4 * Copyright (c) 1997 Kungliga Tekniska Högskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 #define ASN1_MAX_YEAR 2000
43 return (y % 4) == 0 && ((y % 100) != 0 || (y % 400) == 0);
46 static const unsigned ndays[2][12] ={
47 {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31},
48 {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}};
51 * This is a simplifed version of timegm(3) that doesn't accept out of
52 * bound values that timegm(3) normally accepts but those are not
53 * valid in asn1 encodings.
57 _der_timegm (struct tm *tm)
63 * See comment in _der_gmtime
65 if (tm->tm_year > ASN1_MAX_YEAR)
70 if (tm->tm_mon < 0 || tm->tm_mon > 11)
72 if (tm->tm_mday < 1 || tm->tm_mday > (int)ndays[is_leap(tm->tm_year)][tm->tm_mon])
74 if (tm->tm_hour < 0 || tm->tm_hour > 23)
76 if (tm->tm_min < 0 || tm->tm_min > 59)
78 if (tm->tm_sec < 0 || tm->tm_sec > 59)
81 for (i = 70; i < tm->tm_year; ++i)
82 res += is_leap(i) ? 366 : 365;
84 for (i = 0; i < tm->tm_mon; ++i)
85 res += ndays[is_leap(tm->tm_year)][i];
86 res += tm->tm_mday - 1;
97 _der_gmtime(time_t t, struct tm *tm)
99 time_t secday = t % (3600 * 24);
100 time_t days = t / (3600 * 24);
102 memset(tm, 0, sizeof(*tm));
104 tm->tm_sec = secday % 60;
105 tm->tm_min = (secday % 3600) / 60;
106 tm->tm_hour = (int)(secday / 3600);
109 * Refuse to calculate time ~ 2000 years into the future, this is
110 * not possible for systems where time_t is a int32_t, however,
111 * when time_t is a int64_t, that can happen, and this becomes a
114 if (days > (ASN1_MAX_YEAR * 365))
119 unsigned dayinyear = (is_leap(tm->tm_year) ? 366 : 365);
120 if (days < dayinyear)
128 unsigned daysinmonth = ndays[is_leap(tm->tm_year)][tm->tm_mon];
129 if (days < daysinmonth)
134 tm->tm_mday = (int)(days + 1);
139 * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan
140 * (Royal Institute of Technology, Stockholm, Sweden).
141 * All rights reserved.
143 * Redistribution and use in source and binary forms, with or without
144 * modification, are permitted provided that the following conditions
147 * 1. Redistributions of source code must retain the above copyright
148 * notice, this list of conditions and the following disclaimer.
150 * 2. Redistributions in binary form must reproduce the above copyright
151 * notice, this list of conditions and the following disclaimer in the
152 * documentation and/or other materials provided with the distribution.
154 * 3. Neither the name of the Institute nor the names of its contributors
155 * may be used to endorse or promote products derived from this software
156 * without specific prior written permission.
158 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
159 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
160 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
161 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
162 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
163 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
164 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
165 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
166 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
167 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
173 * All decoding functions take a pointer `p' to first position in
174 * which to read, from the left, `len' which means the maximum number
175 * of characters we are able to read, `ret' were the value will be
176 * returned and `size' where the number of used bytes is stored.
177 * Either 0 or an error code is returned.
