]>
git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blob - lib/asn1_encoder.c
1 // SPDX-License-Identifier: GPL-2.0-only
3 * Simple encoder primitives for ASN.1 BER/DER/CER
5 * Copyright (C) 2019 James.Bottomley@HansenPartnership.com
8 #include <linux/asn1_encoder.h>
10 #include <linux/string.h>
11 #include <linux/module.h>
14 * asn1_encode_integer() - encode positive integer to ASN.1
15 * @data: pointer to the pointer to the data
16 * @end_data: end of data pointer, points one beyond last usable byte in @data
17 * @integer: integer to be encoded
19 * This is a simplified encoder: it only currently does
20 * positive integers, but it should be simple enough to add the
21 * negative case if a use comes along.
24 asn1_encode_integer(unsigned char *data
, const unsigned char *end_data
,
27 int data_len
= end_data
- data
;
28 unsigned char *d
= &data
[2];
33 "BUG: integer encode only supports positive integers"))
34 return ERR_PTR(-EINVAL
);
39 /* need at least 3 bytes for tag, length and integer encoding */
41 return ERR_PTR(-EINVAL
);
43 /* remaining length where at d (the start of the integer encoding) */
46 data
[0] = _tag(UNIV
, PRIM
, INT
);
52 for (i
= sizeof(integer
); i
> 0 ; i
--) {
53 int byte
= integer
>> (8 * (i
- 1));
55 if (!found
&& byte
== 0)
59 * for a positive number the first byte must have bit
60 * 7 clear in two's complement (otherwise it's a
61 * negative number) so prepend a leading zero if
64 if (!found
&& (byte
& 0x80)) {
66 * no check needed here, we already know we
75 return ERR_PTR(-EINVAL
);
82 data
[1] = d
- data
- 2;
86 EXPORT_SYMBOL_GPL(asn1_encode_integer
);
88 /* calculate the base 128 digit values setting the top bit of the first octet */
89 static int asn1_encode_oid_digit(unsigned char **_data
, int *data_len
, u32 oid
)
91 unsigned char *data
= *_data
;
92 int start
= 7 + 7 + 7 + 7;
105 while (oid
>> start
== 0)
108 while (start
> 0 && *data_len
> 0) {
112 oid
= oid
- (byte
<< start
);
132 * asn1_encode_oid() - encode an oid to ASN.1
133 * @data: position to begin encoding at
134 * @end_data: end of data pointer, points one beyond last usable byte in @data
135 * @oid: array of oids
136 * @oid_len: length of oid array
138 * this encodes an OID up to ASN.1 when presented as an array of OID values
141 asn1_encode_oid(unsigned char *data
, const unsigned char *end_data
,
142 u32 oid
[], int oid_len
)
144 int data_len
= end_data
- data
;
145 unsigned char *d
= data
+ 2;
148 if (WARN(oid_len
< 2, "OID must have at least two elements"))
149 return ERR_PTR(-EINVAL
);
151 if (WARN(oid_len
> 32, "OID is too large"))
152 return ERR_PTR(-EINVAL
);
158 /* need at least 3 bytes for tag, length and OID encoding */
160 return ERR_PTR(-EINVAL
);
162 data
[0] = _tag(UNIV
, PRIM
, OID
);
163 *d
++ = oid
[0] * 40 + oid
[1];
169 for (i
= 2; i
< oid_len
; i
++) {
170 ret
= asn1_encode_oid_digit(&d
, &data_len
, oid
[i
]);
175 data
[1] = d
- data
- 2;
179 EXPORT_SYMBOL_GPL(asn1_encode_oid
);
182 * asn1_encode_length() - encode a length to follow an ASN.1 tag
183 * @data: pointer to encode at
184 * @data_len: pointer to remaining length (adjusted by routine)
185 * @len: length to encode
187 * This routine can encode lengths up to 65535 using the ASN.1 rules.
188 * It will accept a negative length and place a zero length tag
189 * instead (to keep the ASN.1 valid). This convention allows other
190 * encoder primitives to accept negative lengths as singalling the
191 * sequence will be re-encoded when the length is known.
193 static int asn1_encode_length(unsigned char **data
, int *data_len
, int len
)
215 *((*data
)++) = len
& 0xff;
225 *((*data
)++) = (len
>> 8) & 0xff;
226 *((*data
)++) = len
& 0xff;
231 if (WARN(len
> 0xffffff, "ASN.1 length can't be > 0xffffff"))
237 *((*data
)++) = (len
>> 16) & 0xff;
238 *((*data
)++) = (len
>> 8) & 0xff;
239 *((*data
)++) = len
& 0xff;
246 * asn1_encode_tag() - add a tag for optional or explicit value
247 * @data: pointer to place tag at
248 * @end_data: end of data pointer, points one beyond last usable byte in @data
249 * @tag: tag to be placed
250 * @string: the data to be tagged
251 * @len: the length of the data to be tagged
253 * Note this currently only handles short form tags < 31.
