1 /* tlv.c - Tag-Length-Value Utilities
2 * Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc.
4 * This file is part of GnuPG.
6 * This file is free software; you can redistribute it and/or modify
7 * it under the terms of either
9 * - the GNU Lesser General Public License as published by the Free
10 * Software Foundation; either version 3 of the License, or (at
11 * your option) any later version.
15 * - the GNU General Public License as published by the Free
16 * Software Foundation; either version 2 of the License, or (at
17 * your option) any later version.
19 * or both in parallel, as here.
21 * This file is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 * GNU General Public License for more details.
26 * You should have received a copy of the GNU General Public License
27 * along with this program; if not, see <https://www.gnu.org/licenses/>.
37 #if GNUPG_MAJOR_VERSION == 1
38 #define GPG_ERR_EOF (-1)
39 #define GPG_ERR_BAD_BER (1) /*G10ERR_GENERAL*/
40 #define GPG_ERR_INV_SEXP (45) /*G10ERR_INV_ARG*/
41 typedef int gpg_error_t;
42 #define gpg_make_err(x,n) (n)
44 #include <gpg-error.h>
50 static const unsigned char *
51 do_find_tlv (const unsigned char *buffer, size_t length,
52 int tag, size_t *nbytes, int nestlevel)
54 const unsigned char *s = buffer;
63 return NULL; /* Buffer definitely too short for tag and length. */
64 if (!*s || *s == 0xff)
65 { /* Skip optional filler between TLV objects. */
70 composite = !!(*s & 0x20);
71 if ((*s & 0x1f) == 0x1f)
72 { /* more tag bytes to follow */
76 return NULL; /* buffer definitely too short for tag and length. */
77 if ((*s & 0x1f) == 0x1f)
78 return NULL; /* We support only up to 2 bytes. */
79 this_tag = (s[-1] << 8) | (s[0] & 0x7f);
88 { /* One byte length follows. */
90 return NULL; /* we expected 1 more bytes with the length. */
95 { /* Two byte length follows. */
97 return NULL; /* We expected 2 more bytes with the length. */
98 len = ((size_t)s[0] << 8) | s[1];
102 return NULL; /* APDU limit is 65535, thus it does not make
103 sense to assume longer length fields. */
105 if (composite && nestlevel < 100)
106 { /* Dive into this composite DO after checking for a too deep
108 const unsigned char *tmp_s;
111 tmp_s = do_find_tlv (s, len, tag, &tmp_len, nestlevel+1);
125 return NULL; /* Buffer too short to skip to the next tag. */
131 /* Locate a TLV encoded data object in BUFFER of LENGTH and
132 return a pointer to value as well as its length in NBYTES. Return
133 NULL if it was not found or if the object does not fit into the buffer. */
134 const unsigned char *
135 find_tlv (const unsigned char *buffer, size_t length,
136 int tag, size_t *nbytes)
138 const unsigned char *p;
140 p = do_find_tlv (buffer, length, tag, nbytes, 0);
141 if (p && *nbytes > (length - (p-buffer)))
142 p = NULL; /* Object longer than buffer. */
148 /* Locate a TLV encoded data object in BUFFER of LENGTH and
149 return a pointer to value as well as its length in NBYTES. Return
150 NULL if it was not found. Note, that the function does not check
151 whether the value fits into the provided buffer. */
152 const unsigned char *
153 find_tlv_unchecked (const unsigned char *buffer, size_t length,
154 int tag, size_t *nbytes)
156 return do_find_tlv (buffer, length, tag, nbytes, 0);
160 /* ASN.1 BER parser: Parse BUFFER of length SIZE and return the tag
161 and the length part from the TLV triplet. Update BUFFER and SIZE
164 parse_ber_header (unsigned char const **buffer, size_t *size,
165 int *r_class, int *r_tag,
166 int *r_constructed, int *r_ndef,
167 size_t *r_length, size_t *r_nhdr)
171 const unsigned char *buf = *buffer;
172 size_t length = *size;
180 return gpg_err_make (default_errsource, GPG_ERR_EOF);
181 c = *buf++; length--; ++*r_nhdr;
183 *r_class = (c & 0xc0) >> 6;
184 *r_constructed = !!(c & 0x20);
194 return gpg_err_make (default_errsource, GPG_ERR_EOF);
195 c = *buf++; length--; ++*r_nhdr;
203 /* Get the length. */
205 return gpg_err_make (default_errsource, GPG_ERR_EOF);
206 c = *buf++; length--; ++*r_nhdr;
213 return gpg_err_make (default_errsource, GPG_ERR_BAD_BER);
216 unsigned long len = 0;
217 int count = c & 0x7f;
219 if (count > sizeof (len) || count > sizeof (size_t))
220 return gpg_err_make (default_errsource, GPG_ERR_BAD_BER);
222 for (; count; count--)
226 return gpg_err_make (default_errsource, GPG_ERR_EOF);
227 c = *buf++; length--; ++*r_nhdr;
233 /* Without this kludge some example certs can't be parsed. */
234 if (*r_class == CLASS_UNIVERSAL && !*r_tag)
243 /* FIXME: The following function should not go into this file but for
244 now it is easier to keep it here. */
246 /* Return the next token of an canonical encoded S-expression. BUF
247 is the pointer to the S-expression and BUFLEN is a pointer to the
248 length of this S-expression (used to validate the syntax). Both
249 are updated to reflect the new position. The token itself is
250 returned as a pointer into the original buffer at TOK and TOKLEN.
251 If a parentheses is the next token, TOK will be set to NULL.
252 TOKLEN is checked to be within the bounds. On error an error code
253 is returned and no pointer is not guaranteed to point to
254 a meaningful value. DEPTH should be initialized to 0 and will
255 reflect on return the actual depth of the tree. To detect the end
256 of the S-expression it is advisable to check DEPTH after a
260 while (!(err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen))
262 process_token (tok, toklen);
267 parse_sexp (unsigned char const **buf, size_t *buflen,
268 int *depth, unsigned char const **tok, size_t *toklen)
270 const unsigned char *s;
278 return *depth ? gpg_err_make (default_errsource, GPG_ERR_INV_SEXP) : 0;
290 return gpg_err_make (default_errsource, GPG_ERR_INV_SEXP);
298 for (vlen=0; n && *s && *s != ':' && (*s >= '0' && *s <= '9'); s++, n--)
299 vlen = vlen*10 + (*s - '0');
301 return gpg_err_make (default_errsource, GPG_ERR_INV_SEXP);
304 return gpg_err_make (default_errsource, GPG_ERR_INV_SEXP);