xref: /freebsd/contrib/bsnmp/lib/asn1.c (revision 1e413cf93298b5b97441a21d9a50fdcd0ee9945e)
1 /*
2  * Copyright (c) 2001-2003
3  *	Fraunhofer Institute for Open Communication Systems (FhG Fokus).
4  *	All rights reserved.
5  *
6  * Author: Harti Brandt <harti@freebsd.org>
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  * $Begemot: bsnmp/lib/asn1.c,v 1.31 2005/10/06 07:14:58 brandt_h Exp $
30  *
31  * ASN.1 for SNMP.
32  */
33 #include <sys/types.h>
34 #include <stdio.h>
35 #include <stdlib.h>
36 #include <stdarg.h>
37 #include <string.h>
38 #ifdef HAVE_STDINT_H
39 #include <stdint.h>
40 #elif defined(HAVE_INTTYPES_H)
41 #include <inttypes.h>
42 #endif
43 #include <assert.h>
44 
45 #include "support.h"
46 #include "asn1.h"
47 
48 static void asn_error_func(const struct asn_buf *, const char *, ...);
49 
50 void (*asn_error)(const struct asn_buf *, const char *, ...) = asn_error_func;
51 
52 /*
53  * Read the next header. This reads the tag (note, that only single
54  * byte tags are supported for now) and the length field. The length field
55  * is restricted to a 32-bit value.
56  * All errors of this function stop the decoding.
57  */
58 enum asn_err
59 asn_get_header(struct asn_buf *b, u_char *type, asn_len_t *len)
60 {
61 	u_int length;
62 
63 	if (b->asn_len == 0) {
64 		asn_error(b, "no identifier for header");
65 		return (ASN_ERR_EOBUF);
66 	}
67 	*type = *b->asn_cptr;
68 	if ((*type & ASN_TYPE_MASK) > 0x30) {
69 		asn_error(b, "types > 0x30 not supported (%u)",
70 		    *type & ASN_TYPE_MASK);
71 		return (ASN_ERR_FAILED);
72 	}
73 	b->asn_cptr++;
74 	b->asn_len--;
75 	if (b->asn_len == 0) {
76 		asn_error(b, "no length field");
77 		return (ASN_ERR_EOBUF);
78 	}
79 	if (*b->asn_cptr & 0x80) {
80 		length = *b->asn_cptr++ & 0x7f;
81 		b->asn_len--;
82 		if (length == 0) {
83 			asn_error(b, "indefinite length not supported");
84 			return (ASN_ERR_FAILED);
85 		}
86 		if (length > ASN_MAXLENLEN) {
87 			asn_error(b, "long length too long (%u)", length);
88 			return (ASN_ERR_FAILED);
89 		}
90 		if (length > b->asn_len) {
91 			asn_error(b, "long length truncated");
92 			return (ASN_ERR_EOBUF);
93 		}
94 		*len = 0;
95 		while (length--) {
96 			*len = (*len << 8) | *b->asn_cptr++;
97 			b->asn_len--;
98 		}
99 	} else {
100 		*len = *b->asn_cptr++;
101 		b->asn_len--;
102 	}
103 	return (ASN_ERR_OK);
104 }
105 
106 /*
107  * Write a length field (restricted to values < 2^32-1) and return the
108  * number of bytes this field takes. If ptr is NULL, the length is computed
109  * but nothing is written. If the length would be too large return 0.
110  */
111 static u_int
112 asn_put_len(u_char *ptr, asn_len_t len)
113 {
114 	u_int lenlen, lenlen1;
115 	asn_len_t tmp;
116 
117 	if (len > ASN_MAXLEN) {
118 		asn_error(NULL, "encoding length too long: (%u)", len);
119 		return (0);
120 	}
121 
122 	if (len <= 127) {
123 		if (ptr)
124 			*ptr++ = (u_char)len;
125 		return (1);
126 	} else {
127 		lenlen = 0;
128 		/* compute number of bytes for value (is at least 1) */
129 		for (tmp = len; tmp != 0; tmp >>= 8)
130 			lenlen++;
131 		if (ptr != NULL) {
132 			*ptr++ = (u_char)lenlen | 0x80;
133 			lenlen1 = lenlen;
134 			while (lenlen1-- > 0) {
135 				ptr[lenlen1] = len & 0xff;
136 				len >>= 8;
137 			}
138 		}
139 		return (lenlen + 1);
140 	}
141 }
142 
143 /*
144  * Write a header (tag and length fields).
