asn_len_t len, struct asn_oid *oid) 555{ 556 asn_subid_t subid; 557 enum asn_err err; 558 559 if (b->asn_len < len) { 560 asn_error(b, "truncated OBJID"); 561 return (ASN_ERR_EOBUF); 562 } 563 oid->len = 0; 564 if (len == 0) { 565 asn_error(b, "short OBJID"); 566 oid->subs[oid->len++] = 0; 567 oid->subs[oid->len++] = 0; 568 return (ASN_ERR_BADLEN); 569 } 570 err = ASN_ERR_OK; 571 while (len != 0) { 572 if (oid->len == ASN_MAXOIDLEN) { 573 asn_error(b, "OID too long (%u)", oid->len); 574 b->asn_cptr += len; 575 b->asn_len -= len; 576 return (ASN_ERR_BADLEN); 577 } 578 subid = 0; 579 do { 580 if (len == 0) { 581 asn_error(b, "unterminated subid"); 582 return (ASN_ERR_EOBUF); 583 } 584 if (subid > (ASN_MAXID >> 7)) { 585 asn_error(b, "OBID subid too larger"); 586 err = ASN_ERR_RANGE; 587 } 588 subid = (subid << 7) | (*b->asn_cptr & 0x7f); 589 len--; 590 b->asn_len--; 591 } while (*b->asn_cptr++ & 0x80); 592 if (oid->len == 0) { 593 if (subid < 80) { 594 oid->subs[oid->len++] = subid / 40; 595 oid->subs[oid->len++] = subid % 40; 596 } else { 597 oid->subs[oid->len++] = 2; 598 oid->subs[oid->len++] = subid - 80; 599 } 600 } else { 601 oid->subs[oid->len++] = subid; 602 } 603 } 604 return (err); 605 606} 607 608enum asn_err 609asn_get_objid(struct asn_buf *b, struct asn_oid *oid) 610{ 611 u_char type; 612 asn_len_t len; 613 enum asn_err err; 614 615 if ((err = asn_get_header(b, &type, &len)) != ASN_ERR_OK) 616 return (err); 617 if (type != ASN_TYPE_OBJID) { 618 asn_error(b, "bad type for OBJID (%u)", type); 619 return (ASN_ERR_TAG); 620 } 621 return (asn_get_objid_raw(b, len, oid)); 622} 623 624enum asn_err 625asn_put_objid(struct asn_buf *b, const struct asn_oid *oid) 626{ 627 asn_subid_t first, sub; 628 enum asn_err err, err1; 629 u_int i, oidlen; 630 asn_len_t len; 631 632 err = ASN_ERR_OK; 633 if (oid->len == 0) { 634 /* illegal */ 635 asn_error(NULL, "short oid"); 636 err = ASN_ERR_RANGE; 637 first = 0; 638 oidlen = 2; 639 } else if (oid->len == 1) { 640 /* illegal */ 641 asn_error(b, "short oid"); 642 if (oid->subs[0] > 2) 643 asn_error(NULL, "oid[0] too large (%u)", oid->subs[0]); 644 err = ASN_ERR_RANGE; 645 first = oid->subs[0] * 40; 646 oidlen = 2; 647 } else { 648 if (oid->len > ASN_MAXOIDLEN) { 649 asn_error(NULL, "oid too long %u", oid->len); 650 err = ASN_ERR_RANGE; 651 } 652 if (oid->subs[0] > 2 || 653 (oid->subs[0] < 2 && oid->subs[0] >= 40)) { 654 asn_error(NULL, "oid out of range (%u,%u)", 655 oid->subs[0], oid->subs[1]); 656 err = ASN_ERR_RANGE; 657 } 658 first = 40 * oid->subs[0] + oid->subs[1]; 659 oidlen = oid->len; 660 } 661 len = 0; 662 for (i = 1; i < oidlen; i++) { 663 sub = (i == 1) ? first : oid->subs[i]; 664 if (sub > ASN_MAXID) { 665 asn_error(NULL, "oid subid too large"); 666 err = ASN_ERR_RANGE; 667 } 668 len += (sub <= 0x7f) ? 