181 der_get_unsigned (const unsigned char *p, size_t len,
182 unsigned *ret, size_t *size)
187 if (len == sizeof(val) + 1 && p[0] == 0)
189 else if (len > sizeof(val))
193 val = val * 256 + *p++;
195 if(size) *size = oldlen;
200 der_get_unsigned64 (const unsigned char *p, size_t len,
201 uint64_t *ret, size_t *size)
206 if (len == sizeof(val) + 1 && p[0] == 0)
208 else if (len > sizeof(val))
212 val = val * 256 + *p++;
214 if(size) *size = oldlen;
219 der_get_integer (const unsigned char *p, size_t len,
220 int *ret, size_t *size)
225 if (len > sizeof(val))
229 val = (signed char)*p++;
231 val = val * 256 + *p++;
234 if(size) *size = oldlen;
239 der_get_integer64 (const unsigned char *p, size_t len,
240 int64_t *ret, size_t *size)
245 if (len > sizeof(val))
249 val = (signed char)*p++;
251 val = val * 256 + *p++;
254 if(size) *size = oldlen;
260 der_get_length (const unsigned char *p, size_t len,
261 size_t *val, size_t *size)
278 *val = ASN1_INDEFINITE;
285 e = der_get_unsigned (p, v, &tmp, &l);
288 if(size) *size = l + 1;
294 der_get_boolean(const unsigned char *p, size_t len, int *data, size_t *size)
307 der_get_general_string (const unsigned char *p, size_t len,
308 heim_general_string *str, size_t *size)
310 const unsigned char *p1;
313 p1 = memchr(p, 0, len);
316 * Allow trailing NULs. We allow this since MIT Kerberos sends
317 * an strings in the NEED_PREAUTH case that includes a
320 while ((size_t)(p1 - p) < len && *p1 == '\0')
322 if ((size_t)(p1 - p) != len) {
324 return ASN1_BAD_CHARACTER;
327 if (len == SIZE_MAX) {
329 return ASN1_BAD_LENGTH;
332 *str = s = malloc (len + 1);
338 if(size) *size = len;
343 der_get_utf8string (const unsigned char *p, size_t len,
344 heim_utf8_string *str, size_t *size)
346 return der_get_general_string(p, len, str, size);
349 #define gen_data_zero(_data) \
350 do { (_data)->length = 0; (_data)->data = NULL; } while(0)
353 der_get_printable_string(const unsigned char *p, size_t len,
354 heim_printable_string *str, size_t *size)
356 if (len == SIZE_MAX) {
358 return ASN1_BAD_LENGTH;
361 str->data = malloc(len + 1);
362 if (str->data == NULL) {
366 memcpy(str->data, p, len);
367 ((char *)str->data)[len] = '\0';
368 if(size) *size = len;
373 der_get_ia5_string(const unsigned char *p, size_t len,
374 heim_ia5_string *str, size_t *size)
376 return der_get_printable_string(p, len, str, size);
380 der_get_bmp_string (const unsigned char *p, size_t len,
381 heim_bmp_string *data, size_t *size)
387 return ASN1_BAD_FORMAT;
389 data->length = len / 2;
390 if (data->length > UINT_MAX/sizeof(data->data[0])) {
394 data->data = malloc(data->length * sizeof(data->data[0]));
395 if (data->data == NULL && data->length != 0) {
400 for (i = 0; i < data->length; i++) {
401 data->data[i] = (p[0] << 8) | p[1];
403 /* check for NUL in the middle of the string */
404 if (data->data[i] == 0 && i != (data->length - 1)) {
407 return ASN1_BAD_CHARACTER;
410 if (size) *size = len;
416 der_get_universal_string (const unsigned char *p, size_t len,
417 heim_universal_string *data, size_t *size)
423 return ASN1_BAD_FORMAT;
425 data->length = len / 4;
426 if (data->length > UINT_MAX/sizeof(data->data[0])) {
430 data->data = malloc(data->length * sizeof(data->data[0]));
431 if (data->data == NULL && data->length != 0) {
436 for (i = 0; i < data->length; i++) {
437 data->data[i] = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
439 /* check for NUL in the middle of the string */
440 if (data->data[i] == 0 && i != (data->length - 1)) {
443 return ASN1_BAD_CHARACTER;
446 if (size) *size = len;
451 der_get_visible_string (const unsigned char *p, size_t len,
452 heim_visible_string *str, size_t *size)
454 return der_get_general_string(p, len, str, size);
458 der_get_octet_string (const unsigned char *p, size_t len,
459 heim_octet_string *data, size_t *size)
462 data->data = malloc(len);
463 if (data->data == NULL && data->length != 0)
465 memcpy (data->data, p, len);
466 if(size) *size = len;
471 der_get_octet_string_ber (const unsigned char *p, size_t len,
472 heim_octet_string *data, size_t *size)
477 unsigned int tag, depth = 0;
478 size_t l, datalen, oldlen = len;
484 e = der_get_tag (p, len, &cls, &type, &tag, &l);
486 if (cls != ASN1_C_UNIV) {
490 if (type == PRIM && tag == UT_EndOfContent) {
