Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(121)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mozilla/security/nss/lib/util/secasn1e.c

Issue 14249009: Change the NSS and NSPR source tree to the new directory structure to be (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « mozilla/security/nss/lib/util/secasn1d.c ('k') | mozilla/security/nss/lib/util/secasn1t.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5 /*
6 * Support for ENcoding ASN.1 data based on BER/DER (Basic/Distinguished
7 * Encoding Rules).
8 *
9 * $Id: secasn1e.c,v 1.23 2012/04/25 14:50:16 gerv%gerv.net Exp $
10 */
11
12 #include "secasn1.h"
13
14 typedef enum {
15 beforeHeader,
16 duringContents,
17 duringGroup,
18 duringSequence,
19 afterContents,
20 afterImplicit,
21 afterInline,
22 afterPointer,
23 afterChoice,
24 notInUse
25 } sec_asn1e_parse_place;
26
27 typedef enum {
28 allDone,
29 encodeError,
30 keepGoing,
31 needBytes
32 } sec_asn1e_parse_status;
33
34 typedef enum {
35 hdr_normal = 0, /* encode header normally */
36 hdr_any = 1, /* header already encoded in content */
37 hdr_decoder = 2, /* template only used by decoder. skip it. */
38 hdr_optional = 3, /* optional component, to be omitted */
39 hdr_placeholder = 4 /* place holder for from_buf content */
40 } sec_asn1e_hdr_encoding;
41
42 typedef struct sec_asn1e_state_struct {
43 SEC_ASN1EncoderContext *top;
44 const SEC_ASN1Template *theTemplate;
45 void *src;
46
47 struct sec_asn1e_state_struct *parent; /* aka prev */
48 struct sec_asn1e_state_struct *child; /* aka next */
49
50 sec_asn1e_parse_place place; /* where we are in encoding process */
51
52 /*
53 * XXX explain the next fields as clearly as possible...
54 */
55 unsigned char tag_modifiers;
56 unsigned char tag_number;
57 unsigned long underlying_kind;
58
59 int depth;
60
61 PRBool isExplicit, /* we are handling an isExplicit header */
62 indefinite, /* need end-of-contents */
63 is_string, /* encoding a simple string or an ANY */
64 may_stream, /* when streaming, do indefinite encoding */
65 optional, /* omit field if it has no contents */
66 disallowStreaming; /* disallow streaming in all sub-templates */
67 } sec_asn1e_state;
68
69 /*
70 * An "outsider" will have an opaque pointer to this, created by calling
71 * SEC_ASN1EncoderStart(). It will be passed back in to all subsequent
72 * calls to SEC_ASN1EncoderUpdate() and related routines, and when done
73 * it is passed to SEC_ASN1EncoderFinish().
74 */
75 struct sec_EncoderContext_struct {
76 PRArenaPool *our_pool; /* for our internal allocs */
77
78 sec_asn1e_state *current;
79 sec_asn1e_parse_status status;
80
81 PRBool streaming;
82 PRBool from_buf;
83
84 SEC_ASN1NotifyProc notify_proc; /* call before/after handling field */
85 void *notify_arg; /* argument to notify_proc */
86 PRBool during_notify; /* true during call to notify_proc */
87
88 SEC_ASN1WriteProc output_proc; /* pass encoded bytes to this */
89 void *output_arg; /* argument to that function */
90 };
91
92
93 static sec_asn1e_state *
94 sec_asn1e_push_state (SEC_ASN1EncoderContext *cx,
95 const SEC_ASN1Template *theTemplate,
96 const void *src, PRBool new_depth)
97 {
98 sec_asn1e_state *state, *new_state;
99
100 state = cx->current;
101
102 new_state = (sec_asn1e_state*)PORT_ArenaZAlloc (cx->our_pool,
103 sizeof(*new_state));
104 if (new_state == NULL) {
105 cx->status = encodeError;
106 return NULL;
107 }
108
109 new_state->top = cx;
110 new_state->parent = state;
111 new_state->theTemplate = theTemplate;
112 new_state->place = notInUse;
113 if (src != NULL)
114 new_state->src = (char *)src + theTemplate->offset;
115
116 if (state != NULL) {
117 new_state->depth = state->depth;
118 if (new_depth)
119 new_state->depth++;
120 state->child = new_state;
121 }
122
123 cx->current = new_state;
124 return new_state;
125 }
126
127
128 static void
129 sec_asn1e_scrub_state (sec_asn1e_state *state)
130 {
131 /*
132 * Some default "scrubbing".
133 * XXX right set of initializations?
134 */
135 state->place = beforeHeader;
136 state->indefinite = PR_FALSE;
137 }
138
139
140 static void
141 sec_asn1e_notify_before (SEC_ASN1EncoderContext *cx, void *src, int depth)
142 {
143 if (cx->notify_proc == NULL)
144 return;
145
146 cx->during_notify = PR_TRUE;
147 (* cx->notify_proc) (cx->notify_arg, PR_TRUE, src, depth);
148 cx->during_notify = PR_FALSE;
149 }
150
151
152 static void
153 sec_asn1e_notify_after (SEC_ASN1EncoderContext *cx, void *src, int depth)
154 {
155 if (cx->notify_proc == NULL)
156 return;
157
158 cx->during_notify = PR_TRUE;
159 (* cx->notify_proc) (cx->notify_arg, PR_FALSE, src, depth);
160 cx->during_notify = PR_FALSE;
161 }
162
163
164 static sec_asn1e_state *
165 sec_asn1e_init_state_based_on_template (sec_asn1e_state *state)
166 {
167 PRBool isExplicit, is_string, may_stream, optional, universal;
168 PRBool disallowStreaming;
169 unsigned char tag_modifiers;
170 unsigned long encode_kind, under_kind;
171 unsigned long tag_number;
172 PRBool isInline = PR_FALSE;
173
174
175 encode_kind = state->theTemplate->kind;
176
177 universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
178 ? PR_TRUE : PR_FALSE;
179
180 isExplicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
181 encode_kind &= ~SEC_ASN1_EXPLICIT;
182
183 optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
184 encode_kind &= ~SEC_ASN1_OPTIONAL;
185
186 PORT_Assert (!(isExplicit && universal)); /* bad templates */
187
188 may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE;
189 encode_kind &= ~SEC_ASN1_MAY_STREAM;
190
191 disallowStreaming = (encode_kind & SEC_ASN1_NO_STREAM) ? PR_TRUE : PR_FALSE;
192 encode_kind &= ~SEC_ASN1_NO_STREAM;
193
194 /* Just clear this to get it out of the way; we do not need it here */
195 encode_kind &= ~SEC_ASN1_DYNAMIC;
196
197 if( encode_kind & SEC_ASN1_CHOICE ) {
198 under_kind = SEC_ASN1_CHOICE;
199 } else if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) ||
200 (!universal && !isExplicit)) {
201 const SEC_ASN1Template *subt;
202 void *src = NULL;
203
204 PORT_Assert ((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0);
205
206 sec_asn1e_scrub_state (state);
207
208 if (encode_kind & SEC_ASN1_POINTER) {
209 src = *(void **)state->src;
210 state->place = afterPointer;
211
212 if (src == NULL) {
213 /*
214 * If this is optional, but NULL, then the field does
215 * not need to be encoded. In this case we are done;
216 * we do not want to push a subtemplate.