145  * Tags are restricted to one byte tags (value <= 0x30) and the
146  * lenght field to 16-bit. All errors stop the encoding.
147  */
148 enum asn_err
149 asn_put_header(struct asn_buf *b, u_char type, asn_len_t len)
150 {
151 	u_int lenlen;
152 
153 	/* tag field */
154 	if ((type & ASN_TYPE_MASK) > 0x30) {
155 		asn_error(NULL, "types > 0x30 not supported (%u)",
156 		    type & ASN_TYPE_MASK);
157 		return (ASN_ERR_FAILED);
158 	}
159 	if (b->asn_len == 0)
160 		return (ASN_ERR_EOBUF);
161 
162 	*b->asn_ptr++ = type;
163 	b->asn_len--;
164 
165 	/* length field */
166 	if ((lenlen = asn_put_len(NULL, len)) == 0)
167 		return (ASN_ERR_FAILED);
168 	if (b->asn_len < lenlen)
169 		return (ASN_ERR_EOBUF);
170 
171 	(void)asn_put_len(b->asn_ptr, len);
172 	b->asn_ptr += lenlen;
173 	b->asn_len -= lenlen;
174 	return (ASN_ERR_OK);
175 }
176 
177 
178 /*
179  * This constructs a temporary sequence header with space for the maximum
180  * length field (three byte). Set the pointer that ptr points to to the
181  * start of the encoded header. This is used for a later call to
182  * asn_commit_header which will fix-up the length field and move the
183  * value if needed. All errors should stop the encoding.
184  */
185 #define	TEMP_LEN (1 + ASN_MAXLENLEN + 1)
186 enum asn_err
187 asn_put_temp_header(struct asn_buf *b, u_char type, u_char **ptr)
188 {
189 	int ret;
190 
191 	if (b->asn_len < TEMP_LEN)
192 		return (ASN_ERR_EOBUF);
193 	*ptr = b->asn_ptr;
194 	if ((ret = asn_put_header(b, type, ASN_MAXLEN)) == ASN_ERR_OK)
195 		assert(b->asn_ptr == *ptr + TEMP_LEN);
196 	return (ret);
197 }
198 enum asn_err
199 asn_commit_header(struct asn_buf *b, u_char *ptr)
200 {
201 	asn_len_t len;
202 	u_int lenlen, shift;
203 
204 	/* compute length of encoded value without header */
205 	len = b->asn_ptr - (ptr + TEMP_LEN);
206 
207 	/* insert length. may not fail. */
208 	lenlen = asn_put_len(ptr + 1, len);
209 	if (lenlen > TEMP_LEN - 1)
210 		return (ASN_ERR_FAILED);
211 
212 	if (lenlen < TEMP_LEN - 1) {
213 		/* shift value down */
214 		shift = (TEMP_LEN - 1) - lenlen;
215 		memmove(ptr + 1 + lenlen, ptr + TEMP_LEN, len);
216 		b->asn_ptr -= shift;
217 		b->asn_len += shift;
218 	}
219 	return (ASN_ERR_OK);
220 }
221 #undef TEMP_LEN
222 
223 /*
224  * BER integer. This may be used to get a signed 64 bit integer at maximum.
225  * The maximum length should be checked by the caller. This cannot overflow
226  * if the caller ensures that len is at maximum 8.
227  *
228  * <bytes>
229  */
230 static enum asn_err
231 asn_get_real_integer(struct asn_buf *b, asn_len_t len, int64_t *vp)
232 {
233 	uint64_t val;
234 	int neg = 0;
235 	enum asn_err err;
236 
237 	if (b->asn_len < len) {
238 		asn_error(b, "truncated integer");
239 		return (ASN_ERR_EOBUF);
240 	}
241 	if (len == 0) {
242 		asn_error(b, "zero-length integer");
243 		*vp = 0;
244 		return (ASN_ERR_BADLEN);
245 	}
246 	err = ASN_ERR_OK;
247 	if (len > 8)
248 		err = ASN_ERR_RANGE;
249 	else if (len > 1 &&
250 	    ((*b->asn_cptr == 0x00 && (b->asn_cptr[1] & 0x80) == 0) ||
251 	    (*b->asn_cptr == 0xff && (b->asn_cptr[1] & 0x80) == 0x80))) {
252 		asn_error(b, "non-minimal integer");
253 		err = ASN_ERR_BADLEN;
254 	}
255 
256 	if (*b->asn_cptr & 0x80)
257 		neg = 1;
258 	val = 0;
259 	while (len--) {
260 		val <<= 8;
261 		val |= neg ? (u_char)~*b->asn_cptr : *b->asn_cptr;
262 		b->asn_len--;
263 		b->asn_cptr++;
264 	}
265 	if (neg) {
266 		*vp = -(int64_t)val - 1;
267 	} else
268 		*vp = (int64_t)val;
269 	return (err);
270 }
271 
272 /*
273  * Write a signed integer with the given type. The caller has to ensure
274  * that the actual value is ok for this type.