495 if (tag != UT_OctetString) {
502 e = der_get_length (p, len, &datalen, &l);
513 ptr = realloc(data->data, data->length + datalen);
519 memcpy(((unsigned char *)data->data) + data->length, p, datalen);
520 data->length += datalen;
528 return ASN1_INDEF_OVERRUN;
529 if(size) *size = oldlen - len;
540 der_get_heim_integer (const unsigned char *p, size_t len,
541 heim_integer *data, size_t *size)
563 data->data = malloc(data->length);
564 if (data->data == NULL) {
570 q = &((unsigned char*)data->data)[data->length - 1];
571 p += data->length - 1;
572 while (q >= (unsigned char*)data->data) {
587 data->data = malloc(data->length);
588 if (data->data == NULL && data->length != 0) {
594 memcpy(data->data, p, data->length);
602 generalizedtime2time (const char *s, time_t *t)
606 memset(&tm, 0, sizeof(tm));
607 if (sscanf (s, "%04d%02d%02d%02d%02d%02dZ",
608 &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour,
609 &tm.tm_min, &tm.tm_sec) != 6) {
610 if (sscanf (s, "%02d%02d%02d%02d%02d%02dZ",
611 &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour,
612 &tm.tm_min, &tm.tm_sec) != 6)
613 return ASN1_BAD_TIMEFORMAT;
621 *t = _der_timegm (&tm);
626 der_get_time (const unsigned char *p, size_t len,
627 time_t *data, size_t *size)
632 if (len == SIZE_MAX || len == 0)
633 return ASN1_BAD_LENGTH;
635 times = malloc(len + 1);
638 memcpy(times, p, len);
640 e = generalizedtime2time(times, data);
642 if(size) *size = len;
647 der_get_generalized_time (const unsigned char *p, size_t len,
648 time_t *data, size_t *size)
650 return der_get_time(p, len, data, size);
654 der_get_utctime (const unsigned char *p, size_t len,
655 time_t *data, size_t *size)
657 return der_get_time(p, len, data, size);
661 der_get_oid (const unsigned char *p, size_t len,
662 heim_oid *data, size_t *size)
671 return ASN1_BAD_LENGTH;
673 if (len + 1 > UINT_MAX/sizeof(data->components[0]))
676 data->components = malloc((len + 1) * sizeof(data->components[0]));
677 if (data->components == NULL)
679 data->components[0] = (*p) / 40;
680 data->components[1] = (*p) % 40;
683 for (n = 2; len > 0; ++n) {
688 u1 = u * 128 + (*p++ % 128);
689 /* check that we don't overflow the element */
695 } while (len > 0 && p[-1] & 0x80);
696 data->components[n] = u;
698 if (n > 2 && p[-1] & 0x80) {
709 der_get_tag (const unsigned char *p, size_t len,
710 Der_class *cls, Der_type *type,
711 unsigned int *tag, size_t *size)
716 *cls = (Der_class)(((*p) >> 6) & 0x03);
717 *type = (Der_type)(((*p) >> 5) & 0x01);
721 unsigned int continuation;
727 continuation = *p & 128;
728 tag1 = *tag * 128 + (*p % 128);
729 /* check that we don't overflow the tag */
731 return ASN1_OVERFLOW;
734 } while(continuation);
736 if(size) *size = ret;
741 der_match_tag (const unsigned char *p, size_t len,
742 Der_class cls, Der_type type,
743 unsigned int tag, size_t *size)
748 e = der_match_tag2(p, len, cls, &thistype, tag, size);
750 if (thistype != type) return ASN1_BAD_ID;
755 der_match_tag2 (const unsigned char *p, size_t len,
756 Der_class cls, Der_type *type,
757 unsigned int tag, size_t *size)
761 unsigned int thistag;
764 e = der_get_tag (p, len, &thisclass, type, &thistag, &l);
766 if (cls != thisclass)
769 return ASN1_MISPLACED_FIELD;
771 return ASN1_MISSING_FIELD;
777 der_match_tag_and_length (const unsigned char *p, size_t len,
778 Der_class cls, Der_type *type, unsigned int tag,
779 size_t *length_ret, size_t *size)
784 e = der_match_tag2 (p, len, cls, type, tag, &l);
789 e = der_get_length (p, len, length_ret, &l);
791 if(size) *size = ret + l;
798 * Old versions of DCE was based on a very early beta of the MIT code,
799 * which used MAVROS for ASN.1 encoding. MAVROS had the interesting
800 * feature that it encoded data in the forward direction, which has
801 * it's problems, since you have no idea how long the data will be
802 * until after you're done. MAVROS solved this by reserving one byte
803 * for length, and later, if the actual length was longer, it reverted
804 * to indefinite, BER style, lengths. The version of MAVROS used by
805 * the DCE people could apparently generate correct X.509 DER encodings, and
806 * did this by making space for the length after encoding, but
807 * unfortunately this feature wasn't used with Kerberos.
