dist/wpa/src/tls/asn1.c

   1 /*
   2  * ASN.1 DER parsing
   3  * Copyright (c) 2006, Jouni Malinen <j@w1.fi>
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License version 2 as
   7  * published by the Free Software Foundation.
   8  *
   9  * Alternatively, this software may be distributed under the terms of BSD
  10  * license.
  11  *
  12  * See README and COPYING for more details.
  13  */
  14
  15 #include "includes.h"
  16
  17 #include "common.h"
  18
  19 #ifdef CONFIG_INTERNAL_X509
  20
  21 #include "asn1.h"
  22
  23 int asn1_get_next(const u8 *buf, size_t len, struct asn1_hdr *hdr)
  24 {
  25         const u8 *pos, *end;
  26         u8 tmp;
  27
  28         os_memset(hdr, 0, sizeof(*hdr));
  29         pos = buf;
  30         end = buf + len;
  31
  32         hdr->identifier = *pos++;
  33         hdr->class = hdr->identifier >> 6;
  34         hdr->constructed = !!(hdr->identifier & (1 << 5));
  35
  36         if ((hdr->identifier & 0x1f) == 0x1f) {
  37                 hdr->tag = 0;
  38                 do {
  39                         if (pos >= end) {
  40                                 wpa_printf(MSG_DEBUG, "ASN.1: Identifier "
  41                                            "underflow");
  42                                 return -1;
  43                         }
  44                         tmp = *pos++;
  45                         wpa_printf(MSG_MSGDUMP, "ASN.1: Extended tag data: "
  46                                    "0x%02x", tmp);
  47                         hdr->tag = (hdr->tag << 7) | (tmp & 0x7f);
  48                 } while (tmp & 0x80);
  49         } else
  50                 hdr->tag = hdr->identifier & 0x1f;
  51
  52         tmp = *pos++;
  53         if (tmp & 0x80) {
  54                 if (tmp == 0xff) {
  55                         wpa_printf(MSG_DEBUG, "ASN.1: Reserved length "
  56                                    "value 0xff used");
  57                         return -1;
  58                 }
  59                 tmp &= 0x7f; /* number of subsequent octets */
  60                 hdr->length = 0;
  61                 if (tmp > 4) {
  62                         wpa_printf(MSG_DEBUG, "ASN.1: Too long length field");
  63                         return -1;
  64                 }
  65                 while (tmp--) {
  66                         if (pos >= end) {
  67                                 wpa_printf(MSG_DEBUG, "ASN.1: Length "
  68                                            "underflow");
  69                                 return -1;
  70                         }
  71                         hdr->length = (hdr->length << 8) | *pos++;
  72                 }
  73         } else {
  74                 /* Short form - length 0..127 in one octet */
  75                 hdr->length = tmp;
  76         }
  77
  78         if (end < pos || hdr->length > (unsigned int) (end - pos)) {
  79                 wpa_printf(MSG_DEBUG, "ASN.1: Contents underflow");
  80                 return -1;
  81         }
  82
  83         hdr->payload = pos;
  84         return 0;
  85 }
  86
  87
  88 int asn1_get_oid(const u8 *buf, size_t len, struct asn1_oid *oid,
  89                  const u8 **next)
  90 {
  91         struct asn1_hdr hdr;
  92         const u8 *pos, *end;
  93         unsigned long val;
  94         u8 tmp;
  95
  96         os_memset(oid, 0, sizeof(*oid));
  97
  98         if (asn1_get_next(buf, len, &hdr) < 0 || hdr.length == 0)
  99                 return -1;
 100
 101         if (hdr.class != ASN1_CLASS_UNIVERSAL || hdr.tag != ASN1_TAG_OID) {
 102                 wpa_printf(MSG_DEBUG, "ASN.1: Expected OID - found class %d "
 103                            "tag 0x%x", hdr.class, hdr.tag);
 104                 return -1;
 105         }
 106
 107         pos = hdr.payload;
 108         end = hdr.payload + hdr.length;
 109         *next = end;
 110
 111         while (pos < end) {
 112                 val = 0;
 113
 114                 do {
 115                         if (pos >= end)
 116                                 return -1;
 117                         tmp = *pos++;
 118                         val = (val << 7) | (tmp & 0x7f);
 119                 } while (tmp & 0x80);
 120
 121                 if (oid->len >= ASN1_MAX_OID_LEN) {
 122                         wpa_printf(MSG_DEBUG, "ASN.1: Too long OID value");
 123                         return -1;
 124                 }
 125                 if (oid->len == 0) {
 126                         /*
 127                          * The first octet encodes the first two object
 128                          * identifier components in (X*40) + Y formula.
 129                          * X = 0..2.
 130                          */
 131                         oid->oid[0] = val / 40;
 132                         if (oid->oid[0] > 2)
 133                                 oid->oid[0] = 2;
 134                         oid->oid[1] = val - oid->oid[0] * 40;
 135                         oid->len = 2;
 136                 } else
 137                         oid->oid[oid->len++] = val;
 138         }
 139
 140         return 0;
 141 }
 142
 143
 144 void asn1_oid_to_str(struct asn1_oid *oid, char *buf, size_t len)
 145 {
 146         char *pos = buf;
 147         size_t i;
 148         int ret;
 149
 150         if (len == 0)
 151                 return;
 152
 153         buf[0] = '\0';
 154
 155         for (i = 0; i < oid->len; i++) {
 156                 ret = os_snprintf(pos, buf + len - pos,
 157                                   "%s%lu",
 158                                   i == 0 ? "" : ".", oid->oid[i]);
 159                 if (ret < 0 || ret >= buf + len - pos)
 160                         break;
 161                 pos += ret;
 162         }
 163         buf[len - 1] = '\0';
 164 }
 165
 166
 167 static u8 rotate_bits(u8 octet)
 168 {
 169         int i;
 170         u8 res;
 171
 172         res = 0;
 173         for (i = 0; i < 8; i++) {
 174                 res <<= 1;
 175                 if (octet & 1)
 176                         res |= 1;
 177                 octet >>= 1;
 178         }
 179
 180         return res;
 181 }
 182
 183
 184 unsigned long asn1_bit_string_to_long(const u8 *buf, size_t len)
 185 {
 186         unsigned long val = 0;
 187         const u8 *pos = buf;
 188
 189         /* BER requires that unused bits are zero, so we can ignore the number
 190          * of unused bits */
 191         pos++;
 192
 193         if (len >= 2)
 194                 val |= rotate_bits(*pos++);
 195         if (len >= 3)
 196                 val |= ((unsigned long) rotate_bits(*pos++)) << 8;
 197         if (len >= 4)
 198                 val |= ((unsigned long) rotate_bits(*pos++)) << 16;
 199         if (len >= 5)
 200                 val |= ((unsigned long) rotate_bits(*pos++)) << 24;
 201         if (len >= 6)
 202                 wpa_printf(MSG_DEBUG, "X509: %s - some bits ignored "
 203                            "(BIT STRING length %lu)",
 204                            __func__, (unsigned long) len);
 205
 206         return val;
 207 }
 208
 209 #endif /* CONFIG_INTERNAL_X509 */