1 669 : (sub <= 0x3fff) ? 2 670 : (sub <= 0x1fffff) ? 3 671 : (sub <= 0xfffffff) ? 4 672 : 5; 673 } 674 if ((err1 = asn_put_header(b, ASN_TYPE_OBJID, len)) != ASN_ERR_OK) 675 return (err1); 676 if (b->asn_len < len) 677 return (ASN_ERR_EOBUF); 678 679 for (i = 1; i < oidlen; i++) { 680 sub = (i == 1) ? first : oid->subs[i]; 681 if (sub <= 0x7f) { 682 *b->asn_ptr++ = sub; 683 b->asn_len--; 684 } else if (sub <= 0x3fff) { 685 *b->asn_ptr++ = (sub >> 7) | 0x80; 686 *b->asn_ptr++ = sub & 0x7f; 687 b->asn_len -= 2; 688 } else if (sub <= 0x1fffff) { 689 *b->asn_ptr++ = (sub >> 14) | 0x80; 690 *b->asn_ptr++ = ((sub >> 7) & 0x7f) | 0x80; 691 *b->asn_ptr++ = sub & 0x7f; 692 b->asn_len -= 3; 693 } else if (sub <= 0xfffffff) { 694 *b->asn_ptr++ = (sub >> 21) | 0x80; 695 *b->asn_ptr++ = ((sub >> 14) & 0x7f) | 0x80; 696 *b->asn_ptr++ = ((sub >> 7) & 0x7f) | 0x80; 697 *b->asn_ptr++ = sub & 0x7f; 698 b->asn_len -= 4; 699 } else { 700 *b->asn_ptr++ = (sub >> 28) | 0x80; 701 *b->asn_ptr++ = ((sub >> 21) & 0x7f) | 0x80; 702 *b->asn_ptr++ = ((sub >> 14) & 0x7f) | 0x80; 703 *b->asn_ptr++ = ((sub >> 7) & 0x7f) | 0x80; 704 *b->asn_ptr++ = sub & 0x7f; 705 b->asn_len -= 5; 706 } 707 } 708 return (err); 709} 710/* 711 * SEQUENCE header 712 * 713 * <0x10|0x20> <len> <data...> 714 */ 715enum asn_err 716asn_get_sequence(struct asn_buf *b, asn_len_t *len) 717{ 718 u_char type; 719 enum asn_err err; 720 721 if ((err = asn_get_header(b, &type, len)) != ASN_ERR_OK) 722 return (err); 723 if (type != (ASN_TYPE_SEQUENCE|ASN_TYPE_CONSTRUCTED)) { 724 asn_error(b, "bad sequence type %u", type); 725 return (ASN_ERR_TAG); 726 } 727 if (*len > b->asn_len) { 728 asn_error(b, "truncated sequence"); 729 return (ASN_ERR_EOBUF); 730 } 731 return (ASN_ERR_OK); 732} 733 734/* 735 * Application types 736 * 737 * 0x40 4 MSB 2MSB 2LSB LSB 738 */ 739enum asn_err 740asn_get_ipaddress_raw(struct asn_buf *b, asn_len_t len, u_char *addr) 741{ 742 u_int i; 743 744 if (b->asn_len < len) { 745 asn_error(b, "truncated ip-address"); 746 return (ASN_ERR_EOBUF); 747 } 748 if (len < 4) { 749 asn_error(b, "short length for ip-Address %u", len); 750 for (i = 0; i < len; i++) 751 *addr++ = *b->asn_cptr++; 752 while (i++ < len) 753 *addr++ = 0; 754 b->asn_len -= len; 755 return (ASN_ERR_BADLEN); 756 } 757 for (i = 0; i < 4; i++) 758 *addr++ = *b->asn_cptr++; 759 b->asn_cptr += len - 4; 760 b->asn_len -= len; 761 return (ASN_ERR_OK); 762} 763 764enum asn_err 765asn_get_ipaddress(struct asn_buf *b, u_char *addr) 766{ 767 u_char type; 768 asn_len_t len; 769 enum asn_err err; 770 771 if ((err = asn_get_header(b, &type, &len)) != ASN_ERR_OK) 772 return (err); 773 if (type != (ASN_CLASS_APPLICATION|ASN_APP_IPADDRESS)) { 774 asn_error(b, "bad type for ip-address %u", type); 775 return (ASN_ERR_TAG); 776 } 777 return (asn_get_ipaddress_raw(b, len, addr)); 778} 779 780enum asn_err 781asn_put_ipaddress(struct asn_buf *b, const u_char *addr) 782{ 783 enum asn_err err; 784 785 if ((err = asn_put_header(b, ASN_CLASS_APPLICATION|ASN_APP_IPADDRESS, 786 4)) != ASN_ERR_OK) 787 return (err); 788 if (b->asn_len < 4) 789 return (ASN_ERR_EOBUF); 790 791 memcpy(b->asn_ptr, addr, 4); 792 b->asn_ptr += 4; 793 b->asn_len -= 4; 794 return (ASN_ERR_OK); 795} 796 797 798/* 799 * UNSIGNED32 800 * 801 * 0x42|0x41 <len> ... 802 */ 803enum asn_err 804asn_get_uint32_raw(struct asn_buf *b, asn_len_t len, uint32_t *vp) 805{ 806 uint64_t v; 807 enum asn_err err; 808 809 if ((err = asn_get_real_unsigned(b, len, &v)) == ASN_ERR_OK) { 810 if (len > 5) { 811 asn_error(b, "uint32 too long %u", len); 812 err = ASN_ERR_BADLEN; 813 } else if (v > UINT32_MAX) { 814 asn_error(b, "uint32 too large %llu", v); 815 err = ASN_ERR_RANGE; 816 } 817 *vp = (uint32_t)v; 818 } 819 return (err); 820} 821 822enum asn_err 823asn_put_uint32(struct asn_buf *b, u_char type, uint32_t val) 824{ 825 uint64_t v = val; 826 827 return (asn_put_real_unsigned(b, ASN_CLASS_APPLICATION|type, v)); 828} 829 830/* 831 * COUNTER64 832 * 0x46 <len> ... 833 */ 834enum asn_err 835asn_get_counter64_raw(struct asn_buf *b, asn_len_t len, uint64_t *vp) 836{ 837 return (asn_get_real_unsigned(b, len, vp)); 838} 839 840enum asn_err 841asn_put_counter64(struct asn_buf *b, uint64_t val) 842{ 843 return (asn_put_real_unsigned(b, 844 ASN_CLASS_APPLICATION | ASN_APP_COUNTER64, val)); 845} 846 847/* 848 * TimeTicks 849 * 0x43 <len> ... 850 */ 851enum asn_err 852asn_get_timeticks(struct asn_buf *b, uint32_t *vp) 853{ 854 asn_len_t len; 855 u_char type; 856 enum asn_err err; 857 858 if ((err = asn_get_header(b, &type, &len)) != ASN_ERR_OK) 859 return (err); 860 if (type != (ASN_CLASS_APPLICATION|ASN_APP_TIMETICKS)) { 861 asn_error(b, "bad type for timeticks %u", type); 862 return (ASN_ERR_TAG); 863 } 864 return (asn_get_uint32_raw(b, len, vp)); 865} 866 867enum asn_err 868asn_put_timeticks(struct asn_buf *b, uint32_t val) 869{ 870 uint64_t v = val; 871 872 return (asn_put_real_unsigned(b, 873 ASN_CLASS_APPLICATION | ASN_APP_TIMETICKS, v)); 874} 875 876/* 877 * Construct a new OID by taking a range of sub ids of the original oid. 878 */ 879void 880asn_slice_oid(struct asn_oid *dest, const