255 * Standard usage is to pass in a @tag, @string and @length and the
256 * @string will be ASN.1 encoded with @tag and placed into @data. If
257 * the encoding would put data past @end_data then an error is
258 * returned, otherwise a pointer to a position one beyond the encoding
261 * To encode in place pass a NULL @string and -1 for @len and the
262 * maximum allowable beginning and end of the data; all this will do
263 * is add the current maximum length and update the data pointer to
264 * the place where the tag contents should be placed is returned. The
265 * data should be copied in by the calling routine which should then
266 * repeat the prior statement but now with the known length. In order
267 * to avoid having to keep both before and after pointers, the repeat
268 * expects to be called with @data pointing to where the first encode
269 * returned it and still NULL for @string but the real length in @len.
272 asn1_encode_tag(unsigned char *data
, const unsigned char *end_data
,
273 u32 tag
, const unsigned char *string
, int len
)
275 int data_len
= end_data
- data
;
278 if (WARN(tag
> 30, "ASN.1 tag can't be > 30"))
279 return ERR_PTR(-EINVAL
);
281 if (!string
&& WARN(len
> 127,
282 "BUG: recode tag is too big (>127)"))
283 return ERR_PTR(-EINVAL
);
288 if (!string
&& len
> 0) {
290 * we're recoding, so move back to the start of the
291 * tag and install a dummy length because the real
292 * data_len should be NULL
299 return ERR_PTR(-EINVAL
);
301 *(data
++) = _tagn(CONT
, CONS
, tag
);
303 ret
= asn1_encode_length(&data
, &data_len
, len
);
311 return ERR_PTR(-EINVAL
);
313 memcpy(data
, string
, len
);
318 EXPORT_SYMBOL_GPL(asn1_encode_tag
);
321 * asn1_encode_octet_string() - encode an ASN.1 OCTET STRING
322 * @data: pointer to encode at
323 * @end_data: end of data pointer, points one beyond last usable byte in @data
324 * @string: string to be encoded
325 * @len: length of string
327 * Note ASN.1 octet strings may contain zeros, so the length is obligatory.
330 asn1_encode_octet_string(unsigned char *data
,
331 const unsigned char *end_data
,
332 const unsigned char *string
, u32 len
)
334 int data_len
= end_data
- data
;
340 /* need minimum of 2 bytes for tag and length of zero length string */
342 return ERR_PTR(-EINVAL
);
344 *(data
++) = _tag(UNIV
, PRIM
, OTS
);
347 ret
= asn1_encode_length(&data
, &data_len
, len
);
352 return ERR_PTR(-EINVAL
);
354 memcpy(data
, string
, len
);
359 EXPORT_SYMBOL_GPL(asn1_encode_octet_string
);
362 * asn1_encode_sequence() - wrap a byte stream in an ASN.1 SEQUENCE
363 * @data: pointer to encode at
364 * @end_data: end of data pointer, points one beyond last usable byte in @data
365 * @seq: data to be encoded as a sequence
366 * @len: length of the data to be encoded as a sequence
368 * Fill in a sequence. To encode in place, pass NULL for @seq and -1
369 * for @len; then call again once the length is known (still with NULL
370 * for @seq). In order to avoid having to keep both before and after
371 * pointers, the repeat expects to be called with @data pointing to
372 * where the first encode placed it.
375 asn1_encode_sequence(unsigned char *data
, const unsigned char *end_data
,
376 const unsigned char *seq
, int len
)
378 int data_len
= end_data
- data
;
381 if (!seq
&& WARN(len
> 127,
382 "BUG: recode sequence is too big (>127)"))
383 return ERR_PTR(-EINVAL
);
388 if (!seq
&& len
>= 0) {
390 * we're recoding, so move back to the start of the
391 * sequence and install a dummy length because the
392 * real length should be NULL
399 return ERR_PTR(-EINVAL
);
401 *(data
++) = _tag(UNIV
, CONS
, SEQ
);
404 ret
= asn1_encode_length(&data
, &data_len
, len
);
412 return ERR_PTR(-EINVAL
);
414 memcpy(data
, seq
, len
);
419 EXPORT_SYMBOL_GPL(asn1_encode_sequence
);
422 * asn1_encode_boolean() - encode a boolean value to ASN.1
423 * @data: pointer to encode at
424 * @end_data: end of data pointer, points one beyond last usable byte in @data
425 * @val: the boolean true/false value
428 asn1_encode_boolean(unsigned char *data
, const unsigned char *end_data
,
431 int data_len
= end_data
- data
;
436 /* booleans are 3 bytes: tag, length == 1 and value == 0 or 1 */
438 return ERR_PTR(-EINVAL
);
440 *(data
++) = _tag(UNIV
, PRIM
, BOOL
);
443 asn1_encode_length(&data
, &data_len
, 1);
452 EXPORT_SYMBOL_GPL(asn1_encode_boolean
);
454 MODULE_LICENSE("GPL");