275  */
276 static enum asn_err
277 asn_put_real_integer(struct asn_buf *b, u_char type, int64_t ival)
278 {
279 	int i, neg = 0;
280 # define OCTETS 8
281 	u_char buf[OCTETS];
282 	uint64_t val;
283 	enum asn_err ret;
284 
285 	if (ival < 0) {
286 		/* this may fail if |INT64_MIN| > |INT64_MAX| and
287 		 * the value is between * INT64_MIN <= ival < -(INT64_MAX+1) */
288 		val = (uint64_t)-(ival + 1);
289 		neg = 1;
290 	} else
291 		val = (uint64_t)ival;
292 
293 	/* split the value into octets */
294 	for (i = OCTETS - 1; i >= 0; i--) {
295 		buf[i] = val & 0xff;
296 		if (neg)
297 			buf[i] = ~buf[i];
298 		val >>= 8;
299 	}
300 	/* no leading 9 zeroes or ones */
301 	for (i = 0; i < OCTETS - 1; i++)
302 		if (!((buf[i] == 0xff && (buf[i + 1] & 0x80) != 0) ||
303 		    (buf[i] == 0x00 && (buf[i + 1] & 0x80) == 0)))
304 			break;
305 	if ((ret = asn_put_header(b, type, OCTETS - i)))
306 		return (ret);
307 	if (OCTETS - (u_int)i > b->asn_len)
308 		return (ASN_ERR_EOBUF);
309 
310 	while (i < OCTETS) {
311 		*b->asn_ptr++ = buf[i++];
312 		b->asn_len--;
313 	}
314 	return (ASN_ERR_OK);
315 # undef OCTETS
316 }
317 
318 
319 /*
320  * The same for unsigned 64-bitters. Here we have the problem, that overflow
321  * can happen, because the value maybe 9 bytes long. In this case the
322  * first byte must be 0.
323  */
324 static enum asn_err
325 asn_get_real_unsigned(struct asn_buf *b, asn_len_t len, uint64_t *vp)
326 {
327 	enum asn_err err;
328 
329 	if (b->asn_len < len) {
330 		asn_error(b, "truncated integer");
331 		return (ASN_ERR_EOBUF);
332 	}
333 	if (len == 0) {
334 		asn_error(b, "zero-length integer");
335 		*vp = 0;
336 		return (ASN_ERR_BADLEN);
337 	}
338 	err = ASN_ERR_OK;
339 	*vp = 0;
340 	if ((*b->asn_cptr & 0x80) || (len == 9 && *b->asn_cptr != 0)) {
341 		/* negative integer or too larger */
342 		*vp = 0xffffffffffffffffULL;
343 		err = ASN_ERR_RANGE;
344 	} else if (len > 1 &&
345 	    *b->asn_cptr == 0x00 && (b->asn_cptr[1] & 0x80) == 0) {
346 		asn_error(b, "non-minimal unsigned");
347 		err = ASN_ERR_BADLEN;
348 	}
349 
350 	while (len--) {
351 		*vp = (*vp << 8) | *b->asn_cptr++;
352 		b->asn_len--;
353 	}
354 	return (err);
355 }
356 
357 
358 /*
359  * Values with the msb on need 9 octets.
360  */
361 static int
362 asn_put_real_unsigned(struct asn_buf *b, u_char type, uint64_t val)
363 {
364 	int i;
365 # define OCTETS 9
366 	u_char buf[OCTETS];
367 	enum asn_err ret;
368 
369 	/* split the value into octets */
370 	for (i = OCTETS - 1; i >= 0; i--) {
371 		buf[i] = val & 0xff;
372 		val >>= 8;
373 	}
374 	/* no leading 9 zeroes */
375 	for (i = 0; i < OCTETS - 1; i++)
376 		if (!(buf[i] == 0x00 && (buf[i + 1] & 0x80) == 0))
377 			break;
378 	if ((ret = asn_put_header(b, type, OCTETS - i)))
379 		return (ret);
380 	if (OCTETS - (u_int)i > b->asn_len)
381 		return (ASN_ERR_EOBUF);
382 
383 	while (i < OCTETS) {
384 		*b->asn_ptr++ = buf[i++];
385 		b->asn_len--;
386 	}
387 #undef OCTETS
388 	return (ASN_ERR_OK);
389 }
390 
391 /*
392  * The ASN.1 INTEGER type is restricted to 32-bit signed by the SMI.