217 */
218 if (optional)
219 return state;
220
221 /*
222 * XXX this is an error; need to figure out
223 * how to handle this
224 */
225 }
226 } else {
227 src = state->src;
228 if (encode_kind & SEC_ASN1_INLINE) {
229 /* check that there are no extraneous bits */
230 /* PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional); */
231 state->place = afterInline;
232 isInline = PR_TRUE;
233 } else {
234 /*
235 * Save the tag modifiers and tag number here before moving
236 * on to the next state in case this is a member of a
237 * SEQUENCE OF
238 */
239 state->tag_modifiers = (unsigned char)
240 (encode_kind & (SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK));
241 state->tag_number = (unsigned char)
242 (encode_kind & SEC_ASN1_TAGNUM_MASK);
243
244 state->place = afterImplicit;
245 state->optional = optional;
246 }
247 }
248
249 subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->src, PR_TRUE);
250 if (isInline && optional) {
251 /* we only handle a very limited set of optional inline cases at
252 this time */
253 if (PR_FALSE != SEC_ASN1IsTemplateSimple(subt)) {
254 /* we now know that the target is a SECItem*, so we can check
255 if the source contains one */
256 SECItem* target = (SECItem*)state->src;
257 if (!target || !target->data || !target->len) {
258 /* no valid data to encode subtemplate */
259 return state;
260 }
261 } else {
262 PORT_Assert(0); /* complex templates are not handled as
263 inline optional */
264 }
265 }
266 state = sec_asn1e_push_state (state->top, subt, src, PR_FALSE);
267 if (state == NULL)
268 return state;
269
270 if (universal) {
271 /*
272 * This is a POINTER or INLINE; just init based on that
273 * and we are done.
274 */
275 return sec_asn1e_init_state_based_on_template (state);
276 }
277
278 /*
279 * This is an implicit, non-universal (meaning, application-private
280 * or context-specific) field. This results in a "magic" tag but
281 * encoding based on the underlying type. We pushed a new state
282 * that is based on the subtemplate (the underlying type), but
283 * now we will sort of alias it to give it some of our properties
284 * (tag, optional status, etc.).
285 *
286 * NB: ALL the following flags in the subtemplate are disallowed
287 * and/or ignored: EXPLICIT, OPTIONAL, INNER, INLINE, POINTER.
288 */
289
290 under_kind = state->theTemplate->kind;
291 if ((under_kind & SEC_ASN1_MAY_STREAM) && !disallowStreaming) {
292 may_stream = PR_TRUE;
293 }
294 under_kind &= ~(SEC_ASN1_MAY_STREAM | SEC_ASN1_DYNAMIC);
295 } else {
296 under_kind = encode_kind;
297 }
298
299 /*
300 * Sanity check that there are no unwanted bits marked in under_kind.
301 * These bits were either removed above (after we recorded them) or
302 * they simply should not be found (signalling a bad/broken template).
303 * XXX is this the right set of bits to test here? (i.e. need to add
304 * or remove any?)
305 */
306 #define UNEXPECTED_FLAGS \
307 (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_SKIP | SEC_ASN1_INNER | \
308 SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM | SEC_ASN1_INLINE | SEC_ASN1_POINTER)
309
310 PORT_Assert ((under_kind & UNEXPECTED_FLAGS) == 0);
311 under_kind &= ~UNEXPECTED_FLAGS;
312 #undef UNEXPECTED_FLAGS
313
314 if (encode_kind & SEC_ASN1_ANY) {
315 PORT_Assert (encode_kind == under_kind);
316 tag_modifiers = 0;
317 tag_number = 0;
318 is_string = PR_TRUE;
319 } else {
320 tag_modifiers = (unsigned char)
321 (encode_kind & (SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK));
322 /*
323 * XXX This assumes only single-octet identifiers. To handle
324 * the HIGH TAG form we would need to do some more work, especially
325 * in how to specify them in the template, because right now we
326 * do not provide a way to specify more *tag* bits in encode_kind.
327 */
328 tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK;
329
330 is_string = PR_FALSE;
331 switch (under_kind & SEC_ASN1_TAGNUM_MASK) {
332 case SEC_ASN1_SET:
333 /*
334 * XXX A plain old SET (as opposed to a SET OF) is not implemented.
335 * If it ever is, remove this assert...
336 */
337 PORT_Assert ((under_kind & SEC_ASN1_GROUP) != 0);
338 /* fallthru */
339 case SEC_ASN1_SEQUENCE:
340 tag_modifiers |= SEC_ASN1_CONSTRUCTED;
341 break;
342 case SEC_ASN1_BIT_STRING:
343 case SEC_ASN1_BMP_STRING:
344 case SEC_ASN1_GENERALIZED_TIME:
345 case SEC_ASN1_IA5_STRING:
346 case SEC_ASN1_OCTET_STRING:
347 case SEC_ASN1_PRINTABLE_STRING:
348 case SEC_ASN1_T61_STRING:
349 case SEC_ASN1_UNIVERSAL_STRING:
350 case SEC_ASN1_UTC_TIME:
351 case SEC_ASN1_UTF8_STRING:
352 case SEC_ASN1_VISIBLE_STRING:
353 /*
354 * We do not yet know if we will be constructing the string,
355 * so we have to wait to do this final tag modification.
356 */
357 is_string = PR_TRUE;
358 break;
359 }
360 }
361
362 state->tag_modifiers = tag_modifiers;
363 state->tag_number = (unsigned char)tag_number;
364 state->underlying_kind = under_kind;
365 state->isExplicit = isExplicit;
366 state->may_stream = may_stream;
367 state->is_string = is_string;
368 state->optional = optional;
369 state->disallowStreaming = disallowStreaming;
370
371 sec_asn1e_scrub_state (state);
372
373 return state;
374 }
375
376
377 static void
378 sec_asn1e_write_part (sec_asn1e_state *state,
379 const char *buf, unsigned long len,
380 SEC_ASN1EncodingPart part)
381 {
382 SEC_ASN1EncoderContext *cx;
383
384 cx = state->top;
385 (* cx->output_proc) (cx->output_arg, buf, len, state->depth, part);
386 }
387
388
389 /*
390 * XXX This assumes only single-octet identifiers. To handle
391 * the HIGH TAG form we would need to modify this interface and
392 * teach it to properly encode the special form.
