Botan  1.10.9
ber_dec.cpp
Go to the documentation of this file.
1 /*
2 * BER Decoder
3 * (C) 1999-2008 Jack Lloyd
4 *
5 * Distributed under the terms of the Botan license
6 */
7 
8 #include <botan/ber_dec.h>
9 #include <botan/bigint.h>
10 #include <botan/get_byte.h>
11 
12 namespace Botan {
13 
14 namespace {
15 
16 /*
17 * BER decode an ASN.1 type tag
18 */
19 size_t decode_tag(DataSource* ber, ASN1_Tag& type_tag, ASN1_Tag& class_tag)
20  {
21  byte b;
22  if(!ber->read_byte(b))
23  {
24  class_tag = type_tag = NO_OBJECT;
25  return 0;
26  }
27 
28  if((b & 0x1F) != 0x1F)
29  {
30  type_tag = ASN1_Tag(b & 0x1F);
31  class_tag = ASN1_Tag(b & 0xE0);
32  return 1;
33  }
34 
35  size_t tag_bytes = 1;
36  class_tag = ASN1_Tag(b & 0xE0);
37 
38  size_t tag_buf = 0;
39  while(true)
40  {
41  if(!ber->read_byte(b))
42  throw BER_Decoding_Error("Long-form tag truncated");
43  if(tag_buf & 0xFF000000)
44  throw BER_Decoding_Error("Long-form tag overflowed 32 bits");
45  ++tag_bytes;
46  tag_buf = (tag_buf << 7) | (b & 0x7F);
47  if((b & 0x80) == 0) break;
48  }
49  type_tag = ASN1_Tag(tag_buf);
50  return tag_bytes;
51  }
52 
53 /*
54 * Find the EOC marker
55 */
56 size_t find_eoc(DataSource*);
57 
58 /*
59 * BER decode an ASN.1 length field
60 */
61 size_t decode_length(DataSource* ber, size_t& field_size)
62  {
63  byte b;
64  if(!ber->read_byte(b))
65  throw BER_Decoding_Error("Length field not found");
66  field_size = 1;
67  if((b & 0x80) == 0)
68  return b;
69 
70  field_size += (b & 0x7F);
71  if(field_size == 1) return find_eoc(ber);
72  if(field_size > 5)
73  throw BER_Decoding_Error("Length field is too large");
74 
75  size_t length = 0;
76 
77  for(size_t i = 0; i != field_size - 1; ++i)
78  {
79  if(get_byte(0, length) != 0)
80  throw BER_Decoding_Error("Field length overflow");
81  if(!ber->read_byte(b))
82  throw BER_Decoding_Error("Corrupted length field");
83  length = (length << 8) | b;
84  }
85  return length;
86  }
87 
88 /*
89 * BER decode an ASN.1 length field
90 */
91 size_t decode_length(DataSource* ber)
92  {
93  size_t dummy;
94  return decode_length(ber, dummy);
95  }
96 
97 /*
98 * Find the EOC marker
99 */
100 size_t find_eoc(DataSource* ber)
101  {
102  SecureVector<byte> buffer(DEFAULT_BUFFERSIZE), data;
103 
104  while(true)
105  {
106  const size_t got = ber->peek(&buffer[0], buffer.size(), data.size());
107  if(got == 0)
108  break;
109 
110  data += std::make_pair(&buffer[0], got);
111  }
112 
113  DataSource_Memory source(data);
114  data.clear();
115 
116  size_t length = 0;
117  while(true)
118  {
119  ASN1_Tag type_tag, class_tag;
120  size_t tag_size = decode_tag(&source, type_tag, class_tag);
121  if(type_tag == NO_OBJECT)
122  break;
123 
124  size_t length_size = 0;
125  size_t item_size = decode_length(&source, length_size);
126  source.discard_next(item_size);
127 
128  length += item_size + length_size + tag_size;
129 
130  if(type_tag == EOC && class_tag == UNIVERSAL)
131  break;
132  }
133  return length;
134  }
135 
136 }
137 
138 /*
139 * Check a type invariant on BER data
140 */
141 void BER_Object::assert_is_a(ASN1_Tag type_tag, ASN1_Tag class_tag)
142  {
143  if(this->type_tag != type_tag || this->class_tag != class_tag)
144  throw BER_Decoding_Error("Tag mismatch when decoding");
145  }
146 
147 /*
148 * Check if more objects are there
149 */
151  {
152  if(source->end_of_data() && (pushed.type_tag == NO_OBJECT))
153  return false;
154  return true;
155  }
156 
157 /*
158 * Verify that no bytes remain in the source
159 */
161  {
162  if(!source->end_of_data() || (pushed.type_tag != NO_OBJECT))
163  throw Invalid_State("BER_Decoder::verify_end called, but data remains");
164  return (*this);
165  }
166 
167 /*
168 * Save all the bytes remaining in the source
169 */
171  {
172  out.clear();
173  byte buf;
174  while(source->read_byte(buf))
175  out.push_back(buf);
176  return (*this);
177  }
178 
179 /*
180 * Discard all the bytes remaining in the source
181 */
183  {
184  byte buf;
185  while(source->read_byte(buf))