393  */
394 enum asn_err
395 asn_get_integer_raw(struct asn_buf *b, asn_len_t len, int32_t *vp)
396 {
397 	int64_t val;
398 	enum asn_err ret;
399 
400 	if ((ret = asn_get_real_integer(b, len, &val)) == ASN_ERR_OK) {
401 		if (len > 4)
402 			ret = ASN_ERR_BADLEN;
403 		else if (val > INT32_MAX || val < INT32_MIN)
404 			/* may not happen */
405 			ret = ASN_ERR_RANGE;
406 		*vp = (int32_t)val;
407 	}
408 	return (ret);
409 }
410 
411 enum asn_err
412 asn_get_integer(struct asn_buf *b, int32_t *vp)
413 {
414 	asn_len_t len;
415 	u_char type;
416 	enum asn_err err;
417 
418 	if ((err = asn_get_header(b, &type, &len)) != ASN_ERR_OK)
419 		return (err);
420 	if (type != ASN_TYPE_INTEGER) {
421 		asn_error(b, "bad type for integer (%u)", type);
422 		return (ASN_ERR_TAG);
423 	}
424 
425 	return (asn_get_integer_raw(b, len, vp));
426 }
427 
428 enum asn_err
429 asn_put_integer(struct asn_buf *b, int32_t val)
430 {
431 	return (asn_put_real_integer(b, ASN_TYPE_INTEGER, val));
432 }
433 
434 /*
435  * OCTETSTRING
436  *
437  * <0x04> <len> <data ...>
438  *
439  * Get an octetstring. noctets must point to the buffer size and on
440  * return will contain the size of the octetstring, regardless of the
441  * buffer size.
442  */
443 enum asn_err
444 asn_get_octetstring_raw(struct asn_buf *b, asn_len_t len, u_char *octets,
445     u_int *noctets)
446 {
447 	enum asn_err err = ASN_ERR_OK;
448 
449 	if (*noctets < len) {
450 		asn_error(b, "octetstring truncated");
451 		err = ASN_ERR_RANGE;
452 	}
453 	if (b->asn_len < len) {
454 		asn_error(b, "truncatet octetstring");
455 		return (ASN_ERR_EOBUF);
456 	}
457 	if (*noctets < len)
458 		memcpy(octets, b->asn_cptr, *noctets);
459 	else
460 		memcpy(octets, b->asn_cptr, len);
461 	*noctets = len;
462 	b->asn_cptr += len;
463 	b->asn_len -= len;
464 	return (err);
465 }
466 
467 enum asn_err
468 asn_get_octetstring(struct asn_buf *b, u_char *octets, u_int *noctets)
469 {
470 	enum asn_err err;
471 	u_char type;
472 	asn_len_t len;
473 
474 	if ((err = asn_get_header(b, &type, &len)) != ASN_ERR_OK)
475 		return (err);
476 	if (type != ASN_TYPE_OCTETSTRING) {
477 		asn_error(b, "bad type for octetstring (%u)", type);
478 		return (ASN_ERR_TAG);
479 	}
480 	return (asn_get_octetstring_raw(b, len, octets, noctets));
481 }
482 
483 enum asn_err
484 asn_put_octetstring(struct asn_buf *b, const u_char *octets, u_int noctets)
485 {
486 	enum asn_err ret;
487 
488 	if ((ret = asn_put_header(b, ASN_TYPE_OCTETSTRING, noctets)) != ASN_ERR_OK)
489 		return (ret);
490 	if (b->asn_len < noctets)
491 		return (ASN_ERR_EOBUF);
492 
493 	memcpy(b->asn_ptr, octets, noctets);
494 	b->asn_ptr += noctets;
495 	b->asn_len -= noctets;
496 	return (ASN_ERR_OK);
497 }
498 
499 /*
500  * NULL
501  *
502  * <0x05> <0x00>
503  */
504 enum asn_err
505 asn_get_null_raw(struct asn_buf *b, asn_len_t len)
506 {
507 	if (len != 0) {
508 		if (b->asn_len < len) {