struct asn_oid *src, 881 u_int from, u_int to) 882{ 883 if (from >= to) { 884 dest->len = 0; 885 return; 886 } 887 dest->len = to - from; 888 memcpy(dest->subs, &src->subs[from], dest->len * sizeof(dest->subs[0])); 889} 890 891/* 892 * Append from to to 893 */ 894void 895asn_append_oid(struct asn_oid *to, const struct asn_oid *from) 896{ 897 memcpy(&to->subs[to->len], &from->subs[0], 898 from->len * sizeof(from->subs[0])); 899 to->len += from->len; 900} 901 902/* 903 * Skip a value 904 */ 905enum asn_err 906asn_skip(struct asn_buf *b, asn_len_t len) 907{ 908 if (b->asn_len < len) 909 return (ASN_ERR_EOBUF); 910 b->asn_cptr += len; 911 b->asn_len -= len; 912 return (ASN_ERR_OK); 913} 914 915/* 916 * Compare two OIDs. 917 * 918 * o1 < o2 : -1 919 * o1 > o2 : +1 920 * o1 = o2 : 0 921 */ 922int 923asn_compare_oid(const struct asn_oid *o1, const struct asn_oid *o2) 924{ 925 u_long i; 926 927 for (i = 0; i < o1->len && i < o2->len; i++) { 928 if (o1->subs[i] < o2->subs[i]) 929 return (-1); 930 if (o1->subs[i] > o2->subs[i]) 931 return (+1); 932 } 933 if (o1->len < o2->len) 934 return (-1); 935 if (o1->len > o2->len) 936 return (+1); 937 return (0); 938} 939 940/* 941 * Check whether an OID is a sub-string of another OID. 942 */ 943int 944asn_is_suboid(const struct asn_oid *o1, const struct asn_oid *o2) 945{ 946 u_long i; 947 948 for (i = 0; i < o1->len; i++) 949 if (i >= o2->len || o1->subs[i] != o2->subs[i]) 950 return (0); 951 return (1); 952} 953 954/* 955 * Put a string representation of an oid into a user buffer. This buffer 956 * is assumed to be at least ASN_OIDSTRLEN characters long. 957 * 958 * sprintf is assumed not to fail here. 959 */ 960char * 961asn_oid2str_r(const struct asn_oid *oid, char *buf) 962{ 963 u_int len, i; 964 char *ptr; 965 966 if ((len = oid->len) > ASN_MAXOIDLEN) 967 len = ASN_MAXOIDLEN; 968 buf[0] = '\0'; 969 for (i = 0, ptr = buf; i < len; i++) { 970 if (i > 0) 971 *ptr++ = '.'; 972 ptr += sprintf(ptr, "%u", oid->subs[i]); 973 } 974 return (buf); 975} 976 977/* 978 * Make a string from an OID in a private buffer. 979 */ 980char * 981asn_oid2str(const struct asn_oid *oid) 982{ 983 static char str[ASN_OIDSTRLEN]; 984 985 return (asn_oid2str_r(oid, str)); 986} 987 988 989static void 990asn_error_func(const struct asn_buf *b, const char *err, ...) 991{ 992 va_list ap; 993 u_long i; 994 995 fprintf(stderr, "ASN.1: "); 996 va_start(ap, err); 997 vfprintf(stderr, err, ap); 998 va_end(ap); 999 1000 if (b != NULL) { 1001 fprintf(stderr, " at"); 1002 for (i = 0; b->asn_len > i; i++) 1003 fprintf(stderr, " %02x", b->asn_cptr[i]); 1004 } 1005 fprintf(stderr, "\n"); 1006} 1007