811 _heim_fix_dce(size_t reallen, size_t *len)
813 if(reallen == ASN1_INDEFINITE)
822 der_get_bit_string (const unsigned char *p, size_t len,
823 heim_bit_string *data, size_t *size)
828 return ASN1_BAD_FORMAT;
829 if (len - 1 == 0 && p[0] != 0)
830 return ASN1_BAD_FORMAT;
831 /* check if any of the three upper bits are set
832 * any of them will cause a interger overrun */
833 if ((len - 1) >> (sizeof(len) * 8 - 3))
836 * If there is data to copy, do that now.
839 data->length = (len - 1) * 8;
840 data->data = malloc(len - 1);
841 if (data->data == NULL)
843 memcpy (data->data, p + 1, len - 1);
844 data->length -= p[0];
849 if(size) *size = len;
853 * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan
854 * (Royal Institute of Technology, Stockholm, Sweden).
855 * All rights reserved.
857 * Redistribution and use in source and binary forms, with or without
858 * modification, are permitted provided that the following conditions
861 * 1. Redistributions of source code must retain the above copyright
862 * notice, this list of conditions and the following disclaimer.
864 * 2. Redistributions in binary form must reproduce the above copyright
865 * notice, this list of conditions and the following disclaimer in the
866 * documentation and/or other materials provided with the distribution.
868 * 3. Neither the name of the Institute nor the names of its contributors
869 * may be used to endorse or promote products derived from this software
870 * without specific prior written permission.
872 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
873 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
874 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
875 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
876 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
877 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
878 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
879 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
880 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
881 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
889 * All encoding functions take a pointer `p' to first position in
890 * which to write, from the right, `len' which means the maximum
891 * number of characters we are able to write. The function returns
892 * the number of characters written in `size' (if non-NULL).
893 * The return value is 0 or an error.