509 			asn_error(b, "truncated NULL");
510 			return (ASN_ERR_EOBUF);
511 		}
512 		asn_error(b, "bad length for NULL (%u)", len);
513 		b->asn_len -= len;
514 		b->asn_ptr += len;
515 		return (ASN_ERR_BADLEN);
516 	}
517 	return (ASN_ERR_OK);
518 }
519 
520 enum asn_err
521 asn_get_null(struct asn_buf *b)
522 {
523 	u_char type;
524 	asn_len_t len;
525 	enum asn_err err;
526 
527 	if ((err = asn_get_header(b, &type, &len)) != ASN_ERR_OK)
528 		return (err);
529 	if (type != ASN_TYPE_NULL) {
530 		asn_error(b, "bad type for NULL (%u)", type);
531 		return (ASN_ERR_TAG);
532 	}
533 	return (asn_get_null_raw(b, len));
534 }
535 
536 enum asn_err
537 asn_put_null(struct asn_buf *b)
538 {
539 	return (asn_put_header(b, ASN_TYPE_NULL, 0));
540 }
541 
542 enum asn_err
543 asn_put_exception(struct asn_buf *b, u_int except)
544 {
545 	return (asn_put_header(b, ASN_CLASS_CONTEXT | except, 0));
546 }
547 
548 /*
549  * OBJID
550  *
551  * <0x06> <len> <subid...>
552  */
553 enum asn_err
554 asn_get_objid_raw(struct asn_buf *b, asn_len_t len, struct asn_oid *oid)
555 {
556 	asn_subid_t subid;
557 	enum asn_err err;
558 
559 	if (b->asn_len < len) {
560 		asn_error(b, "truncated OBJID");
561 		return (ASN_ERR_EOBUF);
562 	}
563 	oid->len = 0;
564 	if (len == 0) {
565 		asn_error(b, "short OBJID");
566 		oid->subs[oid->len++] = 0;
567 		oid->subs[oid->len++] = 0;
568 		return (ASN_ERR_BADLEN);
569 	}
570 	err = ASN_ERR_OK;
571 	while (len != 0) {
572 		if (oid->len == ASN_MAXOIDLEN) {
573 			asn_error(b, "OID too long (%u)", oid->len);
574 			b->asn_cptr += len;
575 			b->asn_len -= len;
576 			return (ASN_ERR_BADLEN);
577 		}
578 		subid = 0;
579 		do {
580 			if (len == 0) {
581 				asn_error(b, "unterminated subid");
582 				return (ASN_ERR_EOBUF);
583 			}
584 			if (subid > (ASN_MAXID >> 7)) {
585 				asn_error(b, "OBID subid too larger");
586 				err = ASN_ERR_RANGE;
587 			}
588 			subid = (subid << 7) | (*b->asn_cptr & 0x7f);
589 			len--;
590 			b->asn_len--;
591 		} while (*b->asn_cptr++ & 0x80);
592 		if (oid->len == 0) {
593 			if (subid < 80) {
594 				oid->subs[oid->len++] = subid / 40;
595 				oid->subs[oid->len++] = subid % 40;
596 			} else {
597 				oid->subs[oid->len++] = 2;
598 				oid->subs[oid->len++] = subid - 80;
599 			}
600 		} else {
601 			oid->subs[oid->len++] = subid;
602 		}
603 	}
604 	return (err);
605 
606 }
607 
608 enum asn_err
609 asn_get_objid(struct asn_buf *b, struct asn_oid *oid)
610 {
611 	u_char type;
612 	asn_len_t len;
613 	enum asn_err err;
614 
615 	if ((err = asn_get_header(b, &type, &len)) != ASN_ERR_OK)
616 		return (err);
617 	if (type != ASN_TYPE_OBJID) {
618 		asn_error(b, "bad type for OBJID (%u)", type);
619 		return (ASN_ERR_TAG);
620 	}
621 	return (asn_get_objid_raw(b, len, oid));
622 }
623 
624 enum asn_err
625 asn_put_objid(struct asn_buf *b, const struct asn_oid *oid)
626 {
627 	asn_subid_t first, sub;