393 */
394 static void
395 sec_asn1e_write_identifier_bytes (sec_asn1e_state *state, unsigned char value)
396 {
397 char byte;
398
399 byte = (char) value;
400 sec_asn1e_write_part (state, &byte, 1, SEC_ASN1_Identifier);
401 }
402
403 int
404 SEC_ASN1EncodeLength(unsigned char *buf,int value) {
405 int lenlen;
406
407 lenlen = SEC_ASN1LengthLength (value);
408 if (lenlen == 1) {
409 buf[0] = value;
410 } else {
411 int i;
412
413 i = lenlen - 1;
414 buf[0] = 0x80 | i;
415 while (i) {
416 buf[i--] = value;
417 value >>= 8;
418 }
419 PORT_Assert (value == 0);
420 }
421 return lenlen;
422 }
423
424 static void
425 sec_asn1e_write_length_bytes (sec_asn1e_state *state, unsigned long value,
426 PRBool indefinite)
427 {
428 int lenlen;
429 unsigned char buf[sizeof(unsigned long) + 1];
430
431 if (indefinite) {
432 PORT_Assert (value == 0);
433 buf[0] = 0x80;
434 lenlen = 1;
435 } else {
436 lenlen = SEC_ASN1EncodeLength(buf,value);
437 }
438
439 sec_asn1e_write_part (state, (char *) buf, lenlen, SEC_ASN1_Length);
440 }
441
442
443 static void
444 sec_asn1e_write_contents_bytes (sec_asn1e_state *state,
445 const char *buf, unsigned long len)
446 {
447 sec_asn1e_write_part (state, buf, len, SEC_ASN1_Contents);
448 }
449
450
451 static void
452 sec_asn1e_write_end_of_contents_bytes (sec_asn1e_state *state)
453 {
454 const char eoc[2] = {0, 0};
455
456 sec_asn1e_write_part (state, eoc, 2, SEC_ASN1_EndOfContents);
457 }
458
459 static int
460 sec_asn1e_which_choice
461 (
462 void *src,
463 const SEC_ASN1Template *theTemplate
464 )
465 {
466 int rv;
467 unsigned int which = *(unsigned int *)src;
468
469 for( rv = 1, theTemplate++; theTemplate->kind != 0; rv++, theTemplate++ ) {
470 if( which == theTemplate->size ) {
471 return rv;
472 }
473 }
474
475 return 0;
476 }
477
478 static unsigned long
479 sec_asn1e_contents_length (const SEC_ASN1Template *theTemplate, void *src,
480 PRBool disallowStreaming, PRBool insideIndefinite,
481 sec_asn1e_hdr_encoding *pHdrException)
482 {
483 unsigned long encode_kind, underlying_kind;
484 PRBool isExplicit, optional, universal, may_stream;
485 unsigned long len;
486
487 /*
488 * This function currently calculates the length in all cases
489 * except the following: when writing out the contents of a
490 * template that belongs to a state where it was a sub-template
491 * with the SEC_ASN1_MAY_STREAM bit set and it's parent had the
492 * optional bit set. The information that the parent is optional
493 * and that we should return the length of 0 when that length is
494 * present since that means the optional field is no longer present.
495 * So we add the disallowStreaming flag which is passed in when
496 * writing the contents, but for all recursive calls to
497 * sec_asn1e_contents_length, we pass PR_FALSE, because this
498 * function correctly calculates the length for children templates
499 * from that point on. Confused yet? At least you didn't have
500 * to figure it out. ;) -javi
501 */
502 encode_kind = theTemplate->kind;
503
504 universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
505 ? PR_TRUE : PR_FALSE;
506
507 isExplicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
508 encode_kind &= ~SEC_ASN1_EXPLICIT;
509
510 optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
511 encode_kind &= ~SEC_ASN1_OPTIONAL;
512
513 PORT_Assert (!(isExplicit && universal)); /* bad templates */
514
515 may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE;
516 encode_kind &= ~SEC_ASN1_MAY_STREAM;
517
518 /* Just clear this to get it out of the way; we do not need it here */
519 encode_kind &= ~SEC_ASN1_DYNAMIC;
520
521 if (encode_kind & SEC_ASN1_NO_STREAM) {
522 disallowStreaming = PR_TRUE;
523 }
524 encode_kind &= ~SEC_ASN1_NO_STREAM;
525
526 if (encode_kind & SEC_ASN1_CHOICE) {
527 void *src2;
528 int indx = sec_asn1e_which_choice(src, theTemplate);
529 if (0 == indx) {
530 /* XXX set an error? "choice not found" */
531 /* state->top->status = encodeError; */
532 return 0;
533 }
534
535 src2 = (void *)
536 ((char *)src - theTemplate->offset + theTemplate[indx].offset);
537
538 return sec_asn1e_contents_length(&theTemplate[indx], src2,
539 disallowStreaming, insideIndefinite,
540 pHdrException);
541 }
542
543 if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || !universal) {
544 /* XXX any bits we want to disallow (PORT_Assert against) here? */
545 theTemplate = SEC_ASN1GetSubtemplate (theTemplate, src, PR_TRUE);
546 if (encode_kind & SEC_ASN1_POINTER) {
547 src = *(void **)src;
548 if (src == NULL) {
549 *pHdrException = optional ? hdr_optional : hdr_normal;
550 return 0;
551 }
552 } else if (encode_kind & SEC_ASN1_INLINE) {
553 /* check that there are no extraneous bits */
554 if (optional) {
555 if (PR_FALSE != SEC_ASN1IsTemplateSimple(theTemplate)) {
556 /* we now know that the target is a SECItem*, so we can chec k
557 if the source contains one */
558 SECItem* target = (SECItem*)src;
559 if (!target || !target->data || !target->len) {
560 /* no valid data to encode subtemplate */
561 *pHdrException = hdr_optional;
562 return 0;
563 }
564 } else {
565 PORT_Assert(0); /* complex templates not handled as inline
566 optional */
567 }
568 }
569 }
570
571 src = (char *)src + theTemplate->offset;
572
573 /* recurse to find the length of the subtemplate */
574 len = sec_asn1e_contents_length (theTemplate, src, disallowStreaming,
575 insideIndefinite, pHdrException);
576 if (len == 0 && optional) {
577 *pHdrException = hdr_optional;
578 } else if (isExplicit) {
579 if (*pHdrException == hdr_any) {
580 /* *we* do not want to add in a header,
581 ** but our caller still does.
582 */
583 *pHdrException = hdr_normal;
584 } else if (*pHdrException == hdr_normal) {
585 /* if the inner content exists, our length is
586 * len(identifier) + len(length) + len(innercontent)
587 * XXX we currently assume len(identifier) == 1;
588 * to support a high-tag-number this would need to be smarter.