897 der_put_unsigned (unsigned char *p, size_t len, const unsigned *v, size_t *size)
899 unsigned char *base = p;
903 while (len > 0 && val) {
909 return ASN1_OVERFLOW;
913 return ASN1_OVERFLOW;
920 return ASN1_OVERFLOW;
929 der_put_unsigned64 (unsigned char *p, size_t len, const uint64_t *v, size_t *size)
931 unsigned char *base = p;
935 while (len > 0 && val) {
941 return ASN1_OVERFLOW;
945 return ASN1_OVERFLOW;
952 return ASN1_OVERFLOW;
961 der_put_integer (unsigned char *p, size_t len, const int *v, size_t *size)
963 unsigned char *base = p;
969 return ASN1_OVERFLOW;
976 return ASN1_OVERFLOW;
984 return ASN1_OVERFLOW;
991 return ASN1_OVERFLOW;
1001 der_put_integer64 (unsigned char *p, size_t len, const int64_t *v, size_t *size)
1003 unsigned char *base = p;
1009 return ASN1_OVERFLOW;
1016 return ASN1_OVERFLOW;
1024 return ASN1_OVERFLOW;
1025 *p-- = ~(val % 256);
1031 return ASN1_OVERFLOW;
1042 der_put_length (unsigned char *p, size_t len, size_t val, size_t *size)
1045 return ASN1_OVERFLOW;
1055 return ASN1_OVERFLOW;
1069 der_put_boolean(unsigned char *p, size_t len, const int *data, size_t *size)
1072 return ASN1_OVERFLOW;
1082 der_put_general_string (unsigned char *p, size_t len,
1083 const heim_general_string *str, size_t *size)
1085 size_t slen = strlen(*str);
1088 return ASN1_OVERFLOW;
1090 memcpy (p+1, *str, slen);
1096 der_put_utf8string (unsigned char *p, size_t len,
1097 const heim_utf8_string *str, size_t *size)
1099 return der_put_general_string(p, len, str, size);
1103 der_put_printable_string (unsigned char *p, size_t len,
1104 const heim_printable_string *str, size_t *size)
1106 return der_put_octet_string(p, len, str, size);
1110 der_put_ia5_string (unsigned char *p, size_t len,
1111 const heim_ia5_string *str, size_t *size)
1113 return der_put_octet_string(p, len, str, size);
1117 der_put_bmp_string (unsigned char *p, size_t len,
1118 const heim_bmp_string *data, size_t *size)
1121 if (len / 2 < data->length)
1122 return ASN1_OVERFLOW;
1123 p -= data->length * 2;
1124 for (i = 0; i < data->length; i++) {
1125 p[1] = (data->data[i] >> 8) & 0xff;
1126 p[2] = data->data[i] & 0xff;
1129 if (size) *size = data->length * 2;
1134 der_put_universal_string (unsigned char *p, size_t len,
1135 const heim_universal_string *data, size_t *size)
1138 if (len / 4 < data->length)
1139 return ASN1_OVERFLOW;
1140 p -= data->length * 4;
1141 for (i = 0; i < data->length; i++) {
1142 p[1] = (data->data[i] >> 24) & 0xff;
1143 p[2] = (data->data[i] >> 16) & 0xff;
1144 p[3] = (data->data[i] >> 8) & 0xff;
1145 p[4] = data->data[i] & 0xff;
1148 if (size) *size = data->length * 4;
1153 der_put_visible_string (unsigned char *p, size_t len,
1154 const heim_visible_string *str, size_t *size)
1156 return der_put_general_string(p, len, str, size);
1160 der_put_octet_string (unsigned char *p, size_t len,
1161 const heim_octet_string *data, size_t *size)
1163 if (len < data->length)
1164 return ASN1_OVERFLOW;
1166 memcpy (p+1, data->data, data->length);
1167 *size = data->length;
1172 der_put_heim_integer (unsigned char *p, size_t len,
1173 const heim_integer *data, size_t *size)
1175 unsigned char *buf = data->data;
1178 if (data->length == 0) {
1180 return ASN1_OVERFLOW;
1186 if (len < data->length)
1187 return ASN1_OVERFLOW;
1189 len -= data->length;
1191 if (data->negative) {
1194 for (i = data->length - 1, carry = 1; i >= 0; i--) {
1202 return ASN1_OVERFLOW;
1209 memcpy(p + 1, buf, data->length);
1213 return ASN1_OVERFLOW;
1220 *size = data->length + hibitset;
