1
/* tlv.c - Tag-Length-Value Utilities
2
* Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc.
4
* This file is part of GnuPG.
6
* GnuPG is free software; you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; either version 3 of the License, or
9
* (at your option) any later version.
11
* GnuPG is distributed in the hope that it will be useful,
12
* but WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
* GNU General Public License for more details.
16
* You should have received a copy of the GNU General Public License
17
* along with this program; if not, see <http://www.gnu.org/licenses/>.
27
#if GNUPG_MAJOR_VERSION == 1
28
#define GPG_ERR_EOF (-1)
29
#define GPG_ERR_BAD_BER (1) /*G10ERR_GENERAL*/
30
#define GPG_ERR_INV_SEXP (45) /*G10ERR_INV_ARG*/
31
typedef int gpg_error_t;
32
#define gpg_make_err(x,n) (n)
34
#include <gpg-error.h>
39
static const unsigned char *
40
do_find_tlv (const unsigned char *buffer, size_t length,
41
int tag, size_t *nbytes, int nestlevel)
43
const unsigned char *s = buffer;
53
return NULL; /* Buffer definitely too short for tag and length. */
54
if (!*s || *s == 0xff)
55
{ /* Skip optional filler between TLV objects. */
60
composite = !!(*s & 0x20);
61
if ((*s & 0x1f) == 0x1f)
62
{ /* more tag bytes to follow */
66
return NULL; /* buffer definitely too short for tag and length. */
67
if ((*s & 0x1f) == 0x1f)
68
return NULL; /* We support only up to 2 bytes. */
69
this_tag = (s[-1] << 8) | (s[0] & 0x7f);
78
{ /* One byte length follows. */
80
return NULL; /* we expected 1 more bytes with the length. */
85
{ /* Two byte length follows. */
87
return NULL; /* We expected 2 more bytes with the length. */
88
len = (s[0] << 8) | s[1];
92
return NULL; /* APDU limit is 65535, thus it does not make
93
sense to assume longer length fields. */
95
if (composite && nestlevel < 100)
96
{ /* Dive into this composite DO after checking for a too deep
98
const unsigned char *tmp_s;
101
tmp_s = do_find_tlv (s, len, tag, &tmp_len, nestlevel+1);
115
return NULL; /* Buffer too short to skip to the next tag. */
121
/* Locate a TLV encoded data object in BUFFER of LENGTH and
122
return a pointer to value as well as its length in NBYTES. Return
123
NULL if it was not found or if the object does not fit into the buffer. */
124
const unsigned char *
125
find_tlv (const unsigned char *buffer, size_t length,
126
int tag, size_t *nbytes)
128
const unsigned char *p;
130
p = do_find_tlv (buffer, length, tag, nbytes, 0);
131
if (p && *nbytes > (length - (p-buffer)))
132
p = NULL; /* Object longer than buffer. */
138
/* Locate a TLV encoded data object in BUFFER of LENGTH and
139
return a pointer to value as well as its length in NBYTES. Return
140
NULL if it was not found. Note, that the function does not check
141
whether the value fits into the provided buffer. */
142
const unsigned char *
143
find_tlv_unchecked (const unsigned char *buffer, size_t length,
144
int tag, size_t *nbytes)
146
return do_find_tlv (buffer, length, tag, nbytes, 0);
150
/* ASN.1 BER parser: Parse BUFFER of length SIZE and return the tag
151
and the length part from the TLV triplet. Update BUFFER and SIZE
154
_parse_ber_header (unsigned char const **buffer, size_t *size,
155
int *r_class, int *r_tag,
156
int *r_constructed, int *r_ndef,
157
size_t *r_length, size_t *r_nhdr,
158
gpg_err_source_t errsource)
162
const unsigned char *buf = *buffer;
163
size_t length = *size;
171
return gpg_err_make (errsource, GPG_ERR_EOF);
172
c = *buf++; length--; ++*r_nhdr;
174
*r_class = (c & 0xc0) >> 6;
175
*r_constructed = !!(c & 0x20);
185
return gpg_err_make (errsource, GPG_ERR_EOF);
186
c = *buf++; length--; ++*r_nhdr;
194
/* Get the length. */
196
return gpg_err_make (errsource, GPG_ERR_EOF);
197
c = *buf++; length--; ++*r_nhdr;
204
return gpg_err_make (errsource, GPG_ERR_BAD_BER);
207
unsigned long len = 0;
208
int count = c & 0x7f;
210
if (count > sizeof (len) || count > sizeof (size_t))
211
return gpg_err_make (errsource, GPG_ERR_BAD_BER);
213
for (; count; count--)
217
return gpg_err_make (errsource, GPG_ERR_EOF);
218
c = *buf++; length--; ++*r_nhdr;
224
/* Without this kludge some example certs can't be parsed. */
225
if (*r_class == CLASS_UNIVERSAL && !*r_tag)
234
/* FIXME: The following function should not go into this file but for
235
now it is easier to keep it here. */
237
/* Return the next token of an canconical encoded S-expression. BUF
238
is the pointer to the S-expression and BUFLEN is a pointer to the
239
length of this S-expression (used to validate the syntax). Both
240
are updated to reflect the new position. The token itself is
241
returned as a pointer into the orginal buffer at TOK and TOKLEN.
242
If a parentheses is the next token, TOK will be set to NULL.
243
TOKLEN is checked to be within the bounds. On error a error code
244
is returned and all pointers should are not guaranteed to point to
245
a meanigful value. DEPTH should be initialized to 0 and will
246
reflect on return the actual depth of the tree. To detect the end
247
of the S-expression it is advisable to check DEPTH after a
251
while (!(err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen))
253
process_token (tok, toklen);
258
_parse_sexp (unsigned char const **buf, size_t *buflen,
259
int *depth, unsigned char const **tok, size_t *toklen,
260
gpg_err_source_t errsource)
262
const unsigned char *s;
270
return *depth ? gpg_err_make (errsource, GPG_ERR_INV_SEXP) : 0;
282
return gpg_err_make (errsource, GPG_ERR_INV_SEXP);
290
for (vlen=0; n && *s && *s != ':' && (*s >= '0' && *s <= '9'); s++, n--)
291
vlen = vlen*10 + (*s - '0');
293
return gpg_err_make (errsource, GPG_ERR_INV_SEXP);
296
return gpg_err_make (errsource, GPG_ERR_INV_SEXP);