628 	enum asn_err err, err1;
629 	u_int i, oidlen;
630 	asn_len_t len;
631 
632 	err = ASN_ERR_OK;
633 	if (oid->len == 0) {
634 		/* illegal */
635 		asn_error(NULL, "short oid");
636 		err = ASN_ERR_RANGE;
637 		first = 0;
638 		oidlen = 2;
639 	} else if (oid->len == 1) {
640 		/* illegal */
641 		asn_error(b, "short oid");
642 		if (oid->subs[0] > 2)
643 			asn_error(NULL, "oid[0] too large (%u)", oid->subs[0]);
644 		err = ASN_ERR_RANGE;
645 		first = oid->subs[0] * 40;
646 		oidlen = 2;
647 	} else {
648 		if (oid->len > ASN_MAXOIDLEN) {
649 			asn_error(NULL, "oid too long %u", oid->len);
650 			err = ASN_ERR_RANGE;
651 		}
652 		if (oid->subs[0] > 2 ||
653 		    (oid->subs[0] < 2 && oid->subs[0] >= 40)) {
654 			asn_error(NULL, "oid out of range (%u,%u)",
655 			    oid->subs[0], oid->subs[1]);
656 			err = ASN_ERR_RANGE;
657 		}
658 		first = 40 * oid->subs[0] + oid->subs[1];
659 		oidlen = oid->len;
660 	}
661 	len = 0;
662 	for (i = 1; i < oidlen; i++) {
663 		sub = (i == 1) ? first : oid->subs[i];
664 		if (sub > ASN_MAXID) {
665 			asn_error(NULL, "oid subid too large");
666 			err = ASN_ERR_RANGE;
667 		}
668 		len += (sub <= 0x7f) ? 1
669 		    : (sub <= 0x3fff) ? 2
670 		    : (sub <= 0x1fffff) ? 3
671 		    : (sub <= 0xfffffff) ? 4
672 		    : 5;
673 	}
674 	if ((err1 = asn_put_header(b, ASN_TYPE_OBJID, len)) != ASN_ERR_OK)
675 		return (err1);
676 	if (b->asn_len < len)
677 		return (ASN_ERR_EOBUF);
678 
679 	for (i = 1; i < oidlen; i++) {
680 		sub = (i == 1) ? first : oid->subs[i];
681 		if (sub <= 0x7f) {
682 			*b->asn_ptr++ = sub;
683 			b->asn_len--;
684 		} else if (sub <= 0x3fff) {
685 			*b->asn_ptr++ = (sub >> 7) | 0x80;
686 			*b->asn_ptr++ = sub & 0x7f;
687 			b->asn_len -= 2;
688 		} else if (sub <= 0x1fffff) {
689 			*b->asn_ptr++ = (sub >> 14) | 0x80;
690 			*b->asn_ptr++ = ((sub >> 7) & 0x7f) | 0x80;
691 			*b->asn_ptr++ = sub & 0x7f;
692 			b->asn_len -= 3;
693 		} else if (sub <= 0xfffffff) {
694 			*b->asn_ptr++ = (sub >> 21) | 0x80;
695 			*b->asn_ptr++ = ((sub >> 14) & 0x7f) | 0x80;
696 			*b->asn_ptr++ = ((sub >> 7) & 0x7f) | 0x80;
697 			*b->asn_ptr++ = sub & 0x7f;
698 			b->asn_len -= 4;
699 		} else {
700 			*b->asn_ptr++ = (sub >> 28) | 0x80;
701 			*b->asn_ptr++ = ((sub >> 21) & 0x7f) | 0x80;
702 			*b->asn_ptr++ = ((sub >> 14) & 0x7f) | 0x80;
703 			*b->asn_ptr++ = ((sub >> 7) & 0x7f) | 0x80;
704 			*b->asn_ptr++ = sub & 0x7f;
705 			b->asn_len -= 5;
706 		}
707 	}
708 	return (err);
709 }
710 /*
711  * SEQUENCE header
712  *
713  * <0x10|0x20> <len> <data...>
714  */
715 enum asn_err
716 asn_get_sequence(struct asn_buf *b, asn_len_t *len)
717 {
718 	u_char type;
719 	enum asn_err err;
720 
721 	if ((err = asn_get_header(b, &type, len)) != ASN_ERR_OK)
722 		return (err);
723 	if (type != (ASN_TYPE_SEQUENCE|ASN_TYPE_CONSTRUCTED)) {
724 		asn_error(b, "bad sequence type %u", type);
725 		return (ASN_ERR_TAG);