589 */
590 len += 1 + SEC_ASN1LengthLength (len);
591 }
592 }
593 return len;
594 }
595 underlying_kind = encode_kind;
596
597 /* This is only used in decoding; it plays no part in encoding. */
598 if (underlying_kind & SEC_ASN1_SAVE) {
599 /* check that there are no extraneous bits */
600 PORT_Assert (underlying_kind == SEC_ASN1_SAVE);
601 *pHdrException = hdr_decoder;
602 return 0;
603 }
604
605 #define UNEXPECTED_FLAGS \
606 (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_INLINE | SEC_ASN1_POINTER |\
607 SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM | SEC_ASN1_SAVE | SEC_ASN1_SKIP)
608
609 /* Having any of these bits is not expected here... */
610 PORT_Assert ((underlying_kind & UNEXPECTED_FLAGS) == 0);
611 underlying_kind &= ~UNEXPECTED_FLAGS;
612 #undef UNEXPECTED_FLAGS
613
614 if (underlying_kind & SEC_ASN1_CHOICE) {
615 void *src2;
616 int indx = sec_asn1e_which_choice(src, theTemplate);
617 if (0 == indx) {
618 /* XXX set an error? "choice not found" */
619 /* state->top->status = encodeError; */
620 return 0;
621 }
622
623 src2 = (void *)
624 ((char *)src - theTemplate->offset + theTemplate[indx].offset);
625 len = sec_asn1e_contents_length(&theTemplate[indx], src2,
626 disallowStreaming, insideIndefinite,
627 pHdrException);
628 } else {
629 switch (underlying_kind) {
630 case SEC_ASN1_SEQUENCE_OF:
631 case SEC_ASN1_SET_OF:
632 {
633 const SEC_ASN1Template *tmpt;
634 void *sub_src;
635 unsigned long sub_len;
636 void **group;
637
638 len = 0;
639
640 group = *(void ***)src;
641 if (group == NULL)
642 break;
643
644 tmpt = SEC_ASN1GetSubtemplate (theTemplate, src, PR_TRUE);
645
646 for (; *group != NULL; group++) {
647 sub_src = (char *)(*group) + tmpt->offset;
648 sub_len = sec_asn1e_contents_length (tmpt, sub_src,
649 disallowStreaming,
650 insideIndefinite,
651 pHdrException);
652 len += sub_len;
653 /*
654 * XXX The 1 below is the presumed length of the identifier;
655 * to support a high-tag-number this would need to be smarter.
656 */
657 if (*pHdrException == hdr_normal)
658 len += 1 + SEC_ASN1LengthLength (sub_len);
659 }
660 }
661 break;
662
663 case SEC_ASN1_SEQUENCE:
664 case SEC_ASN1_SET:
665 {
666 const SEC_ASN1Template *tmpt;
667 void *sub_src;
668 unsigned long sub_len;
669
670 len = 0;
671 for (tmpt = theTemplate + 1; tmpt->kind; tmpt++) {
672 sub_src = (char *)src + tmpt->offset;
673 sub_len = sec_asn1e_contents_length (tmpt, sub_src,
674 disallowStreaming,
675 insideIndefinite,
676 pHdrException);
677 len += sub_len;
678 /*
679 * XXX The 1 below is the presumed length of the identifier;
680 * to support a high-tag-number this would need to be smarter.
681 */
682 if (*pHdrException == hdr_normal)
683 len += 1 + SEC_ASN1LengthLength (sub_len);
684 }
685 }
686 break;
687
688 case SEC_ASN1_BIT_STRING:
689 /* convert bit length to byte */
690 len = (((SECItem *)src)->len + 7) >> 3;
691 /* bit string contents involve an extra octet */
692 if (len)
693 len++;
694 break;
695
696 case SEC_ASN1_INTEGER:
697 /* ASN.1 INTEGERs are signed.
698 * If the source is an unsigned integer, the encoder will need
699 * to handle the conversion here.
700 */
701 {
702 unsigned char *buf = ((SECItem *)src)->data;
703 SECItemType integerType = ((SECItem *)src)->type;
704 len = ((SECItem *)src)->len;
705 while (len > 0) {
706 if (*buf != 0) {
707 if (*buf & 0x80 && integerType == siUnsignedInteger) {
708 len++; /* leading zero needed to make number signed */
709 }
710 break; /* reached beginning of number */
711 }
712 if (len == 1) {
713 break; /* the number 0 */
714 }
715 if (buf[1] & 0x80) {
716 break; /* leading zero already present */
717 }
718 /* extraneous leading zero, keep going */
719 buf++;
720 len--;
721 }
722 }
723 break;
724
725 default:
726 len = ((SECItem *)src)->len;
727 break;
728 } /* end switch */
729
730 #ifndef WHAT_PROBLEM_DOES_THIS_SOLVE
731 /* if we're streaming, we may have a secitem w/len 0 as placeholder */
732 if (!len && insideIndefinite && may_stream && !disallowStreaming) {
733 len = 1;
734 }
735 #endif
736 } /* end else */
737
738 if (len == 0 && optional)
739 *pHdrException = hdr_optional;
740 else if (underlying_kind == SEC_ASN1_ANY)
741 *pHdrException = hdr_any;
742 else
743 *pHdrException = hdr_normal;
744
745 return len;
746 }
747
748
749 static void
750 sec_asn1e_write_header (sec_asn1e_state *state)
751 {
752 unsigned long contents_length;
753 unsigned char tag_number, tag_modifiers;
754 sec_asn1e_hdr_encoding hdrException = hdr_normal;
755 PRBool indefinite = PR_FALSE;
756
757 PORT_Assert (state->place == beforeHeader);
758
759 tag_number = state->tag_number;
760 tag_modifiers = state->tag_modifiers;
761
762 if (state->underlying_kind == SEC_ASN1_ANY) {
763 state->place = duringContents;
764 return;
765 }
766
767 if (state->underlying_kind & SEC_ASN1_CHOICE) {
768 int indx = sec_asn1e_which_choice(state->src, state->theTemplate);
769 if( 0 == indx ) {
770 /* XXX set an error? "choice not found" */
771 state->top->status = encodeError;
772 return;
773 }
774 state->place = afterChoice;
775 state = sec_asn1e_push_state(state->top, &state->theTemplate[indx],
776 (char *)state->src - state->theTemplate->offset,
777 PR_TRUE);
778 if (state) {
779 /*
780 * Do the "before" field notification.
781 */
782 sec_asn1e_notify_before (state->top, state->src, state->depth);
783 state = sec_asn1e_init_state_based_on_template (state);
784 }
785 return;
786 }
787
788 /* The !isString test below is apparently intended to ensure that all
789 ** constructed types receive indefinite length encoding.