1225 der_put_generalized_time (unsigned char *p, size_t len,
1226 const time_t *data, size_t *size)
1228 heim_octet_string k;
1232 e = _heim_time2generalizedtime (*data, &k, 1);
1235 e = der_put_octet_string(p, len, &k, &l);
1245 der_put_utctime (unsigned char *p, size_t len,
1246 const time_t *data, size_t *size)
1248 heim_octet_string k;
1252 e = _heim_time2generalizedtime (*data, &k, 0);
1255 e = der_put_octet_string(p, len, &k, &l);
1265 der_put_oid (unsigned char *p, size_t len,
1266 const heim_oid *data, size_t *size)
1268 unsigned char *base = p;
1271 for (n = data->length - 1; n >= 2; --n) {
1272 unsigned u = data->components[n];
1275 return ASN1_OVERFLOW;
1281 return ASN1_OVERFLOW;
1282 *p-- = 128 + u % 128;
1288 return ASN1_OVERFLOW;
1289 *p-- = 40 * data->components[0] + data->components[1];
1295 der_put_tag (unsigned char *p, size_t len, Der_class class, Der_type type,
1296 unsigned int tag, size_t *size)
1300 return ASN1_OVERFLOW;
1301 *p = MAKE_TAG(class, type, tag);
1305 unsigned int continuation = 0;
1309 return ASN1_OVERFLOW;
1310 *p-- = tag % 128 | continuation;
1314 continuation = 0x80;
1317 return ASN1_OVERFLOW;
1318 *p-- = MAKE_TAG(class, type, 0x1f);
1326 der_put_length_and_tag (unsigned char *p, size_t len, size_t len_val,
1327 Der_class class, Der_type type,
1328 unsigned int tag, size_t *size)
1334 e = der_put_length (p, len, len_val, &l);
1340 e = der_put_tag (p, len, class, type, tag, &l);
1350 _heim_time2generalizedtime (time_t t, heim_octet_string *s, int gtimep)
1353 const size_t len = gtimep ? 15 : 13;
1357 if (_der_gmtime(t, &tm) == NULL)
1358 return ASN1_BAD_TIMEFORMAT;
1359 s->data = malloc(len + 1);
1360 if (s->data == NULL)
1364 snprintf (s->data, len + 1, "%04d%02d%02d%02d%02d%02dZ",
1365 tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday,
1366 tm.tm_hour, tm.tm_min, tm.tm_sec);
1368 snprintf (s->data, len + 1, "%02d%02d%02d%02d%02d%02dZ",
1369 tm.tm_year % 100, tm.tm_mon + 1, tm.tm_mday,
1370 tm.tm_hour, tm.tm_min, tm.tm_sec);
1376 der_put_bit_string (unsigned char *p, size_t len,
1377 const heim_bit_string *data, size_t *size)
1379 size_t data_size = (data->length + 7) / 8;
1380 if (len < data_size + 1)
1381 return ASN1_OVERFLOW;
1384 memcpy (p+2, data->data, data_size);
1385 if (data->length && (data->length % 8) != 0)
1386 p[1] = 8 - (data->length % 8);
1389 *size = data_size + 1;
1394 _heim_der_set_sort(const void *a1, const void *a2)
1396 const heim_octet_string *s1 = a1, *s2 = a2;
1399 ret = memcmp(s1->data, s2->data,
1400 s1->length < s2->length ? s1->length : s2->length);
1403 return (int)(s1->length - s2->length);
1406 * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
1407 * (Royal Institute of Technology, Stockholm, Sweden).
1408 * All rights reserved.
1410 * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
1412 * Redistribution and use in source and binary forms, with or without
1413 * modification, are permitted provided that the following conditions
1416 * 1. Redistributions of source code must retain the above copyright
1417 * notice, this list of conditions and the following disclaimer.
1419 * 2. Redistributions in binary form must reproduce the above copyright
1420 * notice, this list of conditions and the following disclaimer in the
1421 * documentation and/or other materials provided with the distribution.
1423 * 3. Neither the name of the Institute nor the names of its contributors
1424 * may be used to endorse or promote products derived from this software
1425 * without specific prior written permission.