726 	}
727 	if (*len > b->asn_len) {
728 		asn_error(b, "truncated sequence");
729 		return (ASN_ERR_EOBUF);
730 	}
731 	return (ASN_ERR_OK);
732 }
733 
734 /*
735  * Application types
736  *
737  * 0x40 4 MSB 2MSB 2LSB LSB
738  */
739 enum asn_err
740 asn_get_ipaddress_raw(struct asn_buf *b, asn_len_t len, u_char *addr)
741 {
742 	u_int i;
743 
744 	if (b->asn_len < len) {
745 		asn_error(b, "truncated ip-address");
746 		return (ASN_ERR_EOBUF);
747 	}
748 	if (len < 4) {
749 		asn_error(b, "short length for ip-Address %u", len);
750 		for (i = 0; i < len; i++)
751 			*addr++ = *b->asn_cptr++;
752 		while (i++ < len)
753 			*addr++ = 0;
754 		b->asn_len -= len;
755 		return (ASN_ERR_BADLEN);
756 	}
757 	for (i = 0; i < 4; i++)
758 		*addr++ = *b->asn_cptr++;
759 	b->asn_cptr += len - 4;
760 	b->asn_len -= len;
761 	return (ASN_ERR_OK);
762 }
763 
764 enum asn_err
765 asn_get_ipaddress(struct asn_buf *b, u_char *addr)
766 {
767 	u_char type;
768 	asn_len_t len;
769 	enum asn_err err;
770 
771 	if ((err = asn_get_header(b, &type, &len)) != ASN_ERR_OK)
772 		return (err);
773 	if (type != (ASN_CLASS_APPLICATION|ASN_APP_IPADDRESS)) {
774 		asn_error(b, "bad type for ip-address %u", type);
775 		return (ASN_ERR_TAG);
776 	}
777 	return (asn_get_ipaddress_raw(b, len, addr));
778 }
779 
780 enum asn_err
781 asn_put_ipaddress(struct asn_buf *b, const u_char *addr)
782 {
783 	enum asn_err err;
784 
785 	if ((err = asn_put_header(b, ASN_CLASS_APPLICATION|ASN_APP_IPADDRESS,
786 	    4)) != ASN_ERR_OK)
787 		return (err);
788 	if (b->asn_len < 4)
789 		return (ASN_ERR_EOBUF);
790 
791 	memcpy(b->asn_ptr, addr, 4);
792 	b->asn_ptr += 4;
793 	b->asn_len -= 4;
794 	return (ASN_ERR_OK);
795 }
796 
797 
798 /*
799  * UNSIGNED32
800  *
801  * 0x42|0x41 <len> ...
802  */
803 enum asn_err
804 asn_get_uint32_raw(struct asn_buf *b, asn_len_t len, uint32_t *vp)
805 {
806 	uint64_t v;
807 	enum asn_err err;
808 
809 	if ((err = asn_get_real_unsigned(b, len, &v)) == ASN_ERR_OK) {
810 		if (len > 5) {
811 			asn_error(b, "uint32 too long %u", len);
812 			err = ASN_ERR_BADLEN;
813 		} else if (v > UINT32_MAX) {
814 			asn_error(b, "uint32 too large %llu", v);
815 			err = ASN_ERR_RANGE;
816 		}
817 		*vp = (uint32_t)v;
818 	}
819 	return (err);
820 }
821 
822 enum asn_err
823 asn_put_uint32(struct asn_buf *b, u_char type, uint32_t val)
824 {
825 	uint64_t v = val;
826 
827 	return (asn_put_real_unsigned(b, ASN_CLASS_APPLICATION|type, v));
828 }
829 
830 /*
831  * COUNTER64
832  * 0x46 <len> ...
833  */
834 enum asn_err
835 asn_get_counter64_raw(struct asn_buf *b, asn_len_t len, uint64_t *vp)
836 {
837 	return (asn_get_real_unsigned(b, len, vp));
838 }
839 
840 enum asn_err
841 asn_put_counter64(struct asn_buf *b, uint64_t val)
842 {
843 	return (asn_put_real_unsigned(b,
844 	    ASN_CLASS_APPLICATION | ASN_APP_COUNTER64, val));
845 }
846 
847 /*
848  * TimeTicks
849  * 0x43 <len> ...