790 */
791 indefinite = (PRBool)
792 (state->top->streaming && state->may_stream &&
793 (state->top->from_buf || !state->is_string));
794
795 /*
796 * If we are doing a definite-length encoding, first we have to
797 * walk the data structure to calculate the entire contents length.
798 * If we are doing an indefinite-length encoding, we still need to
799 * know if the contents is:
800 * optional and to be omitted, or
801 * an ANY (header is pre-encoded), or
802 * a SAVE or some other kind of template used only by the decoder.
803 * So, we call this function either way.
804 */
805 contents_length = sec_asn1e_contents_length (state->theTemplate,
806 state->src,
807 state->disallowStreaming,
808 indefinite,
809 &hdrException);
810 /*
811 * We might be told explicitly not to put out a header.
812 * But it can also be the case, via a pushed subtemplate, that
813 * sec_asn1e_contents_length could not know that this field is
814 * really optional. So check for that explicitly, too.
815 */
816 if (hdrException != hdr_normal ||
817 (contents_length == 0 && state->optional)) {
818 state->place = afterContents;
819 if (state->top->streaming &&
820 state->may_stream &&
821 state->top->from_buf) {
822 /* we did not find an optional indefinite string, so we
823 * don't encode it. However, if TakeFromBuf is on, we stop
824 * here anyway to give our caller a chance to intercept at the
825 * same point where we would stop if the field were present.
826 */
827 state->top->status = needBytes;
828 }
829 return;
830 }
831
832 if (indefinite) {
833 /*
834 * We need to put out an indefinite-length encoding.
835 * The only universal types that can be constructed are SETs,
836 * SEQUENCEs, and strings; so check that it is one of those,
837 * or that it is not universal (e.g. context-specific).
838 */
839 state->indefinite = PR_TRUE;
840 PORT_Assert ((tag_number == SEC_ASN1_SET)
841 || (tag_number == SEC_ASN1_SEQUENCE)
842 || ((tag_modifiers & SEC_ASN1_CLASS_MASK) != 0)
843 || state->is_string);
844 tag_modifiers |= SEC_ASN1_CONSTRUCTED;
845 contents_length = 0;
846 }
847
848 sec_asn1e_write_identifier_bytes (state,
849 (unsigned char)(tag_number | tag_modifiers));
850 sec_asn1e_write_length_bytes (state, contents_length, state->indefinite);
851
852 if (contents_length == 0 && !state->indefinite) {
853 /*
854 * If no real contents to encode, then we are done with this field.
855 */
856 state->place = afterContents;
857 return;
858 }
859
860 /*
861 * An EXPLICIT is nothing but an outer header, which we have already
862 * written. Now we need to do the inner header and contents.
863 */
864 if (state->isExplicit) {
865 const SEC_ASN1Template *subt =
866 SEC_ASN1GetSubtemplate(state->theTemplate, state->src, PR_TRUE);
867 state->place = afterContents;
868 state = sec_asn1e_push_state (state->top, subt, state->src, PR_TRUE);
869 if (state != NULL)
870 state = sec_asn1e_init_state_based_on_template (state);
871 return;
872 }
873
874 switch (state->underlying_kind) {
875 case SEC_ASN1_SET_OF:
876 case SEC_ASN1_SEQUENCE_OF:
877 /*
878 * We need to push a child to handle each member.
879 */
880 {
881 void **group;
882 const SEC_ASN1Template *subt;
883
884 group = *(void ***)state->src;
885 if (group == NULL || *group == NULL) {
886 /*
887 * Group is empty; we are done.
888 */
889 state->place = afterContents;
890 return;
891 }
892 state->place = duringGroup;
893 subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->src,
894 PR_TRUE);
895 state = sec_asn1e_push_state (state->top, subt, *group, PR_TRUE);
896 if (state != NULL)
897 state = sec_asn1e_init_state_based_on_template (state);
898 }
899 break;
900
901 case SEC_ASN1_SEQUENCE:
902 case SEC_ASN1_SET:
903 /*
904 * We need to push a child to handle the individual fields.
905 */
906 state->place = duringSequence;
907 state = sec_asn1e_push_state (state->top, state->theTemplate + 1,
908 state->src, PR_TRUE);
909 if (state != NULL) {
910 /*
911 * Do the "before" field notification.
912 */
913 sec_asn1e_notify_before (state->top, state->src, state->depth);
914 state = sec_asn1e_init_state_based_on_template (state);
915 }
916 break;
917
918 default:
919 /*
920 * I think we do not need to do anything else.
921 * XXX Correct?
922 */
923 state->place = duringContents;
924 break;
925 }
926 }
927
928
929 static void
930 sec_asn1e_write_contents_from_buf (sec_asn1e_state *state,
931 const char *buf, unsigned long len)
932 {
933 PORT_Assert (state->place == duringContents);
934 PORT_Assert (state->top->from_buf);
935 PORT_Assert (state->may_stream && !state->disallowStreaming);
936
937 /*
938 * Probably they just turned on "take from buf", but have not
939 * yet given us any bytes. If there is nothing in the buffer
940 * then we have nothing to do but return and wait.
941 */
942 if (buf == NULL || len == 0) {
943 state->top->status = needBytes;
944 return;
945 }
946 /*
947 * We are streaming, reading from a passed-in buffer.
948 * This means we are encoding a simple string or an ANY.
949 * For the former, we need to put out a substring, with its
950 * own identifier and length. For an ANY, we just write it
951 * out as is (our caller is required to ensure that it
952 * is a properly encoded entity).
953 */
954 PORT_Assert (state->is_string); /* includes ANY */
955 if (state->underlying_kind != SEC_ASN1_ANY) {
956 unsigned char identifier;
957
958 /*
959 * Create the identifier based on underlying_kind. We cannot
960 * use tag_number and tag_modifiers because this can be an
961 * implicitly encoded field. In that case, the underlying
962 * substrings *are* encoded with their real tag.
963 */
964 identifier = (unsigned char)
965 (state->underlying_kind & SEC_ASN1_TAG_MASK);
966 /*
967 * The underlying kind should just be a simple string; there
968 * should be no bits like CONTEXT_SPECIFIC or CONSTRUCTED set.
969 */
970 PORT_Assert ((identifier & SEC_ASN1_TAGNUM_MASK) == identifier);
971 /*
972 * Write out the tag and length for the substring.
973 */
974 sec_asn1e_write_identifier_bytes (state, identifier);
975 if (state->underlying_kind == SEC_ASN1_BIT_STRING) {
976 char byte;
977 /*
978 * Assume we have a length in bytes but we need to output
979 * a proper bit string. This interface only works for bit
980 * strings that are full multiples of 8. If support for
981 * real, variable length bit strings is needed then the
982 * caller will have to know to pass in a bit length instead
983 * of a byte length and then this code will have to
984 * perform the encoding necessary (length written is length
985 * in bytes plus 1, and the first octet of string is the
986 * number of bits remaining between the end of the bit
987 * string and the next byte boundary).