186  ;
187  return (*this);
188  }
189 
190 /*
191 * Return the BER encoding of the next object
192 */
194  {
195  BER_Object next;
196 
197  if(pushed.type_tag != NO_OBJECT)
198  {
199  next = pushed;
200  pushed.class_tag = pushed.type_tag = NO_OBJECT;
201  return next;
202  }
203 
204  decode_tag(source, next.type_tag, next.class_tag);
205  if(next.type_tag == NO_OBJECT)
206  return next;
207 
208  size_t length = decode_length(source);
209  next.value.resize(length);
210  if(source->read(&next.value[0], length) != length)
211  throw BER_Decoding_Error("Value truncated");
212 
213  if(next.type_tag == EOC && next.class_tag == UNIVERSAL)
214  return get_next_object();
215 
216  return next;
217  }
218 
219 /*
220 * Push a object back into the stream
221 */
223  {
224  if(pushed.type_tag != NO_OBJECT)
225  throw Invalid_State("BER_Decoder: Only one push back is allowed");
226  pushed = obj;
227  }
228 
229 /*
230 * Begin decoding a CONSTRUCTED type
231 */
233  ASN1_Tag class_tag)
234  {
235  BER_Object obj = get_next_object();
236  obj.assert_is_a(type_tag, ASN1_Tag(class_tag | CONSTRUCTED));
237 
238  BER_Decoder result(&obj.value[0], obj.value.size());
239  result.parent = this;
240  return result;
241  }
242 
243 /*
244 * Finish decoding a CONSTRUCTED type
245 */
247  {
248  if(!parent)
249  throw Invalid_State("BER_Decoder::end_cons called with NULL parent");
250  if(!source->end_of_data())
251  throw Decoding_Error("BER_Decoder::end_cons called with data left");
252  return (*parent);
253  }
254 
255 /*
256 * BER_Decoder Constructor
257 */
259  {
260  source = &src;
261  owns = false;
262  pushed.type_tag = pushed.class_tag = NO_OBJECT;
263  parent = 0;
264  }
265 
266 /*
267 * BER_Decoder Constructor
268  */
269 BER_Decoder::BER_Decoder(const byte data[], size_t length)
270  {
271  source = new DataSource_Memory(data, length);
272  owns = true;
273  pushed.type_tag = pushed.class_tag = NO_OBJECT;
274  parent = 0;
275  }
276 
277 /*
278 * BER_Decoder Constructor
279 */
281  {
282  source = new DataSource_Memory(data);
283  owns = true;
284  pushed.type_tag = pushed.class_tag = NO_OBJECT;
285  parent = 0;
286  }
287 
288 /*
289 * BER_Decoder Copy Constructor
290 */
292  {
293  source = other.source;
294  owns = false;
295  if(other.owns)
296  {
297  other.owns = false;
298  owns = true;
299  }
300  pushed.type_tag = pushed.class_tag = NO_OBJECT;
301  parent = other.parent;
302  }
303 
304 /*
305 * BER_Decoder Destructor
306 */
308  {
309  if(owns)
310  delete source;
311  source = 0;
312  }
313 
314 /*
315 * Request for an object to decode itself
316 */
318  {
319  obj.decode_from(*this);
320  return (*this);
321  }
322 
323 /*
324 * Decode a BER encoded NULL
325 */
327  {
328  BER_Object obj = get_next_object();
330  if(obj.value.size())
331  throw BER_Decoding_Error("NULL object had nonzero size");
332  return (*this);
333  }
334 
335 /*
336 * Decode a BER encoded BOOLEAN
337 */
339  {
340  return decode(out, BOOLEAN, UNIVERSAL);
341  }
342 
343 /*
344 * Decode a small BER encoded INTEGER
345 */
347  {
348  return decode(out, INTEGER, UNIVERSAL);
349  }
350 
351 /*
352 * Decode a BER encoded INTEGER
353 */
355  {
356  return decode(out, INTEGER, UNIVERSAL);
357  }
358 
360  {
361  SecureVector<byte> out_vec;
362  decode(out_vec, OCTET_STRING);
363  out = BigInt::decode(&out_vec[0], out_vec.size());
364  return (*this);
365  }
366 
367 /*
368 * Decode a BER encoded BOOLEAN
369 */
371  ASN1_Tag type_tag, ASN1_Tag class_tag)
372  {
373  BER_Object obj = get_next_object();
374  obj.assert_is_a(type_tag, class_tag);
375 
376  if(obj.value.size() != 1)
377  throw BER_Decoding_Error("BER boolean value had invalid size");
378 
379  out = (obj.value[0]) ? true : false;
380  return (*this);
381  }
382 
383 /*
384 * Decode a small BER encoded INTEGER
385 */
387  ASN1_Tag type_tag, ASN1_Tag class_tag)
388  {
389  BigInt integer;
390  decode(integer, type_tag, class_tag);
391 
392  if(integer.bits() > 32)
393  throw BER_Decoding_Error("Decoded integer value larger than expected");