1427 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
1428 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1429 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1430 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
1431 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1432 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
1433 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1434 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
1435 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
1436 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1441 /* RCSID("$Id$"); */
1444 der_free_general_string (heim_general_string *str)
1451 der_free_integer (int *i)
1457 der_free_integer64 (int64_t *i)
1463 der_free_unsigned (unsigned *u)
1469 der_free_unsigned64 (uint64_t *u)
1475 der_free_generalized_time(time_t *t)
1481 der_free_utctime(time_t *t)
1488 der_free_utf8string (heim_utf8_string *str)
1495 der_free_printable_string (heim_printable_string *str)
1497 der_free_octet_string(str);
1501 der_free_ia5_string (heim_ia5_string *str)
1503 der_free_octet_string(str);
1507 der_free_bmp_string (heim_bmp_string *k)
1515 der_free_universal_string (heim_universal_string *k)
1523 der_free_visible_string (heim_visible_string *str)
1530 der_free_octet_string (heim_octet_string *k)
1538 der_free_heim_integer (heim_integer *k)
1546 der_free_oid (heim_oid *k)
1548 free(k->components);
1549 k->components = NULL;
1554 der_free_bit_string (heim_bit_string *k)
1561 * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan
1562 * (Royal Institute of Technology, Stockholm, Sweden).
1563 * All rights reserved.
1565 * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
1567 * Redistribution and use in source and binary forms, with or without
1568 * modification, are permitted provided that the following conditions
1571 * 1. Redistributions of source code must retain the above copyright
1572 * notice, this list of conditions and the following disclaimer.
1574 * 2. Redistributions in binary form must reproduce the above copyright
1575 * notice, this list of conditions and the following disclaimer in the
1576 * documentation and/or other materials provided with the distribution.
1578 * 3. Neither the name of the Institute nor the names of its contributors
1579 * may be used to endorse or promote products derived from this software
1580 * without specific prior written permission.
1582 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
1583 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1584 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1585 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
1586 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1587 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
1588 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1589 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
1590 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
1591 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1596 /* RCSID("$Id$"); */
1599 _heim_len_unsigned (unsigned val)
1602 int last_val_gt_128;
1606 last_val_gt_128 = (val >= 128);
1617 _heim_len_unsigned64 (uint64_t val)
1620 int last_val_gt_128;
1624 last_val_gt_128 = (val >= 128);
1635 _heim_len_int (int val)
1662 _heim_len_int64 (int64_t val)
1689 len_oid (const heim_oid *oid)
1694 for (n = 2; n < oid->length; ++n) {
1695 unsigned u = oid->components[n];
1706 der_length_len (size_t len)
1721 der_length_tag(unsigned int tag)
1735 der_length_integer (const int *data)
1737 return _heim_len_int (*data);
1741 der_length_integer64 (const int64_t *data)
1743 return _heim_len_int64 (*data);
1747 der_length_unsigned (const unsigned *data)
1749 return _heim_len_unsigned(*data);
1753 der_length_unsigned64 (const uint64_t *data)
1755 return _heim_len_unsigned64(*data);
1759 der_length_enumerated (const unsigned *data)
1761 return _heim_len_int (*data);
1765 der_length_general_string (const heim_general_string *data)
1767 return strlen(*data);
1771 der_length_utf8string (const heim_utf8_string *data)
1773 return strlen(*data);
1777 der_length_printable_string (const heim_printable_string *data)
1779 return data->length;
1783 der_length_ia5_string (const heim_ia5_string *data)
1785 return data->length;
1789 der_length_bmp_string (const heim_bmp_string *data)
1791 return data->length * 2;
1795 der_length_universal_string (const heim_universal_string *data)
1797 return data->length * 4;
1801 der_length_visible_string (const heim_visible_string *data)
1803 return strlen(*data);
1807 der_length_octet_string (const heim_octet_string *k)
1813 der_length_heim_integer (const heim_integer *k)
1818 return k->length + (((~(((unsigned char *)k->data)[0])) & 0x80) ? 0 : 1);
1820 return k->length + ((((unsigned char *)k->data)[0] & 0x80) ? 1 : 0);
1824 der_length_oid (const heim_oid *k)
1830 der_length_generalized_time (const time_t *t)
1832 heim_octet_string k;
1835 _heim_time2generalizedtime (*t, &k, 1);
1842 der_length_utctime (const time_t *t)
1844 heim_octet_string k;
1847 _heim_time2generalizedtime (*t, &k, 0);
1854 der_length_boolean (const int *k)
1860 der_length_bit_string (const heim_bit_string *k)
1862 return (k->length + 7) / 8 + 1;
1865 * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan
1866 * (Royal Institute of Technology, Stockholm, Sweden).