988 */
989 sec_asn1e_write_length_bytes (state, len + 1, PR_FALSE);
990 byte = 0;
991 sec_asn1e_write_contents_bytes (state, &byte, 1);
992 } else {
993 sec_asn1e_write_length_bytes (state, len, PR_FALSE);
994 }
995 }
996 sec_asn1e_write_contents_bytes (state, buf, len);
997 state->top->status = needBytes;
998 }
999
1000 static void
1001 sec_asn1e_write_contents (sec_asn1e_state *state)
1002 {
1003 unsigned long len = 0;
1004
1005 PORT_Assert (state->place == duringContents);
1006
1007 switch (state->underlying_kind) {
1008 case SEC_ASN1_SET:
1009 case SEC_ASN1_SEQUENCE:
1010 PORT_Assert (0);
1011 break;
1012
1013 case SEC_ASN1_BIT_STRING:
1014 {
1015 SECItem *item;
1016 char rem;
1017
1018 item = (SECItem *)state->src;
1019 len = (item->len + 7) >> 3;
1020 rem = (unsigned char)((len << 3) - item->len); /* remaining bits */
1021 sec_asn1e_write_contents_bytes (state, &rem, 1);
1022 sec_asn1e_write_contents_bytes (state, (char *) item->data, len);
1023 }
1024 break;
1025
1026 case SEC_ASN1_BMP_STRING:
1027 /* The number of bytes must be divisable by 2 */
1028 if ((((SECItem *)state->src)->len) % 2) {
1029 SEC_ASN1EncoderContext *cx;
1030
1031 cx = state->top;
1032 cx->status = encodeError;
1033 break;
1034 }
1035 /* otherwise, fall through to write the content */
1036 goto process_string;
1037
1038 case SEC_ASN1_UNIVERSAL_STRING:
1039 /* The number of bytes must be divisable by 4 */
1040 if ((((SECItem *)state->src)->len) % 4) {
1041 SEC_ASN1EncoderContext *cx;
1042
1043 cx = state->top;
1044 cx->status = encodeError;
1045 break;
1046 }
1047 /* otherwise, fall through to write the content */
1048 goto process_string;
1049
1050 case SEC_ASN1_INTEGER:
1051 /* ASN.1 INTEGERs are signed. If the source is an unsigned
1052 * integer, the encoder will need to handle the conversion here.
1053 */
1054 {
1055 unsigned int blen;
1056 unsigned char *buf;
1057 SECItemType integerType;
1058 blen = ((SECItem *)state->src)->len;
1059 buf = ((SECItem *)state->src)->data;
1060 integerType = ((SECItem *)state->src)->type;
1061 while (blen > 0) {
1062 if (*buf & 0x80 && integerType == siUnsignedInteger) {
1063 char zero = 0; /* write a leading 0 */
1064 sec_asn1e_write_contents_bytes(state, &zero, 1);
1065 /* and then the remaining buffer */
1066 sec_asn1e_write_contents_bytes(state,
1067 (char *)buf, blen);
1068 break;
1069 }
1070 /* Check three possibilities:
1071 * 1. No leading zeros, msb of MSB is not 1;
1072 * 2. The number is zero itself;
1073 * 3. Encoding a signed integer with a leading zero,
1074 * keep the zero so that the number is positive.
1075 */
1076 if (*buf != 0 ||
1077 blen == 1 ||
1078 (buf[1] & 0x80 && integerType != siUnsignedInteger) )
1079 {
1080 sec_asn1e_write_contents_bytes(state,
1081 (char *)buf, blen);
1082 break;
1083 }
1084 /* byte is 0, continue */
1085 buf++;
1086 blen--;
1087 }
1088 }
1089 /* done with this content */
1090 break;
1091
1092 process_string:
1093 default:
1094 {
1095 SECItem *item;
1096
1097 item = (SECItem *)state->src;
1098 sec_asn1e_write_contents_bytes (state, (char *) item->data,
1099 item->len);
1100 }
1101 break;
1102 }
1103 state->place = afterContents;
1104 }
1105
1106 /*
1107 * We are doing a SET OF or SEQUENCE OF, and have just finished an item.
1108 */
1109 static void
1110 sec_asn1e_next_in_group (sec_asn1e_state *state)
1111 {
1112 sec_asn1e_state *child;
1113 void **group;
1114 void *member;
1115
1116 PORT_Assert (state->place == duringGroup);
1117 PORT_Assert (state->child != NULL);
1118
1119 child = state->child;
1120
1121 group = *(void ***)state->src;
1122
1123 /*
1124 * Find placement of current item.
1125 */
1126 member = (char *)(state->child->src) - child->theTemplate->offset;
1127 while (*group != member)
1128 group++;
1129
1130 /*
1131 * Move forward to next item.
1132 */
1133 group++;
1134 if (*group == NULL) {
1135 /*
1136 * That was our last one; we are done now.
1137 */
1138 child->place = notInUse;
1139 state->place = afterContents;
1140 return;
1141 }
1142 child->src = (char *)(*group) + child->theTemplate->offset;
1143
1144 /*
1145 * Re-"push" child.
1146 */
1147 sec_asn1e_scrub_state (child);
1148 state->top->current = child;
1149 }
1150
1151
1152 /*
1153 * We are moving along through a sequence; move forward by one,
1154 * (detecting end-of-sequence when it happens).
1155 */
1156 static void
1157 sec_asn1e_next_in_sequence (sec_asn1e_state *state)
1158 {
1159 sec_asn1e_state *child;
1160
1161 PORT_Assert (state->place == duringSequence);
1162 PORT_Assert (state->child != NULL);
1163
1164 child = state->child;
1165
1166 /*
1167 * Do the "after" field notification.
1168 */
1169 sec_asn1e_notify_after (state->top, child->src, child->depth);
1170
1171 /*
1172 * Move forward.
1173 */
1174 child->theTemplate++;
1175 if (child->theTemplate->kind == 0) {
1176 /*
1177 * We are done with this sequence.
1178 */
1179 child->place = notInUse;
1180 state->place = afterContents;
1181 return;
1182 }
1183
1184 /*
1185 * Reset state and push.
1186 */
1187
1188 child->src = (char *)state->src + child->theTemplate->offset;
1189
1190 /*
1191 * Do the "before" field notification.
1192 */
1193 sec_asn1e_notify_before (state->top, child->src, child->depth);
1194
1195 state->top->current = child;
1196 (void) sec_asn1e_init_state_based_on_template (child);
1197 }
1198
1199
1200 static void
1201 sec_asn1e_after_contents (sec_asn1e_state *state)
1202 {
1203 PORT_Assert (state->place == afterContents);
1204
1205 if (state->indefinite)
1206 sec_asn1e_write_end_of_contents_bytes (state);
1207
1208 /*
1209 * Just make my parent be the current state. It will then clean
1210 * up after me and free me (or reuse me).