394 
395  out = 0;
396  for(size_t i = 0; i != 4; ++i)
397  out = (out << 8) | integer.byte_at(3-i);
398 
399  return (*this);
400  }
401 
402 /*
403 * Decode a BER encoded INTEGER
404 */
406  ASN1_Tag type_tag, ASN1_Tag class_tag)
407  {
408  BER_Object obj = get_next_object();
409  obj.assert_is_a(type_tag, class_tag);
410 
411  if(obj.value.empty())
412  out = 0;
413  else
414  {
415  const bool negative = (obj.value[0] & 0x80) ? true : false;
416 
417  if(negative)
418  {
419  for(size_t i = obj.value.size(); i > 0; --i)
420  if(obj.value[i-1]--)
421  break;
422  for(size_t i = 0; i != obj.value.size(); ++i)
423  obj.value[i] = ~obj.value[i];
424  }
425 
426  out = BigInt(&obj.value[0], obj.value.size());
427 
428  if(negative)
429  out.flip_sign();
430  }
431 
432  return (*this);
433  }
434 
435 /*
436 * BER decode a BIT STRING or OCTET STRING
437 */
439  {
440  return decode(out, real_type, real_type, UNIVERSAL);
441  }
442 
443 /*
444 * BER decode a BIT STRING or OCTET STRING
445 */
447  ASN1_Tag real_type,
448  ASN1_Tag type_tag, ASN1_Tag class_tag)
449  {
450  if(real_type != OCTET_STRING && real_type != BIT_STRING)
451  throw BER_Bad_Tag("Bad tag for {BIT,OCTET} STRING", real_type);
452 
453  BER_Object obj = get_next_object();
454  obj.assert_is_a(type_tag, class_tag);
455 
456  if(real_type == OCTET_STRING)
457  buffer = obj.value;
458  else
459  {
460  if(obj.value[0] >= 8)
461  throw BER_Decoding_Error("Bad number of unused bits in BIT STRING");
462 
463  buffer.resize(obj.value.size() - 1);
464  copy_mem(&buffer[0], &obj.value[1], obj.value.size() - 1);
465  }
466  return (*this);
467  }
468 
469 /*
470 * Decode an OPTIONAL string type
471 */
473  ASN1_Tag real_type,
474  u16bit type_no)
475  {
476  BER_Object obj = get_next_object();
477 
478  ASN1_Tag type_tag = static_cast<ASN1_Tag>(type_no);
479 
480  out.clear();
481  push_back(obj);
482 
483  if(obj.type_tag == type_tag && obj.class_tag == CONTEXT_SPECIFIC)
484  decode(out, real_type, type_tag, CONTEXT_SPECIFIC);
485 
486  return (*this);
487  }
488 
489 }
void resize(size_t n)
Definition: secmem.h:211
virtual size_t read(byte out[], size_t length)=0
BER_Decoder & decode_optional_string(MemoryRegion< byte > &, ASN1_Tag, u16bit)
Definition: ber_dec.cpp:472
BER_Decoder(DataSource &)
Definition: ber_dec.cpp:258
BER_Decoder & decode(bool &)
Definition: ber_dec.cpp:338
byte byte_at(size_t n) const
Definition: bigint.cpp:147
void push_back(T x)
Definition: secmem.h:143
byte get_byte(size_t byte_num, T input)
Definition: get_byte.h:21
BER_Decoder start_cons(ASN1_Tag, ASN1_Tag=UNIVERSAL)
Definition: ber_dec.cpp:232
unsigned char byte
Definition: types.h:22
void assert_is_a(ASN1_Tag, ASN1_Tag)
Definition: ber_dec.cpp:141
size_t bits() const
Definition: bigint.cpp:253
BER_Decoder & decode_octet_string_bigint(class BigInt &)
Definition: ber_dec.cpp:359
BER_Decoder & decode_null()
Definition: ber_dec.cpp:326
BER_Decoder & end_cons()
Definition: ber_dec.cpp:246
bool more_items() const
Definition: ber_dec.cpp:150
void push_back(const BER_Object &)
Definition: ber_dec.cpp:222
bool empty() const
Definition: secmem.h:35
ASN1_Tag
Definition: asn1_int.h:19
virtual bool end_of_data() const =0
unsigned short u16bit
Definition: types.h:27
size_t read_byte(byte &out)
Definition: data_src.cpp:19
size_t size() const
Definition: secmem.h:29
void copy_mem(T *out, const T *in, size_t n)
Definition: mem_ops.h:22
BER_Decoder & discard_remaining()
Definition: ber_dec.cpp:182
SecureVector< byte > value
Definition: asn1_int.h:83
BER_Object get_next_object()
Definition: ber_dec.cpp:193
ASN1_Tag class_tag
Definition: asn1_int.h:82
ASN1_Tag type_tag
Definition: asn1_int.h:82
BER_Decoder & raw_bytes(MemoryRegion< byte > &)
Definition: ber_dec.cpp:170
BER_Decoder & verify_end()
Definition: ber_dec.cpp:160
static BigInt decode(const byte buf[], size_t length, Base base=Binary)
Definition: big_code.cpp:102
void flip_sign()
Definition: bigint.cpp:302
virtual void decode_from(class BER_Decoder &from)=0