850  */
851 enum asn_err
852 asn_get_timeticks(struct asn_buf *b, uint32_t *vp)
853 {
854 	asn_len_t len;
855 	u_char type;
856 	enum asn_err err;
857 
858 	if ((err = asn_get_header(b, &type, &len)) != ASN_ERR_OK)
859 		return (err);
860 	if (type != (ASN_CLASS_APPLICATION|ASN_APP_TIMETICKS)) {
861 		asn_error(b, "bad type for timeticks %u", type);
862 		return (ASN_ERR_TAG);
863 	}
864 	return (asn_get_uint32_raw(b, len, vp));
865 }
866 
867 enum asn_err
868 asn_put_timeticks(struct asn_buf *b, uint32_t val)
869 {
870 	uint64_t v = val;
871 
872 	return (asn_put_real_unsigned(b,
873 	    ASN_CLASS_APPLICATION | ASN_APP_TIMETICKS, v));
874 }
875 
876 /*
877  * Construct a new OID by taking a range of sub ids of the original oid.
878  */
879 void
880 asn_slice_oid(struct asn_oid *dest, const struct asn_oid *src,
881     u_int from, u_int to)
882 {
883 	if (from >= to) {
884 		dest->len = 0;
885 		return;
886 	}
887 	dest->len = to - from;
888 	memcpy(dest->subs, &src->subs[from], dest->len * sizeof(dest->subs[0]));
889 }
890 
891 /*
892  * Append from to to
893  */
894 void
895 asn_append_oid(struct asn_oid *to, const struct asn_oid *from)
896 {
897 	memcpy(&to->subs[to->len], &from->subs[0],
898 	    from->len * sizeof(from->subs[0]));
899 	to->len += from->len;
900 }
901 
902 /*
903  * Skip a value
904  */
905 enum asn_err
906 asn_skip(struct asn_buf *b, asn_len_t len)
907 {
908 	if (b->asn_len < len)
909 		return (ASN_ERR_EOBUF);
910 	b->asn_cptr += len;
911 	b->asn_len -= len;
912 	return (ASN_ERR_OK);
913 }
914 
915 /*
916  * Compare two OIDs.
917  *
918  * o1 < o2 : -1
919  * o1 > o2 : +1
920  * o1 = o2 :  0
921  */
922 int
923 asn_compare_oid(const struct asn_oid *o1, const struct asn_oid *o2)
924 {
925 	u_long i;
926 
927 	for (i = 0; i < o1->len && i < o2->len; i++) {
928 		if (o1->subs[i] < o2->subs[i])
929 			return (-1);
930 		if (o1->subs[i] > o2->subs[i])
931 			return (+1);
932 	}
933 	if (o1->len < o2->len)
934 		return (-1);
935 	if (o1->len > o2->len)
936 		return (+1);
937 	return (0);
938 }
939 
940 /*
941  * Check whether an OID is a sub-string of another OID.
942  */
943 int
944 asn_is_suboid(const struct asn_oid *o1, const struct asn_oid *o2)
945 {
946 	u_long i;
947 
948 	for (i = 0; i < o1->len; i++)
949 		if (i >= o2->len || o1->subs[i] != o2->subs[i])
950 			return (0);
951 	return (1);
952 }
953 
954 /*
955  * Put a string representation of an oid into a user buffer. This buffer
956  * is assumed to be at least ASN_OIDSTRLEN characters long.
957  *
958  * sprintf is assumed not to fail here.
959  */
960 char *
961 asn_oid2str_r(const struct asn_oid *oid, char *buf)
962 {
963 	u_int len, i;
964 	char *ptr;
965 
966 	if ((len = oid->len) > ASN_MAXOIDLEN)
967 		len = ASN_MAXOIDLEN;
968 	buf[0] = '\0';
969 	for (i = 0, ptr = buf; i < len; i++) {
970 		if (i > 0)
971 			*ptr++ = '.';
972 		ptr += sprintf(ptr, "%u", oid->subs[i]);
973 	}
974 	return (buf);
975 }
976 
977 /*
978  * Make a string from an OID in a private buffer.
979  */
980 char *
981 asn_oid2str(const struct asn_oid *oid)
982 {
983 	static char str[ASN_OIDSTRLEN];
984 
985 	return (asn_oid2str_r(oid, str));
986 }
987 
988 
989 static void
990 asn_error_func(const struct asn_buf *b, const char *err, ...)
991 {
992 	va_list ap;
993 	u_long i;
994 
995 	fprintf(stderr, "ASN.1: ");
996 	va_start(ap, err);
997 	vfprintf(stderr, err, ap);
998 	va_end(ap);
999 
1000 	if (b != NULL) {
1001 		fprintf(stderr, " at");
1002 		for (i = 0; b->asn_len > i; i++)
1003 			fprintf(stderr, " %02x", b->asn_cptr[i]);
1004 	}
1005 	fprintf(stderr, "\n");
1006 }
1007