1867 * All rights reserved.
1869 * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
1871 * Redistribution and use in source and binary forms, with or without
1872 * modification, are permitted provided that the following conditions
1875 * 1. Redistributions of source code must retain the above copyright
1876 * notice, this list of conditions and the following disclaimer.
1878 * 2. Redistributions in binary form must reproduce the above copyright
1879 * notice, this list of conditions and the following disclaimer in the
1880 * documentation and/or other materials provided with the distribution.
1882 * 3. Neither the name of the Institute nor the names of its contributors
1883 * may be used to endorse or promote products derived from this software
1884 * without specific prior written permission.
1886 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
1887 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1888 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1889 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
1890 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1891 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
1892 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1893 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
1894 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
1895 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1900 /* RCSID("$Id$"); */
1903 der_copy_general_string (const heim_general_string *from,
1904 heim_general_string *to)
1906 *to = strdup(*from);
1913 der_copy_integer (const int *from, int *to)
1920 der_copy_integer64 (const int64_t *from, int64_t *to)
1927 der_copy_unsigned (const unsigned *from, unsigned *to)
1934 der_copy_unsigned64 (const uint64_t *from, uint64_t *to)
1941 der_copy_generalized_time (const time_t *from, time_t *to)
1948 der_copy_utctime (const time_t *from, time_t *to)
1955 der_copy_utf8string (const heim_utf8_string *from, heim_utf8_string *to)
1957 return der_copy_general_string(from, to);
1961 der_copy_printable_string (const heim_printable_string *from,
1962 heim_printable_string *to)
1964 to->length = from->length;
1965 to->data = malloc(to->length + 1);
1966 if(to->data == NULL)
1968 memcpy(to->data, from->data, to->length);
1969 ((char *)to->data)[to->length] = '\0';
1974 der_copy_ia5_string (const heim_ia5_string *from,
1975 heim_ia5_string *to)
1977 return der_copy_printable_string(from, to);
1981 der_copy_bmp_string (const heim_bmp_string *from, heim_bmp_string *to)
1983 to->length = from->length;
1984 to->data = malloc(to->length * sizeof(to->data[0]));
1985 if(to->length != 0 && to->data == NULL)
1987 memcpy(to->data, from->data, to->length * sizeof(to->data[0]));
1992 der_copy_universal_string (const heim_universal_string *from,
1993 heim_universal_string *to)
1995 to->length = from->length;
1996 to->data = malloc(to->length * sizeof(to->data[0]));
1997 if(to->length != 0 && to->data == NULL)
1999 memcpy(to->data, from->data, to->length * sizeof(to->data[0]));
2004 der_copy_visible_string (const heim_visible_string *from,
2005 heim_visible_string *to)
2007 return der_copy_general_string(from, to);
2011 der_copy_octet_string (const heim_octet_string *from, heim_octet_string *to)
2013 to->length = from->length;
2014 to->data = malloc(to->length);
2015 if(to->length != 0 && to->data == NULL)
2017 memcpy(to->data, from->data, to->length);
2022 der_copy_heim_integer (const heim_integer *from, heim_integer *to)
2024 to->length = from->length;
2025 to->data = malloc(to->length);
2026 if(to->length != 0 && to->data == NULL)
2028 memcpy(to->data, from->data, to->length);
2029 to->negative = from->negative;
2034 der_copy_oid (const heim_oid *from, heim_oid *to)
2036 to->length = from->length;
2037 to->components = malloc(to->length * sizeof(*to->components));
2038 if (to->length != 0 && to->components == NULL)
2040 memcpy(to->components, from->components,
2041 to->length * sizeof(*to->components));
2046 der_copy_bit_string (const heim_bit_string *from, heim_bit_string *to)
2050 len = (from->length + 7) / 8;
2051 to->length = from->length;
2052 to->data = malloc(len);
2053 if(len != 0 && to->data == NULL)
2055 memcpy(to->data, from->data, len);