1211 */
1212 state->top->current = state->parent;
1213 }
1214
1215
1216 /*
1217 * This function is called whether or not we are streaming; if we
1218 * *are* streaming, our caller can also instruct us to take bytes
1219 * from the passed-in buffer (at buf, for length len, which is likely
1220 * bytes but could even mean bits if the current field is a bit string).
1221 * If we have been so instructed, we will gobble up bytes from there
1222 * (rather than from our src structure) and output them, and then
1223 * we will just return, expecting to be called again -- either with
1224 * more bytes or after our caller has instructed us that we are done
1225 * (for now) with the buffer.
1226 */
1227 SECStatus
1228 SEC_ASN1EncoderUpdate (SEC_ASN1EncoderContext *cx,
1229 const char *buf, unsigned long len)
1230 {
1231 sec_asn1e_state *state;
1232
1233 if (cx->status == needBytes) {
1234 cx->status = keepGoing;
1235 }
1236
1237 while (cx->status == keepGoing) {
1238 state = cx->current;
1239 switch (state->place) {
1240 case beforeHeader:
1241 sec_asn1e_write_header (state);
1242 break;
1243 case duringContents:
1244 if (cx->from_buf)
1245 sec_asn1e_write_contents_from_buf (state, buf, len);
1246 else
1247 sec_asn1e_write_contents (state);
1248 break;
1249 case duringGroup:
1250 sec_asn1e_next_in_group (state);
1251 break;
1252 case duringSequence:
1253 sec_asn1e_next_in_sequence (state);
1254 break;
1255 case afterContents:
1256 sec_asn1e_after_contents (state);
1257 break;
1258 case afterImplicit:
1259 case afterInline:
1260 case afterPointer:
1261 case afterChoice:
1262 /*
1263 * These states are more documentation than anything.
1264 * They just need to force a pop.
1265 */
1266 PORT_Assert (!state->indefinite);
1267 state->place = afterContents;
1268 break;
1269 case notInUse:
1270 default:
1271 /* This is not an error, but rather a plain old BUG! */
1272 PORT_Assert (0);
1273 cx->status = encodeError;
1274 break;
1275 }
1276
1277 if (cx->status == encodeError)
1278 break;
1279
1280 /* It might have changed, so we have to update our local copy. */
1281 state = cx->current;
1282
1283 /* If it is NULL, we have popped all the way to the top. */
1284 if (state == NULL) {
1285 cx->status = allDone;
1286 break;
1287 }
1288 }
1289
1290 if (cx->status == encodeError) {
1291 return SECFailure;
1292 }
1293
1294 return SECSuccess;
1295 }
1296
1297
1298 void
1299 SEC_ASN1EncoderFinish (SEC_ASN1EncoderContext *cx)
1300 {
1301 /*
1302 * XXX anything else that needs to be finished?
1303 */
1304
1305 PORT_FreeArena (cx->our_pool, PR_FALSE);
1306 }
1307
1308
1309 SEC_ASN1EncoderContext *
1310 SEC_ASN1EncoderStart (const void *src, const SEC_ASN1Template *theTemplate,
1311 SEC_ASN1WriteProc output_proc, void *output_arg)
1312 {
1313 PRArenaPool *our_pool;
1314 SEC_ASN1EncoderContext *cx;
1315
1316 our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
1317 if (our_pool == NULL)
1318 return NULL;
1319
1320 cx = (SEC_ASN1EncoderContext*)PORT_ArenaZAlloc (our_pool, sizeof(*cx));
1321 if (cx == NULL) {
1322 PORT_FreeArena (our_pool, PR_FALSE);
1323 return NULL;
1324 }
1325
1326 cx->our_pool = our_pool;
1327 cx->output_proc = output_proc;
1328 cx->output_arg = output_arg;
1329
1330 cx->status = keepGoing;
1331
1332 if (sec_asn1e_push_state(cx, theTemplate, src, PR_FALSE) == NULL
1333 || sec_asn1e_init_state_based_on_template (cx->current) == NULL) {
1334 /*
1335 * Trouble initializing (probably due to failed allocations)
1336 * requires that we just give up.
1337 */
1338 PORT_FreeArena (our_pool, PR_FALSE);
1339 return NULL;
1340 }
1341
1342 return cx;
1343 }
1344
1345
1346 /*
1347 * XXX Do we need a FilterProc, too?
1348 */
1349
1350
1351 void
1352 SEC_ASN1EncoderSetNotifyProc (SEC_ASN1EncoderContext *cx,
1353 SEC_ASN1NotifyProc fn, void *arg)
1354 {
1355 cx->notify_proc = fn;
1356 cx->notify_arg = arg;
1357 }
1358
1359
1360 void
1361 SEC_ASN1EncoderClearNotifyProc (SEC_ASN1EncoderContext *cx)
1362 {
1363 cx->notify_proc = NULL;
1364 cx->notify_arg = NULL; /* not necessary; just being clean */
1365 }
1366
1367 void
1368 SEC_ASN1EncoderAbort(SEC_ASN1EncoderContext *cx, int error)
1369 {
1370 PORT_Assert(cx);
1371 PORT_SetError(error);
1372 cx->status = encodeError;
1373 }
1374
1375 void
1376 SEC_ASN1EncoderSetStreaming (SEC_ASN1EncoderContext *cx)
1377 {
1378 /* XXX is there a way to check that we are "between" fields here? */
1379
1380 cx->streaming = PR_TRUE;
1381 }
1382
1383
1384 void
1385 SEC_ASN1EncoderClearStreaming (SEC_ASN1EncoderContext *cx)
1386 {
1387 /* XXX is there a way to check that we are "between" fields here? */
1388
1389 cx->streaming = PR_FALSE;
1390 }
1391
1392
1393 void
1394 SEC_ASN1EncoderSetTakeFromBuf (SEC_ASN1EncoderContext *cx)
1395 {
1396 /*
1397 * XXX is there a way to check that we are "between" fields here? this
1398 * needs to include a check for being in between groups of items in
1399 * a SET_OF or SEQUENCE_OF.
1400 */
1401 PORT_Assert (cx->streaming);
1402
1403 cx->from_buf = PR_TRUE;
1404 }
1405
1406
1407 void
1408 SEC_ASN1EncoderClearTakeFromBuf (SEC_ASN1EncoderContext *cx)
1409 {
1410 /* we should actually be taking from buf *now* */
1411 PORT_Assert (cx->from_buf);
1412 if (! cx->from_buf) /* if not, just do nothing */
1413 return;
1414
1415 cx->from_buf = PR_FALSE;
1416
1417 if (cx->status == needBytes) {
1418 cx->status = keepGoing;
1419 cx->current->place = afterContents;
1420 }
1421 }
1422
1423
1424 SECStatus
1425 SEC_ASN1Encode (const void *src, const SEC_ASN1Template *theTemplate,
1426 SEC_ASN1WriteProc output_proc, void *output_arg)
1427 {
1428 SEC_ASN1EncoderContext *ecx;
1429 SECStatus rv;
1430
1431 ecx = SEC_ASN1EncoderStart (src, theTemplate, output_proc, output_arg);
1432 if (ecx == NULL)
1433 return SECFailure;
1434
1435 rv = SEC_ASN1EncoderUpdate (ecx, NULL, 0);
1436
1437 SEC_ASN1EncoderFinish (ecx);
1438 return rv;
1439 }
1440
1441
1442 /*
1443 * XXX depth and data_kind are unused; is there a PC way to silence warnings?
1444 * (I mean "politically correct", not anything to do with intel/win platform)
1445 */
1446 static void
1447 sec_asn1e_encode_item_count (void *arg, const char *buf, unsigned long len,
1448 int depth, SEC_ASN1EncodingPart data_kind)
1449 {
1450 unsigned long *count;
1451
1452 count = (unsigned long*)arg;
1453 PORT_Assert (count != NULL);
1454
1455 *count += len;
1456 }
1457
1458
1459 /* XXX depth and data_kind are unused; is there a PC way to silence warnings? */
1460 static void
1461 sec_asn1e_encode_item_store (void *arg, const char *buf, unsigned long len,
1462 int depth, SEC_ASN1EncodingPart data_kind)
1463 {
1464 SECItem *dest;
1465
1466 dest = (SECItem*)arg;
1467 PORT_Assert (dest != NULL);
1468
1469 PORT_Memcpy (dest->data + dest->len, buf, len);
1470 dest->len += len;
1471 }
1472
1473
1474 /*
1475 * Allocate an entire SECItem, or just the data part of it, to hold
1476 * "len" bytes of stuff. Allocate from the given pool, if specified,
1477 * otherwise just do a vanilla PORT_Alloc.
1478 *
1479 * XXX This seems like a reasonable general-purpose function (for SECITEM_)?
1480 */
1481 static SECItem *
1482 sec_asn1e_allocate_item (PRArenaPool *poolp, SECItem *dest, unsigned long len)
1483 {
1484 if (poolp != NULL) {
1485 void *release;
1486
1487 release = PORT_ArenaMark (poolp);
1488 if (dest == NULL)
1489 dest = (SECItem*)PORT_ArenaAlloc (poolp, sizeof(SECItem));
1490 if (dest != NULL) {
1491 dest->data = (unsigned char*)PORT_ArenaAlloc (poolp, len);
1492 if (dest->data == NULL) {
1493 dest = NULL;
1494 }
1495 }
1496 if (dest == NULL) {
1497 /* one or both allocations failed; release everything */
1498 PORT_ArenaRelease (poolp, release);
1499 } else {
1500 /* everything okay; unmark the arena */
1501 PORT_ArenaUnmark (poolp, release);
1502 }
1503 } else {
1504 SECItem *indest;
1505
1506 indest = dest;
1507 if (dest == NULL)
1508 dest = (SECItem*)PORT_Alloc (sizeof(SECItem));
1509 if (dest != NULL) {
1510 dest->type = siBuffer;
1511 dest->data = (unsigned char*)PORT_Alloc (len);
1512 if (dest->data == NULL) {
1513 if (indest == NULL)
1514 PORT_Free (dest);
1515 dest = NULL;
1516 }
1517 }
1518 }
1519
1520 return dest;
1521 }
1522
1523
1524 SECItem *
1525 SEC_ASN1EncodeItem (PRArenaPool *poolp, SECItem *dest, const void *src,
1526 const SEC_ASN1Template *theTemplate)
1527 {
1528 unsigned long encoding_length;
1529 SECStatus rv;
1530
1531 PORT_Assert (dest == NULL || dest->data == NULL);
1532
1533 encoding_length = 0;
1534 rv = SEC_ASN1Encode (src, theTemplate,
1535 sec_asn1e_encode_item_count, &encoding_length);
1536 if (rv != SECSuccess)
1537 return NULL;
1538
1539 dest = sec_asn1e_allocate_item (poolp, dest, encoding_length);
1540 if (dest == NULL)
1541 return NULL;
1542
1543 /* XXX necessary? This really just checks for a bug in the allocate fn */
1544 PORT_Assert (dest->data != NULL);
1545 if (dest->data == NULL)
1546 return NULL;
1547
1548 dest->len = 0;
1549 (void) SEC_ASN1Encode (src, theTemplate, sec_asn1e_encode_item_store, dest);
1550
1551 PORT_Assert (encoding_length == dest->len);
1552 return dest;
1553 }
1554
1555
1556 static SECItem *
1557 sec_asn1e_integer(PRArenaPool *poolp, SECItem *dest, unsigned long value,
1558 PRBool is_unsigned)
1559 {
1560 unsigned long copy;
1561 unsigned char sign;
1562 int len = 0;
1563
1564 /*
1565 * Determine the length of the encoded value (minimum of 1).
1566 */
1567 copy = value;
1568 do {
1569 len++;
1570 sign = (unsigned char)(copy & 0x80);
1571 copy >>= 8;
1572 } while (copy);
1573
1574 /*
1575 * If 'value' is non-negative, and the high bit of the last
1576 * byte we counted was set, we need to add one to the length so
1577 * we put a high-order zero byte in the encoding.
1578 */
1579 if (sign && (is_unsigned || (long)value >= 0))
1580 len++;
1581
1582 /*
1583 * Allocate the item (if necessary) and the data pointer within.
1584 */
1585 dest = sec_asn1e_allocate_item (poolp, dest, len);
1586 if (dest == NULL)
1587 return NULL;
1588
1589 /*
1590 * Store the value, byte by byte, in the item.
1591 */
1592 dest->len = len;
1593 while (len) {
1594 dest->data[--len] = (unsigned char)value;
1595 value >>= 8;
1596 }
1597 PORT_Assert (value == 0);
1598
1599 return dest;
1600 }
1601
1602
1603 SECItem *
1604 SEC_ASN1EncodeInteger(PRArenaPool *poolp, SECItem *dest, long value)
1605 {
1606 return sec_asn1e_integer (poolp, dest, (unsigned long) value, PR_FALSE);
1607 }
1608
1609
1610 SECItem *
1611 SEC_ASN1EncodeUnsignedInteger(PRArenaPool *poolp,
1612 SECItem *dest, unsigned long value)
1613 {
1614 return sec_asn1e_integer (poolp, dest, value, PR_TRUE);
1615 }
OLDNEW
« no previous file with comments | « mozilla/security/nss/lib/util/secasn1d.c ('k') | mozilla/security/nss/lib/util/secasn1t.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698